Re: [openssl-users] error making Private RSA
I have solved my create public RSA problem with this code: printf( "Method 1\n" ); RSA* RSA1 = RSA_new(); RSA* RSA2 = RSA_new(); RSA2->n = RSA1->n = My_RSA->n; RSA2->e = RSA1->e = My_RSA->e; RSA2->d = RSA1->d = My_RSA->d; RSA2->p = RSA1->p = My_RSA->p; RSA2->q = RSA1->q = My_RSA->q; RC = PEM_write_bio_RSAPublicKey( bio, RSA1 ) ; printf( "%d RC: %d\n", __LINE__, RC ); RC = PEM_write_bio_RSAPrivateKey( bio, RSA2, NULL, NULL, 0, NULL, NULL ) ; printf( "%d RC: %d\n", __LINE__, RC ); if( !RSA1 ) printf( RED " ERROR: Could not load Public KEY!\n" " PEM_read_bio_RSA_PUBKEY FAILED:\n %s\n" OFF, ERR_error_string( ERR_get_error(), NULL ) ) ; else Check_Key( RSA1, ";" ); if( !RSA2 ) printf( RED " ERROR: Could not load Private KEY!\n" " PEM_read_bio_RSA_PUBKEY FAILED:\n %s\n" OFF, ERR_error_string( ERR_get_error(), NULL ) ) ; else Check_Key( RSA2, ";" ); -- William Estrada Mt Umunhum, CA, USA, Earth HTTP:// Mt-Umunhum-Wireless.net Skype: MrUmunhum -- William Estrada Mt Umunhum, CA, USA, Earth HTTP:// Mt-Umunhum-Wireless.net Skype: MrUmunhum -- William Estrada Mt Umunhum, CA, USA, Earth HTTP:// Mt-Umunhum-Wireless.net Skype: MrUmunhum -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] error making Private RSA
;EVP Error: %s" OFF "\n", MSG ); } else { RSA4 = EVP_PKEY_get1_RSA( EVP_Pub_Key ); } Check_Key( RSA4, "return 1;" ); while(1) { if( RSA1 && RSA_check_key( RSA1 ) == 1 ) { Pub_RSA = RSA1;break; } if( RSA2 && RSA_check_key( RSA2 ) == 1 ) { Pub_RSA = RSA2;break; } if( RSA3 && RSA_check_key( RSA3 ) == 1 ) { Pub_RSA = RSA3;break; } if( RSA4 && RSA_check_key( RSA4 ) == 1 ) { Pub_RSA = RSA4;break; } printf( BLUE " No usable RSA structures, quiting\n" OFF ); return 1; } // Free used memory BIO_free( Key_Bio ); BIO_free( Pem ); int In_Len; In_Len = RSA_public_encrypt( L, (uchar*) Str, (uchar*) In, Pub_RSA, RSA_PKCS1_OAEP_PADDING ); printf( BLUE "Encrypted: %d" OFF, In_Len ); Dump( In, In_Len ); int Out_Len; Out_Len = RSA_private_decrypt( RSA_Len, (uchar*) In, (uchar*) Out, My_RSA, RSA_PKCS1_OAEP_PADDING ); printf( BLUE "Decrypted: %d" OFF, Out_Len ); Dump( Out, Out_Len ); if( !memcmp( (char *)Key, (char *)Out, Out_Len ) ) { printf( "Ecrypt/Decrypt failed\n" );} else { printf( "Ecrypt/Decrypt Passed\n" );} return 0; } /* -- */ void Dump( char *P, int Len ) { // Dump() int I, E, C, L, Done, Min, Max; char Buf[20], S[100]; unsigned char D; unsigned char Hex[20] = "0123456789ABCDEF"; if( Len < 0 ) { Len = abs( Len ); Min = .20 *Len; Max = Len-Min; } else { Min = Len; Max = 0; } int Note; Done = 0, Note = 0; printf( "\n" ); for( C = 0; C < Len ; C += 16,Done += L ) { // For() //printf( "C: %d, Min: %d, Max: %d\n", C, Min, Max ); if( C > Min && C < Max ) { if( Note == 0 ) printf( RED ".. " "Output trimed.\n" OFF ); Note = 1; continue; } if( (L = Len -C) > 16 ) L = 16; if( L < 1 ) break; strcpy( Buf, "" ); strcpy( S, " " ); E = 0; for( I = 0; I < L; I++ ) { D = P[ ( I +Done ) ]; if( isprint( D ) ) { Buf[I] = D;} else { Buf[I] = '.'; } if( I && !(I % 4) ) { S[E++] = ' '; } S[E++] = Hex[ D >> 4 ]; S[E++] = Hex[ D & 15 ]; } printf( "%4.4d %4.4x %-35s" BLUE "/*" YELLOW " %16.16s" BLUE " */\n" OFF , Done, Done, S, Buf ); fflush(stdout); } printf( BLUE "End of block - %3d bytes" YELLOW " - " BLUE " /* " YELLOW " " BLUE "*/\n" OFF, Done ); printf( OFF ); fflush(NULL); return; } This outputs: 5 Key check key good String: 1234567890 31323334 35363738 3930 /* 1234567890 */ End of block - 10 bytes - /* */ 68 RC: -141075560 75 RC: 426, Len: 426 Key type Public 2D2D2D2D 2D424547 494E2052 53412050 /* -BEGIN RSA P */ 0016 0010 55424C49 43204B45 592D2D2D 2D2D0A4D /* UBLIC KEY-.M */ 0032 0020 49494243 674B4341 5145416F 7142344D /* IIBCgKCAQEAoqB4M */ 0048 0030 32307751 467A4972 634E4E39 31454364 /* 20wQFzIrcNN91ECd */ 0064 0040 5344505A 31723259 38346355 43457961 /* SDPZ1r2Y84cUCEya */ 0080 0050 394B585A 6C45475A 516B4245 445A6E0A /* 9KXZlEGZQkBEDZn. */ .. Output trimed. 0352 0160 2B494F0A 6F636748 486A6F44 67746A45 /* +IO.ocgHHjoDgtjE */ 0368 0170 5869 646A6D31 725A4369 5459722B /* Xgwydjm1rZCiTYr+ */ 0384 0180 3270506F 6C774944 41514142 0A2D2D2D /* 2pPolwIDAQAB.--- */ 0400 0190 2D2D454E 44205253 41205055 424C4943 /* --END RSA PUBLIC */ 0416 01a0 204B4559 2D2D2D2D 2D0A /* KEY-. */ End of block - 426 bytes --------- /* */ Method 1 ERROR: Could not load PUBLIC KEY! PEM_read_bio_RSA_PUBKEY FAILED: error:0906D06C:PEM routines:func(109):reason(108) Method 2 107 (Key) Make Key Failed! error:2007507E:BIO routines:func(117):reason(126) Method 3 116 (Key) Make Key Failed! error:0407B093:rsa routines:func(123):reason(147) BIO RC: 1 121 (Key) Make Key Failed! error:0407B093:rsa routines:func(123):reason(147) Method 4 EVP Error: (null) 142 (Key) Make Key Failed! error:0407B093:rsa routines:func(123):reason(147) No usable RSA structures, quiting Hope this clarifies what I am attempting to do? Appreciate any help, thanks for your time. -- William Estrada Mt Umunhum, CA, USA, Earth HTTP:// Mt-Umunhum-Wireless.net Skype: MrUmunhum -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] error making Private RSA
> Not sure this is the proper way to use this mailing system? > > My source can be viewed at: mt-umunhum-wireless.net/Sources/rsa/rsa.c > What version of openssl? I'm guessing 1.0.2. > > Put this line inyour code > ERR_load_ERR_strings(); > And youll get a more informative message. Did this and no improvement. > > I'm using: openssl version > OpenSSL 1.0.1t 3 May 2016 openssl version OpenSSL 1.0.2j-fips 26 Sep 2016 > > > My main guess is that your allocation for the PEM buffer is too small -- > is key/key_len pointing to a static buffer? It points to a char string > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > -- William Estrada Mt Umunhum, CA, USA, Earth HTTP:// Mt-Umunhum-Wireless.net Skype: MrUmunhum -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] I'm not getting an Emails after posting
It's my SPAM filtering, somehow this list go on it. > How do I set up to receive Email notices for my post here? > > > -- > William Estrada > Mt Umunhum, CA, USA, Earth > HTTP:// Mt-Umunhum-Wireless.net > Skype: MrUmunhum > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > -- William Estrada Mt Umunhum, CA, USA, Earth HTTP:// Mt-Umunhum-Wireless.net Skype: MrUmunhum -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] I'm not getting an Emails after posting
How do I set up to receive Email notices for my post here? -- William Estrada Mt Umunhum, CA, USA, Earth HTTP:// Mt-Umunhum-Wireless.net Skype: MrUmunhum -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] error making Private RSA
Not sure this is the proper way to use this mailing system? My source can be viewed at: mt-umunhum-wireless.net/Sources/rsa/rsa.c What version of openssl? I'm guessing 1.0.2. Put this line inyour code ERR_load_ERR_strings(); And youll get a more informative message. I'm using: openssl version OpenSSL 1.0.1t 3 May 2016 My main guess is that your allocation for the PEM buffer is too small -- is key/key_len pointing to a static buffer? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] error making Private RSA
Hello group, I am attempting to create a Private RSA structure with the following code: BIO* PEM = BIO_new_mem_buf( Key, Key_Len ); if( Type == 1 ) PEM_write_bio_RSAPrivateKey( PEM, RSA, NULL, NULL, 0, NULL, NULL ); else PEM_write_bio_RSAPublicKey( PEM, RSA ); if( RSA_check_key( RSA ) != 1 ) { printf( RED "Make %s RSA Failed\n" OFF, Type==1?"Private":"Public" ); int Error = ERR_get_error(); char *MSG = ERR_error_string( Error, NULL); printf( "%s\n", MSG ); } and I get this error: Make Private RSA Failed error:2007507E:lib(32):func(117):reason(126) Can anyone tell me what this error is and how to fix it? -- William Estrada Mt Umunhum, CA, USA, Earth HTTP:// Mt-Umunhum-Wireless.net Skype: MrUmunhum -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Error Encrytping Symmetric key with RSA Public Key
Hi group, I have written a simple program to test my understanding of the OpenSSL APIs. And of course I have a problem with one of them. My problem is that when I use RSA_public_encrypt to encrypt my Symmetric key is get the following error: Testing RSA encryption of Symmertic key 145 Encrypt In bytes: 128, 149 Encript failed: Code: 67555438 error:0406D06E rsa routines:RSA_padding_add_PKCS1_type_2 data too large for key size The program first generates a Symmetric key, then uses it to encrypt and decrypt some simple text that the user inputs. Next it create an RSA Key and a public RSA key. then the same with these keys. The last thing tested is the encryption of the Symmetric Key using the RSA keys which fails. The error message does not make any sense to me since the Sym key is only 128 bytes. I would appreciate any help with my problem. All of the code is here: http://64.124.13.3/_OpenSSL_/Keys/ Thanks for your time. -- William Estrada [EMAIL PROTECTED] Mt-Umunhum-Wireless.net ( http://Mt-Umunhum-Wireless.net ) Ymessenger: MrUmunhum __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Error Encrytping Symmetric key with RSA Public Key
Bill, You are 100% right. I increased my buffer from 1024 to 1115 and it works fine now. I guess I should RTFM more? Thanks. Bill Colvin wrote: The answer is in: data too large for key size According to Secure Programming Cookbook, when using RSA PKCS #1 v1.5 padding you can only encrypt messages up to 11 bytes smaller than the modulus size in bytes. If you are using RSA-1024, then that is (1024/8)-11=117 bytes. Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of William Estrada Sent: September 30, 2008 4:31 PM To: openssl-users@openssl.org Subject: Error Encrytping Symmetric key with RSA Public Key Hi group, I have written a simple program to test my understanding of the OpenSSL APIs. And of course I have a problem with one of them. My problem is that when I use RSA_public_encrypt to encrypt my Symmetric key is get the following error: Testing RSA encryption of Symmertic key 145 Encrypt In bytes: 128, 149 Encript failed: Code: 67555438 error:0406D06E rsa routines:RSA_padding_add_PKCS1_type_2 data too large for key size The program first generates a Symmetric key, then uses it to encrypt and decrypt some simple text that the user inputs. Next it create an RSA Key and a public RSA key. then the same with these keys. The last thing tested is the encryption of the Symmetric Key using the RSA keys which fails. The error message does not make any sense to me since the Sym key is only 128 bytes. I would appreciate any help with my problem. All of the code is here: http://64.124.13.3/_OpenSSL_/Keys/ Thanks for your time. -- William Estrada [EMAIL PROTECTED] Mt-Umunhum-Wireless.net ( http://Mt-Umunhum-Wireless.net ) Ymessenger: MrUmunhum __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
How to extract the public ket from an RSA structure?
Hi group, I am still getting uses to SSL and I need a little help with RSA. I have a small test program that I wrote to help me. My latest problem is how do I extract the public key from the RSA structure to send to a SSL client? Here is my test program: #define _GNU_SOURCE #include string.h #include stdio.h #include stdlib.h #include ctype.h #include signal.h #include termios.h #include termio.h #include time.h #include unistd.h #include errno.h #include fcntl.h #include math.h #include sys/types.h #include sys/stat.h #include unistd.h #include wordexp.h #include sys/socket.h #include netinet/in.h #include netdb.h #include arpa/inet.h #include openssl/rsa.h #include openssl/rand.h #include openssl/blowfish.h #define SAY printf( In: '%s', Out: '%s'\n, In, Out ); #define ON_ERR(Test,M, Action)\ if( Test ) { \ sprintf(Work,%s %s\n, M, strerror(errno) );\ printf( %s,Work); \ Action; } RSA *My_RSA; RSA *My_Key; char *Public_Key[1024]; char In[ 100]; char Out[ 100]; char Work[100]; int RC, Size, Len, Run; int main( ) { My_RSA = RSA_generate_key( 1024, 65537, NULL, NULL ); ON_ERR( !My_RSA, generating RSA key failed\n, return 0; ) for( Run = 1; Run; ) { printf( Enter string: );fflush(stdout); fgets( In, 80, stdin ); if( In[0] == '\n' ) break; Len = strlen(In)-1; In[Len-1] = Out[0] = '\0'; SAY; Size = Encrypt( ); SAY; Decrypt( Size ); SAY; } return 1; } /* -- */ int Encrypt( ) { Size = RSA_public_encrypt( strlen(In), In, Work, My_RSA, RSA_PKCS1_PADDING ); ON_ERR( Size 0, Encrypt failed: , return 0; ); printf( New size: %d\n, Size ); return Size; } /* -- */ int Decrypt( int Size ) { RC = RSA_private_decrypt( Size, Work, Out, My_RSA, RSA_PKCS1_PADDING ); ON_ERR( RC 0, Decrypt failed: , return 0; ); return 0; } /* -- */ -- William Estrada [EMAIL PROTECTED] Mt-Umunhum-Wireless.net ( http://Mt-Umunhum-Wireless.net ) Ymessenger: MrUmunhum __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
API calls?
Hi group, First I want to thank all evolved for the great support. Now for my bitching, I have not been able to find a clear definition of the C API Calls. I have a network Peer to Peer app that I want to add encryption to. I have figured out how to do the Public/Private keys. Not I want to generate a Symmetric Key. Which API call do I use? Which API call do I use to encrypt and decrypt packets? Please reply to my Email account directly. -- William Estrada [EMAIL PROTECTED] Mt-Umunhum-Wireless.net ( http://Mt-Umunhum-Wireless.net ) Ymessenger: MrUmunhum __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
How to start?
Hi group, I am starting a project that will require using SSL to transmit data in an encrypted mode. I would like to find some simple code that I could use as a model for my program. The program will be a peer to peer communication using the same code at each end, an SSL Agent. I want to use One Time RSA authentication method, That means that for each connection, generate an RSA key before starting the connection and use it just once. I have the Socket code already, I just need the SSL calls/protocol. From what I have gathered, the calls would something like this: Generate RSA Key (call rsa_generate_key?) Request authentication from other side Return my key Loop: Encrypt packet Send packet Get response packet Decrypt packet Process Packet Goto Loop Does this look right? Any pointers (URLs)? -- William Estrada [EMAIL PROTECTED] Mt-Umunhum-Wireless.net ( http://Mt-Umunhum-Wireless.net ) Ymessenger: MrUmunhum __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]