OpenSSL RSA加密和解密

老狼主

于 2021-06-28 10:29:38 发布

阅读量2.9k

点赞数 2

分类专栏：工作随笔篇 VC++（日积月累篇）文章标签： OpenSSL RSA

本文链接：https://blog.csdn.net/u012156872/article/details/118294274

版权

VC++（日积月累篇）同时被 2 个专栏收录

137 篇文章 19 订阅

订阅专栏

工作随笔篇

135 篇文章 14 订阅

订阅专栏

rsa加密的密钥格式常见的有两种：
一种是PKCS#1,密钥头为

-----BEGIN RSA PUBLIC KEY-----

一种是PKCS#8，密钥头为

-----BEGIN PUBLIC KEY-----

以字符串公钥为例，对PKCS#1格式的密钥加载使用的函数是PEM_read_bio_RSAPublicKey()，而对PKCS#8格式公钥的加载使用的是函数PEM_read_bio_RSA_PUBKEY()。

1、生成密钥对

#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <stdio.h>
#include <iostream>
using namespace std;

#ifndef _WIN64
#pragma comment(lib, "libcrypto.lib")
#else
#pragma comment(lib, "libcrypto-x64.lib")
#endif // WIN32

#define KEY_LENGTH  1024             // 密钥长度  
#define PUB_KEY_FILE "pubkey.pem"    // 公钥路径  
#define PRI_KEY_FILE "prikey.pem"    // 私钥路径  

// 随机生成密钥字符串
BOOL generateRSAKey()
{
	// 公私密钥对    
	size_t pri_len;
	size_t pub_len;
	char *ucPriKey = NULL;
	char *ucPubKey = NULL;

	// 生成密钥对    
	RSA *keypair = RSA_generate_key(KEY_LENGTH, RSA_F4, NULL, NULL);

	BIO *pri = BIO_new(BIO_s_mem());
	BIO *pub = BIO_new(BIO_s_mem());

	PEM_write_bio_RSAPrivateKey(pri, keypair, NULL, NULL, 0, NULL, NULL);
	PEM_write_bio_RSAPublicKey(pub, keypair);

	// 获取长度    
	pri_len = BIO_pending(pri);
	pub_len = BIO_pending(pub);

	// 密钥对读取到字符串
	ucPriKey = (char *)malloc(pri_len + 1);
	ucPubKey = (char *)malloc(pub_len + 1);

	BIO_read(pri, ucPriKey, pri_len);
	BIO_read(pub, ucPubKey, pub_len);

	ucPriKey[pri_len] = '\0';
	ucPubKey[pub_len] = '\0';

	// 存储密钥对    
	FILE *pubFile = fopen(PUB_KEY_FILE, "w");
	if (pubFile == NULL)
		return FALSE;

	fputs(ucPubKey, pubFile);
	fclose(pubFile);

	FILE *priFile = fopen(PRI_KEY_FILE, "w");
	if (priFile == NULL)
		return FALSE;

	fputs(ucPriKey , priFile);
	fclose(priFile);

	// 内存释放  
	RSA_free(keypair);
	BIO_free_all(pub);
	BIO_free_all(pri);

	free(ucPriKey);
	free(ucPubKey);
	return TRUE;
}

// 根据密钥字符串生成密钥对
RSA * createRSA(unsigned char * ucKey, bool IsPubkey)
{
	RSA *rsa = NULL;
	BIO *keybio;

	keybio = BIO_new_mem_buf(ucKey, -1);
	if (keybio == NULL)
	{
		printf("Failed to create key BIO");
		return 0;
	}

	if (IsPubkey)
	{
		rsa = PEM_read_bio_RSAPublicKey(keybio, &rsa, NULL, NULL);
	}
	else
	{
		rsa = PEM_read_bio_RSAPrivateKey(keybio, &rsa, NULL, NULL);
	}
	
	if (rsa == NULL)
	{
		printf("Failed to create RSA");
	}

	return rsa;
}

2、公钥加密 -> 私钥解密

int public_encrypt(unsigned char * ucKey, int nKeyLen, unsigned char * ucPubKey, unsigned char *outData)
{
	RSA * rsa = createRSA(ucPubKey, 1);
	int  result = RSA_public_encrypt(nKeyLen, ucKey, outData, rsa, RSA_PKCS1_PADDING);
	if (rsa != NULL)
	{
		RSA_free(rsa);
		rsa = NULL;
	}

	return result;
}

int private_decrypt(unsigned char * ucKey, int nKeyLen, unsigned char * ucPriKey, unsigned char *outData)
{
	RSA * rsa = createRSA(ucPriKey, 0);
	int  result = RSA_private_decrypt(nKeyLen, ucKey, outData, rsa, RSA_PKCS1_PADDING);
	if (rsa != NULL)
	{
		RSA_free(rsa);
		rsa = NULL;
	}

	return result;
}

3、私钥加密 -> 公钥解密

int private_encrypt(unsigned char * ucKey, int nKeyLen, unsigned char * ucPriKey, unsigned char *outData)
{
	RSA * rsa = createRSA(ucPriKey, 0);
	int result = RSA_private_encrypt(nKeyLen, ucKey, outData, rsa, RSA_PKCS1_PADDING);
	if (rsa != NULL)
	{
		RSA_free(rsa);
		rsa = NULL;
	}

	return result;
}

int public_decrypt(unsigned char * ucKey, int ulKeyLen, unsigned char * ucPubKey, unsigned char *outData)
{
	RSA * rsa = createRSA(ucPubKey, 1);
	int  result = RSA_public_decrypt(ulKeyLen, ucKey, outData, rsa, RSA_PKCS1_PADDING);
	if (rsa != NULL)
	{
		RSA_free(rsa);
		rsa = NULL;
	}

	return result;
}