Re: En/Decrypt Mismatch: Command-Line Tool vs. Perl's Crypt::OpenSSL
Well, I got this working, although I there are several things that don't seem to work they way they should. Short summary: Must use perl function private_encrypt() instead of sign(), even though, to generate the same signature, the command-line tool must use -sign. Must use the SHA1 digest generated by command-line tool, since $rsa_priv-use_sha1_hash() has no effect on private_encrypt(). I don't understand this well enough to say that these are bugs. More comments are in the code in case anyone is interested. Here are my revised commands/code and working results, starting with the command-line: ### # Create a private key jk$ openssl genrsa -out Test248.private.pem Generating RSA private key, 512 bit long modulus . . e is 65537 (0x10001) # Create SHA1 digest of message Bonehead. # The, write digest to file for later use by perl script. # Finally, sign the digest using the key in file Test248.private.pem # and PKCS padding. Why PKCS? See note [1]. echo -n Bonehead clearMsg.txt openssl dgst -sha1 -binary -out msgDigest clearMsg.txt cat msgDigest | openssl rsautl -pkcs -sign -inkey Test248.private.pem - hexdump - 8a c6 56 19 97 f5 e7 16-20 30 f2 2f 0e af 7c 28 0010 - df 9d cd 5a 0e b0 11 c1-cc bb f2 3b 03 87 f0 96 0020 - 0d ce b4 55 dc 69 81 bc-30 40 75 9d 74 b8 b7 bd 0030 - 3b 15 a0 5d c2 db ab 9a-8d d3 f2 4b 77 e1 e9 a1 ## Now create the same signature using a Crypt::OpenSSL in Perl: ## #!/usr/local/bin/perl -w use strict ; use warnings ; use Crypt::OpenSSL::Random ; use Crypt::OpenSSL::RSA ; # Read in key from file my $private_key_string = ; my $key_path = /Users/jk/Documents/SheepSystems/Keys/ Test248.private.pem ; open (KEY_FILE, $key_path) ; while (my $line = KEY_FILE) { $private_key_string .= $line ; } close(KEY_FILE); print Read key from file:\n$private_key_string\n ; my $rsa_priv = Crypt::OpenSSL::RSA- new_private_key($private_key_string); $rsa_priv-use_pkcs1_padding() ; =com Padding is a big mystery. The above affects encrypting with the private key but does not affect signature generation. As a matter of fact, it is necessary when using the private_encrypt() method. Without the above, private_encrypt() will fail with error. I believe the problem is that OpenSSL does not support oaep padding for signing, which is what you're doing when you encrypt with the private key, despite doc to the contrary. See note [1]. =cut # $rsa_priv-use_sha1_hash() ; # The above has no effect on the output of the # private_encrypt() method. So, I don't use it. my $output ; my $outputHex ; my $msgDigest ; my $msgDigest_path = /Users/jk/Documents/SheepSystems/Keys/msgDigest ; open (MSG_DIGEST_FH, $msgDigest_path) ; # SHA1 Digest is 20 bytes... read MSG_DIGEST_FH, $msgDigest, 20 ; close(MSG_DIGEST_FH) ; $output = $rsa_priv-private_encrypt($msgDigest); # If you use sign() instead of private_encrypt() # above you get a different output. This does not make sense # to me because I thought that signing was the same as # encrypting with the private key. $outputHex = showHex($output) ; print privately encrypted msgDigest:\n$outputHex\n ; # sub showHex is shown at the bottom of this message ## Running the above script, I get this: ## Read key from file: -BEGIN RSA PRIVATE KEY- MIIBOgIBAAJBALE2d5DpKbYxfIqv+6jYnW6DDvDyJFCdQt+s432GQsy8+ymL9DOR mPcRQfk1jas1pqtsy+GGUlYd4R1kxbBZb4UCAwEAAQJANqtw83ma7qQRoc9sucgp uUAhSd/JqDz7tnllrQHQdcyLMRSCBxvZ/i72YVixRRTHb1GVZ79iJWBmzh8ATLvj uQIhAOuYWu6Vkve+zQ4Cd5EGWpytY/Or/6ZXvQf3L9ELIB07AiEAwI+miVT8t22w Ge1IX+Q3L7lK2uBm97Pkwix9Wf7K2j8CIFUrQtQ1ZmgBpgeGhMr8zQ0O8a9JYqYz 2bZjefnMV9O5AiEAqSrKLKYcKm1To0NhLNUKYoPPLkCsVPqWgruhGDoOLfMCIE1E kpJF13Dtq3KQOsaCoXbL4vo350vkBUrSovu45/6p -END RSA PRIVATE KEY- privately encrypted msgDigest: 64 bytes: 8a c6 56 19 97 f5 e7 16 20 30 f2 2f 0e af 7c 28 df 9d cd 5a 0e b0 11 c1 cc bb f2 3b 03 87 f0 96 0d ce b4 55 dc 69 81 bc 30 40 75 9d 74 b8 b7 bd 3b 15 a0 5d c2 db ab 9a 8d d3 f2 4b 77 e1 e9 a1 ## which matches the output from the command-line openssl. Thanks for reading. If anyone can explain some of the anomalies noted, let us know. Jerry [1] The reason I used PKCS padding (-pkcs) is because if I change it to -oaep in the command-line test, I get an error message: RSA operation error error:04066076:rsa routines:RSA_EAY_PRIVATE_ENCRYPT:unknown padding type:rsa_eay.c:360: which does not make sense because my version is: Jerrys-Mac-Mini:Keys jk$ openssl OpenSSL version OpenSSL 0.9.7l 28 Sep 2006 and RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were added
En/Decrypt Mismatch: Command-Line Tool vs. Perl's Crypt::OpenSSL
I cannot get RSA-encrypted messages which I generate using Perl's Crypt::OpenSSL::RSA to decrypt using the openssl command-line tool in Mac OS X. May be something easy/stupid since I am a new openssl user. I believe that the problem is in the ENcrypting because the signatures produced are different, even though they are using: Same message Same private key Same padding (PKCS1) Same digest (SHA1) Both running on same Macintosh, presumably using the same OpenSSL version 0.9.7l library. Here are my commands/code and results, starting with the command-line: ### # Create a private key Jerrys-Mac-Mini: jk$ openssl genrsa -out Test248.private.pem Generating RSA private key, 512 bit long modulus . . e is 65537 (0x10001) # Create signature of message Bonehead using the key in file # Test248.private.pem, SHA1 digest and PKCS padding [1]: Jerrys-Mac-Mini: jk$ echo -n Bonehead \ | openssl dgst -sha1 -binary\ | openssl rsautl -pkcs -sign -inkey Test248.private.pem -hexdump - 8a c6 56 19 97 f5 e7 16-20 30 f2 2f 0e af 7c 28 ..V. 0./..|( 0010 - df 9d cd 5a 0e b0 11 c1-cc bb f2 3b 03 87 f0 96 ...Z...; 0020 - 0d ce b4 55 dc 69 81 bc-30 40 75 9d 74 b8 b7 bd ...U.i.. [EMAIL PROTECTED] 0030 - 3b 15 a0 5d c2 db ab 9a-8d d3 f2 4b 77 e1 e9 a1 ;..]...Kw... ## Now I try to create the same signature using a perl script: ## #!/usr/local/bin/perl -w use strict ; use warnings ; use Crypt::OpenSSL::Random ; use Crypt::OpenSSL::RSA ; # Read in the key file just created my $private_key_string = ; my $key_path = /Users/jk/Documents/SheepSystems/Keys/ Test248.private.pem ; open (KEY_FILE, $key_path) ; while (my $line = KEY_FILE) { $private_key_string .= $line ; } close(KEY_FILE); print Read key from file:\n$private_key_string\n ; my $rsa_priv = Crypt::OpenSSL::RSA- new_private_key($private_key_string); # Use same message, padding and digest as in the command-line test my $msg = Bonehead ; $rsa_priv-use_pkcs1_padding(); $rsa_priv-use_sha1_hash() ; my $signature = $rsa_priv-sign($msg); my $showHexSig = showHex($signature) ; print signature of 'Bonehead':\n$showHexSig\n ; # sub showHex is shown at the bottom of this message ## Running the above script, I get this: ## Read key from file: -BEGIN RSA PRIVATE KEY- MIIBOgIBAAJBALE2d5DpKbYxfIqv+6jYnW6DDvDyJFCdQt+s432GQsy8+ymL9DOR mPcRQfk1jas1pqtsy+GGUlYd4R1kxbBZb4UCAwEAAQJANqtw83ma7qQRoc9sucgp uUAhSd/JqDz7tnllrQHQdcyLMRSCBxvZ/i72YVixRRTHb1GVZ79iJWBmzh8ATLvj uQIhAOuYWu6Vkve+zQ4Cd5EGWpytY/Or/6ZXvQf3L9ELIB07AiEAwI+miVT8t22w Ge1IX+Q3L7lK2uBm97Pkwix9Wf7K2j8CIFUrQtQ1ZmgBpgeGhMr8zQ0O8a9JYqYz 2bZjefnMV9O5AiEAqSrKLKYcKm1To0NhLNUKYoPPLkCsVPqWgruhGDoOLfMCIE1E kpJF13Dtq3KQOsaCoXbL4vo350vkBUrSovu45/6p -END RSA PRIVATE KEY- signature of 'Bonehead': 64 bytes: 78 b3 43 22 4b 4b 86 7f 47 25 00 f1 62 a2 66 70 e6 7e 82 f2 7a b6 cf ff ab dd f1 8a ff 0d cf a1 b5 3d 60 dc ac 9f 6f 0c 83 b9 51 c9 ac fa 7d 15 0b cc 97 cf 99 e5 6b ee 41 f0 d1 35 a1 a0 c1 09 ## As you can see the two signatures are both 64 bytes long but do not match. What might I be missing? Thanks very much, Jerry Krinock [1] The reason I used PKCS padding (-pkcs) is because if I change it to -oaep in the command-line test, I get an error message: RSA operation error error:04066076:rsa routines:RSA_EAY_PRIVATE_ENCRYPT:unknown padding type:rsa_eay.c:360: which does not make sense because my version is: Jerrys-Mac-Mini:Keys jk$ openssl OpenSSL version OpenSSL 0.9.7l 28 Sep 2006 and RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were added in OpenSSL 0.9.2b according to documentation: http://openssl.org/docs/crypto/RSA_padding_add_PKCS1_type_1.html# [2] sub showHex { my $data = shift ; use bytes ; my $len = length($data) ; my $i ; my $show = ; for ($i=0; $i$len; $i++) { my $value = ord(substr($data, $i, 1)) ; $show .= ; $show .= sprintf(%02x, $value) ; if ((($i+1) % 16) == 0) { $show .= \n ; } } return $len bytes:\n$show ; } __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Crypt::OpenSSL
hey, Did this ever happen? I looked on CPAN a couple of days ago, but saw nothing.. Ed __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Crypt::OpenSSL Proposal
I'd like to propose a new module for perl called Crypt::OpenSSL. Sounds great! I've been waiting quite some time now for an SSL solution to use with LWP. Not having a compiler (and not having the slightest clue about C and compiling anyway), there seemed to be nothing I could do. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Crypt::OpenSSL Proposal
Help. I am still trying to find a solution for downloading files using a UNIX script (command line) from a SSL server using AIX or HPUX. I keep hearing from Microsoft admins and programmers who haven't done it that it is easy to do in UNIX. I found a script but it requires a device that does not exist on a standard UNIX setup (/dev/tcp/www.) But I have yet to find a UNIX person who has actually done a command line https download on a UNIX box. The folks who claim it is so easy are not forthcoming with a person who has acutally done it or the script to do it. I have the URL, username and password. But I have to use a web browser or a microsoft machine. I tried SSLeay but cannot get it to compile on a HPUX. -- From: Milivoj Ivkovic[SMTP:[EMAIL PROTECTED]] Sent: Thursday, February 25, 1999 2:15 PM To: Joshua Chamas; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Crypt::OpenSSL Proposal I'd like to propose a new module for perl called Crypt::OpenSSL. Sounds great! I've been waiting quite some time now for an SSL solution to use with LWP. Not having a compiler (and not having the slightest clue about C and compiling anyway), there seemed to be nothing I could do. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Crypt::OpenSSL Proposal
Keep working on getting SSLeay / OpenSSL to compile. I can then give you a patch so you can compile Crypt::SSLeay in perl... then install libwww-perl, and you can do this: lwp-request https://... lwp-request is a perl script. --Joshua "Hyatt, Daniel J" wrote: Help. I am still trying to find a solution for downloading files using a UNIX script (command line) from a SSL server using AIX or HPUX. I keep hearing from Microsoft admins and programmers who haven't done it that it is easy to do in UNIX. I found a script but it requires a device that does not exist on a standard UNIX setup (/dev/tcp/www.) But I have yet to find a UNIX person who has actually done a command line https download on a UNIX box. The folks who claim it is so easy are not forthcoming with a person who has acutally done it or the script to do it. I have the URL, username and password. But I have to use a web browser or a microsoft machine. I tried SSLeay but cannot get it to compile on a HPUX. -- From: Milivoj Ivkovic[SMTP:[EMAIL PROTECTED]] Sent: Thursday, February 25, 1999 2:15 PM To: Joshua Chamas; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Crypt::OpenSSL Proposal I'd like to propose a new module for perl called Crypt::OpenSSL. Sounds great! I've been waiting quite some time now for an SSL solution to use with LWP. Not having a compiler (and not having the slightest clue about C and compiling anyway), there seemed to be nothing I could do. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]