I have been playing with Crypt::RSA for a while, and I am having some problems getting it to work properly. I am trying to use an external key.
I am generating the private key and writing it to file using the following code:
#!/usr/bin/perl
use strict;
use Crypt::RSA;
print "RSA tester\n";
my $infoToSign = "blah";
my $privateKey = 5;
my $rsa = new Crypt::RSA;
my ($public, $private) =
$rsa->keygen (
Identity => 'RBSClient',
Size => 1024,
Password => 'passw0rd',
Verbosity => 1,
) or die $rsa->errstr();
$private->write( Filename => 'working.private');
$public->write( Filename => 'working.public');
This produces the following private key file (I have reduced the length of the streams of numbers for brevity):
$VAR1 = bless( {
'Version' => '1.99',
'Checked' => 0,
'Identity' => 'RBSClient',
'private_encrypted' => bless( {
'_phi' => 'Blowfish d
+u2N7P83ABQ
cFDt9/0y7IQ 53616c7465645f5f...',
'_n' => 'Blowfish Mqm
+rxVsrrHbWw
RNNCruuuw 53616c7465645f5f658f18eec5ea...',
'_q' => 'Blowfish qC0
+F63YxDS8KW
LUGDfCMcg 53616c7465645f5f...',
'_p' => 'Blowfish sNm
+IMm9AuxeF8
uhD/JHszA 53616c7465645f5f...',
'_dp' => 'Blowfish p2
+z6NZBV1grw
lhJye/R4sw 53616c7465645f5f...',
'_u' => 'Blowfish Huh
+TLQDF0TEzo
Ln7exXdiw 53616c7465645f5f...',
'_dq' => 'Blowfish Yf
+/aS7U0nI1U
GYvagT4J3A 53616c7465645f5f...',
'_d' => 'Blowfish SXE
+nuMNvxaF2y
JFTalOnbQ 53616c7465645f5f...',
'_e' => 'Blowfish EzK
+9HcfPA2zj4
wouO9lMww 53616c7465645f5f...'
}, 'Tie::EncryptedHash'
+ ),
'Cipher' => 'Blowfish'
}, 'Crypt::RSA::Key::Private' );
I then try to create a private key object to sign with, loading from file in the following way:
#!/perl/bin/perl
package RBS_PrivateKeyWrapper;
use strict;
sub getPrivateKey()
{
my $privateKeyFilename = '/var/www/html/certificates/working.private
+';
my $privateKey = getPrivateKeyPerlRSAEncoded($privateKeyFilename);
return $privateKey;
}
sub getPrivateKeyPerlRSAEncoded($)
{
my ($privateKeyFilename) = @_;
my $privateKey = new Crypt::RSA::Key::Private(
Filename => $privateKeyFilename
);
return $privateKey;
}
1;
Up until this point I know that it works fine, because if I comment out the next step there is no problem. However I do actually need to sign the data. I try to sign the data as shown below:
#!/perl/bin/perl
use Crypt::RSA;
use RBS_PrivateKeyWrapper;
my $privateKey = RBS_PrivateKeyWrapper::getPrivateKey();
my $signature = getSignatures($privateKey, $binarySecurityToken, $time
+stamp, $content);
print $signature;
####
sub getSignature($$)
{
my ($privateKey, $infoToSign) = @_;
my $rsa = new Crypt::RSA;
my $signatureValue = $rsa->sign(
Message => $infoToSign,
Key => $privateKey,);
return $signatureValue;
}
This seems like it should work, but it does not. The errors I get seem to be associated with Crypt::RSA and Math::PARI not playing well together. I am getting the following error (which I do not get if I do not try to sign the data):
[Mon Oct 26 21:15:33 2009] [error] [client 10.29.12.38] PARI: ***
+log is not
meromorphic at 0. at /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread
+-multi/Mat
h/Pari.pm line 994.
I didn't know what meromorphic meant, so I looked it up and it seems to be saying that you cannot get the logarithm of 0, as there could be infinite values. I think this is due to line 77 of RSA::DataFormat.pm, which is as follows:
sub bitsize ($)
{
return pari2num(floor(Math::Pari::log(shift)/Matth::Pari::log(2)) +
+1);
}
So clearly a value of 0 is being passed into this function, and it is not happy with it. Also, the actual line of Pari.pm that is failing is 994, the '&$1;' line listed below (this seems to be some kind of function loading method, but I am unsure):
sub AUTOLOAD {
$AUTOLOAD =~ /^(?:Math::Pari::)?(.*)/;
# warn "Autoloading $1...\n";
# exit 4 if $1 eq 'loadPari';
my $cv = loadPari($1);
# goto &$cv;
# goto &$AUTOLOAD;
# &$cv;
&$1;
# &$AUTOLOAD;
}
As always, any help would be appreciated. I have Pari and GP installed on my machine, at the latest stable version. I am not sure why this is not working. Has anyone else got any experience with using Crypt::RSA? Do you have any ideas on how to load keys from external files and use them? Or any other ways to do this?