Re: [openssl.org #2333] [BUG?] RSA_public_decrypt() failed

Mounir IDRASSI via RT Wed, 08 Sep 2010 23:01:59 -0700

Hi,

You have to call RSA_private_decrypt instead of RSA_public_decrypt in
order to recover plain data (Encryption is done with the public key
whereas decryption is performed using the private key).
So, there is no bug here and it's normal that RSA_public_decrypt rejects
OAEP padding since this padding is for encryption only and
RSA_public_decrypt is used for signature verification.


--
Mounir IDRASSI
IDRIX
http://www.idrix.fr

> Hi, the program execution leads to:
>
>
>  "RSA_public_decrypt failed: error:04067076:rsa
> routines:RSA_EAY_PUBLIC_DECRYPT:unknown padding type"
>
>
>
> ///////////////////////////////////////////////////////////////////////////////
>
> #include <openssl/ssl.h>
>
> #include <openssl/rsa.h>
>
> #include <openssl/err.h>
>
> #include <cstring>
>
> #include <stdio.h>
>
>
>  int main(void)
>
> {
>
> RSA * rsa;
>
> unsigned char src[1000] = "Some text....Some text....Some text";
>
> unsigned char enc[1000] = {0};
>
> unsigned char dec[1000] = {0};
>
> int result;
>
>
>  SSL_library_init();
>
> SSL_load_error_strings();
>
> OpenSSL_add_all_algorithms();
>
>
>  if (!(rsa = RSA_generate_key(1024, 0x10001, NULL, NULL)))
>
> {
>
> printf("RSA_generate_key failed: %s\n", ERR_error_string(ERR_get_error(),
> NULL));
>
> return 1;
>
> }
>
>
>  if ((result = RSA_public_encrypt(strlen((char*)src), src, enc, rsa,
> RSA_PKCS1_OAEP_PADDING)) < 0)
>
> {
>
> printf("RSA_public_encrypt failed: %s\n",
> ERR_error_string(ERR_get_error(),
> NULL));
>
> return 1;
>
> }
>
>
>  if ((result = RSA_public_decrypt(result, enc, dec, rsa,
> RSA_PKCS1_OAEP_PADDING)) < 0)
>
> {
>
> printf("RSA_public_decrypt failed: %s\n",
> ERR_error_string(ERR_get_error(),
> NULL));
>
> return 1;
>
> }
>
>
>  RSA_free(rsa);
>
>
>  return 0;
>
> }
>
> ///////////////////////////////////////////////////////////////////////////////
>
>
> OS: openSUSE 11.2 (x86_64)
>
> Lib: OpenSSL 0.9.8k-3.7.1
>
>
>  What's wrong?
>
>
> Thank you in advance!
>
>
>
> Fedor
>
>
> <meta name="qrichtext" content="1"><meta http-equiv="Content-Type"
> content="text/html; charset=utf-8"><style type="text/css">
> p, li { white-space: pre-wrap; }
> </style>
> <p style="margin: 0px; text-indent: 0px;">Hi, the program execution leads
> to:</p><p style="margin: 0px; text-indent: 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;">&quot;RSA_public_decrypt failed:
> error:04067076:rsa routines:RSA_EAY_PUBLIC_DECRYPT:unknown padding
> type&quot;</p><p style="margin: 0px; text-indent: 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent:
> 0px;">///////////////////////////////////////////////////////////////////////////////</p>
> <p style="margin: 0px; text-indent: 0px;">#include
> &lt;openssl/ssl.h&gt;</p>
> <p style="margin: 0px; text-indent: 0px;">#include
> &lt;openssl/rsa.h&gt;</p>
> <p style="margin: 0px; text-indent: 0px;">#include
> &lt;openssl/err.h&gt;</p>
> <p style="margin: 0px; text-indent: 0px;">#include &lt;cstring&gt;</p>
> <p style="margin: 0px; text-indent: 0px;">#include &lt;stdio.h&gt;</p><p
> style="margin: 0px; text-indent: 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;">int main(void)</p>
> <p style="margin: 0px; text-indent: 0px;">{    </p>
> <p style="margin: 0px; text-indent: 0px;">    RSA * rsa;</p>
> <p style="margin: 0px; text-indent: 0px;">    unsigned char src[1000] =
> &quot;Some text....Some text....Some text&quot;;</p>
> <p style="margin: 0px; text-indent: 0px;">    unsigned char enc[1000] =
> {0};</p>
> <p style="margin: 0px; text-indent: 0px;">    unsigned char dec[1000] =
> {0};</p>
> <p style="margin: 0px; text-indent: 0px;">    int result;</p><p
> style="margin: 0px; text-indent: 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;">    SSL_library_init();</p>
> <p style="margin: 0px; text-indent: 0px;">
> SSL_load_error_strings();</p>
> <p style="margin: 0px; text-indent: 0px;">
> OpenSSL_add_all_algorithms();</p><p style="margin: 0px; text-indent:
> 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;">    if (!(rsa =
> RSA_generate_key(1024, 0x10001, NULL, NULL)))</p>
> <p style="margin: 0px; text-indent: 0px;">    {</p>
> <p style="margin: 0px; text-indent: 0px;">    printf(&quot;RSA_generate_key
> failed: %s\n&quot;, ERR_error_string(ERR_get_error(), NULL));</p>
> <p style="margin: 0px; text-indent: 0px;">    return 1;</p>
> <p style="margin: 0px; text-indent: 0px;">    } <br></p><p style="margin:
> 0px; text-indent: 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;">    if ((result =
> RSA_public_encrypt(strlen((char*)src), src, enc, rsa,
> RSA_PKCS1_OAEP_PADDING)) &lt; 0)</p>
> <p style="margin: 0px; text-indent: 0px;">    {</p>
> <p style="margin: 0px; text-indent: 0px;">    printf(&quot;RSA_public_encrypt
> failed: %s\n&quot;, ERR_error_string(ERR_get_error(), NULL));</p>
> <p style="margin: 0px; text-indent: 0px;">    return 1;</p>
> <p style="margin: 0px; text-indent: 0px;">    }</p><p style="margin: 0px;
> text-indent: 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;">    if ((result =
> RSA_public_decrypt(result, enc, dec, rsa, RSA_PKCS1_OAEP_PADDING)) &lt;
> 0)</p>
> <p style="margin: 0px; text-indent: 0px;">    {</p>
> <p style="margin: 0px; text-indent: 0px;">    printf(&quot;RSA_public_decrypt
> failed: %s\n&quot;, ERR_error_string(ERR_get_error(), NULL));</p>
> <p style="margin: 0px; text-indent: 0px;">    return 1;</p>
> <p style="margin: 0px; text-indent: 0px;">    }</p><p style="margin: 0px;
> text-indent: 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;">    RSA_free(rsa);</p><p
> style="margin: 0px; text-indent: 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;">    return 0;</p>
> <p style="margin: 0px; text-indent: 0px;">}</p>
> <p style="margin: 0px; text-indent:
> 0px;">///////////////////////////////////////////////////////////////////////////////</p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;"><br></p><p style="margin: 0px;
> text-indent: 0px;">OS: openSUSE 11.2 (x86_64)</p>
> <p style="margin: 0px; text-indent: 0px;">Lib: OpenSSL 0.9.8k-3.7.1</p><p
> style="margin: 0px; text-indent: 0px;"><br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
> <p style="margin: 0px; text-indent: 0px;">What&#39;s wrong?</p><p
> style="margin: 0px; text-indent: 0px;"><br></p><p style="margin: 0px;
> text-indent: 0px;">Thank you in advance!</p><p style="margin: 0px;
> text-indent: 0px;">
> <br></p><p style="margin: 0px; text-indent: 0px;"></p><p style="margin:
> 0px; text-indent: 0px;"><br></p><p style="margin: 0px; text-indent:
> 0px;">Fedor <br></p>
> <p style="margin: 0px; text-indent: 0px;"></p>
>



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Re: [openssl.org #2333] [BUG?] RSA_public_decrypt() failed

Reply via email to