Dear Sir/Madam,

According to the enquiry posted earlier regarding the block type issue:

With the basic understanding that sender (Service Provider) uses private key to encrypt the data before sending back to client, which supposes to work fine with the following perl code:

$RSA_Decrypt = Crypt::OpenSSL::RSA->new_public_key( $PublicKey );
my $TmpText = decode_base64( $CipherText );

my $PlainText = $RSA_Decrypt->public_decrypt( $TmpText );

However, we found that the sender actually have the java code to, somehow, transform the private key into public key as followed:

private String SendBack(String ciphertext, String pri_key )
BASE64Decoder decode64 = new BASE64Decoder();
byte[] o_t_privk = decode64.decodeBuffer(pri_key);

RSAPrivateKey rsaKey = (RSAPrivateKey)KeyFactory.getInstance("RSA")
.generatePrivate(new PKCS8EncodedKeySpec(o_t_privk));

BigInteger modulus = new BigInteger(
BigInteger expoment= new BigInteger(

RSAPublicKeySpec pubKeySpec = null;
RSAPublicKey rsaPublicKey = null;

pubKeySpec = new RSAPublicKeySpec(modulus,expoment);
rsaPublicKey = (RSAPublicKey)KeyFactory.getInstance("RSA")

Cipher rsa_cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
// auto selects block type 2



With this code, sender is actually encrypting data as if the public key is used - making the block type = 2.

There seems to be 2 ways to handle this issues:

1. Ask the sender to do something like openssl/perl's private_encrypt() instead to set block type to 1.
--> tried rsa_cipher.init(Cipher.ENCRYPT_MODE, rsaPrivateKey); but didn't work. Failed to compile.

2. Try to do reverse like sender - taking public key to make private key and use openssl/perl's decrypt()
--> don't know how...

Please kindly suggest on the matter.

Thank you and Best Regards,
Phakin Ch.
__________________________________________________ ____________________
OpenSSL Project
User Support Mailing List
Automated List Manager