Math::PARI and Crypt::RSA

shug94 has asked for the wisdom of the Perl Monks concerning the following question:

I have been playing with Crypt::RSA for a while, and I am having some problems getting it to work properly. I am trying to use an external key.

I am generating the private key and writing it to file using the following code:

#!/usr/bin/perl

use strict;
use Crypt::RSA;

print "RSA tester\n";

my $infoToSign = "blah";
my $privateKey = 5;

my $rsa = new Crypt::RSA;

my ($public, $private) =
  $rsa->keygen (
    Identity  => 'RBSClient',
    Size      => 1024,
    Password  => 'passw0rd',
    Verbosity => 1,
  ) or die $rsa->errstr();

$private->write( Filename => 'working.private');
$public->write( Filename => 'working.public');
[download]

This produces the following private key file (I have reduced the length of the streams of numbers for brevity):

$VAR1 = bless( {
                 'Version' => '1.99',
                 'Checked' => 0,
                 'Identity' => 'RBSClient',
                 'private_encrypted' => bless( {
                                                 '_phi' => 'Blowfish d
+u2N7P83ABQ
cFDt9/0y7IQ 53616c7465645f5f...',
                                                 '_n' => 'Blowfish Mqm
+rxVsrrHbWw
RNNCruuuw 53616c7465645f5f658f18eec5ea...',
                                                 '_q' => 'Blowfish qC0
+F63YxDS8KW
LUGDfCMcg 53616c7465645f5f...',
                                                 '_p' => 'Blowfish sNm
+IMm9AuxeF8
uhD/JHszA 53616c7465645f5f...',
                                                 '_dp' => 'Blowfish p2
+z6NZBV1grw
lhJye/R4sw 53616c7465645f5f...',
                                                 '_u' => 'Blowfish Huh
+TLQDF0TEzo
Ln7exXdiw 53616c7465645f5f...',
                                                 '_dq' => 'Blowfish Yf
+/aS7U0nI1U
GYvagT4J3A 53616c7465645f5f...',
                                                 '_d' => 'Blowfish SXE
+nuMNvxaF2y
JFTalOnbQ 53616c7465645f5f...',
                                                 '_e' => 'Blowfish EzK
+9HcfPA2zj4
wouO9lMww 53616c7465645f5f...'
                                               }, 'Tie::EncryptedHash'
+ ),
                 'Cipher' => 'Blowfish'
               }, 'Crypt::RSA::Key::Private' );
[download]

I then try to create a private key object to sign with, loading from file in the following way:

#!/perl/bin/perl

package RBS_PrivateKeyWrapper;
use strict;
sub getPrivateKey()
{
  my $privateKeyFilename = '/var/www/html/certificates/working.private
+';

  my $privateKey = getPrivateKeyPerlRSAEncoded($privateKeyFilename);

  return $privateKey;
}

sub getPrivateKeyPerlRSAEncoded($)
{
  my ($privateKeyFilename) = @_;

  my $privateKey = new Crypt::RSA::Key::Private(
    Filename  =>  $privateKeyFilename
    );

  return $privateKey;
}

1;
[download]

Up until this point I know that it works fine, because if I comment out the next step there is no problem. However I do actually need to sign the data. I try to sign the data as shown below:

#!/perl/bin/perl

use Crypt::RSA;
use RBS_PrivateKeyWrapper;

my $privateKey = RBS_PrivateKeyWrapper::getPrivateKey();

my $signature = getSignatures($privateKey, $binarySecurityToken, $time
+stamp, $content);

print $signature;

####

sub getSignature($$)
{
  my ($privateKey, $infoToSign) = @_;


  my $rsa = new Crypt::RSA;
  my $signatureValue = $rsa->sign(
    Message    => $infoToSign,
    Key        => $privateKey,);

  return $signatureValue;
}
[download]

This seems like it should work, but it does not. The errors I get seem to be associated with Crypt::RSA and Math::PARI not playing well together. I am getting the following error (which I do not get if I do not try to sign the data):

[Mon Oct 26 21:15:33 2009] [error] [client 10.29.12.38] PARI:   ***   
+log is not
 meromorphic at 0. at /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread
+-multi/Mat
h/Pari.pm line 994.
[download]

I didn't know what meromorphic meant, so I looked it up and it seems to be saying that you cannot get the logarithm of 0, as there could be infinite values. I think this is due to line 77 of RSA::DataFormat.pm, which is as follows:

sub bitsize ($)
{
  return pari2num(floor(Math::Pari::log(shift)/Matth::Pari::log(2)) + 
+1);
}
[download]

So clearly a value of 0 is being passed into this function, and it is not happy with it. Also, the actual line of Pari.pm that is failing is 994, the '&$1;' line listed below (this seems to be some kind of function loading method, but I am unsure):

sub AUTOLOAD {
  $AUTOLOAD =~ /^(?:Math::Pari::)?(.*)/;
  # warn "Autoloading $1...\n";
  # exit 4 if $1 eq 'loadPari';
  my $cv = loadPari($1);

#  goto &$cv;
#  goto &$AUTOLOAD;
#  &$cv;
  &$1;
#  &$AUTOLOAD;
}
[download]

As always, any help would be appreciated. I have Pari and GP installed on my machine, at the latest stable version. I am not sure why this is not working. Has anyone else got any experience with using Crypt::RSA? Do you have any ideas on how to load keys from external files and use them? Or any other ways to do this?

Hopefully someone can help,

Cheers,
Shug

Comment on Math::PARI and Crypt::RSA Select or Download Code

Replies are listed 'Best First'.
Re: Math::PARI and Crypt::RSA by Anonymous Monk on Oct 26, 2009 at 11:43 UTC
It happens when password is missing #!/usr/bin/perl -- use strict; use warnings; use File::Spec; use Crypt::RSA; Main(@ARGV); exit(0); sub Main { my $thisf = File::Spec->rel2abs(__FILE__); my $fprivate = "$thisf-testkey.private"; my $fpublic = "$thisf-testkey.public"; print "RSA tester ($thisf)\n"; my $infoToSign = "blah"; my $privateKey = 5; my $rsa = new Crypt::RSA; my ( $public, $private ); if ( -e $fpublic and -e $fprivate ) { print "reading $fprivate\n"; $private = new Crypt::RSA::Key::Private( Filename => $fprivate, @_ ? ( Password => 'password' ) : (), # NOTICE ARGV ); } else { print "generating keys\n"; ( $public, $private ) = $rsa->keygen( Identity => 'RBSClient', Size => 1024, Password => 'password', ) or die $rsa->errstr(); $private->write( Filename => $fprivate ); $public->write( Filename => $fpublic ); } print "signing $infoToSign\n"; my $signature = $rsa->sign( Message => $infoToSign, Key => $private, Armour => 1, ) \|\| die $rsa->errstr(); print "$signature \n"; } __END__ $ perl crypt-rsa-sign-test.pl RSA tester (~/tmp/crypt-rsa-sign-test.pl) generating keys signing blah PARI: * negative exponent in glog. at ~/lib/Crypt/RSA/DataFormat +.pm line 77. $ $ perl crypt-rsa-sign-test.pl RSA tester (~/tmp/crypt-rsa-sign-test.pl) reading ~/tmp/crypt-rsa-sign-test.pl-testkey.private signing blah PARI: * negative exponent in glog. at ~/lib/MSWin32-x86-multi-th +read/Math/Pari.pm line 994. $ perl crypt-rsa-sign-test.pl asdf RSA tester (~/tmp/crypt-rsa-sign-test.pl) reading ~/tmp/crypt-rsa-sign-test.pl-testkey.private signing blah -----BEGIN RSA SIGNATURE----- Version: 1.99 Scheme: Crypt::RSA::SS::PSS OQAxMjgAU2lnbmF0dXJlU7UxMIX136kFP+o3o7Pf5orq6jeCJWI7qG/uRqCwFgAoUc/LUR +9jsmBM B1Wl6krjm/98qTYUNgNNWgApxsfTFu23jL3LBbrKH50fNql9YuElxYdER0kyFJgX61xmrg +ivfbm1 Vim4LMMoCSJq2qyhCOEcA1q3zg/p+6U5/Zg8Lbg= =ufjanyZlBik+n/N3tWigfw== -----END RSA SIGNATURE----- $ [download]	[reply] [d/l]
Re^2: Math::PARI and Crypt::RSA by shug94 (Sexton) on Oct 27, 2009 at 00:41 UTC
This was incredibly helpful and fixed all of my problems. Thankyou very much!	[reply]
Re: Math::PARI and Crypt::RSA by proceng (Scribe) on Oct 26, 2009 at 20:04 UTC
Was this a typo? `my $signature = getSignatures($privateKey, $binarySecurityToken, $time ++stamp, $content); #==here it's getSignatures print $signature; #### sub getSignature($$) #==here it's <b>getSignature</b> {` [download] In case it wasn't clear what I meant, the sub is defined as "getSignature($$)", while you called it as "getSignatures" (note the missing s at the end of the function name. Otherwise, the previous response should get you there :-)	[reply] [d/l]
Re^2: Math::PARI and Crypt::RSA by shug94 (Sexton) on Oct 27, 2009 at 00:43 UTC
No, not a typo, I just didn't include a getSignatures function in my question which calls getSignature a bunch of times based on what inputs we have. Sorry for not being clear	[reply]