Mounir IDRASSI
Mon, 08 Feb 2010 02:20:24 -0800
Hi,The problem that you are encountering comes from the fact that the function d2i_RSAPrivateKey, that create the key from the PEM content, will allocate the p, q, dmp1, dmq1 and iqmp fields and set them to zero, which is normal since this is their value on the PEM file. But then, the function RSA_eay_private_decrypt will fail with the error you are getting because it only tests for NULL pointers for the CRT fields not doesn't check if they are zeros.
You have two options here :- use a patched version of OpenSSL where the implementation of RSA_eay_private_decrypt test for NULL pointers and zeros BIGNUMs
- convert your keys to CRT format.
For the later, I have developed an open source tool that converts
private keys from SFM format (modulus, private exponent, public
exponent) to CRT format. It's locate on SourceForge :
http://rsaconverter.sourceforge.net/. It uses OpenSSL BIGNUM
implementation. Especially, you can look at the file librsaconverter.c
for the function SfmToCrt where the conversion algorithm is implemented.
For the first option, I can send you a patch for RSA_eay_private_decrypt but it's easy to do (just add tests !BN_is_zero between lines 534 and 539).
I hope this will help. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 2/8/2010 10:12 AM, JB Van Puyvelde wrote:
Hi, I would like to import and use in OpenSSL RSA key pairs generated by an other program. This program can export public and private keys to PEM files, with X509 and PKCS#7 specifications. But, the private key doesn't contain Chinese Remainder Theorem factors, only the private exponent and the modulus. So, I'm able to encrypt a file with the public key : C:\openssl rsautl -encrypt -inkey pub.pem -pubin -in hello.txt -out hello.enc Loading 'screen' into random state - done But, trying to decrypt causes the following error : C:\openssl rsautl -decrypt -inkey priv.pem -in hello.enc -out result.txt Loading 'screen' into random state - done RSA operation error 2548:error:0306B067:bignum routines:BN_div:div by zero:.\crypto\bn\bn_div.c:213: I suppose the error comes from the fact that openssl.exe tries to use the CRT factors to decrypt the file. Could you confirm this ? And of course, is there any way to make works decryption with my keys ? Currently, I'm thinking about three possible solutions : 1) find a way to generates CRT factors from modulus and private exponent (but I don't know if it's possible) 2) could the use of the RSA C functions, instead of the openssl binary, solve the problem, because http://openssl.org/docs/crypto/rsa.html says "p, q, dmp1, dmq1 and iqmp may be NULL in private keys, but the RSA operations are much faster when these values are available." ? 3) and last, generate the keys with OpenSSL, but honestly I would really appreciate to not have to do that and continue to generate key pairs with my first program. An example of key pair is attached with this e-mail. And for those who knows, the first program is coded Java, the private key comes from the PrivateKey class and is exported to PEM file with the PemWriter class of BountyCastle. Thanks, JB
-- -- Mounir IDRASSI IDRIX http://www.idrix.fr ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org