EVP 读取 PEM 私钥无法正常工作
EVP reading PEM private key not working properly
当我 运行 下面的代码生成一个密钥,将它写入一个字符串,打印它,将它读入密钥,然后再次打印它,反对 OpenSSL_1_0_2e:
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/aes.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#define RSA_KEYLEN 2048
int main()
{
// Key generation
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
EVP_PKEY* key = NULL;
EVP_PKEY_keygen_init(ctx);
EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, RSA_KEYLEN);
EVP_PKEY_keygen(ctx, &key);
EVP_PKEY_CTX_free(ctx);
// Serialize to string
unsigned char* keyStr;
BIO *bio = BIO_new(BIO_s_mem());
PEM_write_bio_PrivateKey(bio, key, NULL, NULL, 0, 0, NULL);
int priKeyLen = BIO_pending(bio);
keyStr = (unsigned char*)malloc(priKeyLen + 1);
BIO_read(bio, keyStr, priKeyLen);
keyStr[priKeyLen] = '[=10=]';
BIO_free_all(bio);
// Print the string
printf("%s", keyStr);
// Reset the key
EVP_PKEY_free(key);
key = NULL;
// Read from string
bio = BIO_new(BIO_s_mem());
BIO_write(bio, keyStr, priKeyLen);
PEM_read_bio_PrivateKey(bio, &key, NULL, NULL);
BIO_free_all(bio);
// Free the string
free(keyStr);
// Serialize to string (again)
bio = BIO_new(BIO_s_mem());
PEM_write_bio_PrivateKey(bio, key, NULL, NULL, 0, 0, NULL);
priKeyLen = BIO_pending(bio);
keyStr = (unsigned char*)malloc(priKeyLen + 1);
BIO_read(bio, keyStr, priKeyLen);
keyStr[priKeyLen] = '[=10=]';
BIO_free_all(bio);
// Print string
printf("%s", keyStr);
}
第二个输出中的私钥显然太短了。我做错了什么?
我的特定问题的解决方案是我试图在 EVP_PKEY 上设置 Public 和私钥,认为我需要加载两者才能将其用作密钥对。实际上,您只加载两者之一。有了私钥,就推导出了public密钥。
当我 运行 下面的代码生成一个密钥,将它写入一个字符串,打印它,将它读入密钥,然后再次打印它,反对 OpenSSL_1_0_2e:
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/aes.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#define RSA_KEYLEN 2048
int main()
{
// Key generation
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
EVP_PKEY* key = NULL;
EVP_PKEY_keygen_init(ctx);
EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, RSA_KEYLEN);
EVP_PKEY_keygen(ctx, &key);
EVP_PKEY_CTX_free(ctx);
// Serialize to string
unsigned char* keyStr;
BIO *bio = BIO_new(BIO_s_mem());
PEM_write_bio_PrivateKey(bio, key, NULL, NULL, 0, 0, NULL);
int priKeyLen = BIO_pending(bio);
keyStr = (unsigned char*)malloc(priKeyLen + 1);
BIO_read(bio, keyStr, priKeyLen);
keyStr[priKeyLen] = '[=10=]';
BIO_free_all(bio);
// Print the string
printf("%s", keyStr);
// Reset the key
EVP_PKEY_free(key);
key = NULL;
// Read from string
bio = BIO_new(BIO_s_mem());
BIO_write(bio, keyStr, priKeyLen);
PEM_read_bio_PrivateKey(bio, &key, NULL, NULL);
BIO_free_all(bio);
// Free the string
free(keyStr);
// Serialize to string (again)
bio = BIO_new(BIO_s_mem());
PEM_write_bio_PrivateKey(bio, key, NULL, NULL, 0, 0, NULL);
priKeyLen = BIO_pending(bio);
keyStr = (unsigned char*)malloc(priKeyLen + 1);
BIO_read(bio, keyStr, priKeyLen);
keyStr[priKeyLen] = '[=10=]';
BIO_free_all(bio);
// Print string
printf("%s", keyStr);
}
第二个输出中的私钥显然太短了。我做错了什么?
我的特定问题的解决方案是我试图在 EVP_PKEY 上设置 Public 和私钥,认为我需要加载两者才能将其用作密钥对。实际上,您只加载两者之一。有了私钥,就推导出了public密钥。