使用 rsa evp 对数据进行签名的 c++ 代码

Question

亲爱的，我制作了 c++ 代码来签署消息 m_digestData[DATA_SIZE + RSA_KEY_SIZE]。这些消息最初由一些长度为 13 字节的数据和长度为 RSA_KEY_SIZE 256 字节(2048 位)的加密共享 key 组成。我只有 RSA m_caKeyPairs 结构，所以我首先将私钥存储在 priv_key 中，然后使用符号函数我试图制作一个错误文件以使用函数 ERR_print_errors() 存储错误。代码

OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();

//create private key
EVP_PKEY *priv_key = NULL;
priv_key = EVP_PKEY_new();
EVP_PKEY_set1_RSA(priv_key,m_caKeyPairs);

cout<<"i'm in sign digest"<<endl;

BIO *sgerr = NULL;
const char szPath[MAX_FILE_NAME_SIZE] = "sgerr.pem";
sgerr = BIO_new_file(szPath,"wb");
unsigned int *len = NULL;
unsigned char *sign = NULL;
EVP_MD_CTX *ctx = NULL;
ctx = EVP_MD_CTX_create();
const EVP_MD *md = EVP_get_digestbyname("SHA1");

EVP_SignInit(ctx, md);
EVP_SignUpdate(ctx, m_digestData, (DATA_SIZE + RSA_KEY_SIZE));
sign = (unsigned char *)OPENSSL_malloc(EVP_PKEY_size(priv_key));
EVP_SignFinal(ctx, sign, len, priv_key);

for(int i=0;i<(*len);i++)
{
    m_signedDigest[i] = *(sign + i);
}

ERR_print_errors(sgerr);
BIO_free(sgerr);

cout<<"signed digest is "<<endl;
for (int i = 0; i < RSA_KEY_SIZE; i++)
{
    printf("0x%.2x ", m_signedDigest[i]);
}

我的问题是:

1. 错误文件为空
2. 调试代码时出现错误:函数 EVP_SignFinal(ctx, sign, len, priv_key); 的“EVP_SignFinal() at 0xb7ed6c59”没有可用的源代码；

即使我先用 key 大小预留内存

还有解决这个问题的想法吗？

Answer 1

问题出在符号长度上，它是指针，只需如下所示并将其作为引用传递给方法，这里是新代码

      BIO *sgerr = NULL;
  const char szPath[MAX_FILE_NAME_SIZE] = "sgerr.pem";
  sgerr = BIO_new_file(szPath,"wb");

  cout<<"i'm in sign digest"<<endl;
  //create private key
  EVP_PKEY *priv_key = NULL;
  priv_key = EVP_PKEY_new();
  if (1 == EVP_PKEY_set1_RSA(priv_key,m_caKeyPairs))
  {
      int keytype = 0;
      keytype = EVP_PKEY_type(priv_key->type);
      cout<<"key type is "<<keytype<<endl;
         BIO *out = NULL;
         out = BIO_new_file("skey.pem","wb");

         PEM_write_bio_PrivateKey(
             out,                  /* write the key to the file we've opened */
             priv_key,               /* our key from earlier */
             EVP_des_ede3_cbc(), /* default cipher for encrypting the key on disk */
             (unsigned char *)"replace_me",       /* passphrase required for decrypting the key on disk */
             10,                 /* length of the passphrase string */
             NULL,               /* callback for requesting a password */
             NULL                /* data to pass to the callback */
         );
      cout<<"Successful key private created"<<endl;
  }
  else
  {
      cout<<"private key is bad"<<endl;
  }

EVP_MD_CTX *mdctx = NULL;
mdctx = EVP_MD_CTX_create();
size_t signlen = NULL;
//Initialize the DigestSign operation
if (1 == EVP_DigestSignInit(mdctx, NULL, EVP_sha1(), NULL, priv_key))
{
    cout<<"initialize correct"<<endl;
}
else
{
    cout<<"something wrong"<<endl;
}
//update with the message
if (1 == EVP_DigestSignUpdate(mdctx, m_digestData,(DATA_SIZE + RSA_KEY_SIZE)))
{
    cout<<"digest created successfully"<<endl;
    cout<<"digest is "<<endl;
    for (int i = 0; i < DIGEST_SIZE; i++)
    {
        printf("0x%.2x ", m_digest[i]);
    }
    cout<<endl;
}
else
{
    cout<<"something wrong"<<endl;
}
//Finalise the DigestSign operation determine the sign length
if (1 == EVP_DigestSignFinal(mdctx, NULL, &signlen))
{
    cout<<"sign length is "<<signlen<<endl;
}
else
{
    cout<<"something wrong"<<endl;
}

if (1 == EVP_DigestSignFinal(mdctx, m_signedDigest, &signlen))
{
    cout<<"sign successfully created"<<endl;
    cout<<"signed digest is " <<endl;
    for(int i=0;i<RSA_KEY_SIZE;i++)
    {
        printf("0x%.2x ", m_signedDigest[i]);
    }
        cout<<endl;
}
else
{
    cout<<"something wrong"<<endl;
}

请注意，我在类中使用了一些属性，例如 m_signedDigest[] 等