堆栈内存溢出
  简体   繁体   English

反向使用RSA解密许可证代码:使用私钥加密,使用公钥解密

[英]Using RSA in reverse to decrypt a licence code: encrypt with private key, decrypt with public key

 原文  2016-04-13 22:12:37       ios/ encryption/ cryptography

问题描述

I want to encrypt some values pertaining to a licence code with a secret private key, and then when it's entered in the user's app install it will be decrypted with the public key (stored with the app) to view the encoded data and ensure it was only created by me. 我想用一个秘密私钥加密一些与许可证代码有关的值,然后将其输入到用户的应用程序安装程序中时,将使用公共密钥(存储在应用程序中)对其进行解密,以查看编码后的数据并确保只由我创造。

The trouble is it seems that you encrypt with the public key and decrypt with the private key, which is the reverse of what I want. 麻烦的是,似乎你的公钥加密和用私钥 ,这是我想要的反向解密。

It's also worth mentioning that the library I'm using called SwiftyRSA only supports encrypting with the public key, and doesn't like it when I use the private key instead. 还值得一提的是,我正在使用的称为SwiftyRSA的库仅支持使用SwiftyRSA加密,而当我改用私钥时不喜欢它。 I believe this is because it's being saved to the keychain with kSecAttrKeyClassPublic , because that's what it's expecting, and that causes things to fail. 我相信这是因为它是使用kSecAttrKeyClassPublic保存到钥匙串中的,因为这是所期望的,并且会导致失败。

I have read that the keys are technically interchangeable, but it seems I can't get it to work in my instance. 我读过这些键在技术上是可以互换的,但是看来我无法使其在我的实例中正常工作。 Is this because they public key has a smaller exponent? 这是因为它们的公钥具有较小的指数吗? Is there a way to get the public key to be as "long" as the private key using ssh-keygen , and therefore be able to swap them around? 有没有一种方法可以使用ssh-keygen使公用密钥与公用密钥一样“长”,并因此可以交换它们呢? If not, how could I proceed? 如果没有,我该如何进行?

1 个解决方案

解决方案1
 0  2016-04-14 10:57:32

The keys aren't always interchangeable (eg RSA private keys with CRT parameters) and it is pretty likely that the encryption procedure doesn't protect the key against side channel attacks. 密钥并非总是可以互换的(例如带有CRT参数的RSA私钥),并且加密过程很可能无法保护密钥免受旁通道攻击。 You should not use private keys to encrypt, period. 您不应该使用私钥进行加密。

You could use signatures with message recovery if you're really careful. 如果您非常小心,可以在邮件恢复中使用签名。

Otherwise - if you've enough space - you could of course always sign-then-encrypt your license. 否则-如果您有足够的空间-您当然可以随时签名然后加密您的许可证。 For this to work (without additional AES encryption) your encryption key pair would have to be quite a bit larger than your signing key though. 为了使它起作用(无需其他AES加密),您的加密密钥对必须比签名密钥大很多。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在ios中使用RSA公钥加密和解密字符串(纯文本),swift - how to encrypt and decrypt a String(Plain Text) with RSA public key in ios, swift 使用现有密钥对加密/解密文本 - Encrypt/Decrypt text using existing key pair 使用私钥快速钠解密 - swift sodium Decrypt using Private Key RSA iOS加密和PHP解密 - RSA iOS encrypt & PHP decrypt iOS:使用公钥(具有模数和指数)进行RSA加密 - iOS: RSA Encrypt using public key (with modulus and exponent) iOS:可以在应用程序文档目录中存储RSA私钥(用于解密文本)吗? - iOS: Is it ok to store a RSA private key (use to decrypt text) in your application document directory? 如何在 IOS 中使用 GPG(创建密钥对、列出密钥、导入公钥、加密、解密)? - How to use GPG with IOS (Create keypair, List Keys, Import public key, encrypt, decrypt)? iOS 中是否需要 RSA 公钥/私钥 SecRefKey? - RSA Public/Private Key SecRefKey Necessary in iOS? 在IOS上使用密钥对json数据进行加密,并使用Node js对其进行解密 - Encrypt json data with secret key on IOS and decrypt it with node js iOS Swift Diffie-Hellman 密钥交换加密和解密消息? 使用安全飞地 - iOS Swift Diffie-Hellman key exchange to encrypt and decrypt messages? using Secure Enclave
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM