M2Crypto 的 public_decrypt(block, padarg) 是否执行解密或验证?

发布于 2024-12-18 15:27:26 字数 500 浏览 4 评论 0原文

我得到了一些 Python 代码,似乎使用公钥来解密数据。数据可能是使用相应的私钥加密的。 (我不确定,因为用私钥加密通常称为签名)。

如果我们有合适的公钥文件,下面给出的 Python 代码就可以正常工作:

def decryptUsingPubKey(b64encData):

    dcdData = base64.b64decode(b64encData)
    block = dcdData[0:512]
    rsaObj = M2Crypto.RSA.load_pub_key(keyFile)
    padarg = M2Crypto.RSA.pkcs1_padding
    decData = rsaObj.public_decrypt(block, padarg)

public_decrypt(block, padarg) 方法实际上是做什么的?它会解密一些加密的数据,还是只是验证它?

它在 C# 中的替代方案是什么?

I got some Python code that seems to use a public key for decrypting data. The data is probably encrypted using the corresponding private key. (I am not sure about it, because encryption with private key is normally called signing).

The Python code given below works fine if we have an appropriate public key file:

def decryptUsingPubKey(b64encData):

    dcdData = base64.b64decode(b64encData)
    block = dcdData[0:512]
    rsaObj = M2Crypto.RSA.load_pub_key(keyFile)
    padarg = M2Crypto.RSA.pkcs1_padding
    decData = rsaObj.public_decrypt(block, padarg)

What does the method public_decrypt(block, padarg) actually do? Does it decrypt some encrypted data, or does it just verify it?

And what is its alternate in C#?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

黯淡〆 2024-12-25 15:27:26

在不了解 M2Crypto 库(但了解一点密码学)的情况下,看起来 public_decrypt 函数只是 OpenSSL 的 RSA_public_decrypt 函数,一个低级 RSA 操作

这本身很少有用,但它在签名验证操作中内部使用。

由于解密密钥是公开的,因此无法将其用于保密性,并且要从中创建真正的签名方案(对于真正的短消息),您还需要一些好的填充方案。对于较长的消息,您需要将其与哈希函数结合起来。

我不建议使用它(以及相应的 RSA_private_encrypt 函数),并且我不认为 M2Crypto 库公开它的原因。

Without knowing the M2Crypto library (but knowing a bit of cryptography), it looks like the public_decrypt function is just a wrapper around OpenSSL's RSA_public_decrypt function, a low-level RSA operation.

This is seldom useful per se, but it internally used in the signature verification operation.

As the decryption key is public, there is no way to use it for confidentiality, and to make a real signature scheme (for really short messages) out of it, you need some good padding scheme, too. For longer messages, you need to combine it with a hash function.

I would not recommend using it (and the corresponding RSA_private_encrypt function), and I don't see a reason for the M2Crypto library to expose it.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文