Hi Till,
The error u got is you can not read the public key as in the certificate it
is not finding the lines as "BEGIN RSA CERTIFICATE"
so here i am giving you the code , use it directly , it will work fine as i
refined it many times ...
pubk = RSA_new();
if(pubk == NULL)
printf("error to create new RSA structure \n");
fp = fopen (recevercert, "r");
if (fp == NULL){
printf("error opening the pub file\n");
exit (1);
}
x509 = PEM_read_X509(fp, NULL, NULL, NULL);
fclose (fp);
if (x509 == NULL) {
printf("error reading the certificate \n");
ERR_print_errors_fp (stderr);
exit (1);
}
pub=X509_get_pubkey(x509);
if (pub == NULL) {
printf("error reading the public key \n");
ERR_print_errors_fp (stderr);
exit (1);
}
pubk = EVP_PKEY_get1_RSA(pub);
if(pub == NULL)
printf("error setting the public key from EVP_PKEY_set1_RSA function \n");
----
after this you do encryption and decryption , then it will work fine, one
more thing here is you should not use RSA_encrypt or decrypt functions for
large amount of data , it is not recommended , so u must avoid of using
asymmetric alrorithems for large amount of data or for files .. or I
recommend not to use it for any data or file except for encryption of keys
only.
-- Regards
Shankar
On 4/8/08, Till Elsner <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> I'm trying to make an application encypting data on the server side using
> a public key and decrypting it on the client side using the related private
> key. Now i've run in two problems:
> I have a private key and a related certificate file created from a
> certificate request (CSR) and signed by an own CA. Both are created using
> OpenSSL. The first problem is that I can't get the public key out of the
> cerificate using PEM_read_RSA_PUBKEY. I've exported the public key alone to
> a single file, from that I can load the public key. Trying to load it from
> the certificate gives an "no starting line" error.
> Second, and maybe even worse, when encrypting data with the public key
> using RSA_public_encrypt and again decrypting it with the private one using
> RSA_private_decrypt, the decrypted data differs widely from the original
> data. When I try the same using OpenSSL's rsautl command-line tool, it works
> perfectly with this key pair (public key/private key as well as
> certificate/private key).
> Both keys and certificate are in PEM format. The certificates signature is
> valid.
> Could anyone give me some hint what might be going on here?
>
> Thanks and regards
> Till Elsner
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager [EMAIL PROTECTED]
>
--
--Best Regards
Shankar
