rsa crashes when decrypting with Public key

[devohmi]

the RSAKey.decrypt crashes in function BigInteger.modPow parameter e is null.

TypeError: Error #1009: Cannot access a property or method of a null object reference. at com.hurlant.math::BigInteger/modPow()[C:\data\web\FB46\src\com\hurlant\math\BigInteger.as:1219] at com.hurlant.crypto.rsa::RSAKey/doPrivate2()[C:\data\web\FB46\src\com\hurlant\crypto\rsa\RSAKey.as:307] at com.hurlant.crypto.rsa::RSAKey/_decrypt()[C:\data\web\FB46\src\com\hurlant\crypto\rsa\RSAKey.as:134] at com.hurlant.crypto.rsa::RSAKey/decrypt()[C:\data\web\FB46\src\com\hurlant\crypto\rsa\RSAKey.as:92] at views::testCrypto2AffichageAccueilView/RsaPubUncrypt()[C:\data\web\FB46\prj\testCrypto2\src\views\testCrypto2AffichageAccueilView.mxml:270]

Source used for test: (inspired by your sample) private function RsaTest():void { var myPEMPublicKeyString:String = "-----BEGIN PUBLIC KEY-----" + "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALHpyYTN96rMbkQB" + "gIoB9vH2AN47NN1YXoKxAaqpEkafQdPUw41p4gTrA0r04acE" + "m3GaWUA4YROCSKgJnvii0UsCAwEAAQ==" + "-----END PUBLIC KEY-----";

                // Put data to be encrypted into a byte array
                var txt:String = "MyInputString";
                var data:ByteArray = Hex.toArray(Hex.fromString(txt));

                // Destination ByteArray that will contain the encrypted data
                var encryptedResult:ByteArray = new ByteArray;

                // Set up the RSAKey and encrypt the data
                var rsa:RSAKey = PEM.readRSAPublicKey(myPEMPublicKeyString);
                rsa.encrypt(data, encryptedResult, data.length);

                // Convert the encrypted data into a hex encoded string for transport
                // The other side of the connection can convert the hex back into
                // binary before decrypting
                var hexEncryptedResult:String = Hex.fromArray(encryptedResult);

                var decryptedResult:ByteArray = new ByteArray;
                rsa.decrypt(encryptedResult, decryptedResult, encryptedResult.length);
                var txt2:String = Hex.toString(Hex.fromArray(decryptedResult));

            if (txt == txt2) {
                res.text = 'ok';
            } else {
                res.text = 'ko';
            }

        }

Encrypting using public key works and can be decrypted using private key.

[timkurvers]

Hi there! Thanks for the report, I can reproduce this.

Have you tried reproducing this with the original library found on Google Code? First step would be to figure out whether this is a regression or a bug that was never tackled.

[devohmi]

Hi Tim,

Thanks for coming back. I did the test with the original library it fails as well. Looks more like a old bug.

In order to have a RSAKey created I had to reflect your changes to the original PEM.as (line 83 : replace arr[1].position = 1 with arr[1].position = 0 ) Having done this I now have a RSAKey but decryption still crashes at the same place for the same reason.

Hope you can fix this.

What I've seen is that the RSAKey key object is created without a D parameter for the public whereas the D parameter exists when the RSAKey is created for privateKey. Let me know if I can help, but I'm not a crypto specialist at all.

best regards Serge

Le 04/05/2012 13:08, Tim Kurvers a écrit :

Hi there! Thanks for the report, I can reproduce this.

Have you tried reproducing this with the original library found on Google Code? First step would be to figure out whether this is a regression or a bug that was never tackled.

---

Reply to this email directly or view it on GitHub: https://github.com/timkurvers/as3-crypto/issues/4#issuecomment-5508278

[timkurvers]

It seems that one would have to provide the private key for an RSAKey to be able to decrypt, which makes sense from a cryptographical standpoint. It would be wise to have RSAKey raise exceptions whenever canEncrypt/canDecrypt are falsy and one attempts to encrypt or decrypt.

[devohmi]

My understanding of the asymmetrical cryptography is that : what has been encrypted with a private key can only be decrypted with the public key (this guarantees the sender) what has been encrypted with a public key can only be decrypted with the private key (this guarantees that only the unique private key owner can read the message)

This is not coded in the module.

Tests with openssl show that the above behaviour is correct and that all other case return error. decrypting with a private key a message encrypted with a private key generate error "block type is not 02 (errno 107)" decrypting with a public key a message encrypted with a public key generate error "block type is not 01 (errno 106)"

Le 05/05/2012 20:03, Tim Kurvers a écrit :

It seems that one would have to provide the private key for an RSAKey to be able to decrypt, which makes sense from a cryptographical standpoint. It would be wise to have RSAKey raise exceptions whenever canEncrypt/canDecrypt are falsy and one attempts to encrypt or decrypt.

---

Reply to this email directly or view it on GitHub: https://github.com/timkurvers/as3-crypto/issues/4#issuecomment-5529157

[timkurvers]

Isn't this exactly the behaviour we're seeing?

What has been encrypted with a public key can only be decrypted with the private key (this guarantees that only the unique private key owner can read the message)

Since you're encrypting your txt with the public key, yet not providing a private key for decryption, it will fail. I may have misunderstood though, so correct me if I'm wrong.

[devohmi]

The API works fine for this case (encrypted with public key => decrypted with private key only). But it does not work in the other case (encrypted with private key => decrypted with public key) as the decryption with public key fails.

The API seems only able to decrypt with private key (am I correct ?)

Le 07/05/2012 09:33, Tim Kurvers a écrit :

Isn't this exactly the behaviour we're seeing?

What has been encrypted with a public key can only be decrypted with the private key (this guarantees that only the unique private key owner can read the message)

Since you're encrypting your txt with the public key, yet not providing a private key for decryption, it will fail. I may have misunderstood though, so correct me if I'm wrong.

---

Reply to this email directly or view it on GitHub: https://github.com/timkurvers/as3-crypto/issues/4#issuecomment-5545122

[timkurvers]

Ah, I see what you mean now, apologies.

Is it possible that what you're actually looking for is signing/verification? Have a look at the following Wikipedia piece on signing messages. RSAKey provides this functionality as RSAKey.sign and RSAKey.verify.

[devohmi]

I was not really looking for signing as I didn't want to compute a hash and send the message in clear beside the hash.

But thanks to your tip I understood that

• encrypting with a private key is the same as signing a hash (just replacing the hash with the message) and
• decrypting becomes verify with the public key (which will generate a decrypted hash or message). I've tested this with the API and with messages encrypted with openSSL both work fine.

btw, OpenSSL has the RSA_Private_Encrypt, RSA_Public_Decrypt, RSA_Public_Encrypt, RSA_Private_Decrypt functions in addition to the sign and verify functions. It could be feasible to have encrypt and decrypt methods working in both direction (maybe based on "d" value).

Le 07/05/2012 09:53, Tim Kurvers a écrit :

Ah, I see what you mean now, apologies.

Is it possible that what you're actually looking for is signing/verification? Have a look at the following Wikipedia piece on signing messages. RSAKey provides this functionality as RSAKey.sign and RSAKey.verify.

---

Reply to this email directly or view it on GitHub: https://github.com/timkurvers/as3-crypto/issues/4#issuecomment-5545336