C语言---基于Openssl 的 RSA2048 验签算法-PSS填充模式

## 最近在做Openssl相关工作，对于openssl进行了一些研究，分享下目前主流的算法RSA2048中的PSS填充模式的验签（SHA256）
##参考引用：https://blog.csdn.net/m0_61283489/article/details/124705120
##		    https://www.openssl.org/docs/man1.1.1/man3/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdint.h>

#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/bn.h>
#include <openssl/bio.h>
#include <openssl/evp.h>

//RSA 2048-PSS 验签
int rsa_test()
{
	uint8_t buf[256]={0x3b,0xcd,0xa5,0x1c,0x36,0xe4,0x37,0xf5,0x56,0x59,0x0f,0xb8,0xcc,0x3b,0x09,0x31,0x61,0xdb,0xcf,0x83,0x96,0xfd,0x22,0xd0,0x4f,0x14,0xbb,0x82,0xc0,0x87,0xfa,0x46,0x61,0x3b,0x47,0x94,0xeb,0xaa,0x7b,0x91,0xdc,0x08,0x18,0x54,0xe2,0x66,0x25,0x2d,0x73,0xe8,0x14,0xb8,0xc9,0xca,0x5a,0x47,0xfc,0xbb,0xc4,0xfb,0xad,0x16,0x9b,0xb3,0x2f,0x15,0x66,0xae,0x38,0xd7,0xe7,0x91,0x2d,0x89,0x75,0x33,0xba,0x13,0x8c,0xb4,0x96,0x6e,0xe8,0x4b,0xa9,0x1c,0xfe,0x28,0xb2,0x59,0xec,0x3e,0x5b,0x60,0xc8,0x44,0x74,0xef,0x85,0xd5,0xfe,0xdb,0xb5,0x96,0xe6,0x62,0x1f,0x92,0x3d,0x75,0x49,0xc7,0xa7,0x93,0xb4,0x70,0xd1,0x13,0x47,0x7a,0xdf,0x03,0x1b,0x62,0x69,0x5d,0xcb,0x51,0x7e,0x8b,0x7c,0x2a,0xfc,0x2e,0xc6,0xaf,0x13,0x42,0xc6,0x1b,0x51,0x86,0x3b,0x17,0x26,0x3c,0x23,0x6c,0xd2,0x5b,0xc7,0x69,0xf8,0x43,0xfa,0x40,0x36,0x10,0x2e,0x13,0xdc,0x8a,0x74,0x26,0x4a,0xef,0x9e,0x46,0xbd,0x06,0x30,0x56,0x7e,0xa0,0x0c,0xd7,0x4e,0xff,0x7e,0xdd,0xf7,0x49,0x66,0x13,0x4a,0x3f,0x71,0xab,0x27,0x00,0xda,0x49,0x5b,0x3f,0x81,0xaa,0xda,0x67,0x9f,0x35,0x3e,0x24,0x1d,0x81,0x50,0x12,0x99,0x58,0xef,0xcf,0x80,0x03,0x5c,0xf9,0x16,0x94,0x93,0x0d,0xa9,0x3f,0xbd,0x1a,0x5d,0xad,0x9b,0x76,0xf0,0x29,0x0d,0x19,0xd7,0x7b,0x55,0xca,0xe5,0x16,0xb3,0x6c,0x57,0xa6,0x33,0x0d,0xa8,0x3d,0x1c,0xe0,0x8d,0x38,0xa0,0x4f,0xff,0x00,0x9e,0xd6,0x69,0xd6};
	const char pubKey[262]={0x01,0x00,0xaa,0xba,0xca,0xda,0xea,0xfa,0x01,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x20,0x23,0x23,0x2,0xcb,0x2c,0x7d,0x3e,0xb0,0xb6,0xbf,0xd3,0x11,0x06,0x92,0xc7,0xf9,0x34,0x6a,0xd7,0x93,0x41,0xd9,0x1d,0xdc,0x13,0xab,0x61,0x00,0xf0,0xda,0xd0,0x3f,0x64,0xc7,0x84,0x72,0x23,0x09,0x88,0x8a,0x44,0xb4,0x18,0xb8,0xb9,0xd7,0x21,0xcc,0x28,0xe2,0x92,0xbf,0x2f,0x10,0x61,0x4e,0xc9,0x20,0xec,0x38,0xfc,0x1c,0x89,0xc1,0x3a,0x9d,0xd2,0x22,0x74,0xe3,0xe0,0xa7,0x05,0x5f,0x2e,0xe0,0x84,0x02,0x56,0xe8,0x06,0xf2,0xa7,0xee,0xb2,0xba,0x2e,0xbf,0x86,0x97,0xca,0x9f,0x84,0x8e,0xcb,0xc1,0x44,0x90,0x8c,0x8e,0xbe,0xb6,0x0d,0xcd,0xc9,0x1c,0xc0,0xc5,0xf1,0x5c,0x69,0xc6,0xa2,0x28,0xd5,0xa8,0xdf,0x73,0x3b,0x2a,0xe5,0x74,0x15,0xd4,0xf6,0x01,0x76,0x2d,0x23,0x82,0xd1,0x0f,0x3f,0x1c,0x81,0x76,0xb6,0x41,0x38,0xc9,0x4e,0xb7,0xd0,0xce,0x1a,0x3b,0x90,0xf9,0x49,0xfd,0x81,0xef,0x76,0x84,0xad,0x05,0xa3,0x97,0x6b,0x02,0xb3,0xcc,0x2d,0x3a,0x8b,0x0f,0x92,0xf9,0x5b,0x57,0x3e,0x40,0x29,0x46,0xa5,0xef,0x6c,0x55,0x7c,0xf7,0x53,0x1f,0xf2,0x59,0xaa,0x08,0x20,0xc2,0x83,0xf5,0xc6,0x2e,0xb1,0x59,0xe4,0xda,0xeb,0x10,0xa0,0xf1,0xe1,0x63,0x26,0x7c,0x88,0x30,0xf1,0x15,0xdb,0xc7,0x29,0x35,0xa8,0x73,0xf4,0x30,0xf8,0xf4,0xb9,0xdb,0xc4,0xa1,0x26,0x2d,0x0f,0x30,0x77,0x87,0xa9,0xa2,0xf0,0x07,0xb7,0x71,0xaf,0x6e,0x0c,0xa1,0xa5,0x00,0x01,0x00,0x01};
    uint8_t npubkey[256];
    uint8_t epubkey[4];
    unsigned char msg[] = "\x36\x32\x32\x31\x33\x32\x35\x31\x39\x30\x31\x31\x34\x32\x35\x38\x39\x30\x31\x32\x31\x34";
    unsigned int msglen = sizeof(msg) - 1;
    unsigned char sig[256];
    unsigned int  signLen = 256;
    int rv = 0;
    int ret=0; 

    
    BIGNUM *check = NULL;;
	BIGNUM* n;
    BIGNUM* e;
 
    EVP_MD_CTX *mdctx = NULL;
 	EVP_PKEY *pkey = NULL;
 	RSA *rsa= RSA_new();
	if(rsa == NULL){
		return -1;
	}

	pkey = EVP_PKEY_new();
	if(pkey == NULL)
    {
        printf("EVP_PKEY_new is failed.\n");
        rv = -2;
        goto end;
    }
	memmove(npubkey, pubKey+2, 256);
	//一般为65537
	memmove(epubkey, pubKey+258, 4);

	n = BN_new();
	e = BN_new();
	n=BN_bin2bn(npubkey,256,NULL);
	e=BN_bin2bn(epubkey,4,NULL);
	if (n == NULL || e == NULL) {
		return -1;
    }
	if(RSA_set0_key(rsa, n, e, NULL)==0){
		return -1;
	}

	if (EVP_PKEY_set1_RSA(pkey, rsa) != 1) 
    {   
        printf("EVP_PKEY_set1_RSA is failed.\n");
        rv = -3; 
        goto end;
    }  
    //  消息完整验签计算 
    mdctx = EVP_MD_CTX_create();
    if (mdctx == NULL)
    {
        printf("EVP_MD_CTX_create is failed.\n");
        rv = -4;
        goto end;
    }
    EVP_PKEY_CTX *ectx;
 
    if (EVP_DigestVerifyInit(mdctx, &ectx, EVP_sha256(), NULL,pkey)<=0)
    {
        printf("EVP_DigestVerifyInit is failed.\n");
        rv = -4;
        goto end;
    }
    // 设置签名填充方式为pss填充 
    if (!EVP_PKEY_CTX_set_rsa_padding(ectx, RSA_PKCS1_PSS_PADDING))
    {
        printf("EVP_PKEY_CTX_set_rsa_padding is failed.\n");
        rv = -4;
        goto end;
    }
    if (!EVP_PKEY_CTX_set_rsa_mgf1_md(ectx, EVP_sha256()))
    {
        printf("EVP_PKEY_CTX_set_rsa_padding is failed.\n");
        rv = -4;
        goto end;
    }
    if (EVP_DigestVerifyUpdate(mdctx, msg, msglen)<=0)
    {
        printf("EVP_DigestVerifyUpdate is failed.\n");
        rv = -4;
        goto end;
    }

	ret= EVP_DigestVerifyFinal(mdctx, buf, 256);
	if(ret != 1)
    {
        printf("EVP_DigestVerifyFinal is failed. ret=[%d]\n",ret);
		ERR_print_errors_fp(stderr);
        rv = -4;
        goto end;
    }else{
        BN_free(n);
        BN_free(e);
        RSA_free(rsa);
        EVP_PKEY_free(pkey);
	 }
end:
    if(e != NULL){
        BN_free(e);
	 }
	 if(n != NULL){
        BN_free(n);
	 }
    if (rsa != NULL){
        RSA_free(rsa);
    }
    if (pkey != NULL){
        EVP_PKEY_free(pkey);
	 }
	 if(ectx != NULL){
			EVP_PKEY_CTX_free(ectx);
	 }
   	 return rv;
}

int main(int argc,char *argv[])
{

	int ret;
    ret = rsa_test();
    if (ret < 0)
    {
        printf("rsa_sign_test is failed.\n");
    }
    else
    {
        printf("rsa_sign_test successed.\n");
    }
	return 0;
}