This question seems to be coming up more frequently! The message you
encrypt must be *less* than the modulus.
====================
Greg Stark
[EMAIL PROTECTED]
====================
----- Original Message -----
From: "Patrick Mackinlay" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, July 11, 2001 1:08 PM
Subject: Problems encrypting with RSA and RSA_NO_PADDING
> I am having problem encrytping and then decrypting messages using RSA
> withthe padding set to RSA_NO_PADDING. Most messages work, but some of
> them don't. By don't I mean the encryption/decryption process works fine
> except that the decrypted message is nothnig like the original! I have
> attached a C source file that demonstrates the problem.
> My system is linux 2.4 and I have tried compiling the code with the
> redhat openssl-devel-0.9.6-3 rpm installed and with the lastest openssl
> tarball (dated 9-7-2001, openssl-0.9.6b.tar.gz).
> Am I doing something wrong or is there a bug?
>
> regards,
> Patrick
>
> --
> Patrick Mackinlay [EMAIL PROTECTED]
> ICQ: 59277981 tel: +44 7050699851
> fax: +44 7050699852
> SpaceSurfer Limited http://www.spacesurfer.com/
>
----------------------------------------------------------------------------
----
> #include <openssl/ssl.h>
>
> char *rsaMakeKeyString(char privateFlag, RSA *pKey)
> {
> BUF_MEM *pBuffer;
> char *pKeyString;
> BIO *pStringBIO = BIO_new(BIO_s_mem());
>
> if (pStringBIO==NULL)
> return NULL;
>
> if (privateFlag)
> PEM_write_bio_RSAPrivateKey(pStringBIO, pKey, NULL, NULL, 0, NULL,
NULL);
> else
> PEM_write_bio_RSAPublicKey(pStringBIO, pKey);
>
> BIO_flush(pStringBIO);
> BIO_get_mem_ptr(pStringBIO, &pBuffer);
> /* --PIM-- Why set to noclose when it is no longer used when the function
returns?
> BIO_set_close(pStringBIO, BIO_NOCLOSE); // So BIO_free() leaves BUF_MEM
alone
> --/PIM-- */
> BIO_set_close(pStringBIO, BIO_CLOSE);
> pKeyString = malloc(pBuffer->length + 1);
> memcpy(pKeyString, pBuffer->data, pBuffer->length + 1);
> BIO_free(pStringBIO);
>
> return pKeyString;
> }
>
> RSA* rsaLoadKey(char privateFlag, char *pKeyString)
> {
> RSA *pKey;
> BUF_MEM *pBuffer;
> BIO *pStringBio = BIO_new(BIO_s_mem());
>
> if (pStringBio==NULL)
> return NULL;
>
> pBuffer = BUF_MEM_new();
> BUF_MEM_grow(pBuffer, strlen(pKeyString) + 1);
> memcpy(pBuffer->data, pKeyString, strlen(pKeyString) + 1);
> BIO_set_mem_buf(pStringBio, pBuffer, BIO_CLOSE);
>
> if(privateFlag)
> pKey = PEM_read_bio_RSAPrivateKey(pStringBio, NULL, NULL, NULL);
> else
> pKey = PEM_read_bio_RSAPublicKey(pStringBio,NULL, NULL, NULL);
>
> BIO_free(pStringBio);
> if (pKey == NULL)
> return NULL;
>
> return pKey;
> }
>
> char
BuggyMessage[]="f687c3b86fe97c5cf69956c49bcbeef383849d757ad801cdfd5af57ef88c
6a85416c7708a3cb727371b6b97d45bfc62abc42577865cf00e31de2402c8501f78fa36da4c4
c46e6fd057a5ed978f008b897c858d6700cdb78c6a5da4bf87caf57f0ac2510e8d7f56607d9f
5e3ed79d4df474426096680ae1f31548aae5fd032e03";
>
> char
WorkingMessage[]="6b334b5f8da27aff934f08f1df8e50b29828b896c99b3e85a7e6256d4a
8c9f9dfea36a1af789c27d8a3cd50d8d0af8a1c269d525a116a347b251e7185130490edd0166
0a9a963dd6efb2a63af906616813c12800f86485761bbfda1c50fb7f22927b52143ef59f5836
8e9840cf014e5b5f03a667fea1b345353902e79ede07a2";
>
> char *DecodeBytes(char *pInput, int length)
> {
> char *pOutput=malloc(length);
> int n;
>
> for(n=0; n<length; n++)
> {
> unsigned char *pV=&pOutput[n];
> *pV=(unsigned char)pInput[2*n] >= (unsigned char)'a' ? (unsigned
char)pInput[2*n]-(unsigned char)'a'+10 : (unsigned
char)pInput[2*n]-(unsigned char)'0';
> *pV=*pV<<4;
> *pV+=(unsigned char)pInput[2*n+1] >= (unsigned char)'a' ? (unsigned
char)pInput[2*n+1]-(unsigned char)'a'+10 : (unsigned
char)pInput[2*n+1]-(unsigned char)'0';
> }
>
> return pOutput;
> }
>
>
> int main(int argc, char* argv[])
> {
> RSA *rsa, *rsa_pub, *rsa_priv;
>
> int orig_length, enc_length, dec_length;
> int i, j;
>
> unsigned char *original_message;
> unsigned char encrypted_message[255];
> unsigned char decrypted_message[255];
> char error[120];
> char *privateString;
> char *publicString;
>
> BIO *bio_out;
>
> // int pad = RSA_PKCS1_OAEP_PADDING;
> int pad = RSA_NO_PADDING;
>
> SSLeay_add_ssl_algorithms();
> SSL_load_error_strings();
>
> rsa = RSA_generate_key(1024, 65535, NULL, NULL);
>
> // printf("public modulus: %s\n", BN_bn2dec(rsa->n));
> // printf("public exponent: %s\n", BN_bn2dec(rsa->e));
> // printf("private exponent: %s\n", BN_bn2dec(rsa->d));
> // printf("p: %s\n", BN_bn2dec(rsa->p));
> // printf("q: %s\n", BN_bn2dec(rsa->q));
>
> printf ("RSA size: %d\n", RSA_size(rsa));
>
> publicString = rsaMakeKeyString(0, rsa);
> privateString = rsaMakeKeyString(1, rsa);
>
> printf("%s", publicString);
> printf("%s", privateString);
>
> rsa_pub = rsaLoadKey(0, publicString);
> rsa_priv = rsaLoadKey(1, privateString);
> /* RSA_print_fp(stdout, rsa, 0); */
>
> // orig_length = strlen(original_message)+1;
> orig_length=128;
> original_message=DecodeBytes(BuggyMessage, orig_length);
>
> printf("Original message:\n");
> for (j = 0; j < orig_length;)
> {
> printf("%2.2x", original_message[j]);
> j++;
> if (j%32==0)
> printf("\n");
> }
> printf("\n");
>
> for (i= 0; i< 1; i++)
> {
> enc_length = RSA_public_encrypt(orig_length, original_message,
encrypted_message, rsa_pub, pad);
>
> printf("Enclength: %d\n", enc_length);
>
> printf("Encrypted message:\n");
> for (j = 0; j < enc_length;)
> {
> printf("%2.2x", encrypted_message[j]);
> j++;
> if (j%32==0)
> printf("\n");
> }
> printf("\n");
> }
>
> ERR_print_errors_fp(stdout);
> dec_length = RSA_private_decrypt(enc_length, encrypted_message,
decrypted_message, rsa_priv, pad);
> printf("Declength: %d\n", dec_length);
> printf("Decrypted message:\n");
> for (j = 0; j < dec_length;)
> {
> printf("%2.2x", decrypted_message[j]);
> j++;
> if (j%32==0)
> printf("\n");
> }
> printf("\n");
>
> if (strncmp(decrypted_message, original_message, orig_length)==0)
> printf("It worked\n");
> else
> printf("It failed\n");
> return 0;
> }
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]