尝试使用rsa密钥和BLAKE2b哈希签名邮件时,我在macOS和Ubuntu上收到以下错误消息。
InternalError: Unknown OpenSSL error. This error is commonly encountered
when another library is not cleaning up the OpenSSL error stack. If you
are using cryptography with another library that uses OpenSSL try
disabling it before reporting a bug. Otherwise please file an issue at
https://github.com/pyca/cryptography/issues with information on how to
reproduce this. ([])
我有点迷失在哪里开始调试这个。这里有什么我想念的吗?您是否可以在BLAKE2b签名时使用rsa哈希?
In [1]: from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding, rsa
In [2]: private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=4096,
backend=default_backend()
)
In [3]: message = b'The quick brown fox jumps over the lazy dog'
signature = private_key.sign(
message,
padding.PSS(
mgf=padding.MGF1(hashes.BLAKE2b(64)),
salt_length=padding.PSS.MAX_LENGTH
),
hashes.BLAKE2b(64)
)
回溯
<ipython-input-3-6b4492bdbf5d> in <module>()
6 salt_length=padding.PSS.MAX_LENGTH
7 ),
----> 8 hashes.BLAKE2b(64)
9 )
/usr/local/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py in sign(self, data, padding, algorithm)
413 self._backend, data, algorithm
414 )
--> 415 return _rsa_sig_sign(self._backend, padding, algorithm, self, data)
416
417
/usr/local/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py in _rsa_sig_sign(backend, padding, algorithm, private_key, data)
220 pkey_ctx = _rsa_sig_setup(
221 backend, padding, algorithm, private_key, data,
--> 222 backend._lib.EVP_PKEY_sign_init
223 )
224 buflen = backend._ffi.new("size_t *")
/usr/local/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/rsa.py in _rsa_sig_setup(backend, padding, algorithm, key, data, init_func)
191 padding_enum = _rsa_sig_determine_padding(backend, key, padding, algorithm)
192 evp_md = backend._lib.EVP_get_digestbyname(algorithm.name.encode("ascii"))
--> 193 backend.openssl_assert(evp_md != backend._ffi.NULL)
194 pkey_ctx = backend._lib.EVP_PKEY_CTX_new(key._evp_pkey, backend._ffi.NULL)
195 backend.openssl_assert(pkey_ctx != backend._ffi.NULL)
/usr/local/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py in openssl_assert(self, ok)
104
105 def openssl_assert(self, ok):
--> 106 return binding._openssl_assert(self._lib, ok)
107
108 def activate_builtin_random(self):
/usr/local/lib/python3.6/site-packages/cryptography/hazmat/bindings/openssl/binding.py in _openssl_assert(lib, ok)
73 "issues with information on how to reproduce "
74 "this. ({0!r})".format(errors_with_text),
---> 75 errors_with_text
76 )
77
答案 0 :(得分:0)
这是非常确凿的。回溯中,OpenSSL不知道BLAKE2b是什么。第192行尝试按名称查找,第193行未通过断言,因为查找返回NULL:
192 evp_md = backend._lib.EVP_get_digestbyname(algorithm.name.encode("ascii"))
--> 193 backend.openssl_assert(evp_md != backend._ffi.NULL)
答案 1 :(得分:0)
如果您的python版本是3.7,请尝试 AtomicInteger balance = new AtomicInteger(0);
int highestBalance = transactions
.stream()
.mapToInt(transaction -> {
int amount = transaction.getAmount();
if (transaction.getAction() == TransactionAction.WITHDRAW) {
amount = -amount;
}
return balance.accumulateAndGet(amount, Integer::sum);
})
.max()
.orElse(0);