> From: owner-openssl-us...@openssl.org On Behalf Of Diego Salazar > Sent: Friday, 29 April, 2011 17:39
> Hi there, I've been searching for a solution to this problem > for 3 days. I'm using the ruby openssl module to encrypt/decrypt > small amounts of data with 2048 bit mod key. > On decrypt i get the an RSAError: padding check failed. I wrote more > detais about it on stackoverflow: http://stackoverflow.com/q/5811167/721017 Padding wrong is caused by one of three things: - your decrypt is expecting a different padding scheme than your encrypt used. Since you are apparently using a Ruby-on-Rails default in both cases, this is unlikely. But be aware there are more than one padding scheme defined for RSA, so in general this is a possibility. - the data you are decrypting is not bit-for-bit the output of a previous encryption (damaged or corrupted). You indicate it worked when stored in and read from MySQL but not PostgreSQL; there *may* be a problem there. If so, using base64 -- as you initially indicated you did but updated to say you didn't -- *might* be the solution. - the (private) key you are decrypting with does not match the (public) key you used to encrypt. Make sure they match. The fact that you read them from files with very different names suggests they might not match, but filenames aren't always an accurate indication of file contents. ObTopic: if you want to extract the publickey (definitively) matching an RSA privatekey, use 'openssl rsa -pubout'. Try writing a test program that just encrypts and then decrypts and make sure that works; then make it encrypt, store to db, read back, and decrypt. If you don't want to (or shouldn't) put test data in your real database, just create a test table. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
