php - openssl_private_decrypt 不返回任何 PHP

Question

更新：

openssl_error_string()给出：

error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02 
error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed

我在我的服务器上使用 OpenSSL 生成一对公钥和私钥：

$config = array(
        "private_key_bits" => 2048,
        "private_key_type" => OPENSSL_KEYTYPE_RSA,
    );

    $res = openssl_pkey_new($config);

我将 Base64 编码模数和指数发送到我的 Android 客户端。我的 Android 客户端根据收到的模数和指数重建公钥。然后我的 Android 客户端使用这样的密钥加密消息。最后，我的 Android 客户端将加密消息发送回服务器，希望服务器能够对其进行解密。

我的服务器上有一个简单的 PHP 脚本来测试来自我的 Android 客户端的加密消息的解密：

$sms_message = $argv[1];
$sender_no = $argv[2];

echo "Message received was: '$sms_message' \n";
echo "sender's no was: $sender_no \n";

$parts = array();
$parts = explode(" ", $sms_message);
if (count($parts)==2) {
    echo "code: $parts[0] \n";
    if (strcmp($parts[0], "smscode")==0) {
        echo "measurement: $parts[1] \n";
        // retrieve the private key
        $keyArr = array();
        $keyArr = getKeys();
        //
        if ($keyArr) {
            $privateKey = $keyArr["private"];
            echo "$privateKey \n";
            // use the private key to decrypt the message
            echo openssl_private_decrypt(base64_decode($parts[1]), $decrypted, $privateKey); // this is supposed to return either TRUE or FALSE right?

            echo $decrypted;

            $decryptedMessages = "decrypted.txt";

            if (!$fh = fopen($decryptedMessages, 'a')) {
                echo "cannot open file $decryptedMessages";
                exit;
            }   

            // Write $somecontent to our opened file.
            if (fwrite($fh, $decrypted) === FALSE) {
                              echo "Cannot write to file ($decryptedMessages)";
                                          exit;
            }                 
            //                            
            fclose($fh);
        }   
    } else {
        echo "what received is not a measurement - $parts[1] \n";
    } 
} else {
    echo "sms message malformed";
}

我运行了以下内容：

php SmsReceiver.php 'smscode adDmHJDFmI8bC9KRcA7nPbTc2NU0sY7iM5jDHt3qJVq/AAyl9thUB3zVH5/9Jr+pTM4V+dift6UD8uB3nEU53thrY7nx55PsackCYzmBoKYTE4tazsyF7tRfAIawxvmR4lcSfKL2+A0N9ZetISoqqZAHI141n47Wtd52n0pE9tdLRGzXQlfeDOC3ntnbOKcIIhbyJWekLg+58uCLm2nfWPA4EveAd7t6RQPX4E20wXXQ1RgkVPCQsW+9WDdrbxav6y0VN7uKoBqA4/G8zn3Ol41OPtFFllBgl1BGUFWK3xcxxxZqodTCc3pTdAIHgJ4td+pktUjfbAwITt/RMC+IcA==' +6511111111
Message received was: 'smscode adDmHJDFmI8bC9KRcA7nPbTc2NU0sY7iM5jDHt3qJVq/AAyl9thUB3zVH5/9Jr+pTM4V+dift6UD8uB3nEU53thrY7nx55PsackCYzmBoKYTE4tazsyF7tRfAIawxvmR4lcSfKL2+A0N9ZetISoqqZAHI141n47Wtd52n0pE9tdLRGzXQlfeDOC3ntnbOKcIIhbyJWekLg+58uCLm2nfWPA4EveAd7t6RQPX4E20wXXQ1RgkVPCQsW+9WDdrbxav6y0VN7uKoBqA4/G8zn3Ol41OPtFFllBgl1BGUFWK3xcxxxZqodTCc3pTdAIHgJ4td+pktUjfbAwITt/RMC+IcA==' 
sender's no was: +6511111111 
code: smscode 
measurement: adDmHJDFmI8bC9KRcA7nPbTc2NU0sY7iM5jDHt3qJVq/AAyl9thUB3zVH5/9Jr+pTM4V+dift6UD8uB3nEU53thrY7nx55PsackCYzmBoKYTE4tazsyF7tRfAIawxvmR4lcSfKL2+A0N9ZetISoqqZAHI141n47Wtd52n0pE9tdLRGzXQlfeDOC3ntnbOKcIIhbyJWekLg+58uCLm2nfWPA4EveAd7t6RQPX4E20wXXQ1RgkVPCQsW+9WDdrbxav6y0VN7uKoBqA4/G8zn3Ol41OPtFFllBgl1BGUFWK3xcxxxZqodTCc3pTdAIHgJ4td+pktUjfbAwITt/RMC+IcA== 
private key found 
public key found 
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC7dArHUiEXpEwi
...
F/EaVVWEZLevTJEdMpkfvQVr/08AlSLR3Nm33CrvQ1SfFygK0F6G6o1pQtnHlCKh
DK8/dT2CgsFuDbiAs4MRqQA36g==
-----END PRIVATE KEY-----

如您所见，openssl_private_decrypt()不返回任何内容，为什么？
即使我的加密/解密过程有问题，至少给出一个false我期望的值。

公钥的基于 64 编码的模数：

u3QKx1IhF6RMIvncMADBhGqhdlSWnuuUz0dXr9NUzXJtgfPgvX/07w1IKTls6uj48eZ4J3s5me4xUzoRwIsxjk6Ondke2vGVJgzBZh3KQSml0dQoK/0a3Bc/bHwue3jroCCAaC/4lF6GQS5gB1gDQntkKBM+RaHaEqGldKHmF1T8Sg1zSLAU9IGBc+xDSCqgo2RepntB0npctBGmAYF8gdzN1PnAwgVfOLU/xi08ssQL1ppkrMncgPegaOOkyUZm4BXSyEY9ikYynLfoiQqEAFb9mU40yNM7LQusgqF0YhUgUIg+4fuQNscZJCJ6pS9UTQ64MHWCqrpXCeRAZ4rWeQ==

公钥的基于 64 编码的指数：

AQAB

私钥：

安卓日志猫：

I/SmsReceiver(15814): message received is keyx u3QKx1IhF6RMIvncMADBhGqhdlSWnuuUz0dXr9NUzXJtgfPgvX/07w1IKTls6uj48eZ4J3s5me4xUzoRwIsxjk6Ondke2vGVJgzBZh3KQSml0dQoK/0a3Bc/bHwue3jroCCAaC/4lF6GQS5gB1gDQntkKBM+RaHaEqGldKHmF1T8Sg1zSLAU9IGBc+xDSCqgo2RepntB0npctBGmAYF8gdzN1PnAwgVfOLU/xi08ssQL1ppkrMncgPegaOOkyUZm4BXSyEY9ikYynLfoiQqEAFb9mU40yNM7LQusgqF0YhUgUIg+4fuQNscZJCJ6pS9UTQ64MHWCqrpXCeRAZ4rWeQ== AQAB
I/SmsReceiver(15814): message received is a key exchange message
I/SmsReceiver(15814): the recipient's public key modulus is 23663785522794809498963221782819553495813344590754203802091214078741934630870755737273483338578650343553350487999568641527155675069988138202941338180146715141856273325699348180697949807604837968252319802254132361756796150729526732643616381939360742823851037800072915016799286519177887771453765989612342846498554824903381084855033387403868553674907286294016751397407403976788809972626838594376008433688839811350345997686592001128890405964489889151586297624459113817319199310865303723716614014342885058854916172119790960266134365108047747227357851477353947042531226823494283658181608350838513970607286067323054395676281 and exponent is 65537
I/SmsReceiver(15814): successfully remembered the contact +6500000000 and its public key module u3QKx1IhF6RMIvncMADBhGqhdlSWnuuUz0dXr9NUzXJtgfPgvX/07w1IKTls6uj48eZ4J3s5me4xUzoRwIsxjk6Ondke2vGVJgzBZh3KQSml0dQoK/0a3Bc/bHwue3jroCCAaC/4lF6GQS5gB1gDQntkKBM+RaHaEqGldKHmF1T8Sg1zSLAU9IGBc+xDSCqgo2RepntB0npctBGmAYF8gdzN1PnAwgVfOLU/xi08ssQL1ppkrMncgPegaOOkyUZm4BXSyEY9ikYynLfoiQqEAFb9mU40yNM7LQusgqF0YhUgUIg+4fuQNscZJCJ6pS9UTQ64MHWCqrpXCeRAZ4rWeQ== and exponent AQAB

score 0 · Accepted Answer

OpenSSL 非对称加密不适合加密大文件，除非您使用 S/MIME。事实上，这是我尝试过的：

解码 base64 编码的“测量：”字段。解码后的消息长度为 256 字节。
尝试使用您使用以下 openssl 命令粘贴的私钥解密这 256 个字节：

openssl rsautl -decrypt -in x.in -out plaintext -inkey private.key

但是，我得到了一个错误：

RSA operation error

139982152128160:error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02:rsa_pk1.c:190:

139982152128160:error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed:rsa_eay.c:616:

事实上，我尝试使用 PHP 本身进行此操作。但是，我没有做echoof $decrypted，而是使用openssl_error_string了它，它给了我上面的确切错误。

此外，我也无法使用公钥加密 256 字节的数据。我从 openssl 收到错误指示139870762710688:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size:rsa_pk1.c:151:。

所有这些似乎都表明 OpenSSL 的非对称加密并不意味着加密大数据（在这种情况下，256 字节就足够大了）。我不确定 Android 客户端是如何加密它的。它是否也使用了 OpenSSL？

但是，有有关如何处理此问题的相关帖子。看一眼：

如何使用公钥加密openssl中的大文件
使用 S/MIME 加密： http: //ashmek.weebly.com/1/post/2011/02/encrypt-large-files-with-a-public-key-via-openssl.html

php - openssl_private_decrypt 不返回任何 PHP

1 回答 1

Related

Reference