How to encrypt with public key PEM?

General Help regarding HMG, Compilation, Linking, Samples

Moderator: Rathinagiri

Post Reply
edk
Posts: 968
Joined: Thu Oct 16, 2014 11:35 am
Location: Poland

How to encrypt with public key PEM?

Post by edk »

Hello folks.
Does anyone know how to use hbssl (OpenSSL wrapper) to encrypt a file or string using a public key pem file?

I can do this using the openssl command, e.g.

Code: Select all

openssl.exe pkeyutl -encrypt -inkey PublicKeyFile.pem -pubin -in FileToBeEnctrypted.txt -out EncryptedFile.txt
but I would like to do it with native hbssl functions, if possible at all.
martingz
Posts: 397
Joined: Wed Nov 18, 2009 11:14 pm
Location: Mexico

Re: How to encrypt with public key PEM?

Post by martingz »

Edk i use this for sign xml

stringkey:=alltrim(empresas->key)//llave privada en pem
coutf8:=co//cadena original en utf8
PrivateKey := EVP_PKEY_NEW() //Creamos llave privada
keyPtr := PEM_READ_BIO_RSAPRIVATEKEY(bio :=BIO_new_mem_buf( stringkey ), alltrim(empresas->keypass) )//cargamos la llave privada con su contraseña
EVP_PKEY_ASSIGN_RSA(PrivateKey,keyPtr)//la asignamos para su evaluacion
ctx := EVP_MD_CTX_create() //creamos variable de evaluacion
EVP_MD_CTX_init( ctx ) //incializamos varibale de evaluacion
signed := "" //inicializamos variable del resultado de evaluacion
EVP_SignInit_ex(ctx, HB_EVP_MD_SHA256) //Establecemos el metodo de encriptacion
EVP_SignUpdate(ctx, coutf8) //Le mandamos el mensaje a encriptar
EVP_SignFinal(ctx, @signed, PrivateKey)//Evaluamos mensaje a encriptar,resultado,llaveprivada
sellodigital := HB_BASE64ENCODE(signed)//Codificamos el resultado en base 64
EVP_cleanup()//limpiamos variable

I hope it is useful to you

I look forward to any comments
franco
Posts: 845
Joined: Sat Nov 02, 2013 5:42 am
DBs Used: DBF
Location: Canada

Re: How to encrypt with public key PEM?

Post by franco »

I am not sure what you mean by encrypt.
Could you not use memowrit().
I am know using this to write into my exe files from another exe file.
You can change exe files if you write into the right spots.

Mostly from things you have helped me with.
Thanks Edward
All The Best,
Franco
Canada
edk
Posts: 968
Joined: Thu Oct 16, 2014 11:35 am
Location: Poland

Re: How to encrypt with public key PEM?

Post by edk »

@ martingz
Thanks for your example. From what I understand, you sign the string with a private key, you know the password for it.
@ martingz / @ franco
I have to encrypt the token with a public key, issued by the government. For this public key, of course, we do not know the password.
I found an example in C

Code: Select all

#include <openssl/pem.h>
#include <string>
...

bool EncryptString(const std::string& InStr /*plaintext*/, const std::string& InPublicKey /*path to public key pem file*/, std::string& OutString /*ciphertext*/) {
    
    // Load key
    FILE* f = fopen(InPublicKey.c_str(), "r");
    EVP_PKEY* pkey = PEM_read_PUBKEY(f, NULL, NULL, NULL);
    fclose(f);
    
    // Create/initialize context
    EVP_PKEY_CTX* ctx;
    ctx = EVP_PKEY_CTX_new(pkey, NULL);
    EVP_PKEY_encrypt_init(ctx);

    // Specify padding: default is PKCS#1 v1.5
    // EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING); // for OAEP with SHA1 for both digests

    // Encryption
    size_t ciphertextLen;
    EVP_PKEY_encrypt(ctx, NULL, &ciphertextLen, (const unsigned char*)InStr.c_str(), InStr.size());
    unsigned char* ciphertext = (unsigned char*)OPENSSL_malloc(ciphertextLen);
    EVP_PKEY_encrypt(ctx, ciphertext, &ciphertextLen, (const unsigned char*)InStr.c_str(), InStr.size());
    OutString.assign((char*)ciphertext, ciphertextLen);

    // Release memory
    EVP_PKEY_free(pkey);
    EVP_PKEY_CTX_free(ctx);
    OPENSSL_free(ciphertext);

    return true; // add exception/error handling
}
I tried to adapt it to HB but it returns errors of unknown functions: EVP_PKEY_encrypt_init(), EVP_PKEY_encrypt(), ...
franco
Posts: 845
Joined: Sat Nov 02, 2013 5:42 am
DBs Used: DBF
Location: Canada

Re: How to encrypt with public key PEM?

Post by franco »

Is the token a file. if so is the encryption always in the same location and same size.
In my exe files. Once the customers serial number checks out in the files. I memowrit() the exe file from another exe file and
write the serial number into the main exe file in a allowable area which is where the file has text.
I use the spot where program says This program cannot be run in dos mode.
I think you can write at end of file also.
I use notepad++ to test. You can open and change exe files with ++. When it will not run I change it back until I can find an allowable area.
I am also taking the MZ from the front of the exe and replacing it with blanks. When things check out I replace the form other exe with.
var:=memoread('main.exe')
memowrit('main.exe','MZ'+substr(var,3,len(memvar)))
this works.
May be way off what you are looking for but could help someone else.
All The Best,
Franco
Canada
edk
Posts: 968
Joined: Thu Oct 16, 2014 11:35 am
Location: Poland

Re: How to encrypt with public key PEM?

Post by edk »

Thanks Franco, but that's not what I'm looking for.

Here's an lesson of encrypting communication over the Internet: https://www.khanacademy.org/computing/c ... encryption

I have a public key and content (plain text) to encode. I need to do Step 3, which is encode the content with the public key. I can do this using openssl.exe, but I wanted to do it using hbssl.

I'm on the right track, but it requires recompiling the latest hbssl libraries with openssl.
Post Reply