I wrote a program that works on an ongoing basis using the <openssl/rsa> C library.
It basically decrypts the password specified in the argument. The problem is that sometimes it works flawlessly, and in some other cases it fails (with the same pubkey / privkey / password, returning this error:
message: error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed
Has anyone ever experienced this? Why does such an error return, usually?
Additional Information
It retrieves the private key when initializing the program with the following:
#define PRIVFILE "<correct-path>/privkey.pem" EVP_PKEY *privKey; int size_key; FILE *fp = fopen(PRIVFILE, "r"); if (!fp) { <logs> return -1; } PEM_read_PrivateKey(fp, &privKey, 0, NULL); fclose (fp); if (privKey == NULL) { ERR_print_errors_fp (stderr); return -1; } size_key = EVP_PKEY_size(privKey);
Later, during a listening cycle, the method calls a private decryption algorithm
int len_enc = size_key; unsigned char* enc_pw; unsigned char* dec_pw; int len_dec = 8; char* err = malloc(130); enc_pw = malloc(len_enc); dec_pw = malloc(len_dec); memset(enc_pw, 0, len_enc); memset(dec_pw, 0, len_dec); memcpy(enc_pw, value, len_enc);
I did data encryption using perl using Crypt :: OpenSSL :: RSA:
my $ rsa_pub = Crypt :: OpenSSL :: RSA-> new_public_key ($ key_string);
my $ ciphertext = $ rsa_pub-> encrypt ($ plaintext);
There is some base64 encoding / decoding that I didn't mention to make it a little shorter. That is not the problem.
the private key and public key are generated using openssl genrsa: openssl genrsa -out privkey.pem 1024 and openssl rsa -in privkey.pem -pubout > pubkey.pub
It seems to work for a while, but sometimes (during the peak of the request, if that matters), I get these errors for encrypted data that seemed valid before that:
message: error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed