Golang RSA解密无填充?

huangapple go评论95阅读模式
英文:

golang rsa decrypt no padding?

问题

Golang的RSA库似乎没有提供NO_PADDING选项,但是OpenSSL可以正常工作。使用Golang加密的数据在与其他语言对接时无法正常解密,但是使用PHP和OpenSSL可以正常解密。后来发现Golang似乎不支持NO_PADDING解密,只支持PKCS1填充。在OpenSSL中增加参数"-raw"可以正常解密。上面是私钥,一个密文和解密后的正确值。有人可以帮我看看如何解决吗?

私钥内容如下:

-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBANJS/xu+NtmDqobnhCdLjWk46aYbBk/mQrLcozAIbQLFG2mgkrxf
B5+CgtISKpKfmRfCO2NhceK+YedaMMBUxn8CAQMCQQCMN1S9KXnmV8cEmlgaMl5G
JfEZZ1mKmYHMkxd1WvNXLNuke9ntKwti8zG1lAFcOVHnm/uYsNdua+lvvQlEgBUL
AiEA/c8ezGaNUFwEAltwTEFtFItT5PyOXlWIdPAZ7j160lkCIQDUI8f/chEmLxG1
5kPcRtyJsQRdAcnQZ5QOz6S0nBnUlwIhAKk0vzLvCOA9WAGSSt2A82MHjUNTCZQ5
BaNKu/Qo/Iw7AiEAjW0v/6FgxB9hI+7X6C89sSCtk1aGiu+4Cd/DIxK74w8CIB4q
rA1k247JrqKTGlqSHVr1Ta+h3BPbwFKCi5CiDOjV
-----END RSA PRIVATE KEY-----

数据文件data.txt的内容如下:

00000000: 6d4b 5dab 6d64 45e1 e4cb 0ea8 20df b724  mK].mdE..... ..$
00000010: cfe5 db3e 75c4 e80e 2337 4f08 1b36 87b4  ...>u...#7O..6..
00000020: 7550 47d4 ed60 576a a160 2d01 3cf7 4c50  uPG..`Wj.`-.<.LP
00000030: 7e44 6432 1f9d cfe2 2e9f 4f89 f815 ae01  ~Dd2......O.....

经过base64编码后的数据为:

bUtdq21kReHkyw6oIN+3JM/l2z51xOgOIzdPCBs2h7R1UEfU7WBXaqFgLQE890xQfkRkMh+dz+Iun0+J+BWuAQ==

使用OpenSSL进行解密的命令如下:

cat data.txt | openssl rsautl -decrypt -inkey private.pem -raw

解密后的结果为:

qYnYKT2mxuXR5XB615gOenqxOnIUjWs7
英文:

Golang rsa does not have NO_PADDING?
But openssl is ok.
For encrypted data docking and other language, the encrypted data with Golang cannot decrypt normally, but the use of PHP and Openssl can be normal, later found like Golang does not support NO_PADDING decryption, seems to only PKCS1.
Openssl increase the parameter - raw can normal decryption.The private key is above, a cipher and decrypted correct value.
Can someone help me to look at how to solve?

$ cat private.pem  
-----BEGIN RSA PRIVATE KEY-----  
MIIBOgIBAAJBANJS/xu+NtmDqobnhCdLjWk46aYbBk/mQrLcozAIbQLFG2mgkrxf  
B5+CgtISKpKfmRfCO2NhceK+YedaMMBUxn8CAQMCQQCMN1S9KXnmV8cEmlgaMl5G  
JfEZZ1mKmYHMkxd1WvNXLNuke9ntKwti8zG1lAFcOVHnm/uYsNdua+lvvQlEgBUL  
AiEA/c8ezGaNUFwEAltwTEFtFItT5PyOXlWIdPAZ7j160lkCIQDUI8f/chEmLxG1  
5kPcRtyJsQRdAcnQZ5QOz6S0nBnUlwIhAKk0vzLvCOA9WAGSSt2A82MHjUNTCZQ5  
BaNKu/Qo/Iw7AiEAjW0v/6FgxB9hI+7X6C89sSCtk1aGiu+4Cd/DIxK74w8CIB4q  
rA1k247JrqKTGlqSHVr1Ta+h3BPbwFKCi5CiDOjV  
-----END RSA PRIVATE KEY-----  

$ xxd data.txt  
00000000: 6d4b 5dab 6d64 45e1 e4cb 0ea8 20df b724  mK].mdE..... ..$  
00000010: cfe5 db3e 75c4 e80e 2337 4f08 1b36 87b4  ...>u...#7O..6..  
00000020: 7550 47d4 ed60 576a a160 2d01 3cf7 4c50  uPG..`Wj.`-.<.LP  
00000030: 7e44 6432 1f9d cfe2 2e9f 4f89 f815 ae01  ~Dd2......O.....  

$ base64 -i data.txt  
bUtdq21kReHkyw6oIN+3JM/l2z51xOgOIzdPCBs2h7R1UEfU7WBXaqFgLQE890xQfkRkMh+dz+Iun0+J+BWuAQ==  

$ cat data.txt | openssl rsautl -decrypt -inkey private.pem -raw  
qYnYKT2mxuXR5XB615gOenqxOnIUjWs7

答案1

得分: 4

使用没有填充的RSA解密密文块是一个单一的模指数运算。

c := new(big.Int).SetBytes(cipherText)
plainText := c.Exp(c, privateKey.D, privateKey.N).Bytes()

一个完整的示例使用您的输入数据可以在这里找到:https://play.golang.org/p/CgLYgLR61t

如果您想要一个完整版本的解密函数,带有侧信道遮蔽并使用预计算的CRT值以提高性能,您可以从crypto/rsa/rsa.go源代码中复制decrypt函数。

如果您有选择的话,不应该以这种方式使用RSA。在Crypto StackExchange网站上有一个很好的讨论,解释了使用这种方法的细节和缺点。

英文:

Decrypting a ciphertext block using rsa with no padding is a single modulo exponent operation.

c := new(big.Int).SetBytes(cipherText)
plainText := c.Exp(c, privateKey.D, privateKey.N).Bytes()

A full example using your input data is here: https://play.golang.org/p/CgLYgLR61t

If you want a full version of the decryption function, with side-channel blinding and using precomputed CRT values for faster performance, you can copy the decrypt function from the crypto/rsa/rsa.go source.

If you have the choice, you should not be using rsa in this manner. There is a good discussion on the Crypto StackExchange site explaining the details and drawbacks of using this method.

答案2

得分: -1

以下是使用RSA加密纯文本而无需填充的代码示例:

var publicKey *rsa.PublicKey

// ...
// ...

c := new(big.Int).SetBytes([]byte(text))

encryptedBytes := c.Exp(c, big.NewInt(int64(publicKey.E)), publicKey.N).Bytes()
encryptedBase64 := base64.StdEncoding.EncodeToString(encryptedBytes)

请注意,这只是一个代码示例,并不是实际回答您的问题。

英文:

Not actually answer the question, but I put this here for someone who are looking for encrypting a plain text using rsa with no padding.

var publicKey *rsa.PublicKey

// ...
// ...

c := new(big.Int).SetBytes([]byte(text))

encryptedBytes := c.Exp(c, big.NewInt(int64(publicKey.E)), publicKey.N).Bytes()
encryptedBase64 := base64.StdEncoding.EncodeToString(encryptedBytes)

huangapple
  • 本文由 发表于 2016年11月29日 23:55:24
  • 转载请务必保留本文链接:https://go.coder-hub.com/40870178.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定