Mariano Guerra's Log (Publicaciones sobre crypto)http://marianoguerra.org/esMon, 18 Nov 2024 17:56:44 GMTNikola (getnikola.com)http://blogs.law.harvard.edu/tech/rssPublic/Private Key Encryption, Sign and Verification in Erlanghttp://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/Mariano Guerra<p>You want to encrypt/decrypt some content?</p> <p>You want to generate a signature and let others verify it?</p> <p>At least that's what I wanted to do, so here it is.</p> <p>First generate keys if you don't have some available:</p> <div class="code"><pre class="code sh"><a id="rest_code_d1af6be249994e0b884ea9931c705b14-1" name="rest_code_d1af6be249994e0b884ea9931c705b14-1" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_d1af6be249994e0b884ea9931c705b14-1"></a>openssl<span class="w"> </span>genrsa<span class="w"> </span>-out<span class="w"> </span>private.pem<span class="w"> </span><span class="m">2048</span> <a id="rest_code_d1af6be249994e0b884ea9931c705b14-2" name="rest_code_d1af6be249994e0b884ea9931c705b14-2" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_d1af6be249994e0b884ea9931c705b14-2"></a>openssl<span class="w"> </span>rsa<span class="w"> </span>-in<span class="w"> </span>private.pem<span class="w"> </span>-out<span class="w"> </span>public.pem<span class="w"> </span>-outform<span class="w"> </span>PEM<span class="w"> </span>-pubout </pre></div> <p>Load the raw keys:</p> <div class="code"><pre class="code erlang"><a id="rest_code_8da8651b71f6470ba6274a100b78ace0-1" name="rest_code_8da8651b71f6470ba6274a100b78ace0-1" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_8da8651b71f6470ba6274a100b78ace0-1"></a><span class="p">{</span><span class="n">ok</span><span class="p">,</span><span class="w"> </span><span class="nv">RawSKey</span><span class="p">}</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">file</span><span class="p">:</span><span class="nf">read_file</span><span class="p">(</span><span class="s">"private.pem"</span><span class="p">).</span> <a id="rest_code_8da8651b71f6470ba6274a100b78ace0-2" name="rest_code_8da8651b71f6470ba6274a100b78ace0-2" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_8da8651b71f6470ba6274a100b78ace0-2"></a><span class="p">{</span><span class="n">ok</span><span class="p">,</span><span class="w"> </span><span class="nv">RawPKey</span><span class="p">}</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">file</span><span class="p">:</span><span class="nf">read_file</span><span class="p">(</span><span class="s">"public.pem"</span><span class="p">).</span> <a id="rest_code_8da8651b71f6470ba6274a100b78ace0-3" name="rest_code_8da8651b71f6470ba6274a100b78ace0-3" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_8da8651b71f6470ba6274a100b78ace0-3"></a> <a id="rest_code_8da8651b71f6470ba6274a100b78ace0-4" name="rest_code_8da8651b71f6470ba6274a100b78ace0-4" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_8da8651b71f6470ba6274a100b78ace0-4"></a><span class="p">[</span><span class="nv">EncSKey</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">public_key</span><span class="p">:</span><span class="nf">pem_decode</span><span class="p">(</span><span class="nv">RawSKey</span><span class="p">).</span> <a id="rest_code_8da8651b71f6470ba6274a100b78ace0-5" name="rest_code_8da8651b71f6470ba6274a100b78ace0-5" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_8da8651b71f6470ba6274a100b78ace0-5"></a><span class="nv">SKey</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">public_key</span><span class="p">:</span><span class="nf">pem_entry_decode</span><span class="p">(</span><span class="nv">EncSKey</span><span class="p">).</span> <a id="rest_code_8da8651b71f6470ba6274a100b78ace0-6" name="rest_code_8da8651b71f6470ba6274a100b78ace0-6" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_8da8651b71f6470ba6274a100b78ace0-6"></a> <a id="rest_code_8da8651b71f6470ba6274a100b78ace0-7" name="rest_code_8da8651b71f6470ba6274a100b78ace0-7" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_8da8651b71f6470ba6274a100b78ace0-7"></a><span class="p">[</span><span class="nv">EncPKey</span><span class="p">]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">public_key</span><span class="p">:</span><span class="nf">pem_decode</span><span class="p">(</span><span class="nv">RawPKey</span><span class="p">).</span> <a id="rest_code_8da8651b71f6470ba6274a100b78ace0-8" name="rest_code_8da8651b71f6470ba6274a100b78ace0-8" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_8da8651b71f6470ba6274a100b78ace0-8"></a><span class="nv">PKey</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">public_key</span><span class="p">:</span><span class="nf">pem_entry_decode</span><span class="p">(</span><span class="nv">EncPKey</span><span class="p">).</span> </pre></div> <p>Let's encrypt a message with the private key and decrypt with the public key:</p> <div class="code"><pre class="code erlang"><a id="rest_code_0dc72c572f6d4997a456a307b13ca587-1" name="rest_code_0dc72c572f6d4997a456a307b13ca587-1" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_0dc72c572f6d4997a456a307b13ca587-1"></a><span class="nv">Msg</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="o">&lt;&lt;</span><span class="s">"hello crypto world"</span><span class="o">&gt;&gt;</span><span class="p">.</span> <a id="rest_code_0dc72c572f6d4997a456a307b13ca587-2" name="rest_code_0dc72c572f6d4997a456a307b13ca587-2" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_0dc72c572f6d4997a456a307b13ca587-2"></a><span class="nv">CMsg</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">public_key</span><span class="p">:</span><span class="nf">encrypt_private</span><span class="p">(</span><span class="nv">Msg</span><span class="p">,</span><span class="w"> </span><span class="nv">SKey</span><span class="p">).</span> <a id="rest_code_0dc72c572f6d4997a456a307b13ca587-3" name="rest_code_0dc72c572f6d4997a456a307b13ca587-3" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_0dc72c572f6d4997a456a307b13ca587-3"></a><span class="nv">Msg</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">public_key</span><span class="p">:</span><span class="nf">decrypt_public</span><span class="p">(</span><span class="nv">CMsg</span><span class="p">,</span><span class="w"> </span><span class="nv">PKey</span><span class="p">).</span> </pre></div> <p>We can do it the other way, encrypt with the public key and decrypt with the private key:</p> <div class="code"><pre class="code erlang"><a id="rest_code_2319689c417e4f3394c79c98e3fc86b1-1" name="rest_code_2319689c417e4f3394c79c98e3fc86b1-1" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_2319689c417e4f3394c79c98e3fc86b1-1"></a><span class="nv">CPMsg</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">public_key</span><span class="p">:</span><span class="nf">encrypt_public</span><span class="p">(</span><span class="nv">Msg</span><span class="p">,</span><span class="w"> </span><span class="nv">PKey</span><span class="p">).</span> <a id="rest_code_2319689c417e4f3394c79c98e3fc86b1-2" name="rest_code_2319689c417e4f3394c79c98e3fc86b1-2" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_2319689c417e4f3394c79c98e3fc86b1-2"></a><span class="nv">Msg</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">public_key</span><span class="p">:</span><span class="nf">decrypt_private</span><span class="p">(</span><span class="nv">CPMsg</span><span class="p">,</span><span class="w"> </span><span class="nv">SKey</span><span class="p">).</span> </pre></div> <p>Let's generate a signature for the message that others can verify with our public key:</p> <div class="code"><pre class="code erlang"><a id="rest_code_1c2fa59e1c684adf8400270135e37c33-1" name="rest_code_1c2fa59e1c684adf8400270135e37c33-1" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_1c2fa59e1c684adf8400270135e37c33-1"></a><span class="nv">Signature</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nn">public_key</span><span class="p">:</span><span class="nf">sign</span><span class="p">(</span><span class="nv">Msg</span><span class="p">,</span><span class="w"> </span><span class="n">sha256</span><span class="p">,</span><span class="w"> </span><span class="nv">SKey</span><span class="p">).</span> <a id="rest_code_1c2fa59e1c684adf8400270135e37c33-2" name="rest_code_1c2fa59e1c684adf8400270135e37c33-2" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_1c2fa59e1c684adf8400270135e37c33-2"></a><span class="nn">public_key</span><span class="p">:</span><span class="nf">verify</span><span class="p">(</span><span class="nv">Msg</span><span class="p">,</span><span class="w"> </span><span class="n">sha256</span><span class="p">,</span><span class="w"> </span><span class="nv">Signature</span><span class="p">,</span><span class="w"> </span><span class="nv">PKey</span><span class="p">).</span> <a id="rest_code_1c2fa59e1c684adf8400270135e37c33-3" name="rest_code_1c2fa59e1c684adf8400270135e37c33-3" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_1c2fa59e1c684adf8400270135e37c33-3"></a> <a id="rest_code_1c2fa59e1c684adf8400270135e37c33-4" name="rest_code_1c2fa59e1c684adf8400270135e37c33-4" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_1c2fa59e1c684adf8400270135e37c33-4"></a><span class="c">% let's see if it works with another message</span> <a id="rest_code_1c2fa59e1c684adf8400270135e37c33-5" name="rest_code_1c2fa59e1c684adf8400270135e37c33-5" href="http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/#rest_code_1c2fa59e1c684adf8400270135e37c33-5"></a><span class="nn">public_key</span><span class="p">:</span><span class="nf">verify</span><span class="p">(</span><span class="o">&lt;&lt;</span><span class="s">"not the original message"</span><span class="o">&gt;&gt;</span><span class="p">,</span><span class="w"> </span><span class="n">sha256</span><span class="p">,</span><span class="w"> </span><span class="nv">Signature</span><span class="p">,</span><span class="w"> </span><span class="nv">PKey</span><span class="p">).</span> </pre></div>http://marianoguerra.org/es/posts/publicprivate-key-encryption-sign-and-verification-in-erlang/Fri, 01 Sep 2017 10:28:51 GMT