------=_Part_18846_2226115.1207638244820
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi Till,
The error u got is you can not read the public key as in the certificate it
is not finding the lines as "BEGIN RSA CERTIFICATE"
so here i am giving you the code , use it directly , it will work fine as i
refined it many times ...


pubk = RSA_new();
if(pubk == NULL)
printf("error to create new RSA structure \n");

fp = fopen (recevercert, "r");
if (fp == NULL){
printf("error opening the pub file\n");
exit (1);
}
x509 = PEM_read_X509(fp, NULL, NULL, NULL);
fclose (fp);


if (x509 == NULL) {
printf("error reading the certificate \n");
ERR_print_errors_fp (stderr);
exit (1);
}

pub=X509_get_pubkey(x509);
if (pub == NULL) {
printf("error reading the public key \n");
ERR_print_errors_fp (stderr);
exit (1);
}

pubk = EVP_PKEY_get1_RSA(pub);
if(pub == NULL)
printf("error setting the public key from EVP_PKEY_set1_RSA function \n");
----
after this you do encryption and decryption , then it will work fine, one
more thing here is you should not use RSA_encrypt or decrypt functions for
large amount of data , it is not recommended , so u must avoid of using
asymmetric alrorithems for large amount of data or for files .. or I
recommend not to use it for any data or file except for encryption of keys
only.


-- Regards
Shankar



On 4/8/08, Till Elsner wrote:
>
> Hi,
>
> I'm trying to make an application encypting data on the server side using
> a public key and decrypting it on the client side using the related private
> key. Now i've run in two problems:
> I have a private key and a related certificate file created from a
> certificate request (CSR) and signed by an own CA. Both are created using
> OpenSSL. The first problem is that I can't get the public key out of the
> cerificate using PEM_read_RSA_PUBKEY. I've exported the public key alone to
> a single file, from that I can load the public key. Trying to load it from
> the certificate gives an "no starting line" error.
> Second, and maybe even worse, when encrypting data with the public key
> using RSA_public_encrypt and again decrypting it with the private one using
> RSA_private_decrypt, the decrypted data differs widely from the original
> data. When I try the same using OpenSSL's rsautl command-line tool, it works
> perfectly with this key pair (public key/private key as well as
> certificate/private key).
> Both keys and certificate are in PEM format. The certificates signature is
> valid.
> Could anyone give me some hint what might be going on here?
>
> Thanks and regards
> Till Elsner
> __________________________________________________ ____________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majordomo@openssl.org
>




--
--Best Regards
Shankar

------=_Part_18846_2226115.1207638244820
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi Till,

The error u got is you can not read the public key as in the certificate it is not finding the lines as "BEGIN RSA CERTIFICATE"

so here i am giving you the code , use it directly , it will work fine as i refined it many times ...

 

pubk = RSA_new();
if(pubk == NULL)
printf("error to create new RSA structure \n");


fp = fopen (recevercert, "r");
if (fp == NULL){
printf("error opening the pub file\n");
exit (1);
}
x509 = PEM_read_X509(fp, NULL, NULL, NULL);
fclose (fp);



if (x509 == NULL) {
printf("error reading the certificate \n");
ERR_print_errors_fp (stderr);
exit (1);
}


pub=X509_get_pubkey(x509);
if (pub == NULL) {
printf("error reading the public key \n");
ERR_print_errors_fp (stderr);
exit (1);
}


pubk = EVP_PKEY_get1_RSA(pub);
if(pub == NULL)
printf("error setting the public key from EVP_PKEY_set1_RSA function \n");


----

after this you do encryption and decryption , then it will work fine, one more thing here is you should not use RSA_encrypt or decrypt functions for large amount of data , it is  not recommended , so u must avoid of using asymmetric alrorithems for large amount of data or for files .. or I recommend not to use it for any data or file except for encryption of keys only.


 

 

-- Regards

Shankar



 

On 4/8/08, Till Elsner <till.elsner@uni-duesseldorf.de> wrote:
Hi,

I'm trying to make an application encypting data on the server side using a public key and decrypting it on the client side using the related private key. Now i've run in two problems:

I have a private key and a related certificate file created from a certificate request (CSR) and signed by an own CA. Both are created using OpenSSL. The first problem is that I can't get the public key out of the cerificate using PEM_read_RSA_PUBKEY. I've exported the public key alone to a single file, from that I can load the public key. Trying to load it from the certificate gives an "no starting line" error.

Second, and maybe even worse, when encrypting data with the public key using RSA_public_encrypt and again decrypting it with the private one using RSA_private_decrypt, the decrypted data differs widely from the original data. When I try the same using OpenSSL's rsautl command-line tool, it works perfectly with this key pair (public key/private key as well as certificate/private key).

Both keys and certificate are in PEM format. The certificates signature is valid.
Could anyone give me some hint what might be going on here?

Thanks and regards
Till Elsner
__________________________________________________ ____________________

OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    penssl-users@openssl.org" target="_blank">openssl-users@openssl.org

Automated List Manager                           majordomo@openssl.org




--
--Best Regards
Shankar

------=_Part_18846_2226115.1207638244820--
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org