Lockbox 3 load public key not possible - stream re

2019-02-20 21:37发布

问题:

Well i generated a keypair with openssl

openssl genrsa -des3 -out _private.pem 1024

openssl rsa -pubout -in _private.pem -out public.pem

Public

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdPKdvB/h59WzaE2/S+V
4AmPz5tg9g8tkWh3VrtCHDdD3rGPVZ4zEokJvif4etwHxCQQcS+aOGi3DCyzys+Y
qtytFxMzYOLjTbsWC/dqullgtEpNzbvdNB/EgFQjyAcPPL4SGM892R0O/o9wG0H+
ts6ttwdTDX+wXVy6h/uM4eK0gUrk85nOYaRSgmH4u9fGViNH27mkwCr234c3Dn6B
LmooeKnUXEU2vXxqetT0Yns72m2dsjpWBw/RVaZn7K9jW7/kIhPTZFA6boOWy3WD
NZ1BaMnQ7DcAOFuCi24W6dfl3f7wvj7tQF4fslW/vJ67wqd4N5E6h23ypx1E1Ahv
HwIDAQAB
-----END PUBLIC KEY-----

Private

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,DBA7527F283708D5

tTKAEnSBYtoHYwSxKS8j7dbeyKzUtemofRX4k/jYdj7ROCJqiA6QbxdK8qgEigVS
L83Ee/AK4m4JBC7kk+e8OTPdsohmlKYDSyjKiEhFniLUoN6I1Tc8NtZzyPgYLt6D
xKUKfLWhpRqR9UzJBaMMF6e4Eqm0dFv2oIfDBBXiyid+L+bakuHd2Mkm4pZnRywo
RQWrdAJx7vMv0tET2Zvfgt6S9EURwnoghd9kdtZ3a978Y207F9K2z5PNrA/MLW28
pz8Zf4+Usc0jjQ/DF3iEYKsGdLEsCBVbTf+1+8NMB7SftDAcnmCZes+2/mKfPT1k
w3pgQl3lmC8D1j1S6VfPd6voFfVxuGrf+hWAZQ3aLaqlnTm+0fl7ahD+pDVvTHNJ
F9grzlo4mYlLzsbs8/eLcUjxfU8wuvL9aph6zeYt2YcQSyOhR3FqS2Er+dOyQVDM
AeBz8X/0hughzkjztvBbrfA5WmQ0hhjP2mbZw6cvNyQiovlycONNf0Ube/uytgxE
55eUmoph7m5lSPBRmRDzfl8oRC7WWxNFUJlwWBH83prJpOm5BmBGs+eqDatU0X3b
v6zGAsYJ6Q5rA2ejlJP4qFwyEEvKQmgXTb4W1c61BfJQE5xNFGKEXAzRxdfEi64K
8Zp0DmWwFW09cmVP67Wfta2O6HfnUzqoTEPH/Kwhvd7wTKAs4hf6r8xiSS3gah+Z
xVQl98a8Mr5LbMbQlV8HzOQFh0eoKdoFFIaob8HqfNJWiIgF6/Zm2LLGHWiyQkC4
pyXLW7fqC4l22x5bmDR/wTsJAgFCmIi2tHGIQOTQ1zoNLkQfYhG6yaxqxYhgKbvK
343kJaMyru1nYW/TuVTN/dfMCL8oNJngzHJS77zVcQhqCBfnXoAwbIX5B6p2GmR3
dCtIKZU0OOnp8JjAS+Kf2GoGZ/AJPsZHDP6g7zYsEyB/SJdLFO3/grgGE3x13HjL
4NeBYDDxEDMKhDbqkKET7YOGM5D3PWO09peu3Ubtxl9WLUtB4MtHEpNU7q8kGTSi
oWELJz/j9EtMnA3IebO40QGPMwOz0pejZDG9cGiYXJ7MA97UxcPmP3rGkJ1y+XY0
4r6g6bGSEcUL9UJPsclUf/l/9fU+Gvgu+ul1XBxXvtDAc3tA3qebC96ZshFB1Uz4
tX8YaqUMHSqAjAVoOaY9ddqeHLzTyRoVoGvF0an/S1CLZn0kLPC4t9kHHqfT3mtu
aGQatCXJnkwerkF4PLe7EiB5zRvwRXHg2oTwXSYFDypp3wILthgQrRf7maIduFPY
TGNkbTYvf30B5HaKQhISNwRNgiNjdtWZsnfWYU+iePIGMgOZjZi4zTkGnPDxi0+Q
KM7yBJ1dojg7aS/6aDe29wSdviVGFCFsXbQWlBG3ul3R9V9onO9c3Vy+8G0dv6I+
7qjDK4VgbeVKaFaYHs6anKN2yG4kZmaM7D/HuKoxBTRP0GTARZIEYSzPxkHURfWh
Cw+IMNJGWwPHMv/rrjoMhA4ucgIgd0GtfliiIIst+9J+shiPfxNK17B5Kx3wPgFY
BkQ52B1h0HmCNhEb4DJ2HRRKMky50cflaxNLEeUay+2/IJAsN9yb+g==
-----END RSA PRIVATE KEY-----

When i try to load the key with the following procedure it always says "Stream reading Error" at line Signatory1.LoadKeysFromStream(f, [partPrivate]);

var
  f: TMemoryStream;
  Signatory1: TSignatory;
  codecRSA: TCodec;
  CryptographicLibrary1: TCryptographicLibrary;
  base64Ciphertext: string;
begin
   f:= TMemoryStream.Create;
   f.LoadFromFile('C:\OpenSSL-Win32\bin\private.pem');

  codecRSA :=TCodec.Create(nil);
  CryptographicLibrary1 := TCryptographicLibrary.Create(nil);
  Signatory1 :=TSignatory.Create(nil);

  //=============TCodec===================
  codecRSA.CryptoLibrary  := CryptographicLibrary1;
  codecRSA.StreamCipherId := 'native.RSA';
  codecRSA.ChainModeId:= 'native.CBC';
  codecRSA.AsymetricKeySizeInBits := 1024;

  //====Signatory1=====================
  Signatory1.Codec :=codecRSA;
  //===Load public key=============
  Signatory1.LoadKeysFromStream(f, [partPrivate]);
end;

Any suggestions? I am using Delphi XE7 and the latest release of Lockbox 3 from Github

回答1:

In my experience, LockBox 3 needs a PKCS#1 public key when working with OpenSSL generated keys. You must convert the public key to PKCS#1 before Lockbox3 can load it. (OpenSSL generates a PKCS#8 key). Use the RSAPublicKey keyword.

openssl rsa -pubin -in yourpublickey -RSAPublicKey_out -out publicpkcs1

https://www.openssl.org/docs/apps/rsa.html

http://lockbox.seanbdurkin.id.au/tiki-view_forum_thread.php?comments_parentId=298&display=print



回答2:

After loading the stream you should reset it to the beginning before handing it over to LoadKeysFromStream.

  //====Signatory1=====================
  Signatory1.Codec :=codecRSA;
  //===Load public key=============
  f.Position := 0;
  Signatory1.LoadKeysFromStream(f, [partPrivate]);