堆栈内存溢出
  简体   繁体   English

使用 OpenSSL 的 SHA -256 密钥大小 2048 位的 RSA-OAEP

[英]RSA-OAEP with SHA -256 key size 2048 bits using OpenSSL

 原文  2017-02-21 13:55:34       c/ openssl/ rsa/ public-key-encryption

问题描述

I am trying to address a use case exactly same as How to encrypt data using RSA, with SHA-256 as hash function and MGF1 as mask generating function?我正在尝试解决与如何使用 RSA 加密数据完全相同的用例,使用 SHA-256 作为哈希函数,使用 MGF1 作为掩码生成函数? , but I need a few more clarity on this. ,但我需要更清楚地说明这一点。

The above query was raised in the year 2013. At that time the OpenSSL only supported SHA1 hash (hard coded) for OAEP padding.上述查询是在 2013 年提出的。当时 OpenSSL 仅支持 OAEP 填充的 SHA1 哈希(硬编码)。 In the latest OpenSSL (1.0.2k), I can see that this is addressed by using the following API:在最新的 OpenSSL (1.0.2k) 中,我可以看到使用以下 API 解决了这个问题:

int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
                                    const unsigned char *from, int flen,
                                    const unsigned char *param, int plen,
                                    const EVP_MD *md, const EVP_MD mgf1md)

RSA_public_encrypt() does not take EVP_MD structure as argument I'm not sure how to specify it. RSA_public_encrypt()不采用EVP_MD结构作为参数我不知道如何指定它。

How can I invoke the SHA-256 mode in RSA_public_encrypt() with a mask generation function?如何使用掩码生成函数在RSA_public_encrypt()调用 SHA-256 模式?

1 个解决方案

解决方案1
 0  2021-11-16 08:52:03

RSA_public_encrypt(...) is deprecated; RSA_public_encrypt(...)已弃用; EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, ...) should be used instead. 应改用 EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, ...)

Padding, mask generation function and other parameters are configured for the context which is passed as the first argument to EVP_PKEY_encrypt:为作为第一个参数传递给 EVP_PKEY_encrypt 的上下文配置填充、掩码生成函数和其他参数:

    EVP_PKEY* evp_key = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
    if (evp_key == NULL) {
        // handle error
    }

    EVP_PKEY_CTX* ctx = EVP_PKEY_CTX_new(evp_key, NULL);
    if (ctx == NULL) {
        // handle error
    }

    if (EVP_PKEY_encrypt_init(ctx) <= 0) {
        // handle error
    }

    if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) {
        // handle error
    }
    if (EVP_PKEY_CTX_set_rsa_oaep_md(ctx, EVP_sha256()) <= 0) {
        // handle error
    }
    if (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, EVP_sha256()) <= 0) {
        // handle error
    }

    if (EVP_PKEY_encrypt(ctx, encrypted, &outlen, data, len) <= 0) {
        // handle error
    }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 RSA结构的大小和Openssl中的公钥的大小 - Size of RSA struct and size of public key in Openssl 使用 Openssl 的 SHA256 导致分段错误 - SHA256 using Openssl causes segmentation fault 如何使用OpenSSL生成RSA私钥? - How to generate RSA private key using OpenSSL? 使用OpenSSL计算并打印文件的SHA256哈希值 - Calculate and print SHA256 hash of a file using OpenSSL 如何在C中使用OpenSSL生成RSA SHA签名 - How to generate RSA SHA signature using OpenSSL in C 使用OpenSSL生成RSA密钥的分段错误 - Segmentation Fault Generating RSA Key Using OpenSSL 如何使用OpenSSL计算SHA512 / 224和SHA512 / 256哈希? - How to calculate SHA512/224 and SHA512/256 hashes using OpenSSL? OpenSSL RSA-2048未加密块的长度超过了应有的长度 - OpenSSL RSA-2048 unencrypted block is longer than it should be 加盐到sha256 openssl? - Adding salt to sha256 openssl? 如何实现 SHA512/256 OpenSSL? - How to implement SHA512/256 OpenSSL?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM