[Perl-openssl-users] Fw: Question(s) about errors when using Crypt::OpenSSL::RSA

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I have a question about the following (no production) code:
#!/usr/bin/perl
#

use strict;

use Crypt::OpenSSL::RSA;
use iDEALProces;

use constant KEYTYPE => "RSA1";

my ($cert,$connector,$data,$keyfile,$keytype,$pkey,$plain,$rsa,$test);

$keyfile = 'localhost_des3.pem';
print STDOUT ("File $keyfile exists!\n")        if (-e $keyfile);
print STDOUT ("File $keyfile contains text.\n") if (-T $keyfile);
print STDOUT ("File $keyfile is binary.\n")     if (-B $keyfile);

$connector = iDEALProces->new();
$connector->iDEALConnector();

$pkey = $connector->_openReadKeyFile($keyfile,'priv');
print STDOUT ("pkey= $pkey\n") if (-T $keyfile);
$rsa = Crypt::OpenSSL::RSA->new_private_key($pkey);
$plain = $rsa->decrypt($pkey);
print STDOUT ("Private key= $plain\n");
$rsa->DESTROY;
#
# The code of _openReadKeyFile is this:
#
sub
 _openReadKeyFile
{
  my ($self,$keyfile,$type) = @_;
  my ($lc_type,$success,$key,$key_path_file);

  print STDOUT ("Entering: _openReadKeyFile\n");
#
# For testing purposes this is not used, yet.
#
#  $key_path_file = SECURE_PATH;
#  $key_path_file = $key_path_file . '/' .$keyfile;
  $key_path_file = $keyfile;
  print STDOUT ("key_path_file= $key_path_file\n");

  $lc_type = lc($type);
  print STDOUT ("lc_type= $lc_type\n");

  $success = open (KEYFILE,'< :raw',$key_path_file) if (-B $key_path_file);
  $success = open (KEYFILE,'<',$key_path_file)      if (-T $key_path_file);
  print STDOUT ("success= $success\n");
  unless ( $success) 
  {
    if ($lc_type eq 'priv')
    {
      $self->_log( TRACE_ERROR, "Private key file [" . SECURE_PATH . "/" . $keyfile . "] could not be found.");
      $self->_setError(ING_ERROR_PRIVKEY_INVALID, "Could not find private key.",
 IDEAL_PRV_STATUS_FOUTMELDING );
    }
    elsif($lc_type eq 'cert')
    {
      $self->_log( TRACE_ERROR, "Certificate file [" . SECURE_PATH . "/" . $keyfile . "] could not be found." );
      $self->_setError(ING_ERROR_INVALID_SIGNCERT, "Platform signature could not be verified", IDEAL_PRV_STATUS_FOUTMELDING );
    }
    return 0; 
  }

  read (KEYFILE, $key, 8192);
  print STDOUT ("key read\n");
  close (KEYFILE);  

  return $key;
}

When a key file is generated using: openssl genrsa -des3 -out localhost_des3.pem -passout pass:<some password> 1024 and this file is used in: test_openssl_crypt.pl it tells me: RSA.xs:178: OpenSSL error: unsupported encryption at test_openssl.pl line 23.

This is the contents of file: localhost_des3.pem

pkey= -----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info:
 DES-EDE3-CBC,27AB1F7A538516A0

IlKGUixELqbNUghgA2SherRE7O7f0IZP53Vq1x0rEBnbui+j+qGx6gE7q+EkhZ3Z
sfMzXxEogEOfI3k1HYJXv/FXG+y4vtu8GuT9oqeCxOas/hGnDnVE1+W9P+4SU4Bh...
...C6zJUVB+HvlLNqWHl4gKzr/60Egpx2Nyi2FkUNBXomXgqgO2Hwzrg5pK/s2zURey
A+NQ9Mof1pDR7+civjRENrUjybvEl+KWrLnowD45ov+80FgaTQ09F87aJnj9+k1U
YSQWScGAjZn14efw8Q21mYpGi2QhpQRag12yo3LIb2wgYQgBBWqMxA==
-----END RSA PRIVATE KEY-----

When key file
 localhost_des3.pem is converted using: openssl rsa -in localhost_des3.pem -out localhost_des3_b.pem -outform DER and this file is used in: test_opensssl_crypt.pl it tells me: RSA.xs:178: OpenSSL error: no start line at test_openssl.pl line 23.

I installed the latest version of Crypt::OpenSSL::RSA and work with openssl 0.9.8e!

Can you tell me where my fault(s) lie(s)?

What I need is this:

1) read the private key from a pem file, create an sha1 digest of some data and sign this data with this key
2) read the public key from a certificate file and verify some data using this public key and a signature

I suspect it is possible to do this using this module: Crypt::OpenSSL::RSA or is it (not)?

Any help is much appreciated!
Thanks in advance, Piet.