I have a raw binary x and y points on a prime256v1 curve. I want to convert this to some mbedtls structure, and then to a mbedtls_pk_context that I can write to PEM.
Is there an equivalent to mbedtls_rsa_import_raw? Or sample code?
~~
The higher level task is that I need a complete set of converters between raw binary, mbedtls structures, DER, and PEM for both ECC and RSA.
A pointer to sample code, a tutorial, book, or wiki would be welcome.
Hi @kgoldman
I believe my answer to you in Write RSA public key top PEM also covers ECC keys.
Is there any more open issues on this matter?
Regards,
Mbed TLS Team member
Ron
For the record, in case it helps someone else, my flow is:
mbedtls_pk_init
mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY);
mbedtls_pk_setup
mbedtls_pk_ec
mbedtls_ecp_group_init
mbedtls_ecp_group_load(grp, MBEDTLS_ECP_DP_SECP256R1);
get the mbedtls_ecp_point Q
mbedtls_ecp_point_init
get the Q members X Y Z
for X Y
mbedtls_mpi_read_binary (the raw binary X Y)
for Z = 1
mbedtls_mpi_read_binary
mbedtls_pk_write_pubkey_pem
and then write the buffer
@kgoldman
Thank you for sharing your flow.
Note that for point Q you can use mbedtls_ecp_point_read_binary() as well.
`mbedtls_ecp_point_read_binary() doesn’t document what the format of ‘buf’ is. I sometimes see (in x509 certificates) a 0xo4 plus the x and Y streams.
The 0x04 means it’s uncompressed point format.
As mentioned here, it’s defined in SEC1 section 2.3.4
I know about the 0x04. Is that what the input 'buf parameter should be, an uncompressed point? The docs don’t say.