Mbed forum

ECC raw byte stream to PEM

(Ken Goldman) #1

I have a raw binary x and y points on a prime256v1 curve. I want to convert this to some mbedtls structure, and then to a mbedtls_pk_context that I can write to PEM.

Is there an equivalent to mbedtls_rsa_import_raw? Or sample code?

The higher level task is that I need a complete set of converters between raw binary, mbedtls structures, DER, and PEM for both ECC and RSA.

A pointer to sample code, a tutorial, book, or wiki would be welcome.

(Ron Eldor) #2

Hi @kgoldman
I believe my answer to you in Write RSA public key top PEM also covers ECC keys.

Is there any more open issues on this matter?
Mbed TLS Team member

(Ken Goldman) #3

For the record, in case it helps someone else, my flow is:

mbedtls_ecp_group_load(grp, MBEDTLS_ECP_DP_SECP256R1);
get the mbedtls_ecp_point Q
get the Q members X Y Z
for X Y
mbedtls_mpi_read_binary (the raw binary X Y)
for Z = 1
and then write the buffer

(Ron Eldor) #4

Thank you for sharing your flow.

Note that for point Q you can use mbedtls_ecp_point_read_binary() as well.

(Ken Goldman) #5

`mbedtls_ecp_point_read_binary() doesn’t document what the format of ‘buf’ is. I sometimes see (in x509 certificates) a 0xo4 plus the x and Y streams.

(Ron Eldor) #6

The 0x04 means it’s uncompressed point format.
As mentioned here, it’s defined in SEC1 section 2.3.4

(Ken Goldman) #7

I know about the 0x04. Is that what the input 'buf parameter should be, an uncompressed point? The docs don’t say.