Re: [openssl.org #2333] [BUG?] RSA_public_decrypt() failed

wgmrqq via RT Wed, 08 Sep 2010 23:31:12 -0700

Oh! Thanks a lot!

2010/9/9 Mounir IDRASSI via RT <[email protected]>


> Hi,
>
> You have to call RSA_private_decrypt instead of RSA_public_decrypt in
> order to recover plain data (Encryption is done with the public key
> whereas decryption is performed using the private key).
> So, there is no bug here and it's normal that RSA_public_decrypt rejects
> OAEP padding since this padding is for encryption only and
> RSA_public_decrypt is used for signature verification.
>
> --
> Mounir IDRASSI
> IDRIX
> http://www.idrix.fr
>
> > Hi, the program execution leads to:
> >
> >
> >  "RSA_public_decrypt failed: error:04067076:rsa
> > routines:RSA_EAY_PUBLIC_DECRYPT:unknown padding type"
> >
> >
> >
> >
> ///////////////////////////////////////////////////////////////////////////////
> >
> > #include <openssl/ssl.h>
> >
> > #include <openssl/rsa.h>
> >
> > #include <openssl/err.h>
> >
> > #include <cstring>
> >
> > #include <stdio.h>
> >
> >
> >  int main(void)
> >
> > {
> >
> > RSA * rsa;
> >
> > unsigned char src[1000] = "Some text....Some text....Some text";
> >
> > unsigned char enc[1000] = {0};
> >
> > unsigned char dec[1000] = {0};
> >
> > int result;
> >
> >
> >  SSL_library_init();
> >
> > SSL_load_error_strings();
> >
> > OpenSSL_add_all_algorithms();
> >
> >
> >  if (!(rsa = RSA_generate_key(1024, 0x10001, NULL, NULL)))
> >
> > {
> >
> > printf("RSA_generate_key failed: %s\n", ERR_error_string(ERR_get_error(),
> > NULL));
> >
> > return 1;
> >
> > }
> >
> >
> >  if ((result = RSA_public_encrypt(strlen((char*)src), src, enc, rsa,
> > RSA_PKCS1_OAEP_PADDING)) < 0)
> >
> > {
> >
> > printf("RSA_public_encrypt failed: %s\n",
> > ERR_error_string(ERR_get_error(),
> > NULL));
> >
> > return 1;
> >
> > }
> >
> >
> >  if ((result = RSA_public_decrypt(result, enc, dec, rsa,
> > RSA_PKCS1_OAEP_PADDING)) < 0)
> >
> > {
> >
> > printf("RSA_public_decrypt failed: %s\n",
> > ERR_error_string(ERR_get_error(),
> > NULL));
> >
> > return 1;
> >
> > }
> >
> >
> >  RSA_free(rsa);
> >
> >
> >  return 0;
> >
> > }
> >
> >
> ///////////////////////////////////////////////////////////////////////////////
> >
> >
> > OS: openSUSE 11.2 (x86_64)
> >
> > Lib: OpenSSL 0.9.8k-3.7.1
> >
> >
> >  What's wrong?
> >
> >
> > Thank you in advance!
> >
> >
> >
> > Fedor
> >
> >
> > <meta name="qrichtext" content="1"><meta http-equiv="Content-Type"
> > content="text/html; charset=utf-8"><style type="text/css">
> > p, li { white-space: pre-wrap; }
> > </style>
> > <p style="margin: 0px; text-indent: 0px;">Hi, the program execution leads
> > to:</p><p style="margin: 0px; text-indent: 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;">&quot;RSA_public_decrypt
> failed:
> > error:04067076:rsa routines:RSA_EAY_PUBLIC_DECRYPT:unknown padding
> > type&quot;</p><p style="margin: 0px; text-indent: 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent:
> >
> 0px;">///////////////////////////////////////////////////////////////////////////////</p>
> > <p style="margin: 0px; text-indent: 0px;">#include
> > &lt;openssl/ssl.h&gt;</p>
> > <p style="margin: 0px; text-indent: 0px;">#include
> > &lt;openssl/rsa.h&gt;</p>
> > <p style="margin: 0px; text-indent: 0px;">#include
> > &lt;openssl/err.h&gt;</p>
> > <p style="margin: 0px; text-indent: 0px;">#include &lt;cstring&gt;</p>
> > <p style="margin: 0px; text-indent: 0px;">#include &lt;stdio.h&gt;</p><p
> > style="margin: 0px; text-indent: 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;">int main(void)</p>
> > <p style="margin: 0px; text-indent: 0px;">{    </p>
> > <p style="margin: 0px; text-indent: 0px;">    RSA * rsa;</p>
> > <p style="margin: 0px; text-indent: 0px;">    unsigned char src[1000] =
> > &quot;Some text....Some text....Some text&quot;;</p>
> > <p style="margin: 0px; text-indent: 0px;">    unsigned char enc[1000] =
> > {0};</p>
> > <p style="margin: 0px; text-indent: 0px;">    unsigned char dec[1000] =
> > {0};</p>
> > <p style="margin: 0px; text-indent: 0px;">    int result;</p><p
> > style="margin: 0px; text-indent: 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;">    SSL_library_init();</p>
> > <p style="margin: 0px; text-indent: 0px;">
> > SSL_load_error_strings();</p>
> > <p style="margin: 0px; text-indent: 0px;">
> > OpenSSL_add_all_algorithms();</p><p style="margin: 0px; text-indent:
> > 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;">    if (!(rsa =
> > RSA_generate_key(1024, 0x10001, NULL, NULL)))</p>
> > <p style="margin: 0px; text-indent: 0px;">    {</p>
> > <p style="margin: 0px; text-indent: 0px;">
>  printf(&quot;RSA_generate_key
> > failed: %s\n&quot;, ERR_error_string(ERR_get_error(), NULL));</p>
> > <p style="margin: 0px; text-indent: 0px;">    return 1;</p>
> > <p style="margin: 0px; text-indent: 0px;">    } <br></p><p style="margin:
> > 0px; text-indent: 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;">    if ((result =
> > RSA_public_encrypt(strlen((char*)src), src, enc, rsa,
> > RSA_PKCS1_OAEP_PADDING)) &lt; 0)</p>
> > <p style="margin: 0px; text-indent: 0px;">    {</p>
> > <p style="margin: 0px; text-indent: 0px;">
>  printf(&quot;RSA_public_encrypt
> > failed: %s\n&quot;, ERR_error_string(ERR_get_error(), NULL));</p>
> > <p style="margin: 0px; text-indent: 0px;">    return 1;</p>
> > <p style="margin: 0px; text-indent: 0px;">    }</p><p style="margin: 0px;
> > text-indent: 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;">    if ((result =
> > RSA_public_decrypt(result, enc, dec, rsa, RSA_PKCS1_OAEP_PADDING)) &lt;
> > 0)</p>
> > <p style="margin: 0px; text-indent: 0px;">    {</p>
> > <p style="margin: 0px; text-indent: 0px;">
>  printf(&quot;RSA_public_decrypt
> > failed: %s\n&quot;, ERR_error_string(ERR_get_error(), NULL));</p>
> > <p style="margin: 0px; text-indent: 0px;">    return 1;</p>
> > <p style="margin: 0px; text-indent: 0px;">    }</p><p style="margin: 0px;
> > text-indent: 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;">    RSA_free(rsa);</p><p
> > style="margin: 0px; text-indent: 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;">    return 0;</p>
> > <p style="margin: 0px; text-indent: 0px;">}</p>
> > <p style="margin: 0px; text-indent:
> >
> 0px;">///////////////////////////////////////////////////////////////////////////////</p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;"><br></p><p style="margin: 0px;
> > text-indent: 0px;">OS: openSUSE 11.2 (x86_64)</p>
> > <p style="margin: 0px; text-indent: 0px;">Lib: OpenSSL 0.9.8k-3.7.1</p><p
> > style="margin: 0px; text-indent: 0px;"><br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> > <p style="margin: 0px; text-indent: 0px;">What&#39;s wrong?</p><p
> > style="margin: 0px; text-indent: 0px;"><br></p><p style="margin: 0px;
> > text-indent: 0px;">Thank you in advance!</p><p style="margin: 0px;
> > text-indent: 0px;">
> > <br></p><p style="margin: 0px; text-indent: 0px;"></p><p style="margin:
> > 0px; text-indent: 0px;"><br></p><p style="margin: 0px; text-indent:
> > 0px;">Fedor <br></p>
> > <p style="margin: 0px; text-indent: 0px;"></p>
> >
>
>
>
>

Oh! Thanks a lot!

2010/9/9 Mounir IDRASSI via RT <[email protected]>

Hi,

You have to call RSA_private_decrypt instead of RSA_public_decrypt in
order to recover plain data (Encryption is done with the public key
whereas decryption is performed using the private key).
So, there is no bug here and it's normal that RSA_public_decrypt rejects
OAEP padding since this padding is for encryption only and
RSA_public_decrypt is used for signature verification.

--
Mounir IDRASSI
IDRIX
http://www.idrix.fr

> Hi, the program execution leads to:
>
>
> "RSA_public_decrypt failed: error:04067076:rsa
> routines:RSA_EAY_PUBLIC_DECRYPT:unknown padding type"
>
>
>
> ///////////////////////////////////////////////////////////////////////////////
>
> #include <openssl/ssl.h>
>
> #include <openssl/rsa.h>
>
> #include <openssl/err.h>
>
> #include <cstring>
>
> #include <stdio.h>
>
>
> int main(void)
>
> {
>
> RSA * rsa;
>
> unsigned char src[1000] = "Some text....Some text....Some text";
>
> unsigned char enc[1000] = {0};
>
> unsigned char dec[1000] = {0};
>
> int result;
>
>
> SSL_library_init();
>
> SSL_load_error_strings();
>
> OpenSSL_add_all_algorithms();
>
>
> if (!(rsa = RSA_generate_key(1024, 0x10001, NULL, NULL)))
>
> {
>
> printf("RSA_generate_key failed: %s\n", ERR_error_string(ERR_get_error(),
> NULL));
>
> return 1;
>
> }
>
>
> if ((result = RSA_public_encrypt(strlen((char*)src), src, enc, rsa,
> RSA_PKCS1_OAEP_PADDING)) < 0)
>
> {
>
> printf("RSA_public_encrypt failed: %s\n",
> ERR_error_string(ERR_get_error(),
> NULL));
>
> return 1;
>
> }
>
>
> if ((result = RSA_public_decrypt(result, enc, dec, rsa,
> RSA_PKCS1_OAEP_PADDING)) < 0)
>
> {
>
> printf("RSA_public_decrypt failed: %s\n",
> ERR_error_string(ERR_get_error(),
> NULL));
>
> return 1;
>
> }
>
>
> RSA_free(rsa);
>
>
> return 0;
>
> }
>
> ///////////////////////////////////////////////////////////////////////////////
>
>
> OS: openSUSE 11.2 (x86_64)
>
> Lib: OpenSSL 0.9.8k-3.7.1
>
>
> What's wrong?
>
>
> Thank you in advance!
>
>
>
> Fedor
>
>

> <meta name="qrichtext" content="1"><meta http-equiv="Content-Type"
> content="text/html; charset=utf-8"><style type="text/css">
> p, li { white-space: pre-wrap; }
> </style>
> Hi, the program execution leads
> to: 
> 
> "RSA_public_decrypt failed:

> error:04067076:rsa routines:RSA_EAY_PUBLIC_DECRYPT:unknown padding

> type" 
> 
> 0px;">///////////////////////////////////////////////////////////////////////////////
> #include
> <openssl/ssl.h>
> #include
> <openssl/rsa.h>
> #include
> <openssl/err.h>
> #include <cstring>
> #include <stdio.h> style="margin: 0px; text-indent: 0px;"> 
> 
> int main(void)
> { 
> RSA * rsa;
> unsigned char src[1000] =
> "Some text....Some text....Some text";
> unsigned char enc[1000] =
> {0};
> unsigned char dec[1000] =
> {0};
> int result; style="margin: 0px; text-indent: 0px;"> 
> 
> SSL_library_init();
> 
> SSL_load_error_strings();
> 
> OpenSSL_add_all_algorithms(); 0px;"> 
> 
> if (!(rsa =
> RSA_generate_key(1024, 0x10001, NULL, NULL)))
> {
> printf("RSA_generate_key
> failed: %s\n", ERR_error_string(ERR_get_error(), NULL));
> return 1;
> } 0px; text-indent: 0px;"> 
> 
> if ((result =

> RSA_public_encrypt(strlen((char*)src), src, enc, rsa,

> RSA_PKCS1_OAEP_PADDING)) < 0)
> {
> printf("RSA_public_encrypt
> failed: %s\n", ERR_error_string(ERR_get_error(), NULL));
> return 1;
> } text-indent: 0px;"> 
> 
> if ((result =
> RSA_public_decrypt(result, enc, dec, rsa, RSA_PKCS1_OAEP_PADDING)) <
> 0)
> {
> printf("RSA_public_decrypt
> failed: %s\n", ERR_error_string(ERR_get_error(), NULL));
> return 1;
> } text-indent: 0px;"> 
> 
> RSA_free(rsa); style="margin: 0px; text-indent: 0px;"> 
> 
> return 0;
> }
> 0px;">///////////////////////////////////////////////////////////////////////////////
> 
> text-indent: 0px;">OS: openSUSE 11.2 (x86_64)
> Lib: OpenSSL 0.9.8k-3.7.1 style="margin: 0px; text-indent: 0px;"> 
> 
> What's wrong? style="margin: 0px; text-indent: 0px;"> text-indent: 0px;">Thank you in advance! text-indent: 0px;">
> 0px; text-indent: 0px;"> 0px;">Fedor 
> 
>

Re: [openssl.org #2333] [BUG?] RSA_public_decrypt() failed

Reply via email to