使用openssl API编写client和server

最新推荐文章于 2023-09-04 23:40:33 发布
最新推荐文章于 2023-09-04 23:40:33 发布
阅读量4.2k 收藏 12
点赞数
分类专栏: openssl 文章标签: openssl BIO client server 安全
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/gx_1983/article/details/47958323
版权
使用openssl api编写的client程序和server程序,其中第一个client采用了BIO的方式,第二个client采用了ssl接口,第一个server程序基本没有使用BIO方式,第二个server程序绝大部分使用了BIO的方式。(server和client程序只是为了展示openssl api的使用,没有涉及到多进程及多线程,没有考虑程序的性能问题。对于openssl api的学习了解是一个任重而道远的过程,需要慢慢积累,积少成多,看完文档要多去实践。)

程序清单:

    makefile

    client.c

    server.c  (两个server不能同时编译)

 

makefile代码如下:

#gcc -o client client.c -I/openssl_gx/include -L/openssl_gx/lib -lssl -lcrypto -ldl
#gcc -o server serv.c -I/openssl_gx/include -L/openssl_gx/lib -lssl -lcrypto -ldl

CC = gcc
INCLUDE = -I/openssl_gx/include
LIBPATH = -L/openssl_gx/lib
LIB = -lssl -lcrypto -ldl

client:
	$(CC) -o client client.c $(INCLUDE) $(LIBPATH) $(LIB)
	
server:
	$(CC) -o server server.c $(INCLUDE) $(LIBPATH) $(LIB)

all: client server
	
clean:
	rm -f client
	rm -f server

 

client.c代码如下:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/ssl.h>
#include <openssl/bio.h>
#include <openssl/err.h>

int main() {
	int iResult = 0;
	BIO * bio = NULL;
	SSL * ssl = NULL;
	SSL_CTX * ctx = NULL;
	X509 * pX509 = NULL;
	const SSL_METHOD * sslMethod = NULL;

	char commonName[512] = { 0 };
	X509_NAME * pX509_NAME = NULL;
	char szClientMsg[] = "I am guoxu.\n";

	unsigned int uiRecBytes = 0;

	unsigned char baRecBuffer[1024];
	unsigned char * pbRecFinish = NULL;
	unsigned char * pbRecBak = NULL;
	unsigned int uiRecBakLen = 0;

	char * pMsgline = NULL;

	SSL_library_init();
	ERR_load_BIO_strings();
	SSL_load_error_strings();
	OpenSSL_add_all_algorithms();

	do {
		sslMethod = TLSv1_client_method(); /* Load ssl method. */
		if(NULL == sslMethod) {
			printf("TLSv1_client_method err: %s\n",ERR_error_string(ERR_get_error(),NULL));
			iResult = -1;
			break;
		}

		ctx = SSL_CTX_new(sslMethod); /* Create a new ssl context. */
		if( NULL == ctx) {
			printf("SSL_CTX_new err: %s\n",ERR_error_string(ERR_get_error(),NULL));
			iResult = -2;
			break;
		}

		if(0 == SSL_CTX_load_verify_locations(ctx,"/openssl_gx/cers/ca.crt",NULL)) { /* Load CA certification. */
			printf("SSL_CTX_load_verify_locations err:%s\n",
				ERR_error_string(ERR_get_error(),
				NULL));
			iResult = -3;
			break;
		}
	
		if(0 == SSL_CTX_use_certificate_file(ctx, "/openssl_gx/cers/client.crt", /* Load client certification file. */
						SSL_FILETYPE_PEM)) {
			printf("SSL_CTX_use_certificate_file err: %s\n",
				ERR_error_string(ERR_get_error(),NULL));
			iResult = -4;
			break;
		}

		if(0 == SSL_CTX_use_PrivateKey_file(ctx,"/openssl_gx/cers/client.key", /* Load client private key. */
						SSL_FILETYPE_PEM)) {
			iResult = -5;
			break;
		}

		if(0 == SSL_CTX_check_private_key(ctx)) { /* Check whether the private key match with the certification file. */
			printf("SSL_CTX_check_private_key err: %s\n",
				ERR_error_string(ERR_get_error(), NULL));
			iResult = -6;
			break;
		}
		
		bio = BIO_new_ssl_connect(ctx);
		if(NULL == bio) {
			printf("BIO_new_ssl_connect err: %s\n",
				ERR_error_string(ERR_get_error(), NULL));
			iResult = -7;
			break;
		}

		BIO_get_ssl(bio, &ssl);
		SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
		BIO_set_conn_hostname(bio, "127.0.0.1:443");
		
		if(0 >= BIO_do_connect(bio)){ /* Create a socket connection and then ssl handshake.*/
			printf("BIO_do_connect err: %s\n",
				ERR_error_string(ERR_get_error(), NULL));
			iResult = -8;
			break;
		}

		if(X509_V_OK != SSL_get_verify_result(ssl)) {  /* Check whether the ssl connection is created successfully. */
			printf("SSL_get_verify_result err: %s\n",
				ERR_error_string(ERR_get_error(), NULL));
			iResult = -9;
			break;
		}	

		pX509 = SSL_get_peer_certificate(ssl); /* Get the server certification. */
		if(NULL == pX509) {
			printf("SSL_get_peer_certificate err: %s\n",
				ERR_error_string(ERR_get_error(), NULL));
			iResult = -10;
			break;
		}

		pX509_NAME = X509_get_subject_name(pX509);
		if(NULL == pX509_NAME) {
			printf("X509_get_subject_name err: %s\n",
				ERR_error_string(ERR_get_error(), NULL));
			iResult = -10;
			break;
		}

		X509_NAME_get_text_by_NID(pX509_NAME, NID_commonName,commonName,512);
		if(0 != strcasecmp(commonName,"guoxu")) {
			printf("Certificate`s name guoxu != %s\n",commonName);
			iResult = -11;
			break;
		}

		if(0 >= BIO_write(bio,szClientMsg, strlen(szClientMsg))) { /* Send message to the server. */
			printf("Send a string to server failed.\n");
			iResult = -12;
			break;
		}

		
	} while(0);


	/* Close the ssl connection and clear the context. */	
	if(NULL != bio) {
		BIO_free_all(bio);
	}

	if(NULL != ctx) {
		SSL_CTX_free(ctx);
	}

	return iResult;
}

 

使用ssl接口的client程序:

#include <stdio.h>
#include <stdlib.h>
#include <memory.h>
#include <string.h>
#include <sys/socket.h>
#include <netinet/in.h>

#include <openssl/rsa.h>
#include <openssl/crypto.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

#define MAXDATASIZE 1024
#define SERVERIP "127.0.0.1"
#define SERVERPORT 443

/* Make these what you want for cert & key files */
#define CERTF "/openssl_gx/cers/client.crt"
#define KEYF "/openssl_gx/cers/client.key"

#define CHK_NULL(x) if ((x)==NULL) exit (1)
#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }

int main(void) {

	char buf[MAXDATASIZE];
	int sockfd, numbytes;
	struct sockaddr_in server_addr;
	const SSL_METHOD *meth;
	int err;
	SSL_CTX* ctx;
	SSL*     ssl;

	if((sockfd = socket(AF_INET, SOCK_STREAM,0)) == -1) {
		perror("Socket error.\n");
		return 1;
	}	
	memset(&server_addr, 0, sizeof(struct sockaddr));
	server_addr.sin_family = AF_INET;
	server_addr.sin_port = htons(SERVERPORT);
	server_addr.sin_addr.s_addr = inet_addr(SERVERIP);
	
	if(connect(sockfd,(struct sockaddr *)&server_addr,sizeof(struct sockaddr)) == -1) {
		perror("connect error.\n");
		return 1;
	}
	printf("Connected %d\n", sockfd);

	SSL_library_init();
	SSL_load_error_strings();
	SSLeay_add_ssl_algorithms();
  	meth = TLSv1_client_method(); /* Add ssl method. */
        if(NULL == meth) {
             printf("TLSv1_client_method err: %s\n",ERR_error_string(ERR_get_error(),NULL));
             exit(-1);
        }

	ctx = SSL_CTX_new (meth);  /* Create a new ssl context. */
  	if (!ctx) {
    		ERR_print_errors_fp(stderr);
    		exit(2);
  	}

	printf("111\n");
  	if(0 == SSL_CTX_load_verify_locations(ctx,"/openssl_gx/cers/ca.crt",NULL))  { /* Load CA certification file. */
        	ERR_print_errors_fp(stderr);
        	exit(15);
  	}
	printf("222\n");
  	if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) { /* Load server certification file. */
    		ERR_print_errors_fp(stderr);
    		exit(3);
  	}
	printf("333\n");
  	if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) { /* Load server private key file. */
    		ERR_print_errors_fp(stderr);
    		exit(4);
  	}
	printf("444\n");
  	if (!SSL_CTX_check_private_key(ctx)) { /* Check whether the private key match with the certification file. */
    		fprintf(stderr,"Private key does not match the certificate public key\n");
    		exit(5);
  	}
	printf("555\n");
	 /* TCP connection is ready. Do server side SSL. */
	ssl = SSL_new (ctx);
  	CHK_NULL(ssl);
  	SSL_set_fd (ssl, sockfd);
	
	err = SSL_connect (ssl);
	CHK_SSL(err);
	printf("SSL connect OK.\n");

	err = SSL_write(ssl,"I am guoxu.\n",strlen("I am guoxu.\n"));
	CHK_SSL(err);
	SSL_free(ssl);
	close(sockfd);
	SSL_CTX_free(ctx);
	
	return 0;
}


 


没有全部使用BIO的server.c代码如下:

 

#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <memory.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>

#include <openssl/rsa.h>       /* SSLeay stuff */
#include <openssl/crypto.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

/* Make these what you want for cert & key files */
#define CERTF "/openssl_gx/cers/server.crt"
#define KEYF "/openssl_gx/cers/server.key"


#define CHK_NULL(x) if ((x)==NULL) exit (1)
#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }

static int s_server_verify = SSL_VERIFY_NONE;

int verify_callback_server(int ok, X509_STORE_CTX * ctx) {
        printf("verify_callback_server.\n");
        return ok;
}

void main ()
{
  int err;
  int listen_sd;
  int sd;
  struct sockaddr_in sa_serv;
  struct sockaddr_in sa_cli;
  size_t client_len;
  SSL_CTX* ctx;
  SSL*     ssl;
  X509*    client_cert;
  char*    str;
  char     buf [4096];
  const SSL_METHOD *meth;

  SSL_load_error_strings();
  SSLeay_add_ssl_algorithms();
  meth = TLSv1_server_method(); /* Add ssl method. */
  ctx = SSL_CTX_new (meth);  /* Create a new ssl context. */
  if (!ctx) {
    ERR_print_errors_fp(stderr);
    exit(2);
  }
 
  if(0 == SSL_CTX_load_verify_locations(ctx,"/openssl_gx/cers/ca.crt",NULL))  { /* Load CA certification file. */
	ERR_print_errors_fp(stderr);
	exit(15);	
  }
  if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) { /* Load server certification file. */
    ERR_print_errors_fp(stderr);
    exit(3);
  }
  if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) { /* Load server private key file. */
    ERR_print_errors_fp(stderr);
    exit(4);
  }

  if (!SSL_CTX_check_private_key(ctx)) { /* Check whether the private key match with the certification file. */
    fprintf(stderr,"Private key does not match the certificate public key\n");
    exit(5);
  }

  /* Indicate that the server need verify the client certification file. */
  s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_CLIENT_ONCE; 
  SSL_CTX_set_verify(ctx,s_server_verify,verify_callback_server);
  
  /* Prepare TCP socket for receiving connections */
  listen_sd = socket (AF_INET, SOCK_STREAM, 0);
  CHK_ERR(listen_sd, "socket");
  
  memset (&sa_serv, '\0', sizeof(sa_serv));
  sa_serv.sin_family      = AF_INET;
  sa_serv.sin_addr.s_addr = INADDR_ANY;
  sa_serv.sin_port        = htons (443);          /* Server Port number */
  												  /* Server listening port should set to 443, if not the wireshark can not show the
												     ssl communication. */
  
  err = bind(listen_sd, (struct sockaddr*) &sa_serv, sizeof (sa_serv));
  CHK_ERR(err, "bind");
	     
  /* Receive a TCP connection. */
  err = listen (listen_sd, 5); 
  CHK_ERR(err, "listen");
  
  client_len = sizeof(sa_cli);
  sd = accept (listen_sd, (struct sockaddr*) &sa_cli, &client_len);
  CHK_ERR(sd, "accept");
  close (listen_sd);

  printf ("Connection from %lx, port %x\n",
	  sa_cli.sin_addr.s_addr, sa_cli.sin_port);
  
  /* TCP connection is ready. Do server side SSL. */
  ssl = SSL_new (ctx);
  CHK_NULL(ssl);
  SSL_set_fd (ssl, sd);
  err = SSL_accept (ssl);
  CHK_SSL(err);
  
  /* Get the cipher - opt */
  printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
  
  /* Get client's certificate (note: beware of dynamic allocation) - opt */
  client_cert = SSL_get_peer_certificate (ssl);
  if (client_cert != NULL) {
    printf ("Client certificate:\n");
    
    str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0);
    CHK_NULL(str);
    printf ("\t subject: %s\n", str);
    OPENSSL_free (str);
    
    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert), 0, 0);
    CHK_NULL(str);
    printf ("\t issuer: %s\n", str);
    OPENSSL_free (str);
    
    /* We could do all sorts of certificate verification stuff here before
       deallocating the certificate. */
    
    X509_free (client_cert);
  } else {
    printf ("Client does not have certificate.\n");
  }
  
  /* DATA EXCHANGE - Receive message and send reply. */

  err = SSL_read (ssl, buf, sizeof(buf) - 1);                   CHK_SSL(err);
  buf[err] = '\0';
  printf ("Got %d chars:'%s'\n", err, buf);
  
  //err = SSL_write (ssl, "I hear you.", strlen("I hear you."));  CHK_SSL(err);

  /* Clean up. */
  close (sd);
  SSL_free (ssl);
  SSL_CTX_free (ctx);
}


尽力使用BIO的server.c代码如下:

#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <memory.h>
#include <errno.h>

#include <openssl/bio.h>
#include <openssl/ssl.h>
#include <openssl/crypto.h>

#define ERR_OK	0
#define ERR_HAPPENED 1

#define TRACE_ENABLED 1
#define TRACE0(x) printf(x)

SSL_CTX *ctx;
BIO * sbio, * bbio, * acpt, * out;
SSL * ssl;

int main ()
{

	char tmpbuf[1024];
	ERR_load_crypto_strings();  //registers the error strings for all libcrypto functions. 
	ERR_load_SSL_strings(); 	//registers the error strings for libssl functions. 
	OpenSSL_add_ssl_algorithms(); //same as SSLeay_add_ssl_algorithms();
	
	ctx = SSL_CTX_new(TLSv1_server_method()); //Create a ssl context.
	if(ctx == NULL) {  //Must check NULL here.
		ERR_print_errors_fp(stderr);
		return ERR_HAPPENED;
	}
	
	if(!SSL_CTX_use_certificate_file(ctx,"/openssl_gx/cers/server.crt",SSL_FILETYPE_PEM)) {
		//ERR_print_errors_fp(stderr);
		return ERR_HAPPENED;
	} else {
		TRACE0("====> Step 1 : Load server certificate file done.\n");
	}
	
	if(!SSL_CTX_use_PrivateKey_file(ctx,"/openssl_gx/cers/server.key",SSL_FILETYPE_PEM)) {
		ERR_print_errors_fp(stderr);
		return ERR_HAPPENED;
	} else {
		TRACE0("====> Step 2: Load server private key done.\n");
	}
	
	if(!SSL_CTX_check_private_key(ctx)) {
		ERR_print_errors_fp(stderr);
		return ERR_HAPPENED;
	} else {
		TRACE0("====> Step 3: Check server private key done.\n");
	}
	
	sbio = BIO_new_ssl(ctx,0); //0: Run as server; non-0: Run as client.
	BIO_get_ssl(sbio, &ssl); //Retrieves the SSL pointer of BIO sbio, it can then be manipulated using the standard SSL library functions.
	if(!ssl) {
		printf("SSL pointer is NULL.\n");
		return ERR_HAPPENED;
	}

	SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); //SSL_MODE_AUTO_RETRY will cause read/write operations to only return after the handshake and successful completion.
	bbio = BIO_new(BIO_f_buffer()); //BIO_f_buffer() returns the buffering BIO method.
									//The BIO_new() function returns a new BIO using method type.
	// Add to the chain.
	sbio = BIO_push(bbio,sbio); //Data writing to bbio will be dealed with sbio.
	acpt = BIO_new_accept("443"); //Create a new accept bio.
	
	/*BIO_set_accept_bios() can be used to set a chain of BIOs which will be duplicated and 
	  prepended to the chain when an incoming connection is received. 
	  This is useful if, for example, a buffering or SSL BIO is required for each connection. 
	  The chain of BIOs must not be freed after this call, 
	  they will be automatically freed when the accept BIO is freed.*/
	
	BIO_set_accept_bios(acpt,sbio); //append sbio to acpt.
	out = BIO_new_fp(stdout,BIO_NOCLOSE);

	/*BIO_do_accept() serves two functions. 
	  When it is first called, after the accept BIO has been setup, 
	  it will attempt to create the accept socket and bind an address to it. 
	  Second and subsequent calls to BIO_do_accept() will await an incoming connection, 
	  or request a retry in non blocking mode. */
	  
	/* The first BIO_do_accept() setup the accept BIO. */
	if(BIO_do_accept(acpt) <= 0) {
		ERR_print_errors_fp(stderr);
		return ERR_HAPPENED;
	}
	TRACE0("====>Step 4: Waiting for the incoming connection...\n");
	
	/* The second BIO_do_accept() wait for the incoming connection. */
	if(BIO_do_accept(acpt) <= 0) {
		ERR_print_errors_fp(stderr);
		return ERR_HAPPENED;
	}
	
	TRACE0("====>Step 5: An connection comes.\n");

	sbio = BIO_pop(acpt);
	BIO_free_all(acpt);

	if(BIO_do_handshake(sbio) <= 0) {
		ERR_print_errors_fp(stderr);
		return ERR_HAPPENED;
	}
	TRACE0("====>Step 6: Handshake done.\n");
	memset(tmpbuf,0,1024 * sizeof(char));
	
	BIO_read(sbio,tmpbuf,1024);
	printf("\t\tRead message from client is:%s\n",tmpbuf);
	BIO_free_all(sbio);
	return 0;
}


 

====完。
gx_1983
关注
  • 0
    点赞
  • 12
    收藏
    觉得还不错? 一键收藏
  • 5
    评论
专栏目录
openssl命令生成server 证书/私钥
12-02
介绍如何使用openssl命令自建CA,生成证书和私钥,命令简洁
Java后端对接微信支付(微信公众号、PC端扫码)
PengLes
09-17 3053
Java后端对接微信支付(微信公众号、PC端扫码、源码)
使用 Java 操作 Kubernetes API
热门推荐
琦彦
09-25 6万+
目录 本文目标 k8s-client-java选型 kubernetes-client/java和fabric8io/kubernetes-client对比 kubernetes-client/java的使用 REST API kubectl api-versions REST API实例: API Object 整体划分图 (红星符号代表常用资源) kubernet...
使用openssl编写服务端和客户端程序
huang714的专栏
03-10 1030
1.使用相同的ca生成两个证书,一个是server.cer,一个是client.cer,注意生成server.cer的时候必须指明证书可以用于服务端的。 服务器代码: #include"openssl/bio.h" #include"openssl/ssl.h" #include"openssl/err.h" #include<cutil....
openssl s_client
来说意义非凡3
03-05 2036
openssl s_client命令参数如下:usage: s_client args -host host - use -connect instead -port port - use -connect instead -connect host:port - who to connect to (default is localhost:4433) -verify_...
CMDB 项目学习 - API的用户校验(Client上传数据,Server进行数据处理)
LIN的博客
01-10 390
目录 一、Client端数据上传 - headers数据,用于用户验证 二、API的用户校验 三、校验检测 一、Client端数据上传 - headers数据,用于用户验证 加盐方式 md5加密方式 盐:hostname+时间戳,生成md5字符串 加密对象:配置文件内写死的字符串 '''DataAcquisition.py''' import hashlib import t...
OpenSSL API入门和踩坑大全
xmcy001122的专栏
05-24 4379
SSL学习笔记 OpenSSL库基础 根据 官方的例子,OpenSSL常用的结构体和函数如下: 初始化OpenSSL库 SSL_library_init():初始化SSL算法库函数 SSL_load_error_strings():载入所有SSL 错误消息 OpenSSL_add_all_algorithms(): 载入所有SSL 算法 加载和验证证书 通过SSL_CTX_new(SSL_METHOD *method)创建一个SSL_CTX *实例,用来保存证书的私钥。其中method通过TLS_
OpenSSL-s-client 和 s-server
09-04
基于s_client 和 s_server 的单向认证和双向认证的抓包数据
使用OpenSSLAPI进行安全编程.pdf
03-20
使用OpenSSLAPI进行安全编程.pdf使用OpenSSLAPI进行安全编程.pdf使用OpenSSLAPI进行安全编程.pdf使用OpenSSLAPI进行安全编程.pdf使用OpenSSLAPI进行安全编程.pdf
client&server.zip_client/server_openssl tcp server_tcp_服务端开发
07-14
服务器端和客户端,基于tcp的传输协议,使用openssl库进行开发,其中已经生成了证书和密钥文件(下载openssl库可生成)
OpenSSL库和头文件
05-12
已经编译好的OpenSSL库和头文件,编译工具是vs2019
OpenSSL_Client.zip
12-12
基于openSSL的TCP Client 详细展示了如何使用内存BIOs通过TCP套接字创建OpenSSL TLS连接,支持导入证书,满意给个好评
openssl 常用api的作用与使用
小x的博客
12-30 3879
服务端编写步骤 SSL_library_init SSL库的初始化 OpenSSL_add_all_algorithms 载入所有的SSL算法 SSL_load_error_strings() 载入所有SSL错误消息 SSL_CTX_new() 产生一个SSL CTX SSL_CTX_use_certificate_file 载入用户的数字证书 X509 *SSL_get_peer_certificate(const SSL *ssl);// 获取对方的数字证书 ...
openssl编程1 使用openssl api建立ssl通信的一般流程简介
whatday的专栏
01-07 1778
OpenSSL是一个开源的代码库,它所实现的所有SSL相关功能都可以在C、C++语言中直接使用
openssl——serverclient
嵌入式萌新_博客
08-13 6734
一. openssl中的s_server命令与s_client命令 1.1 s_server的man函数         NAME        s_server - SSL/TLS server program   SYNOPSIS        openssl s_server [-accept port] [-context id] [-verify depth] [-Ver...
OpenSSL——s_client 和 s_server
最新发布
鸿蕊瑞琳
09-04 1448
(一)生成证书的三种方式。
基于openssl工具完成自建CA以及为server,client颁发证书
tutu_hu的博客
06-03 2467
本文总结了openssl工具的常用命令,并基于openssl完成自建CA,并使用该自建CA给serverclient颁发证书,进一步完成基于https协议的serverclient的通信。
OpenSSL之s_client分析
u012023606的博客
09-09 5196
系列文章目录 本系列OpenSSL使用的代码版本为:1.0.2o 前言 本篇文章纯属个人学习的一点经验分享,若有不对之处烦请各位大神现身指点,希望能和大家一起共同进步 一、s_client是什么? s_clientopenssl命令行插件中的客户端部分,使用openssl命令进行ssl连接,命令如: openssl s_client -cert ./sm2_pki.cer -key ./priv.key -cipher ECC-SM4-SM3 -connect ip:port 二、s_cli
openssl自签名证书生成与单双向验证
gx_1983的专栏
08-23 1万+
什么加密,签名 下面这个博客解释的很好: https://www.cnblogs.com/f-ck-need-u/p/6089523.html 签名 在保证了数据的安全性后,还需要保证数据的完整性、一致性以及数据来源的可靠性。 对于数据的完整性和一致性,使用单向加密算法,通过hash函数计算出数据独一无二的校验码,这个校验码称为“信息摘要(Message Digest)”。 对于数据来源...
使用c语言和openssl编写rsa算法
06-06
下面是一个使用C语言和OpenSSL编写RSA算法的示例代码: ```c #include #include #include #include <openssl/rsa.h> #include <openssl/pem.h> int main(void) { RSA *rsa = NULL; BIO *bio = NULL; char ...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 5
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值