encrypt/sign 2048 bit RSA key using another Rsa 2048 bit Key
Vinod Jacob
vinod.jacob at gmail.com
Thu Aug 10 13:24:50 CEST 2006
Hi,
I am using libgcrypt 2048 bit encryption.
what is the maximum size of the buffer that i can encrypt using 2048
bit key.is it 2048 bit ?
I am getting incorrect values when i try to encrypt a buffer of size(
more that 2048 bit ). Encryption/decryption function is success .But
when i tried to print the decrypted buffer , it is showing different
values. so what i needs to do if ,1 want to encrypt buffer of large
size ? (i know we can encrypt large buffer using AES and encrypt AEs
keys using RSA ).But my requirement is to encrypt large buffer using
RSA .
Let me try to explain what i am trying to do in more detail,
I have to encrypt/sign Rsa ( 2048 bit) keys using another Rsa 2048 bit Key
say Entity A there is one Rsa Keys A_pub_key & A_sec_key
and say Entity b there is one Rsa keys B_pub_key & B_sec_key
i want to encrypt A_sec_key using B_pub_key is it possible ? how i
have to do encrypt a RSA key using another RSA key ? Do i need to take
each mpi values and do encryption ? is it posssible to concate each
mpi value and encrypt it?
here is the piece of the code i am using,
==============================
if(gcry_ac_open(&GcryptRsaHd, GCRY_AC_RSA, 0)!=0)
{
printf (" Gcrypt RSA Cipher Open : %s\n", gpg_strerror(GcryptErrVal) );
//return RSA_CIPHER_OPEN_FAILURE ;
}
data = gcry_ac_key_data_get(RsaKey);
for (i = 0; i < gcry_ac_data_length(data); i++)
{
gcry_ac_data_get_index(data, 0 , i, &sName[i], &mpiTemp[i]);
printf(" MPI %s Bits : %d \n" ,sName[i]
,gcry_mpi_get_nbits(mpiTemp[i]));
GcryptErrVal = gcry_ac_data_encrypt( GcryptRsaHd
,/*GCRY_AC_FLAG_NO_BLINDING*/0,tGcryptRsaPubKey,mpiTemp[i],&GcryptEncryptData[i]);
if ( GcryptErrVal )
{
printf (" KeyEncryption : %s :%s \n",gpg_strerror(
GcryptErrVal ), gpg_strsource( GcryptErrVal ));
gcry_ac_close(GcryptRsaHd);
//return SECURITY_FAILURE;
}
else
{
printf("KeyEncryption : %s \n",gpg_strerror( GcryptErrVal ));
}
}
printf(":::::::::::key Decryption function ::::::::::::::::::::::::\n");
GcryptErrVal = gcry_ac_data_new( &GcryptDecryptedData);
for (i=0 ;i<6; i++)
{
GcryptErrVal = gcry_ac_data_decrypt(GcryptRsaHd
,0/*GCRY_AC_FLAG_NO_BLINDING*/,tGcryptRsaSecKey
,&mpiTemp2[i],GcryptEncryptData[i]);
if ( GcryptErrVal )
{
printf (" KeyDecryption : %s :%s \n",gpg_strerror(
GcryptErrVal ), gpg_strsource( GcryptErrVal ));
//return SECURITY_FAILURE;
}
else
{
printf (" KeyDecryption : %s \n",gpg_strerror( GcryptErrVal ));
printf(" MPI %s Bits : %d \n" ,sName[i]
,gcry_mpi_get_nbits(mpiTemp2[i]));
if(gcry_mpi_cmp(mpiTemp[i],mpiTemp2[i] )==0)
{
printf ("MPI cmp success \n");
}
else
printf ("*********MPI CMP FAILURE ***********\n");
if (gcry_ac_data_set(GcryptDecryptedData,
GCRY_AC_FLAG_COPY,/*RsaKeyMpiNames[i]*/sName[i], mpiTemp2[i]))
{
gcry_ac_close(GcryptRsaHd);
gcry_mpi_release(mpiTemp2[i]);
//return -3;
}
gcry_mpi_release(mpiTemp2[i]);
}
}
gcry_ac_key_init(&GcryptTestKey,GcryptRsaHd,GCRY_AC_KEY_SECRET ,
GcryptDecryptedData);
GcryptErrVal = gcry_ac_key_test(GcryptRsaHd ,GcryptTestKey );
if(GcryptErrVal)
{
printf ("********** Testing Rsa Secret Key :
%s\n",gpg_strerror( GcryptErrVal ),gpg_strsource( GcryptErrVal ));
gcry_ac_close(GcryptRsaHd);
//return RSA_KEY_TEST_FAILURE; /* TBC */
}
else
printf ("************Testing Rsa Secret Key :
%s\n",gpg_strerror( GcryptErrVal ),gpg_strsource( GcryptErrVal ));
But I am getting out put
KeyEncryption : Success
MPI e Bits : 6
KeyEncryption : Success
MPI d Bits : 2041
KeyEncryption : Success
MPI p Bits : 1024
KeyEncryption : Success
MPI q Bits : 1024
KeyEncryption : Success
MPI u Bits : 1024
KeyEncryption : Success
:::::::::::key Decryption function ::::::::::::::::::::::::
KeyDecryption : Success
MPI n Bits : 0
*********MPI CMP FAILURE ***********
KeyDecryption : Success
MPI e Bits : 6
MPI cmp success
KeyDecryption : Success
MPI d Bits : 2041
MPI cmp success
KeyDecryption : Success
MPI p Bits : 1024
MPI cmp success
KeyDecryption : Success
MPI q Bits : 1024
MPI cmp success
KeyDecryption : Success
MPI u Bits : 1024
MPI cmp success
********** Testing Rsa Secret Key : Invalid public key algorithm
What is the problem ? could some one help me in solving this one ?
thanks
Vinod
More information about the Gnupg-users
mailing list