I need to manually sign and verify stuff with asymmetric crypto keys. I ended up using rsa from secured.

The key pair needs to be persistant between, so I made a 4096-bit private key with OpenSSL, stored in .pem file. Then I constructed a public key from the private one, again with OpenSSL. It seemed strange to me that I could generate a public key afterwards with the private key, instead of having to do both at the same time. I just thought that perhaps crypto is somehow cryptic enough to do that.

But then came a problem that I need to feed the key from .pem to initialize RSA class at https://github.com/LightBender/SecureD/blob/master/source/secured/rsa.d. Someone at the internet claimed that .pem files are Base64-encoding. "Great, there's a base64 handler in Phobos", was my reaction. It was easy to write a parser, but I think something must have went wrong.

The reason is that if I understand the logic of Base64, it's that each character stores 6 bits. My private key .pem has 49 lines of 64 characters worth of Base64, though the sat line isn't full. Anyway, this is data worth of over 18000 bits. The RSA key is supposed to be 4096 bits, so this can't be correct.

What am I missing?

> The reason is that if I understand the logic of Base64, it's that each character stores 6 bits. My private key .pem has 49 lines of 64 characters worth of Base64, though the sat line isn't full. Anyway, this is data worth of over 18000 bits. The RSA key is supposed to be 4096 bits, so this can't be correct.
>
> What am I missing?

PEM is a X.509 certificate (whose structure is defined using ASN.1), encoded using the ASN.1 DER (distinguished encoding rules), then run through Base64 encoding and stuck between plain-text anchor lines (BEGIN CERTIFICATE and END CERTIFICATE).

On Friday, 31 May 2019 at 11:09:07 UTC, KnightMare wrote:
>> The reason is that if I understand the logic of Base64, it's that each character stores 6 bits. My private key .pem has 49 lines of 64 characters worth of Base64, though the sat line isn't full. Anyway, this is data worth of over 18000 bits. The RSA key is supposed to be 4096 bits, so this can't be correct.
>>
>> What am I missing?
>
> PEM is a X.509 certificate (whose structure is defined using ASN.1), encoded using the ASN.1 DER (distinguished encoding rules), then run through Base64 encoding and stuck between plain-text anchor lines (BEGIN CERTIFICATE and END CERTIFICATE).

Ouch. I quess I have to translate the file into something that doesn't contain any certification cruft I don't use. Back to reading OpenSSL manual...

Thanks for the info.

https://lapo.it/asn1js
but dont insert ur certificate there, generate new one for tests

On Friday, 31 May 2019 at 10:35:46 UTC, Dukc wrote:
> The key pair needs to be persistant between, so I made a 4096-bit private key with OpenSSL, stored in .pem file. Then I constructed a public key from the private one, again with OpenSSL. It seemed strange to me that I could generate a public key afterwards with the private key, instead of having to do both at the same time. I just thought that perhaps crypto is somehow cryptic enough to do that.

The public key can always be constructed from the private key.

> But then came a problem that I need to feed the key from .pem to initialize RSA class.

Just base64 decode the PEM data (without the ====) and feed it to RSA.this(ubyte[] publicKey). Ought to be that simple.

Disclaimer: I have only used openssl directly. No experience with SecureD.

On Friday, 31 May 2019 at 12:17:14 UTC, Sebastiaan Koppe wrote:
> Just base64 decode the PEM data (without the ====) and feed it to RSA.this(ubyte[] publicKey). Ought to be that simple.

That's logic of SSL? Okay, I'll try that first.

On Friday, 31 May 2019 at 12:17:14 UTC, Sebastiaan Koppe wrote:
> Just base64 decode the PEM data (without the ====) and feed it to RSA.this(ubyte[] publicKey). Ought to be that simple.

I assume the same should apply with private key and private key constructor (along with a random password of course)?

On Friday, 31 May 2019 at 10:35:46 UTC, Dukc wrote:
> if I understand the logic of Base64, it's that each character stores 6 bits. My private key .pem has 49 lines of 64 characters worth of Base64, though the sat line isn't full. Anyway, this is data worth of over 18000 bits. The RSA key is supposed to be 4096 bits, so this can't be correct.
>
> What am I missing?

I think that what I missed was that .pem key files do not only contain the key, they also contain the public exponent (even though it's always the same 0x10001), and in case of private key, the root parameters used to generate the key pair (not sure if it contains the public key also). That explains why the private key file is so much larger than the key bit count would dictate.

And by looking at members of RSA class at SecureD, I think it also keeps those extra components, implying that everything in .pem should go in (after decoding), not just the public or private key. Like Koppe said.

On Friday, 31 May 2019 at 12:17:14 UTC, Sebastiaan Koppe wrote:
> On Friday, 31 May 2019 at 10:35:46 UTC, Dukc wrote:
>> But then came a problem that I need to feed the key from .pem to initialize RSA class.
>
> Just base64 decode the PEM data (without the ====) and feed it to RSA.this(ubyte[] publicKey). Ought to be that simple.

We were both wrong :-). It turned out that the correct way to initialize a SecureD RSA private key is to feed contents of .pem in without ANY processing.

On Thursday, 6 June 2019 at 11:08:18 UTC, Dukc wrote:
> We were both wrong :-). It turned out that the correct way to initialize a SecureD RSA private key is to feed contents of .pem in without ANY processing.

Ah, they made it even easier :)