Asp Forum - Re: public key encrypt

Brian Candler

8/3/2007 12:47:00 PM

I know how to use public key to encrypt data if I create public/private
> key pair by myself through OpenSSL::PKey::RSA. However, if I only know
> other guy's public key, how could I encrypt data with his/her public
> key? Is there any method in the module OpenSSL::PKey::RSA to support it?

What's your current code? You should just be able to read in the public key
(e.g. from a PEM file), and use that to encrypt.

A quick google for "ruby openssl RSA encrypt" turns up a couple of examples:
http://blog.leetsoft.com/2006/03/14/simple-...
http://stuff-things.ne...

Do either of those do what you want?

Basically, if you can do what you want from the command line, using the
'openssl' tool, then it's pretty straightforward to map it to the OpenSSL
API, since the tool is just a wrapper around it.

B.

2 Answers

Brian Candler

8/3/2007 1:04:00 PM

On Fri, Aug 03, 2007 at 01:46:56PM +0100, Brian Candler wrote:
> I know how to use public key to encrypt data if I create public/private
> > key pair by myself through OpenSSL::PKey::RSA. However, if I only know
> > other guy's public key, how could I encrypt data with his/her public
> > key? Is there any method in the module OpenSSL::PKey::RSA to support it?
>
> What's your current code? You should just be able to read in the public key
> (e.g. from a PEM file), and use that to encrypt.

Try this:

$ openssl genrsa -out key.priv -des3 -passout pass:abcd 2048
Generating RSA private key, 2048 bit long modulus
.....................................................................+++
...................+++
unable to write 'random state'
e is 65537 (0x10001)

$ openssl rsa -in key.priv -passin pass:abcd -out key.pub -pubout
writing RSA key

$ cat enc.rb
require 'openssl'
key = OpenSSL::PKey::RSA.new(File.read('key.pub'))
raise "Not public key" unless key.public?
$stdout.write key.public_encrypt($stdin.read)

$ echo "Hello, world" | ruby enc.rb >data.bin

$ ls -l data.bin
-rw-r--r-- 1 candlerb candlerb 256 2007-08-03 14:00 data.bin

$ openssl rsautl -decrypt -in data.bin -inkey key.priv -passin pass:abcd
Hello, world

Brian Candler

8/3/2007 1:24:00 PM

On Fri, Aug 03, 2007 at 02:03:33PM +0100, Brian Candler wrote:
> $ cat enc.rb
> require 'openssl'
> key = OpenSSL::PKey::RSA.new(File.read('key.pub'))
> raise "Not public key" unless key.public?
> $stdout.write key.public_encrypt($stdin.read)
>
> $ echo "Hello, world" | ruby enc.rb >data.bin
>
> $ ls -l data.bin
> -rw-r--r-- 1 candlerb candlerb 256 2007-08-03 14:00 data.bin
>
> $ openssl rsautl -decrypt -in data.bin -inkey key.priv -passin pass:abcd
> Hello, world

Of course, using native RSA is extremely slow for large amounts of data. In
that case you should be generating a random session key, encrypting the data
with a symmetric cipher, and then encrypting the session key with RSA.

All this is exactly what PGP/GPG does for you (or S/MIME)

Regards,

Brian.

comp.lang.ruby

Re: public key encrypt

Brian Candler

Brian Candler

Brian Candler

x Login to ForumsZone