Reputation: 2238
RSA_private_encrypt always fails
I am learning to use OpenSSL library in my program. Here in the code I generate a private key and immediately I am encrypting a message using that key. But always it fails. Kindly help me.
private_key = RSA_generate_key(RSA_KEY_LENGTH, RSA_3, NULL, NULL);
if (RSA_check_key(private_key) < 1) {
printf("generate_key: key generation failed\n");
exit(-1);
}
unsigned char msg[25];
unsigned char cipher[128];
strcpy((char*)msg, "hello");
int ret = RSA_private_encrypt(25, msg, cipher, private_key,
RSA_PKCS1_OAEP_PADDING);
if (ret < 0) {
printf("encryption in key generation failed\n");
printf ("%s\n", ERR_error_string (ERR_get_error (), (char *) cipher));
exit (-1);
}
This always fails and this is the error I am getting with ERR_error_string.
error:04066076:lib(4):func(102):reason(118)
Upvotes: 2
Views: 6242
Answers (3)
Reputation: 102386
error:04066076:lib(4):func(102):reason(118)
You can use OpenSSL's errstr to give you meaningful error messages (in most cases):
$ openssl errstr 0x04066076
error:04066076:rsa routines:RSA_EAY_PRIVATE_ENCRYPT:unknown padding type
Even though you narrowed it down to RSA_PKCS1_OAEP_PADDING/RSA_PKCS1_PADDING, you should still use RSA_PKCS1_OAEP_PADDING with RSA encryption. So your next task is to figure out what's still wrong with your code.
Here's a good blog entry on why you should avoid PKCS 1.5 padding for RSA encryption: A bad couple of years for the cryptographic token industry.
Upvotes: 4
Reputation: 590
See documentation:
man RSA_private_encrypt
RSA_private_encrypt() signs the flen bytes at from (usually a message digest with an algorithm identifier) using the private key rsa and stores the signature in to. to must point to RSA_size(rsa) bytes of memory.
padding denotes one of the following modes:
RSA_PKCS1_PADDING
PKCS #1 v1.5 padding. This function does not handle the algorithmIdentifier specified in PKCS #1. When generating or verifying PKCS #1 signatures, RSA_sign(3) and RSA_verify(3) should be used.
RSA_NO_PADDING
Raw RSA signature. This mode should only be used to implement cryptographically sound padding modes in the application code. Signing user data directly with RSA is insecure.
I do not know where you got RSA_PKCS1_OAEP_PADDING from, but the only supported paddings are listed above.
Upvotes: 5
Reputation: 2238
I have found the reason for this problem. Actually the padding method RSA_PKCS1_OAEP_PADDING is not working for me in my both centos and ubuntu machines. Once I changed it to RSA_PKCS1_PADDING, it started working fine. But I am not sure why this is happening.
Upvotes: 1
Related Questions
- getting a segmentation fault with RSA_public_encrypt
- RSA_private_decrypt crashes when called for the second time
- Possible bug in RSA_private_encrypt
- RSA_private_decrypt returns -1
- C: OpenSSL RSA_private_decrypt() fails with "error:0407A079:rsa routines:RSA_padding_check_PKCS1_OAEP:oaep decoding error”
- RSA_Private_Decrypt fails randomly
- OpenSSL RSA_private_decrypt() fails with "oaep decoding error"
- Erratic openssl/rsa behaviour: RSA_EAY_PRIVATE_DECRYPT:padding check failed
- RSA_private_decrypt error code : error0407106b: lib(4):funct:(113):reason(107)
- RSA_private_decrypt failed