tags:

views:

536

answers:

1
+2  Q: 

Reading Private Key in PEM format with LockBox

I have to digitally sign a string using the SHA-1 algorithm with RSA using PKCS#1 padding. I have downloaded Turbo Power Lockbox.

The private key I have is in PEM format and was created using openssl:

openssl req -x509 -nodes -days 365 -newkey rsa:1024 -sha1 -subj "/C=US/ST=CA/L=Mountain View/CN=www.mycompany.com" -keyout myrsakey.pem -out c:\temp\myrsacert.pem

Here is what it looks like:

-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQDFzvqdAEQn9MrSLTNua5SOxshV/8jQIf3qpfunBXa9SVdm4NJw lY7iYpwivw7EdMlBe4FmezN9LGwyIokcUSt4KUdWmA8l4Lm5rcuDzzfmlVWP7y+j 0GKG2XCp2JwHpW4Q5WiMgcAnCMD/gbDustfz3utxQhLNBdWp2MlrEH2/rQIDAQAB AoGAUMZmnHohWtehgxYmLG8N6QfPgx7CWAupbop9KwUWKdGrOT2RcZwBDv0JmT6/ vwWZsX3Hp5ujuPfM7uQfbUrQHrcruUg/fPY8YXcWgNfOytGpaN/XKxfy2g2Cp8mE 4yoDR2QW8jo25ZH1q1cJ3jMyX9xlXaSZm7qtaoiDydE6roECQQDxqtP2tMEZ2FmQ 2o4T5Zv7P4II2PrLq+9IP0ASCZ2VzLxm2Pk6kxjnPjZ2oHG8pUQHvMz0m8Br3BY8 X1BpXrj9AkEA0YpBH7qm/nbG6YjxKAL3PbxXUJ06T/ByLjfstfCrT3LxDeklfWJb n/V8ahRcKPLajdbKAuWvJA5NvjeJPi34cQJAZ+vD1nUIDKsiaM3zBs9X8gTvUAqu XmMDNJguXxNPdplh8wAevHeA3/+6v+xivHJ8/K7Nm+pWJouv7Co4k/ctqQJASV4y TUzKmgC2xyCG5+6Z6Ujf/b7/ouva3un//PiG0yu40ZkX4l4lHM4UwQPd/QyDj/Rs CTWo7GQBvp+tc1MfUQJBALnQnNOIIkvwIK+1J6iLZgh7GurbCPMrH8nSn8SxkfBe qq5JWo31LQAUNDW5ntG0qHZQpx6zm2MzIlt2NgOLf4s= -----END RSA PRIVATE KEY-----

If I am not mistaken, the component I want to use is TLbRSAKey. So I have tried to create key object and read it from file:

var
  mPrivateKey: TLbRSAKey;
begin
  mPrivateKey := TLbRSAKey.Create(aks1024);
  mPrivateKey.LoadFromFile('C:\temp\myrsakey.pem');

On the LoadFromFile I get a "Invalid RSA Key" error. What am I doing wrong? Does Lockbox support keys in PEM format? None of the examples illustrate; everything seems to be in ASN format

+3  A: 

I am not a delphi programmer, but I thought I'd try to provide some pointers.

First, make sure you generate a new private key for your real application. Now that you've shared your private key with us, we wouldn't want any open security holes out there.

Secondly, the ASN.1 format is generated using the DER output from OpenSSL. The PEM format is just the base-64 encoding of the binary ASN.1 structure (and the markers are added).

You can get back to DER in one of two ways:

1) You can parse and decode the base-64 data in the PEM envelope. To do this, just decode the data between the -----BEGIN/END RSA PRIVATE KEY----- markers.

Or, since you are creating a new key anyway... ;)

2) You could use the -outform DER argument when you generate your key using OpenSSL.

I'm not certain this will work for your application, but maybe it will help get you a little further.

TIP to convert a PEM provate key to DER format, use the rsa utility in OpenSSL:

openssl rsa -inform PEM -outform DER -in privkey.pem -out privkey.der
jheddings  2009-11-23 03:21:53
This helps. I figured I had a disconnect in the format of the data. I did what you said in (2), i.e. add the -outform DER argument. It generated the certificate and key. The certificate seems correct and I can double click on it in windows and it contains all the information. But the private key is still coming out in Base64 with the markers. I also tried the -keyform DER argument but get the same.
M Schenkel  2009-11-23 04:20:25
Unfortunately, I don't think there is a way to create private keys in DER format directly. Instead, I added a tip for converting your private key to DER format.
jheddings  2009-11-23 06:42:06
Ok - I have successfully converted my private key to DER format according to jheddings (I have updated my question to reflect this). But now I get a division by zero error. jheddings - thank you, but I think this is where it turns to Delphi stuff.
M Schenkel  2009-11-23 12:48:13

related questions

How do you implement Levenshtein distance in Delphi?
Reintroducing functions in Delphi
Does Delphi call inherited on overridden procedures if there is no explicit call
HelpInsight documentation in Delphi 2007
Is it possible to deploy a native Delphi application with ClickOnce
In Delphi 7, why can I assign a value to a const?
Best way to sort an array in delphi
What's the best Delphi book for a newbie?
Visual Studio equivalent to Delphi bookmarks
What's the idiomatic way to do async socket programming in Delphi?
64bit Memory allocation
Documenting Delphi
How to implement Type-safe COM enumerations in Delphi ?
TClientDataSet Aggregates specification aren't added automatically when creating an Aggregate field.
Multiple form Delphi applications and dialogs
Unit testing in Delphi - how are you doing it ?
How to keep track of the references to an object?
Delphi and COM: TLB and maintenance issues
Changing CURRENT save/default directory in Delphi 2007 without using Save-As
What is the best way to make a Delphi Application completely full screen ?
Are there any "mind mapping" components for Delphi? (native VCL preferably)
Delphi resources for existing .NET developer.
What is needed to get Delphi back on top?
Delphi MDI Application and the titlebar of the MDI Children
Can a windows dll retrieve its own filename?