Re: Problems with RSA encryption/decryption

Mon, 13 Aug 2007 16:03:51 -0700 

Hi Marek and David,
Thank you both for your help. I applied both of your advice and It looks like I've got things working now. As David said I was not keeping track of the size of the encoded data, thus when it came time to decrypt I was providing the wrong value in the flen parameter. Using this method seems to have gotten things working: 


int encSize = RSA_public_encrypt(size, inText, sigBuffer, rsaPubKey,  
RSA_PKCS1_OAEP_PADDING);

if(encSize == -1)
{
        cout << "error encrytping with public key" << endl;
        return -1;
}

int decryptRetVal = RSA_private_decrypt(encSize, sigBuffer,  
plainText, rsaPrivKey, RSA_PKCS1_OAEP_PADDING);

if(decryptRetVal == -1)
{
        cout << "error decrypting with private key" << endl;
        return -1;
}


I'll give you an overview of what I'm trying to do in case I'm not  
even in the right ballpark with my approach.  We're developing an  
application that has a site-license copy protection method where the  
license file sits on a server.  When a client machine launches the  
application the app pings the server and the server sends a piece of  
data embedded in the license file to the client app, which the client  
app uses for further authentication.  We want the data passed from  
the server to be encrypted, and then the app will decrypt it at  
runtime.  Roughly speaking:



1.  Static data is encrypted with an RSA private key and embedded  
into a network license file
2.  Application is compiled with the RSA public key as one of its  
internal resources.
3.  On launch encrypted data is sent from the server to the client  
application
4.  Client application attempts to decrypt the data with its public  
key. If the data is decrypted correctly the rest of the app's  
internal authentication succeeds, otherwise it fails.


Thanks again for any responses,
Dan



On Aug 13, 2007, at 3:34 PM, David Schwartz wrote:




RSA_public_encrypt(size, inText, sigBuffer, rsaPubKey,
RSA_PKCS1_OAEP_PADDING);



Ooops, you just threw away the return value from
RSA_public_encrypt. So how
are you going to know how big the signature is?



RSA_size()



I thought RSA_size gave the modulus size, which is also the maximum  
size for
what you can sign or encrypt or the resulting signature or  
encrypted output.



Is it always guaranteed that an RSA signature will always be  
exactly this

size? Is there some reason it can't be, say, a byte shorter?

DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]
























					Reply via email to