OpenSSL 3.0 RSA

openssl

传输层安全性/安全套接层及其加密库

项目地址：https://gitcode.com/gh_mirrors/ope/openssl

免费下载资源

钞sir

3667人浏览 · 2022-06-18 10:27:35

钞sir · 2022-06-18 10:27:35 发布

生成公私钥

void generateKeys(){
    EVP_PKEY* pkey = EVP_RSA_gen(1024);
    if(pkey == NULL){
        fprintf(stderr,"error: rsa gen\n");
        ERR_print_errors_fp(stderr);
        return;
    }
    FILE* fp = fopen("public.pem","wt");
    if(fp! = NULL){
        PEM_write_PUBKEY(fp,pkey);
        fclose(fp);
    }else{
        perror("file error");
    }
    fp = fopen("private.pem","wt");
    if(fp != NULL){
        PEM_write_PrivateKey(fp,pkey,NULL,NULL,0,NULL,NULL);
        fclose(fp);
    }else{
        perror("file error");
    }
    EVP_PKEY_free(pkey);
}

公钥加密

uchar *encrypt_public(uchar *src, uint len, int *length)
{
    FILE *fp;
    fopen_s(&fp, "public.pem", "r");
    if (fp == NULL)
    {
        perror("file error");
        return NULL;
    }
    EVP_PKEY *pkey;
    pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL);
    fclose(fp);
    if (pkey == NULL)
    {
        fprintf(stderr, "error: read publics key\n");
        return NULL;
    }
    EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL);
    EVP_PKEY_encrypt_init(ctx);
    uchar *dst = (uchar *)malloc(2048);
    size_t outl = 2048;
    if (!EVP_PKEY_encrypt(ctx, dst, &outl, src, (size_t)len))
    {
        fprintf(stderr, "error: encrypt\n");
        EVP_PKEY_free(pkey);
        free(dst);
        return NULL;
    }
    int len2 = outl;
    EVP_PKEY_free(pkey);
    EVP_PKEY_CTX_free(ctx);
    BIO_dump_fp(stdout, dst, len2);
    printf("len: %d, len2: %d\n", len, len2);
    if (length != NULL)
    {
        *length = len2;
    }
    return dst;
}

私钥解密

uchar *decrypt_private(uchar *src, int len)
{
    FILE *fp;
    fopen_s(&fp, "private.pem", "r");
    if (fp == NULL)
    {
        perror("file error");
        return NULL;
    }
    EVP_PKEY *pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
    fclose(fp);
    if (pkey == NULL)
    {
        fprintf(stderr, "error: read private key\n");
        return NULL;
    }
    EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL);
    EVP_PKEY_decrypt_init(ctx);
    uchar *dst = (uchar *)malloc(2048);
    size_t outl;
    size_t inl = len;
    if (!EVP_PKEY_decrypt(ctx, dst, &outl, src, inl))
    {
        fprintf(stderr, "error: decrypt\n");
        free(dst);
        dst = NULL;
    }
    else
    {
        BIO_dump_fp(stdout, dst, (int)outl);
        printf("len: %d, outl: %lld\n", len, outl);
    }
    EVP_PKEY_free(pkey);
    EVP_PKEY_CTX_free(ctx);
    return dst;
}

cmake 静态链接openssl

openssl

传输层安全性/安全套接层及其加密库

项目地址：https://gitcode.com/gh_mirrors/ope/openssl

...
...
...
IF(CMAKE_CL_64)
    include_directories("C:\\Program Files\\OpenSSL-Win64\\include")
    link_directories("C:\\Program Files\\OpenSSL-Win64\\lib")
ELSE(CMAKE_CL_64)
    include_directories("C:\\Program Files (x86)\\OpenSSL-Win32\\include")
    link_directories("C:\\Program Files (x86)\\OpenSSL-Win32\\lib")
ENDIF(CMAKE_CL_64)
# STATIC编译 取消openssl依赖
set(OPENSSL_USE_STATIC_LIBS TRUE)   
find_package(OpenSSL REQUIRED)
add_library(RSA SHARED library.c)
target_link_libraries(RSA OpenSSL::Crypto)

OPENSSL_Uplink(100F2010,05): no OPENSSL_Applink

在非动态链接库当中可以通过添加头问题的方式添加文件applink.c:

#include <openssl/applink.c>

如果是在动态链接库当中的话, 主要检查IO方式的影响(读取文件和输出等地方), 比如可以将读取公钥私钥的方式换成BIO的形式:

BIO* in=NULL;
in = BIO_new(BIO_s_file());
BIO_read_filename(in,"private.pem");
if (in == NULL){
    perror("private.pem");
    return NULL;
}
EVP_PKEY *pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);
BIO_free(in);
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL);
EVP_PKEY_decrypt_init(ctx);
uchar *dst = (uchar *) malloc(2048);
size_t outl;
size_t inl = len;
if (!EVP_PKEY_decrypt(ctx, dst, &outl, src, inl)) {
    fprintf(stderr, "error: decrypt\n");
    free(dst);
    dst = NULL;
} else {
    printf("len: %d, outl: %lld\n", len, outl);
}
EVP_PKEY_free(pkey);
EVP_PKEY_CTX_free(ctx);
return dst;

阅读全文

AI总结

GitHub 加速计划 / ope / openssl

下载

传输层安全性/安全套接层及其加密库

最近提交(Master分支：6 个月前 )

b83b67fe This change adds an example to allow compilation without warnings using compiler options like `-Wincompatible-pointer-types-discards-qualifiers` Code for the example was inspired by libarchive's https://github.com/libarchive/libarchive/pull/1869/commits/9e3a7e4b6c77e8aa19a69430f48917dbc15b319d Fixes #20956 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/27157) 5 小时前

0efc439a In addition to an invalid certificate, it is not unlikely that this exact error (case X509_V_ERR_CERT_NOT_YET_VALID) is caused by an incorrect system clock. This cannot be trivially fixed, so for now, we simply improve the quality of the error message. Fixes #14771 CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/27141) 5 小时前