OpenSSL RSA备忘
Apache + SSL:
openssl req -config openssl.cnf -new -out my-server.csropenssl rsa -in privkey.pem -out my-server.keyopenssl x509 -in my-server.csr -out my-server.cert -req -signkey my-server.key -days 365openssl x509 -in my-server.cert -out my-server.der.crt -outform DER
//私钥生成公钥 记录到文件。
openssl rsa -in privatekey.key -pubout -out pubkey.key
RSA加解密:(如果有私钥文件,不需要公钥文件)
code:
#include <sys/param.h>
#include <sys/types.h>
#include <arpa/nameser.h>
#include <openssl/ssl.h>
#include <openssl/rand.h>
#include <openssl/bio.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#define CERT_FILE "my-server.cert"
#define PRIV_KEY_FILE "my-server.key"
#define PUB_KEY_FILE "my-server-pub.key"
void err_ssl(int eval, char *msg)
{
char buf[128];
ERR_error_string(ERR_get_error(), buf);
printf("%s", buf);
}
char *plain = "IamABC and who are you";
int plainLen = 0;
char gEnc[2048] = {0};
char gPLA[4096] = {0};
SSL_CTX *g_ctx = NULL;
RSA *g_RSA = NULL;
char gtmpBuf[2048];
int main()
{
int encLen = 0;
FILE *fp_priv;
FILE *fp_pub;
int flen;
int ret;
int ret2;
char *out;
int i;
SSL_library_init();
SSL_load_error_strings();
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
fp_priv = fopen(PRIV_KEY_FILE, "r");
if( fp_priv == NULL)
{
printf("+ failed to open priv fkey ile. \n");
return 0;
}
g_RSA = PEM_read_RSAPrivateKey(fp_priv, &g_RSA, NULL, NULL);
if( g_RSA == NULL)
{
printf("+ failed to read private key. \n");
}
#if 0
g_RSA_PUB = PEM_read_RSA_PUBKEY(fp_pub, &g_RSA_PUB, NULL, NULL);
if( g_RSA_PUB == NULL)
{
printf("+ failed to read public key. \n");
}
#endif
printf("+ n len: %d \n", BN_num_bytes(g_RSA->n));
BN_bn2bin(g_RSA->n, gtmpBuf);
printf("+ e len: %d \n", BN_num_bytes(g_RSA->e));
BN_bn2bin(g_RSA->e, gtmpBuf);
printf("+ d len: %d \n", BN_num_bytes(g_RSA->d));
BN_bn2bin(g_RSA->d, gtmpBuf);
printf("+ Private & Pub Key file Seems Load Success. \n");
flen = RSA_size(g_RSA);
plainLen = strlen(plain);
ret = RSA_public_encrypt(plainLen, plain, gEnc, g_RSA, RSA_PKCS1_PADDING);
if( ret < 0)
{
printf("+ public encry failed. \n");
err_ssl(1,"RSA_public_encrypt");
return 0;
}
out = gEnc;
for (i=0; i<ret; i++)
{
printf("%02x ", (*out)&0xff );
out++;
}
printf("-------Enc Len=%d -------\n", ret);
ret2 = RSA_private_decrypt(ret, gEnc, gPLA, g_RSA, RSA_PKCS1_PADDING);
out = gPLA;
for (i=0; i<ret2; i++)
{
printf("%c ", (*out)&0xff );
out++;
}
printf("--------Dec Len=%d -----------\n", ret2);
return 0;
}
//gcc -o test_main test_main.c -lssl -lcrypto