OpenSSL RSA备忘

Apache + SSL:
openssl req -config openssl.cnf -new -out my-server.csropenssl rsa -in privkey.pem -out my-server.keyopenssl x509 -in my-server.csr -out my-server.cert -req -signkey my-server.key -days 365openssl x509 -in my-server.cert -out my-server.der.crt -outform DER

//私钥生成公钥 记录到文件。

openssl rsa -in privatekey.key -pubout -out pubkey.key

 

RSA加解密：(如果有私钥文件，不需要公钥文件)

code：

#include <sys/param.h>
#include <sys/types.h>
#include <arpa/nameser.h>
#include <openssl/ssl.h>
#include <openssl/rand.h>
#include <openssl/bio.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>

#define CERT_FILE "my-server.cert"
#define PRIV_KEY_FILE  "my-server.key"
#define PUB_KEY_FILE  "my-server-pub.key"



void err_ssl(int eval, char *msg)
{
    char buf[128];

    ERR_error_string(ERR_get_error(), buf);
    printf("%s", buf);
}


char *plain = "IamABC and who are you";
int plainLen = 0;

char gEnc[2048] = {0};
char gPLA[4096] = {0};

SSL_CTX  *g_ctx = NULL;
RSA     *g_RSA = NULL;

char gtmpBuf[2048];

int main()
{
    int encLen = 0;
        FILE *fp_priv;
        FILE *fp_pub;
        int flen;
        int ret;
        int ret2;
        char *out;
        int i;
        
    SSL_library_init();
    SSL_load_error_strings();
    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();

        fp_priv = fopen(PRIV_KEY_FILE, "r");
        if( fp_priv == NULL)
        {
            printf("+ failed to open priv fkey ile. \n");
            return 0;
        }
            
        g_RSA = PEM_read_RSAPrivateKey(fp_priv, &g_RSA, NULL, NULL);
        if( g_RSA == NULL)
        {
            printf("+ failed to read private key. \n");    
        }

#if 0
        g_RSA_PUB = PEM_read_RSA_PUBKEY(fp_pub, &g_RSA_PUB, NULL, NULL);
        if( g_RSA_PUB == NULL)
        {
            printf("+ failed to read public key. \n");    
        }
#endif

        printf("+ n len: %d \n", BN_num_bytes(g_RSA->n));    
        BN_bn2bin(g_RSA->n, gtmpBuf);

        printf("+ e len: %d \n", BN_num_bytes(g_RSA->e));    
        BN_bn2bin(g_RSA->e, gtmpBuf);

        printf("+ d len: %d \n", BN_num_bytes(g_RSA->d));    
        BN_bn2bin(g_RSA->d, gtmpBuf);
    
        printf("+ Private & Pub Key file Seems Load Success. \n");

        flen = RSA_size(g_RSA);

        plainLen = strlen(plain);
        
        ret = RSA_public_encrypt(plainLen, plain, gEnc, g_RSA, RSA_PKCS1_PADDING);
        if( ret < 0)
        {
            printf("+ public encry failed. \n");
            
            err_ssl(1,"RSA_public_encrypt");
            return 0;    
        }

        out = gEnc;
        
        for (i=0; i<ret; i++)
        {
            printf("%02x ", (*out)&0xff );
            out++;
        }

        printf("-------Enc Len=%d -------\n", ret);

        ret2 = RSA_private_decrypt(ret, gEnc, gPLA, g_RSA, RSA_PKCS1_PADDING);

        out = gPLA;        
        for (i=0; i<ret2; i++)
        {
            printf("%c ", (*out)&0xff );
            out++;
        }
        printf("--------Dec Len=%d -----------\n", ret2);
        
    return 0;
}


//gcc -o test_main test_main.c -lssl -lcrypto