Re: Convert symmetrically encrypted content to base64
On Fri, 24 Aug 2012 15:54:50 -0400 Dave Thompson wrote: Note OpenSSL's RSA privatekey *includes* publickey. RSA publickey is n,e and naive privatekey is n,d, but OpenSSL privatekey is CRT form with n,d,e,p,q + more. There is no need to transmit the publickey separately, [..] Tiny aside: BIO_new_mem_buf will do the strlen() for you if you pass -1 for length. Just a convenience. [..] If PEM_read_* returns null (or nearly any other OpenSSL routine returns a failure indication), look at the error queue. http://www.openssl.org/support/faq.html#PROG6 and #PROG7 also if you don't get readable error. If they didn't, look very carefully at your PEM data. Commandline can do this: openssl asn1parse -in myprivkey.pem and/or: openssal rsa -in myprivkey.pem -text Thanks for your hints. After a lot of testing I figured out that my functions pem2key() and key2pem() works fine. The problem is that I lose some characters (e.g. '+' gets replaced by spaces) while sending the key over the network. But I think this problem don't belong to the mailing list. ;-) Thanks a lot! Björn -- Björn Schießle bjo...@schiessle.org www: http://schiessle.org gnupg key: 0x0x2378A753E2BF04F6 fingerprint: 244F CEB0 CB09 9524 B21F B896 2378 A753 E2BF 04F6 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Convert symmetrically encrypted content to base64
Hi Bjoern,
please see my comments below:
(rather Qt and memory related)
On Thu, Aug 23, 2012 at 03:12:55PM +0200, Bjoern Schiessle wrote:
QMapQString, QString Encryption::key2pem(RSA *rsa, QString password)
{
QMapQString, QString keypair;
BUF_MEM *bptr;
BIO *pubBio = BIO_new(BIO_s_mem());
BIO *privBio = BIO_new(BIO_s_mem());
PEM_write_bio_RSA_PUBKEY(pubBio, rsa);
PEM_write_bio_RSAPrivateKey(privBio, rsa, EVP_aes_128_cfb(),NULL,
0, 0, password.toLocal8Bit().data());
The following block can be simplified:
BIO_get_mem_ptr(pubBio, bptr);
char *pubKey = (char *)malloc(bptr-length+1);
memcpy(pubKey, bptr-data, bptr-length);
pubKey[bptr-length] = 0;
BIO_get_mem_ptr(pubBio, bptr);
keypair[publickey] = QString::fromAscii(bptr-data, bptr-length);
BIO_get_mem_ptr(privBio, bptr);
char *privKey = (char *)malloc(bptr-length+1);
memcpy(privKey, bptr-data, bptr-length);
privKey[bptr-length] = 0;
BIO_get_mem_ptr(privBio, bptr);
keypair[privatekey] = QString::fromAscii(bptr-data, bptr-length);
keypair[privatekey] = QString(privKey);
keypair[publickey] = QString(pubKey);
/* this would be required in your code */
free(privKey);
free(pubKey);
Cheers
Christian
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: Convert symmetrically encrypted content to base64
Hi Christian,
On Fri, 24 Aug 2012 08:11:25 +0200 Christian Hohnstaedt wrote:
please see my comments below:
(rather Qt and memory related)
Thank you for your feedback. Now I'm trying the implement the function
which does exactly the opposite: Take the public and private key in
the PEM format from the server and import it in a RSA structure:
void Encryption::pem2key(QString publickey, QString privatekey, QString
password)
{
BIO *pubBio = BIO_new_mem_buf(publickey.toLocal8Bit().data(),
strlen(publickey.toLocal8Bit().data()));
BIO *privBio = BIO_new_mem_buf(privatekey.toLocal8Bit().data(),
strlen(privatekey.toLocal8Bit().data()));
RSA *rsa = RSA_new();
PEM_read_bio_RSAPublicKey(pubBio, rsa, 0, NULL);
PEM_read_bio_RSAPrivateKey(privBio, rsa, 0, password.toLocal8Bit().data());
Keymanager::Instance()-setRSAkey(rsa);
BIO_free_all(pubBio);
BIO_free_all(privBio);
}
The program compiles and run without a problem. But if I call the
key2pem() function with the newly imported RSA key. I get two quite
short keys back (only half a line of data). So something seems to go
wrong during import of the PEM encoded keys.
Any idea what I'm doing wrong in the pem2key() function?
Thanks!
Björn
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
RE: Convert symmetrically encrypted content to base64
From: owner-openssl-us...@openssl.org On Behalf Of Bjoern Schiessle
Sent: Friday, 24 August, 2012 12:14
snip Now I'm trying the implement the function
which does exactly the opposite: Take the public and private key in
the PEM format from the server and import it in a RSA structure:
Note OpenSSL's RSA privatekey *includes* publickey.
RSA publickey is n,e and naive privatekey is n,d,
but OpenSSL privatekey is CRT form with n,d,e,p,q + more.
There is no need to transmit the publickey separately,
(Not for DH or ECDH, though.)
void Encryption::pem2key(QString publickey, QString
privatekey, QString password)
{
BIO *pubBio =
BIO_new_mem_buf(publickey.toLocal8Bit().data(),
strlen(publickey.toLocal8Bit().data()));
BIO *privBio =
BIO_new_mem_buf(privatekey.toLocal8Bit().data(),
strlen(privatekey.toLocal8Bit().data()));
Tiny aside: BIO_new_mem_buf will do the strlen() for you
if you pass -1 for length. Just a convenience.
RSA *rsa = RSA_new();
PEM_read_bio_RSAPublicKey(pubBio, rsa, 0, NULL);
PEM_read_bio_RSAPrivateKey(privBio, rsa, 0,
password.toLocal8Bit().data());
Keymanager::Instance()-setRSAkey(rsa);
BIO_free_all(pubBio);
BIO_free_all(privBio);
}
The program compiles and run without a problem. But if I call the
key2pem() function with the newly imported RSA key. I get two quite
short keys back (only half a line of data). So something seems to go
wrong during import of the PEM encoded keys.
Any idea what I'm doing wrong in the pem2key() function?
If PEM_read_* returns null (or nearly any other OpenSSL
routine returns a failure indication), look at the error queue.
http://www.openssl.org/support/faq.html#PROG6
and #PROG7 also if you don't get readable error.
If they didn't, look very carefully at your PEM data.
Commandline can do this: openssl asn1parse -in myprivkey.pem
and/or: openssal rsa -in myprivkey.pem -text
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: Convert symmetrically encrypted content to base64
Hi,
I think I did it way too complicated. I think the problem was that I
always tried to mimic some openssl php code I know, but I think the
solution I have now is much easier and standard complained:
void Encryption::generateUserKeys(QString password)
{
RSA *rsa;
EVP_PKEY *pkey;
int bits = 1024;
unsigned long exp = RSA_F4;
QMapQString, QString keypair;
rsa = RSA_generate_key(bits, exp, NULL, NULL);
pkey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey, rsa);
keypair = key2pem(rsa, password);
RSA_free(rsa);
sendUserKeysToServer(keypair);
}
QMapQString, QString Encryption::key2pem(RSA *rsa, QString password)
{
QMapQString, QString keypair;
BUF_MEM *bptr;
BIO *pubBio = BIO_new(BIO_s_mem());
BIO *privBio = BIO_new(BIO_s_mem());
PEM_write_bio_RSA_PUBKEY(pubBio, rsa);
PEM_write_bio_RSAPrivateKey(privBio, rsa, EVP_aes_128_cfb(),NULL,
0, 0, password.toLocal8Bit().data());
BIO_get_mem_ptr(pubBio, bptr);
char *pubKey = (char *)malloc(bptr-length+1);
memcpy(pubKey, bptr-data, bptr-length);
pubKey[bptr-length] = 0;
BIO_get_mem_ptr(privBio, bptr);
char *privKey = (char *)malloc(bptr-length+1);
memcpy(privKey, bptr-data, bptr-length);
privKey[bptr-length] = 0;
keypair[privatekey] = QString(privKey);
keypair[publickey] = QString(pubKey);
BIO_free_all(pubBio);
BIO_free_all(privBio);
return keypair;
}
Please feel free to commend on it if you think there is still something
to improve.
best wishes,
Björn
--
Björn Schießle bjo...@schiessle.org
www: http://schiessle.org
gnupg key: 0x0x2378A753E2BF04F6
fingerprint: 244F CEB0 CB09 9524 B21F B896 2378 A753 E2BF 04F6
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
