Can RSAKey class be used with regular keys?


#1

Can i use RSAKey Class with regular server generated RSAKeys?

Like:

-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6yFeJ/hedg4JzDmVlQOyw4YPadu90lN5YTrH/ 2vdtobMOFTBA+f9gtvnIYONQIG22fJVrvHBnx2x/G+ho4k1kk2A3vbDxe/FwjjPe6/id9ahu0M61 VxighjOgwmtFo0EI7bjSfbaeVl7Cr97p++LRMeCVQoz3Ew5fHaKMQVUBuwIDAQAB -----END PUBLIC KEY-----

it seems the class needs two big numbers, how can those numbers be generated?

Is the RSA compatible with anything outside juce?, or is more RSA-likeish.

Thanks for your time in advance.


#2

The string format’s different, but RSA keys are just two big numbers if you can figure out how to decode them.


#3

MM thanks jules, i ended up creating a command line app, but i’m having a problem to apply the key to a string

[code]

BitArray val;

String someContent (“HELLO WORLD”);

/* val.parseString(someContent, 16); */


int iBlocksize = ((someContent.length()+7) / 8) * 8;
MemoryBlock mb (iBlocksize, true);
mb.copyFrom ((const char *)someContent.getCharPointer (), 0, someContent.length());


val.loadFromMemoryBlock (mb);

DBG("******PARSED STRING INTO BITARRAY********");
DBG(val.toString(10) + "");
DBG("**************************");

DBG(privateKey.applyToValue(val);

DBG("*************APPLIED PRIVATE KEY************");
DBG(val.toString(10) + "");
DBG("**************************");

pubKey.applyToValue(val);

DBG("*************APPLIED PUBLIC KEY************");
DBG(val.toString(10) + "");
DBG("**************************");[/code]

I’ve tried both parsestring and load from memory block and allways get garbage.

So, how can i apply to it a regular string for saving it to a file?

Thanks for your time in advance.


#4

The keys in the certificate files are stored in ASN1 format (or DSR), and there is nothing juce to read them.
You should either use OpenSSL/GnuPG to decode them first in plain numbers (typically in base 16 (hexadecimal), but beware of endianness), so you can use them in your code.

If you need crypto for something more important than sparse cyphering/decyphering, then you should use a crypto library instead (like OpenSSL, Crypto++, Botan, libtomcrypt, etc…), since the implementation of RSA in Juce was not made for speed, nor interoperability, so you’ll face harder and harder issues when you’ll have to work with other’s crypto system.


#5

Adding OpenSSL as a dependency would be an absolute nightmare.


#6

thanks guys i resigned to use juce for the server side stuff also with a small command line app, but i am having problem applying the key to a regular string.

This small app already generates the keys, write them to a json file, and recovers from them, to apply them to value, it’s allmost complete should be able to encode the contents of a file and write it to an output file.

But… i can’t apply them to a regular juce string… :frowning:

http://pastebin.com/xT6GvEj7


#7

Nevermind i got it…

http://pastebin.com/GZVPg9CU

It seems to work now, sorry for the ugly sintax just trying to get it to work

it has a help included for usage

[code]./RsaFileCrypt -h
// GEN KEYS JSON FILE
./RsaFileCrypt -g ./keys.json

//ENCRYPT WITH PRIVATE KEY
./RsaFileCrypt -private ./keys.json ./plain.txt ./crypted.txt -e

//DECRYPT WITH PUBLIC KEY
./RsaFileCrypt -public ./keys.json ./crypted.txt ./unencrypted.txt -d[/code]

Just slap that sucker onto a new console app created by the introjucer


#8

We’ve been using OpenSSL to create a license key on the server based on some user data (using a private key) and decrypting that also via OpenSSL in the software (using its public counterpart).

But as TheVinn points out, adding OpenSSL as a dependency is kind of a nightmare, also overkill for this case - for us this raised quite some compatibility issues with old versions of OS X and XCode.

We’ve tried to replace OpenSSL with Crpto++ before, which worked on PC, but not on Mac, at least not within an hour of development time.

But: we’ve just successfully replaced the plugin’s part with JUCE’s functions.

So, first we had to convert our public key from PEM format for use in JUCE by running this command on the console:

Using JUCE’s and it’s did not give us results which were compatible with the OpenSSL-encrypted data, but we came up with a different solution which works for us. This code is not at all straightforward, and I am pretty sure there’s a better solution. But I’ll post it anyway as it might be of help for others running into the same issues:

juce::MemoryBlock mbEncrypted = ...; // Holding binary encrypted data.

// Convert memory block, RSA exponent and RSA modulus to <BigInteger>.
juce::String licenseKeyHexString = juce::String::toHexString((unsigned char*)mbEncrypted.getData(), mbEncrypted.getSize(), 0) ;
juce::BigInteger bigInteger;
bigInteger.parseString(licenseKeyHexString, 16);

juce::BigInteger rsaExponent(65537); // Put your public exponent here.

juce::BigInteger rsaModulus;
rsaModulus.parseString("b912e2...30e2", 16); // Put your public modulus here.
	
// Do decryption.
bigInteger.exponentModulo(rsaExponent, rsaModulus);

// Copy result to <char*>. Note that the result's order is reversed.
const int EXPECTED_LENGTH = 40;
juce::MemoryBlock mbDecrypted = bigInteger.toMemoryBlock();

if(mbDecrypted.getSize() >= EXPECTED_LENGTH)
{
	char decrypted[EXPECTED_LENGTH + 1];
	p = (char*)mbDecrypted.getData() + (EXPECTED_LENGTH - 1);
	for(int i=0; i < EXPECTED_LENGTH; ++i)
	{	
		decrypted[i] = *p;
		--p;
	}
	decrypted[EXPECTED_LENGTH] = 0;

	...
}

#9

Jakob,  your code was very useful, do you have an example for using the modulus from a private key to sign data as well ? I know i'm a year late to this thread, sorry ;) 


#10

Hey Onqel, I am glad that the code was useful for you. On the JUCE side we're only decrypting, so I am sorry that I cannot provide an example of encrypting.