This is a discussion on RSA and Block Type - Openssl ; Dear Sir/Madam, According to the enquiry posted earlier regarding the block type issue: http://marc.info/?l=openssl-users&m=121247900612032&w=2 With the basic understanding that sender (Service Provider) uses private key to encrypt the data before sending back to client, which supposes to work fine with ...
According to the enquiry posted earlier regarding the block type issue:
With the basic understanding that sender (Service Provider) uses private key to encrypt the data before sending back to client, which supposes to work fine with the following perl code:
$RSA_Decrypt = Crypt::OpenSSL::RSA->new_public_key( $PublicKey );
my $TmpText = decode_base64( $CipherText );
my $PlainText = $RSA_Decrypt->public_decrypt( $TmpText );
However, we found that the sender actually have the java code to, somehow, transform the private key into public key as followed:
private String SendBack(String ciphertext, String pri_key )
BASE64Decoder decode64 = new BASE64Decoder();
byte o_t_privk = decode64.decodeBuffer(pri_key);
RSAPrivateKey rsaKey = (RSAPrivateKey)KeyFactory.getInstance("RSA")
BigInteger modulus = new BigInteger(
BigInteger expoment= new BigInteger(
RSAPublicKeySpec pubKeySpec = null;
RSAPublicKey rsaPublicKey = null;
pubKeySpec = new RSAPublicKeySpec(modulus,expoment);
rsaPublicKey = (RSAPublicKey)KeyFactory.getInstance("RSA")
Cipher rsa_cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
// auto selects block type 2
With this code, sender is actually encrypting data as if the public key is used - making the block type = 2.
There seems to be 2 ways to handle this issues:
1. Ask the sender to do something like openssl/perl's private_encrypt() instead to set block type to 1.
--> tried rsa_cipher.init(Cipher.ENCRYPT_MODE, rsaPrivateKey); but didn't work. Failed to compile.
2. Try to do reverse like sender - taking public key to make private key and use openssl/perl's decrypt()
--> don't know how...
Please kindly suggest on the matter.
Thank you and Best Regards,
OpenSSL Project http://www.openssl.org
User Support Mailing List firstname.lastname@example.org
Automated List Manager email@example.com