sharing p256 public key accross different systems.

[DAT4]

I am creating a keypair with the p256 crate and then I want to send the publickey to another application implemented in golang where I basically just take the data directly and put it into the function x509.ParsePKIXPublicKey(data).

However when I am trying to parse the publickey bytes in the golang application I am getting an error. I think it has something to do with the format.

use std::io::Write;
use std::os::unix::net::UnixStream;
use std::path::Path;
use p256::SecretKey;
use p256::elliptic_curve::sec1::ToEncodedPoint;

fn main() {
    println!("connecting!");
    let sock_path = Path::new("/home/martin/ecsock");
    let mut stream = UnixStream::connect(sock_path).unwrap();

    println!("Generating key pair!");
    let a = SecretKey::random(& mut rand_core::OsRng);
    let x = a.public_key().to_encoded_point(false);
    println!("Sending public key");

    stream.write_all(x.as_bytes()).unwrap();
}

When I am receiving on the golang application I am getting the following error: Sometimes it is "length too large" and other times it is "tags don't match"

Length: 65
Data: [4 30 90 19 235 33 88 161 91 180 5 122 54 185 152 146 175 156 41 225 17 26 105 7 182 13 178 96 252 78 53 91 220 85 247 226 32 105 237 153 5 139 187 178 64 114 74 132 234 206 160 40 100 72 196 71 84 127 170
199 41 9 158 158 77]
Error: asn1: structure error: tags don't match (16 vs {class:0 tag:4 length:30 isCompound:false}) {optional:false explicit:false application:false private:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} publicKeyInfo @2

Length: 65
Data: [4 20 35 64 83 39 121 231 58 231 215 6 11 173 167 229 188 2 252 111 61 163 1 45 59 180 219 96 128 95 54 173 134 145 60 234 254 48 202 109 45 103 47 43 54 4 147 140 64 222 160 184 61 239 155 79 6 165 228 128 253 114 110 39 231]
Error: asn1: structure error: tags don't match (16 vs {class:0 tag:4 length:20 isCompound:false}) {optional:false explicit:false application:false private:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} publicKeyInfo @2

Length: 65
Data: [4 147 222 241 221 248 229 141 102 64 167 235 209 20 98 181 33 141 160 199 204 231 229 132 247 172 79 206 66 92 148 150 145 86 2 136 78 33 36 237 201 237 33 95 2 6 242 64 168 160 144 212 245 70 203 95 90 230 139 169 200 154 159 54 92]
Error: asn1: structure error: length too large

Length: 65
Data: [4 153 142 193 225 83 140 20 67 19 254 159 74 5 179 227 13 10 65 137 93 53 233 108 121 169 76 222 199 203 204 223 239 225 0 210 254 202 94 50 172 203 48 190 161 45 108 234 121 160 213 1 106 4 109 46 130 224 18 1 165 241 227 222 159]
Error: asn1: structure error: length too large

Length: 65
Data: [4 113 143 192 144 105 60 182 53 49 65 35 6 220 121 157 61 58 30 249 11 127 89 220 115 169 228 160 220 218 124 103 246 18 137 42 0 140 181 97 10 181 52 131 82 112 62 165 119 23 133 37 41 196 85 159 162 148
61 46 77 80 114 11 198]
Error: asn1: structure error: tags don't match (16 vs {class:0 tag:4 length:113 isCompound:false}) {optional:false explicit:false application:false private:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} publicKeyInfo @2

The golang implementation looks like this:

package main

import (
	"crypto/x509"
	"fmt"
	"log"
	"net"
	"os"
	"os/signal"
	"syscall"
)

func main() {
	go unixHandler()
	handleCrash(func() { os.Remove("/home/martin/ecsock") })
}

func handleCrash(onCrash func()) {
	signalCh := make(chan os.Signal, 1)
	signal.Notify(signalCh, syscall.SIGINT, syscall.SIGTERM)
	<-signalCh
	onCrash()
}

func unixHandler() {
	l, err := net.Listen("unix", "/home/martin/ecsock")
	if err != nil {
		log.Fatal(err)
	}

	defer l.Close()

	for {
		conn, err := l.Accept()
		if err != nil {
			log.Fatal(err)
		}

		go handleConn(conn)
	}
}

func handleConn(conn net.Conn) {
	data, err := read(conn)
	if err != nil {
		fmt.Println(err)
		return
	}
	fmt.Printf("Length: %d\n", len(data))
	fmt.Printf("Data: %v\n", data)

	_, err = x509.ParsePKIXPublicKey(data)
	if err != nil {
		fmt.Printf("Error: %s\n\n", err)
		return
	}
}

func read(conn net.Conn) ([]byte, error) {
	buf := make([]byte, 1024)
	n, err := conn.Read(buf)
	if err != nil {
		return nil, fmt.Errorf("Failed reading bytes: %s\n", err)

	}
	return buf[:n], nil
}

[tarcieri]

The format you're working with appears to be X.509 SubjectPublicKeyInfo (a.k.a. SPKI).

Here's the method for encoding that: EncodePublicKey::to_public_key_der

You'll need to use p256::elliptic_curve::pkcs8::EncodePublicKey to have the required trait in scope.

[DAT4]

Thank you for the quick response - this fixed my issue !