Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create RSA-Private key from params is not consistent with MRI OpenSSL realization. #88

Open
keklabs opened this issue Mar 29, 2016 · 2 comments

Comments

@keklabs
Copy link

keklabs commented Mar 29, 2016

I have 2 issues when I tested creation of RSA-keys on MRI 2.2.1 and JRuby 1.7.21, and JRuby 9.0.4.0 with default jruby-openssl and with the newest jruby-openssl-0.9.16.

First:
When used MRI, the following code is sufficient to create a private key based on the parameters:

 key = OpenSSL::PKey::RSA.new
key.n = 16392814382236358374286478730803635966603711995044711413386654394374880287878372336023310219369520823643014365109038249939771923112625957783519605641636158082722812184189890358562406335672039498139105719171672367833874466201684192375357453493553219779287031256753504682678244544469842055901221240242010672802266061038234693512631745482956828422293756194060107183438880064480485030426406255944643048653218232929571416141572226550298104151251626730276899490795429237649764313700744612730340304290991262155071464084535035491902714392752262555875756559291544731914349885459219342356167914776303057793750903380835015380701
 key.e =65537
 key.d = 8618252583120279045211721999326171128207438497173589449444392894978203157282898497607201330673922211554084867324288766676455156794566845834126798791256447910954338675958049228745101397616310189791764767292673931271131494163282250458411905642925007057011072553693974454761110758498381189802349479416794753061526312713535622995717068052785511496532407970427918998417500167003562630342324169972907289753972592321214423024654079495371639922476604560915291047108267516965503027775028095661282617111885974176605235774750009282350259044414663614861306402475637459919636821689898223153676100655942410611994011860476755660833
 key.p = 132106356086970934080529113113767671543189729940801356555861084230358960253053991490110442282763014785124544664539348319156184847180183093240148483184121376171748107816792353670476021656436183378967241363337588709812858493250698429034286853487509860631471302878750076908827526040503226980292707712800066682949
 key.q = 124088006571343989948415935206460345925594147824587283876555232030347109072063652423929644576634240551777312871119239923547341866853355315785686449366219245620573978883748622277003192004409349865578106425455425062821566043347049271895440458988018263802012572332584782764929400238092741442445235131100827793849
key.private?  => true

The parameters key.dmp1, key.dmq1, key.iqmp are optional, could be calculated from others. JRuby-OpenSSL requires all parameters to be specified.

The second Issues is:
The order of the parameters affects behavior in Jruby-Openssl.

Following sample generates only PUBLIC key:

 key = OpenSSL::PKey::RSA.new
 key.n = 16392814382236358374286478730803635966603711995044711413386654394374880287878372336023310219369520823643014365109038249939771923112625957783519605641636158082722812184189890358562406335672039498139105719171672367833874466201684192375357453493553219779287031256753504682678244544469842055901221240242010672802266061038234693512631745482956828422293756194060107183438880064480485030426406255944643048653218232929571416141572226550298104151251626730276899490795429237649764313700744612730340304290991262155071464084535035491902714392752262555875756559291544731914349885459219342356167914776303057793750903380835015380701
 key.e =65537
 key.d = 8618252583120279045211721999326171128207438497173589449444392894978203157282898497607201330673922211554084867324288766676455156794566845834126798791256447910954338675958049228745101397616310189791764767292673931271131494163282250458411905642925007057011072553693974454761110758498381189802349479416794753061526312713535622995717068052785511496532407970427918998417500167003562630342324169972907289753972592321214423024654079495371639922476604560915291047108267516965503027775028095661282617111885974176605235774750009282350259044414663614861306402475637459919636821689898223153676100655942410611994011860476755660833
 key.p = 132106356086970934080529113113767671543189729940801356555861084230358960253053991490110442282763014785124544664539348319156184847180183093240148483184121376171748107816792353670476021656436183378967241363337588709812858493250698429034286853487509860631471302878750076908827526040503226980292707712800066682949
 key.q = 124088006571343989948415935206460345925594147824587283876555232030347109072063652423929644576634240551777312871119239923547341866853355315785686449366219245620573978883748622277003192004409349865578106425455425062821566043347049271895440458988018263802012572332584782764929400238092741442445235131100827793849
 key.dmp1 = 73578989118919282783885037259544189490967110522287122037963918039833418788729676325922934589703763762250577984116076298058181779632437299074597554559818094710181262974023139504092584990207570772221222275120140730970123147544699849804073099562095990551443695892093554897630687329759506709715800493349223096281
 key.dmq1 = 14340640581219149180910055285620804431701940516401789646780129200266246610491937431662162259844480796178668045315731925186498730481213866392431590818922815605386687154821124938981371992025823822907496194003378083003655053058738593242535758981571483742564402136914981531983082493909004435434643192135094217169
 key.iqmp = 55572426880344315601454592760746767319147313863910743939171621776634463496206488656258091317869942769801739835898523470608136694670529616883597084305133427346321420954157078445019131474343610330894518193395854421722989028318542144103806973023950571640311385841411043358681472214153242263539236579775123364941
key.private?  => false !

but if you put the "n" and "e" parameter as last, than it generates PRIVATE key.

key = OpenSSL::PKey::RSA.new
 key.d = 8618252583120279045211721999326171128207438497173589449444392894978203157282898497607201330673922211554084867324288766676455156794566845834126798791256447910954338675958049228745101397616310189791764767292673931271131494163282250458411905642925007057011072553693974454761110758498381189802349479416794753061526312713535622995717068052785511496532407970427918998417500167003562630342324169972907289753972592321214423024654079495371639922476604560915291047108267516965503027775028095661282617111885974176605235774750009282350259044414663614861306402475637459919636821689898223153676100655942410611994011860476755660833
 key.p = 132106356086970934080529113113767671543189729940801356555861084230358960253053991490110442282763014785124544664539348319156184847180183093240148483184121376171748107816792353670476021656436183378967241363337588709812858493250698429034286853487509860631471302878750076908827526040503226980292707712800066682949
 key.q = 124088006571343989948415935206460345925594147824587283876555232030347109072063652423929644576634240551777312871119239923547341866853355315785686449366219245620573978883748622277003192004409349865578106425455425062821566043347049271895440458988018263802012572332584782764929400238092741442445235131100827793849
 key.dmp1 = 73578989118919282783885037259544189490967110522287122037963918039833418788729676325922934589703763762250577984116076298058181779632437299074597554559818094710181262974023139504092584990207570772221222275120140730970123147544699849804073099562095990551443695892093554897630687329759506709715800493349223096281
 key.dmq1 = 14340640581219149180910055285620804431701940516401789646780129200266246610491937431662162259844480796178668045315731925186498730481213866392431590818922815605386687154821124938981371992025823822907496194003378083003655053058738593242535758981571483742564402136914981531983082493909004435434643192135094217169
 key.iqmp = 55572426880344315601454592760746767319147313863910743939171621776634463496206488656258091317869942769801739835898523470608136694670529616883597084305133427346321420954157078445019131474343610330894518193395854421722989028318542144103806973023950571640311385841411043358681472214153242263539236579775123364941
 key.n = 16392814382236358374286478730803635966603711995044711413386654394374880287878372336023310219369520823643014365109038249939771923112625957783519605641636158082722812184189890358562406335672039498139105719171672367833874466201684192375357453493553219779287031256753504682678244544469842055901221240242010672802266061038234693512631745482956828422293756194060107183438880064480485030426406255944643048653218232929571416141572226550298104151251626730276899490795429237649764313700744612730340304290991262155071464084535035491902714392752262555875756559291544731914349885459219342356167914776303057793750903380835015380701
 key.e =65537
 key.private?  => true

The problem is only in jruby implementation, not in MRI.


Want to see this issue fixed? Post a bounty on it! We accept bounties via Bountysource.


Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

@philr
Copy link
Contributor

philr commented Apr 1, 2016

The second issue has been resolved by #82.

@MSNexploder
Copy link
Contributor

key.dmp1, key.dmq1 and key.iqmp handling (first part of this issue) is still broken in 9.1.12.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants