Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Errors in Crypt::OpenSSL::RSA (from 'RSA.xs')

by golux (Chaplain)
on Apr 28, 2018 at 18:57 UTC ( #1213735=perlquestion: print w/replies, xml ) Need Help??

golux has asked for the wisdom of the Perl Monks concerning the following question:

Hi Monks,

I could swear I had code that was working several months ago; now it throws the same error no matter what I try. The error is:

"Failed to decode encrypted text (RSA.xs:202: OpenSSL error: oaep +decoding error at doit line 95.)</code>"

Any ideas? Here's an SSCCE of the problem:

#!/usr/bin/perl ############### ## Libraries ## ############### use strict; use warnings; use feature qw{ say }; use Crypt::OpenSSL::RSA; use Data::Dumper; use Function::Parameters; use IO::File; ################## ## User-defined ## ################## my $pubfile = "./key.pub"; my $privfile = "./key.priv"; my $keysize = 1024; my $message = 'A quick brown fox jumps over the lazy dog.'; ################## ## Main Program ## ################## create_rsa_keys(); # Create keys, save to dis +k my $pub = pubkey_from_file($pubfile); # Construct public key fro +m disk my $priv = privkey_from_file($privfile); # Construct private key fr +om disk my $enc = encode($pub, $message); # Encode the message my $dec = decode($priv, $message); # Decode the message say "Result '$dec'"; # Results (if error is fix +ed!) ################# ## Subroutines ## ################# fun create_rsa_keys() { # Generate the public & private key text, and save to disk my $genkeys = Crypt::OpenSSL::RSA->generate_key($keysize); my $pubtext = $genkeys->get_public_key_string(); my $privtext = $genkeys->get_private_key_string(); key_to_file('Public key', $pubfile, $pubtext); key_to_file('Private key', $privfile, $privtext); } fun key_to_file($label, $path, $text) { my $fh = IO::File->new; open($fh, ">", $path) or die "Failed to write $label to '$path' ($ +!)\n"; print $fh $text; close($fh); } fun pubkey_from_file($path) { my $text = file_to_string('Public key', $path); my $pubkey = ""; eval { $pubkey = Crypt::OpenSSL::RSA->new_public_key($text) }; $@ and die "Error in string_to_public_key ($@)\n"; return $pubkey; } fun privkey_from_file($path) { my $text = file_to_string('Private key', $path); my $privkey = ""; eval { $privkey = Crypt::OpenSSL::RSA->new_private_key($text) }; $@ and die "Error in string_to_private_key ($@)\n"; return $privkey; } fun file_to_string($label, $path) { local $/ = undef; my $fh = IO::File->new; open($fh, "<", $path) or die "Failed to read $label '$path' ($!)"; my $text = <$fh>; close($fh); return $text; } fun encode($pubkey, $plain) { my $encode = ""; eval { $encode = $pubkey->encrypt($plain) }; $@ and die "Failed to encode plaintext ($@)\n"; return $encode; } fun decode($privkey, $encode) { my $decode = ""; eval { $decode = $priv->decrypt($encode) }; $@ and die "Failed to decode encrypted text ($@)\n"; return $decode; } __END__ The public key file looks okay: -----BEGIN RSA PUBLIC KEY----- MIGJAoGBAMjDisZYXREArFdv5VrP/U1tzh7NShzQgVBN4Kb+2xNwkIhPZd3hv98f w3p/9IigAFhUBnXnNSnOsvZJ79/M8WZ5fOoQQzre8jyw84Z2H/nQsLZCkkN4n52H Byg+K5dSNCh3K0UdTN/Li6nbS19OTweGz3X+oKNPb+oZtwPQ5C+TAgMBAAE= -----END RSA PUBLIC KEY----- As does the private key file: -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDIw4rGWF0RAKxXb+Vaz/1Nbc4ezUoc0IFQTeCm/tsTcJCIT2Xd 4b/fH8N6f/SIoABYVAZ15zUpzrL2Se/fzPFmeXzqEEM63vI8sPOGdh/50LC2QpJD eJ+dhwcoPiuXUjQodytFHUzfy4up20tfTk8Hhs91/qCjT2/qGbcD0OQvkwIDAQAB AoGASMkb9uzyUMe9s7WNoW7mlrvIjsI+rFOrjkGtwN2E73dP7xtaAydlOK97X14k eaQIe/16miRI0e9uUnxbyveyTJ9PlRdwMfI5LbyaLTonRVjKfwOiDQ5HL4TsZmVX xCp4wht3v84Norh1+jytO0+QdiUMx/ilt31xRv9z4kqCzwECQQD8FW6QWkGtLXzT mGxCGN1zDSzrHowwCPhBpBogrQj+35y/rxUqoVzA/KeCXNPPJReroB6icKSGLjv9 Q8jvBjv5AkEAy+IBMveGh1OpZECe5bbIPQ8GLCumNp04XLQhDzSrm5hVBf0vtoiC HRVFuTe5jz3fa3G+ZCRxkHIS86YRAjiy6wJBAKyX4+5zzXnLpiaduql6qsxmHfYR ITyWN5uBxt3Oe1U+Nu1K67wXZRFBK1NnSSIPrGg2piLj6tFwAGTEL2PwKckCQCW6 zT4BUIP6l35V9xHLoYKrJRlHeprgvW1qaDPIK3m/1vwkvo+o82suZJjCFzTK3m2j vvgJRnrUoW01bjBbDcECQQCwKDz5kum6VjtcKtRHldADUuVPY4obt9FZ7PlxUMTK S6emRbu41Rbi/LrgYbaZSrJS1WANviuoXaZesPJPRR9l -----END RSA PRIVATE KEY-----

say  substr+lc crypt(qw $i3 SI$),4,5

Replies are listed 'Best First'.
Re: Errors in Crypt::OpenSSL::RSA (from 'RSA.xs')
by poj (Abbot) on Apr 28, 2018 at 19:12 UTC

    Shouldn't you decode the encoded message ?

    #my $dec = decode($priv, $message); my $dec = decode($priv, $enc);
    poj
      Good catch -- thank you! That now works in the example I provided.
      Result 'A quick brown fox jumps over the lazy dog.'

      The ironic thing is that I introduced the bug you found when moving to the shorter example; it's not in the original. The original code is much longer, and within a module I'm writing to handle SSH handshaking between a Client and remote Server. Both the original program and the example have the same symptoms though; the error message is the same.

      So I've got some work to do... I now have a working (finally!) example, and a longer program with the error. I'll work at it from both ends, and post what I find here. Ideally I did something else stupid in the original, and it'll be easy to find and fix.

      Edit:   Found it. Well, it was not as stupid as the short example perhaps. I wasn't getting the same data over the socket that I was sending. I kludged up some routines to calculate an md5sum on the data at different stages, and realized that, differing from what I believed about MIME::Base64, the encode_base64() method was inserting newline into the string. (I know my example didn't show the encode_base64() and decode_base64 methods(), but that was because I was getting the error without them).

      So I went back to the docs for MIME::Base64 and found:

      encode_base64( $bytes ) encode_base64( $bytes, $eol ); Encode data by calling the encode_base64() function. The f +irst argument is the byte string to encode. The second argument + is the line-ending sequence to use. It is optional and defaults t +o "\n". The returned encoded string is broken into lines of no more + than 76 characters each and it will end with $eol unless it is empt +y. Pass an empty string as second argument if you do not want the e +ncoded string to be broken into lines.
      When I changed the $eol char from "\n" to "", the Client was able to get the full string, and it fixed the problem. :D
      say  substr+lc crypt(qw $i3 SI$),4,5

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1213735]
Approved by dorko
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (8)
As of 2020-12-01 15:24 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How often do you use taint mode?





    Results (11 votes). Check out past polls.

    Notices?