在加密中,我们使用接收者的公钥,为什么函数中的“私人”一词?对我来说似乎矛盾或困惑。
当我使用私钥时,我正在签署一些东西。看起来这个函数会给出与 相同的结果openssl_sign(),我尝试了两者并给了我不同的输出。
因为函数openssl_private_encrypt有“private”和“encrypt”,所以不知道是用来加密的还是用来签名的。这个功能是干什么用的?
问问题
810 次
1 回答
2
Generally the OpenSSL encrypt with private key method is used to provide for a very specific SSL method of signature generation:
Concatenating outputs from multiple hash functions provides collision resistance as good as the strongest of the algorithms included in the concatenated result. For example, older versions of TLS/SSL use concatenated MD5 and SHA-1 sums; that ensures that a method to find collisions in one of the functions doesn't allow forging traffic protected with both functions.
Source: see the Wikipedia page for the cryptographic hash function and look up concatenation of cryptographic hash functions.
As most libraries don't provide a signature format like that (and since the SSL version of the signature does not use an embedded ASN.1 structure around the hashes) this is implemented most of the time using an encrypt function instead. The difference that you are experiencing is probably the missing ASN.1 structure (see the PKCS#1 v2.1 standard to see what ASN.1 structure I'm talking about).
You can place a pretty good bet on that it uses the PKCS#1 padding for signatures instead of the padding used for encryption. And, as indicated, it won't contain the ASN.1 structure or the hash, instead it will just use the given put the given data in place of the ASN.1 structure.
It is not recommended to use this function outside support for existing (deprecated) protocols. If you use it for encryption purposes you will make yourself vulnerable to all kinds of attacks, so please don't make that mistake.
于 2013-02-19T00:04:51.200 回答