> From: owner-openssl-us...@openssl.org On Behalf Of James Richardson > Sent: Tuesday, 10 February, 2009 08:55
> I'm trying to use the openssl toolkit to decrypt a message that > was encryted > using an RSA public key. I have the RSA private key and thus has generated > to the public key. so I have both. The string with the encrytped > message is > held in a file called "q2.enc": > a7jjYdmTJVFm9Lok2AHKEdBllkG+Lf0IbifXtB87gRExy7PmdyrFs/Cw3jVi5V/RPg > NUYehUpxfKcgwWfE2/dg== > This appears to be base64-encoded. (Binary data could happen to satisfy the base64-format, but only with negligible probability.) > I have my private RSA key in file "prvt.cey" and my public RSA key in > "pub.cey". > The command i am trying to use is this: > openssl rsautl -in q2.enc -inkey prvt.cey -decrypt > > However this gives me an error message: > RSA operation error > 4384:error:0406506C:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data greater than > mod len:./crypto/rsa/rsa_eay.c:512: > rsautl expects the actual (binary) data, and does not appear to support b64. Make sure that the lines in q2.enc are strictly less than 80 chars each (an old PEM convention that openssl enforces, here too silently) and do like: openssl enc -a -d -in q2.enc -out q2.enc.bin and then: openssl rsautl -decrypt -in q2.enc.bin -inkey prvt.cey Or you can pipe these together on Unix, but on Windows be cautious because piping binary sometimes gets mistreated as text and slightly corrupted, and even slightest corruption of encrypted data is catastrophic. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
