[Botan-devel] using botan with a javascript crypto library

jonny ram jonniram at gmail.com
Tue Jul 6 19:33:29 EDT 2010


Haven't had any luck yet as far as getting Botan keys to work. I even hashed
them on both sides to make sure it's not just an issue with the way JCT
decodes base 64 or something, but the hashes are identical. If you have any
time, I've attached a simple test script with the private keys I generated
included, and it lets you choose which key to use. The botan key was
generated with the method you suggested (and it will lock up your browser or
tab if you choose it). I appreciate any help.

Here's a zip file with the attached file along with all required JCT files,
for convenience:
http://www.filedropper.com/test_68

On Tue, Jul 6, 2010 at 10:31 AM, Jack Lloyd <lloyd at randombit.net> wrote:

> On Tue, Jul 06, 2010 at 09:57:41AM -0400, jonny ram wrote:
> > Thank you very much for the help, I'll try this out when I get home and
> let
> > you know. I avoided SOAEP after reading that it was non-standard, but
> wasn't
> > sure about BitPadding. I thought about using Raw on botan's side, but the
> > API reference made it seem a bit dangerous. I'll probably try that first
> > before attempting to modify SOAEP to bring it in line with the standard.
>
> Raw is dangerous but it's precisely there for this kind of situation -
> where you need an escape hatch out of the standard encodings to deal
> with another system that is doing something weird.
>
> > Regarding keys, I actually avoid using any special encoding. The way I am
> > currently transferring them from C++ to JS is to just get each part of
> the
> > key using get_n(), get_d(), etc. Then I base64 them and send them to the
> JS
> > side, where I decode them into byte arrays. I construct the private key
> with
> > JCT like this:
> >
> > rsa.privateKey(n, i2ba(65537), d, 1024);
> > //first three parameters are byte arrays and the last is an integer
> >
> > When n and d come from Botan, it actually does let me create the object,
> and
> > it even lets me do public key encryption with it (though the output could
> > just be garbage), but when I try private key decryption it actually hangs
> in
> > an infinite loop. I'm pretty sure my own JS code is fine because both
> > operations perform perfectly when n and d are generated by JCT itself.
>
> This was my assumption (since it doesn't looke like JCT and botan
> share any common formats for transferring keys otherwise). But I'm
> thinking perhaps d itself is not of a form that JCT can deal with.
> Instead of get_d(), give it the result of (get_p()-1)*(get_q()-1)
> as the private key.
>
> -Jack
> _______________________________________________
> botan-devel mailing list
> botan-devel at randombit.net
> http://lists.randombit.net/mailman/listinfo/botan-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/botan-devel/attachments/20100706/adfeca69/attachment.html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/botan-devel/attachments/20100706/adfeca69/attachment-0001.html>


More information about the botan-devel mailing list