Re: Can I use my own keys with openssl for RSA enc/dec ??

Tue, 10 Jul 2007 21:36:18 -0700 

Hi

Many many thanks for your reply Marek.

It seems my public key is not in proper format.

The output of "openssl asn1parse" for my key is as follows - 

[EMAIL PROTECTED] test]$ ./openssl asn1parse -in pub.pem
    0:d=0  hl=2 l=   2 prim: OBJECT            :0.0.0
Error in encoding
1494:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too 
long:asn1_lib.c:150:

So does that mean I need to use another key ??

Isnt there any mechanism to convert it into a proper format i.e. to 
SubjectPublicKeyInfo ??

Thanx,
Bibhuti


Marek Marcola <[EMAIL PROTECTED]> wrote: Hello,
> Can anybody help me out please ?
> I get an error saying "unable to load Public Key" when I use my own
> keys.
> Is it that there is a problem with the key ?? with the format ?? with
> the header ?? anything else ??
....
>         
>         I am a newbie here and I therefore may sound very stupid
>         too :)
>         
>         I am trying to use openssl for encryption using RSA algorithm.
>         I want to know whether I can use my own keys for doing this.
>         If yes, then how ?
>         
>         I created a file public.pem and stored my public key in this
>         in PEM format.
>         Now when I do "openssl rsautl -encrypt -inkey public.pem
>         -pubin -in inputfile -out outputfile", I get the error saying
>         "unable to load Public Key" which means PEM_read_bio_PUBKEY()
>         returns NULL.
Yes, you can but you should have your public key in proper format.
For example:

1) Generate RSA key:
   $ openssl genrsa -out key.pem 1024
   $ openssl rsa -in key.pem -text -noout

2) Save public key in pub.pem file:
   $ openssl rsa -in key.pem -pubout -out pub.pem
   $ openssl rsa -in pub.pem -pubin -text -noout

3) Encrypt some data:
   $ echo test test test > file.txt
   $ openssl rsautl -encrypt -inkey pub.pem -pubin -in file.txt \
 -out file.bin
   $ ll file.bin
   -rw-r--r-- 1 root root 128 2007-07-11 01:58 file.bin

4) Decrypt encrypted data:
   $ openssl rsautl -decrypt -inkey key.pem -in file.bin
   test test test

But you should have public key in so called SubjectPublicKeyInfo format
(look at RFC2459).
You can look at ASN.1 structure of public key with command:
  $ openssl asn1parse -in pub.pem
    0:d=0  hl=3 l= 159 cons: SEQUENCE
    3:d=1  hl=2 l=  13 cons: SEQUENCE
    5:d=2  hl=2 l=   9 prim: OBJECT            :rsaEncryption
   16:d=2  hl=2 l=   0 prim: NULL
   18:d=1  hl=3 l= 141 prim: BIT STRING

Best regards,
-- 
Marek Marcola 

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]


       
---------------------------------
Choose the right car based on your needs.  Check out Yahoo! Autos new Car 
Finder tool.

Reply via email to