remove - J | -> ja...@yahoo.com
________________________________ From: Dave Thompson <dthomp...@prinpay.com> To: openssl-users@openssl.org Sent: Tuesday, October 11, 2011 5:14 PM Subject: RE: SSL/TLS - Error while trying to decrypt the premaster secret. > From: owner-openssl-us...@openssl.org On Behalf Of nilesh > Sent: Monday, 10 October, 2011 07:35 > I have an issue related to RSA decryption while using https. > I have setup a dummy https server and captured packets on wireshark. > If you just want to decrypt a session and aren't aware of it, wireshark can handle that. Edit / Preferences / Protocols / SSL and give it the privatekey file(s). kRSA only. > As per the RFC - in client key exchange message the premaster is > encrypted using Server's public key and sent to server. > So, I have captured the encrypted premaster and tried decrypting it > using server's private key using RSA algorithm. > But below is some strange error I encountered - the RSA decryption > failed with '-1' return code, but while interpreting the > error code - it > shows no error. > > [root@killbill performance_test]# ./decrypt > RSA_private_decrypt() failed : -1 > Decrypt failed: error:00000000:lib(0):func(0):reason(0) > > Could someone please advise if I am doing anything wrong? > Attaching the > server.key (private key), test trace and test C code for reference. > Any pointers will be appreciated. > The main error is that the data in to_decrypt_key is not the ClientKeyExchange value in your capture. If I replace it with the correct value, it decrypts to a 48-byte value starting with 03 01 as expected. With the wrong value, for me the code you posted gets error:0407106B:lib(4):func(113):reason(107) and if I load the relevant error strings it decodes as rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02 which is the expected error for a wrong value like that. Check which code you built and are running. Other minor points: - the length of the *encrypted* premaster, which is the ClientKeyExchange value, is the same as the size of the RSA key, which may be 128 or something else. The *decrypted* premaster is always 48 bytes for kRSA. - return; (no value) in function declared to return int is illegal in C99 and undefined and unsafe in C89. If your compiler doesn't warn get a better compiler. - #include openssl/pem.h for PEM_read_RSAPrivateKey - ERR_error_string doesn't include a newline so you should add one (most easily in the printf format string). Text output not terminated by a newline is unportable. - in general OpenSSL routines can set more than one error in the error stack. Loop until ERR_get_error returns 0, or use ERR_print_errors[_fp] which does so. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
