我需要使用 openssl 生成的密钥通过 cryptopp lib 来签署消息。
生成的密钥:
openssl genrsa -out privatKey.pem 2048
为了消除CryptoPP::BERDecodeErr将此密钥加载到 时出现的错误RSA::PrivateKey,该密钥已从 转换为PEM,DER如此处所述Load PEM 编码的私有 RSA 密钥 in Crypto++:openssl pkcs8 -in privatKey.pem -out privatKey.der -topk8 -nocrypt -outform der
从文件加载转换后的密钥的代码成功运行:
ByteQueue queue;
FileSource file("privatKey.der", true);
file.TransferTo(queue);
queue.MessageEnd();
RSA::PrivateKey rsaPrivate;
rsaPrivate.Load(queue);
现在我想将此密钥直接硬编码到程序文本中。我通过读取其内容xxd -p privatKey.der并将其复制到代码中:
std::string privKeyStr = "308204bd020100300d06092a864886f70d0101010500048204a7308204a3"
"0201000282010100ba077fcaf8908c0b9bfef58f4493c93affb6ca7b2947"
"ad2d066eca92f42be3b8695c1dbb1b30ccc08ae844d503bcd4f8261c4aa2"
"4e07b3d4c20a5c2e651588ca5b167c320b903c11dc178f802698b5ea8ab2"
"a62c853648f985ffc61490c63472a4a2f84299550f58eb3254d822fbaaa4"
"529fba6d6daa9ba32550f2691058f2b34299482adb4012028419261fd01b"
"62d3affbae524d0892776f4147d37bb10079a83c91898e6d42abb939018a"
"6c63055efe0b30ca34f21bd3e5d861dd29ba0f97d05bf4ba8b22ab50db94"
"d14a0bb7ff671ef415e1bdc52aa9fd83140c6de08ec69a66d333f6c1f53d"
"4f9b1245676ba68c20f15cf28dd81b90e7526ee2796aa461020301000102"
"8201006d244d339615a8347f775c368bf370d26e889dcf186ef7093d86ee"
"cebcf6ab09dcb6b0b2bfc727b9a745926caf5eb04c4e7fb6c1f6a9ca35ff"
"09f8ff374b251023d4d354c13804262e4c9c628142832871eb525738689a"
"f3da4c2fb88d1fdc518e8a16c16c185d82bbaab1e084d5c64dd633e43aa3"
"66bf1d3e9d793b6edde0b58e9cd8df8b084cef3656a8fc061eb5464df71a"
"c89684684571951552d342736286fea796f8c2bbd763d8451fad44eab2ac"
"81d852ab968a46cf95e4a5350577c38e856902a37b04da451d63c0542661"
"774caf68b37008cfe6beeeb843cfbc0a68688d91daadf27f507d2cfe526f"
"295ac69ce748e331290d9f77a3f9f46823cde902818100ea41fc3e0e4afb"
"ce2473fa019df29de5a1d804b04378efee0bc9a9f3e064b2aa2b310377ad"
"8bceb88d0a7e1a96a64017e04a05fa74616987de7203adcfddcbc2279474"
"8fc075b498683efb23ead8aa0be06c720f31c2006372e5d9c43d84065bd6"
"b2e75f683378ba6e07573a59dbf5a3875d27a84244402f5aaae407a7eeb7"
"f302818100cb4b9862023585e70334d7d622bf6e3232bfb89a28afef2bd4"
"d2a3888af36a57152c2974e83baa2f63bd005e2cdf90c68ad28a010fda99"
"e4a19159b4164a620e1a99158f190ae47ee2bd3abd66158f07b6469f3c71"
"b2c37aa0c9f2b7e22bc164a8ca95132eed353ccbba9ddf23e82d1ed32508"
"c8f4e6f18c78c702c342fcfb5b02818100a85772e545702d341e8e19833f"
"f631f1eb34496a41928f1909ef89ea6fbeed85cc3414c1d43d3bf8f3a22e"
"acfcc5cc195c5cd59efe33629af908060cc9ec21990cc86a5b437b52a493"
"856f0488a7dacb5e239073cad6176160183d3e00d6f79ad7d708de4f0b6e"
"1ecb230b542b6f1e3ebdeffba7b6b74548c2673c27244f3071028180568b"
"ac27ad4113ec30d5423d8b356bb83b1a9b80256a20abcc42901404f37385"
"f72181d49f39274e5d6b8cc88ad9f24c53b525c325f8ae23431519d72cd6"
"25c0535a706f26fe18205c6eaa9f0ee286ad85cfb2e28c94c9db5eb01a80"
"65ecb2bc238f7abf5beee80725c420896a43e1518a19ee0f7f13022a0710"
"d200467864990281801e82172f07d59df235c7ca403f6c7cfa6c0e85a0c6"
"27f90dcc46c114b6146aa2927ce507b1698938db42a73ec50da8531eda23"
"a4e997a2ab7bfdfce3a963b353e472e7d77bf01c60942b7266640f74189e"
"b974b69c2eefeb522f6024c839738f8620d55b79d3cd3155b51c011602ec"
"64c1af4ce4857b1cba7b21d7d59a7e5ab9";
我正在尝试通过以下方式从字符串加载此硬编码密钥CryptoPP::StringSource:
ByteQueue queue;
StringSource str(privKeyStr, true);
str.TransferTo(queue);
queue.MessageEnd();
RSA::PrivateKey rsaPrivate;
rsaPrivate.Load(queue);
但我得到了例外CryptoPP::BERDecodeErr
如何正确做呢?
privKeyStr是 PKCS#8 格式的十六进制编码的私有 ASN.1/DER 编码密钥。对于十六进制解码,CryptoPP 提供了该类HexDecoder。可以使用以下代码导入十六进制编码的密钥:对于那些有兴趣导入 PEM 编码密钥的人:CryptoPP 不直接支持 PEM 编码密钥,但有一个库附加组件 ( PEM Pack )。
或者,文档包含手动导入 PEM 编码密钥的示例。上面的代码片段是基于这个例子的。
该示例还描述了PKCS#1 密钥的直接导入(因此不需要通过 PKCS#8 转换绕道),为此
rsaPrivate.BERDecodePrivateKey()必须使用 only 而不是rsaPrivate.Load().