encrypt using rsa
Moderators: FourthWorld, heatherlaine, Klaus, kevinmiller, robinmiller
-
- Livecode Opensource Backer
- Posts: 366
- Joined: Tue Apr 10, 2012 9:18 am
encrypt using rsa
I have been reading up on encrypting. So far I have managed to encrypt with aes; however, when trying to encrypt with rsa, I seem to have hit a road-block.
I have generated my key-pair.
But things are not working when I try: encrypt message with public key key
Should my pub-key go into a variable? If so, is there a trick to doing that, or do I just grab the characters between the:
-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----
and then wrap that in quotes and put it in my variable?
I have generated my key-pair.
But things are not working when I try: encrypt message with public key key
Should my pub-key go into a variable? If so, is there a trick to doing that, or do I just grab the characters between the:
-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----
and then wrap that in quotes and put it in my variable?
-
- Livecode Opensource Backer
- Posts: 366
- Joined: Tue Apr 10, 2012 9:18 am
Re: encrypt using rsa
I wonder if this (encrypting with RSA) is something that would be covered in the Livecode Lessons that come with the subscription. I looked at the lessons that come with the free 30 day sign-up, but nothing there touched on encryption.
Re: encrypt using rsa
Did you try "encrypt source using rsa with {public | private} key key [and passphrase passphrase]" as described in the Dictionary? I only mention it because your message didn't have the "using rsa" in it.
Walt
Walt
Walt Brown
Omnis traductor traditor
Omnis traductor traditor
-
- Livecode Opensource Backer
- Posts: 366
- Joined: Tue Apr 10, 2012 9:18 am
Re: encrypt using rsa
Yes, I should have been more specific. Here is what I have tried:
which gives me an empty variable.
the dictionary has this as an example:
I am just guessing that I am putting my pub-key in the variable wrongly. I have tried putting the public key in quotes, without quotes, on a single line, on multiple line, and on multiple lines with and without quotes.
Code: Select all
encrypt tThing using rsa with public key tPublicKey
put it into put it into tThingEncoded
the dictionary has this as an example:
Code: Select all
encrypt myMessage with public key myKey
-
- VIP Livecode Opensource Backer
- Posts: 3901
- Joined: Sat Mar 24, 2007 2:54 am
- Location: Palo Alto
Re: encrypt using rsa
There is a good write up here;
http://forums.livecode.com/viewtopic.php?f=8&t=11733
But I haven't tried to implement it yet.
Simon
http://forums.livecode.com/viewtopic.php?f=8&t=11733
But I haven't tried to implement it yet.
Simon
I used to be a newbie but then I learned how to spell teh correctly and now I'm a noob!
Re: encrypt using rsa
I kept an example private RSA key as a PEM file. This example worked for me.
One note: You had:
which has "put it into" twice - I don't know if that was a cut and paste, or how it might work.
Here's my test stack and example RSA key file. I did it in 7.0.3 on Win7x64
One note: You had:
Code: Select all
put it into put it into tThingEncoded
Here's my test stack and example RSA key file. I did it in 7.0.3 on Win7x64
- Attachments
-
- idEncryptTest.zip
- (2.5 KiB) Downloaded 289 times
Walt Brown
Omnis traductor traditor
Omnis traductor traditor
-
- Livecode Opensource Backer
- Posts: 366
- Joined: Tue Apr 10, 2012 9:18 am
Re: encrypt using rsa
Thanks, that worked.
Using:
and then:
gives me encrypted data.
I appreciate you posting that.
Using:
Code: Select all
put URL ("file:"& "/path/to/my/pubkey.pub") into tPublicKey
Code: Select all
encrypt tThing using rsa with public key tPublicKey
I appreciate you posting that.
-
- Livecode Opensource Backer
- Posts: 366
- Joined: Tue Apr 10, 2012 9:18 am
Re: encrypt using rsa
So I have encrypt and decrypt using rsa with private/public keys working fine on my Desktop application; however, if I send encrypted stuff to my server, I cannot seem to get LiveCode server to decrypt the rsa bit.
I have encoded with base64encode, and urlEncode before sending to the server. Also made sure I could decode all of that on my desktop before sending, and that works.
Also tried NOT enccoding the rsa-encrypted string with base64 and urlEncode.
Also tested decrypting with urlDecode, and then base64Decode once on the server, and that seems to be working as well, but when I get to the part where I decrypt with rsa, it seems to fail.
I can encrypt something on my server with rsa, and send it to my desktop and it gets decrypted okay.
So the failure point seems to be when it is decrypting with rsa on the server. Is there something special there that should happen that is different from the Desktop?
I have encoded with base64encode, and urlEncode before sending to the server. Also made sure I could decode all of that on my desktop before sending, and that works.
Also tried NOT enccoding the rsa-encrypted string with base64 and urlEncode.
Also tested decrypting with urlDecode, and then base64Decode once on the server, and that seems to be working as well, but when I get to the part where I decrypt with rsa, it seems to fail.
I can encrypt something on my server with rsa, and send it to my desktop and it gets decrypted okay.
So the failure point seems to be when it is decrypting with rsa on the server. Is there something special there that should happen that is different from the Desktop?
-
- VIP Livecode Opensource Backer
- Posts: 9842
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: encrypt using rsa
What error message do you see in "the result"?ghettocottage wrote:Also tested decrypting with urlDecode, and then base64Decode once on the server, and that seems to be working as well, but when I get to the part where I decrypt with rsa, it seems to fail.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
-
- Livecode Opensource Backer
- Posts: 366
- Joined: Tue Apr 10, 2012 9:18 am
Re: encrypt using rsa
just blank. no messageWhat error message do you see in "the result"?
-
- VIP Livecode Opensource Backer
- Posts: 9842
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: encrypt using rsa
Anything in "it"?
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
-
- Livecode Opensource Backer
- Posts: 366
- Joined: Tue Apr 10, 2012 9:18 am
Re: encrypt using rsa
Okay..figured it out:
Following the idea in this thread: http://forums.livecode.com/viewtopic.php?f=8&t=11733
here is my function I am using to encrypt a password on my app to send to the server:
and here is my function to decode/decrypt that on my server
All good. I can use both of those functions on my desktop with good results: password is encrypted and decrypted
However, posting that password to the server, and using the dEncode function fails. The problem: on sending to the server, the password is wrapped with carriage returns. So on the server I had to add another step to the dEncode function:
I feel like there might be a simpler way to go about this, but when I try to remove some of the encoding steps, the decoding fails on the server. From the referenced thread I gather:
the rsa-encrypted string needs to be base64 encoded so data is not lost on sending
the base64 encoded string gets wrapped, so it needs to be urlEncoded
//okay, got that. I also discover that:
on sending to the server via post, it gets wrapped again with carriage returns, so an additional urlEncode reverts it back to how it was before sending...then everything else toddles along as expected.
at any rate, it seems to be working now.
I wrote a function to generate random salts and passwords on each send (cobbled together from some other threads on this forum):
so:
random password and salt generated on each send is used to encrypt my data with aes256
same password and salt are then encrypted with rsa
all that is sent via post to my server, which then decrypts the password and salt so it can decrypt the rest of the data.
Lots of encrypting, encoding and decoding going on there. I have not seen any issues with performance, but have only been sending small chunks of data while I worked this all out.
Following the idea in this thread: http://forums.livecode.com/viewtopic.php?f=8&t=11733
here is my function I am using to encrypt a password on my app to send to the server:
Code: Select all
function rEncode tString
encrypt tString using rsa with public key gPublicKey
put it into tRsa
put base64Encode(tRsa) into t64
put urlEncode(t64) into tUrlencoded
return tUrlencoded
end rEncode
Code: Select all
function dEncode tString
put urlDecode(tString) into t64
put base64Decode(t64) into tRsa
decrypt tRsa using rsa with private key gPrivateKey
put it into tDecrypted
return tDecrypted
end dEncode
However, posting that password to the server, and using the dEncode function fails. The problem: on sending to the server, the password is wrapped with carriage returns. So on the server I had to add another step to the dEncode function:
Code: Select all
function dEncode tString
put urlEncode(tString) into tUrlencoded
put urlDecode(tUrlencoded) into t64
put base64Decode(t64) into tRsa
decrypt tRsa using rsa with private key gPrivateKey
put it into tDecrypted
return tDecrypted
end dEncode
I feel like there might be a simpler way to go about this, but when I try to remove some of the encoding steps, the decoding fails on the server. From the referenced thread I gather:
the rsa-encrypted string needs to be base64 encoded so data is not lost on sending
the base64 encoded string gets wrapped, so it needs to be urlEncoded
//okay, got that. I also discover that:
on sending to the server via post, it gets wrapped again with carriage returns, so an additional urlEncode reverts it back to how it was before sending...then everything else toddles along as expected.
at any rate, it seems to be working now.
I wrote a function to generate random salts and passwords on each send (cobbled together from some other threads on this forum):
Code: Select all
function randPassword
put empty into tRandom
repeat with x = 1 to 9
put random(10)-1 into tRnd
-- so that the number never starts with 0
if x = 1 then put random(9) into tRnd
put tRnd after tRandom
end repeat
put base64Encode(tRandom) into t64
return t64
end randPassword
random password and salt generated on each send is used to encrypt my data with aes256
same password and salt are then encrypted with rsa
all that is sent via post to my server, which then decrypts the password and salt so it can decrypt the rest of the data.
Lots of encrypting, encoding and decoding going on there. I have not seen any issues with performance, but have only been sending small chunks of data while I worked this all out.
-
- VIP Livecode Opensource Backer
- Posts: 9842
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: encrypt using rsa
How does the server obtain the data? If it reads only until CR I can see the issue with Base64's multi-line value. But if it reads until EOF it should be fine, no?
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
-
- Livecode Opensource Backer
- Posts: 366
- Joined: Tue Apr 10, 2012 9:18 am
Re: encrypt using rsa
Code: Select all
How does the server obtain the data? If it reads only until CR I can see the issue with Base64's multi-line value. But if it reads until EOF it should be fine, no?
Code: Select all
ZR%2Bs%2BNXFAvkoqhLf2yrwYvS46%2BikQMlE4JggO0%2B27ahiisPgSCmA5BqliEZHSVeME9cLs0LV%0D%0ASeGYHXd08uZ3OjqyXOrtuxaxIqJiOFnannMyb4%2BPVn%2FyRSZS1%2BXdU6rvMlmYXaaZghEr32Bb%0D%0ATifoy20ejcuKAMw5Xukcp9V5aJPuyS1U%2B6KOWvr0WbqYWZo2wHd5kUlDMXZVWs05BHEh70vM%0D%0AUMwxz2PsIO7ZFnk%2BTA6Ap6gz0yc7CbFPpxXDn38%3D
Code: Select all
post tStuffToPost to URL tServerURL
put it into tResult
Code: Select all
ZR+s+NXFAvkoqhLf2yrwYvS46+ikQMlE4JggO0+27ahiisPgSCmA5BqliEZHSVeME9cLs0LV
SeGYHXd08uZ3OjqyXOrtuxaxIqJiOFnannMyb4+PVn/yRSZS1+XdU6rvMlmYXaaZghEr32Bb
Tifoy20ejcuKAMw5Xukcp9V5aJPuyS1U+6KOWvr0WbqYWZo2wHd5kUlDMXZVWs05BHEh70vM
UMwxz2PsIO7ZFnk+TA6Ap6gz0yc7CbFPpxXDn38=
Code: Select all
put urlEncode(tPW) into tPWurlencoded
which returns an identical single-line like the original bit, and then "decode using rsa" works and birds start chirping and the sun comes out.
-
- VIP Livecode Opensource Backer
- Posts: 9842
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: encrypt using rsa
Yes, I'm familiar with what urlDecode does. My question is why is it necessary?
Base64 is only rarely output as a single line; the multi-line format LC uses is more common. And given that base64 takes care of making sure non-text bytes that may be seen as control characters are removed, it's usually good as it is.
Which is what had me wondering how the server is reading the POST data. If it reads until EOF I would imagine it would be fine with base64 as-is. I use base64 for most client-server apps, and it's been a reliable transport format.
Base64 is only rarely output as a single line; the multi-line format LC uses is more common. And given that base64 takes care of making sure non-text bytes that may be seen as control characters are removed, it's usually good as it is.
Which is what had me wondering how the server is reading the POST data. If it reads until EOF I would imagine it would be fine with base64 as-is. I use base64 for most client-server apps, and it's been a reliable transport format.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn