Hi, I'm trying to encrypt some data with an RSA public key, this is the code which is failing: ------------------------------------ require 'openssl' f=File.open('public_key.txt') rsa = OpenSSL::PKey::RSA rsa.n = OpenSSL::BN.new f.gets rsa.e = OpenSSL::BN.new f.gets encrypted_data = rsa.public_encrypt('Hi') puts "Size: " + encrypted_data.size.to_s ------------------------------------ In Windows, using ruby-1.8.6, I says that the size of the encrypted data is 51 bytes, where in reality the encrypted data should be 64 bytes. In Linux, using ruby-1.8.5, the same code just gives an error: $ ruby test.rb test.rb:9:in `public_encrypt': no inverse (OpenSSL::PKey::RSAError) from test.rb:9 I'm stunned.. I've even checked ossl_pkey_rsa.c and I haven't seen anything wrong. Any help appreciated.

on 2008-10-17 14:57

on 2008-10-17 19:21

Dani P. wrote: > Hi, I'm trying to encrypt some data with an RSA public key, this is > the code which is failing: Your life might be easier if you read your public key from a PEM file :-) I don't know why your code doesn't work. However I have attached some code I wrote about 4 years ago which I used to construct a key from its parameters (before writing it out as a PEM). It seems you're doing the right things, but maybe the comments are relevant. I think I was using integers, so perhaps f.gets.to_i ? Also, you could try writing out a PEM, and then using that at the openssl command line, to check that your key is actually valid.

on 2008-10-17 19:32

Brian C. wrote: > I think I was using integers, so perhaps f.gets.to_i ? > > Also, you could try writing out a PEM, and then using that at the > openssl command line, to check that your key is actually valid. Here's the rest of the code which I used (in 2004 :-) to do this for a private key - however I think if you just remove the p and q bits then you should get a public key instead. require 'openssl' require 'rsa_new' # Input: a large number n # an exponent # factor p of n # factor q of n (n = p * q) # Output: a PEM-encoded private key n = gets.to_i e = gets.to_i p = gets.to_i q = gets.to_i p,q = q,p if p < q puts OpenSSL::PKey::RSA.new_from_parameters(n, e, nil, p, q)

on 2008-10-17 19:42

On Fri, Oct 17, 2008 at 5:20 PM, Brian C. <removed_email_address@domain.invalid> wrote: > Dani P. wrote: >> Hi, I'm trying to encrypt some data with an RSA public key, this is >> the code which is failing: > > Your life might be easier if you read your public key from a PEM file > :-) Yeah, but as you can figure out I don't have it. I have a file with two lines, the module and the exponent. > I don't know why your code doesn't work. However I have attached some > code I wrote about 4 years ago which I used to construct a key from its > parameters (before writing it out as a PEM). It seems you're doing the > right things, but maybe the comments are relevant. > > I think I was using integers, so perhaps f.gets.to_i ? > Also, you could try writing out a PEM, and then using that at the > openssl command line, to check that your key is actually valid. Actually, what I've found out is that after populating the modulus and exponent, if I print the key: -- rsa.n = OpenSSL::BN.new f.gets rsa.e = OpenSSL::BN.new f.gets puts rsa.to_text --- The modulus that #to_text reports doesn't ressemble what I have on the public key I've got on a text file.. :? Also, the modulus reported by #to_text is 51 bytes (?), while the public modulus I've got in the text file is 128 characters in hex, which is 64 bytes. My cryptographic skills are not very good, but any hint appreciated :)

on 2008-10-17 20:05

Dani P. wrote: > Actually, what I've found out is that after populating the modulus > and exponent, if I print the key: > > -- > rsa.n = OpenSSL::BN.new f.gets > rsa.e = OpenSSL::BN.new f.gets > > puts rsa.to_text > --- > > The modulus that #to_text reports doesn't ressemble what I have on > the public key I've got on a text file.. :? You want to post your n and e here? They are a *public* key, after all :-) > Also, the modulus reported by #to_text is 51 bytes (?), while the > public modulus I've got in the text file is 128 characters in hex, > which is 64 bytes. Aha! OpenSSL::BN reads decimal, not hex! Remember that irb is your friend: irb(main):001:0> require 'openssl' => true irb(main):002:0> x = OpenSSL::BN.new("1234") => 1234 irb(main):003:0> x = OpenSSL::BN.new("12AB") => 12 So try changing your code to: rsa.n = OpenSSL::BN.new(f.gets.to_i(16).to_s) Or more simply, you should just be able to write: rsa.n = f.gets.to_i(16)

on 2008-10-17 20:20

On Fri, Oct 17, 2008 at 6:04 PM, Brian C. <removed_email_address@domain.invalid> wrote: > > So try changing your code to: > > rsa.n = OpenSSL::BN.new(f.gets.to_i(16).to_s) > Woops, you're true, that was the problem!. I thought OpenSSL::BN would read hex. It reads an string that should be on base10. Strange though that it wasn't raising an exception. Thanks!