[英]C++ OpenSSL EVP_DigestVerify intermittently failing rsa_pk1.c:103 with RSA_R_BAD_PAD_BYTE_COUNT
I have included a full, basic code example which can be compiled with the following command (with boost installed) "g++ -std=c++11 -g test.cpp -lssl -lcrypto -lboost_system" 我已经提供了完整的基本代码示例 ,可以使用以下命令(安装了boost)进行编译:“ g ++ -std = c ++ 11 -g test.cpp -lssl -lcrypto -lboost_system”
The code I have pretty closely follows the OpenSSL EVP Signing and Verifying Asymmetric example with a bit of Boost refactoring for memory management. 我编写的代码非常接近OpenSSL EVP签名和验证不对称示例,并带有一些用于内存管理的Boost重构。
However, it's behaviour is very intermittent and changes with different keys as well as different text. 但是,它的行为是非常断断续续的,并随不同的键和不同的文本而变化。 I am pretty sure I am missing something here but due to time pressures I am about to just make a secure system call to the openssl utility which I have had no issues with. 我很确定我在这里遗漏了一些东西,但是由于时间的压力,我将只对没有问题的openssl实用程序进行安全的系统调用。
The test output below illustrates the issue. 下面的测试输出说明了该问题。 "A" and "AAA" are signed and verified successfully, whereas "AA" fails with a RSA_R_BAD_PAD_BYTE_COUNT padding error. “ A”和“ AAA”已签名并成功验证,而“ AA”失败,并出现RSA_R_BAD_PAD_BYTE_COUNT填充错误。 In order to try an correct this, I set the padding to PKCS but it made no difference. 为了尝试纠正此问题,我将填充设置为PKCS,但没有任何区别。
2048 bit [2] - Text: A - Success
Authentication failure: 67567722, rsa_pk1.c, 103, , 0 257
Error string: error:0407006A:lib(4):func(112):reason(106)
2048 bit [2] - Text: AA - Failure
2048 bit [2] - Text: AAA - Success
Any pointers here would be much appreciated! 这里的任何指针将不胜感激!
The issue has to do with the way you're converting char*
into string
inside testSignVerify
: 问题与您将char*
转换为testSignVerify
string
testSignVerify
:
string hashString((char*)pHash.get());
should be: 应该:
string hashString(pHash.get(), hashLength);
It is because default string constructor will stop on the first '\\0'
it encounters, which is OK for normal strings, but for cryptographic hash it is just one of possible chars. 这是因为默认字符串构造函数将在遇到的第一个'\\0'
停止,这对于普通字符串是可以的,但是对于加密哈希,这只是可能的字符之一。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.