openssl 根据RSA key n 和 e 生成标准 pem 格式证书及加密

shadexin

于 2024-08-30 16:48:56 发布

阅读量224

点赞数 1

文章标签： ssl

本文链接：https://blog.csdn.net/shadexin/article/details/141721663

版权

rsa中key n和key e能生成公钥

研究了一下openssl用n和e进行加密及生成证书

#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/pem.h>

char pubkey_n[128]={  //1024 bit RSA 公钥 模数
0xB6,0x77,0x23,0xE5,0xFD,0xC4,0xAE,0xE3,0xBF,0x75,0x1B,0x49,0x7F,0x7B,0x16,0xD8,0xF2,0xF4,0xF8,0x40,0xBA,0xDF,0x2F,0x53,0x59,0xC6,0x07,0x52,0x44,0x71,0x17,0xE2,0x6F,0xC0,0x3C,0xBC,0x2C,0x4A,0x39,0x8B,0x1A,0x6F,0x9C,0x1B,0xE9,0x0E,0x86,0x00,
0x49,0x2B,0xC3,0x01,0xD0,0x2F,0xBD,0x79,0xE2,0xDE,0xD9,0xF2,0x81,0xB3,0xA7,0xFA,0x81,0x7E,0x58,0xC7,0xFC,0xF9,0x5D,0xA7,0x3A,0x48,0xD2,0xE2,0x42,0x9C,0x74,0x75,0xEF,0xB4,0x1D,0xEF,0x2E,0xE8,0x48,0x2C,0x06,0xB2,0xCA,0xF9,0xC7,0x1B,0x5B,0x38,
0xEE,0xDA,0x25,0x34,0x2B,0x59,0x5D,0x7C,0xBF,0x12,0xCB,0xE9,0xBA,0xE1,0xFD,0xD5,0x2B,0x37,0x60,0xFB,0x4D,0xCC,0x08,0x85,0x49,0xEF,0xCE,0x77,0xF2,0xC0,0xC5,0xB3
};
char pubkey_e[4]={ //1024 bit RSA 公钥 指数
0x00,0x01,0x00,0x01 
};


//------------------------------------------------------------------------------
// Funtion: RSA 公钥数组生成openssl 标准 pem 格式证书及加密
// Input  : 输入公钥 N和E，和N，E的长度（字节），生成pem证书路径和证书名字path
// Output :
// Return :
// Info   :
//------------------------------------------------------------------------------
int RSA_PubKey_Creat(const unsigned char* dn,int dn_len,const unsigned char* de,int de_len,char* path)
{
	BIGNUM* n = BN_bin2bn(dn, dn_len, NULL);
	BIGNUM* e = BN_bin2bn(de, de_len, NULL);

    RSA* rsa = RSA_new();
    int ret =0;

    //The n, e and d parameter values can be set by calling RSA_set0_key() and passing the new values for n, e and d 
    //as parameters to the function. The values n and e must be non-NULL the first time this function is called on a 
    //given RSA object. The value d may be NULL. On subsequent calls any of these values may be NULL which means 
    //the corresponding RSA field is left untouched. Calling this function transfers the memory management of the values to
    // the RSA object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.
	ret = RSA_set0_key(rsa, n, e, NULL);

    int len = RSA_size(rsa);
    printf("len:%d\n", len);

    char out[128];
    
    //要加密的值长度如果超过RSA_size需要多次循环加密，这里只做演示
    ret = RSA_public_encrypt(strlen("Admin_1234"), "Admin_1234", out, rsa, RSA_PKCS1_PADDING);
    //printf("%d %s\n", ret, out);

    char base[256];
    //rsa加密结果进行base64加密
    binToBase64_C(out, base, ret);
    printf("%s\n", base);
    
    //生成证书
	if(ret == 0)
	{
		 printf("RSA Set Key Error !\r\n");
		 ret = -1;
	}
	else
	{
		FILE* file = fopen(path, "w");
		PEM_write_RSA_PUBKEY(file, rsa);
		fflush(file);
		fclose(file);
		ret = 1;
	}

	RSA_free(rsa);

    //调用了RSA_set0_key后就不能再调用BN_free，参见上面注释
	//BN_free(e);
	//BN_free(n);
 
	return ret;
}

如果提供的key n是字符串形式的话则通过BN_hex2bn函数转换

char *kn = "EFF9D6F0EBD79816956ED2AFD827654E0E0FAE5D20771AF0AF4A2ADBDCFA9C8AADF81E0A7A56276BD36113A2D15A959420D0BFC6A626F20C9B0BEA7F149559059B9FD173CCB77BB92D2652958ACABC0EAA1219A63025AB1AF71C9A15CBA2CF22CA207865D15B91DF99355F4869A5FEADBAAE197938E16549BE6D17099C6C5185";

    BIGNUM *nn = NULL;
    int rr = BN_hex2bn(&nn, kn);
    
    
    char *p = BN_bn2hex(nn);
    printf("%d  %s\n",rr,  p);
    OPENSSL_free(p);