> From: owner-openssl-us...@openssl.org On Behalf Of krishnamurthy
santhanam
> Sent: Tuesday, 07 September, 2010 13:09
> Thanks for your explanation. i have to create RSA Public/Praivate
key
> and send back to my application. My application will read only character
> and string format , it will not accept RSA format.. please guide me how to
do that?
This is confused. What character and string format(s)? If it contains
an RSA key, it has to be some kind of RSA format.
PS- 'sending' a private key is usually a bad idea. If more than
one party has the opportunity to see a given private key, in
storage or in transit, it isn't really private anymore and
any security it was supposed to provide is most likely lost.
There are some specialized cases like KDCs and mirrors
where it is appropriate, but these are pretty rare.
> I had return below program for that but it is not resolving the
purpose...
> rsa = RSA_generate_key(1024, RSA_3, NULL, NULL);
size = i2d_RSAPublicKey (rsa, NULL); //how i can get this
public key
> pub_key = p = (unsigned char *) malloc(size * sizeof(unsigned
char));
> i2d_RSAPublicKey (rsa, &p);
> pub_rsa = d2i_RSAPublicKey(NULL,&pub_key,size);
This isn't necessary. You can just do PEM_write_RSA_PUBKEY(,rsa)
and it writes only the public-key parts of the 'rsa' structure.
> PEM_write_RSA_PUBKEY(stdout,pub_rsa);
> size = i2d_RSAPrivateKey(rsa, NULL);
> priv_key = pp = (unsigned char *) malloc(size * sizeof(unsigned
char));
> i2d_RSAPrivateKey (rsa, &pp);
> priv_rsa = d2i_RSAPrivateKey(NULL,&priv_key,size);
> if( priv_rsa==NULL ) { fprintf(stderr,"priv key error!\n"); return
0; }
> PEM_write_RSAPrivateKey(stdout,priv_rsa,NULL, NULL, 0, NULL, NULL);
Similarly .
Okay, so that writes the PEM (base64) encoded publickey and privatekey.
These are text formats. If your application can read these formats and
you give it this data, it should work. What's the problem? Be specific.
A few minor points on the rest:
> len1 = (strlen(mess)*sizeof(unsigned char)+1);
> encrypted = (unsigned char *) malloc ((size_t) RSA_size(pub_rsa));
#include <stdlib.h> for the correct prototype of malloc() and don't cast.
It's clearer AND more robust.
> len= RSA_public_encrypt(len1, mess, encrypted, pub_rsa,
RSA_PKCS1_PADDING);
Again you can use rsa and only the public-key parts are used.
> printf("encrypted: %s len: %d\n",encrypted, len);
This will not print anything useful for 'encrypted'. In some cases
it will screw up your terminal (emulator) so no printing works at all.
> if(!(decrypt_mess = (unsigned char *) malloc ((size_t)
RSA_size(priv_rsa))))
> fprintf(stderr,"can't allocate memory for encrypted text!\n");
> printf("decrypting!\n");
> len= RSA_private_decrypt(RSA_size(priv_rsa), encrypted,
decrypt_mess, priv_rsa, RSA_PKCS1_PADDING);
Ditto and ditto.
> printf("decrypted: %s len:%d\n",decrypt_mess,len);
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
