Go语言中crypto/rsa库中的EncryptOAEP函数为什么需要一个随机的io.Reader参数?

huangapple go评论100阅读模式
英文:

Why does the Go function EncryptOAEP in the crypto/rsa library require a random io.Reader?

问题

我正在编写一个文件服务器,它在客户端对数据进行加密,通过TCP发送数据,并在服务器端使用非对称RSA-OAEP加密进行解密。我一直在尝试使用两个主要的函数,根据文档,它们接受以下参数:

EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, label []byte) (out []byte, err error)
DecryptOAEP(hash hash.Hash, random io.Reader, priv *PrivateKey, ciphertext []byte, label []byte) (msg []byte, err error)

每个函数都需要一个random io.Reader,而测试文件使用了crypto/rand中的rand.Reader。然而,无论我如何在客户端使用rand.Reader加密消息,服务器端都无法正确解密消息,尽管服务器端也有一个单独的rand.Reader实例。

  1. random io.Reader的目的是什么?
  2. 我如何确保服务器正确传输和解密加密的消息?我是否还需要将客户端使用的rand.Reader的一些信息传输给服务器,以便正确解密消息?
英文:

I'm writing a file server that encrypts data on the client side, sends the data over TCP, and decrypts it on server side using asymmetric RSA-OAEP encryption. There are two main functions I have been trying to use, which take the following arguments per the documentation:

EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, label []byte) (out []byte, err error)
DecryptOAEP(hash hash.Hash, random io.Reader, priv *PrivateKey, ciphertext []byte, label []byte) (msg []byte, err error)

Each requires a random io.Reader, and the test file uses rand.Reader from crypto/rand. However, whenever I encrypt a message with rand.Reader on the client side, the message never is decrypted properly on the server side which has a separate instance of rand.Reader.

  1. What is the purpose of the random io.Reader?
  2. How can I ensure that the encrypted message is transferred and decrypted properly by the server? Would I also need to transfer some information about the rand.Reader used by the client as well to the server for the message to be properly decrypted?

1: http://golang.org/pkg/crypto/rsa/#EncryptOAEP "documentation"
2: http://golang.org/src/pkg/crypto/rsa/rsa.go "test file"

答案1

得分: 5

使用rsa_test.go作为基础,我成功创建了一个小的端到端解密程序。
根据您提供的信息,很难确定错误出在哪里,但我希望通过阅读这个程序,您可以自己找到错误。可能您不需要在DecryptOAEP中提供一个Reader。

package main

import (
	"bytes"
	"crypto/rsa"
	"crypto/sha1"
	"log"
	"math/big"
)

func main() {
	sha1 := sha1.New()
	n := new(big.Int)
	d := new(big.Int)

	rsa_modulus := "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb"
	rsa_d := "53339cfdb79fc8466a655c7316aca85c55fd8f6dd898fdaf119517ef4f52e8fd8e258df93fee180fa0e4ab29693cd83b152a553d4ac4d1812b8b9fa5af0e7f55fe7304df41570926f3311f15c4d65a732c483116ee3d3d2d0af3549ad9bf7cbfb78ad884f84d5beb04724dc7369b31def37d0cf539e9cfcdd3de653729ead5d1"

	n.SetString(rsa_modulus, 16)
	d.SetString(rsa_d, 16)
	public := rsa.PublicKey{n, 65537}
	d.SetString(rsa_d, 16)
	private := new(rsa.PrivateKey)
	private.PublicKey = public
	private.D = d

	seed := []byte{0x18, 0xb7, 0x76, 0xea, 0x21, 0x06, 0x9d, 0x69,
		0x77, 0x6a, 0x33, 0xe9, 0x6b, 0xad, 0x48, 0xe1, 0xdd,
		0xa0, 0xa5, 0xef,
	}
	randomSource := bytes.NewReader(seed)

	in := []byte("Hello World")

	encrypted, err := rsa.EncryptOAEP(sha1, randomSource, &public, in, nil)
	if err != nil {
		log.Println("error:", err)
	}

	plain, err := rsa.DecryptOAEP(sha1, nil, private, encrypted, nil)
	if err != nil {
		log.Println("error:", err)
	}

	log.Println(string(plain))
}
英文:

Using rsa_test.go as a base I managed to create a small end to end decryption program.
From the informations you provided is hard to tell where the error is, but I hope reading this program you can find the bug yourself. Probably you don't need to provide a Reader in the DecryptOAEP.

http://play.golang.org/p/7VVCHJOB7R

package main

import (
	"bytes"
	"crypto/rsa"
	"crypto/sha1"
	"log"
	"math/big"
)

func main() {
	sha1 := sha1.New()
	n := new(big.Int)
	d := new(big.Int)

	rsa_modulus := "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb"
	rsa_d := "53339cfdb79fc8466a655c7316aca85c55fd8f6dd898fdaf119517ef4f52e8fd8e258df93fee180fa0e4ab29693cd83b152a553d4ac4d1812b8b9fa5af0e7f55fe7304df41570926f3311f15c4d65a732c483116ee3d3d2d0af3549ad9bf7cbfb78ad884f84d5beb04724dc7369b31def37d0cf539e9cfcdd3de653729ead5d1"

	n.SetString(rsa_modulus, 16)
	d.SetString(rsa_d, 16)
	public := rsa.PublicKey{n, 65537}
	d.SetString(rsa_d, 16)
	private := new(rsa.PrivateKey)
	private.PublicKey = public
	private.D = d

	seed := []byte{0x18, 0xb7, 0x76, 0xea, 0x21, 0x06, 0x9d, 0x69,
		0x77, 0x6a, 0x33, 0xe9, 0x6b, 0xad, 0x48, 0xe1, 0xdd,
		0xa0, 0xa5, 0xef,
	}
	randomSource := bytes.NewReader(seed)

	in := []byte("Hello World")

	encrypted, err := rsa.EncryptOAEP(sha1, randomSource, &public, in, nil)
	if err != nil {
		log.Println("error: %s", err)
	}

	plain, err := rsa.DecryptOAEP(sha1, nil, private, encrypted, nil)
	if err != nil {
		log.Println("error: %s", err)
	}
	
	log.Println(string(plain))
}

huangapple
  • 本文由 发表于 2014年6月20日 00:21:44
  • 转载请务必保留本文链接:https://go.coder-hub.com/24311575.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定