Openssl RSA public encryption problem

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Sieira
    New Member
    • May 2007
    • 31
    #1

    Openssl RSA public encryption problem

    Hello, I'm having a problem with the code below, I've spent the last two days checking it, but somehow, I cannot see where my mistake is. It's a simple function which objective is to wrap OpenSSL's RSA_public_encr ypt taking two bignums (modulus and exponent) instead of an RSA key.

    About the other two functions, only have test purposes.

    I'd also like to find some good documentation of OpenSSL, since the UNIX manpages are not as good as should (at least at this level where I try to handle RSA structure internally).

    Thanks for your time

    Code:
    full code removed
    Last edited by sicarie; Jul 8 '08, 01:22 AM. Reason: Full code removed per Posting Guidelines, please post the specific snippett causing the issue
    Tags: None
    • arnaudk
      Contributor
      • Sep 2007
      • 425
      #2
      What exactly is the error which you are having, a run-time or compile-time error, a numerical error? Have you tried to remove all functionality from your function other than returning something of the type it promises to return? Do you still get errors then?

        Comment

        • Sieira
          New Member
          • May 2007
          • 31
          #3
          Sorry, I forgot that point. I'm getting a different result on each encryption of the same string, some kind of memory corruption, something must be wrong with the initialisations of bignums, or the key, I guess

            Comment

            • Sieira
              New Member
              • May 2007
              • 31
              #4
              So, trying again, the function bellow doesn't work.

              It is, as explained before, a function to wrap OpenSSL's RSA_public_encr ypt function.

              Output parameter "encrypted" , which is an (unsigned char *), gets different values each time the function is called.

              This behaviour is the same inside the function (i.e. if i print it's value inside it, instead after calling it)

              [CODE=C]
              short crypto_RSAEncry ption(
              BIGNUM *modulus,
              BIGNUM *exponent,
              unsigned char *plain,
              int len,
              unsigned char *encrypted)
              {
              int encryptedlen = 0;
              RSA *rsaPubkey = NULL;

              /** Se contruye la clave pública */
              rsaPubkey = RSA_new();

              rsaPubkey->n = BN_new();
              BN_copy(rsaPubk ey->n,modulus);

              rsaPubkey->e = BN_new();
              BN_copy(rsaPubk ey->e,exponent);

              rsaPubkey->iqmp=NULL;
              rsaPubkey->d=NULL;
              rsaPubkey->p=NULL;
              rsaPubkey->q=NULL;
              rsaPubkey->dmp1=NULL;
              rsaPubkey->dmq1=NULL;

              if(len>RSA_size (rsaPubkey)-11){
              fprintf(stderr, "La longitud de la cadena a cifrar (%d) no debe exceder los (%d) bytes para esta clave\n",len,RS A_size(rsaPubke y)-11);
              return CRYPTO_IDERROR;
              }

              /* Se cifra */
              if((encryptedle n = RSA_public_encr ypt(len,plain,e ncrypted,rsaPub key,RSA_PKCS1_P ADDING)) <= 0){
              fprintf(stderr, "%s\n",ERR_erro r_string(ERR_ge t_error(),NULL) );
              }

              /* Se libera el espacio ocupado por la clave */
              RSA_free(rsaPub key);

              return encryptedlen;
              }
              [/CODE]

              (Isn't it possible for me to edit the first post?, I can't see the way if any)

                Comment

                • Laharl
                  Recognized Expert Contributor
                  • Sep 2007
                  • 849
                  #5
                  You can only edit for an hour after the initial post, I'm afraid, unless you can convince a moderator to do it, which seems unlikely since it was a mod that edited it in the first place.

                    Comment

                    • Sieira
                      New Member
                      • May 2007
                      • 31
                      #6
                      Finally, I've solved it.

                      The solution is not to change it at all, the function was working properly, I just didn't know a thing about "padding", so I expected to have always the same output for the same input.

                      Approximately this was my problem:

                      It can be dangerous to use RSA with short strings, because blocks (modulus,input and output) have to be the same length, so when input is shorter it gets filled with zeros, and encryption can become predictable, so padding fills the string (I don't know how) with a tile of randomly generated cyphers, and the string becomes obfuscated again.

                      +************** **************+
                      + SOLVED +
                      +************** **************+

                        Comment

                        Previous template Next
                        Working...