I have an exponend in base64 encoding I use to encrypt a 128 bit AES key.
First, set the modulus 'n':
char *n64 = ".base64 data.......";
char *e64= "AQAB"; // aka 0x010001
// decode n64 into nbin, length nlen
mpbsetbin(&n, nbin, nlen);
// decode e64 into ebin, length elen
mpnsetbin(&e, ebin, elen);
here, I encrypt "plain" (16 bytes buffer) into crypted (256 byte buffer)
mpnumber plaintext, ciphertext;
mpnsetbin(&plaintext, plain, len);
rsapub(&n, &e, &plaintext, &ciphertext);
// Do I need to use i2osp to get the ciphertext as a byte* array?
i2osp(crypted, 256, ciphertext.data, ciphertext.size);
// base64 encode and send the ciphertext over the network to the remote end
On the remote decrypting end, the decrypted plaintext is completely wrong. I am running this on an x86, so the machine is little endian.
I must be doing something wrong, since the following code using OpenSSL produces a ciphertext that the remote end accepts as valid.
RSA * rsa=RSA_new();
// base64 decode the modulus into a buffer
// use BN_bin2bn to convert the modulus from a buffer to a BIGNUM
size=RSA_public_encrypt(len, text, res, rsa, RSA_PKCS1_OAEP_PADDING);
The first thing to check is whether your modulus and public exponent are correct after this step which isn't very clear:
> char *n64 = ".base64 data.......";
> char *e64= "AQAB"; // aka 0x010001
> byte nbin;
> // decode n64 into nbin, length nlen
> mpbsetbin(&n, nbin, nlen);
> // decode e64 into ebin, length elen
> mpnsetbin(&e, ebin, elen);
You declare n64 and e64, but don't give the steps where you convert them to nbin and ebin. After you've set n and e, display them with mpprintln; do the same on the receiving side, and verify that you have the same values.
The next issue to check is this: in BeeCrypt you're using a raw RSA public key operation. Your OpenSSL code uses OAEP padding. If that works for the receiving end, you'll first have to pad your 128-bit key OAEP-style, then call i2osp with that padded value instead of your raw key.
I'll see if I can find time to add such a function to BeeCrypt in the near future.
Log in to post a comment.