当前位置:网站首页>OpenSSL:适用TLS与SSL协议的全功能工具包,通用加密库
OpenSSL:适用TLS与SSL协议的全功能工具包,通用加密库
2022-07-06 15:32:00 【水墨长天】
OpenSSL:适用TLS与SSL协议的全功能工具包,通用加密库
一、SSL库和密码学算法库
| 名称 | 库 |
|---|---|
| EVP封装库 | libeay32.lib |
| SSL库 | ssleay32.lib |
二、使用OpenSSL
- 安装OpenSSL-Win32
- 引入 libeay32.lib 和 ssleay32.lib
- 设置OpenSSL头文件目录
三、证书的格式
- XML标准格式 ------- C# RSA证书
<RSAKeyValue>
<Modulus> </Modulus>
<Exponent> </Exponent>
<P> </P>
<Q> </Q>
<DP> </DP>
<DQ> </DQ>
<InverseQ> </InverseQ>
<D> </D>
</RSAKeyValue>
- PEM PKCS#8非加密格式 ------- Java
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
- PEM PKCS#1格式
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
四、常见加密算法
对称加密算法:
- AES
- DES/3DES(TripleDES)
#pragma comment(lib, "libeay32.lib")
#include <openssl/des.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
/* 3DES加密 * encData: 8*n bytes * encKey: 3倍密钥长度¬24 bytes * encIV: 加密向量¬8bytes,default:{1,2,3,4,5,6,7,8} * out : enc output data * return: error:-1 successful: out length */
int iEVP_Encrypt(byte* data, byte* key, byte* iv, byte* out)//end with 0
{
int ret;
int outLen;
int tmpLen;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_set_padding(&ctx,0);
EVP_CIPHER_CTX_init(&ctx);
ret = EVP_EncryptInit_ex(&ctx,EVP_des_ede3_cbc(),NULL,key,iv);
EVP_CIPHER_CTX_set_padding(&ctx,0);//will reInit enc and dec
if(ret != 1)
{
return NULL;//error
}
ret = EVP_EncryptUpdate(&ctx,out,&outLen,(unsigned char *)data,8);
if(ret != 1)
{
return NULL;//error
}
ret = EVP_EncryptFinal_ex(&ctx,out+outLen,&tmpLen);
if(ret != 1)
{
return NULL;//Err
}
outLen = outLen + tmpLen;
return outLen;
}
/* 3DES解密 * decData: 8*n bytes * decKey: 3倍密钥长度¬24 bytes * decIV: 加密向量¬8bytes,default:{1,2,3,4,5,6,7,8} * out :dec output data * return: error:-1 successful: out length */
int iEVP_Decrypt(byte* data, byte* key, byte* iv, byte* out)
{
int ret = 0;
int outLen = 8;
int tmpLen = 0;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_set_padding(&ctx,0);
EVP_CIPHER_CTX_init(&ctx);
ret = EVP_DecryptInit_ex(&ctx,EVP_des_ede3_cbc(),NULL,key,iv);
EVP_CIPHER_CTX_set_padding(&ctx,0);//will reInit enc and dec
if(ret!=1)
{
return NULL;//Err
}
ret = EVP_DecryptUpdate(&ctx,out,&outLen,data,outLen);
if(ret!=1)
{
return NULL;//Err
}
ret = EVP_DecryptFinal_ex(&ctx,out+outLen,&tmpLen);
if(ret!=1)
{
return NULL;//Err
}
outLen = outLen + tmpLen;
return outLen;
}
非对称加密算法:
- RSA
//RSA私钥解密
string bio_read_privateKey(string data)
{
OpenSSL_add_all_algorithms();
BIO* bp = BIO_new( BIO_s_file() );
BIO_read_filename( bp, "private.pem" );
RSA* rsaK = PEM_read_bio_RSAPrivateKey( bp, NULL, NULL, NULL );
if (NULL == rsaK)
{
return NULL;//Error
}
int nLen = RSA_size(rsaK);
if (nLen == NULL)
{
return NULL;//Error
}
char* pEncode = new char[nLen +1];
memset(pEncode,0,nLen+1);
int ret = RSA_private_decrypt(data.length(),(byte*)data.c_str(),(byte*)pEncode,rsaK,RSA_PKCS1_PADDING);
string strRet;
if (ret >= 0)
{
strRet = string(pEncode, ret);
}
else
{
return NULL;
}
delete[] pEncode;
CRYPTO_cleanup_all_ex_data();
BIO_free_all( bp );
RSA_free(rsaK);
return strRet;
}
//rsa公钥加密
string bio_read_publicKey(string data)
{
OpenSSL_add_all_algorithms();
BIO* bp = BIO_new( BIO_s_file());
BIO_read_filename( bp, "public.pem" );
RSA* rsaK ;
if((rsaK = PEM_read_bio_RSA_PUBKEY(bp,NULL,NULL,NULL)) == NULL)
{
return NULL;
}
if (NULL == rsaK)
{
return NULL;//read failed
}
int nLen = RSA_size(rsaK);
char *pEncode = new char[nLen + 1];
memset(pEncode,0,nLen+1);
int ret = RSA_public_encrypt(data.length(),(const byte*)data.c_str(),(byte*)pEncode,rsaK,RSA_PKCS1_PADDING);
string strRet;
if (ret >= 0)
{
strRet = string(pEncode, ret);
}
else
{
return NULL;
}
delete[] pEncode;
CRYPTO_cleanup_all_ex_data();
BIO_free_all( bp );
RSA_free(rsaK);
return strRet;
}
边栏推荐
- 做接口测试都测什么?有哪些通用测试点?
- 手写ABA遇到的坑
- Volatile keyword
- pytorch_YOLOX剪枝【附代码】
- Aardio - does not declare the method of directly passing float values
- [Digital IC hand tearing code] Verilog burr free clock switching circuit | topic | principle | design | simulation
- Leetcode question brushing (XI) -- sequential questions brushing 51 to 55
- Web APIs DOM time object
- 自制J-Flash烧录工具——Qt调用jlinkARM.dll方式
- npm无法安装sharp
猜你喜欢
机试刷题1
rust知识思维导图xmind
剑指offer刷题记录1
0 basic learning C language - digital tube
Aardio - integrate variable values into a string of text through variable names
Attack and defense world miscall
Clip +json parsing converts the sound in the video into text
PVL EDI project case
UE4蓝图学习篇(四)--流程控制ForLoop和WhileLoop
CCNA Cisco network EIGRP protocol
随机推荐
2022-07-05 use TPCC to conduct sub query test on stonedb
[线性代数] 1.3 n阶行列式
2022-07-05 stonedb sub query processing parsing time analysis
[linear algebra] determinant of order 1.3 n
Learn the principle of database kernel from Oracle log parsing
MySQL教程的天花板,收藏好,慢慢看
Unity3d minigame-unity-webgl-transform插件转换微信小游戏报错To use dlopen, you need to use Emscripten‘s...问题
signed、unsigned关键字
Self made j-flash burning tool -- QT calls jlinkarm DLL mode
OpenNMS分离数据库
Build op-tee development environment based on qemuv8
UDP programming
Aardio - construct a multi button component with customplus library +plus
CocosCreator+TypeScripts自己写一个对象池
使用云服务器搭建代理
关于声子和热输运计算中BORN电荷和non-analytic修正的问题
2022-07-04 the high-performance database engine stonedb of MySQL is compiled and run in centos7.9
机试刷题1
Comparison between variable and "zero value"
金融人士必读书籍系列之六:权益投资(基于cfa考试内容大纲和框架)