我有一个 RSA 使用私钥加密数据的 java 程序:
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
PrivateKey privateKey = null;
PublicKey publicKey = null;
// Load certificate from keystore
try {
FileInputStream keystoreFileInputStream = new FileInputStream("keystore.jks");
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(keystoreFileInputStream, "passphrase".toCharArray());
try {
privateKey = (PrivateKey) keystore.getKey("idm_key", "passphrase".toCharArray());
} catch (UnrecoverableKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} catch (Exception e) {
// TODO broad exception block
e.printStackTrace();
}
// Make the encrypted data.
byte[] toEncrypt = "Data to encrypt".getBytes();
byte[] encryptedData = null;
// Perform private key encryption
try {
// Encrypt the data
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
encryptedData = cipher.doFinal(toEncrypt);
} catch (Exception e) {
// TODO broad exception block
e.printStackTrace();
}
我需要使用 openssl 做同样的事情。这是我尝试过的代码:
uint8_t *encryptedBytes = NULL;
const char* data = "Data to enrypt";
char *private_key_file_name = "privatekey.pem"
FILE *fp = fopen(private_key_file_name, "r");
RSA *rsa = RSA_new();
PEM_read_RSAPrivateKey(fp, &rsa, 0, "passphase");
size_t encryptedBytesSize = RSA_size(rsa);
encryptedBytes = malloc(encryptedBytesSize * sizeof(uint8_t));
memset((void *)encryptedBytes, 0x0, encryptedBytesSize);
fclose(fp);
int result = RSA_private_encrypt(strlen(data), data, encryptedBytes, rsa,RSA_PKCS1_PADDING);
这不会产生与 Java 实现相同的输出。相反,它生成通过在 Java 中对数据进行签名而获得的输出,即
Signature rsa = Signature.getInstance("RSA");
rsa.initSign(privateKey);
rsa.update(toEncrypt);
byte [] signed = rsa.sign();
尽管鉴于 RSA_private_encrypt 的文档,这是我所期望的,但这不是我所需要的。有没有办法复制 java 代码对 openssl 所做的事情?