OpenSSL的RSA加密，没有填充未能正确加密 [英] OpenSSL RSA encryption with no padding fails to encrypt correctly

问题描述

我们要尝试执行使用RSA_public_encrypt（）方法（OpenSSL的基于Symbian）RSA加密，但我们不是很成功。
加密本身成功，但加密的文本（我们尝试匹配到哈希）是不是应该是什么
（在其他平台上，我们检查这是我们现在工作正常，我们在这里得到不同的值）。
我们认为这可能是由于这是不正确的格式提供给RSA_public_encrypt（）方法的输入。

We're trying to perform RSA encryption using the "RSA_public_encrypt()" method (openSSL on Symbian), but we're not quite succeeding. The encryption itself succeeds, but the encrypted text (which we try to match to a hash) isn't what it should be (on other platforms, we checked this were we now it is working correctly and we get different values here). We think this is probably due to the input which isn't provided in the correct format to the "RSA_public_encrypt()" method.

在code：

#define RSA_E 0x10001L
void Authenticator::Test(TDesC8& aSignature, TDesC8& aMessage) {   
RSA *rsa;
char *plainkey;
char *cipherkey;
int buffSize;

// create the public key
BIGNUM * bn_mod = BN_new();
BIGNUM * bn_exp = BN_new();

const char* modulus2 = "137...859"; // 309 digits
// Convert to BIGNUM
int len = BN_dec2bn(&bn_mod, modulus2); // with 309 digits -> gives maxSize 128 (OK!)
BN_set_word(bn_exp, RSA_E);

rsa = RSA_new(); // Create a new RSA key
rsa->n = bn_mod; // Assign in the values
rsa->e = bn_exp;
rsa->d = NULL;
rsa->p = NULL;
rsa->q = NULL;

int maxSize = RSA_size(rsa); // Find the length of the cipher text
// maxSize is 128 bytes (1024 bits)

// session key received from server side, what format should this be in ???
plainkey = "105...205"; // 309 digits

cipherkey = (char *)malloc(maxSize);
memset(cipherkey, 0, maxSize);
if (rsa) {
    buffSize = RSA_public_encrypt(maxSize, (unsigned char *) plainkey, (unsigned char *) cipherkey, rsa, RSA_NO_PADDING);

    unsigned long err = ERR_get_error(); 

    free(cipherkey);
    free(plainkey);
}

/* Free */
if (rsa)
    RSA_free(rsa);

}

我们有一个普通的关键是309个字符，但MAXSIZE是128字节（RSA_NO_PADDING，所以输入具有等于模数的大小），
因此，只有前128个字符是加密的（真的不知道，如果这是正确的？），这可能是为什么
我们的加密文本是不是应该是什么。还是有别的东西，我们不正确吗？
那么什么是改变我们的明文所以plainkey'的所有数据进行加密的正确方法？

We have a plain key which is 309 characters, but the maxSize is 128 bytes (RSA_NO_PADDING, so input has to be equal to modulus size), so only the first 128 characters are encrypted (not really sure if this is correct?), which is probably why our encrypted text isn't what it should be. Or is there something else we don't do correctly ? What is then the correct way of transforming our plain text so all data of 'plainkey' is encrypted ?

我们还与十六进制字符串'9603cab ......，这是长256个字符试过，但没有成功。
因此，如果正确地转换成字节（128）会这样被使用，如果是，如何将这项转换工作？

We also tried this with a hexadecimal string '9603cab...' which is 256 characters long, but didn't succeed. So if correctly converted into bytes (128) could this be used and if yes, how would that conversion work?

任何帮助是极大AP preciated，谢谢！

Any help is greatly appreciated, thanks!

推荐答案

在这个文件看看，也许它可以帮助：的 https://gist.github.com/850935

Take a look at this file, maybe it helps: https://gist.github.com/850935

这篇关于OpenSSL的RSA加密，没有填充未能正确加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！