Cant encrypt key

Hi, I'm trying to use e
object RSA: TRSAEncSign
Version = '4.3.3.0'
encType = oaep
hashFunction = sha256
keyLength = kl2048
Unicode = yesUni
outputFormat = base64
pssSaltLen = 0
withOpenSSL = True

to encrypt sign in key as mentioned in this document
https://isecure.fi/wsapi_v2/index.html#operation--account--Email---Mode--put

are able to do it with:
openssl-1.0.2u-x64_86-win64\openssl.exe rsautl -oaep -encrypt -pubin -inkey test.pem -in req.txt -out req.sign
openssl.exe base64 -A -in req.sign -out res.txt

RSA.withOpenSSL := true;
RSA.FromOpenSSLPublicKey(path);
key := RSA.Encrypt(pw);

but are getting error: RSA_padding_check_PKCS1_OAEP_mgf1:oaep decoding error
from supplier, so some thought on this?
I've tried all kind of combination without any luck.

Hi, can you try with pssSaltLen = 20?
bernard

I cant get it to work, but I've tried by creating a sample project:
object rsa: TRSAEncSign
Version = '4.3.3.0'
pssSaltLen = 0
Left = 304
Top = 224
end

procedure test;
var
s,pw:string;
fs:TMemoryStream;
begin
pw := 'my test text';
RSA.withOpenSSL := true;
RSA.FromPublicKeyFile('public-key.pem');
s := rsa.Encrypt(pw);
fs := TMemoryStream.Create;
fs.Size := length(s) div 2;
HexToBin(pansichar(s),fs.Memory,fs.Size);
fs.SaveToFile('C:\openssl\test\encoded.txt');
end;

openssl genrsa -out private-key.pem 2048
openssl rsa -in private-key.pem -pubout -out public-key.pem

openssl rsautl -oaep -decrypt -inkey private-key.pem -in encoded.txt
result:
RSA operation error
15580:error:040A1079:rsa routines:RSA_padding_check_PKCS1_OAEP_mgf1:oaep decoding error:.\crypto\rsa\rsa_oaep.c:264:
15580:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:.\crypto\rsa\rsa_eay.c:591:

Would you help with producing a working example?

I couldn't make it work either, so I tried to decrypt with TMS CP and found and issue with the key format in SetPrivateExponent. A key provided in hex shall not be converted to hex again.
Once fixed, I could decrypt.
I'll do more tests to understand what's wrong.

Hi, any news on this, will there be a fix released soon?

Hi, I have yet to identify where the issue is.

Hi, any news regarding a update?

Hi, version 5.0 should be published soon.

Hi, thank you for new version, but still i cant get this to work, so tried with the demo i made over, outcome of openssl is:
10616:error:04065084:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data too large for modulus:.\crypto\rsa\rsa_eay.c:519:

tried with the demo application to encrypt and decrypt base64 code between openssl and application but failes all the time. Could you verify a working setup for rsa 2048 oaep with a public/private pem certificate?

Hi, is it the same code as in

begin
pw := 'my test text';
RSA.withOpenSSL := true;
RSA.FromPublicKeyFile('public-key.pem');
s := rsa.Encrypt(pw);
fs := TMemoryStream.Create;
fs.Size := length(s) div 2;
HexToBin(pansichar(s),fs.Memory,fs.Size);
fs.SaveToFile('C:\openssl\test\encoded.txt');
end;

The error message looks like the outcome of a conversion (or lack of) issue.

And also, nothing to do with your example, but the RSACore.pas file needs to be edited on line 2912:
writeln(S1, ':', S2, ':', S3); needs to be commented or deleted

This section is used to clock the sequence and is useless for normal use.

Yes thats my test code, then I try to decode it with
openssl.exe rsautl -oaep -decrypt -inkey private-key.pem -in encoded.txt

openssl returns RSA operation error
8688:error:04065084:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data too large for modulus:.\crypto\rsa\rsa_eay.c:519

After a few conversion corrections, I get (using openSSL):
304C0000:error:02000079:rsa routines:RSA_padding_check_PKCS1_OAEP_mgf1:oaep decoding error:crypto\rsa\rsa_oaep.c:308:

This needs to be investigated further as the OAEP padding doesn't seem to be correct.

Hello, I have found a couple of issues in the mask generation function (MGF) and here is the state of play:

  • RSA OAEP is now interoperable with BearSSL and OpenSSL
  • I need to check that the PSS mode for signatures has not been impacted

I will then release a new version of TMS CP.

Hello, I have now validated all modes (OAEP/PSS), key sizes (2048, 3072 and 4096) and hash algorithms (sha256, 384 and 512) combinations and TMS CP is fully interoperable with openSSL.
I will upload the updated source code today and it should be released next week.

Version 5.0.1.0 beta is available for registered users. It fixes RSA issues, including openSSL interoperability.

Hi, tried with latest update, test code still results in:
RSA operation error
8896:error:040A1079:rsa routines:RSA_padding_check_PKCS1_OAEP_mgf1:oaep decoding error:.\crypto\rsa\rsa_oaep.c:264:
8896:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:.\crypto\rsa\rsa_eay.c:591:

Hi, what are the parameters (hash algorithm, key size) in TMS CP and what is the command line with openssl ?

I used these:

openssl dgst -sha256 -binary test.txt > test.bin

openssl pkeyutl -sign -inkey private-key.pem -in test.bin -out signedtext.txt -pkeyopt digest:sha256 -pkeyopt rsa_padding_mode:pss -pkeyopt -pkeyopt rsa_pss_saltlen:32

openssl pkeyutl -verify -inkey private-key.pem -in test.bin -sigfile signedtext.txt -pkeyopt digest:sha256 -pkeyopt rsa_padding_mode:pss

Text in test.txt is some ASCII/UTF8 text.

Hello, this is my decrypt command

procedure TForm1.test2;
var
s,pw:string;
fs:TMemoryStream;
begin
pw := 'my test text';
RSA.FromPublicKeyFile('E:\test\public-key.pem');
s := rsa.Encrypt(pw);
fs := TMemoryStream.Create;
fs.Size := length(s) div 2;
HexToBin(pansichar(s),fs.Memory,fs.Size);
fs.SaveToFile('E:\test\test3.enc');
end;

rsa object is in default state: enctype: oaep, hashfunction: sha256, inputtype: hexa, keylength: kl2048, output hexa

openssl rsautl -inkey private-key.pem -decrypt -oaep -in test3.enc

8896:error:040A1079:rsa routines:RSA_padding_check_PKCS1_OAEP_mgf1:oaep decoding error:.\crypto\rsa\rsa_oaep.c:264:
8896:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:.\crypto\rsa\rsa_eay.c:591:

did try to change inputtype to raw, but that just result in
openssl rsautl -inkey private-key.pem -decrypt -oaep -in test3.enc
RSA operation error
7204:error:04065084:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data too large for modulus:.\crypto\rsa\rsa_eay.c:519:

Sorry, I gave a PSS example instead of an OAEP example. Here is what i just did.

// DELPHI code
// encrypt with a public key
pw := 'my very long beautiful test text';
MyRSA.encType := oaep; // the other option is epkcs1_5;
MyRSA.FromOpenSSLPrivateKey('....\Cert\private-key4096.pem'); // The public key is in the list of keys and parameters - this one has 4096 bits
MyRSA.outputFormat := hexa; // that's the default value but we set it for the example
MyRSA.hashFunction := sha512; // 256 and 384 are valid options too
s := MyRSA.Encrypt(pw);
MainMemo.Lines.Add('Input text: ' + pw);
MainMemo.Lines.Add('Cryptogram: ' + s);

Conv := TConvert.Create(hexa);
s := Conv.FormatToChar(s);
o := Conv.StringToTBytes(s); // OpenSSL requires raw data
f := FileOpen('....\Cert\encoded4096.txt', fmOpenWrite); // We will decrypt this file with OpenSSL
I := FileWrite(f, o, 0, Length(o));
FileClose(f);
if I <> Length(o) then
MainMemo.Lines.Add('file not properly saved')
else
MainMemo.Lines.Add('encoded4096.txt properly saved');
// END DELPHI code

This is the OpenSSL command line to decrypt the file:

openssl pkeyutl -decrypt -inkey private-key4096.pem -in encoded4096.txt -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha512 -pkeyopt rsa_mgf1_md:sha512

Note 1: sha512 is used twice: for the MGF1 and for the message digest.

Note 2: you cannot technically encrypt a message that is longer than the modulus size minus a constant that depends on the hash function that is used (because of the type of padding - see RFC 8017 for details). If you need to encrypt longer messages, you should use the AES

Thank you that made this clearer, but my main problem still exist, as the bank provider require an encrypted text with openssl rsautl -oaep -encrypt command, and that uses sha1

trying to use sha1 with your library fails. Would it be possible to get sha1 working too?