加密++ RSA和“无效密文” [英] crypto++ RSA and "invalid ciphertext"
问题描述
好了,这些天我一直在经历我的个人地狱
Well, I've been going through my personal hell these days
我有一些麻烦解密一个使用
RSA加密的邮件'm总是失败的RSA / OAEP-MGF1(SHA-1):无效
密文
I am having some trouble decrypting a message that was encrypted using RSA and I'm always failing with a "RSA/OAEP-MGF1(SHA-1): invalid ciphertext"
-
我有一个私钥在base64编码,我加载它:
I have a private key encoded in base64 and I load it:
RSA::PrivateKey private_key;
StringSource file_pk(PK,true,new Base64Decoder);
private_key.Load( file_pk );
然后我继续对邮件进行解码:
I then proceed to decode the message by doing:
RSAES_OAEP_SHA_Decryptor decryptor(private_key);
AutoSeededRandomPool rng;
string result;
StringSource(ciphertext, true,
new PK_DecryptorFilter(rng, decryptor,
new StringSink(result)
)
);
据我所知,应该解析没有任何
的问题。密文是一个std ::字符串,所以没有\0在结尾可能
做一些意想不到的事情。
As far as I can tell, the message should be being parsed without any problems. ciphertext is an std::string, so no \0 at the end that could do something unexpected.
我只是想的东西,私钥是不正确的
,但可以加载反正,而不抛出BER解码错误。解密时会抛出什么
?
I just though of something, and what if the private key is incorrect but can be loaded anyway without throwing a BER decode error. What would that throw when decrypting?
希望任何人都能对此有所了解。
Hope that anyone can shed some light on this.
Cheers
推荐答案
如果密钥实际上已损坏,Load函数应该失败。但是,你可以通过调用 Validate 来请求密钥自我测试,这应该检测到任何损坏,例如:
If the key was actually corrupted, the Load function should have failed. However you can ask the key to self-test itself, which should detect any corruption, by calling Validate, like:
bool key_ok = private_key.Validate(rng, 3);
第二个参数(这里是3)指定要执行多少检查。对于RSA,这将导致它运行所有可用的测试,即使是慢/昂贵的测试。
The second parameter (here, 3) specifies how much checking to be done. For RSA, this will cause it to run all available tests, even the slow/expensive ones.
解码可能失败的另一个原因是如果键不是一个用于加密原始消息。
Another reason the decoding might fail is if the key simply is not the one that was used to encrypt the original message.
显然,密文输入必须与加密方最初生成的密文完全相同。对于调试,检查这一点的一个好方法是将密文输入到哈希函数(当然,你已经可以方便地使用)和比较输出。如果你十六进制或base64编码的密文传输,你必须撤消它之前你给它RSA解密器。
Obviously the ciphertext input must be completely identical to what was originally produced on the encrypting side. For debugging, one good way to check this would be to feed the ciphertext at both sides into a hash function (conveniently already available to you, of course) and comparing the outputs. If you hex or base64 encoded the ciphertext for transmission you must undo that before you give it to the RSA decryptor.
这篇关于加密++ RSA和“无效密文”的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
