RSA_public_decrypt 在使用 RSA_set0_key(key, n,e,d) 时失败?

RSA_public_decrypt fails when using RSA_set0_key(key, n,e,d)?

我有来自其他设备的 ned 组件,而不是 OpenSSL。我想使用 OpenSSL API 进行加密和解密。但是加密后解密总是失败。

私钥(ned)设置我用RSA_set0_keyRSA_private_encrypt可以,但是RSA_public_decrypt 总是失败。我想知道为什么它失败了。

为什么 RSA_public_decrypt 失败?

RSA_set0_key() with N, E, D is possible?

是的。 RSA_set0_key 记录在 OpenSSL 手册页中。它的签名是:

int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);

描述为:

The n, e and d parameter values can be set by calling RSA_set0_key() and passing the new values for n, e and d as parameters to the function. The values n and e must be non-NULL the first time this function is called on a given RSA object. The value d may be NULL. On subsequent calls any of these values may be NULL which means the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.

再往下,在RETURN VALUES:

RSA_set0_key(), RSA_set0_factors and RSA_set0_crt_params() return 1 on success or 0 on failure.


I use RSA_set0_key for key(N, E, D) setting, and RSA_private_encrypt is OK, but RSA_public_decrypt fails always

很难说您对 RSA_public_decrypt 的使用发生了什么。也许您可以添加一些代码,说明 return 值是什么,并在函数失败时说明 ERR_get_err 的值。

同时,您可能需要您的 RSA 对象具有扩展私钥参数,例如 pqdpdqqInv。这些是中国剩余定理 (CRT) 参数,它们在 OpenSSL 用户邮件列表中用 RSA_set0_crt_params. Also see Unable to decrypt without Chinese Remainder Theorem factors? 设置。

找到原因了。使用 OS2IP 反转密钥 (n, d) 的顺序后,它就可以工作了。感谢帮助。