使用RSA_public_encrypt

时间:2015-05-30 17:06:45

标签: c encryption openssl cryptography rsa

我正在尝试使用RSA_public_encrypt加密十进制数1而不使用填充。当然,此加密的结果应该再次为1。但事实上它是

密码:

5228673350895653896383201058815462877426144378065091716669226352446563314310753759122681282019606231774744798481087922688401463790373072832646006963123849664906627085625735903412727878929921552918090336305565457632762612646244666075746315455854479912774071351362988587769873374454538153517081634942043196173525640004822126101409481060928041484882764412543090155480476597339865942466034635200613687987398189458867055031285752787781897557950334515480742629110423562374837915117562936777536259795189526199285672603820591631423849227226304977053415509662563290672486408474162339095049681422645956742727171481170704

我做错了什么?

我知道OpenSSL中存在高级例程,并且使用没有填充的RSA是不安全的。这只是一个实验。

我也知道OpenSSL使用Big Endian格式。所以我也尝试将输入字节的顺序更改为加密 - 然后将1加密为1.但是实现解密,考虑到加密和解密中的反向字节顺序,某些数字(如2)被加密 - 正确解密而其他人不是......非常奇怪!

以下是我的加密代码:

#include <stdio.h>
#include "rsa.h"
#include "pem.h"

#define LENGTH 1000

int main(void)
{
    //Variables for message and cipher
    //BIGNUM format
    BIGNUM message_bignum, cipher_bignum;
    BIGNUM *ptr_message_bignum=&message_bignum;
    BIGNUM *ptr_cipher_bignum=&cipher_bignum;
    //Formatted as decimal string 
    unsigned char message_decimal[]="1";
    //binary format for input to RSA encryption
    unsigned char message[LENGTH]={0},cipher[LENGTH]={0};

    //Initialise RSA structure
    RSA *rsa=RSA_new();

    //Get public key
    BIO *publickey_handle=BIO_new_file("rsa_publickey.txt","rb");
    if(publickey_handle==NULL)
    {
        fprintf(stderr,"Could not open key file!\n");
        return -1;
    }
    PEM_read_bio_RSA_PUBKEY(publickey_handle,&rsa,NULL,NULL);
    if(BIO_free(publickey_handle)==0)
    {
        fprintf(stderr,"Error closing key file!\n");
        return -1;
    }

    //Convert message to BIGNUM format
    BN_init(ptr_message_bignum);
    BN_dec2bn(&ptr_message_bignum,(const char *)message_decimal);
    //Convert message as BIGNUM to binary format
    BN_bn2bin(ptr_message_bignum,message);

    //Encrypt message in binary format
    if(RSA_public_encrypt(RSA_size(rsa),(const unsigned char*)message,cipher,rsa,RSA_NO_PADDING)==-1)
    {
        fprintf(stderr,"Error during encryption!\n");
        return -1;
    }

    //Convert cipher to BIGNUM format
    BN_init(ptr_cipher_bignum);
    BN_bin2bn((const unsigned char*)cipher,RSA_size(rsa),ptr_cipher_bignum);
    //Convert cipher from BIGNUM format to decimal format and print it to stdout
    printf("Cipher:\n%s",BN_bn2dec(ptr_cipher_bignum));

    printf("\nDone!\n");

    return 0;
 }

1 个答案:

答案 0 :(得分:2)

记录在案:

  

BN_bn2bin()将a的绝对值转换为big-endian格式,并将其存储在to to必须指向BN_num_bytes(a)字节的内存

但事实并非如此。由于00,它首先包含一个message[LENGTH]={0}。然后它包含LENGTH个字节数中的任何内容。

RSA_public_encrypt中,您使用RSA_size(rsa)作为第一个参数flenflen然而应该是BN_num_bytes(&ptr_message_bignum)的结果,即1个字节。另一方面,输出位置cipher必须能够存储RSA_size(rsa)个字节。

可能混淆来自BN_bn2bin将值存储为最短Big Endian编码(以字节为单位)的事实。对于值1,当然是一个字节,而不是RSA_size(rsa)个字节。

编辑:我找到了可以调整大小的RSA_padding_add_none方法。