openssl pem.h 中提供了关于pem格式密钥对的操作接口
通常使用.pem的格式文件来保存openssl 生成的密钥对;
在终端下 cat xxx.pem 可以看到
-----BEGIN RSA PRIVATE KEY-----
XXXX
-----END RSA PRIVATE KEY-----
密钥数据进行了BASE64编码
1. 示例:将生成的密钥对保存成pem文件
void testWriteRSA2PEM() { //生成密钥对 RSA *r = RSA_new(); int bits = 512; BIGNUM *e = BN_new(); BN_set_word(e, 65537); RSA_generate_key_ex(r, bits, e, NULL); RSA_print_fp(stdout, r, 0); BIO *out; out = BIO_new_file("/Users/cocoajin/Desktop/opriv.pem","w"); //这里生成的私钥没有加密,可选加密 int ret = PEM_write_bio_RSAPrivateKey(out, r, NULL, NULL, 0, NULL, NULL); printf("writepri:%d ",ret); BIO_flush(out); BIO_free(out); out = BIO_new_file("/Users/cocoajin/Desktop/opub.pem","w"); ret = PEM_write_bio_RSAPublicKey(out, r); printf("writepub:%d ",ret); BIO_flush(out); BIO_free(out); BN_free(e); RSA_free(r); }
在目标路径保存了生成的公钥opub.pem和私钥oprov.pem
输出日志
Private-Key: (512 bit) modulus: 00:e6:96:f5:6f:4d:5e:c2:ad:0d:f5:13:45:99:55: ca:6f:84:4f:3a:56:52:e2:ee:a2:cc:73:77:07:e2: 3d:0d:e3:0d:c0:6a:92:52:b6:c7:de:e2:d6:88:56: 9e:92:99:91:dd:2d:06:c5:a8:f2:c1:79:8b:20:f9: 73:0a:7a:28:93 publicExponent: 65537 (0x10001) privateExponent: 00:ca:1b:92:6f:c5:de:c2:bf:2f:b6:98:f7:ad:d8: 16:20:fc:54:fd:0a:e0:87:6b:26:62:10:ea:49:8c: b0:7a:d3:d8:28:b7:fb:15:f1:4e:95:9d:bf:31:3a: e0:f3:fa:24:d3:71:fd:b0:f5:cd:5c:25:d1:81:8c: 01:e3:fb:c7:21 prime1: 00:f6:d7:91:c4:1a:2f:eb:0b:c4:18:14:3b:fe:f6: 0d:c1:11:94:ca:6c:06:fc:de:d7:19:ac:58:9d:36: 16:fe:9b prime2: 00:ef:25:07:75:76:4d:ac:19:aa:ed:e9:a7:1d:5d: b1:7d:1c:1a:ef:95:8f:2d:bc:8a:e7:93:f5:f8:15: 69:61:69 exponent1: 00:f4:d2:c0:6f:b8:ed:77:fa:16:87:2f:62:86:31: b3:58:9f:c0:6c:b8:92:81:b1:df:b4:45:fd:2a:08: 60:ec:2b exponent2: 00:b5:88:c1:69:bc:3d:67:f8:30:15:db:f9:5c:c4: 63:d8:59:fe:64:82:7e:a6:b4:6a:29:32:db:53:d0: 45:27:89 coefficient: 0a:97:26:2f:e9:ca:b6:32:86:86:3b:5a:13:ea:5e: 8d:79:77:b9:7a:30:41:c4:31:cb:02:0e:96:6b:1b: e5:c4 writepri:1 writepub:1 Program ended with exit code: 0
2. 示例:从pem文件中获取公钥私钥方式一(利用了BIO)
void testReadRSAFromPEM() { RSA *pubkey = RSA_new(); RSA *prikey = RSA_new(); BIO *pubio; BIO *priio; priio = BIO_new_file("/Users/cocoajin/Desktop/opriv.pem", "rb"); prikey = PEM_read_bio_RSAPrivateKey(priio, &prikey, NULL, NULL); pubio = BIO_new_file("/Users/cocoajin/Desktop/opub.pem", "rb"); pubkey = PEM_read_bio_RSAPublicKey(pubio, &pubkey, NULL, NULL); RSA_print_fp(stdout, pubkey, 0); RSA_print_fp(stdout, prikey, 0); RSA_free(pubkey); BIO_free(pubio); RSA_free(prikey); BIO_free(priio); }
从目标路径读取公钥opub.pem和私钥opriv.pem
输出日志
Public-Key: (512 bit) Modulus: 00:e6:96:f5:6f:4d:5e:c2:ad:0d:f5:13:45:99:55: ca:6f:84:4f:3a:56:52:e2:ee:a2:cc:73:77:07:e2: 3d:0d:e3:0d:c0:6a:92:52:b6:c7:de:e2:d6:88:56: 9e:92:99:91:dd:2d:06:c5:a8:f2:c1:79:8b:20:f9: 73:0a:7a:28:93 Exponent: 65537 (0x10001) Private-Key: (512 bit) modulus: 00:e6:96:f5:6f:4d:5e:c2:ad:0d:f5:13:45:99:55: ca:6f:84:4f:3a:56:52:e2:ee:a2:cc:73:77:07:e2: 3d:0d:e3:0d:c0:6a:92:52:b6:c7:de:e2:d6:88:56: 9e:92:99:91:dd:2d:06:c5:a8:f2:c1:79:8b:20:f9: 73:0a:7a:28:93 publicExponent: 65537 (0x10001) privateExponent: 00:ca:1b:92:6f:c5:de:c2:bf:2f:b6:98:f7:ad:d8: 16:20:fc:54:fd:0a:e0:87:6b:26:62:10:ea:49:8c: b0:7a:d3:d8:28:b7:fb:15:f1:4e:95:9d:bf:31:3a: e0:f3:fa:24:d3:71:fd:b0:f5:cd:5c:25:d1:81:8c: 01:e3:fb:c7:21 prime1: 00:f6:d7:91:c4:1a:2f:eb:0b:c4:18:14:3b:fe:f6: 0d:c1:11:94:ca:6c:06:fc:de:d7:19:ac:58:9d:36: 16:fe:9b prime2: 00:ef:25:07:75:76:4d:ac:19:aa:ed:e9:a7:1d:5d: b1:7d:1c:1a:ef:95:8f:2d:bc:8a:e7:93:f5:f8:15: 69:61:69 exponent1: 00:f4:d2:c0:6f:b8:ed:77:fa:16:87:2f:62:86:31: b3:58:9f:c0:6c:b8:92:81:b1:df:b4:45:fd:2a:08: 60:ec:2b exponent2: 00:b5:88:c1:69:bc:3d:67:f8:30:15:db:f9:5c:c4: 63:d8:59:fe:64:82:7e:a6:b4:6a:29:32:db:53:d0: 45:27:89 coefficient: 0a:97:26:2f:e9:ca:b6:32:86:86:3b:5a:13:ea:5e: 8d:79:77:b9:7a:30:41:c4:31:cb:02:0e:96:6b:1b: e5:c4 Program ended with exit code: 0
3. 示例:从pem文件中读取公钥私钥方式二(利用FILE)
void testPEMReadRSA() { RSA *pubkey = RSA_new(); RSA *prikey = RSA_new(); FILE *pubf = fopen("/Users/cocoajin/Desktop/opub.pem", "rb"); pubkey = PEM_read_RSAPublicKey(pubf, &pubkey, NULL, NULL); FILE *prif = fopen("/Users/cocoajin/Desktop/opriv.pem", "rb"); prikey = PEM_read_RSAPrivateKey(prif, &prikey, NULL, NULL); RSA_print_fp(stdout, pubkey, 0); RSA_print_fp(stdout, prikey, 0); fclose(pubf); fclose(prif); RSA_free(pubkey); RSA_free(prikey); }
输出日志
Public-Key: (512 bit) Modulus: 00:e6:96:f5:6f:4d:5e:c2:ad:0d:f5:13:45:99:55: ca:6f:84:4f:3a:56:52:e2:ee:a2:cc:73:77:07:e2: 3d:0d:e3:0d:c0:6a:92:52:b6:c7:de:e2:d6:88:56: 9e:92:99:91:dd:2d:06:c5:a8:f2:c1:79:8b:20:f9: 73:0a:7a:28:93 Exponent: 65537 (0x10001) Private-Key: (512 bit) modulus: 00:e6:96:f5:6f:4d:5e:c2:ad:0d:f5:13:45:99:55: ca:6f:84:4f:3a:56:52:e2:ee:a2:cc:73:77:07:e2: 3d:0d:e3:0d:c0:6a:92:52:b6:c7:de:e2:d6:88:56: 9e:92:99:91:dd:2d:06:c5:a8:f2:c1:79:8b:20:f9: 73:0a:7a:28:93 publicExponent: 65537 (0x10001) privateExponent: 00:ca:1b:92:6f:c5:de:c2:bf:2f:b6:98:f7:ad:d8: 16:20:fc:54:fd:0a:e0:87:6b:26:62:10:ea:49:8c: b0:7a:d3:d8:28:b7:fb:15:f1:4e:95:9d:bf:31:3a: e0:f3:fa:24:d3:71:fd:b0:f5:cd:5c:25:d1:81:8c: 01:e3:fb:c7:21 prime1: 00:f6:d7:91:c4:1a:2f:eb:0b:c4:18:14:3b:fe:f6: 0d:c1:11:94:ca:6c:06:fc:de:d7:19:ac:58:9d:36: 16:fe:9b prime2: 00:ef:25:07:75:76:4d:ac:19:aa:ed:e9:a7:1d:5d: b1:7d:1c:1a:ef:95:8f:2d:bc:8a:e7:93:f5:f8:15: 69:61:69 exponent1: 00:f4:d2:c0:6f:b8:ed:77:fa:16:87:2f:62:86:31: b3:58:9f:c0:6c:b8:92:81:b1:df:b4:45:fd:2a:08: 60:ec:2b exponent2: 00:b5:88:c1:69:bc:3d:67:f8:30:15:db:f9:5c:c4: 63:d8:59:fe:64:82:7e:a6:b4:6a:29:32:db:53:d0: 45:27:89 coefficient: 0a:97:26:2f:e9:ca:b6:32:86:86:3b:5a:13:ea:5e: 8d:79:77:b9:7a:30:41:c4:31:cb:02:0e:96:6b:1b: e5:c4 Program ended with exit code: 0
4. 在终端下使用openssl命令生成公钥私钥
//生成1024位的RSA私钥 openssl genrsa -out private.pem 1024 //再由私钥生成公钥 openssl rsa -in private.pem -pubout -out public.pem //私钥文件private.pem //公钥文件public.pem //上面私钥是没加密的,可选加密,指定一个加密算法生成时输入密码
以上测试使用openssl 1.1.0c
参考:https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_RSAPublicKey.html