openssl aes加解密的使用
1、先写一个用于生产二进制文件的工具使用说明:新建main.c,将代码拷贝到main.c中,在linux环境下执行gcc main.c -o x,输出可执行文件x#include <stdio.h>int write_the_same_datas(char *name,unsigned int len,char value){FILE *fp;int i;fp......
快速链接:
.
👉👉👉 个人博客笔记导读目录(全部) 👈👈👈
1、先写一个用于生产二进制文件的工具
使用说明:新建main.c,将代码拷贝到main.c中,在linux环境下执行gcc main.c -o x,输出可执行文件x
#include <stdio.h>
int write_the_same_datas(char *name,unsigned int len,char value)
{
FILE *fp;
int i;
fp = fopen(name,"w");
if(NULL == fp)
{
printf("fopen %s failed\n",(name));
return -1;
}
for(i=0;i<len;i++)
fputc(value,fp);
fclose(fp);
}
int write_the_increase_datas(char *name,unsigned int len,char start,char end)
{
FILE *fp;
int i,x;
fp = fopen(name,"w");
if(NULL == fp)
{
printf("fopen %s failed\n",(name));
return -1;
}
if(start > end)
{
printf("start is smaller end!! error!!\n");
}
x=start;
for(i=0;i<len;i++)
{
fputc(x,fp);
if(x == end)
x = start;
else
x++;
}
fclose(fp);
}
int write_the_decrease_datas(char *name,unsigned int len,char start,char end)
{
FILE *fp;
int i,x;
fp = fopen(name,"w");
if(NULL == fp)
{
printf("fopen %s failed\n",(name));
return -1;
}
if(start < end)
{
printf("start is bigger end!! error!!\n");
}
x=start;
for(i=0;i<len;i++)
{
fputc(x,fp);
if(x == end)
x = start;
else
x--;
}
fclose(fp);
}
int main(int argc, char *argv[])
{
unsigned int len;
char *cmd,*filename;
unsigned int value,start,end;
filename = argv[1];
cmd = argv[2]; // increase decrease same
sscanf(argv[3],"0x%x",&len);
if (memcmp(cmd,"increase",8) == 0) {
sscanf(argv[4],"0x%x",&start);
sscanf(argv[5],"0x%x",&end);
write_the_increase_datas(filename,len,(unsigned char)(start & 0xff),(unsigned char)(end & 0xff));
return 0;
}
else if (memcmp(cmd,"decrease",8) == 0) {
sscanf(argv[4],"0x%x",&start);
sscanf(argv[5],"0x%x",&end);
write_the_decrease_datas(filename,len,(unsigned char)(start & 0xff),(unsigned char)(end & 0xff));
return 0;
}
else if (memcmp(cmd,"same",4) == 0) {
sscanf(argv[4],"0x%x",&value);
write_the_same_datas(filename,len,(unsigned char)(value & 0xff));
}
}
2、生产加解密使用的源文件
(1) 生成输入文件
(如生成一个长度为16bytes的文件,文件内容全是0x3)
./x “in-16.data” same 0x10 0x3
(2) 生成输入key文件
(如生成一个长度为16bytes的文件,文件内容全是0x0-0xf递增)
./x “key-16.data” increase 0x10 0x0 0xf
3、使用openssl命令,执行加密操作
(如ECB加密,key-256)
openssl enc -aes-256-ecb -in in-16.data -K 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -out enc.log && md5sum enc.log
enc.log中的内容,就是ECB加密后的内容了,注意该输出文件enc.log在尾端会多产生16bytes,可以使用如下命令去尾端:
name=“enc.log”;a=ls $name -l | awk '{print $5}'
;b=
[
[
[a-16];head -c $b $name>out.log
这样out.log中的数据,就是加密后的数据了
hash计算:
openssl sha -sha256 filename
SHA256(filename)= e3fdd945d31029a1d0937cd8f0d23407
$ openssl sha -h
unknown option ‘-h’
options are
-c to output the digest with separating colons
-r to output the digest in coreutils format
-d to output debug info
-hex output as hex dump
-binary output in binary form
-hmac arg set the HMAC key to arg
-non-fips-allow allow use of non FIPS digest
-sign file sign digest using private key in file
-verify file verify a signature using public key in file
-prverify file verify a signature using private key in file
-keyform arg key file format (PEM or ENGINE)
-out filename output to filename rather than stdout
-signature file signature to verify
-sigopt nm:v signature parameter
-hmac key create hashed MAC with key
-mac algorithm create MAC (not neccessarily HMAC)
-macopt nm:v MAC algorithm parameters or key
-engine e use engine e, possibly a hardware device.
-md4 to use the md4 message digest algorithm
-md5 to use the md5 message digest algorithm
-ripemd160 to use the ripemd160 message digest algorithm
-sha to use the sha message digest algorithm
-sha1 to use the sha1 message digest algorithm
-sha224 to use the sha224 message digest algorithm
-sha256 to use the sha256 message digest algorithm
-sha384 to use the sha384 message digest algorithm
-sha512 to use the sha512 message digest algorithm
-whirlpool to use the whirlpool message digest algorithm
2、使用RSA密钥进行签名验证操作
https://www.linuxidc.com/Linux/2016-04/130492.htm
/摘要算法选取sha256,密钥RSA密钥,对file.txt进行签名/
linuxidc@linuxidc:~/test$ openssl dgst -sign RSA.pem -sha256 -out sign.txt file.txt
/使用RSA密钥验证签名(prverify参数),验证成功/
linuxidc@linuxidc:~/test$ openssl dgst -prverify RSA.pem -sha256 -signature sign.txt file.txt
Verified OKt
/从密钥中提取公钥/
linuxidc@linuxidc:~/test$ openssl rsa -in RSA.pem -out pub.pem -pubout
writing RSA key
/使用RSA公钥验证签名(verify参数),验证成功/
linuxidc@linuxidc:~/test$ openssl dgst -verify pub.pem -sha256 -signature sign.txt file.txt
Verified OK
更多推荐
所有评论(0)