Hello everyone,
I'm having this error message when trying to encrypt a text using a public key generated on an authentication server here in the company. As you can see in the OML file, I created a server action with RSA_Encrypt and put the public key in the PublicKey parameter and a text 123456 in the PlainText parameter. When running WebScreen the error "Invalid syntax on line 9" is displayed on the screen. Can you help me with this?
If you need the public key I am using is:
----- BEGIN PUBLIC KEY -----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Ro6mO + SICi7unoYbkt1
HCQbbfNMjoB8BDOcGi63R / wlxl4SAQZp5J5BTPtAI5h6Ym9j7 + IJYC8qZyZzq7Z6
mhOAlDWztPT + Eidn4tF2NzIXLaQRNJMxpvIArZs8Oigh7s3WqDPH2ENPKxECbiQ0
sbzDMZ0Cy98BCsHadmGY8sszQjT63dSwAgOhmvQdxABwDtC / w955XDWOAjKYX + Xd
yyr / aNVKEuM / E8Vn / 0JyiDow4EgDgBpR4hyXELUiyZFBHT3AyNvik / qHrlwGbAwn
HRZLq4rxT1dtlmmufV4DWOHVf1d7ZQ5eHtNZp6gADuNkfl0XCFOM91dvdEpfMfDF
LQIDAQAB
----- END PUBLIC KEY -----
The OML file is attached.
Hi Thiago,
CryptoAPI actions don't directly support PEM encoded RSA keys. You'll need to convert them to XML notation using RSA_PrivateKeyFromPEM (yes, I'm aware the name doesn't make it obvious you should use it for a public key).
I don't remember if I tried it with a public key directly, but think it should work.
Please give it a go and let me know if you're having issues so I can look further into it.
Hi Ricardo,
I tried to use RSA_PrivateKeyFromPEM, but I did not succeed.
However, since you said that I needed to convert my PEM file to XML I made this conversion through https://superdry.apphb.com/tools/online-rsa-key-converter
With a public key generated for testing it worked. But with my public key generated by the authentication platform did not work, I'm not sure if the error could be in PKCS format or in another detail that I have not seen.
I keep trying here.
Hi,
What exactly didn't work with the key generated by the application?
Was it the online tool for converting that failed? Or was CryptoAPI which then failed to use the converted XML key?
Sorry for the delay in coming back here.
So I had some evolution from yesterday to today.
I was able to use the RSA_PrivateKeyFromPEM.
I believe that the manipulation of private and public keys is already ok.
But I believe I'm having trouble with the encryption type.
I believe that the error reported in the topic has already been remedied. I'll open another post, because I think the error is already related to something else.
Thank you so far Ricardo.
Not working please advise.
Error detail
Back to Log
Id
0f51a171-2b16-4201-8c7c-04f6288587b9
Request Key
4a4877de-a379-4f05-b850-9b1c3ef1afbc
Module
calvinust02_SFO_SOAP
Tenant
Users
User
(7)
Session Id
GfVoqDWw3EOmh7aq7qtRUw==
Server
EC2AMAZ-TEQ9CUL
Source
Message
Length cannot be less than zero.Parameter name: length
Environment Information
eSpaceVer: Id=311, PubId=0, CompiledWith=11.10.8.060000RequestUrl: https://hkust-dev.jku3mkvfan.getoutsystems.com/calvinust02_SFO_SOAP/moduleservices/log?clientTimeInMillis=1630898510720 (Method: POST)AppDomain: /LM/W3SVC/1/ROOT/calvinust02_SFO_SOAP-321-132753720728033366FilePath: D:\OutSystems\Platform Server\running\calvinust02_SFO_SOAP.01577510155\ClientIp: 10.0.0.158 X-Forwarded-For: 143.89.239.137Locale: en-USDateFormat: yyyy-MM-ddPID: 3504 ('w3wp', Started='8/17/2021 10:21:51 PM', Priv=965Mb, Virt=2109827Mb)TID: 154Thread Name:.NET: 4.0.30319.42000Client Runtime Packages: client-runtime-core= 3.0.7;client-runtime-view-framework-react= 1.5.6;client-runtime-widgets= 1.5.6;Client-Side Log
Stack
RSA_PrivateKeyFromPEMSystem.ArgumentOutOfRangeException: Length cannot be less than zero.Parameter name: lengthat Object.s [as getException] (https://hkust-dev.jku3mkvfan.getoutsystems.com/calvinust02_SFO_SOAP/scripts/OutSystems.js?LTlhHECPOUxqT4vuxlhDGg:2:6362)at c.onSuccess (https://hkust-dev.jku3mkvfan.getoutsystems.com/calvinust02_SFO_SOAP/scripts/OutSystems.js?LTlhHECPOUxqT4vuxlhDGg:3:709) at XMLHttpRequest.<anonymous> (https://hkust-dev.jku3mkvfan.getoutsystems.com/calvinust02_SFO_SOAP/scripts/OutSystems.js?LTlhHECPOUxqT4vuxlhDGg:2:28299)
I cannot use the RSA_PrivateKeyFromPEM.
My private key is RSA Encrypted 2048 Bytes PKCS-1 Padding required.
My Private Key is
-----BEGIN PRIVATE KEY-----
base 64 encoded string here
-----END PRIVATE KEY-----
I copy the string as shown above exactly.
I tried to removed the -----BEGIN PRIVATE KEY-----,
-----END PRIVATE KEY----- and place the string into the private Key input parameters it does not work.
Only XML notation of the key worked. To get the XML notation key, I need to do manual calculation of the RSA algorithm which is quite time consuming. The C# .NET 4.0 supports ImportParameters or FromXMLString.
If I need to use an online XML converter,
https://superdry.apphb.com/tools/online-rsa-key-converter
My Private key is submitted via the internet which is undesirable.
If I need to convert my PEM to XML String, I do not need this extension, I can write me own C# Extension because the specification required to Sign the Data with custom parameters , furthermore I have to create an Extension to Call the SOAP Request , Parse the Response and decrypt the message to get the security token.
This is the Actions I have been using
RSA_PrivateKeyFromPEM
The PEM I input is the private key I copied directly and the following error occured.
RSA_PrivateKeyFromPEMSystem.ArgumentOutOfRangeException: Length cannot be less than zero.Parameter name: length
Development platform: Reactive
Outsystems Service Studio Versions:11.11.13, Build 47944
Could you provide me an example of a Private key that causes this error so I can try to replicate it?In the meantime, could you also check if the private key that you have is valid by using openssl
openssl rsa -in privateKey.key -check
https://www.sslshopper.com/article-most-common-openssl-commands.html
Regards,
Sorry I had missed it before, you mentioned that your private key is "RSA Encrypted 2048 Bytes".
That means that it looks like:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: <encryption algorithm info here>
<base 64 encoded string here >
-----END RSA PRIVATE KEY-----
Unfortunately, that is not supported at the moment but I'll make sure I'll add it to my backlog for a future version.Currently, only unencrypted private keys are supported.They look like this:
Try it with
Did you try my suggestion?
Thanks freek, but it does not work
Keep in mind only a private key kan be transformed.
Try the private key generated on this site:
https://8gwifi.org/RSAFunctionality?rsasignverifyfunctions=rsasignverifyfunctions&keysize=2048
I tried it myself and the RSA_PrivateKeyFromPEM function works.
Hi Nick,I just found an issue on the Demo application where the input text area was being limited to 500 characters. This was clearly not enough characters to receive a 2048bit RSA key in PEM format.I've just uploaded the version of the fix to the component as well as to the "Try Now" example.Using the private key from the example link you provided, is working fine now.Alternatively, you could use OpenSSL to generate a Private key.
Please be aware that the current version only supports unencrypted private keys, so in order to generate one you will need to run the following commands:
openssl genrsa -des3 -out private.pem 2048
openssl rsa -in private.pem -out private_unencrypted.pem -outform PEM
https://rietta.com/blog/openssl-generating-rsa-key-from-command/
Then use the contents of the private_unencrypted.pem on the demo application and check that it was able to parse it.
private_unencrypted.pem on the demo application and check that it was able to parse it.
Hi Joao,
I'm trying to decrypt using RSA_Decrypt. As per your above comment RSA_PrivateKeyFromPEM is working but error "The parameter is incorrect" is thrown when it reaches RSA_Decrypt.
The ciphertext trying to decrypt is similar to this
Kf3fnvmCO6NiamhTlHxnK4ZhxgEI7sjbT4h52UMsQEdvDUvvsdIvZrDlSvBKBP7mRO/6jeD8T4Wkx2c1hrackmb7tf5NuVMGhjWKRi/VQKcWSllQiWDsFcTtwYC5DZ7kXrjQlLE2YTmMND80JHl5/XfnihVsqmZz6ItxTXtMK6cgksv/vSEHVHVlY0js7UD6vZt4jpYvlI+w2F03Exl56OKWlM5mYS7p3IFDbLz/Ne0B4UFfo0O3hPbldLyP35Km7kv+fF8QYbH7SKL0KqmrjCs2/08Hz7BcCyj3JYQ8BmAYYmj2JuAVtUpnrKTTpHzDNXkAZG8SbKGtO82+mZGLAw==
Could you please help with this? Thanks!