c++ - C++使用CNG从模数和指数中导入RSA公钥

我正在尝试使用CNG通过作为参数给出的公共密钥来加密某些数据。调用NCryptImportKey函数时，出现NTE_BAD_DATA错误 which isn't listed in the msdn page.

我的代码：

#include <iostream>
#include <Windows.h>
#include <Bcrypt.h>
#include <Ntstatus.h>
#include <string>
#include <vector>
#include "base64.h"

using std::string;
using std::vector;

struct MyRSAPublicBlob {
    BCRYPT_RSAKEY_BLOB blob;
    BYTE exponent[3];
    BYTE modulus[128];
    MyRSAPublicBlob(const vector<BYTE>& mod, const vector<BYTE>& exp)
    {
        blob.BitLength = (128 + 3) * 8;
        blob.Magic = BCRYPT_RSAPUBLIC_MAGIC;
        blob.cbModulus = 128;
        blob.cbPublicExp = 3;
        for (size_t i = 0; i < mod.size(); ++i) //copy BigEndian
            modulus[i] = mod[mod.size() - 1 - i];
        for (size_t i = 0; i < exp.size(); ++i) //copy BigEndian
            exponent[i] = exp[exp.size() - 1 - i];
    }
    MyRSAPublicBlob() { ; }

};

MyRSAPublicBlob b;

bool RSA_encrypt() {
    SECURITY_STATUS stat;
    NCRYPT_PROV_HANDLE hProv;
    NCRYPT_KEY_HANDLE hKey;

    stat = NCryptOpenStorageProvider(&hProv, MS_KEY_STORAGE_PROVIDER, 0);
    if (ERROR_SUCCESS != stat) {
        std::cout << "failed in NCryptOpenStorageProvider: " << GetLastError() << std::endl;
        return false;
    }
    stat = NCryptImportKey(hProv,
        NULL,
        BCRYPT_RSAPUBLIC_BLOB,
        NULL,
        &hKey,
        (PBYTE)&b.blob,
        sizeof(b),
        0);

    if (ERROR_SUCCESS != stat) {
        std::cout << "failed in NCryptImportKey: " << GetLastError() << std::endl;
        return false;
    }

我如何构造MyRSAPublicBlob的示例：

string PubKeyModulus = "yVUndgQFuB5Z5FgC0/WgWCg6Y8VuB582avGjQDdeoJDa1+RBKCyXo700sAMSGjM/bVakOlFqvCsVFNBysx1CH731CDb2DR1a0bsmYmDQ9d0ZHX+AOohVDIx9mc7bkDQZoEFpe9NqFsu95Y9yktpl1JKPmKyLOFgufGJYYvQyoOM=";
string PubKeyExp = "AQAB";

vector<BYTE> PubKeyModulus_bin = base64_decode(PubKeyModulus);
vector<BYTE> PubKeyExp_bin = base64_decode(PubKeyExp);
struct MyRSAPublicBlob c(PubKeyModulus_bin, PubKeyExp_bin);
b = c;

我直率做错了什么吗？

最佳答案

BitLength值是“密钥的大小”，对于RSA来说是“模数值的大小”。因此，对于cbModulus来说有点多余，但是c'est la vie。

如果在计算BitLength时删除+ 3，它可能会开始工作。与.NET为RSACng.ImportParameters构建blob相比：http://source.dot.net/#System.Security.Cryptography.Cng/Common/System/Security/Cryptography/RSACng.ImportExport.cs,79

关于c++ - C++使用CNG从模数和指数中导入RSA公钥，我们在Stack Overflow上找到一个类似的问题：https://stackoverflow.com/questions/44266617/