I generated a public/private keypair with openssl:

我使用openssl生成了一个公钥/私钥对:

openssl genrsa -out private.pem 1024
openssl pkcs8 -topk8 -in private.pem -outform DER -out private.der -nocrypt
openssl rsa -in private.pem -pubout -outform DER -out public.der

Now after that I created test code with Python, that was encrypting and deciphering strings. I took the example straight from PyCrypto documentation, encrypting:

之后，我用Python创建了测试代码，这是加密和解密字符串。我从PyCrypto的文档中直接拿了这个例子，加密:

string_to_encrypt = str(raw_input("Enter a string to encrypt: "))
print "Encrypting: %s" % string_to_encrypt

key = RSA.importKey(open('./public.der').read())
cipher = PKCS1_OAEP.new(key)
ciphertext = cipher.encrypt(string_to_encrypt)

and decrypting:

和解密:

dec_key = RSA.importKey(open('./private.der').read())
d_cipher = PKCS1_OAEP.new(dec_key)
dec_message = d_cipher.decrypt(ciphertext)

Now this works as expected, and next I wanted to try deciphering same using C. I transfer the data via socket to the C application.. but now I'm unable to get the message back to clear text, even though the deciphering is not throwing errors.

现在，这是预期的工作，接下来我想尝试使用C来解密相同的数据。但是现在我无法将消息返回到清晰的文本中，即使解译并不是抛出错误。

Before I try to decipher the text, I print out the data to the screen, and the bytes match on both ends. The receiving function looks like this:

在我尝试破译文本之前，我将数据打印到屏幕上，并在两端匹配字节。接收函数是这样的:

char* decrypt_packet(char* encrypted_buffer, int size) {
  FILE *keyfile = fopen("./private.pem", "r");
  RSA *rsa_pri = PEM_read_RSAPrivateKey (keyfile, NULL, NULL, NULL);

  int rsa_private_len = RSA_size(rsa_pri);

  for(i; i < size;i++)
    printf("%02x:",(unsigned char)encrypted_buffer[i]);
  printf("\n");

  char * decrypt = (char*)malloc(rsa_private_len+1);
  memset(decrypt,0,rsa_private_len+1); //Zero the buffer for printing

  int res = RSA_private_decrypt(rsa_private_len, (unsigned char*)encrypted_buffer, (unsigned char*)decrypt, rsa_pri , RSA_NO_PADDING);
  if(res == -1) {

    ERR_load_crypto_strings();
    printf("ERROR: %s\n",ERR_error_string(ERR_get_error(),NULL));
  }
  printf("size decrypt: %i\n", res);
  printf("decrypted: %s\n", decrypt);
  ....

The deciphering doesn't fail, but the output is garbage (here sending just a test string "hello world"):

解码不会失败，但是输出是垃圾(这里只发送一个测试字符串“hello world”):

received buffer:
82:9d:a7:f7:3c:d6:71:12:01:31:ba:c6:a2:90:94:90:fd:69:d3:fe:14:11:2f:af:a9:8a:25:99:55:d2:84:1f:dc:e3:5e:a9:be:7b:8a:ac:cd:38:76:a2:91:ec:24:da:06:c7:8d:67:c8:15:19:73:c8:57:ce:a5:87:f0:da:db:c2:6d:5b:55:a3:ba:7e:7d:ca:6b:02:23:fd:fe:cb:b4:04:53:e2:74:c3:91:77:ee:5f:7a:61:7a:87:a6:42:37:28:c6:9c:cb:6a:46:f4:c0:bd:fe:8a:92:da:86:53:3b:5c:e2:e3:79:81:2c:32:28:9c:4c:be:0a:fa:75:7b:b2:
size decrypt:    128
decrypted: dÕf`5åiõuy<òáµÛ~G=/
                          Ä

I have chosen to use RSA_NO_PADDING? I have no idea really if this is correct.

我选择使用RSA_NO_PADDING?我不知道这是否正确。

But if I use something else, the decrypt function complains: RSA_padding_check_PKCS1_type_2:block type is not 02 or RSA_padding_check_PKCS1_OAEP:oaep decoding error

但是如果我使用别的东西，解密函数会抱怨:rsa_pading_check_pkcs1_type_2:块类型不是02或rsa_pading_check_pkcs1_oaep:oaep解码错误。

Am I correctly calling the RSA_private_decrypt function ? Could the problem be that I'm reading the private.pem file in C (in Python I was reading the .der file)?

我是否正确地调用了RSA_private_decrypt函数?问题可能是我正在读私人信件。在C中的pem文件(在Python中，我正在读取.der文件)?

One more thing came to mind. I used default openssl from Ubuntu to generate the keys, but my C application I'm linking against a downloaded and compiled source. The Makefile contains:

我又想起了一件事。我在Ubuntu中使用默认的openssl来生成密钥，但是我的C应用程序与下载的和编译的源代码相链接。Makefile文件包含:

SOURCE_FILES = main.c client_handler.c
CC=gcc
$(CC) $(SOURCE_FILES) -o client_control_srv -lpthread -lssl -lcrypto -I/home/jlumme/openssl-1.0.1f_x86/include

Thanks for any tips!

谢谢你的任何建议!

1 个解决方案

openssl genrsa -out mykey_priv.pem 1024
openssl rsa -in mykey_priv.pem -out mykey_publ.der -outform DER -pubout

#1

openssl genrsa -out mykey_priv.pem 1024
openssl rsa -in mykey_priv.pem -out mykey_publ.der -outform DER -pubout