1.å¦ä½å©ç¨OpenSSLåºè¿è¡RSAå å¯å解å¯
å¦ä½å©ç¨OpenSSLåºè¿è¡RSAå å¯å解å¯
#include<stdio.h>
#include<stdlib.h>
#include<string.h>
#include<openssl/rsa.h>
#include<openssl/engine.h>
int main(int argc,窗体图标源码 char* argv[])
{
printf("openssl_test begin\n");
RSA* rsa=NULL;
char originstr[]="hello\n"; //è¿æ¯æ们éè¦å å¯çåå§æ°æ®
//allocate RSA structureï¼é¦å éè¦ç³è¯·ä¸ä¸ªRSAç»æé¢ç¨äºåæ¾çæçå ¬ç§é¥ï¼è¿érsaå°±æ¯è¿ä¸ªç»æä½çæé
rsa = RSA_new();
if(rsa==NULL)
{
printf("RSA_new failed\n");
return -1;
}
//generate RSA keys
BIGNUM* exponent;
exponent = BN_new(); //çæRSAå ¬ç§é¥ä¹åéè¦éæ©ä¸ä¸ªå¥æ°ï¼odd numberï¼æ¥ç¨äºçæå ¬ç§é¥
if(exponent ==NULL)
{
printf("BN_new failed\n");
goto FAIL1;
}
if(0==BN_set_word(exponent,)) //è¿ééæ©å¥æ°
{
printf("BN_set_word failed\n");
goto FAIL1;
}
//è¿émodulusçé¿åº¦éæ©ï¼å°äºçmodulusé¿åº¦é½æ¯ä¸å®å ¨çï¼å®¹æè¢«ç ´è§£
if(0==RSA_generate_key_ex(rsa,,exponent,NULL))
{
printf("RSA_generate_key_ex failed\n");
goto FAIL;
}
char* cipherstr = NULL;
//åé ä¸æ®µç©ºé´ç¨äºåå¨å å¯åçæ°æ®ï¼è¿ä¸ªç©ºé´ç大å°ç±RSA_sizeå½æ°æ ¹æ®rsaç®åº
cipherstr = malloc(RSA_size(rsa));
if(cipherstr==NULL)
{
printf("malloc cipherstr buf failed\n");
goto FAIL1;
}
//ä¸é¢æ¯å®é çå å¯è¿ç¨ï¼æåä¸ä¸ªåæ°padding typeï¼æ以ä¸å ç§ã
/
*RSA_PKCS1_PADDINGPKCS #1 v1.5 padding. This currently is the most widely used mode.
RSA_PKCS1_OAEP_PADDING
EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty encoding parameter. This mode is recommended for all new applications.
RSA_SSLV_PADDING
PKCS #1 v1.5 padding with an SSL-specific modification that denotes that the server is SSL3 capable.
RSA_NO_PADDING
Raw RSA encryption. This mode should only be used to implement cryptographically sound padding modes in the application code. Encrypting user data directly with RSA is insecure.
*/
//è¿éé¦å ç¨å ¬é¥è¿è¡å å¯ï¼éæ©äºRSA_PKCS1_PADDING
if(RSA_size(rsa)!=RSA_public_encrypt(strlen(originstr)+1,originstr,cipherstr,rsa,RSA_PKCS1_PADDING))
{
printf("encryption failure\n");
goto FAIL2;
}
printf("the original string is %s\n",originstr);
printf("the encrypted string is %s\n",cipherstr);
//Now, let's decrypt the string with private key
//ä¸é¢æ¥ç¨ç§é¥è§£å¯ï¼é¦å éè¦ä¸ä¸ªbufferç¨äºåå¨è§£å¯åçæ°æ®ï¼è¿ä¸ªbufferçé¿åº¦è¦è¶³å¤ï¼å°äºRSA_size(rsa)ï¼
//è¿éåé ä¸ä¸ªé¿åº¦ä¸ºçå符æ°ç»ï¼åºè¯¥æ¯å¤ç¨çã
char decrypted_str[];
int decrypted_len;
if(-1=(decrypted_len=RSA_private_decrypt(,cipherstr,decrypted_str,rsa,RSA_PKCS1_PADDING)))
{
printf("decryption failure\n");
goto FAIL2;
}
printf("decrypted string length is %d,decryped_str is %s\n",decrypted_len,decrypted_str);
FAIL2:
free(cipherstr);
FAIL1:
BN_free(exponent);
FAIL:
RSA_free(rsa);
return 0;
}
以ä¸æ¯æºä»£ç ï¼ä¸é¢ä½¿ç¨ä¸é¢çç¼è¯å½ä»¤å¨æºç æå¨è·¯å¾ä¸çæå¯æ§è¡æ件
gcc *.c -o openssl_test -lcrypto -ldl -L/usr/local/ssl/lib -I/usr/local/ssl/include
å ¶ä¸ï¼-lcryptoå-ldlæ¯å¿ é¡»çï¼åè æ¯OpenSSLä¸çå å¯ç®æ³åºï¼åè æ¯ç¨äºæåå è½½å¨æåºã