Here's another approach for the same porpuse and it seems to work!, can you
please help me to optimize my implementation?
Thanks in advance.
void encryptThis () {
FILE *fp;
RSA *rsa_rpu=NULL;
fp = fopen([[[NSBundle mainBundle] pathForResource:@"publickey" ofType:@
"pem"]UTF8String],"r");
rsa_rpu = PEM_read_RSA_PUBKEY(fp,NULL, NULL, NULL);
if (rsa_rpu==NULL){
printf("Reading of public key failed");
}
else{
printf("Reading of public key successful");
}
const char text[] = "Aloha vengo de implementar RSA encryption!!!";
unsigned char encrypted[2560] = { 0 };
int resultEncrypt = 0;
resultEncrypt = RSA_public_encrypt ( strlen(text) + 1 , (unsigned char
*)text, encrypted, rsa_rpu, RSA_PKCS1_OAEP_PADDING );
NSLog(@"%d from encrypt.", resultEncrypt);
//This line prints 128
NSLog(@"encrypted message %i", (int)encrypted);
//Here I get a large negative number (- 974687...)
if (resultEncrypt == -1){
printf("encryption failed ");
}
else{
printf("Encryption success");
}
}
2010/7/9 Dave Thompson <dthomp...@prinpay.com>
> > From: owner-openssl-us...@openssl.org On Behalf Of Carlos Saldaña
> > Sent: Friday, 09 July, 2010 12:48
>
> > Thanks for answer Dave,
>
> > Actually what I'm trying to do is encode messages using the public
> key
> > presumably encoded in a .pem file. I checked the contents of this .pem
> file
> > and ir has the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY-----
> headers.
> > I fixed my code to take away this headers and then base64 decode the
> string.
>
> Okay, that's simple enough. Note that your security relies on the
> authenticity
> and integrity of the pubkey file -- if (any of) your users can be convinced
> to
> install/use a bogus file, their 'secret' data is exposed. If anyone besides
> you
> will use this system, make sure this limitation is acceptable to them. And
> bear
> in mind that user representatives like managers usually promise that people
> will
> follow rules perfectly, and those promises are almost always broken.
>
> > I'm new to this technology of using openssl and using certificates,
> this is
> > the code I've buit, so far I don't get any RSA object from the
> d2i_RSAPublicKey function:
>
> <snip: get publickey.pem, trim whitespace, drop BEGIN/END lines, trim
> again>
>
> looks reasonable to me; I don't know ObjC/NS details but I assume you can
> see with a debugger that this produces the correct string in memory
>
> > const char *base64Text = [unlabeledEndPemString
> cStringUsingEncoding:[NSString defaultCStringEncoding]];
> > char *unBase64Text = unbase64((unsigned char *)base64Text,
> strlen(base64Text));
>
> > //Create a new RSA instance
> > int dataLengt = strlen(unBase64Text);
> > RSA *anRSA = d2i_RSAPublicKey(0, (unsigned char **)&unBase64Text,
> dataLengt);
>
> As I mostly said before:
>
> 1. unbase64 of a .pem file body block gives DER which is binary data
> containing zero/nulls and strlen will not give the correct length.
> (And if you don't give the correct length OpenSSL can't decode it.)
>
> 2. It's better to treat DER as unsigned char (as you do for the
> plaintext and ciphertext below). C will mostly let you 'cheat' on
> signed/unsigned/plain, but DER data is in fact unsigned bytes.
>
> 3. The contents of a BEGIN/END PUBLIC KEY are NOT an RSAPublicKey object.
> They are a PublicKeyInfo object CONTAINING a (labelled) RSAPublicKey.
> OpenSSL can only decode a DER if you tell it the correct type.
> See below.
>
> > unsigned char cleartext[2560] = "A";
> > unsigned char encrypted[2560] = { 0 };
> > int resultEncrypt = 0;
> > NSLog(@"here");
> > resultEncrypt = RSA_public_encrypt ( 1 , cleartext, encrypted,
> anRSA, RSA_PKCS1_OAEP_PADDING );
> > NSLog(@"%d from encrypt.", resultEncrypt);
>
> The (raw) result of RSA encryption is as big as the key size.
> Key sizes > 2560 are possible though unusual. To avoid buffer overflow
> and possible exploit of your system, you should either check that the
> size of the key you read is not too big, or allocate the output buffer
> using the actual key size.
>
> > Well, after all this the long question I think is: am I calling
> > the right functions to encrypt and send back a message using the public
> key
> > that's inside a .pem file?
>
> Once you get the key correctly it should encrypt. Direct RSA encryption
> with OAEP is limited to 'message' sizes of the key size minus about 200
> bits
>
> (I don't remember the exact number but you'll get an error when you hit
> it).
> For most schemes for most people this is unacceptable and the usual
> practice
>
> is to encrypt the data with a symmetric cipher (e.g. AES) under a random
> key
>
> (called Data Encrypting Key, DEK) and encrypt and transport that DEK under
> under the RSA key (Key Encrypting Key, KEK) and transport with the data.
> The approach you are using works if both/all ends agree, but you probably
> won't interoperate with anybody else.
>
> > Thanks in advance.
>
> > 2010/7/8 Dave Thompson <dthomp...@prinpay.com>
>
> > Even if unBase64Text for dataLength is correctly the
> unbase64-ed data,
> > it is *very* unlikely you have a file containing an
> RSAPublicKey structure.
> > Openssl normally uses files containing a X.509 cert which
> contains a publickey
> > for any of several algorithms, possibly with
> algorithm-dependent parameters;
>
> This part didn't apply to your case.
>
> > or a "PubKeyInfo" structure which does similarly. For the
> latter you should
> > use d2i_PUBKEY[_*] to get a generic EVP structure and then
> get the RSA part
> > if necessary -- or just use the openssl EVP routines which
> take it as-is --
> > or use d2i_RSA_PUBKEY[_*] which just does those two for
> you.
>
> This part did. Except maybe the middle point -- I don't think there are
> EVP wrappings for just-RSA.
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
--
Saludos
Carlos Saldaña Garcia
TSU en Tecnologías de la Información y Comunicación
