encrypt/sign 2048 bit RSA key using another Rsa 2048 bit Key
Vinod Jacob
vinod.jacob at gmail.com
Thu Aug 10 14:25:55 CEST 2006
Hi,
I am using libgcrypt 2048 bit encryption.
what is the maximum size of the buffer that i can encrypt using 2048
bit key.is it 2048 bit ?
I am getting incorrect values when i try to encrypt a buffer of size
more that 2048 bit
. Encryption/decryption function is successfully finishing .But
when i tried to print the decrypted buffer , it is showing different
values. so what would i need to do, if , I want to encrypt buffer of large
size ?
(i know we can encrypt large buffer using AES and encrypt AEs
keys using RSA ).But my requirement is to encrypt large buffer using
RSA .
Let me try to explain what i am trying to do in more detail.
I have to encrypt/sign Rsa ( 2048 bit) keys using another Rsa 2048 bit Key
let's say Entity A there is one Rsa Keys A_pub_key & A_sec_key and say
Entity b there is one Rsa keys B_pub_key & B_sec_key
Now i want to encrypt A_sec_key using B_pub_key. is this possible ?
how to encrypt RSA key using another RSA key ?
Do i need to take each mpi values and do encryption ?
is it posssible to concate each mpi value and then encrypt it?
here is the piece of the code i am using,
==============================
if(gcry_ac_open(&GcryptRsaHd, GCRY_AC_RSA, 0)!=0)
{
printf (" Gcrypt RSA Cipher Open : %s\n", gpg_strerror(GcryptErrVal) );
//return RSA_CIPHER_OPEN_FAILURE ;
}
data = gcry_ac_key_data_get(RsaKey);
for (i = 0; i < gcry_ac_data_length(data); i++)
{
gcry_ac_data_get_index(data, 0 , i, &sName[i], &mpiTemp[i]);
printf(" MPI %s Bits : %d \n" ,sName[i]
,gcry_mpi_get_nbits(mpiTemp[i]));
GcryptErrVal = gcry_ac_data_encrypt( GcryptRsaHd
,/*GCRY_AC_FLAG_NO_BLINDING*/0,tGcryptRsaPubKey,mpiTemp[i],&GcryptEncryptData[i]);
if ( GcryptErrVal )
{
printf (" KeyEncryption : %s :%s \n",gpg_strerror(
GcryptErrVal ), gpg_strsource( GcryptErrVal ));
gcry_ac_close(GcryptRsaHd);
//return SECURITY_FAILURE;
}
else
{
printf("KeyEncryption : %s \n",gpg_strerror( GcryptErrVal ));
}
}
printf(":::::::::::key Decryption function ::::::::::::::::::::::::\n");
GcryptErrVal = gcry_ac_data_new( &GcryptDecryptedData);
for (i=0 ;i<6; i++)
{
GcryptErrVal = gcry_ac_data_decrypt(GcryptRsaHd
,0/*GCRY_AC_FLAG_NO_BLINDING*/,tGcryptRsaSecKey
,&mpiTemp2[i],GcryptEncryptData[i]);
if ( GcryptErrVal )
{
printf (" KeyDecryption : %s :%s \n",gpg_strerror(
GcryptErrVal ), gpg_strsource( GcryptErrVal ));
//return SECURITY_FAILURE;
}
else
{
printf (" KeyDecryption : %s \n",gpg_strerror( GcryptErrVal ));
printf(" MPI %s Bits : %d \n" ,sName[i]
,gcry_mpi_get_nbits(mpiTemp2[i]));
if(gcry_mpi_cmp(mpiTemp[i],mpiTemp2[i] )==0)
{
printf ("MPI cmp success \n");
}
else
printf ("*********MPI CMP FAILURE ***********\n");
if (gcry_ac_data_set(GcryptDecryptedData,
GCRY_AC_FLAG_COPY,/*RsaKeyMpiNames[i]*/sName[i], mpiTemp2[i]))
{
gcry_ac_close(GcryptRsaHd);
gcry_mpi_release(mpiTemp2[i]);
//return -3;
}
gcry_mpi_release(mpiTemp2[i]);
}
}
gcry_ac_key_init(&GcryptTestKey,GcryptRsaHd,GCRY_AC_KEY_SECRET ,
GcryptDecryptedData);
GcryptErrVal = gcry_ac_key_test(GcryptRsaHd ,GcryptTestKey );
if(GcryptErrVal)
{
printf ("********** Testing Rsa Secret Key :
%s\n",gpg_strerror( GcryptErrVal ),gpg_strsource( GcryptErrVal ));
gcry_ac_close(GcryptRsaHd);
//return RSA_KEY_TEST_FAILURE; /* TBC */
}
else
printf ("************Testing Rsa Secret Key :
%s\n",gpg_strerror( GcryptErrVal ),gpg_strsource( GcryptErrVal ));
And this is the output..
==============
KeyEncryption : Success
MPI e Bits : 6
KeyEncryption : Success
MPI d Bits : 2041
KeyEncryption : Success
MPI p Bits : 1024
KeyEncryption : Success
MPI q Bits : 1024
KeyEncryption : Success
MPI u Bits : 1024
KeyEncryption : Success
:::::::::::key Decryption function ::::::::::::::::::::::::
KeyDecryption : Success
MPI n Bits : 0
*********MPI CMP FAILURE ***********
KeyDecryption : Success
MPI e Bits : 6
MPI cmp success
KeyDecryption : Success
MPI d Bits : 2041
MPI cmp success
KeyDecryption : Success
MPI p Bits : 1024
MPI cmp success
KeyDecryption : Success
MPI q Bits : 1024
MPI cmp success
KeyDecryption : Success
MPI u Bits : 1024
MPI cmp success
********** Testing Rsa Secret Key : Invalid public key algorithm
What is that i am missing here? could some one help me in solving this one ?
thanks
Vinod
More information about the Gnupg-users
mailing list