Re: Re: creating RSA private/public key pair
Hi, Check out following functions... i2d_RSAPublicKey() and d2i_RSAPublicKey() hope this helps, Manish -- Manish Chablani ([EMAIL PROTECTED]), Graduate Student, Computer Science Department, Indiana University. Make today a LAM/MPI day !!! http://www.lam-mpi.org/ -- Date: 23 Jul 2002 23:31:05 - MIME-Version: 1.0 From: ganesh kumar godavari [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: Aleix Conchillo [EMAIL PROTECTED] Subject: Re: Re: creating RSA private/public key pair Hi Alex, thanks for the help now i am able to encrypt and decrypt them using public and private keys. i have one more question. i want to send the public key of the client to the server for authentication. is there any way i can print the RSA public key into a string so that i can send them over the sockets? i cannot find any functions for printing the RSA public key into a string. enclosing my code below Thanks a ton, ganesh #include stdio.h #include openssl/rsa.h #include openssl/pem.h RSA * readPubKey(char *filename) { RSA *key; BIO *bp; ERR_load_crypto_strings(); bp=BIO_new(BIO_s_file()); if (BIO_read_filename(bp,filename) = 0) { perror(ERROR: public.pem); exit(0); } if ((key=(RSA *)PEM_read_bio_RSA_PUBKEY(bp,NULL,NULL,NULL)) == NULL) { ERR_print_errors_fp(stderr); key = NULL; } BIO_free(bp); return key; } RSA * readPrivKey(char *filename) { RSA *key; BIO *bp; SSLeay_add_all_algorithms(); ERR_load_PEM_strings(); bp=BIO_new(BIO_s_file()); if (BIO_read_filename(bp,filename) = 0) { perror(ERROR: rsakey.pem); exit(0); } if ((key=(RSA *)PEM_read_bio_RSAPrivateKey(bp,NULL,NULL,NULL)) == NULL) { ERR_print_errors_fp(stderr); key = NULL; } BIO_free(bp); return key; } int main(void) { RSA *pubkey; RSA *privkey; unsigned char *message= Howdy ganesh talking on behalf of zeewaves !! can u hear me now !!; unsigned char *encryptmess, *decryptmess; int long_message; pubkey = readPubKey(public.pem); privkey = readPrivKey(private.pem); printf(size of (in byte)s pu:pr :: %d:%d\n, RSA_size(pubkey),RSA_size(privkey)); /* Encrypt the message */ encryptmess= (unsigned char *) malloc (RSA_size(pubkey)); long_message= (strlen(message)*sizeof(char)+1); RSA_public_encrypt(long_message, message, encryptmess, pubkey, RSA_PKCS1_OAEP_PADDING); /* decrypt the original message */ decryptmess= (unsigned char *) malloc(RSA_size(privkey)); RSA_private_decrypt(RSA_size(privkey), encryptmess, decryptmess, privkey, RSA_PKCS1_OAEP_PADDING); printf ( message %s\n decrypt %s\n, message, decryptmess); } On Tue, 23 Jul 2002 Aleix Conchillo wrote : On 23 Jul 2002 17:44:15 -, ganesh kumar godavari wrote: hello group, i have create RSA private key using openssl genrsa -out KEY.pem 1024 openssl rsa -in KEY.pem -out private.pem openssl rsa -in KEY.pem -pubout -out public.pem hi first, you don't need to call openssl rsa -in KEY.pem -out private.pem the first command genrsa generates a private key already, so you'll have: openssl genrsa -out private.pem 1024 openssl rsa -in private.pem -pubout -out public.pem i try to read the public.pem the following way [snip] if ((x=(RSA *)PEM_read_RSAPublicKey(fp,NULL, NULL,NULL)) != NULL) [snip] it gives me an error saying that that's because there's two ways to read public keys. a public key can be rsa, dsa and dh (may be more in openssl i don't remember now). with the function PEM_read_RSAPublicKey OpenSSL is expecting a concrete RSA Public key which will have in the header of the PEM file -BEGIN RSA PUBLIC KEY- instead of -BEGIN PUBLIC KEY- if you'd like to load an RSA key with the BEGIN PUBLIC KEY header, you should use PEM_read_RSA_PUBKEY function instead of the one you use. this header will be common for dsa, rsa and dh keys. uppps... got to catch the bus. hope this helps you. regards, aleix __ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List
Re: an advise
Hi, I am a newbie to security and SSL.. but thought this could help.. ( I am not sure if I am answering your question) RSA_blinding_on() takes care of the attack which measures the encryption and decryption time taken by RSA. hope this will be of some help, Manish Date: Mon, 15 Jul 2002 16:08:22 -0700 (PDT) From: Shalendra Chhabra [EMAIL PROTECTED] Subject: an advise To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] MIME-Version: 1.0 X-Sender: Shalendra Chhabra [EMAIL PROTECTED] X-List-Manager: OpenSSL Majordomo [version 1.94.4] X-List-Name: openssl-users X-Perlmx-Spam: Gauge=, Probability=0%, Report= X-Keywords: Just a short piece of information will help me in my student life Paul kocher had discovered Timing analysis attack on Implementations of Public Key Cryptosystems like Diffie Hellman , RSA etc and also Paul was one of the designer of SSL 3.0 specifictations I just wanted to ask this: when Paul had designed SSL 3.0 Spec, was the attack taken into account? In short please help me reaching the conclusion that Is SSL 3.0/TLS susceptible to Pauls Timing Analysis Attack??? Please Reply@Earliest Thanks Shalendra __ Do You Yahoo!? Yahoo! Autos - Get free new car price quotes http://autos.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -- Manish Chablani ([EMAIL PROTECTED]), Graduate Student, Computer Science Department, Indiana University -- __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
encrypting with rsa public key..
Hi, In my c code I am sending the rsa public key from A (which generated the RSA key pair) to B. B now tries to encrypt a message with the public key received from A and send the encryted message to A and A decrypts it with the private key of the RSA key pair it generated. Now the problem is that I cannot encrypt the message at B with the received public key (it gives seg fault). Is it possible to do what I have mentioned ? can you tell me where am I going wrong ? Here is the snippet of my code... - A - if ((rsa=RSA_generate_key(NUM_BITS,RSA_F4,NULL,NULL))==NULL) { perror(RSA key generation failed); } /* Save the public and private keys into the char array */ p = ki_pub; ki_pub_len = i2d_RSAPublicKey(rsa,p); printf(Length of public key is %d\n,ki_pub_len); p = ki_pri; ki_pri_len = i2d_RSAPrivateKey(rsa,p); printf(Length of private key is %d\n,ki_pri_len); /* Find out the length that can be encoded by RSA */ rsa_msg_len = RSA_size(rsa); printf(Max encoding length is %d\n,rsa_msg_len); /* send ki_pub_len to B */ ... /* send ki_pub to B */ ... /* send rsa_msg_len to B */ ... --- B --- /* receive ki_pub_len */ ... /* receive ki_pub */ ... /* put the ki_pub into pub_rsa */ p = ki_pub; pub_rsa = d2i_RSAPublicKey(NULL, p, (long)ki_pub_len); /* receive rsa_msg_len */ ... /* Encrypt message */ encrypt_len = RSA_public_encrypt(msg_len, unencrypted_mesg, encrypted_mesg, pub_rsa, RSA_PKCS1_OAEP_PADDING); RSA_public_encrypt() segfaults at B. help appreciated, thanks, Manish -- Manish Chablani ([EMAIL PROTECTED]), Graduate Student, Computer Science Department, Indiana University -- __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: RSA public and private key lengths (newbie question)
Hi, Thanks a lot for the reply. I have one more question. The private key contains all the RSA key data whereas the public key contains just the public components. So yes, this is normal. Cheers, Geoff Since public key contains only the public components is it possible to encrypt a message using RSA_public_encrypt() with a RSA struct having just the public key i.e. RSA struct obtained from rsa = d2i_RSAPublicKey(..) Thanks, Manish -- Manish Chablani ([EMAIL PROTECTED]), Graduate Student, Computer Science Department, Indiana University -- __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RSA public and private key lengths (newbie question)
Hi, Here is the snippet of my code which generates RSA key pair and then saves the public and private keys in character buffer. However the output shows the public key and private keys are of different sizes.. I was under the impression that pub and priv keys are of same sizes.. is my understanding wrong or some problem with my code ? Here is the code snippet.. /**/ #define NUM_BITS 1024 #define RSA_F4 0x10001 RSA *rsa; unsigned char ki_pub[1024]; /* Public Key generated by lamboot */ unsigned char ki_pri[1024]; /* corresponding Private Key generated by lamboot */ unsigned char *p; int ki_pub_len; /* length of public key */ int ki_pri_len; /* length of private key */ /* Set up the initial RSA key pair ki */ if ((rsa=RSA_generate_key(NUM_BITS,RSA_F4,NULL,NULL))==NULL) { perror(RSA key generation failed); } /* Save the public and private keys into the char array */ p = ki_pub; ki_pub_len = i2d_RSAPublicKey(rsa,p); printf(Length of public key is %d\n,ki_pub_len); p = ki_pri; ki_pri_len = i2d_RSAPrivateKey(rsa,p); printf(Length of private key is %d\n,ki_pri_len); // The output generated is: Length of public key is 140 Length of private key is 609 Is this output correct ?? am I missing something ? Manish. -- Manish Chablani ([EMAIL PROTECTED]), Graduate Student, Computer Science Department, Indiana University -- __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Need help
Hi, Try using pod2text, pod2man, ... to convert the .pod files to the format required by you.. cheers, Manish -- Manish Chablani ([EMAIL PROTECTED]), Graduate Student, Computer Science Department, Indiana University -- On Wed, 3 Jul 2002, Igor A Belyaev wrote: Hi! I have one question for you. I have got a source of the OpenSSL v0.9.6d. But I can't read it's documentation in the /DOC subdirectory (*.pod files). What have I use to read this files? Regards ahead. Igor Belyaev __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
help needed regarding RSA key generation.
Hi, I am new to openSSL. I want to use openSSL to provide cryptographic functions like (key generation, encryption with public key, signing with private key, MD5 calculation) i.e. basically I want to use OpenSSL's Crypto library. I am trying to add authentication/security in MPI implementation. I am having problems getting started. For example how do I generate a RSA public key, private key pair from within my C program. I looked at the API for rsa, its given below RSA *RSA_generate_key(int num, unsigned long e, void (*callback)(int,int,void *), void *cb_arg); but I dont want to decide the args to be passed to this API. I just want to generate random rsa key pair. Please help. Also if you can point me to some documentation or brief tutorial on using the crypto library it will be great. Thanks, Manish - Manish Chablani, Graduate Student, Computer Science Department, Indiana University - __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: help needed regarding RSA key generation.
On Thu, 27 Jun 2002, Vadim Fedukovich wrote: On Wed, Jun 26, 2002 at 07:35:59PM -0500, Manish Ramesh Chablani wrote: Hi, I am new to openSSL. I want to use openSSL to provide cryptographic functions like (key generation, encryption with public key, signing with private key, MD5 calculation) i.e. basically I want to use OpenSSL's Crypto library. I am trying to add authentication/security in MPI implementation. I am having problems getting started. For example how do I generate a RSA public key, private key pair from within my C program. I looked at the API for rsa, its given below RSA *RSA_generate_key(int num, unsigned long e, void (*callback)(int,int,void *), void *cb_arg); but I dont want to decide the args to be passed to this API. I just want to generate random rsa key pair. would you like it of random size? Or maybe 1024-bits? I would like 1024 bits for first argument. But what should I pass as remaining arguments ? Also do I have to set up random seed before I generate keys ? Thanks, Manish Please help. Also if you can point me to some documentation or brief tutorial on using the crypto library it will be great. Thanks, Manish - Manish Chablani, Graduate Student, Computer Science Department, Indiana University - __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]