[英]C++ Public Key Encryption with RSA_public_encrypt
I'm currently struggeling with the public Key Encryption in C++.我目前正在努力使用 C++ 中的公钥加密。 I am using openssl but the generated string is always broken.
我正在使用 openssl 但生成的字符串总是被破坏。 My current solution is the following:
我目前的解决方案如下:
string encryptWithPublicKey(const char* pData, int iLen) { // pData: String to encrypt, iLen: length
char chPublicKey[] = "---Public Key-- ...";
BIO* bio = BIO_new_mem_buf(chPublicKey, -1);
RSA* rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
int nLen = RSA_size(rsa);
char* pEncode = (char*)malloc(nLen + 1);
int rc = RSA_public_encrypt(iLen, (unsigned char*)pData, (unsigned char*)pEncode, rsa, RSA_NO_PADDING);
cout << "From: " << pData << " To: '" << pEncode << "'";
RSA_free(rsa);
CRYPTO_cleanup_all_ex_data();
std::string strName = std::string(pEncode);
return strName;
}
The output of the encryption is always in that format: "═════════════════════════════════════════════════════════════════²²²²☻"加密的输出总是这样的格式:“================================== ===========================²²²²☻"
No idea why the output has that format ^^不知道为什么输出有那种格式^^
Maybe someone has an idea how to use the encryption in a better.也许有人知道如何更好地使用加密。
Thanks Kurt谢谢库尔特
Encrypted data is binary.加密数据是二进制的。 You shouldn't print binary data.
你不应该打印二进制数据。 You should encode it as base64 or hex before printing.
您应该在打印前将其编码为 base64 或十六进制。
════════════
are 0xCC bytes, magic fill bytes for uninitialized memory. ════════════
是0xCC字节,未初始化内存的魔法填充字节。 It seems nothing was writted to the output, which means the call to RSA_public_encrypt
failed.似乎没有写入输出,这意味着对
RSA_public_encrypt
的调用失败。
You are not checking the return value rc
.您没有检查返回值
rc
。
int rc = RSA_public_encrypt(iLen, (unsigned char*)pData, (unsigned char*)pEncode, rsa, RSA_NO_PADDING);
Add some error reporting to see the exact error:添加一些错误报告以查看确切的错误:
if (rc < 0) {
char buf[128];
cerr << "RSA_public_encrypt: " << ERR_error_string(ERR_get_error(), buf) << endl;
}
It will probably print something like RSA_padding_add_none:data too small for key size
.它可能会打印类似
RSA_padding_add_none:data too small for key size
。
That's because RSA_public_encrypt
encrypts exactly RSA_size(rsa)
bytes (the size of the RSA key), and is meant primarily for encrypting symmetric keys, which are in turn used for encryption.这是因为
RSA_public_encrypt
精确加密RSA_size(rsa)
字节(RSA 密钥的大小),主要用于加密对称密钥,而对称密钥又用于加密。
I use public/private key for symmetric key transfer
我使用公钥/私钥进行对称密钥传输
Good.好的。 In that case the key should fit and you just need to pad it to
RSA_size(rsa)
bytes.在这种情况下,密钥应该适合,您只需要将其填充到
RSA_size(rsa)
字节。 Or better yet, use some good padding like RSA_PKCS1_OAEP_PADDING
instead of RSA_NO_PADDING
.或者更好的是,使用一些好的填充,如
RSA_PKCS1_OAEP_PADDING
而不是RSA_NO_PADDING
。
Note that std::string(pEncode)
expects a C-string input.请注意,
std::string(pEncode)
需要 C 字符串输入。 You need std::string(pEncode, rc)
in order to store binary data inside std::string
.您需要
std::string(pEncode, rc)
才能将二进制数据存储在std::string
。 Or better yet, use base64 (see EVP_EncodeBlock
).或者更好的是,使用 base64(请参阅
EVP_EncodeBlock
)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.