tags:

views:

107

answers:

1
Q: 

Ruby equivalent for php function openssl_pkey_get_public

Hello all

I have the php script where the password encoding done using the openssl:

$key = openssl_get_publickey($certificate);
openssl_public_encrypt($pass,$userPassCrypted,$key,OPENSSL_PKCS1_PADDING);
openssl_free_key($key);

Now I trying to make the same with ruby

require 'openssl' cert = OpenSSL::X509::Certificate.new(certificate)
public_key = cert.public_key
passwordSSL = public_key.public_encrypt(password, 1)

The problem here is that these password encoding isn't match

The certificate the same but the public key in PHP is:

-----BEGIN PUBLIC KEY----- ... -----END PUBLIC KEY-----

in ruby is:

-----BEGIN RSA PUBLIC KEY----- ... -----END RSA PUBLIC KEY-----

I guess here is the difference (keys body also not the same)...

How can I get inside ruby the same public key as in PHP? Or is it possible convert RSA key by somehow?

Or maybe I have to do it with another way?

Any suggestions highly appreciated.

A: 

You can open this by using the following:

# Public key
public_key = OpenSSL::PKey::RSA.new(File.read("/path/to/public/key"))

# Private key (with password)
private_key = OpenSSL::PKey::RSA.new(File.read("/path/to/private/key), "password")

Hope this helps!

UPDATE: Ah, okay. Yeah, I don't think there is a way to remove the " RSA " from the OpenSSL output without removing it with a regular expression.

cert = OpenSSL::X509::Certificate.new(File.read("/path/to/x509/cert"))

cert.public_key.to_s.gsub(/RSA PUBLIC KEY-----/, "PUBLIC KEY-----")
Josh  2010-02-09 09:22:25
Unfortunately this one won't help. If you look carefully so you will see that at the beginning I have the X509 certificate... So I have neither public key nor private just certificate...Moreover your solution will also give me RSA key... cert.public_key == OpenSSL::PKey::RSA I guess
LiMan  2010-02-09 09:44:55
Updated for you!
Josh  2010-02-09 10:46:52
No... Just removing also will not work because the keys body not the same. PUBLIC KEY and RSA PUBLIC KEY completely different keys...
LiMan  2010-02-09 14:32:43

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security