Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Re: Private keys in Crypt::RSA

by traveler (Parson)
on Mar 07, 2007 at 20:45 UTC ( #603714=note: print w/ replies, xml ) Need Help??


in reply to Private keys in Crypt::RSA

You should probably store the key as a BLOB or convert it to a string using some algorithm like BASE64, store it in the db, retrieve it, and then convert it back yourself.

You could store it in a file using Crypt::RSA::Private and using a key to encrypt it (see the doc). If it is unencrypted in the MySQL db, it may still be vulnerable to discovery.


Comment on Re: Private keys in Crypt::RSA
Re^2: Private keys in Crypt::RSA
by jmking (Initiate) on Mar 07, 2007 at 21:44 UTC
    Thanks for the reply. The key is being returned from the database correctly, so I'm not sure if storing it as a BLOB or converting it will help. And I'm using AES_ENCRYPT in MySQL, so the key is being stored securely. But if I pass the string directly to the decryption function like I show in the example, it gives me this error:
    Can't call method "check" without a package or object reference at /us +r/local/lib/perl5/site_perl/5.6.2/Crypt/RSA.pm line 133.
    My guess is that it needs to be stored in a hash (which I've tried) or I'm just missing something. If I can't get this to work I'll just go ahead and encrypt it like you suggested but I would prefer to store it in the database. Any suggestions?
      I was able to solve the problem. I needed to return the result as an array reference and use the deserialize() function to convert it to the perl object it was looking for. Thanks for the help!
      The key is not a scalar. It is an object. The private key is an object of type Crypt::RSA::Key::Private. When you store it do you serialize the object and then unserialize it on retrieval? If not, you are probably not saving and restoring the object itself.

      From the error (and checking the code) it seems that you are trying to treat the key as though it were just the raw key value iteslf (a scalar), which it is not.

        Hi, I am trying to use deserialize i get an error every time "n is not a number". I have generated a set of keys and dont want to store private key any where. Currently as I am testing my code I have stored the serialize key as variable. It does not error when i pass it to $private->deserialize but errors when I call $rsa->decrypt. Can you please help me. thanks

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://603714]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (8)
As of 2014-12-17 22:40 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (40 votes), past polls