C ++ OpenSSL EVP_Digest使用RSA_R_BAD_PAD_BYTE_COUNT间歇性地验证rsa_pk1.c：103失败

Question

I have included a full, basic code example which can be compiled with the following command (with boost installed) "g++ -std=c++11 -g test.cpp -lssl -lcrypto -lboost_system"

The code I have pretty closely follows the OpenSSL EVP Signing and Verifying Asymmetric example with a bit of Boost refactoring for memory management.

However, it's behaviour is very intermittent and changes with different keys as well as different text. I am pretty sure I am missing something here but due to time pressures I am about to just make a secure system call to the openssl utility which I have had no issues with.

The test output below illustrates the issue. "A" and "AAA" are signed and verified successfully, whereas "AA" fails with a RSA_R_BAD_PAD_BYTE_COUNT padding error. In order to try an correct this, I set the padding to PKCS but it made no difference.

2048 bit [2] -  Text: A - Success
Authentication failure: 67567722, rsa_pk1.c, 103, , 0 257
Error string: error:0407006A:lib(4):func(112):reason(106)
2048 bit [2] -  Text: AA - Failure
2048 bit [2] -  Text: AAA - Success

Any pointers here would be much appreciated!

Answer 1

The issue has to do with the way you're converting char* into string inside testSignVerify :

string hashString((char*)pHash.get());

should be:

string hashString(pHash.get(), hashLength);

It is because default string constructor will stop on the first '\\0' it encounters, which is OK for normal strings, but for cryptographic hash it is just one of possible chars.