RSA Public/Private Encryption

[nebev]

Hey there.

I have an AutoIT app that encrypts some traffic using an RSA Public key, and sends it off to a PHP webserver. It's then decrypted (using the private key obviously), processed, encrypted (using the Private key) and sent back to the program.

The program verifies it with its public key.

Now, this is pretty basic RSA encryption. I'm just calling the OpenSSL EXE compiled for Win32 at the moment. For encrypting, I'm using this command:

openssl.exe rsautl -encrypt -in req.tmp -out req.enc -pubin -inkey mykey.public

For verifying messages that come from the server, I'm using this command

openssl.exe rsautl -verify -in rsp.enc -out rsp.unc -pubin -inkey mykey.public

My problem is, it's ugly. I don't want to use temporary files, and would much rather use something like a DLL call.

libeay32.dll has come up a lot, but I have no idea how to call the appropriate functions.

Searches on the forums have revealed some RSA utilities (peethebee), but since I'm using this script to communicate with a PHP program, I really need standard OpenSSL keys to work.

Any ideas? I thought this would be a pretty common problem. I'm not really a C++ programmer (LOVE AutoIT though btw), but I know the basics if that helps.

Any help would be greatly appreciated.

[PsaltyDS]

Hey there.

I have an AutoIT app that encrypts some traffic using an RSA Public key, and sends it off to a PHP webserver. It's then decrypted (using the private key obviously), processed, encrypted (using the Private key) and sent back to the program.

The program verifies it with its public key.

Now, this is pretty basic RSA encryption. I'm just calling the OpenSSL EXE compiled for Win32 at the moment. For encrypting, I'm using this command:

openssl.exe rsautl -encrypt -in req.tmp -out req.enc -pubin -inkey mykey.public

For verifying messages that come from the server, I'm using this command

openssl.exe rsautl -verify -in rsp.enc -out rsp.unc -pubin -inkey mykey.public

My problem is, it's ugly. I don't want to use temporary files, and would much rather use something like a DLL call.

libeay32.dll has come up a lot, but I have no idea how to call the appropriate functions.

Searches on the forums have revealed some RSA utilities (peethebee), but since I'm using this script to communicate with a PHP program, I really need standard OpenSSL keys to work.

Any ideas? I thought this would be a pretty common problem. I'm not really a C++ programmer (LOVE AutoIT though btw), but I know the basics if that helps.

Any help would be greatly appreciated.

Download the latest Beta version of AutoIt (3.3.1.3) and look at the functions in monoceres' new Crypt.au3. It uses the crypt functions in AdvApi32.dll, which is native to Windows, but you can see how the functions work. The UDF doesn't include the globals for the RSA algorithms:

$CALG_RSA_KEYX = 0x0000a400 ; RSA public key exchange algorithm.
$CALG_RSA_SIGN = 0x00002400 ; RSA public key signature algorithm.

I'm not sure how much would be involved in adding those algorithms, but it's probably more than just adding those globals.