EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Problems with Private key in binary format .DER

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#7023
Posted: 07/22/2008 18:29:57
by daniel fernandez (Basic support level)
Joined: 07/22/2008
Posts: 1

Hello


Recently, I download the package secureBlackBox for Delphi to test the hability of read private and public keys in binary
format .DER for develop a web service client for exchange encrypted xml messages.


I tried to find in the help file, functions to fit my requirements in order to loading private and
public keys for encrypt and decrypt message only.

About this, I have a few questions about how I can loading keys in binary format
(.DER file) and encrypt or decrypt a message.

I used the followings commands to generate the public and private keys using openssl (linux version):

SERVER
openssl genrsa -aes256 -out server_private.pem 2048

openssl rsa -in server_private.pem -pubout -outform DER -out server_public.der

openssl pkcs8 -nocrypt -topk8 -inform PEM -outform DER -in server_private.pem -out server_private.key.pkcs8


CLIENT
openssl genrsa -aes256 -out client_private.pem 2048

openssl rsa -in client_private.pem -pubout -outform DER -out client_public.der

openssl pkcs8 -nocrypt -topk8 -inform PEM -outform DER -in client_private.pem -out client_private.key.pkcs8



The files that really need to encrypt or decrypt a message, are server_public.der and client_private.key.pkcs8


In Java, I use the following commands to loading the public and private keys:

public RSAEncrypter(String pubKeyFileName, String privKeyFileName) {
try {
ecipher = Cipher.getInstance("RSA");
dcipher = Cipher.getInstance("RSA");

try {
//Public Key - Encryptor
File pubKeyFile = new File(pubKeyFileName);

byte[] pubEncodedKey = new byte[(int) pubKeyFile.length()];
new FileInputStream(pubKeyFile).read(pubEncodedKey);
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(pubEncodedKey);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey pubKey = kf.generatePublic(publicKeySpec);
ecipher.init(Cipher.ENCRYPT_MODE, pubKey);

//Private Key -Decryptor
File priKeyFile = new File(privKeyFileName);
byte[] priEncodedKey = new byte[(int) priKeyFile.length()];
new FileInputStream(priKeyFile).read(priEncodedKey);
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(priEncodedKey);
PrivateKey priKey = kf.generatePrivate(privateKeySpec);


dcipher.init(Cipher.DECRYPT_MODE, priKey);

} catch (Exception e) {

e.printStackTrace();
}

} catch (javax.crypto.NoSuchPaddingException e) {
log.debug("Excepción cuando inicializaba RSA " + e.toString());
} catch (java.security.NoSuchAlgorithmException e) {
log.debug("Excepción cuando inicializaba RSA " + e.toString());

}
}


In Delphi 2007, I developed the following test program for loading the keys only:

unit EncryptionTest;

interface

uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, SBX509, SBLicenseManager, SBUtils;

type
TForm1 = class(TForm)
Label1: TLabel;
Label2: TLabel;
Label3: TLabel;
Label4: TLabel;
Edit1: TEdit;
Edit2: TEdit;
Memo1: TMemo;
Memo2: TMemo;
Button1: TButton;
Button2: TButton;
Button3: TButton;
OpenDialog1: TOpenDialog;
Button4: TButton;
Button5: TButton;
ElX509Certificate1: TElX509Certificate;
ElSBLicenseManager1: TElSBLicenseManager;
procedure Button4Click(Sender: TObject);
procedure Button5Click(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure Button3Click(Sender: TObject);
procedure FormDestroy(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;

var
Form1: TForm1;
TmpX509Cert : TElX509Certificate;

implementation

{$R *.dfm}

procedure TForm1.Button3Click(Sender: TObject);
begin
Close;
end;

procedure TForm1.Button4Click(Sender: TObject);
var
Buffer : array of byte;
F : TStream;
I : integer;
Error : integer;
begin
if OpenDialog1.Execute then
begin
F := TFileStream.Create(OpenDialog1.FileName, fmOpenRead or fmShareDenyWrite);
try
I := F.Size;
SetLength(Buffer, I);
F.ReadBuffer(Buffer[0], I);

Error := TmpX509Cert.LoadKeyFromBufferNET(@Buffer[0], F.Size, '');

if Error <> 0 then
begin
ShowMessage( 'Error Private Key: ' + IntToStr( Error ) );
TmpX509Cert.LoadKeyFromBuffer(@Buffer[0], I);

if TmpX509Cert.PrivateKeyExists = false then
ShowMessage( 'Private Key not Exists' );
end;
Edit1.Text := OpenDialog1.FileName;
finally
F.Free;
end;
end;
end;

procedure TForm1.Button5Click(Sender: TObject);
var
Buffer : array of byte;
F : TStream;
I : integer;
begin
if OpenDialog1.Execute then
begin
F := TFileStream.Create(OpenDialog1.FileName, fmOpenRead or fmShareDenyWrite);
try
I := F.Size;
SetLength(Buffer, I);
F.ReadBuffer(Buffer[0], I);

try
TmpX509Cert.LoadFromStream(F);
except
on E : Exception do
ShowMessage(E.ClassName+' error raised, with message : '+E.Message);
end;
Edit2.Text := OpenDialog1.FileName;
finally
F.Free;
end;
end;

end;

procedure TForm1.FormCreate(Sender: TObject);
begin
Edit1.Text := '';
Edit2.Text := '';
Memo1.Text := '';
Memo2.Text := '';

TmpX509Cert := TElX509Certificate.Create(nil);
end;

procedure TForm1.FormDestroy(Sender: TObject);
begin
TmpX509Cert.Free;
end;

initialization
SetLicenseKey('0EF4618E7B3B7EDF2FC689162E6EFC119FF271EDD6673020AC2EF8D0607EFFD1' +
'DF786FB48DE91BD2E715456AB0260BD87E1C718A5CB5E6DD09070BA45E4B1E92' +
'9A39BCEDB6CFAFC8849C0DA33029227AE071A389C6B8889DC5D43B103D12B207' +
'9751C792881AFA273A59F54D8364628D3DB72DB94380D0D492043D656D35CDEF' +
'424067A63DF2E20A23E6AB749D127FC668CFEF21A1D8C52F0915EC52A1739018' +
'29F40443E07E661F7A7B55B14FD8D3853332F99DFE9EB4FD8017E9DF6DF6F0B5' +
'3E1053B854D6A3E3AD9E136D351F952F4BBE04C023404B3DFC14B4C7B4C73CD5' +
'A5268185C712B343C7FC9A6E22FAC129996FCC30ED39AE9A0D835806DE2D01F4');

end.



The problem, when I try to load the private key; I get the error code 8962 (Invalid key format) and when I try to verify the private key,
I get a false value in the propertie 'PrivateKeyExists'.

By the way, when I try to load a public key, I get an Invalid certificate data message.

Can anyone help me in order to tell me how I can load Keys in binary format DER and then how to encrypt or decrypt messages or provide a simple example?

I need a prompt answer for evaluate if these libraries are the correct option for my application.


Thanks in advance.
#7025
Posted: 07/23/2008 00:58:02
by Eugene Mayevski (EldoS Corp.)

Moved to HelpDesk.


Sincerely yours
Eugene Mayevski

Reply

Statistics

Topic viewed 2230 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!