Thanks for your advice, by reading the key from a previously loaded
X509 object I can get it from the certificate file. But the problem
that the result of the decryption is not the same as the original data
still exists. What could be the problem? The same operation works fine
with openssl rsautl on the command-line.
Thanks and regards
Till Elsner
Am 08.04.2008 um 09:04 schrieb shankar ks:
Hi Till,
The error u got is you can not read the public key as in the
certificate it is not finding the lines as "BEGIN RSA CERTIFICATE"
so here i am giving you the code , use it directly , it will work
fine as i refined it many times ...
pubk = RSA_new();
if(pubk == NULL)
printf("error to create new RSA structure \n");
fp = fopen (recevercert, "r");
if (fp == NULL){
printf("error opening the pub file\n");
exit (1);
}
x509 = PEM_read_X509(fp, NULL, NULL, NULL);
fclose (fp);
if (x509 == NULL) {
printf("error reading the certificate \n");
ERR_print_errors_fp (stderr);
exit (1);
}
pub=X509_get_pubkey(x509);
if (pub == NULL) {
printf("error reading the public key \n");
ERR_print_errors_fp (stderr);
exit (1);
}
pubk = EVP_PKEY_get1_RSA(pub);
if(pub == NULL)
printf("error setting the public key from EVP_PKEY_set1_RSA function
\n");
----
after this you do encryption and decryption , then it will work
fine, one more thing here is you should not use RSA_encrypt or
decrypt functions for large amount of data , it is not
recommended , so u must avoid of using asymmetric alrorithems for
large amount of data or for files .. or I recommend not to use it
for any data or file except for encryption of keys only.
-- Regards
Shankar
On 4/8/08, Till Elsner <[EMAIL PROTECTED]> wrote:
Hi,
I'm trying to make an application encypting data on the server side
using a public key and decrypting it on the client side using the
related private key. Now i've run in two problems:
I have a private key and a related certificate file created from a
certificate request (CSR) and signed by an own CA. Both are created
using OpenSSL. The first problem is that I can't get the public key
out of the cerificate using PEM_read_RSA_PUBKEY. I've exported the
public key alone to a single file, from that I can load the public
key. Trying to load it from the certificate gives an "no starting
line" error.
Second, and maybe even worse, when encrypting data with the public
key using RSA_public_encrypt and again decrypting it with the
private one using RSA_private_decrypt, the decrypted data differs
widely from the original data. When I try the same using OpenSSL's
rsautl command-line tool, it works perfectly with this key pair
(public key/private key as well as certificate/private key).
Both keys and certificate are in PEM format. The certificates
signature is valid.
Could anyone give me some hint what might be going on here?
Thanks and regards
Till Elsner
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
--
--Best Regards
Shankar
