当前位置:网站首页>OpenSSL:适用TLS与SSL协议的全功能工具包,通用加密库
OpenSSL:适用TLS与SSL协议的全功能工具包,通用加密库
2022-07-06 15:32:00 【水墨长天】
OpenSSL:适用TLS与SSL协议的全功能工具包,通用加密库
一、SSL库和密码学算法库
名称 | 库 |
---|---|
EVP封装库 | libeay32.lib |
SSL库 | ssleay32.lib |
二、使用OpenSSL
- 安装OpenSSL-Win32
- 引入 libeay32.lib 和 ssleay32.lib
- 设置OpenSSL头文件目录
三、证书的格式
- XML标准格式 ------- C# RSA证书
<RSAKeyValue>
<Modulus> </Modulus>
<Exponent> </Exponent>
<P> </P>
<Q> </Q>
<DP> </DP>
<DQ> </DQ>
<InverseQ> </InverseQ>
<D> </D>
</RSAKeyValue>
- PEM PKCS#8非加密格式 ------- Java
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
- PEM PKCS#1格式
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
四、常见加密算法
对称加密算法:
- AES
- DES/3DES(TripleDES)
#pragma comment(lib, "libeay32.lib")
#include <openssl/des.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
/* 3DES加密 * encData: 8*n bytes * encKey: 3倍密钥长度¬24 bytes * encIV: 加密向量¬8bytes,default:{1,2,3,4,5,6,7,8} * out : enc output data * return: error:-1 successful: out length */
int iEVP_Encrypt(byte* data, byte* key, byte* iv, byte* out)//end with 0
{
int ret;
int outLen;
int tmpLen;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_set_padding(&ctx,0);
EVP_CIPHER_CTX_init(&ctx);
ret = EVP_EncryptInit_ex(&ctx,EVP_des_ede3_cbc(),NULL,key,iv);
EVP_CIPHER_CTX_set_padding(&ctx,0);//will reInit enc and dec
if(ret != 1)
{
return NULL;//error
}
ret = EVP_EncryptUpdate(&ctx,out,&outLen,(unsigned char *)data,8);
if(ret != 1)
{
return NULL;//error
}
ret = EVP_EncryptFinal_ex(&ctx,out+outLen,&tmpLen);
if(ret != 1)
{
return NULL;//Err
}
outLen = outLen + tmpLen;
return outLen;
}
/* 3DES解密 * decData: 8*n bytes * decKey: 3倍密钥长度¬24 bytes * decIV: 加密向量¬8bytes,default:{1,2,3,4,5,6,7,8} * out :dec output data * return: error:-1 successful: out length */
int iEVP_Decrypt(byte* data, byte* key, byte* iv, byte* out)
{
int ret = 0;
int outLen = 8;
int tmpLen = 0;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_set_padding(&ctx,0);
EVP_CIPHER_CTX_init(&ctx);
ret = EVP_DecryptInit_ex(&ctx,EVP_des_ede3_cbc(),NULL,key,iv);
EVP_CIPHER_CTX_set_padding(&ctx,0);//will reInit enc and dec
if(ret!=1)
{
return NULL;//Err
}
ret = EVP_DecryptUpdate(&ctx,out,&outLen,data,outLen);
if(ret!=1)
{
return NULL;//Err
}
ret = EVP_DecryptFinal_ex(&ctx,out+outLen,&tmpLen);
if(ret!=1)
{
return NULL;//Err
}
outLen = outLen + tmpLen;
return outLen;
}
非对称加密算法:
- RSA
//RSA私钥解密
string bio_read_privateKey(string data)
{
OpenSSL_add_all_algorithms();
BIO* bp = BIO_new( BIO_s_file() );
BIO_read_filename( bp, "private.pem" );
RSA* rsaK = PEM_read_bio_RSAPrivateKey( bp, NULL, NULL, NULL );
if (NULL == rsaK)
{
return NULL;//Error
}
int nLen = RSA_size(rsaK);
if (nLen == NULL)
{
return NULL;//Error
}
char* pEncode = new char[nLen +1];
memset(pEncode,0,nLen+1);
int ret = RSA_private_decrypt(data.length(),(byte*)data.c_str(),(byte*)pEncode,rsaK,RSA_PKCS1_PADDING);
string strRet;
if (ret >= 0)
{
strRet = string(pEncode, ret);
}
else
{
return NULL;
}
delete[] pEncode;
CRYPTO_cleanup_all_ex_data();
BIO_free_all( bp );
RSA_free(rsaK);
return strRet;
}
//rsa公钥加密
string bio_read_publicKey(string data)
{
OpenSSL_add_all_algorithms();
BIO* bp = BIO_new( BIO_s_file());
BIO_read_filename( bp, "public.pem" );
RSA* rsaK ;
if((rsaK = PEM_read_bio_RSA_PUBKEY(bp,NULL,NULL,NULL)) == NULL)
{
return NULL;
}
if (NULL == rsaK)
{
return NULL;//read failed
}
int nLen = RSA_size(rsaK);
char *pEncode = new char[nLen + 1];
memset(pEncode,0,nLen+1);
int ret = RSA_public_encrypt(data.length(),(const byte*)data.c_str(),(byte*)pEncode,rsaK,RSA_PKCS1_PADDING);
string strRet;
if (ret >= 0)
{
strRet = string(pEncode, ret);
}
else
{
return NULL;
}
delete[] pEncode;
CRYPTO_cleanup_all_ex_data();
BIO_free_all( bp );
RSA_free(rsaK);
return strRet;
}
边栏推荐
- i. Mx6ull build boa server details and some of the problems encountered
- hdu 5077 NAND(暴力打表)
- OpenCV VideoCapture. Get() parameter details
- TypeScript获取函数参数类型
- config:invalid signature 解决办法和问题排查详解
- ThreadLocal详解
- 柔性数组到底如何使用呢?
- LeetCode 练习——剑指 Offer 26. 树的子结构
- NetXpert XG2帮您解决“布线安装与维护”难题
- Build op-tee development environment based on qemuv8
猜你喜欢
基於 QEMUv8 搭建 OP-TEE 開發環境
AdaViT——自适应选择计算结构的动态网络
CCNA Cisco network EIGRP protocol
Sword finger offer question brushing record 1
Build op-tee development environment based on qemuv8
Clip +json parsing converts the sound in the video into text
手写ABA遇到的坑
Pit encountered by handwritten ABA
MySQL----初识MySQL
NetXpert XG2帮您解决“布线安装与维护”难题
随机推荐
2022-07-05 使用tpcc对stonedb进行子查询测试
NPDP certification | how do product managers communicate across functions / teams?
C# 三种方式实现Socket数据接收
ThreadLocal详解
AdaViT——自适应选择计算结构的动态网络
Aardio - integrate variable values into a string of text through variable names
Attack and defense world miscall
sizeof关键字
【编译原理】做了一半的LR(0)分析器
NetXpert XG2帮您解决“布线安装与维护”难题
OpenCV VideoCapture. Get() parameter details
每日一题:力扣:225:用队列实现栈
Unity3d minigame unity webgl transform plug-in converts wechat games to use dlopen, you need to use embedded 's problem
Research and investment strategy report of China's VOCs catalyst industry (2022 Edition)
How do I write Flask's excellent debug log message to a file in production?
[IELTS speaking] Anna's oral learning record part1
Aardio - 通过变量名将变量值整合到一串文本中
自制J-Flash烧录工具——Qt调用jlinkARM.dll方式
2014阿里巴巴web前实习生项目分析(1)
Puppeteer连接已有Chrome浏览器