RSA Java/Ruby

Hi all,
I've been reading in this list about crypting with RSA but I don't get
it to work.

I beg your help. I believe one of the problems I'm having is that the
different values (.e , .n , .d ) are being given in decimal format,
while the java function will need hexaedcimal format.

Please, any hint or idea on how to encrypt/verify based on RSA with
Ruby? any other library? Or ... how can I create an RSA private key
based on hexadecimal values of n, e and d? How can I convert decimal
values to hex?

thanks a lot,

Jean

Some code:
In the client javascript to encrypt the password (based on www.ohdave.com/rsa)

In the server, the following code:

  # key.pem is generated with "openssl genrsa -out key512.pem 512" in the
  # command line
  private_key = PKey::RSA.new(File.open("key.pem").read, nil)

  # Crypting with the public, decrypting with the private
  @pwdOriginal = "uno_dos_tres"
  @pwdCrypted_PubPriv = private_key.public_encrypt(@pwdOriginal)
  @pwdDecrypted_PubPriv = private_key.private_decrypt(@pwdCrypted_PubPriv)

  # This values are generated out the .pem file
  @f_e = private_key.e
  @f_d = private_key.d.to_s
  @f_n = private_key.n
  @f_public = private_key.public_key
  @f_private = private_key.to_s

Hi,

1. your code seems to work fine (if you fix the file name, add require
'openssl' and include OpenSSL, alternatively prefix Pkey with
OpenSSL::slight_smile:

2. dec-> hex:
  "%x" % 123 #=> "7b"
  "%X" % 123 #=> "7B"

3. Just a note: Java and Javascript are two different languages

4. Are you sure you want to send the private key over the wire?

5. The private key has another components besides e,d,n that speed up
the decryption/signature generation significantly.

···

On 9/4/06, Jean Verger <jean.verger@gmail.com> wrote:

Hi all,
I've been reading in this list about crypting with RSA but I don't get
it to work.

I beg your help. I believe one of the problems I'm having is that the
different values (.e , .n , .d ) are being given in decimal format,
while the java function will need hexaedcimal format.

Please, any hint or idea on how to encrypt/verify based on RSA with
Ruby? any other library? Or ... how can I create an RSA private key
based on hexadecimal values of n, e and d? How can I convert decimal
values to hex?

thanks a lot,

Jean

Some code:
In the client javascript to encrypt the password (based on www.ohdave.com/rsa)

In the server, the following code:

  # key.pem is generated with "openssl genrsa -out key512.pem 512" in the
  # command line
  private_key = PKey::RSA.new(File.open("key.pem").read, nil)

  # Crypting with the public, decrypting with the private
  @pwdOriginal = "uno_dos_tres"
  @pwdCrypted_PubPriv = private_key.public_encrypt(@pwdOriginal)
  @pwdDecrypted_PubPriv = private_key.private_decrypt(@pwdCrypted_PubPriv)

  # This values are generated out the .pem file
  @f_e = private_key.e
  @f_d = private_key.d.to_s
  @f_n = private_key.n
  @f_public = private_key.public_key
  @f_private = private_key.to_s

Hi,
thanks for your advices,

1. Is there any way to generate the RSA Key with e, d and n? (instead
of using the pem file?

2. The output that I'm geetting is out of the "regular" character
range ... Im getting some weird characters. I guess it is normal when
crypting, but with the javascript RSA model I don't get any "weird
character". Anyway to limit the output? This is the output in a
browser:

3. Finally ... when using this code i get a different encrypted string
every time I run the code! :slight_smile: How can that be? I mean, given the same
.pem file, i get a different encryption, although then, the
verification is fine.

private_key = PKey::RSA.new(File.open("key.pem").read, nil)
@pwdOriginal = "uno_dos_tres"
@pwdCrypted_PubPriv = private_key.public_encrypt(@pwdOriginal)
@pwdDecrypted_PubPriv = private_key.private_decrypt(@pwdCrypted_PubPriv)

thanks again for your help,

Jean

···

On 9/5/06, Jan Svitok <jan.svitok@gmail.com> wrote:

On 9/4/06, Jean Verger <jean.verger@gmail.com> wrote:
> Hi all,
> I've been reading in this list about crypting with RSA but I don't get
> it to work.
>
> I beg your help. I believe one of the problems I'm having is that the
> different values (.e , .n , .d ) are being given in decimal format,
> while the java function will need hexaedcimal format.
>
> Please, any hint or idea on how to encrypt/verify based on RSA with
> Ruby? any other library? Or ... how can I create an RSA private key
> based on hexadecimal values of n, e and d? How can I convert decimal
> values to hex?
>
> thanks a lot,
>
> Jean
>
> Some code:
> In the client javascript to encrypt the password (based on www.ohdave.com/rsa)
>
> In the server, the following code:
>
> # key.pem is generated with "openssl genrsa -out key512.pem 512" in the
> # command line
> private_key = PKey::RSA.new(File.open("key.pem").read, nil)
>
> # Crypting with the public, decrypting with the private
> @pwdOriginal = "uno_dos_tres"
> @pwdCrypted_PubPriv = private_key.public_encrypt(@pwdOriginal)
> @pwdDecrypted_PubPriv = private_key.private_decrypt(@pwdCrypted_PubPriv)
>
> # This values are generated out the .pem file
> @f_e = private_key.e
> @f_d = private_key.d.to_s
> @f_n = private_key.n
> @f_public = private_key.public_key
> @f_private = private_key.to_s

Hi,

1. your code seems to work fine (if you fix the file name, add require
'openssl' and include OpenSSL, alternatively prefix Pkey with
OpenSSL::slight_smile:

2. dec-> hex:
  "%x" % 123 #=> "7b"
  "%X" % 123 #=> "7B"

3. Just a note: Java and Javascript are two different languages

4. Are you sure you want to send the private key over the wire?

5. The private key has another components besides e,d,n that speed up
the decryption/signature generation significantly.

Hi,
thanks for your advices,

1. Is there any way to generate the RSA Key with e, d and n? (instead
of using the pem file?

try PKey::RSA.generate(512)

2. The output that I'm geetting is out of the "regular" character
range ... Im getting some weird characters. I guess it is normal when
crypting, but with the javascript RSA model I don't get any "weird
character". Anyway to limit the output? This is the output in a
browser:
http://i108.photobucket.com/albums/n27/jverger/rsaRuby.png

You're getting bytes, javascript gives you hex-encoded data

3. Finally ... when using this code i get a different encrypted string
every time I run the code! :slight_smile: How can that be? I mean, given the same
.pem file, i get a different encryption, although then, the
verification is fine.

PKCS#1 add random padding to the encrypted data to avoid situation,
when the same data is always encrypted as same ciphertext.

I'd encourage you to read some literature on the topic, as I wrote
some time ago (http://www.ruby-forum.com/topic/79044), encryption is
easy to get messed up, and your efforts would be ruined. See the
thread for some links. You need to understand the basics if you want
your encryption fulfill its purpose. At least read PKCS#1 standard.
You'll learn about the padding schemes and various attacks on it
there.

Please don't get me wrong, this is meant as an advice to not get
burned. I'll be glad if I'm wrong in this case :wink:

···

On 9/5/06, Jean Verger <jean.verger@gmail.com> wrote:

Hi,
no problem ... I truly understand what you mean by reading more.

1. Definitely your hint on PKCS#1 ... is saved me some headaches that
I couldn't understand why.

2. If I use this: PKey::RSA.generate(512) I believe that I still have
a random key generated (instead of one with n, d and e desired). From
not much difference than using this:
           #openssl genrsa -out key.pem 256
           PKey::RSA.new(File.open("/key.pem").read, nil)

3. Finally, thanks for this pearl of wisdow .... so I understand that
the crypted password in the client side (javascript) has to be
converted to bytes in order to be verified.
    > You're getting bytes, javascript gives you hex-encoded data

thanks for your help,

Jean

···

On 9/5/06, Jan Svitok <jan.svitok@gmail.com> wrote:

On 9/5/06, Jean Verger <jean.verger@gmail.com> wrote:
> Hi,
> thanks for your advices,
>
> 1. Is there any way to generate the RSA Key with e, d and n? (instead
> of using the pem file?

try PKey::RSA.generate(512)

> 2. The output that I'm geetting is out of the "regular" character
> range ... Im getting some weird characters. I guess it is normal when
> crypting, but with the javascript RSA model I don't get any "weird
> character". Anyway to limit the output? This is the output in a
> browser:
> http://i108.photobucket.com/albums/n27/jverger/rsaRuby.png

You're getting bytes, javascript gives you hex-encoded data

> 3. Finally ... when using this code i get a different encrypted string
> every time I run the code! :slight_smile: How can that be? I mean, given the same
> .pem file, i get a different encryption, although then, the
> verification is fine.

PKCS#1 add random padding to the encrypted data to avoid situation,
when the same data is always encrypted as same ciphertext.

I'd encourage you to read some literature on the topic, as I wrote
some time ago (http://www.ruby-forum.com/topic/79044), encryption is
easy to get messed up, and your efforts would be ruined. See the
thread for some links. You need to understand the basics if you want
your encryption fulfill its purpose. At least read PKCS#1 standard.
You'll learn about the padding schemes and various attacks on it
there.

Please don't get me wrong, this is meant as an advice to not get
burned. I'll be glad if I'm wrong in this case :wink:

Sorry, I misunderstood. This is how it *could* be done. I've just read
the sources, haven't tried.

key = PKey.RSA.new
key.n, key.e, key.d = n,e,d

If you know a bit of C, read the sources of ruby, everything is there :wink:
namely: src/ext/openssl/ossl_pkey_rsa.c

···

On 9/5/06, Jean Verger <jean.verger@gmail.com> wrote:

2. If I use this: PKey::RSA.generate(512) I believe that I still have
a random key generated (instead of one with n, d and e desired). From
not much difference than using this:
           #openssl genrsa -out key.pem 256
           PKey::RSA.new(File.open("/key.pem").read, nil)