Develop Reference

Generated public key from private key different in 2 cases

I'm trying to generate a private key and public key pair. I want to use the private key to sign my JWT and send the public key to a 3rd party to decode my JWT.
On my mac os terminal, I generated my keys like this:
ssh-keygen -m PEM -t rsa -b 2048
Do now I've pkey & pkey.pub as private and public keys respectively. Now in my rails console I tried to get the private key like this, which works fine:
rsa_private = OpenSSL::PKey::RSA.new(File.read("/path/to/private/key/pkey"))
rsa_private.to_s
"-----BEGIN RSA PRIVATE KEY-----\nCONTENTS_OF_PKEY_FILE\n-----END RSA PRIVATE KEY-----\n"
Now in rails, I can get the public key from generated private key like this :
pub_key = rsa_private.public_key
But when I try to print it's contents, it differs from what's there in pkey.pub generated when I ran ssh-keygen command.
pub_key looks something like this:
"-----BEGIN PUBLIC KEY-----\nSOME_CONTENT\n-----END PUBLIC KEY-----\n"
But my pkey.pub file looks different, something like this:
ssh-rsa SOME_OTHER_CONTENT user#user.local
So, my question, is how can I get 2 different public keys for same private key? Which one do I use to decode my JWT?

Keys should be the same, but are encoded differently.
An RSA key pair consists of several numbers, private key is all these data, public key is the same with private part deleted.
Numbers can be written in different order, encoded in different formats. Also keys can be encrypted for storage with a password(not this case). Thus files with the same keys can look absolutely different.
PEM-format (the one with BEGIN PUBLIC KEY and Base64 data) is more common for generic keys, so better use it.
Update:
PEM format is base64 encoded DER with header and footer. DER in its turn is binary representation of ASN.1. But SSH uses a dirrerent key encoding format (RFC4716)
Example:
% ssh-keygen -m PEM -t rsa -N '' -b 1024 -f ./rsa
% cat rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDRNFYxsULk6x90T0EE8iS3skfJJ407ef3WJJClre0k2sLJUJX6/Xbc3ObxNjixXcgIXp2H4oVOnNpujqFF/XM81zlpLjGT/4igtK1FjIHIaFyRheGuwplgwCkXlxAe/oH1Bb4nFXlD/kORmGgSfSE9BpH+HQU3IzyU1i0X9K828Q== vasfed#Vasiliys-MacBook-Pro.local
% ssh-keygen -e -m PEM -f ./rsa.pub
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBANE0VjGxQuTrH3RPQQTyJLeyR8knjTt5/dYkkKWt7STawslQlfr9dtzc
5vE2OLFdyAhenYfihU6c2m6OoUX9czzXOWkuMZP/iKC0rUWMgchoXJGF4a7CmWDA
KReXEB7+gfUFvicVeUP+Q5GYaBJ9IT0Gkf4dBTcjPJTWLRf0rzbxAgMBAAE=
-----END RSA PUBLIC KEY-----
% ssh-keygen -e -m PKCS8 -f ./rsa.pub
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRNFYxsULk6x90T0EE8iS3skfJ
J407ef3WJJClre0k2sLJUJX6/Xbc3ObxNjixXcgIXp2H4oVOnNpujqFF/XM81zlp
LjGT/4igtK1FjIHIaFyRheGuwplgwCkXlxAe/oH1Bb4nFXlD/kORmGgSfSE9BpH+
HQU3IzyU1i0X9K828QIDAQAB
-----END PUBLIC KEY-----
Above is 3 different encodings of the same key, here are ASN-decoded versions of the latter two (via https://lapo.it/asn1js):
PEM, the bare minimum (modulus and exponent, no metadata):
SEQUENCE (2 elem)
INTEGER (1024 bit) 146908353891476107599563957703741990254320034409224509383359005248419…
INTEGER 65537
PKCS8, here we see the exact same numbers, but this time with some metadata:
SEQUENCE (2 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 1.2.840.113549.1.1.1 rsaEncryption (PKCS #1)
NULL
BIT STRING (1 elem)
SEQUENCE (2 elem)
INTEGER (1024 bit) 146908353891476107599563957703741990254320034409224509383359005248419…
INTEGER 65537

rails openssl different results of encryption from code and terminal

when I try to encrypt data from terminal like
echo -n "TestData" | openssl enc -aes-256-cbc -a -K C81E728D9D4C2F636F067F89CC14862C65990ABE58735B91B6B8798E8CE45F22 -iv D342F9C6310F6B21E97AB38595BD8CAA
than the Base64 encoded result I receive is
VJwJBTtVntJvRGkD24S4wg==
But when I try same thing with rails using exactly same key and initialization vector
cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
cipher.encrypt
cipher.key = "C81E728D9D4C2F636F067F89CC14862C65990ABE58735B91B6B8798E8CE45F22"
cipher.iv = "D342F9C6310F6B21E97AB38595BD8CAA"
encrypted_data = cipher.update("TestData")
encrypted_data << cipher.final
Base64.strict_encode64(encrypted_data)
than I receive entirely different Base64 encoded result
qavpNrU7llgauAyyEZz/bw==
can someone point that what I missed?

You provide the key and iv attributes as hex strings, but the expected format is raw bytes. Converting them to binary yields the expected result, with the following script:
require 'openssl'
require 'base64'
def hex_to_bin(s)
s.scan(/../).map { |x| x.hex.chr }.join
end
cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
cipher.encrypt
cipher.key = hex_to_bin("C81E728D9D4C2F636F067F89CC14862C65990ABE58735B91B6B8798E8CE45F22")
cipher.iv = hex_to_bin("D342F9C6310F6B21E97AB38595BD8CAA")
encrypted_data = cipher.update("TestData")
encrypted_data << cipher.final
puts Base64.strict_encode64(encrypted_data)
(Source for the hex_to_bin function: To Hex and Back (With Ruby)).
Calling it encrypt.rb, this is the result of running it:
$ ruby encrypt.rb
encrypt.rb:8: warning: constant OpenSSL::Cipher::Cipher is deprecated
VJwJBTtVntJvRGkD24S4wg==
To get rid of the "is deprecated" warning I had to replace the deprecated class OpenSSL::Cipher::Cipher with OpenSSL::Cipher.

The key is to short, 98304A2480DDC0FA354278936DAC2A0D7D9074650AD6 is an invalid key size, AES keys are 128, 192 or 256 bits in length (16, 24 or 32 bytes). Since it appears the key should be 256-bits (32-bytes) the missing key bytes will be either garbage or possibly nulls, key extension is undefined. Thus different results.
Assuming null padding and PKCS#7 padding for the first case the result is correct:
AESCALC
The second example is filling out the key in some other manor.
The solution is to use a full length key.

How to Generate RSA Public Key from Modulus and Exponent in Swift 4?

I need to generate RSA Public Key from Modulus and Exponent. I am new about Swift so I searched about that. I found these:
Generate RSA Public Key from Modulus and Exponent
Generating public key from modulus and exponent
https://meniny.cn/posts/RSA_public_key_with_modulus_and_exponent/
But this suggestions are not compiled with Swift 4. there are so much errors. Also I found this : https://forums.developer.apple.com/thread/4866
it said "iOS does not provide any public APIs for this". so how can I do this ?

Clojure SHA256 HMAC function not producing expected results

I have the following Clojure code:
(ns myproject.hmac-sha256
(:import (javax.crypto Mac)
(javax.crypto.spec SecretKeySpec)))
(defn secretKeyInst [key mac]
(SecretKeySpec. (.getBytes key) (.getAlgorithm mac)))
(defn toString [bytes]
"Convert bytes to a String"
(String. bytes "UTF-8"))
(defn sign [key string]
"Returns the signature of a string with a given
key, using a SHA-256 HMAC."
(let [mac (Mac/getInstance "HMACSHA256")
secretKey (secretKeyInst key mac)]
(-> (doto mac
(.init secretKey)
(.update (.getBytes "UTF-8")))
.doFinal
toString)))
When I use the sign function in the REPL, strange glyphs are output:
(sign "key" "The quick brown fox jumps over the lazy dog")
"*��`��n�S�F�|�؏�o�r���"
whereas I was expecting f7bc83f430538424b13298e6aa6fb143ef4d59a14946175997479dbc2d1a3cd8 as per https://en.wikipedia.org/wiki/Hash-based_message_authentication_code#Examples_of_HMAC_.28MD5.2C_SHA1.2C_SHA256.29
This is doubtless a string encoding issue, but I don't really know much about encoding. Can anyone help?

To put the output into a format that can be compared with the examples don't call the toString defined above, instead treat the result of .doFinal as a byte array and print it in hex. The example above is signing the string "UTF-8" instead of the input string:
(defn sign [key string]
"Returns the signature of a string with a given
key, using a SHA-256 HMAC."
(let [mac (Mac/getInstance "HMACSHA256")
secretKey (secretKeyInst key mac)]
(-> (doto mac
(.init secretKey)
(.update (.getBytes string)))
.doFinal)))
myproject.hmac-sha256> (apply str (map #(format "%x" %) (sign "key" "The quick brown fox jumps over the lazy dog")))
"f7bc83f430538424b13298e6aa6fb143ef4d59a14946175997479dbc2d1a3cd8"
you could then write the toString function as something like:
(defn toHexString [bytes]
"Convert bytes to a String"
(apply str (map #(format "%x" %) bytes)))

Do the SHA1 of a string always return ASCII characters?

The input string can be a unicode string.Do the output string after calculating SHA1 will always return ASCII characters?

It depends but strictly speaking, no. The output of the SHA-1 hash is 160 bits, or 20 bytes, but the bytes are not guaranteed to be in the ASCII range.
However, some hash functions output the hex equivalent (i.e. 40 characters) of the 20 bytes, so if the first three bytes of the actual hash are 0x7e, 0x03, and 0xb2, the output would begin with "7e03b2", in which case the output is ASCII.

SHA1 returns 20 bytes. SHA1 does not deal with encodings, text, ASCII, etc.
One common way to represent binary data is by encoding it in hexadecimal - in this case, the output is always [a-f][0-9]

sha1 returns a binary string. Some sha1 functions may, as a convenience, also encode that binary string into hexadecimal or base64 - if so, the result will be ASCII characters. But sha1 itself does not return ASCII.