Results 1 to 7 of 7

Thread: Writing RSA keys to keyset - permission errors

  1. #1
    BassPlayer
    Guest

    Writing RSA keys to keyset - permission errors

    I'm trying to use cryptlib for a course that won't allow me to use the encapsulation functions.

    My Steps

    Program 1
    Create Context - RSA
    Set Context Label
    Generate Keys
    Open Keyset file (create)
    AddPrivateKey
    - no errors at runtime -

    Program 2
    Open Keyset file (read only)
    GetPublicKey from key set file
    Encrypt
    - permission error

    Are there some attributes I can use to allow this to work? I've email Peter but his answers havn't helped me to find the problem.

    Thanks
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491
    Quote Originally Posted by BassPlayer
    I'm trying to use cryptlib for a course that won't allow me to use the encapsulation functions.
    If you're doing RSA & you can't use high level stuff, then you're much better off with a simple big integer library.
    I've email Peter but his answers havn't helped me to find the problem
    Don't email Peter directly, email the support mailing list.

    If you still want help with your code, you'll have to post it. I suggest you first look at http://www.woodmann.net/forum/showpost.php?p=30122&postcount=3 for an example of how to create the keyset properly.

  3. #3
    BassPlayer
    Guest
    Thanks, Mike. I looked at your post, and I suppose I should have asked about certificates before I posted. Is it imperative to use certificates? I'm trying to keep this simple (and the project requires that I create my own certificate class, so it'll just be more confusing that way.)

    Once I've created the RSA keys in certificates, can I then use the cryptEncrypt function with the certificate? I've used the cryptEncrypt function with RSA keys with no problems, it's writing them out and reading them in that cause the permission error.

    I'll try to post the code, if you don't mind helping.

    Thanks!




    Quote Originally Posted by mike
    If you're doing RSA & you can't use high level stuff, then you're much better off with a simple big integer library.Don't email Peter directly, email the support mailing list.

    If you still want help with your code, you'll have to post it. I suggest you first look at http://www.woodmann.net/forum/showpost.php?p=30122&postcount=3 for an example of how to create the keyset properly.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    BassPlayer
    Guest
    http://home.earthlink.net/~rhamann/key.c
    http://home.earthlink.net/~rhamann/test.c

    key.c creates the key and saves it to a keyset file
    test.c reads the key then tries to encrypt with it.

    Should these stubs work, or do I have to use a certificate?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491
    Quote Originally Posted by BassPlayer
    the project requires that I create my own certificate class
    Um, what project? If it's homework and you're expected to understand the math of RSA, then cryptlib is the WRONG way to go about it. If it's paying work, why would they require you to write your own cert class?

    First let's talk about the system you need to build, then we can talk about how crypto comes into it, and then decide if cryptlib has anything to offer.

  6. #6
    BassPlayer
    Guest
    It's homework, but not at the level of RSA internals, just at the implementation level.

    We're recreating a SET system piecemeal, so I'm allowed to link in other encryption protocols, but not to used the encapsulated objects (signature functions, envelopes, etc.)

    I'm just trying to get access to the encrypt and decrypt functions of AES and RSA. We're using onetime keys for AES, then encrypting that key with RSA, so all I have to do is export the AES in a method that can be imported, which cryptlib should provide to me. As far as RSA goes, I need to be able to save and share public keys.
    He specifically wants us to build our own envelopes and certificates according to his specification.

    Thanks, and if my comment about Peter's email not helping was offensive, I truly apologize. I looked at it again after posting and I think it looks rude and I should have used different wording
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491
    Quote Originally Posted by BassPlayer
    It's homework, but not at the level of RSA internals, just at the implementation level.

    We're recreating a SET system piecemeal, so I'm allowed to link in other encryption protocols, but not to used the encapsulated objects (signature functions, envelopes, etc.)

    I'm just trying to get access to the encrypt and decrypt functions of AES and RSA. We're using onetime keys for AES, then encrypting that key with RSA, so all I have to do is export the AES in a method that can be imported, which cryptlib should provide to me. As far as RSA goes, I need to be able to save and share public keys.
    He specifically wants us to build our own envelopes and certificates according to his specification.
    OK. Cryptlib purposely makes it hard to work with key material directly. You cannot ever get a handle to the bytes in the RSA private key, for instance. You don't seem to need that, though, so look at page 118 "Encryption and Decryption" for details about the low-level interface.

    Looking at your code, you're doing some wierd stuff: why are you calling cryptEncrypt and cryptDecrypt in the middle of your key generation?

    If I were in your place, I'd get a different crypto library that was designed at a lower level, like one of the early versions of Wei Dai's Crypto++ library. It's hard enough to learn cryptography without having to learn cryptlib's object model.

    Thanks, and if my comment about Peter's email not helping was offensive, I truly apologize. I looked at it again after posting and I think it looks rude and I should have used different wording
    No, I didn't think it rude, it's just that Peter ignores most of those requests and you'll have better luck on the mailinglist.

Similar Threads

  1. a question about teensy usb keys
    By Shub-nigurrath in forum Advanced Reversing and Programming
    Replies: 0
    Last Post: October 28th, 2012, 06:33
  2. [Article] Rounding errors
    By ZaiRoN in forum Off Topic
    Replies: 2
    Last Post: September 8th, 2006, 12:53
  3. Compiling errors
    By Anonymous in forum Plugins (General)
    Replies: 3
    Last Post: November 19th, 2002, 08:50
  4. Fatal errors
    By KARL in forum Malware Analysis and Unpacking Forum
    Replies: 2
    Last Post: February 22nd, 2001, 03:40

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •