I've created an RSA key using:
RSA_generate_key(2048, RSA_F4, NULL, NULL);
Now I want to export the public key to another party B. Right now, I've just memcpy'd the entire RSA* struct and sent that over the wire, and B is able to use that to encrypt using RSA_public_encrypt().
But I think in this case I've actually exported the entire public/private key pair, and not just the public key. I want to only export the public component of the RSA key. How do I use OpenSSL APIs to do that?
Thanks
You probably want the functions d2i_RSAPublicKey and i2d_RSAPublicKey. i2d serializes a RSA key struct to a bytestring, and d2i does the reverse operation.
Related
I'm using an utils library to encrypt/decrypt data simply by calling methods with folowing signature:
String encrypt(String clearText, String secretKey)
String decrypt(String encryptedText, String secretKey)
Both encrypt/decrypt methods use the same logic and encryption. It means that same input to the methods generates always the same output.
The purpose now is to write an helper method to decrypt some connection strings previously stored in a file using the encrypt method. This helper method should call the decrypt function calling it with the secretKey in clear text:
String connectionStringEncrypted = Utils.getProperty("connectionString", "C:\\Path\\To\\application.properties");
String connectionString = Utils.decryptConnectionString(connectionStringEncrypted);
The question is: how can I avoid to write the secret key in clear text in the helper method Utils.decryptConnectionString?
There are too many simple and complex methods to address this issue
I can tell some, Starting from Simple Methods
Simply encode the key to Base64. Place the encoded key with the Base64 decoding function. So the text looks unreadable. During execution, the decoding function executes and original key pass into the decryption function
Splitting and placing Keys in Different classes with different static variables (easy to access) and in decrypt method pass all static variables to append to form a valid decrypt key
Note :- These simple steps can be predicted by the pro
Advanced Methods:
Use RSA Algorithm to use different keys for encryption and decryption (ie. public and private keys)
You can also try to hide the keys inside the encrypted text. Here you no need to use static keys. The process includes generating new key, encrypting text and hiding keys in encrypted text, save in file, during decryption get encrypted text from file, extract keys, decrypt data. Note :- This method has to be carefully handled
In RSA,
I understand that if a data is encrypted using public key, corresponding private key can be used to decrypt it and vice versa. But :
Data encrypted using public key can be decrypted using same public key?
Data encrypted using private key can be decrypted using same private key?
This property is same for other public key algorithms too?
Data encrypted using public key can be decrypted using same public key?
No. That would defeat the purpose, because everyone knows the public key.
Data encrypted using private key can be decrypted using same private key?
No. That would defeat the purpose, because then you cannot send anyone an encrypted message (without knowing their private key, which by definition you don't).
Symmetric cryptography does work this way, though. There is only a single secret key, that you can use to encrypt your files before you put them on Dropbox, or that you can share with your friend to send messages that only the two of you can read.
Also, in some public key systems, it is possible to derive the public key from the private key (not the other way around, of course). But this does not really change the principle (because the public key is known to the owner of the private key anyway).
This property is same for other public key algorithms too?
The definition of public key cryptography is that there is a key pair, consisting of a private half and a public half, one of them being used to create the message, the other to read them.
I am creating an encryption strategy for a lab project and want to know if there exists the capability to create a public key from just the private key?
Otherwise, can the public key only be created at the same time as the private key from some key generator?
P.S. A quick google didnt really help.
Private and public key are created together. Also, the standard storage format for a RSA private key includes all the public key fields, because it is useful for optimized implementations and masking (protection against some side-channel attacks). See the RSA standard itself: PKCS#1.
Edit: question has been edited, it was originally RSA-only. For other asymmetric algorithm, there is no requirement that the public key may be derived from the private key, nor is there any requirement of the contrary. For discrete logarithm-based algorithms (Diffie-Hellman, El-Gamal, DSA, and the elliptic curve variants of all of these), the public key is easily computed from the private key. It is possible to conceive a degenerate RSA in which knowledge of the private key does not allow reconstruction of the public key, but this requires not storing a few key elements which are needed for good performance (in full details, storing the RSA modulus factors allows for a 4x speed enhancement through the Chinese Remainder Theorem, so everybody stores the factors). On a more conceptual basis, the public key is, well, public, so it is assumed that "everybody" knows it; in practical terms, private key storage format almost always include provisions for storing the public key as well, or at least sufficient data to rebuild the public key.
Yes, you can do this (for some, probably not all, pkc schemes). From the ssh-keygen man file:
-y Read private key file and print public key.
Depends on the algorithm. With RSA, you cannot, with EC you can. However, the public key is usually always stored together with the private key (not the other way around, though, of course), so this is not really a problem (if you have the private key, the same file also includes the public key).
Extracting public RSA key from a private key from the command line
Command line comparison to show there is no difference between a public RSA key and an extracted key if you ignore whitespace.
Generate public private key pairing under home directory with no passphrase and no coment.
ssh-keygen -t rsa -f ~/id_rsa -N '' -C ""
Generate public key into file 'extracted_public_key'
ssh-keygen -y -f '/home/vagrant/id_rsa' > extracted_public_key
Diff public key with 'extracted_public_key' file ignoring white space.
diff -b id_rsa.pub extracted_public_key
Ignoring whitespace at the end of id_rsa.pub there is no difference between a public key and an extracted key.
Actually the public key is mostly generated with the private key together.
If you lost your public key but got the private key, you can still recover the public key from the private key.
All you have to do is to extract the public key from the private key like below:
Extracting the public key from the private key:
ssh-keygen -f~/.ssh/test_rsa -y > ~/.ssh/test_rsa.pub
-f option specifies the file of the key to list the fingerprint for
-y option will read a private SSH key file and prints an SSH public key to stdout. The public key part is redirected to the file with the same name as the private key but with the .pub file extension.
NOTE:
If the key has a password set, the password will be required to generate the public key.
Is there a public / private key encryption scheme that will not change a message's length?
I would like to encrypt a message one packet at a time, but if the packet grows, it would no longer just be one packet long.
Here's a simple scheme: Use public / private key encryption to establish a symmetric key. Then do all of your encryption using that symmetric key.
If you also need to ensure message integrity and non-repudiation, then you can run the message through a hash function, which will map it to a fixed length. Then you can sign the hash.
Typically, you wouldn't want to use public keys to encrypt messages anyway. Public / private key pairs are harder to generate and more expensive to use for long encryption, compared to symmetric keys.
I want to export a RSA 1024 private-public exchange key pair from Machine-1 to Machine-2. I am using cryptoAPI in XP.
In Machine-1, I generated the key pair. I wrapped a session key which actually encrypts some real data. The key container name is "PAIR1".
In Machine-2, I wanted to unwrap the session key with the private key(which I generated in Machine-1). For this purpose, I wanted to export the key pair from Machine-1 to Machine-2.
I am aware of security flaws of exporting the persistent keys.
What I have tried?
I exported the keypair as a PKCS#12 -pfx file from Machine_1. When i imported it to Machine-2, the key container name has changed from "PAIR1" to nothing. My application requires the same container name to pick the right private key in the exchange key pair. Is it possible to change the key container name?
Will this work?
Wrap the exchange key pair with Machine-2's public key and import it to Machine-2. In this case, do think, the key container name will remain the same or will it change? I feel that this might be the right approach.
Edited:
The reason I asked this query is because I wrapped a session key with an exchange key pair (public key) and put the wrapped key along with the encrypted data in a medium at the server.
This medium will go-around different clients and will come back to the server. At this point, I will be decrypting my data with the unwrapped session key. This unwrapping needs the exchange private key.
I am doing this for a demo purpose and I cannot expect our marketing guys to perform key exchange etc. We wanted to show the client the security aspects and reduce the hassle of setting up things with our marketing guys.
Finally I exported the key pair and imported the same where ever I wanted though Ramsus approach is the right way of doing it.
The right way to do this, is to generate the keypair on machine-2, export the public key only, transport this to machine-1 and use it to wrap the session key.
How did you export and import the PKCS#12-file? Windows will usually add the key container name as a proprietary extension inside the PKCS#12-file, so it should have been transported together with the rest of the key pair.