0

I need to verify a signature on multiple platforms, say Windows and Linux.
I am open to any public key format as long as I can write a platform-specific C code that can verify this signature using the provided public key (the same public key for all platforms).

It looks to me that PKCS#1 ASN.1 DER format is the most standard one, so I assume I should use it for the public key (this article provides some introduction on possible formats).

My problem is importing this public key in Windows.
It looks like this is supported in C# (e.g. see here), but I couldn't find any Windows C/C++ function that can read a public key in PKCS#1 ASN.1 DER or PEM format and convert it to its BLOB structure, probably I didn't search good enough.

A similar stackoverflow question seems to be talking about certificates, while I just need to deal with a bare public key.

Is there any CNG or CryptoAPI function that could read this (or other) format and convert it to either DSA BLOB or RSA BLOB structure?
(If given a choice, I'd prefer to use CNG functions instead of CryptoAPI deprecated ones).

Alexander
  • 2,761
  • 1
  • 28
  • 33
  • Typically if people want to use crypto functions on multiple platforms they use OpenSSL/LibreSSL library, especially if the key should not be saved in the platform specific key management systems (Windows certificate store, Gnome Keyring, ..). – Robert Jun 23 '21 at 15:56
  • We produce a library that creates a response with a signing and the client projects are expected to verify the signature. So I wanted to require as little as possible from the client projects' code. But you've made a very valid point, maybe requiring OpenSSL is reasonable, I'll check. Thank you. – Alexander Jun 24 '21 at 06:32

0 Answers0