当前位置:网站首页>OpenSSL: a full-featured toolkit for TLS and SSL protocols, and a general encryption library

OpenSSL: a full-featured toolkit for TLS and SSL protocols, and a general encryption library

2022-07-06 22:40:00 Ink painting long sky


One 、SSL Library and cryptographic algorithm library

name library
EVP Packaging Library libeay32.lib
SSL library ssleay32.lib

Two 、 Use OpenSSL

  1. install OpenSSL-Win32
  2. introduce libeay32.lib and ssleay32.lib
  3. Set up OpenSSL Header Directory

3、 ... and 、 The format of the certificate

  • XML A standard format ------- C# RSA certificate
<RSAKeyValue>
	<Modulus> </Modulus>
	<Exponent> </Exponent>
	<P> </P>
	<Q> </Q>
	<DP> </DP>
	<DQ> </DQ>
	<InverseQ> </InverseQ>
	<D> </D>
</RSAKeyValue>
  • PEM PKCS#8 Unencrypted format ------- Java
-----BEGIN PRIVATE KEY-----

-----END PRIVATE KEY-----
  • PEM PKCS#1 Format
-----BEGIN RSA PRIVATE KEY-----

-----END RSA PRIVATE KEY-----

Four 、 Common encryption algorithms

Symmetric encryption algorithm :

  • AES
  • DES/3DES(TripleDES)
#pragma comment(lib, "libeay32.lib")

#include <openssl/des.h>
#include <openssl/rand.h>
#include <openssl/rsa.h> 
#include <openssl/pem.h> 
#include <openssl/err.h> 
#include <openssl/bio.h> 
#include <openssl/evp.h>
#include <openssl/x509.h>

/* 3DES encryption  * encData: 8*n bytes * encKey: 3 Multiple key length ¬24 bytes * encIV:  Encryption vector ¬8bytes,default:{1,2,3,4,5,6,7,8} * out : enc output data * return: error:-1 successful: out length */
int iEVP_Encrypt(byte* data, byte* key, byte* iv, byte* out)//end with 0
{
    
	int					ret;
	int					outLen;
	int					tmpLen;
	EVP_CIPHER_CTX		ctx;

	EVP_CIPHER_CTX_set_padding(&ctx,0);
	EVP_CIPHER_CTX_init(&ctx);

	ret = EVP_EncryptInit_ex(&ctx,EVP_des_ede3_cbc(),NULL,key,iv);
	EVP_CIPHER_CTX_set_padding(&ctx,0);//will reInit enc and dec
	if(ret != 1)
	{
    
		return NULL;//error
	}
	ret = EVP_EncryptUpdate(&ctx,out,&outLen,(unsigned char *)data,8);
	if(ret != 1)
	{
    
		return NULL;//error
	}
	ret = EVP_EncryptFinal_ex(&ctx,out+outLen,&tmpLen);
	if(ret != 1)
	{
    
		return NULL;//Err
	}
	outLen = outLen + tmpLen;	
	
	return outLen;
}

/* 3DES Decrypt  * decData: 8*n bytes * decKey: 3 Multiple key length ¬24 bytes * decIV:  Encryption vector ¬8bytes,default:{1,2,3,4,5,6,7,8} * out :dec output data * return: error:-1 successful: out length */
int iEVP_Decrypt(byte* data, byte* key, byte* iv, byte* out)
{
    
	int					ret		= 0;
	int					outLen	= 8;
	int					tmpLen	= 0;
	EVP_CIPHER_CTX		ctx;

	EVP_CIPHER_CTX_set_padding(&ctx,0);
	EVP_CIPHER_CTX_init(&ctx);

	ret = EVP_DecryptInit_ex(&ctx,EVP_des_ede3_cbc(),NULL,key,iv);
	EVP_CIPHER_CTX_set_padding(&ctx,0);//will reInit enc and dec
	if(ret!=1)
	{
    
		return NULL;//Err
	}
	ret = EVP_DecryptUpdate(&ctx,out,&outLen,data,outLen);
	if(ret!=1)
	{
    
		return NULL;//Err
	}
	ret = EVP_DecryptFinal_ex(&ctx,out+outLen,&tmpLen);
	if(ret!=1)
	{
    
		return NULL;//Err
	}
	outLen = outLen + tmpLen;
	
	return outLen;
}

Asymmetric encryption algorithm :

  • RSA
//RSA Private key decryption 
string bio_read_privateKey(string data) 
{
    
	OpenSSL_add_all_algorithms();
    
    BIO* bp = BIO_new( BIO_s_file() );
    BIO_read_filename( bp, "private.pem" );
    RSA* rsaK = PEM_read_bio_RSAPrivateKey( bp, NULL, NULL, NULL );
    
	if (NULL == rsaK) 
	{
    
		return NULL;//Error
	}
	
	int nLen = RSA_size(rsaK);
	if (nLen == NULL)
	{
    
		return NULL;//Error
	}

	char* pEncode = new char[nLen +1];
	memset(pEncode,0,nLen+1);
	int ret = RSA_private_decrypt(data.length(),(byte*)data.c_str(),(byte*)pEncode,rsaK,RSA_PKCS1_PADDING);
	string strRet;
	if (ret >= 0) 
	{
    
		strRet = string(pEncode, ret);
	}
	else
	{
    
		return NULL;
	}
	delete[] pEncode;
	CRYPTO_cleanup_all_ex_data();
	BIO_free_all( bp );
	RSA_free(rsaK);
	return strRet;
}
//rsa Public key encryption 
string bio_read_publicKey(string data)
{
    
	OpenSSL_add_all_algorithms();
	BIO* bp = BIO_new( BIO_s_file());
	BIO_read_filename( bp, "public.pem" );
	RSA* rsaK ;

    if((rsaK = PEM_read_bio_RSA_PUBKEY(bp,NULL,NULL,NULL)) == NULL)
	{
    
		return NULL;
	}
	if (NULL == rsaK) 
	{
    
		return NULL;//read failed
	}
	
	int nLen = RSA_size(rsaK);
	char *pEncode = new char[nLen + 1];
	memset(pEncode,0,nLen+1);
	int ret = RSA_public_encrypt(data.length(),(const byte*)data.c_str(),(byte*)pEncode,rsaK,RSA_PKCS1_PADDING);
	
	string strRet;
	if (ret >= 0) 
	{
    
		strRet = string(pEncode, ret);
	}
	else
	{
    
		return NULL;
	}

	delete[] pEncode;
	CRYPTO_cleanup_all_ex_data();
	BIO_free_all( bp );
	RSA_free(rsaK);
	return strRet;
}

原网站

版权声明
本文为[Ink painting long sky]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/187/202207061511208186.html