x509 在 C 语言中打开 ssl
x509 openssl in C
我成功地将OpenSSL库动态链接到我的C++代码:)经过一番挣扎。现在我需要执行在 VB .NET 中可以执行的相同任务,如下所示:
' 使用 X509 证书加密字符串 Dim rsaCSP As RSACryptoServiceProvider = New RSACryptoServiceProvider
Dim cert As New X509Certificate2(My.Resources.SanitelCF)
rsaCSP = cert.PublicKey.Key
Dim byt As Byte() = System.Text.Encoding.ASCII.GetBytes(inStringa.Trim)
Dim bytout As Byte() = rsaCSP.Encrypt(byt, False)
Return Convert.ToBase64String(bytout)
。实际上只是想知道我应该使用/调用哪些函数。我不太喜欢安全,过去只是做过一些AES:现在我们有意大利政府的这个要求,我想把它添加到我的图书馆中。
在某种程度上,我一直在寻找这个,但只找到了其他东西,比如DES或OpenSSL的河豚。
谢谢!
我能够让它工作!
这是我的"粗略"代码,用于使用OpenSSL C库执行请求的操作,该库具有来自Windows DLL(非托管)的动态链接:
这就是我想要的:
openssl.exe rsautl -encrypt -in input.txt -out output.txt -inkey SanitelCF.cer -certin -pkcs
OpenSSL.exe base64 -base64 -e -in output.txt -out output.b64
// openssl.exe rsautl -encrypt -in input.txt -out output.txt -inkey SanitelCF.cer -certin -pkcs
// openssl.exe base64 -base64 -e -in output.txt -out output.b64
//http://www.linuxjournal.com/article/4822
//http://stackoverflow.com/questions/19194650/sign-a-file-with-openssl-in-php-and-verify-in-c
//http://openssl.6102.n7.nabble.com/use-openssl-function-in-own-application-td47685.html
//https://shanetully.com/2012/06/openssl-rsa-aes-and-c/
//http://www.opensource.apple.com/source/OpenSSL/OpenSSL-7.1/openssl/apps/rsautl.c?txt
#define RSA_SIGN 1
#define RSA_VERIFY 2
#define RSA_ENCRYPT 3
#define RSA_DECRYPT 4
#define KEY_PRIVKEY 1
#define KEY_PUBKEY 2
#define KEY_CERT 3
#define FORMAT_UNDEF 0
#define FORMAT_ASN1 1
#define FORMAT_TEXT 2
#define FORMAT_PEM 3
#define FORMAT_NETSCAPE 4
#define FORMAT_PKCS12 5
#define FORMAT_SMIME 6
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
X509 *load_cert(BIO *err, char *file, int format);
// BIO *in = NULL, *out = NULL;
// char *infile = "rsain.txt", *outfile = "rsaout.txt";
// char *keyfile = "sanitelCF.cer";
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM;
char need_priv = 0, badarg = 0, rev = 0;
// char hexdump = 0, asn1parse = 0;
X509 *x;
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL;
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
int rsa_inlen, rsa_outlen = 0;
int keysize;
BIO *bio_err=NULL;
HINSTANCE hi=LoadLibrary("libeay32.dll");
typedef void (FAR *CRYPTO_free_PROC)(void *);
typedef void (FAR *BIO_free_all_PROC)(BIO *);
typedef int (FAR *BIO_free_PROC)(BIO *);
typedef void (FAR *RSA_free_PROC)(RSA *);
typedef int (FAR *RSA_public_encrypt_PROC)(int,const BYTE *,BYTE *,RSA *,int);
typedef int (FAR *BIO_read_PROC)(BIO *,void *,int);
typedef void * (FAR *CRYPTO_malloc_PROC)(int,const char *,int);
typedef int (FAR *RSA_size_PROC)(const RSA *);
typedef BIO * (FAR *BIO_new_file_PROC)(const char *,const char *);
typedef void (FAR *EVP_PKEY_free_PROC)(EVP_PKEY *);
typedef struct rsa_st * (FAR *EVP_PKEY_get1_RSA_PROC)(EVP_PKEY *);
typedef int (FAR *BIO_printf_PROC)(BIO *bio, const char *format, ...);
typedef EVP_PKEY * (FAR *X509_get_pubkey_PROC)(X509 *);
typedef long (FAR *BIO_ctrl_PROC)(BIO *,int,long,void *);
typedef BIO * (FAR *BIO_new_PROC)(BIO_METHOD *);
typedef BIO_METHOD * (FAR *BIO_s_file_PROC)(void);
typedef void (FAR *X509_free_PROC)(X509 *);
typedef BIO * (FAR *BIO_new_fp_PROC)(FILE *,int);
RSA_public_encrypt_PROC myRSA_public_encrypt;
CRYPTO_free_PROC myCRYPTO_free;
BIO_free_all_PROC myBIO_free_all;
BIO_free_PROC myBIO_free;
RSA_free_PROC myRSA_free;
BIO_read_PROC myBIO_read;
CRYPTO_malloc_PROC myCRYPTO_malloc;
RSA_size_PROC myRSA_size;
BIO_new_file_PROC myBIO_new_file;
EVP_PKEY_free_PROC myEVP_PKEY_free;
EVP_PKEY_get1_RSA_PROC myEVP_PKEY_get1_RSA;
BIO_printf_PROC myBIO_printf;
X509_get_pubkey_PROC myX509_get_pubkey;
BIO_ctrl_PROC myBIO_ctrl;
BIO_new_PROC myBIO_new;
BIO_s_file_PROC myBIO_s_file;
X509_free_PROC myX509_free;
BIO_new_fp_PROC myBIO_new_fp;
if(myRSA_public_encrypt=(RSA_public_encrypt_PROC)GetProcAddress(hi,"RSA_public_encrypt")) {
myCRYPTO_free=(CRYPTO_free_PROC)GetProcAddress(hi,"CRYPTO_free");
myBIO_free_all=(BIO_free_all_PROC)GetProcAddress(hi,"BIO_free_all");
myBIO_free=(BIO_free_PROC)GetProcAddress(hi,"BIO_free");
myRSA_free=(RSA_free_PROC)GetProcAddress(hi,"RSA_free");
myBIO_read=(BIO_read_PROC)GetProcAddress(hi,"BIO_read");
myCRYPTO_malloc=(CRYPTO_malloc_PROC)GetProcAddress(hi,"CRYPTO_malloc");
myRSA_size=(RSA_size_PROC)GetProcAddress(hi,"RSA_size");
myBIO_new_file=(BIO_new_file_PROC)GetProcAddress(hi,"BIO_new_file");
myEVP_PKEY_free=(EVP_PKEY_free_PROC)GetProcAddress(hi,"EVP_PKEY_free");
myEVP_PKEY_get1_RSA=(EVP_PKEY_get1_RSA_PROC)GetProcAddress(hi,"EVP_PKEY_get1_RSA");
myBIO_printf=(BIO_printf_PROC)GetProcAddress(hi,"BIO_printf");
myX509_get_pubkey=(X509_get_pubkey_PROC)GetProcAddress(hi,"X509_get_pubkey");
myBIO_ctrl=(BIO_ctrl_PROC)GetProcAddress(hi,"BIO_ctrl");
myBIO_new=(BIO_new_PROC)GetProcAddress(hi,"BIO_new");
myBIO_s_file=(BIO_s_file_PROC)GetProcAddress(hi,"BIO_s_file");
myX509_free=(X509_free_PROC)GetProcAddress(hi,"X509_free");
myBIO_new_fp=(BIO_new_fp_PROC)GetProcAddress(hi,"BIO_new_fp");
ASSERT(0);
// FILE *z=fopen("picio.txt","w+");
// bio_err = myBIO_new_fp(stderr, BIO_NOCLOSE); // dà sempre un'eccezione strana in openssl... evito!
pad = RSA_PKCS1_PADDING; // fisso DOVREBBE essere giusto per noi!
app_RAND_load_file(NULL,bio_err,0);
x = load_cert(bio_err,myBuf2,keyform);
if(x) {
if(d) {
X509_NAME *xs;
typedef X509_NAME * (FAR *X509_get_issuer_name_PROC)(X509 *);
X509_get_issuer_name_PROC myX509_get_issuer_name;
myX509_get_issuer_name=(X509_get_issuer_name_PROC)GetProcAddress(hi,"X509_get_issuer_name");
xs=myX509_get_issuer_name(x);
MessageBox(NULL,"Certificate Dump (TODO)","Information",MB_OK);
// MessageBox(NULL,xs->bytes,"Information",MB_OK); non compila, frocio
}
pkey = myX509_get_pubkey(x);
myX509_free(x);
}
if(!pkey) {
MessageBox(NULL,"GetRSA: Error loading key or CERT","Error",MB_OK);
// myBIO_printf(bio_err, "Error loading keyn");
// return 1;
goto end;
}
rsa = myEVP_PKEY_get1_RSA(pkey);
myEVP_PKEY_free(pkey);
if(!rsa) {
MessageBox(NULL,"GetRSA: Error getting RSA key","Error",MB_OK);
// myBIO_printf(bio_err, "Error getting RSA keyn");
// ERR_print_errors(bio_err);
goto end;
}
// if(!(in = myBIO_new_file(infile, "rb"))) { // PER PROVA! poi, stringhe
// myBIO_printf(bio_err, "Error Reading Input Filen");
// ERR_print_errors(bio_err);
// goto end;
// }
// if(!(out = myBIO_new_file(outfile, "wb"))) {
// myBIO_printf(bio_err, "Error Reading Output Filen");
// ERR_print_errors(bio_err);
// goto end;
// }
keysize = myRSA_size(rsa);
rsa_in = (BYTE *)myCRYPTO_malloc(keysize*2,__FILE__,__LINE__); // mappa da OPENSSL_malloc; v. crypto.h
rsa_out = (BYTE *)myCRYPTO_malloc(keysize,__FILE__,__LINE__);
/* Read the input data */
rsa_inlen=min(_tcslen(myBuf),keysize*2);
memcpy(rsa_in,myBuf,rsa_inlen);
// rsa_inlen = myBIO_read(in, rsa_in, keysize*2);
// if(rsa_inlen <= 0) {
// myBIO_printf(bio_err, "Error reading input Datan");
// exit(1);
// }
if(rev) { // non dovrebbe interessarci a noi
int i;
unsigned char ctmp;
for(i=0; i<rsa_inlen/2; i++) {
ctmp = rsa_in[i];
rsa_in[i] = rsa_in[rsa_inlen-1-i];
rsa_in[rsa_inlen-1-i] = ctmp;
}
}
rsa_outlen = myRSA_public_encrypt(rsa_inlen,rsa_in,rsa_out,rsa,pad);
if(rsa_outlen <= 0) {
// BIO_printf(bio_err, "RSA operation errorn");
// ERR_print_errors(bio_err);
// goto end;
}
// int ret = 0;
// myBIO_dump(out,(char *)rsa_out,rsa_outlen);
// myBIO_write(out,rsa_out,rsa_outlen);
Base64encode(szBuf,(const char *)rsa_out,rsa_outlen);
// memcpy(szBuf,rsa_out,rsa_outlen);
// szBuf[rsa_outlen]=0;
end:
myRSA_free(rsa);
// myBIO_free(in);
// myBIO_free_all(out);
if(rsa_in)
myCRYPTO_free(rsa_in); //OPENSSL_free(rsa_in); questa caga il cazzo con "3 parametri"... boh
if(rsa_out)
myCRYPTO_free(rsa_out); //mappa su CRYPTO_free(rsa_out);
FreeLibrary(hi);
现在工作并改进上述内容。使用的参考文献作为注释列出:)
相关文章:
- SSL上的`curl_easy_send`和`curl_asy_recv`:如何处理`CURLE_AGAIN`
- 不同语言中相同代码的不同行为
- 为什么C++对链表中的下一个节点使用指针,而像 C# 或 Java 这样的语言只使用类 Node 的名称?
- r语言 - C++ 类型为"const std ::?
- 通用C++/Python 多语言的存在
- 为什么我的 EnumWindowProc 不能用 C 语言编译?
- 了解算法的性能差异(如果以不同的编程语言实现)
- Rextester 语言编译C++问题
- 使用 OpenSSL 从内存中读取原始 SSL/TLS 证书
- 如何将多种语言设置放在单个 .clang 格式文件中
- 不同语言中的模运算符差异
- Mongocxx无法使用SSL连接到mongoDB
- 刚接触C++,难以理解语言的细微差别
- 为什么开发人员将C / C ++用于嵌入式系统,而不是像Python这样的高级语言与C相比?
- 我们可以用 C 语言嵌套 #define 和 #if 吗?
- 我的C++语言蛮力算法有问题
- 如何删除已输入的书以及如何使标题,语言和名称在上面放置空格不会出错?
- 为什么编程语言被编译为汇编程序而不是二进制?
- 你好世界示例,一个在 C 语言中使用 SSL 的猫鼬网络服务器
- x509 在 C 语言中打开 ssl
