The included message could not be delivered to the following invalid mail names. Please verify these names and try them again. Bad name: tphan
The included message could not be delivered to the following invalid mail names. Please verify these names and try them again. Bad name: tphan
Joe: The only answers I got involved using the OpenSSL API directly, so I suspect that the OpenSSL command-line tool DOES NOT provide the functionality to encrypt an arbitrary file with either half of an RSA keypair. (Dr. Henson, if you're reading this, and know me to be wrong, please speak up) Here were the replies I got. Best of luck. -Mike Slass WRQ, Inc. ------------------------------------------------- REPLY (1) Please Explain "by hand"...? If you mean can you write code in C/C++ to do it, then the answer is yes. Look in the file rsa.h, it has all the prototypes for the functions you'll require. ------------------------------------------------- REPLY (2) Here is some Java code wich performs RSA encryption. /** * This method performs PKCS1 block type 2 padding * and RSA public key encryption on PreMasterSecret */ public byte[] MakeClientKeyExchangeMessage() throws IOException { if(state.rsaModulus.length % 64 != 0) { byte[] new_mod = new byte[state.rsaModulus.length - 1]; for (int k = 0; k < new_mod.length; k++) new_mod[k] = state.rsaModulus[k+1]; state.rsaModulus = new_mod; } byte[] preMasterSecret = new byte[48]; byte[] res = null; preMasterSecret[0] = 3; preMasterSecret[1] = 0; // make RSA block 2 padding SecureRandom sr = new SecureRandom(); byte[] rd = new byte[46]; sr.nextBytes(rd); for (int i = 2; i < 48; i++) preMasterSecret[i] = rd[i-2]; state.preMasterSecret = preMasterSecret; try { byte[] paddedSecret = new byte[3 + state.rsaModulus.length - 3]; paddedSecret[0] = 0; paddedSecret[1] = 2; int i; rd = new byte[state.rsaModulus.length - 1 - preMasterSecret.length]; sr.nextBytes(rd); for(i=0; i< state.rsaModulus.length - 1 - preMasterSecret.length; i++) { if(rd[i]==0) rd[i]++; paddedSecret[i+2] = rd[i]; } if(rec.version2) for(int h=1; h<=8; h++) paddedSecret[i-h] = 0x03; paddedSecret[i] = 0; i++; int j; for(j=i; j < preMasterSecret.length + i; j++) paddedSecret[j] = preMasterSecret[j-i]; // make RSA encryption BigInteger my_bi = (new BigInteger(1, paddedSecret)).modPow(new BigInteger(state.rsaExponent), new BigInteger(1, state.rsaModulus)); res = my_bi.toByteArray(); if(res.length % 64 != 0) { byte[] new_res = new byte[res.length - 1]; for (int k = 0; k < new_res.length; k++) new_res[k] = res[k+1]; res = new_res; } } catch (Exception e){e.printStackTrace();} ----------------------------------------------- Joe Pruett wrote: > > did you ever find a way to do this? i am just starting down the same > road. pgp licensing is way out of control for commercial use nowadays > ($9500!). ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
