The private key file is a DER-encoded PKCS#8 PrivateKeyInfo structure.
The format of the PrivateKey field in that structure is RSAPrivateKey,
as defined in PKCS#1. The definition of both of those is available
from RSA here:
http://www.rsa.com/rsalabs/node.asp?id=2124
in the PKCS#8 and PKCS#1 ASN.1 modules, respectively.
>
>
> My second question:
> Because I want to generate key pair and locate them in two byte
> arrays, I used of "ArraySink" instead of "FileSink" and changed the
> above code as below:
>
>
Look here:
> byte* privatekey;
> byte* publickey;
and here:
> CryptoPP::HexEncoder privArray(new
> CryptoPP::ArraySink(privatekey,sizeof(privatekey))
> ); // Hex Encoder
>
sizeof(privatekey) is sizeof(byte *). That''s a problem when you then
tell crypto++ to copy more than sizeof(byte *) into the array :-).
Hope that helps,
Geoff
Ho
That's the structure that's encoded to the file. It's used for many
different algorithms, not just RSA. The RSA-specific parts can be
found in RFC 3279, where they define the contents of the
subjectPublicKey field's BIT STRING.
>
> And PrivateKeyInfo as below:
>
> PrivateKeyInfo ::= SEQUENCE {
> version Version,
> privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
> privateKey PrivateKey,
> attributes [0] IMPLICIT Attributes OPTIONAL }
> Version ::= INTEGER
> PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
> PrivateKey ::= OCTET STRING
> Attributes ::= SET OF Attribute
>
> But I can't understand which part of public or private key is "n" and
> which part of private key is "d" and which part of public key is "e"
> yet!
Likewise, that's the structure that's encoded into the private key
file. As with the SubjectPublicKeyInfo structure, it too can be used
for different algorithms, not only RSA. The private key is in the
PrivateKey field of PrivateKeyInfo. That, for RSA is a RSAPrivateKey
structure as defined by PKCS#1. Look at PKCS#1's asn.1 module (on the
RSA site I linked earlier) to see the ordering of the fields.
>
> What I want, is that generate 128 bytes(Hex bytes) for n(modulus) and
> 128 bytes for d(private exponent)
> and store them into two byte array!
Look at the dump keys sample on the RSA wiki page Jeff linked for you.
When you retrieve the fields, instead of sending them to an ostream as
that sample does, let the CryptoPP::Integer objects encode themselves
into byte arrays:
http://www.cryptopp.com/docs/ref/class_integer.html
> One other request!
> Have you any successfully built sample codes of hashing data with SHA1
> algorithm?
> Sample codes in "Crypto++ user's guide" don't match with "CryptoPP
> 5.5.2" version and couldn't help me at all ,so I need a sample code
> of hashing data with SHA1 algorithm which stores the digest in a byte
> array that will be compiled successfully such examples on this page:
> http://www.cryptopp.com/wiki/RSA_Cryptography#Key_Encoding
>
Here's a trivial example calculates a SHA1 digest over a file, writes
that digest into a byte array, then hex encodes that byte array and
prints it to standard output. Use it for whatever you want, including
transer to the wiki :-)
http://cryptopp.pastebin.com/f4a986357
Good luck.
Geoff
Sorry to reply to my own post, but I just noticed that someone had
posted a question as an edit to the code in the pastebin, and I wanted
to redirect the follow-up discussion here, since most of us won't
notice things added to the pastebin unless they're called out on this
list :-)
A user with the handle Dio asked:
20 + @What is SecByteBlock means?@
21 + @SecByteBlock outbuf(sha.DigestSize());@
SecByteBlock is defined in the cryptopp header secblock.h. Read there
for full details of what it's good for. Here, I'm just using it as a
convenient smart pointer to a byte array. Others may want to correct
me, but offhand I'd say that every occasion I can think of where I'd
want to use a byte array with a crypto++ interface, it's safer/more
convenient to use a SecByteBlock.
Geoff
I think this is a problem in your environment. I built crypto++ in
/Users/gbeier/scratch/cryptopp552 and created my test program in
/Users/gbeier/scratch/hashtest/hashtest.cc with the contents you give
above. Then I used GNUMake to build the program (from within my
hashtest directory) as follows:
$ env CXXFLAGS="-I/Users/gbeier/scratch/cryptopp552"
LDFLAGS="-L/Users/gbeier/scratch/cryptopp552 -lcryptopp" make hashtest
That completes without errors, and when I run the program I get:
$ ./hashtest hashtest.cc
SHA1(hashtest.cc): E7B96076EE846AE1D4D3CDE80078EC716A5A9EAB
For comparison, when I hash the same file using OpenSSL, I see:
$ openssl sha1 hashtest.cc
SHA1(hashtest.cc)= e7b96076ee846ae1d4d3cde80078ec716a5a9eab
So check your environment. Make sure you've built crypto++ properly
and your linker can find the library. I don't have a Windows machine
handy to test on, but there's no good reason I can think of offhand
you'd need to change any of this code for Windows... none of it is
UNIX-specific. The build steps I took are, but they should be similar
to what you are used to for Windows. The CXXFLAGS are just telling the
compiler where to look for crypto++ headers and the LDFLAGS are
telling it where the library is found and what its name is. You just
need to build crypto++ and link against it the same way you would any
other library.
Good luck,
Geoff