tame1 has asked for the wisdom of the Perl Monks concerning the following question:

I have been working for some time on some encryption stuff, and have come across a road block. I follow the instructions in Crypt::RSA's pod docs, but I keep getting the same error - cannot call method n on an undefined value.

Here is the decode sub from RSA.pm:
sub decrypt { 
    my ($self, %params) = @_;
    my $key = $params{Key}; 
    my $cyphertext = $params{Cyphertext};
    $cyphertext = unpack "u*", $cyphertext if $params{Armour};
    my $plaintext;
    my $blocksize = ((bitsize ($key->n)) / 8); 
    my @segments = steak ($cyphertext, $blocksize);
    for (@segments) {
        $plaintext .= $self->{eme}->decrypt (Cyphertext=> $_, Key => $
+key)
            || return $self->error ($self->{eme}->errstr, \$key, \%par
+ams);
    }
    return $plaintext;
}

[download]
The killer is that bitsize ($key->n). I have turned on Armour (Armour => 1) and base64 encoded the key I am sending, but still the system is unable to call method n on they $key value.
Here is the way I am calling, in case that helps:
# $decoded is the base64 decoded cookie
my @fields = get_fields($decoded);
my $public_key = get_pubkey($fields[2]); # Verified to work
my $rsa = new Crypt::RSA;
my $checksum = $rsa->decrypt(
                             Cyphertext => $encrypted,
                             Key => $public_key,
                             Armour => 1,) || die $rsa->errstr();

[download]
No matter what I feed in as $public_key, in whatever form, RSA.pm always says it can't call method n on it.

Any help would be appreciated.

What does this little button do . .<Click>; "USER HAS SIGNED OFF FOR THE DAY"

Replies are listed 'Best First'.
Re: Crypt fun
by btrott (Parson) on Mar 27, 2001 at 02:26 UTC
    Your get_pubkey function better be returning a Crypt::RSA::Key::Public object. That's a public key object in the Crypt::RSA world.

    Because that's the thing you're passing to Crypt::RSA, and that's what it expects. $public_key, in other words, should be an object of type Crypt::RSA::Key::Public. That's why you're getting the "Can't call method n" on $public_key error: because you're probably giving it a string or something, and the string obviously can't support method calls.

    So what you should be doing is having your get_pubkey return a Crypt::RSA::Key::Public object. How do you do that? Well, you create such an object, then fill it with values. An RSA public key should have two components: n, the RSA modulus; and e, the exponent. This is used when doing public-key encryption on a message. So, in get_pubkey, you can create a public key object: 

        my $key = Crypt::RSA::Key::Public->new;

    [download]
    and then fill it the values, which you're apparently getting from *somewhere* (your base64-decoded string?): 
        $key->n($n);
    $key->e($e);

    [download]
    Perhaps, in your case, $n and $e are in your @fields array. I don't know, because that's specific to your code.

    Then return $key from your function.

    Take a look at the source of Crypt::RSA::Key for another example. The generate method generates a set of public and private keys from scratch (finding primes, deriving key attributes, etc.).

[reply]
[d/l]
[select]
      Thank you! This explanation is the best explanation of what I am doing wrong.
      All that I really know is that 1.) the cookie is in base64, 2) the last field of the cookie is the "security field", 3) the security field contains an RSA encoded MD5 hash of the rest of the cookie.

      So I have stripped off the last 64 bits (after decode_base64) into $encrypted, Read the keyring.public to see which public key went with the issuing server (in $field[2]) and returned that value into $public_key.

      I know I am a pain, but can you walk me through (in baby steps?) how I then initialize a 'new' Crypt key object, and then populate it with the values I have?

      I am not slow, just a 'visual' learner. If I cannot picture what's happening in my mind, I fail to get it, so a walk-through will really help.
      Thanks!!

      What does this little button do . .<Click>; "USER HAS SIGNED OFF FOR THE DAY"
[reply]
[d/l]
[select]
        I don't know how familiar you are with RSA public key encryption, but it doesn't sound like you're *too* familiar with it. So here's how it works.

        To communicate with another party using encrypted messages, you need two keys: a public key and a private key. Say you're sending a message to someone: you have this person's public key, but only he knows his private key. That means that, if the message is intercepted, only he can decrypt the message. Make sense?

        So: the basic idea behind RSA public key encryption is that you know someone's public key, and you encrypt your message using that key. In Crypt::RSA, this would be done by using the Crypt::RSA->encrypt method, and the Key object would be the user's public key. When the other person receives your encrypted message, he decrypts it with his private key. On his end this would be done by using Crypt::RSA->decrypt, and the Key object would be his *private key*.

        That's a very important point to make, because you seem to be passing what you think is a public key to the decrypt method, which expects a private key.

        The reason this all works is because, when you generate RSA public and private keys, you first generate two very large primes, p and q. These are *private*, because from these primes you can derive any of the other key values, including the private key value. A private key object is really made up of d, the private key integer (derived from p and q); and n, the RSA modulus, which is the product of p and q.

        What does this mean? It means that you better have both n and d if you expect to decrypt a message encrypted by someone's public key. Because the actual decryption is, in a nutshell, 

            M = c ^ d mod n

        [download]
        where M is the plaintext message and c is the encrypted message.

        Here's another description of how the algorithm works.

        So in your case, what you're getting is the encrypted message. Right? So you need to decrypt it using a private key. If you have both d and n values, you can construct a private key like this: 

            my $key = Crypt::RSA::Key::Private->new;
    $key->n($n);
    $key->d($d);

        [download]
        Then use $key as the Key argument to decrypt.

        The problem in your case seems to be that you only have the public key. Granted I don't know exactly the details of your situation, but it would *seem* to me that if you don't have a private key, you'll have trouble decrypting the message. But then again, as I said, I don't know all of the details of your situation.

[reply]
[d/l]
[select]
Re: Crypt fun
by baku (Scribe) on Mar 27, 2001 at 00:25 UTC

    Try upping your paranoia level slightly, see if that gives you more enlightening errors? 

    my $rsa = new Crypt::RSA ();
unless (ref $rsa) { die "Not a reference: $rsa"; }
unless ($rsa->isa('Crypt::RSA') { die "Not a Crypt::RSA: $rsa"; }
my $checksum;
{ # scope for temp var
  my $decrypt = $rsa->can('decrypt');
  unless (ref $decrypt) { die "Not a reference: $decrypt"; }
  unless (ref $decrypt eq 'CODE') { die "Not a coderef: $decrypt"; }
  $checksum = $decrypt->(Cypertext => $encrypted,
                         Key       => $public_key,
                         Armour    => 1,
                        ) or die "Can't decrypt: " . $rsa->errstr();
}
unless ($checksum) { die "No checksum after decrypt"; }

    [download]

    At least this may pinpoint the problem more precisely...?

[reply]
[d/l]
(tye)Re: Crypt fun
by tye (Sage) on Mar 27, 2001 at 01:24 UTC 

    my $public_key = get_pubkey($fields[2]); # Verified to work

    [download]

    I don't know what "Verified to work" means, but I won't believe that it doesn't set $public_key to be undef unless you change it to something like: 

    my $public_key = get_pubkey($fields[2])
    or  die "Can't get public key...";

    [download]

            - tye (but my friends call me "Tye")
[reply]
[d/l]
[select]
Re: Crypt fun
by archon (Monk) on Mar 27, 2001 at 00:10 UTC
    We need some more information to determine what is wrong.

    First, what does get_pubkey return?

    Second, what do you mean by "Verified to work"?

    Third, what do you get when you print the value of $key (after it's assigned to) in the decrypt method?

    Fourth, you are trying to call a method called 'n' off a suspected object '$key'. What kind of object is $key supposed to be and are you sure it has a method called 'n'?

[reply]
      I know that $public_key has a "good" value (i.e. it is an encrypted string, some characters unprintable, that I should be able to pass to this function.

      I didn't write the RSA.pm code, so I cannot tell what he was trying to do by calling ->n on the $key! I've sent the author some email, but I have no idea when/if he will respond.

      What does this little button do . .<Click>; "USER HAS SIGNED OFF FOR THE DAY"
[reply]
[d/l]

Back to Seekers of Perl Wisdom