RSA Java/Ruby

Ruby
1

Hi all,
I’ve been reading in this list about crypting with RSA but I don’t get
it to work.

I beg your help. I believe one of the problems I’m having is that the
different values (.e , .n , .d ) are being given in decimal format,
while the java function will need hexaedcimal format.

Please, any hint or idea on how to encrypt/verify based on RSA with
Ruby? any other library? Or … how can I create an RSA private key
based on hexadecimal values of n, e and d? How can I convert decimal
values to hex?

thanks a lot,

Jean

Some code:
In the client javascript to encrypt the password (based on
RSA In JavaScript - ohdave.com)

In the server, the following code:

key.pem is generated with “openssl genrsa -out key512.pem 512” in

the

command line

private_key = PKey::RSA.new(File.open(“key.pem”).read, nil)

Crypting with the public, decrypting with the private

@pwdOriginal = “uno_dos_tres”
@pwdCrypted_PubPriv = private_key.public_encrypt(@pwdOriginal)
@pwdDecrypted_PubPriv =
private_key.private_decrypt(@pwdCrypted_PubPriv)

This values are generated out the .pem file

@f_e = private_key.e
@f_d = private_key.d.to_s
@f_n = private_key.n
@f_public = private_key.public_key
@f_private = private_key.to_s

2

On 9/4/06, Jean V. [email protected] wrote:

based on hexadecimal values of n, e and d? How can I convert decimal

@f_e = private_key.e
@f_d = private_key.d.to_s
@f_n = private_key.n
@f_public = private_key.public_key
@f_private = private_key.to_s

Hi,

  1. your code seems to work fine (if you fix the file name, add require
    ‘openssl’ and include OpenSSL, alternatively prefix Pkey with
    OpenSSL::slight_smile:

  2. dec-> hex:
    “%x” % 123 #=> “7b”
    “%X” % 123 #=> “7B”

  3. Just a note: Java and Javascript are two different languages

  4. Are you sure you want to send the private key over the wire?

  5. The private key has another components besides e,d,n that speed up
    the decryption/signature generation significantly.

3

Hi,
thanks for your advices,

  1. Is there any way to generate the RSA Key with e, d and n? (instead
    of using the pem file?

  2. The output that I’m geetting is out of the “regular” character
    range … Im getting some weird characters. I guess it is normal when
    crypting, but with the javascript RSA model I don’t get any “weird
    character”. Anyway to limit the output? This is the output in a
    browser:
    http://i108.photobucket.com/albums/n27/jverger/rsaRuby.png

  3. Finally … when using this code i get a different encrypted string
    every time I run the code! :slight_smile: How can that be? I mean, given the same
    .pem file, i get a different encryption, although then, the
    verification is fine.

private_key = PKey::RSA.new(File.open(“key.pem”).read, nil)
@pwdOriginal = “uno_dos_tres”
@pwdCrypted_PubPriv = private_key.public_encrypt(@pwdOriginal)
@pwdDecrypted_PubPriv = private_key.private_decrypt(@pwdCrypted_PubPriv)

thanks again for your help,

Jean

4

On 9/5/06, Jean V. [email protected] wrote:

Hi,
thanks for your advices,

  1. Is there any way to generate the RSA Key with e, d and n? (instead
    of using the pem file?

try PKey::RSA.generate(512)

  1. The output that I’m geetting is out of the “regular” character
    range … Im getting some weird characters. I guess it is normal when
    crypting, but with the javascript RSA model I don’t get any “weird
    character”. Anyway to limit the output? This is the output in a
    browser:
    http://i108.photobucket.com/albums/n27/jverger/rsaRuby.png

You’re getting bytes, javascript gives you hex-encoded data

  1. Finally … when using this code i get a different encrypted string
    every time I run the code! :slight_smile: How can that be? I mean, given the same
    .pem file, i get a different encryption, although then, the
    verification is fine.

PKCS#1 add random padding to the encrypted data to avoid situation,
when the same data is always encrypted as same ciphertext.

I’d encourage you to read some literature on the topic, as I wrote
some time ago (Asymmetric encryption options - Ruby - Ruby-Forum), encryption is
easy to get messed up, and your efforts would be ruined. See the
thread for some links. You need to understand the basics if you want
your encryption fulfill its purpose. At least read PKCS#1 standard.
You’ll learn about the padding schemes and various attacks on it
there.

Please don’t get me wrong, this is meant as an advice to not get
burned. I’ll be glad if I’m wrong in this case :wink:

5

On 9/5/06, Jean V. [email protected] wrote:

  1. If I use this: PKey::RSA.generate(512) I believe that I still have
    a random key generated (instead of one with n, d and e desired). From
    not much difference than using this:
    #openssl genrsa -out key.pem 256
    PKey::RSA.new(File.open(“/key.pem”).read, nil)

Sorry, I misunderstood. This is how it could be done. I’ve just read
the sources, haven’t tried.

key = PKey.RSA.new
key.n, key.e, key.d = n,e,d

If you know a bit of C, read the sources of ruby, everything is there
:wink:
namely: src/ext/openssl/ossl_pkey_rsa.c

6

Hi,
no problem … I truly understand what you mean by reading more.

  1. Definitely your hint on PKCS#1 … is saved me some headaches that
    I couldn’t understand why.

  2. If I use this: PKey::RSA.generate(512) I believe that I still have
    a random key generated (instead of one with n, d and e desired). From
    not much difference than using this:
    #openssl genrsa -out key.pem 256
    PKey::RSA.new(File.open("/key.pem").read, nil)

  3. Finally, thanks for this pearl of wisdow … so I understand that
    the crypted password in the client side (javascript) has to be
    converted to bytes in order to be verified.

    You’re getting bytes, javascript gives you hex-encoded data

thanks for your help,

Jean