RE: Public key formatting

I am almost certain that the PublicKey blob is in DER encoded format (like
the rest of the certificate), not Base64 encoded, so you would still need to
correctly decode that blob. Check the blob's format manually and you will see
what format it is in.

Laszlo Elteto
SafeNet, Inc.

"yetty" wrote:

I get a public key blob in byte format. I want to extract the components of
the public key and save it in a file so that I can send this public key in
the right format to a function that will very the signed xml document. I
have tried using base64 encoding but that did not help out.

CERT_NAME_BLOB cnb;
cnb.cbData = strlen("Administrator");
cnb.pbData = (BYTE*)("Administrator");
pCert = CertFindCertificateInStore(
hCertStore,
ENCODING_TYPE,
0,
CERT_FIND_SUBJECT_STR,//CERT_FIND_ANY,
L"Administrator",
NULL);
if (!pCert) {
printf("Failed to find certificate in store\n");
return NULL;
}
cbb = pCert->pCertInfo->SubjectPublicKeyInfo.PublicKey;
for(unsigned int i = 0 ;i < cbb.cbData; i++)
{
printf("%c",cbb.pbData[i]);
}

DWORD dwSize = Base64EncodeGetRequiredLength((int)cbb.cbData);
DWORD dwErr;
LPSTR pEncodedString = (LPSTR)malloc(sizeof(char)*dwSize);
LPBYTE pRandomBuf = NULL;
....

if (!Base64Encode(cbb.pbData, cbb.cbData, pEncodedString, (int*) &dwSize,
ATL_BASE64_FLAG_NOPAD
))
{
Base64Encode(cbb.pbData, cbb.cbData, pEncodedString, (int*) &dwSize,
ATL_BASE64_FLAG_NOPAD
);
dwErr = GetLastError();
}

printf("The public key blob is as follows - %s.\n",pEncodedString);
...
Regards
Yesh

"lelteto" wrote:

What do you mean "cannot get"? What API functions are you using?
One issue may be endianness: certificates store public key values in big
endian (network byte order); while CAPI needs the values in little endian
byte order.

Laszlo Elteto
SafeNet, Inc.

"yetty" wrote:

I have signed an xml document using a certificate from the windows
certificate store
I want to get the corresponding public key and verify the signature. I am
unable to get the public key in the proper format to verify the signature
Thanks in advance.
yesh
.

Relevant Pages

  • RE: Help with OpenSSH -> SSH2 Server
    ... > Well in the past I copied the clients SSH formatted public key up to the ... > server and then ran the conversion on the server. ... > openssh DSA format. ...
    (SSH)
  • Re: F-Secure client talking to OpenSSH server
    ... You need to reformat the public key from SECSH format to the OpenSSH format. ... print the key in a `SECSH Public Key File Format' to stdout. ...
    (SSH)
  • X509Certficate Signature Retrieval
    ... I need to verify the CA signature on the User Certificate which is in ... X509Certificate format using the X509Certificate class in the .NET ... How do I retreive the CA signature from the X509Certificate using .NET ... I need to pass the CA public key and the signature on the user ...
    (microsoft.public.dotnet.security)
  • Puttygen saved keys and FreeBSD ssh
    ... when I add these to authorized_keys2 in my .ssh directory in FreeBSD they ... PuTTYgen but that is in a different format - in fact it says at the top of the ... Does anyone know a way to convert a saved text file public key to the format ... me their saved public key files for inclusion on our mail server but I can't ...
    (comp.security.unix)
  • Re: pubkey authentication between ssh1 emulation code in the ssh.com kit and openssh 1.2.3
    ... > tried extracting the key's data with ssh-keygen2 -i and constructing the ... public keys in ssh1 format. ... If you just want to get ssh2 format public key in ssh1 format, ...
    (comp.security.ssh)