拥有这个Ruby代码:
require 'openssl'
require 'securerandom'
class AuthRsa
def initialize(public_key, private_key)
@public_key = OpenSSL::PKey::RSA.new(public_key)
@private_key = OpenSSL::PKey::RSA.new(private_key)
@key = SecureRandom.base64(16)
end
def valid?
crypt_key = @public_key.public_encrypt(@key)
return @key == @private_key.private_decrypt(crypt_key)
end
end
使用正确的公钥和私钥测试类时都可以,但是当提交假证书时,测试失败并出现此错误:OpenSSL :: PKey :: RSA错误:填充检查失败
是否可以将方法private_decrypt设置为返回false而不是错误?
答案 0 :(得分:1)
是的,你会这样做:
return (@key == @private_key.private_decrypt(crypt_key)) rescue false