in reply to Private keys in Crypt::RSA

You should probably store the key as a BLOB or convert it to a string using some algorithm like BASE64, store it in the db, retrieve it, and then convert it back yourself.

You could store it in a file using Crypt::RSA::Private and using a key to encrypt it (see the doc). If it is unencrypted in the MySQL db, it may still be vulnerable to discovery.

Replies are listed 'Best First'.
Re^2: Private keys in Crypt::RSA
by jmking (Initiate) on Mar 07, 2007 at 21:44 UTC
    Thanks for the reply. The key is being returned from the database correctly, so I'm not sure if storing it as a BLOB or converting it will help. And I'm using AES_ENCRYPT in MySQL, so the key is being stored securely. But if I pass the string directly to the decryption function like I show in the example, it gives me this error: 
    Can't call method "check" without a package or object reference at /us
+r/local/lib/perl5/site_perl/5.6.2/Crypt/RSA.pm line 133.

    [download]
    My guess is that it needs to be stored in a hash (which I've tried) or I'm just missing something. If I can't get this to work I'll just go ahead and encrypt it like you suggested but I would prefer to store it in the database. Any suggestions?
[reply]
[d/l]
      The key is not a scalar. It is an object. The private key is an object of type Crypt::RSA::Key::Private. When you store it do you serialize the object and then unserialize it on retrieval? If not, you are probably not saving and restoring the object itself.

      From the error (and checking the code) it seems that you are trying to treat the key as though it were just the raw key value iteslf (a scalar), which it is not.

[reply]
        Hi, I am trying to use deserialize i get an error every time "n is not a number". I have generated a set of keys and dont want to store private key any where. Currently as I am testing my code I have stored the serialize key as variable. It does not error when i pass it to $private->deserialize but errors when I call $rsa->decrypt. Can you please help me. thanks
[reply]
      I was able to solve the problem. I needed to return the result as an array reference and use the deserialize() function to convert it to the perl object it was looking for. Thanks for the help!
[reply]

In Section Seekers of Perl Wisdom