Here's another approach for the same porpuse and it seems to work!, can you please help me to optimize my implementation? Thanks in advance.
void encryptThis () { FILE *fp; RSA *rsa_rpu=NULL; fp = fopen([[[NSBundle mainBundle] pathForResource:@"publickey" ofType:@ "pem"]UTF8String],"r"); rsa_rpu = PEM_read_RSA_PUBKEY(fp,NULL, NULL, NULL); if (rsa_rpu==NULL){ printf("Reading of public key failed"); } else{ printf("Reading of public key successful"); } const char text[] = "Aloha vengo de implementar RSA encryption!!!"; unsigned char encrypted[2560] = { 0 }; int resultEncrypt = 0; resultEncrypt = RSA_public_encrypt ( strlen(text) + 1 , (unsigned char *)text, encrypted, rsa_rpu, RSA_PKCS1_OAEP_PADDING ); NSLog(@"%d from encrypt.", resultEncrypt); //This line prints 128 NSLog(@"encrypted message %i", (int)encrypted); //Here I get a large negative number (- 974687...) if (resultEncrypt == -1){ printf("encryption failed "); } else{ printf("Encryption success"); } } 2010/7/9 Dave Thompson <dthomp...@prinpay.com> > > From: owner-openssl-us...@openssl.org On Behalf Of Carlos Saldaña > > Sent: Friday, 09 July, 2010 12:48 > > > Thanks for answer Dave, > > > Actually what I'm trying to do is encode messages using the public > key > > presumably encoded in a .pem file. I checked the contents of this .pem > file > > and ir has the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- > headers. > > I fixed my code to take away this headers and then base64 decode the > string. > > Okay, that's simple enough. Note that your security relies on the > authenticity > and integrity of the pubkey file -- if (any of) your users can be convinced > to > install/use a bogus file, their 'secret' data is exposed. If anyone besides > you > will use this system, make sure this limitation is acceptable to them. And > bear > in mind that user representatives like managers usually promise that people > will > follow rules perfectly, and those promises are almost always broken. > > > I'm new to this technology of using openssl and using certificates, > this is > > the code I've buit, so far I don't get any RSA object from the > d2i_RSAPublicKey function: > > <snip: get publickey.pem, trim whitespace, drop BEGIN/END lines, trim > again> > > looks reasonable to me; I don't know ObjC/NS details but I assume you can > see with a debugger that this produces the correct string in memory > > > const char *base64Text = [unlabeledEndPemString > cStringUsingEncoding:[NSString defaultCStringEncoding]]; > > char *unBase64Text = unbase64((unsigned char *)base64Text, > strlen(base64Text)); > > > //Create a new RSA instance > > int dataLengt = strlen(unBase64Text); > > RSA *anRSA = d2i_RSAPublicKey(0, (unsigned char **)&unBase64Text, > dataLengt); > > As I mostly said before: > > 1. unbase64 of a .pem file body block gives DER which is binary data > containing zero/nulls and strlen will not give the correct length. > (And if you don't give the correct length OpenSSL can't decode it.) > > 2. It's better to treat DER as unsigned char (as you do for the > plaintext and ciphertext below). C will mostly let you 'cheat' on > signed/unsigned/plain, but DER data is in fact unsigned bytes. > > 3. The contents of a BEGIN/END PUBLIC KEY are NOT an RSAPublicKey object. > They are a PublicKeyInfo object CONTAINING a (labelled) RSAPublicKey. > OpenSSL can only decode a DER if you tell it the correct type. > See below. > > > unsigned char cleartext[2560] = "A"; > > unsigned char encrypted[2560] = { 0 }; > > int resultEncrypt = 0; > > NSLog(@"here"); > > resultEncrypt = RSA_public_encrypt ( 1 , cleartext, encrypted, > anRSA, RSA_PKCS1_OAEP_PADDING ); > > NSLog(@"%d from encrypt.", resultEncrypt); > > The (raw) result of RSA encryption is as big as the key size. > Key sizes > 2560 are possible though unusual. To avoid buffer overflow > and possible exploit of your system, you should either check that the > size of the key you read is not too big, or allocate the output buffer > using the actual key size. > > > Well, after all this the long question I think is: am I calling > > the right functions to encrypt and send back a message using the public > key > > that's inside a .pem file? > > Once you get the key correctly it should encrypt. Direct RSA encryption > with OAEP is limited to 'message' sizes of the key size minus about 200 > bits > > (I don't remember the exact number but you'll get an error when you hit > it). > For most schemes for most people this is unacceptable and the usual > practice > > is to encrypt the data with a symmetric cipher (e.g. AES) under a random > key > > (called Data Encrypting Key, DEK) and encrypt and transport that DEK under > under the RSA key (Key Encrypting Key, KEK) and transport with the data. > The approach you are using works if both/all ends agree, but you probably > won't interoperate with anybody else. > > > Thanks in advance. > > > 2010/7/8 Dave Thompson <dthomp...@prinpay.com> > > > Even if unBase64Text for dataLength is correctly the > unbase64-ed data, > > it is *very* unlikely you have a file containing an > RSAPublicKey structure. > > Openssl normally uses files containing a X.509 cert which > contains a publickey > > for any of several algorithms, possibly with > algorithm-dependent parameters; > > This part didn't apply to your case. > > > or a "PubKeyInfo" structure which does similarly. For the > latter you should > > use d2i_PUBKEY[_*] to get a generic EVP structure and then > get the RSA part > > if necessary -- or just use the openssl EVP routines which > take it as-is -- > > or use d2i_RSA_PUBKEY[_*] which just does those two for > you. > > This part did. Except maybe the middle point -- I don't think there are > EVP wrappings for just-RSA. > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > -- Saludos Carlos Saldaña Garcia TSU en Tecnologías de la Información y Comunicación