OPENSSL RSA 加解密 长字符串,用处,只有用到的人才会明白。
OPENSSL RSA 加解密,如果超过 密钥长度/8 ,肯定会失败,加密又不同,如果超 密钥长度/8 -11 同样会出问题;
遇到才会知道,并不是可能加密很长字符串,当然说了上面的,大家也就明白怎么做了
样例:
一、私钥加密
RSA* utils_openssl::createRSA(unsigned char* key, int flag)
{
RSA *rsa= NULL;
BIO *keybio=NULL;
keybio = BIO_new_mem_buf(key, -1);
if (keybio==NULL) {
LOGD( "Failed to create key BIO");
return 0;
}
if(flag)
rsa = PEM_read_bio_RSAPublicKey(keybio, NULL, NULL, NULL);
else
rsa = PEM_read_bio_RSAPrivateKey(keybio, &rsa, NULL, NULL);
BIO_free_all(keybio);
if(rsa == NULL)
LOGD( "Failed to create RSA");
return rsa;
}
static unsigned char*outTmp = (unsigned char *)malloc(RSA_KEY_LENGTH / 8 - 11);
int utils_openssl::private_encrypt_lengthStr(string privateKay, string strData, int * outlen, unsigned char** outEcrypted)
{
int result = -1;
RSA * pRSAPrivateKey = createRSA((unsigned char*)privateKay.c_str(), 0);
//padding is the padding mode that was used to sign the data.
int blockSize = RSA_size(pRSAPrivateKey) - 11;
int data_len = strData.length();
unsigned char* inputData = (unsigned char*)strData.c_str();
unsigned char*out = outTmp;// (unsigned char *)malloc(blockSize);
unsigned char*enc_tmp = (unsigned char *)malloc(blockSize);
int dataLen = data_len;
for (int i = 0; i <= dataLen / blockSize; i++) {
int pos = i * blockSize;
if (pos == dataLen) {
break;
}
int length = blockSize;
if (pos + blockSize > dataLen) {
length = dataLen - pos;
}
memset((void *)out, 0, blockSize);
memset((void *)enc_tmp, 0, blockSize);
memcpy(enc_tmp, inputData + pos, length);
result = RSA_private_encrypt(length, enc_tmp, out, pRSAPrivateKey, THIS_RSA_PADDING);
if (result>0 && nullptr != out)
{
memcpy((*outEcrypted) + i*result, out, result);
(*outlen) += result;
}
else
{
LOGD("RSA_public_decrypt failed/n");
int errorcode = ERR_get_error();
//加载错误信息
// int loaderr = ERR_load_ERR_strings();
ERR_load_crypto_strings();
// 获取错误号
unsigned long ulErr = ERR_get_error();
char szErrMsg[1024] = { 0 };
char *pTmp = NULL;
// 格式:error:errId:库:函数:原因
pTmp = ERR_error_string(ulErr, szErrMsg);
LOGE("rsa error string:%s/n", pTmp);
//ERR_error_string_n();
break;
}
}
RSA_free(pRSAPrivateKey);
// free(out);
free(enc_tmp);
return result;
}
二、公钥解密:
//公钥解密
string utils_openssl::public_decrypt(unsigned char* enc_data, int data_len, unsigned char* key )
{
RSA * rsa = createRSA(key, 1);
int decryptLen = RSA_size(rsa);
unsigned char*out = (unsigned char *)malloc(decryptLen);
unsigned char*enc_tmp = (unsigned char *)malloc(decryptLen);
if(NULL == out)
{
LOGD("pubkey_decrypt:malloc error!");
return "";
}
string deContent="";
int dataLen = data_len;
for (int i = 0; i <= dataLen / decryptLen; i++) {
int pos = i * decryptLen;
if (pos == dataLen) {
break;
}
int length = decryptLen;
if (pos + decryptLen > dataLen) {
length = dataLen - pos;
}
memset((void *)out, 0, decryptLen);
memset((void *)enc_tmp, 0, decryptLen);
memcpy(enc_tmp, enc_data+pos, length);
int result = RSA_public_decrypt(length, enc_tmp, out, rsa, THIS_RSA_PADDING);
if(result>0)
{
deContent+=(char*)out;
} else
{
LOGD("RSA_public_decrypt failed/n");
int errorcode = ERR_get_error();
//加载错误信息
// int loaderr = ERR_load_ERR_strings();
ERR_load_crypto_strings();
// 获取错误号
unsigned long ulErr = ERR_get_error();
char szErrMsg[1024] = {0};
char *pTmp = NULL;
// 格式:error:errId:库:函数:原因
pTmp = ERR_error_string(ulErr,szErrMsg);
LOGE("rsa error string:%s/n",pTmp);
//ERR_error_string_n();
deContent = "";
break;
}
}
RSA_free(rsa);
CRYPTO_cleanup_all_ex_data();
free(out);
free(enc_tmp);
return deContent;
}