Hi Marek, My understanding was that while it's mathematically possible, from an OpenSSL API perspective there is no way to do it. Did I misunderstand?
-----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of marek.marc...@malkom.pl Sent: Thursday, February 24, 2011 11:23 AM To: openssl-users@openssl.org Cc: openssl-users@openssl.org; owner-openssl-us...@openssl.org Subject: RE: RSA_private_decrypt without e and d Hello, Remember, you do not need to recover this parameters to decrypt message. Best regards, -- Marek Marcola <marek.marc...@malkom.pl> owner-openssl-us...@openssl.org wrote on 02/24/2011 05:19:30 PM: > "Shaheed Bacchus (sbacchus)" <sbacc...@cisco.com> > Sent by: owner-openssl-us...@openssl.org > > 02/24/2011 05:21 PM > > Please respond to > openssl-users@openssl.org > > To > > <openssl-users@openssl.org> > > cc > > Subject > > RE: RSA_private_decrypt without e and d > > Thanks Mounir and Marek, I will try to recover these parameters. > > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Mounir IDRASSI > Sent: Thursday, February 24, 2011 2:27 AM > To: openssl-users@openssl.org > Subject: Re: RSA_private_decrypt without e and d > > Hi Shaheed, > > The OpenSSL error you are getting means that OpenSSL decrypted the > ciphered text but couldn't find the PKCS1 padding byte. This means that > the wrong CRT parameters were supplied. Usually this comes from the fact > > that the parameters p and q (and the corresponding dmp1, dmq1) must be > swapped : p instead of q and q instead of p (same thing for dmp1 and > dmq1). > In order to check this, you can use a tool I have written and that > enables you to recover e and d from these 5 parameters. You can get it > from sourceForge using the following link : > http://rsaconverter.sourceforge.net/ . > Thanks to it, you can check that these 5 parameters give you the correct > > d and e. In your case, I'm sure you'll get the wrong d and e. Swap the > parameters and see if you get the correct d this time. > > I hope this will help. > Cheers, > -- > Mounir IDRASSI > IDRIX > http://www.idrix.fr > > > > On 2/24/2011 4:03 AM, Shaheed Bacchus (sbacchus) wrote: > > > > Just to be clear, below is not the actual code, but what I would > > **like** to be able to do (or something close). > > > > *From:*owner-openssl-us...@openssl.org > > [mailto:owner-openssl-us...@openssl.org] *On Behalf Of *Shaheed > > Bacchus (sbacchus) > > *Sent:* Wednesday, February 23, 2011 9:47 PM > > *To:* openssl-users@openssl.org > > *Subject:* RSA_private_decrypt without e and d > > > > Hi, > > > > I have a situation where I have a message that has been encrypted via > > RSA_public_encrypt. On the receiving end I have the n, p, q, dmp1, > > dmq1, and iqmp components (I know it might sound odd that I don't have > > > the e and d components but that is the case). I'm trying to do > > something like: > > > > If (!(new_key = RSA_new())) > > > > return -1; > > > > new_key->n = BN_bin2bn(n_data, n_data_len, NULL); > > > > new_key->p = BN_bin2bn(p_data, p_data_len, NULL); > > > > new_key->q = BN_bin2bn(q_data, q_data_len, NULL); > > > > new_key->dmp1 = BN_bin2bn(dmp1_data, dmp1_data_len, NULL); > > > > new_key->dmq1 = BN_bin2bn(dmq1_data, dmq1_data_len, NULL); > > > > new_key->iqmp = BN_bin2bn(iqmp_data, iqmp1_data_len, NULL); > > > > resultDecrypt = RSA_private_decrypt(encrypted_size, encrypted, > > decrypted, new_key, RSA_PKCS1_PADDING); > > > > This decrypt fails with > > > > error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type > > is not 02 > > > > Supplying the correct e and d component causes it work properly, but I > > > will not have those under normal circumstances. Is there any way to do > > > this without d and e? > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
