1

I'm trying to encrypt a message using asymmetric private-public keys. In Botan, using Load_key() functions, I read the private key and want to extract it's public key from it. For constructing of an RSA public key in it's constructor, I'll need a "Algorithm Identifier" object and "key bits" which I have. The algorithm identifier object using pcks8_algorithm_identifier() function.

The problem is the "Key Bits" which returns a secure_vector<unsigned char> instead of a vector<unsigned char> and I encounter a bad::alloc exception when I want to pass it to RSA_PublicKey constructor.

Does anyone encounter such problem? If there is an alternative way of asymmetric encryption by loading keys from an input file in Botan I'll appreciate that

gehbiszumeis
  • 3,525
  • 4
  • 24
  • 41
AmirH.
  • 63
  • 6
  • Welcome to stackoverflow. Please, show us a [Minimal, Complete, and Verifiable example](https://stackoverflow.com/help/mcve) and you'll get help – gehbiszumeis Aug 06 '19 at 07:13
  • You can't extract the public key from the private key. The public key isn't in the private key. – user207421 Aug 06 '19 at 10:02
  • 1
    @user207421 As you can see in the link [How to extract public key using OpenSSL](https://stackoverflow.com/questions/10271197/how-to-extract-public-key-using-openssl) the public key is being extracted from the private key! By mentioning extracting doesn't mean it included the public key but to **earn the public key** maybe in other words ! – AmirH. Aug 06 '19 at 10:16

1 Answers1

4

Botan uses two interfaces to represent asymmetric key pairs: Public_Key and Private_Key. The Private_Key interface inherits from Public_Key. Therefore, when you obtained e.g. an RSA_PrivateKey via PKCS8::load_key, this object already represents both the public and the private key. That is, you can plug this object into other methods that expect a Public_Key.

For accessing the raw key bits, the Public_Key interface defines a std::vector<uint8_t> public_key_bits(). The Private_Key interface has an additional secure_vector<uint8_t> private_key_bits(). Therefore, every Private_Key instance should have both public_key_bitsand private_key_bits available.

Reference: https://github.com/randombit/botan/blob/master/src/lib/pubkey/pk_keys.h

Additional note: The secure_vector class is a std::vector with a special allocator that ensures the underlying memory is overwritten when the object is destructed, so that sensitive information like private key bits are not remaining in memory. If you actually have to convert a secure_vector to a normal vector, the convenience function Botan::unlock is available (https://github.com/randombit/botan/blob/master/src/lib/base/secmem.h).

f9c69e9781fa194211448473495534
  • 4,361
  • 2
  • 13
  • 40