Hi, I'm going mad trying to encrypt/decrypt some data using RSA with OAEP padding.
The detail. I'm trying to implement the part of a database server (Sybase) to support sending encrypted password instead of plain one. The server send a public rsa key in this format: -----BEGIN RSA PUBLIC KEY----- MIGJAoGBANImhdQpGBmwkYveMfMPe0LmWj9vQOuqTdp0SOdQuNRtLEvr53axmV7jTx4ZCLTWnsAX i2ap524TEMnJdhzRUQeRIk3U7LLfwklq4YOhxgXolqPbDWhjS4YIohmEX2Ldto0pHqRrs8bIWu6H TvYYQhdiTAFJhQSvq5VoriL0MD+PAgMBAAE= -----END RSA PUBLIC KEY----- and some random data. It uses RSA with OAEP (the message is the random data plus the password). I would like to implement with GnuTLS but I found some problems: - gnutls_pubkey_import_x509_raw does not recognizing the format above as the only prefix it uses is "PUBLIC KEY", not "RSA PUBLIC KEY". I'm actually working around using gnutls_pem_base64_decode and using directly nettle_rsa_key_from_der_iterator; - nettle does not support OAEP so the workaround was to implement a rsa_encrypt_oaep instead of the rsa_encrypt_tr. Now... this solution uses really few GnuTLS but a lot of lower level functions (nettle and gmp directly). OAEP is not that new in the RSA world so I think I'm doing something wrong with GnuTLS. Is there a way to this stuff with GnuTLS? I don't understand the relationship between GnuTLS and p11-kit modules. Looking at the code p11-kit module supports OAEP but is not clear how to use this module do to RSA encryption. Regards, Frediano _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
