Forum: Ruby RSA public_encrypt bug?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
2849c70454818746006e84ea9508bc51?d=identicon&s=25 Dani Pardo (dani)
on 2008-10-17 12:57
(Received via mailing list)
Hi, I'm trying to encrypt some data with an RSA public key, this is
the code which is failing:

------------------------------------
require 'openssl'

f=File.open('public_key.txt')
rsa = OpenSSL::PKey::RSA
rsa.n = OpenSSL::BN.new  f.gets
rsa.e = OpenSSL::BN.new f.gets

encrypted_data = rsa.public_encrypt('Hi')
puts "Size: " + encrypted_data.size.to_s
------------------------------------

In Windows, using ruby-1.8.6, I says that the size of the encrypted
data is 51 bytes, where in reality the encrypted data should be 64
bytes.
In Linux, using ruby-1.8.5, the same code just gives an error:

$ ruby test.rb
test.rb:9:in `public_encrypt': no inverse (OpenSSL::PKey::RSAError)
        from test.rb:9


 I'm stunned.. I've even checked ossl_pkey_rsa.c and I haven't seen
anything wrong. Any help appreciated.
753dcb78b3a3651127665da4bed3c782?d=identicon&s=25 Brian Candler (candlerb)
on 2008-10-17 17:21
Attachment: rsa_new.rb (750 Bytes)
Dani Pardo wrote:
> Hi, I'm trying to encrypt some data with an RSA public key, this is
> the code which is failing:

Your life might be easier if you read your public key from a PEM file
:-)

I don't know why your code doesn't work. However I have attached some
code I wrote about 4 years ago which I used to construct a key from its
parameters (before writing it out as a PEM). It seems you're doing the
right things, but maybe the comments are relevant.

I think I was using integers, so perhaps f.gets.to_i ?

Also, you could try writing out a PEM, and then using that at the
openssl command line, to check that your key is actually valid.
753dcb78b3a3651127665da4bed3c782?d=identicon&s=25 Brian Candler (candlerb)
on 2008-10-17 17:32
Brian Candler wrote:
> I think I was using integers, so perhaps f.gets.to_i ?
>
> Also, you could try writing out a PEM, and then using that at the
> openssl command line, to check that your key is actually valid.

Here's the rest of the code which I used (in 2004 :-) to do this for a
private key - however I think if you just remove the p and q bits then
you should get a public key instead.

require 'openssl'
require 'rsa_new'

# Input: a large number n
#        an exponent
#        factor p of n
#        factor q of n  (n = p * q)
# Output: a PEM-encoded private key

n = gets.to_i
e = gets.to_i
p = gets.to_i
q = gets.to_i
p,q = q,p if p < q

puts OpenSSL::PKey::RSA.new_from_parameters(n, e, nil, p, q)
2849c70454818746006e84ea9508bc51?d=identicon&s=25 Dani Pardo (dani)
on 2008-10-17 17:42
(Received via mailing list)
On Fri, Oct 17, 2008 at 5:20 PM, Brian Candler <b.candler@pobox.com>
wrote:
> Dani Pardo wrote:
>> Hi, I'm trying to encrypt some data with an RSA public key, this is
>> the code which is failing:
>
> Your life might be easier if you read your public key from a PEM file
> :-)

 Yeah, but as you can figure out I don't have it. I have a file with
two lines, the module and the exponent.

> I don't know why your code doesn't work. However I have attached some
> code I wrote about 4 years ago which I used to construct a key from its
> parameters (before writing it out as a PEM). It seems you're doing the
> right things, but maybe the comments are relevant.
>
> I think I was using integers, so perhaps f.gets.to_i ?
> Also, you could try writing out a PEM, and then using that at the
> openssl command line, to check that your key is actually valid.


 Actually, what I've found out is that after populating the modulus
and exponent, if I print the key:

 --
rsa.n = OpenSSL::BN.new  f.gets
rsa.e = OpenSSL::BN.new f.gets

puts rsa.to_text
---

 The modulus that #to_text reports doesn't ressemble what I have on
the public key I've got on a text file.. :?
 Also, the modulus reported by #to_text is 51 bytes (?), while the
public modulus I've got in the text file is 128 characters in hex,
which is 64 bytes.
 My cryptographic skills are not very good, but any hint appreciated :)
753dcb78b3a3651127665da4bed3c782?d=identicon&s=25 Brian Candler (candlerb)
on 2008-10-17 18:05
Dani Pardo wrote:
>  Actually, what I've found out is that after populating the modulus
> and exponent, if I print the key:
>
>  --
> rsa.n = OpenSSL::BN.new  f.gets
> rsa.e = OpenSSL::BN.new f.gets
>
> puts rsa.to_text
> ---
>
>  The modulus that #to_text reports doesn't ressemble what I have on
> the public key I've got on a text file.. :?

You want to post your n and e here? They are a *public* key, after all
:-)

>  Also, the modulus reported by #to_text is 51 bytes (?), while the
> public modulus I've got in the text file is 128 characters in hex,
> which is 64 bytes.

Aha! OpenSSL::BN reads decimal, not hex! Remember that irb is your
friend:

irb(main):001:0> require 'openssl'
=> true
irb(main):002:0> x = OpenSSL::BN.new("1234")
=> 1234
irb(main):003:0> x = OpenSSL::BN.new("12AB")
=> 12

So try changing your code to:

  rsa.n = OpenSSL::BN.new(f.gets.to_i(16).to_s)

Or more simply, you should just be able to write:

  rsa.n = f.gets.to_i(16)
2849c70454818746006e84ea9508bc51?d=identicon&s=25 Dani Pardo (dani)
on 2008-10-17 18:20
(Received via mailing list)
On Fri, Oct 17, 2008 at 6:04 PM, Brian Candler <b.candler@pobox.com>
wrote:

>
> So try changing your code to:
>
>  rsa.n = OpenSSL::BN.new(f.gets.to_i(16).to_s)
>

 Woops, you're true, that was the problem!. I thought OpenSSL::BN
would read hex. It reads an string that should be on base10. Strange
though that it wasn't raising an exception.

 Thanks!
This topic is locked and can not be replied to.