提问人:Lamens 提问时间:7/17/2022 更新时间:7/18/2022 访问量:279
检查给定的密钥对是否有效 C++
Check if given keypair is valid C++
问:
我想检查给定的密钥对是否有效,我找到了解决方案,但它不起作用,因为类的对象没有参数RSAn.
#include <openssl/rsa.h>
#include <openssl/pem.h>
int main() {
RSA *pubkey = PEM_read_RSA_PUBKEY(...);
RSA *privkey = PEM_read_RSAPrivateKey(...);
if (!BN_cmp(pubkey->n, privkey->n)) {
// same modulus, so the keys match
}
return 0;
}
如何解决我的问题,或者有没有其他方法可以测试密钥对是否有效?
答:
2赞
Stephan Schlecht
7/18/2022
#1
OpenSSL 3.x
OpenSSL 3.x 提供 .它可以像这样使用(当然,必须相应地添加读取密钥等的错误处理):EVP_PKEY_get_bn_param
#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/evp.h>
#include <openssl/core_names.h>
...
EVP_PKEY *priv_key= NULL, *pub_key= NULL;
BIGNUM *rsa_pub_n = NULL, *rsa_priv_n = NULL;
...
PEM_read_PUBKEY(fp_pub, &pub_key, NULL, NULL)
PEM_read_PrivateKey(fp_priv, &priv_key, NULL, NULL)
...
//extract n with EVP_PKEY_get_bn_param for the keys...
if (EVP_PKEY_is_a(priv_key, "RSA")) {
if (!EVP_PKEY_get_bn_param(priv_key, OSSL_PKEY_PARAM_RSA_N, &rsa_priv_n)) {
//error message and exit
}
//finally compare with BN_cmp
请参阅此处的文档:https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_get_bn_param.html
OpenSSL 1.x
对于 OpenSSL 1.x,可以使用该函数。请注意,此函数在 OpenSSL 3.x 中被标记为已弃用。RSA_get0_key
#include <openssl/rsa.h>
#include <openssl/pem.h>
...
BIGNUM *rsa_pub_n = NULL, *rsa_priv_n = NULL;
...
RSA *pub = RSA_new();
PEM_read_RSA_PUBKEY(fp_pub, &pub, NULL, NULL)
RSA *priv = RSA_new();
PEM_read_RSAPrivateKey(fp_priv, &priv, NULL, NULL)
...
RSA_get0_key(pub, &rsa_pub_n, NULL, NULL);
RSA_get0_key(priv, &rsa_priv_n, NULL, NULL);
...
//finally compare with BN_cmp
确保检查每个函数的返回代码并添加适当的错误处理。
更多信息请见:https://www.openssl.org/docs/manmaster/man3/RSA_get0_key.html
评论