You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → wolfCrypt → Json WEB Key (JWK) RFC7517
IS there any support for converting between the wolf native keys and signatures and the formats
documented in this RFC?
Hi pbreed,
We do not directly support generating a JSON web key, but we do support generating keys, exporting their components and encoding them as base64. After following these steps, you will need to handle creating the JSON and adding the base64-encoded components to this JSON.
For RSA:
1) Generate an RSA key using wc_MakeRsaKey: https://www.wolfssl.com/documentation/m … makersakey
2) Export the RSA key using wc_RsaFlattenPublicKey (n/e only for public key) or wc_RsaExportKey (all components for public + private key): https://www.wolfssl.com/documentation/m … npublickey
For ECC:
1) Generate an ECC key using wc_ecc_make_key: https://www.wolfssl.com/documentation/m … c_make_key
2) Export the ECC key using wc_ecc_export_public_raw/wc_ecc_export_private_raw.
Now base64 encode each component using Base64_Encode_NoNl: https://www.wolfssl.com/documentation/m … ncode_nonl
Then you will need to create the appropriate JSON and add these components.
Thanks,
Kareem
I've already done that in ECDSA with:
wc_ecc_export_public_raw(& AccountKey, qx, &qxlen,qy, &qylen);
and the signature with:
mp_int ri; // destination for r component of signature.
mp_int si; // destination for s component of signature.
mp_init(&ri); // initialize r component
mp_init(&si); // initialize s component
wc_ret |= wc_ecc_sign_hash_ex(hash, hash_len,&rng, &AccountKey,&ri,&si);
uint8_t dbuf[64];
uint32_t rsiz=32;
uint32_t ssiz=32;
wc_export_int(&ri,dbuf,(word32 *)&rsiz,32,WC_TYPE_UNSIGNED_BIN);
wc_export_int(&si,dbuf+32,(word32 *)&ssiz,32,WC_TYPE_UNSIGNED_BIN);
Just did not want to duplicate work if you guys were going to build a library...
Making an ACME client work... its mostly working, just have to clean it up...
wolfSSL - Embedded SSL Library → wolfCrypt → Json WEB Key (JWK) RFC7517
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.022 seconds (92% PHP - 8% DB) with 12 queries