我正在尝试做 RSA 签名。我遵循的步骤是:
创建 RSA 密钥:
BIGNUM *check ;
check = BN_bin2bn(m_priv_n, MODULUS_SIZE, rsa->n);
if(check == NULL)
{
perror("Error in n \n");
rv = - 1;
goto exit;
}
check = BN_bin2bn(m_priv_e, EXPONENT_SIZE, rsa->e);
if(check == NULL)
{
perror("Error in e \n");
rv = - 1;
goto exit;
}
check = BN_bin2bn(m_priv_d, D_SIZE, rsa->d);
if(check == NULL)
{
perror("Error in d \n");
rv = - 1;
goto exit;
}
check = BN_bin2bn(m_priv_p, PRIME_NUMBER_SIZE, rsa->p);
if(check == NULL)
{
perror("Error in p \n");
rv = - 1;
goto exit;
}
check = BN_bin2bn(m_priv_q, PRIME_NUMBER_SIZE, rsa->q);
if(check == NULL)
{
perror("Error in q \n");
rv = - 1;
goto exit;
}
check = BN_bin2bn(m_priv_dp,DP_SIZE,rsa->dmp1);
if(check == NULL)
{
perror("Error in dp \n");
rv = - 1;
goto exit;
}
check = BN_bin2bn(m_priv_dq, DQ_SIZE, rsa->dmq1);
if(check == NULL)
{
perror("Error in dq \n");
rv = - 1;
goto exit;
}
check = BN_bin2bn(m_priv_iq, IQ_SIZE, rsa->iqmp);
if(check == NULL)
{
perror("Error in iq \n");
rv = - 1;
goto exit;
}
EVP_PKEY *signing_key = EVP_PKEY_new();
// EVP_PKEY_assign_RSA(signing_key, rsa);
EVP_PKEY_set1_RSA( signing_key, rsa );
计算哈希值:
EVP_MD_CTX mdctx;
const EVP_MD *md;
unsigned char md_value[EVP_MAX_MD_SIZE];
unsigned int mdlen;
OpenSSL_add_all_digests();
md = EVP_get_digestbyname("sha256");
if(!md)
{
printf("Unknown message digest \n");
rv = - 1;
goto exit;
}
EVP_MD_CTX_init(&mdctx);
EVP_DigestInit_ex(&mdctx, md, NULL);
EVP_DigestUpdate(&mdctx, input, strlen(input));
EVP_DigestFinal_ex(&mdctx, md_value, &mdlen);
EVP_MD_CTX_cleanup(&mdctx);
然后签名,为此我尝试了两种不同的方法:第一种方法:
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
EVP_PKEY *evpKey = 0;
evpKey = EVP_PKEY_new();
EVP_PKEY_set1_RSA( evpKey, rsa );
EVP_MD_CTX* ctx = 0;
ctx = EVP_MD_CTX_create();
EVP_SignInit_ex( ctx, EVP_sha256(), 0 );
EVP_SignUpdate( ctx, md_value, mdlen);
const int MAX_LEN = 256;
unsigned char sig[MAX_LEN];
unsigned int sigLen;
memset(sig, 0, MAX_LEN);
EVP_SignFinal( ctx, sig, &sigLen, evpKey );// Here it is getting crashed
printf( "Got signature: '%s'\n", sig );
EVP_MD_CTX_destroy( ctx );
RSA_free( rsa );
EVP_PKEY_free( evpKey );
ERR_free_strings();
第二种方法:
EVP_PKEY_CTX *ctx;
unsigned char *sig;
size_t siglen;
ctx = EVP_PKEY_CTX_new(signing_key,NULL);
if (!ctx)
{
printf("Error Occurred \n");
rv = - 1;
goto exit;
}
if (EVP_PKEY_sign_init(ctx) <= 0)
{
printf("Error \n");
rv = - 1;
goto exit;
}
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
{
printf("Error \n");
rv = - 1;
goto exit;
}
if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
{
printf("Error \n");
rv = - 1;
goto exit;
}
fflush(stdout);
if (EVP_PKEY_sign(ctx, NULL, &siglen, md_value, mdlen) <= 0)
{
printf(" Error \n");
rv = - 1;
goto exit;
}
sig = (unsigned char*)OPENSSL_malloc(siglen);
if (!sig)
{
printf(" malloc failure \n");
rv = - 1;
goto exit;
}
if (EVP_PKEY_sign(ctx, sig, &siglen, md_value, mdlen) <= 0) // Here it is crashing
{
printf("Unknown message digest \n");
rv = - 1;
goto exit;
}
在上述两种情况下,我都会遇到相同的错误:
Program received signal SIGSEGV, Segmentation fault.
0x000000000049b5ea in BN_MONT_CTX_set ()
(gdb) bt
#0 0x000000000049b5ea in BN_MONT_CTX_set ()
#1 0x000000000049b8f3 in BN_MONT_CTX_set_locked ()
#2 0x0000000000440a6c in RSA_eay_mod_exp ()
#3 0x000000000043fb29 in RSA_eay_private_encrypt ()
#4 0x00000000004050b2 in RSA_private_encrypt ()
#5 0x000000000044169f in RSA_sign ()
#6 0x0000000000443d1f in pkey_rsa_sign ()
任何解决此错误的帮助将不胜感激。
谢谢,尤维