openssl_private_decrypt不返回任何PHP
[英]openssl_private_decrypt does not return anything PHP
问题描述
Updates: 
更新:
openssl_error_string() gives: openssl_error_string()提供:
error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02
error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed
I generate a pair of public key and private key using OpenSSL on my server: 我在服务器上使用OpenSSL生成了一对公钥和私钥:
$config = array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$res = openssl_pkey_new($config);
I sent the Base64-encode modulus and exponent to my Android client. 我将Base64编码模数和指数发送给了我的Android客户端。 My Android client reconstruct the public key from the modulus and exponent received. 我的Android客户端从收到的模数和指数中重建公钥。 My Android client then encrypt a message using such key. 然后,我的Android客户端使用此类密钥对消息进行加密。 Lastly, my Android client sends back to the server the encrypted message expecting the server to be able to decrypt it. 最后,我的Android客户端将加密后的消息发送回服务器,希望服务器能够对其进行解密。
I have a simple PHP script on my server to test the decryption of the encrypted message from my Android client: 我的服务器上有一个简单的PHP脚本,用于测试来自Android客户端的加密消息的解密:
$sms_message = $argv[1];
$sender_no = $argv[2];
echo "Message received was: '$sms_message' \n";
echo "sender's no was: $sender_no \n";
$parts = array();
$parts = explode(" ", $sms_message);
if (count($parts)==2) {
echo "code: $parts[0] \n";
if (strcmp($parts[0], "smscode")==0) {
echo "measurement: $parts[1] \n";
// retrieve the private key
$keyArr = array();
$keyArr = getKeys();
//
if ($keyArr) {
$privateKey = $keyArr["private"];
echo "$privateKey \n";
// use the private key to decrypt the message
echo openssl_private_decrypt(base64_decode($parts[1]), $decrypted, $privateKey); // this is supposed to return either TRUE or FALSE right?
echo $decrypted;
$decryptedMessages = "decrypted.txt";
if (!$fh = fopen($decryptedMessages, 'a')) {
echo "cannot open file $decryptedMessages";
exit;
}
// Write $somecontent to our opened file.
if (fwrite($fh, $decrypted) === FALSE) {
echo "Cannot write to file ($decryptedMessages)";
exit;
}
//
fclose($fh);
}
} else {
echo "what received is not a measurement - $parts[1] \n";
}
} else {
echo "sms message malformed";
}
I ran the following: 我执行以下操作:
php SmsReceiver.php 'smscode adDmHJDFmI8bC9KRcA7nPbTc2NU0sY7iM5jDHt3qJVq/AAyl9thUB3zVH5/9Jr+pTM4V+dift6UD8uB3nEU53thrY7nx55PsackCYzmBoKYTE4tazsyF7tRfAIawxvmR4lcSfKL2+A0N9ZetISoqqZAHI141n47Wtd52n0pE9tdLRGzXQlfeDOC3ntnbOKcIIhbyJWekLg+58uCLm2nfWPA4EveAd7t6RQPX4E20wXXQ1RgkVPCQsW+9WDdrbxav6y0VN7uKoBqA4/G8zn3Ol41OPtFFllBgl1BGUFWK3xcxxxZqodTCc3pTdAIHgJ4td+pktUjfbAwITt/RMC+IcA==' +6511111111
Message received was: 'smscode adDmHJDFmI8bC9KRcA7nPbTc2NU0sY7iM5jDHt3qJVq/AAyl9thUB3zVH5/9Jr+pTM4V+dift6UD8uB3nEU53thrY7nx55PsackCYzmBoKYTE4tazsyF7tRfAIawxvmR4lcSfKL2+A0N9ZetISoqqZAHI141n47Wtd52n0pE9tdLRGzXQlfeDOC3ntnbOKcIIhbyJWekLg+58uCLm2nfWPA4EveAd7t6RQPX4E20wXXQ1RgkVPCQsW+9WDdrbxav6y0VN7uKoBqA4/G8zn3Ol41OPtFFllBgl1BGUFWK3xcxxxZqodTCc3pTdAIHgJ4td+pktUjfbAwITt/RMC+IcA=='
sender's no was: +6511111111
code: smscode
measurement: adDmHJDFmI8bC9KRcA7nPbTc2NU0sY7iM5jDHt3qJVq/AAyl9thUB3zVH5/9Jr+pTM4V+dift6UD8uB3nEU53thrY7nx55PsackCYzmBoKYTE4tazsyF7tRfAIawxvmR4lcSfKL2+A0N9ZetISoqqZAHI141n47Wtd52n0pE9tdLRGzXQlfeDOC3ntnbOKcIIhbyJWekLg+58uCLm2nfWPA4EveAd7t6RQPX4E20wXXQ1RgkVPCQsW+9WDdrbxav6y0VN7uKoBqA4/G8zn3Ol41OPtFFllBgl1BGUFWK3xcxxxZqodTCc3pTdAIHgJ4td+pktUjfbAwITt/RMC+IcA==
private key found
public key found
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC7dArHUiEXpEwi
...
F/EaVVWEZLevTJEdMpkfvQVr/08AlSLR3Nm33CrvQ1SfFygK0F6G6o1pQtnHlCKh
DK8/dT2CgsFuDbiAs4MRqQA36g==
-----END PRIVATE KEY-----
As you can see, openssl_private_decrypt() does not return anything, why? 如您所见, openssl_private_decrypt()不返回任何内容,为什么?
Even if something is wrong with my encrypting/ decrypting process, at least give a false I'd expect. 即使我的加密/解密过程出了点问题,也至少要给出我期望的false 。
Based64-encoded modulus of the public key: 基于64编码的公钥模数:
u3QKx1IhF6RMIvncMADBhGqhdlSWnuuUz0dXr9NUzXJtgfPgvX/07w1IKTls6uj48eZ4J3s5me4xUzoRwIsxjk6Ondke2vGVJgzBZh3KQSml0dQoK/0a3Bc/bHwue3jroCCAaC/4lF6GQS5gB1gDQntkKBM+RaHaEqGldKHmF1T8Sg1zSLAU9IGBc+xDSCqgo2RepntB0npctBGmAYF8gdzN1PnAwgVfOLU/xi08ssQL1ppkrMncgPegaOOkyUZm4BXSyEY9ikYynLfoiQqEAFb9mU40yNM7LQusgqF0YhUgUIg+4fuQNscZJCJ6pS9UTQ64MHWCqrpXCeRAZ4rWeQ==
Based64-encoded exponent of the public key: 基于64编码的公钥指数:
AQAB
Private key: 私钥:
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC7dArHUiEXpEwi
+dwwAMGEaqF2VJae65TPR1ev01TNcm2B8+C9f/TvDUgpOWzq6Pjx5ngnezmZ7jFT
OhHAizGOTo6d2R7a8ZUmDMFmHcpBKaXR1Cgr/RrcFz9sfC57eOugIIBoL/iUXoZB
LmAHWANCe2QoEz5FodoSoaV0oeYXVPxKDXNIsBT0gYFz7ENIKqCjZF6me0HSely0
EaYBgXyB3M3U+cDCBV84tT/GLTyyxAvWmmSsydyA96Bo46TJRmbgFdLIRj2KRjKc
t+iJCoQAVv2ZTjTI0zstC6yCoXRiFSBQiD7h+5A2xxkkInqlL1RNDrgwdYKqulcJ
5EBnitZ5AgMBAAECggEBAIoCAzWAF/EJ+yv8/MkypUbSIpG18TaLhwGcKsi+ND8V
sd3tKVca779X7fq71p6Ua0PdRDT9GglkPlhh9lPlptR4rbM0+OyE1CQxW+nMoO2c
tgJnyjOooq/LRdyfCLHK8t7vTtpmBwNlHD683+JIQA4gPjrq//vQD3eMHv5he79M
hbZVy93gI4x1FIQD8NPgJY3WX1tSojyOaSJCkR7cy3LjdsV17nNDTtJf5PhA584x
lJGjI6fX6VgiGhP8vmxkYYxFVzz2HrblMVodO95HKDwk/1RXvwqWFA72KQTBwLo7
iJpjP8k95FVys+KKHKbuAhbPhtzjmuRHCPSJ4zxFbEkCgYEA4vS2h5JqhlKzKi/v
i0lhei+HcTT53aUzCYA0qbBwJxvPZapi7lij7n2EeE5ZxGR4uPfUU71a1mrKrT6j
8XH0DxoxLT79jdiISG09rg0srnb/+EF7BKcSY4aQJwz/StAS7lxXySAatw2tVubv
MheSVyy1HaI0AE6fBBkt9VKNXv8CgYEA03Evu1Ycdlbi3mgS+hrxd0eabh5rETij
1jqEpiT/v7SPr1JNy3RwYXlEy7Y7e4lW3Wf7CsEV3Em/+vQNU3jA/7Sfqh5oyZoZ
o26tA8NyEpkiPhipAs8NfubUMLZGJKAhhrJo9vr4JzX866YVWlqEDqQ1lGuLJJOt
1DtZIxOAQocCgYEAido4EGrXt1T+LG7HYmQlCDFcZF/YMU/Ji0jLNBLOXILg25C9
3KYMlKy6zNRSZB7e0QL/fgmy5jAhgU9eBya/JnkzS5dKLWFLjiqEX3bzH9l6KtGj
JjVQzxEJ+B5F5qwyA4Qlci3E7FEra3CD83or0jV+oUxHp7QZlESzDKKi6gMCgYEA
irimvTy4vbcxbwNO+AH3S++RVQ/l5M2JSALqhmqd1DNtVXQlEAebt4etaA1uJxWr
BOW0YZDee8FzD/1QRORjkx/45M7ApwvQKFZzcpWm4KbRPXZGZE5dp1Vf/3mGuX7J
oCqrDOcJKgiUoDI9riLWoxh/ApowFtZA5I3vZEDmFD8CgYAnHOCZZI0IaieEcnRA
4vOu62y8VNut/18HIw9P/MD4ZbWXURnFzuzCUdHcw3vucFNjFSUjVMFZWo+Grxpq
F/EaVVWEZLevTJEdMpkfvQVr/08AlSLR3Nm33CrvQ1SfFygK0F6G6o1pQtnHlCKh
DK8/dT2CgsFuDbiAs4MRqQA36g==
-----END PRIVATE KEY-----
Android logcat: Android logcat:
I/SmsReceiver(15814): message received is keyx u3QKx1IhF6RMIvncMADBhGqhdlSWnuuUz0dXr9NUzXJtgfPgvX/07w1IKTls6uj48eZ4J3s5me4xUzoRwIsxjk6Ondke2vGVJgzBZh3KQSml0dQoK/0a3Bc/bHwue3jroCCAaC/4lF6GQS5gB1gDQntkKBM+RaHaEqGldKHmF1T8Sg1zSLAU9IGBc+xDSCqgo2RepntB0npctBGmAYF8gdzN1PnAwgVfOLU/xi08ssQL1ppkrMncgPegaOOkyUZm4BXSyEY9ikYynLfoiQqEAFb9mU40yNM7LQusgqF0YhUgUIg+4fuQNscZJCJ6pS9UTQ64MHWCqrpXCeRAZ4rWeQ== AQAB
I/SmsReceiver(15814): message received is a key exchange message
I/SmsReceiver(15814): the recipient's public key modulus is 23663785522794809498963221782819553495813344590754203802091214078741934630870755737273483338578650343553350487999568641527155675069988138202941338180146715141856273325699348180697949807604837968252319802254132361756796150729526732643616381939360742823851037800072915016799286519177887771453765989612342846498554824903381084855033387403868553674907286294016751397407403976788809972626838594376008433688839811350345997686592001128890405964489889151586297624459113817319199310865303723716614014342885058854916172119790960266134365108047747227357851477353947042531226823494283658181608350838513970607286067323054395676281 and exponent is 65537
I/SmsReceiver(15814): successfully remembered the contact +6500000000 and its public key module u3QKx1IhF6RMIvncMADBhGqhdlSWnuuUz0dXr9NUzXJtgfPgvX/07w1IKTls6uj48eZ4J3s5me4xUzoRwIsxjk6Ondke2vGVJgzBZh3KQSml0dQoK/0a3Bc/bHwue3jroCCAaC/4lF6GQS5gB1gDQntkKBM+RaHaEqGldKHmF1T8Sg1zSLAU9IGBc+xDSCqgo2RepntB0npctBGmAYF8gdzN1PnAwgVfOLU/xi08ssQL1ppkrMncgPegaOOkyUZm4BXSyEY9ikYynLfoiQqEAFb9mU40yNM7LQusgqF0YhUgUIg+4fuQNscZJCJ6pS9UTQ64MHWCqrpXCeRAZ4rWeQ== and exponent AQAB
1 个解决方案
解决方案1
0 2013-10-01 17:57:19
OpenSSL asymmetric cryptography is not suitable for encrypting large files unless you use S/MIME. 除非您使用S / MIME,否则OpenSSL非对称加密不适用于加密大文件。 In fact, this is what I tried: 实际上,这就是我尝试的方法:
Decoded the base64-encoded 'measurement:' field.
解码了以base64编码的“ measurement:”字段。 The decoded message was 256 bytes in length. 解码后的消息的长度为256个字节。 Tried to decrypt this 256 bytes with the private key that you pasted using the following openssl command:
尝试使用您使用以下openssl命令粘贴的私钥解密这256个字节:
openssl rsautl -decrypt -in x.in -out plaintext -inkey private.key
But, I got an error instead: 但是,我得到了一个错误:
RSA operation error
139982152128160:error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02:rsa_pk1.c:190:
139982152128160:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:rsa_eay.c:616:
In fact, I tried this using PHP itself. 实际上,我使用PHP本身进行了尝试。 But, instead of doing an echo of $decrypted , I used openssl_error_string and it gave me the exact above error. 但是,我没有执行$decrypted openssl_error_string的echo ,而是使用openssl_error_string ,它给出了上述确切的错误。
Also, I wasn't able to encrypt a 256 byte data with public key as well. 另外,我也无法使用公钥加密256字节数据。 I got error from openssl indicating 139870762710688:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size:rsa_pk1.c:151: . 我从openssl收到错误消息,指示139870762710688:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size:rsa_pk1.c:151:
All of this seems to indicate that OpenSSL's asymmetric cryptography is not meant for encrypting large data (in this case, 256 bytes is large enough). 所有这些似乎表明,OpenSSL的非对称加密并不意味着对大数据进行加密(在这种情况下,256个字节足够大)。 I am not sure how the Android client was able to encrypt it. 我不确定Android客户端如何对其进行加密。 Did it use OpenSSL as well? 它也使用OpenSSL吗?
However, there are relevant posts on how to deal with this. 但是,有有关如何处理此问题的相关文章。 Take a look at: 看一眼:
how to encrypt a large file in openssl using public key
如何使用公钥在openssl中加密大文件 Encrypt with S/MIME: http://ashmek.weebly.com/1/post/2011/02/encrypt-large-files-with-a-public-key-via-openssl.html
使用S / MIME加密: http : //ashmek.weebly.com/1/post/2011/02/encrypt-large-files-with-a-public-key-via-openssl.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.