英文:
How to decrypt an encrypted message with RSA private key
问题
我正在使用一个需要我的公钥的API,然后该API将返回一个包含向量和令牌的响应,但它们是以加密形式存在的(我认为他们使用了我的公钥来进行加密)。为了解密它,我需要使用我的私钥。私钥和公钥都以DER编码形式存在。
我基本上想要实现类似于这个网站的功能:https://www.devglan.com/online-tools/rsa-encryption-decryption
我正在使用的密钥(它们只是示例):
公钥:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbI1SofN/ZPsprBlPAW/c4GDKHo6Idv3J/P5LEEUpAsbVVpq6wY7Tf6lfBSTcirq48oMD34p3z5sX1jYy15OXNxNKBpoOdv8BYQdnK/LfFcZ5720yUNka0xiHUol/Zi0c0PWB6HkAAkT0sbeGLbCuX6yr6SbJBFaI2ofIKk/mGswIDAQAB
私钥:MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJsjVKh839k+ymsGU8Bb9zgYMoejoh2/cn8/ksQRSkCxtVWmrrBjtN/qV8FJNyKurjygwPfinfPmxfWNjLXk5c3E0oGmg52/wFhB2cr8t8VxnnvbTJQ2RrTGIdSiX9mLRzQ9YHoeQACRPSxt4YtsK5frKvpJskEVojah8gqT+YazAgMBAAECgYA5KaeD/Z8tmSlUjhxGAJzzGldkCzMs6uHxaSdW/1fwxooeaTBs5hA7gUmcerHKIbsps8HmlKXGvP2sIN/8Fb9mo1yHaAN2g52+cvpr2QmeeUOwfuZTM/gllT4rUIB7sMC5Uxl7sW55bGhRxqdfHJskow4rPga+irjuYSy5GIZSwQJBANDtfF+VWPKrR8MHYvaGoLLkrA1cFn8g9x1eGA3mgWPNYoH5nMJfe0IBaXo69jlrnBAjK+oxnPSyh/AZzsEehasCQQC+F15dVSjH8tJSXz8RCDpMdp+P9J/eoi7+V0IgwKAaSJCZfYWXeckAAIpvwit7fkj3n83nj0PPm9Xwh22CYGsZAkAAvIWOtLEOken71v/TTKAuYT32AhgWNKCKWvWMvv4/ws6RFLcnvDxr/CNKCgEqLKXtLKKP/cLG3gY6o2ymI5xnAkA8l4JSycRYB8SW0RlvOmoq2Vz/LACRnKzSEcpYWk4uUpcU9ffRUtaJE6MNAJ2Pna9wjxW5C+eXk5rcMq7rcgRxAkAjizE3JbwUu3MX5TDmHfGCvIZ38jnfSUjFrYBLKaNJegOD4zcxRZXfO7iKDa+PtFMRe7ZtnU7WuCM0yUT2Qa0j
加密消息:BUy5nR/PuJNCFXeUxQd4oxkCvMo2JiLwH5VkzLz1UdM4M0VXDv4Ba1OaNHbttqETQENy1VfW2V4v9Pw5HmDIcS1sdGN69ceEHJbned46rK1EVtMVQZGP9ha54AXie5v/1TdKYWJ+AFt0FxVj4kfFXGXEzF19Q8LB2AOJCAEJK6s=
现在让我们来看看代码部分:
我正在从环境文件中获取我的私钥和公钥:
public := goDotEnvVariable("publicKey")
private := goDotEnvVariable("privateKey")
在调用API并获取结果后,我尝试使用rsa.DecryptOAEP
函数解密消息,但它一直给我返回[] crypto/rsa: decryption error
。在包内部进行调试后,我发现错误出现在这里:
k := priv.Size() // 私钥的大小
if len(ciphertext) > k || // ciphertext 是加密的文本,hash.Size()*2+2 是我使用的哈希大小
k < hash.Size()*2+2 {
return nil, ErrDecryption
}
if语句的结果:k = 128,hash.Size()*2+2 = 66,cipher = 172
起初,我遇到了将私钥(在我的情况下是字符串,因为它来自环境文件)转换为RSA私钥的问题。以下是我解决问题的方法:
sEnc, err := b64.StdEncoding.DecodeString(private) // 使用这个包 "encoding/base64" 进行解码
然后我进行了如下转换:
block := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: sEnc,
}
parseResult, err := x509.ParsePKCS8PrivateKey(block.Bytes)
我做错了什么?
英文:
I'm hitting an API that requires my public key, then that API will return a response that contains a vector and a token but they are in an encrypted form (I think they used my public key to do that). In order to decrypt it, I need to use my private key. Both private and public keys are in DER encoding.
I basically want to implement something like this https://www.devglan.com/online-tools/rsa-encryption-decryption
Keys that Im using (again they are dummy!)
Public: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbI1SofN/ZPsprBlPAW/c4GDKHo6Idv3J/P5LEEUpAsbVVpq6wY7Tf6lfBSTcirq48oMD34p3z5sX1jYy15OXNxNKBpoOdv8BYQdnK/LfFcZ5720yUNka0xiHUol/Zi0c0PWB6HkAAkT0sbeGLbCuX6yr6SbJBFaI2ofIKk/mGswIDAQAB
Private: MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJsjVKh839k+ymsGU8Bb9zgYMoejoh2/cn8/ksQRSkCxtVWmrrBjtN/qV8FJNyKurjygwPfinfPmxfWNjLXk5c3E0oGmg52/wFhB2cr8t8VxnnvbTJQ2RrTGIdSiX9mLRzQ9YHoeQACRPSxt4YtsK5frKvpJskEVojah8gqT+YazAgMBAAECgYA5KaeD/Z8tmSlUjhxGAJzzGldkCzMs6uHxaSdW/1fwxooeaTBs5hA7gUmcerHKIbsps8HmlKXGvP2sIN/8Fb9mo1yHaAN2g52+cvpr2QmeeUOwfuZTM/gllT4rUIB7sMC5Uxl7sW55bGhRxqdfHJskow4rPga+irjuYSy5GIZSwQJBANDtfF+VWPKrR8MHYvaGoLLkrA1cFn8g9x1eGA3mgWPNYoH5nMJfe0IBaXo69jlrnBAjK+oxnPSyh/AZzsEehasCQQC+F15dVSjH8tJSXz8RCDpMdp+P9J/eoi7+V0IgwKAaSJCZfYWXeckAAIpvwit7fkj3n83nj0PPm9Xwh22CYGsZAkAAvIWOtLEOken71v/TTKAuYT32AhgWNKCKWvWMvv4/ws6RFLcnvDxr/CNKCgEqLKXtLKKP/cLG3gY6o2ymI5xnAkA8l4JSycRYB8SW0RlvOmoq2Vz/LACRnKzSEcpYWk4uUpcU9ffRUtaJE6MNAJ2Pna9wjxW5C+eXk5rcMq7rcgRxAkAjizE3JbwUu3MX5TDmHfGCvIZ38jnfSUjFrYBLKaNJegOD4zcxRZXfO7iKDa+PtFMRe7ZtnU7WuCM0yUT2Qa0j
Encrypted message: BUy5nR/PuJNCFXeUxQd4oxkCvMo2JiLwH5VkzLz1UdM4M0VXDv4Ba1OaNHbttqETQENy1VfW2V4v9Pw5HmDIcS1sdGN69ceEHJbned46rK1EVtMVQZGP9ha54AXie5v/1TdKYWJ+AFt0FxVj4kfFXGXEzF19Q8LB2AOJCAEJK6s=
Lets go to the coding part:
I'm retrieving my private and public keys from the env file:
public := goDotEnvVariable("publicKey")
private := goDotEnvVariable("privateKey")
Now after hitting the API and getting the result, I tried to decrypt the message by using rsa.DecryptOAEP
function but it keeps giving me [] crypto/rsa: decryption error
. After debugging inside the package itself, Im getting the error right here:
k := priv.Size() // private key size
if len(ciphertext) > k || //ciphertext is the encrypted text and hash.Size()*2+2 is the hash size that Im using
k < hash.Size()*2+2 {
return nil, ErrDecryption
}
Results of the if statement: k = 128 hash.Size()*2+2=66 cipher = 172
At first I had a problem of converting the private key (string in my case, because its from the env file) to rsa private key.
Heres what I did to solve the issue:
sEnc, err := b64.StdEncoding.DecodeString(private) //using this package "encoding/base64"
Then I converted it like this:
block := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: sEnc,
}
parseResult, err := x509.ParsePKCS8PrivateKey(block.Bytes)
What am I doing wrong?
答案1
得分: 1
如果在"选择密码类型"字段中选择了RSA,则devglan网站将应用PKCS#1 v1.5作为填充方式,因此必须使用rsa.DecryptPKCS1v15()
。私钥是Base64编码的PKCS#8 DER密钥,可以使用x509.ParsePKCS8PrivateKey()
导入。
完整代码如下:
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
b64 "encoding/base64"
"fmt"
)
func main() {
// Base64解码密文
ciphertext, _ := b64.StdEncoding.DecodeString("BUy5nR/PuJNCFXeUxQd4oxkCvMo2JiLwH5VkzLz1UdM4M0VXDv4Ba1OaNHbttqETQENy1VfW2V4v9Pw5HmDIcS1sdGN69ceEHJbned46rK1EVtMVQZGP9ha54AXie5v/1TdKYWJ+AFt0FxVj4kfFXGXEzF19Q8LB2AOJCAEJK6s=")
// 导入PKCS#8密钥
pkcs8DerKey, _ := b64.StdEncoding.DecodeString("MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJsjVKh839k+ymsGU8Bb9zgYMoejoh2/cn8/ksQRSkCxtVWmrrBjtN/qV8FJNyKurjygwPfinfPmxfWNjLXk5c3E0oGmg52/wFhB2cr8t8VxnnvbTJQ2RrTGIdSiX9mLRzQ9YHoeQACRPSxt4YtsK5frKvpJskEVojah8gqT+YazAgMBAAECgYA5KaeD/Z8tmSlUjhxGAJzzGldkCzMs6uHxaSdW/1fwxooeaTBs5hA7gUmcerHKIbsps8HmlKXGvP2sIN/8Fb9mo1yHaAN2g52+cvpr2QmeeUOwfuZTM/gllT4rUIB7sMC5Uxl7sW55bGhRxqdfHJskow4rPga+irjuYSy5GIZSwQJBANDtfF+VWPKrR8MHYvaGoLLkrA1cFn8g9x1eGA3mgWPNYoH5nMJfe0IBaXo69jlrnBAjK+oxnPSyh/AZzsEehasCQQC+F15dVSjH8tJSXz8RCDpMdp+P9J/eoi7+V0IgwKAaSJCZfYWXeckAAIpvwit7fkj3n83nj0PPm9Xwh22CYGsZAkAAvIWOtLEOken71v/TTKAuYT32AhgWNKCKWvWMvv4/ws6RFLcnvDxr/CNKCgEqLKXtLKKP/cLG3gY6o2ymI5xnAkA8l4JSycRYB8SW0RlvOmoq2Vz/LACRnKzSEcpYWk4uUpcU9ffRUtaJE6MNAJ2Pna9wjxW5C+eXk5rcMq7rcgRxAkAjizE3JbwUu3MX5TDmHfGCvIZ38jnfSUjFrYBLKaNJegOD4zcxRZXfO7iKDa+PtFMRe7ZtnU7WuCM0yUT2Qa0j")
key, _ := x509.ParsePKCS8PrivateKey(pkcs8DerKey)
var privateKey *rsa.PrivateKey
privateKey, _ = key.(*rsa.PrivateKey)
// 解密(使用带有PKCS#1 v1.5填充的RSA)
rng := rand.Reader
plaintext, _ := rsa.DecryptPKCS1v15(rng, privateKey, ciphertext)
fmt.Println(string(plaintext)) // {"token":"312ade4b52e7bb4cadf59b4c7c83cb41","vector":"2b8db4fdb11f361d","id":"63876cf63ec7a641db8f1def";}
}
英文:
If RSA is selected in the Select Cipher Type field, the devglan website applies PKCS#1 v1.5 as padding, so rsa.DecryptPKCS1v15()
must be used. The private key is a Base64 encoded PKCS#8 DER key which can be imported with x509.ParsePKCS8PrivateKey()
.
All together:
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
b64 "encoding/base64"
"fmt"
)
func main() {
// Base64 decode ciphertext
ciphertext, _ := b64.StdEncoding.DecodeString("BUy5nR/PuJNCFXeUxQd4oxkCvMo2JiLwH5VkzLz1UdM4M0VXDv4Ba1OaNHbttqETQENy1VfW2V4v9Pw5HmDIcS1sdGN69ceEHJbned46rK1EVtMVQZGP9ha54AXie5v/1TdKYWJ+AFt0FxVj4kfFXGXEzF19Q8LB2AOJCAEJK6s=")
// Import PKCS#8 key
pkcs8DerKey, _ := b64.StdEncoding.DecodeString("MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJsjVKh839k+ymsGU8Bb9zgYMoejoh2/cn8/ksQRSkCxtVWmrrBjtN/qV8FJNyKurjygwPfinfPmxfWNjLXk5c3E0oGmg52/wFhB2cr8t8VxnnvbTJQ2RrTGIdSiX9mLRzQ9YHoeQACRPSxt4YtsK5frKvpJskEVojah8gqT+YazAgMBAAECgYA5KaeD/Z8tmSlUjhxGAJzzGldkCzMs6uHxaSdW/1fwxooeaTBs5hA7gUmcerHKIbsps8HmlKXGvP2sIN/8Fb9mo1yHaAN2g52+cvpr2QmeeUOwfuZTM/gllT4rUIB7sMC5Uxl7sW55bGhRxqdfHJskow4rPga+irjuYSy5GIZSwQJBANDtfF+VWPKrR8MHYvaGoLLkrA1cFn8g9x1eGA3mgWPNYoH5nMJfe0IBaXo69jlrnBAjK+oxnPSyh/AZzsEehasCQQC+F15dVSjH8tJSXz8RCDpMdp+P9J/eoi7+V0IgwKAaSJCZfYWXeckAAIpvwit7fkj3n83nj0PPm9Xwh22CYGsZAkAAvIWOtLEOken71v/TTKAuYT32AhgWNKCKWvWMvv4/ws6RFLcnvDxr/CNKCgEqLKXtLKKP/cLG3gY6o2ymI5xnAkA8l4JSycRYB8SW0RlvOmoq2Vz/LACRnKzSEcpYWk4uUpcU9ffRUtaJE6MNAJ2Pna9wjxW5C+eXk5rcMq7rcgRxAkAjizE3JbwUu3MX5TDmHfGCvIZ38jnfSUjFrYBLKaNJegOD4zcxRZXfO7iKDa+PtFMRe7ZtnU7WuCM0yUT2Qa0j")
key, _ := x509.ParsePKCS8PrivateKey(pkcs8DerKey)
var privateKey *rsa.PrivateKey
privateKey, _ = key.(*rsa.PrivateKey)
// Decrypt (using RSA with PKCS#1 v1.5 padding)
rng := rand.Reader
plaintext, _ := rsa.DecryptPKCS1v15(rng, privateKey, ciphertext)
fmt.Println(string(plaintext)) // {"token":"312ade4b52e7bb4cadf59b4c7c83cb41","vector":"2b8db4fdb11f361d","id":"63876cf63ec7a641db8f1def"}
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论