x509 openssl in C
问题描述:
经过一番努力,我成功设法将OpenSSL库动态链接到我的C++代码:)。 现在我需要执行相同的任务,我可以在VB .NET做,是这样的:x509 openssl in C
'使用X509证书 昏暗rsaCSP作为的RSACryptoServiceProvider =新的RSACryptoServiceProvider
Dim cert As New X509Certificate2(My.Resources.SanitelCF)
rsaCSP = cert.PublicKey.Key
Dim byt As Byte() = System.Text.Encoding.ASCII.GetBytes(inStringa.Trim)
Dim bytout As Byte() = rsaCSP.Encrypt(byt, False)
Return Convert.ToBase64String(bytout)
加密的字符串...实际上只是想知道我应该使用/调用哪些函数。我没有太多的安全感,过去只是做了一些AES:现在我们有意大利政府的这个要求,我想把它加到我的图书馆。
我一直在寻找这个在一定程度上,但只发现了其他的东西,如DES或与OpenSSL的Blowfish。
谢谢!
答
我能够得到它的工作!
这是执行使用OpenSSL C库从一个Windows DLL(unamanaged)动态链接请求的操作我的 “粗” 代码:
这就是我想要的东西:
openssl.exe rsautl - 加密-in input.txt的退房手续output.txt的-inkey SanitelCF.cer -certin -pkcs
openssl.exe的base64 -base64 -e -in output.txt的退房手续output.b64
// openssl.exe rsautl -encrypt -in input.txt -out output.txt -inkey SanitelCF.cer -certin -pkcs
// openssl.exe base64 -base64 -e -in output.txt -out output.b64
//http://www.linuxjournal.com/article/4822
//http://stackoverflow.com/questions/19194650/sign-a-file-with-openssl-in-php-and-verify-in-c
//http://openssl.6102.n7.nabble.com/use-openssl-function-in-own-application-td47685.html
//https://shanetully.com/2012/06/openssl-rsa-aes-and-c/
//http://www.opensource.apple.com/source/OpenSSL/OpenSSL-7.1/openssl/apps/rsautl.c?txt
#define RSA_SIGN 1
#define RSA_VERIFY 2
#define RSA_ENCRYPT 3
#define RSA_DECRYPT 4
#define KEY_PRIVKEY 1
#define KEY_PUBKEY 2
#define KEY_CERT 3
#define FORMAT_UNDEF 0
#define FORMAT_ASN1 1
#define FORMAT_TEXT 2
#define FORMAT_PEM 3
#define FORMAT_NETSCAPE 4
#define FORMAT_PKCS12 5
#define FORMAT_SMIME 6
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
X509 *load_cert(BIO *err, char *file, int format);
// BIO *in = NULL, *out = NULL;
// char *infile = "rsain.txt", *outfile = "rsaout.txt";
// char *keyfile = "sanitelCF.cer";
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM;
char need_priv = 0, badarg = 0, rev = 0;
// char hexdump = 0, asn1parse = 0;
X509 *x;
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL;
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
int rsa_inlen, rsa_outlen = 0;
int keysize;
BIO *bio_err=NULL;
HINSTANCE hi=LoadLibrary("libeay32.dll");
typedef void (FAR *CRYPTO_free_PROC)(void *);
typedef void (FAR *BIO_free_all_PROC)(BIO *);
typedef int (FAR *BIO_free_PROC)(BIO *);
typedef void (FAR *RSA_free_PROC)(RSA *);
typedef int (FAR *RSA_public_encrypt_PROC)(int,const BYTE *,BYTE *,RSA *,int);
typedef int (FAR *BIO_read_PROC)(BIO *,void *,int);
typedef void * (FAR *CRYPTO_malloc_PROC)(int,const char *,int);
typedef int (FAR *RSA_size_PROC)(const RSA *);
typedef BIO * (FAR *BIO_new_file_PROC)(const char *,const char *);
typedef void (FAR *EVP_PKEY_free_PROC)(EVP_PKEY *);
typedef struct rsa_st * (FAR *EVP_PKEY_get1_RSA_PROC)(EVP_PKEY *);
typedef int (FAR *BIO_printf_PROC)(BIO *bio, const char *format, ...);
typedef EVP_PKEY * (FAR *X509_get_pubkey_PROC)(X509 *);
typedef long (FAR *BIO_ctrl_PROC)(BIO *,int,long,void *);
typedef BIO * (FAR *BIO_new_PROC)(BIO_METHOD *);
typedef BIO_METHOD * (FAR *BIO_s_file_PROC)(void);
typedef void (FAR *X509_free_PROC)(X509 *);
typedef BIO * (FAR *BIO_new_fp_PROC)(FILE *,int);
RSA_public_encrypt_PROC myRSA_public_encrypt;
CRYPTO_free_PROC myCRYPTO_free;
BIO_free_all_PROC myBIO_free_all;
BIO_free_PROC myBIO_free;
RSA_free_PROC myRSA_free;
BIO_read_PROC myBIO_read;
CRYPTO_malloc_PROC myCRYPTO_malloc;
RSA_size_PROC myRSA_size;
BIO_new_file_PROC myBIO_new_file;
EVP_PKEY_free_PROC myEVP_PKEY_free;
EVP_PKEY_get1_RSA_PROC myEVP_PKEY_get1_RSA;
BIO_printf_PROC myBIO_printf;
X509_get_pubkey_PROC myX509_get_pubkey;
BIO_ctrl_PROC myBIO_ctrl;
BIO_new_PROC myBIO_new;
BIO_s_file_PROC myBIO_s_file;
X509_free_PROC myX509_free;
BIO_new_fp_PROC myBIO_new_fp;
if(myRSA_public_encrypt=(RSA_public_encrypt_PROC)GetProcAddress(hi,"RSA_public_encrypt")) {
myCRYPTO_free=(CRYPTO_free_PROC)GetProcAddress(hi,"CRYPTO_free");
myBIO_free_all=(BIO_free_all_PROC)GetProcAddress(hi,"BIO_free_all");
myBIO_free=(BIO_free_PROC)GetProcAddress(hi,"BIO_free");
myRSA_free=(RSA_free_PROC)GetProcAddress(hi,"RSA_free");
myBIO_read=(BIO_read_PROC)GetProcAddress(hi,"BIO_read");
myCRYPTO_malloc=(CRYPTO_malloc_PROC)GetProcAddress(hi,"CRYPTO_malloc");
myRSA_size=(RSA_size_PROC)GetProcAddress(hi,"RSA_size");
myBIO_new_file=(BIO_new_file_PROC)GetProcAddress(hi,"BIO_new_file");
myEVP_PKEY_free=(EVP_PKEY_free_PROC)GetProcAddress(hi,"EVP_PKEY_free");
myEVP_PKEY_get1_RSA=(EVP_PKEY_get1_RSA_PROC)GetProcAddress(hi,"EVP_PKEY_get1_RSA");
myBIO_printf=(BIO_printf_PROC)GetProcAddress(hi,"BIO_printf");
myX509_get_pubkey=(X509_get_pubkey_PROC)GetProcAddress(hi,"X509_get_pubkey");
myBIO_ctrl=(BIO_ctrl_PROC)GetProcAddress(hi,"BIO_ctrl");
myBIO_new=(BIO_new_PROC)GetProcAddress(hi,"BIO_new");
myBIO_s_file=(BIO_s_file_PROC)GetProcAddress(hi,"BIO_s_file");
myX509_free=(X509_free_PROC)GetProcAddress(hi,"X509_free");
myBIO_new_fp=(BIO_new_fp_PROC)GetProcAddress(hi,"BIO_new_fp");
ASSERT(0);
// FILE *z=fopen("picio.txt","w+");
// bio_err = myBIO_new_fp(stderr, BIO_NOCLOSE); // dà sempre un'eccezione strana in openssl... evito!
pad = RSA_PKCS1_PADDING; // fisso DOVREBBE essere giusto per noi!
app_RAND_load_file(NULL,bio_err,0);
x = load_cert(bio_err,myBuf2,keyform);
if(x) {
if(d) {
X509_NAME *xs;
typedef X509_NAME * (FAR *X509_get_issuer_name_PROC)(X509 *);
X509_get_issuer_name_PROC myX509_get_issuer_name;
myX509_get_issuer_name=(X509_get_issuer_name_PROC)GetProcAddress(hi,"X509_get_issuer_name");
xs=myX509_get_issuer_name(x);
MessageBox(NULL,"Certificate Dump (TODO)","Information",MB_OK);
// MessageBox(NULL,xs->bytes,"Information",MB_OK); non compila, frocio
}
pkey = myX509_get_pubkey(x);
myX509_free(x);
}
if(!pkey) {
MessageBox(NULL,"GetRSA: Error loading key or CERT","Error",MB_OK);
// myBIO_printf(bio_err, "Error loading key\n");
// return 1;
goto end;
}
rsa = myEVP_PKEY_get1_RSA(pkey);
myEVP_PKEY_free(pkey);
if(!rsa) {
MessageBox(NULL,"GetRSA: Error getting RSA key","Error",MB_OK);
// myBIO_printf(bio_err, "Error getting RSA key\n");
// ERR_print_errors(bio_err);
goto end;
}
// if(!(in = myBIO_new_file(infile, "rb"))) { // PER PROVA! poi, stringhe
// myBIO_printf(bio_err, "Error Reading Input File\n");
// ERR_print_errors(bio_err);
// goto end;
// }
// if(!(out = myBIO_new_file(outfile, "wb"))) {
// myBIO_printf(bio_err, "Error Reading Output File\n");
// ERR_print_errors(bio_err);
// goto end;
// }
keysize = myRSA_size(rsa);
rsa_in = (BYTE *)myCRYPTO_malloc(keysize*2,__FILE__,__LINE__); // mappa da OPENSSL_malloc; v. crypto.h
rsa_out = (BYTE *)myCRYPTO_malloc(keysize,__FILE__,__LINE__);
/* Read the input data */
rsa_inlen=min(_tcslen(myBuf),keysize*2);
memcpy(rsa_in,myBuf,rsa_inlen);
// rsa_inlen = myBIO_read(in, rsa_in, keysize*2);
// if(rsa_inlen <= 0) {
// myBIO_printf(bio_err, "Error reading input Data\n");
// exit(1);
// }
if(rev) { // non dovrebbe interessarci a noi
int i;
unsigned char ctmp;
for(i=0; i<rsa_inlen/2; i++) {
ctmp = rsa_in[i];
rsa_in[i] = rsa_in[rsa_inlen-1-i];
rsa_in[rsa_inlen-1-i] = ctmp;
}
}
rsa_outlen = myRSA_public_encrypt(rsa_inlen,rsa_in,rsa_out,rsa,pad);
if(rsa_outlen <= 0) {
// BIO_printf(bio_err, "RSA operation error\n");
// ERR_print_errors(bio_err);
// goto end;
}
// int ret = 0;
// myBIO_dump(out,(char *)rsa_out,rsa_outlen);
// myBIO_write(out,rsa_out,rsa_outlen);
Base64encode(szBuf,(const char *)rsa_out,rsa_outlen);
// memcpy(szBuf,rsa_out,rsa_outlen);
// szBuf[rsa_outlen]=0;
end:
myRSA_free(rsa);
// myBIO_free(in);
// myBIO_free_all(out);
if(rsa_in)
myCRYPTO_free(rsa_in); //OPENSSL_free(rsa_in); questa caga il cazzo con "3 parametri"... boh
if(rsa_out)
myCRYPTO_free(rsa_out); //mappa su CRYPTO_free(rsa_out);
FreeLibrary(hi);
现在正在努力并改进上述内容。使用的参考文献列为注释:)