Hi there Alexey
Many people will tell you to use the EVP stuff and quite frankly, they're
most likely right. However, I've not managed to figure out the EVP stuff so
I use the public_encrypt and private_decrypt functions instead. I have
written the following functions to encapsulate the functionality I need.
Adapt them as you like :-)
void
theEncryptor::generateRSAKeyPair(int bits)
{
rsa = RSA_generate_key(bits, 65537, NULL, NULL);
}
int
theEncryptor::publicEncrypt(unsigned char* data, unsigned char*
dataEncrypted,int dataLen)
{
return RSA_public_encrypt(dataLen, data, dataEncrypted, rsa,
RSA_PKCS1_PADDING);
}
int
theEncryptor::privateDecrypt(unsigned char* dataEncrypted,
unsigned char* dataDecrypted)
{
return RSA_private_decrypt(RSA_size(rsa), dataEncrypted,
dataDecrypted, rsa, RSA_PKCS1_PADDING);
}
Then since I am receiving a public key, I have a sockets framework:
void
theEncryptor::receivePublicKeyAndSetRSA(int sock, int bits)
{
int max_hex_size = (bits / 4) + 1;
char keybufA[max_hex_size];
bzero(keybufA,max_hex_size);
char keybufB[max_hex_size];
bzero(keybufB,max_hex_size);
int n = recv(sock,keybufA,max_hex_size,0);
n = send(sock,"OK",2,0);
n = recv(sock,keybufB,max_hex_size,0);
n = send(sock,"OK",2,0);
rsa = RSA_new();
BN_hex2bn(&rsa->n, keybufA);
BN_hex2bn(&rsa->e, keybufB);
}
void
theEncryptor::transmitPublicKey(int sock, int bits)
{
const int max_hex_size = (bits / 4) + 1;
long size = max_hex_size;
char keyBufferA[size];
char keyBufferB[size];
bzero(keyBufferA,size);
bzero(keyBufferB,size);
sprintf(keyBufferA,"%s\r\n",BN_bn2hex(rsa->n));
sprintf(keyBufferB,"%s\r\n",BN_bn2hex(rsa->e));
int n = send(sock,keyBufferA,size,0);
char recBuf[2];
n = recv(sock,recBuf,2,0);
n = send(sock,keyBufferB,size,0);
n = recv(sock,recBuf,2,0);
}
Best Wishes,
Ben.
On 20 January 2010 15:14, Alexey Luchko <[email protected]> wrote:
> Hi!
>
> I'm new to openssl.
>
> I need to encrypt and decrypt approx 1k block of data with rsa.
> What is recommended api for the case?
>
> I've found RSA_public_encrypt() and RSA_private_decrypt().
> It looks like a kind of low level api.
> But here I've got a problem with OAEP padding.
>
> Another one is EVP_PKEY_encrypt() and EVP_PKEY_decrypt().
> It is of a higher level.
> It encodes and decodes correctly only one block for me,
> but looks like it could operate on block of any size.
> And I've not found any use cases with google code search.
>
> It looks like I missed smth ;)
> Any advice is very welcome!
>
>
> --
> Thanks in advance,
> Alexey
>
> sms stands for save my soul
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [email protected]
> Automated List Manager [email protected]
>
--
Ben H D Jones
www.bhjones.com
