美文网首页
安全算法实验(三)

安全算法实验(三)

作者: 林木木_f297 | 来源:发表于2020-06-12 14:45 被阅读0次

编程实现实验二中的功能

目录

环境配置

  • 添加相关属性


    1
    2
  • 将OpenSSL安装目录下bin文件夹中的“libcrypto-1_1-x64.dll”和“libssl-1_1-x64.dll”\(名字后面的版本号可能因更新而不同)复制到新建的项目工程目录下。

实现过程

  • rsa的密钥生成与保存
rsa.h文件
#include<openssl/pem.h>
#include<openssl/ssl.h>
#include<openssl/rsa.h>
#include<openssl/evp.h>
#include<openssl/bio.h>
#include<openssl/err.h>
#include <string>
#include <stdio.h> 
#include<fstream>

#define KEY_LENGTH  1024               // 密钥长度  
#define PUB_KEY_FILE "pubkey.pem"    // 公钥路径  
#define PRI_KEY_FILE "prikey.pem"    // 私钥路径  
  
// 函数方法生成密钥对   
void generateRSAKey(std::string strKey[2])  
{  
    // 公私密钥对    
    size_t pri_len;  
    size_t pub_len;  
    char *pri_key = NULL;  
    char *pub_key = NULL;  
  
    // 生成密钥对    
    RSA *keypair = RSA_generate_key(KEY_LENGTH, RSA_F4, NULL, NULL);  
  
    BIO *pri = BIO_new(BIO_s_mem());
    BIO *pub = BIO_new(BIO_s_mem()); 
  
    PEM_write_bio_RSAPrivateKey(pri, keypair, NULL, NULL, 0, NULL, NULL);  
    PEM_write_bio_RSAPublicKey(pub, keypair);  
  
    // 获取长度    
    pri_len = BIO_pending(pri);  
    pub_len = BIO_pending(pub); 
  
    // 密钥对读取到字符串
    pri_key = (char *)malloc(pri_len + 1);  
    pub_key = (char *)malloc(pub_len + 1);  
  
    BIO_read(pri, pri_key, pri_len);  
    BIO_read(pub, pub_key, pub_len);  
  
    pri_key[pri_len] = '\0';  
    pub_key[pub_len] = '\0';  
  
    // 存储密钥对    
    strKey[0] = pub_key;  
    strKey[1] = pri_key;  
  
    // 存储到磁盘(这种方式存储的是begin rsa public key/ begin rsa private key开头的)  
    FILE *pubFile = fopen(PUB_KEY_FILE, "w");  
    if (pubFile == NULL)  
    {  
        //assert(false);  
        return;  
    }  
    fputs(pub_key, pubFile);  
    fclose(pubFile);  
  
    FILE *priFile = fopen(PRI_KEY_FILE, "w");  
    if (priFile == NULL)  
    {  
        //assert(false);  
        return;  
    }  
    fputs(pri_key, priFile);  
    fclose(priFile);  
  
    // 内存释放  
    RSA_free(keypair);  
    BIO_free_all(pub);  
    BIO_free_all(pri);  
  
    free(pri_key);  
    free(pub_key);  
}  

main函数
#include <iostream>
#include "rsa.h"
using namespace std;
int main()  {   
    string a[2];
    generateRSAKey(a);
    system("pause");
    return 0;  
}
  • 证书请求文件和证书的生成
#include <openssl/bio.h>
#include <openssl/x509.h>
#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <string>
#include <stdio.h> 
#include<fstream>

bool MakeCsrSSL(const  char * keyFilePath, const  char *email, const  char *name, const  char *country, const  char *saveCsrFilePath) {
    int             ret = 0;
    RSA             *r = NULL;
    BIGNUM          *bne = NULL;

    int             nVersion = 1;
    int             bits = 2048;
    unsigned long   e = RSA_F4;

    X509            *crt = NULL;
    X509_REQ        *x509_req = NULL;
    X509_NAME       *x509_name = NULL;
    EVP_PKEY        *pKey = NULL;
    RSA             *tem = NULL;
    BIO             *out = NULL, *keyFileBIO = NULL;
    FILE            *pubKeyFile = NULL;

    if (strlen(saveCsrFilePath) == 0) {
        fprintf(stderr, "MakeLocalCsrSSLApi save path is empty\n");
        return false;
    }

    //not exists public key file, create one immediately.
    if (strlen(keyFilePath) == 0) {
        // 1. generate rsa key
        bne = BN_new();
        ret = BN_set_word(bne, e);
        if (ret != 1) {
            fprintf(stderr, "MakeLocalCsrSSLApi BN_set_word err\n");
            goto free_all;
        }

        r = RSA_new();
        ret = RSA_generate_key_ex(r, bits, bne, NULL);
        if (ret != 1) {
            fprintf(stderr, "MakeLocalCsrSSLApi RSA_generate_key_ex err\n");
            goto free_all;
        }
    } else { //open it
        pubKeyFile = fopen(keyFilePath, "r");
        if (pubKeyFile == NULL) {
            fprintf(stderr, "MakeLocalCsrSSLApi opening file %s err\n", keyFilePath);
            goto free_all;
        }

        keyFileBIO = BIO_new_file(keyFilePath, "r");
        if (keyFileBIO == NULL) {
            fprintf(stderr, "MakeLocalCsrSSLApi BIO_new_file err %s\n", keyFilePath);
            goto free_all;
        }

        r = PEM_read_bio_RSAPrivateKey(keyFileBIO, NULL, NULL, NULL);
        if (r == NULL) {
            fprintf(stderr, "MakeLocalCsrSSLApi PEM_read_bio_RSAPrivateKey err\n");
            goto free_all;
        }

        /*
        //从csr文件中获取私钥
        BIO* bio = bio_open_default(csrFilePath, "r", 1);
        r = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
        if (r == NULL) {
            fprintf(stderr, "Error PEM_read_RSAPublicKey file %s\n", savePrivateKeyFilePath);
            return false;
        }*/
    }

    // 2. set version of x509 req
    x509_req = X509_REQ_new();
    ret = X509_REQ_set_version(x509_req, nVersion);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_REQ_set_version err\n");
        goto free_all;
    }

    // 3. set subject of x509 req
    x509_name = X509_REQ_get_subject_name(x509_req); //x509_req->req_info.subject;

    ret = X509_NAME_add_entry_by_txt(x509_name, "emailAddress", MBSTRING_ASC, (const unsigned char*)email, -1, -1, 0);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_NAME_add_entry_by_txt emailAddress err\n");
        goto free_all;
    }

    ret = X509_NAME_add_entry_by_txt(x509_name, "CN", MBSTRING_ASC, (const unsigned char*)name, -1, -1, 0);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_NAME_add_entry_by_txt CN err\n");
        goto free_all;
    }

    ret = X509_NAME_add_entry_by_txt(x509_name, "C", MBSTRING_ASC, (const unsigned char*)country, -1, -1, 0);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_NAME_add_entry_by_txt C err\n");
        goto free_all;
    }

    // 4. set public key of x509 req
    pKey = EVP_PKEY_new();
    EVP_PKEY_assign_RSA(pKey, r);
    r = NULL;   // will be free rsa when EVP_PKEY_free(pKey)

    ret = X509_REQ_set_pubkey(x509_req, pKey);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_REQ_set_pubkey err\n");
        goto free_all;
    }

    // 5. set sign key of x509 req
    ret = X509_REQ_sign(x509_req, pKey, EVP_sha1());    // return x509_req->signature->length
    if (ret <= 0) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_REQ_sign err\n");
        goto free_all;
    }

    out = BIO_new_file(saveCsrFilePath, "w");
    crt = X509_REQ_to_X509(x509_req, 1000, pKey);
    ret = PEM_write_bio_X509_REQ(out, x509_req);

    // 6. free
free_all:
    BIO_free_all(keyFileBIO);
    X509_REQ_free(x509_req);
    BIO_free_all(out);
    // r = NULL; 
    EVP_PKEY_free(pKey);
    BN_free(bne);
    if (pubKeyFile) fclose(pubKeyFile);

    return (ret == 1);
}

而crt的生成,只需要对csr文件调用一个简单的x509转换函数就可以得到,即函数X509_REQ_to_X509

#include <openssl/bio.h>
#include <openssl/x509.h>
#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <string>
#include <stdio.h> 
#include<fstream>

bool MakeCsrSSL(const  char * keyFilePath, const  char *email, const  char *name, const  char *country, const  char *saveCsrFilePath) {
    int             ret = 0;
    RSA             *r = NULL;
    BIGNUM          *bne = NULL;

    int             nVersion = 1;
    int             bits = 2048;
    unsigned long   e = RSA_F4;

    X509            *crt = NULL;
    X509_REQ        *x509_req = NULL;
    X509_NAME       *x509_name = NULL;
    EVP_PKEY        *pKey = NULL;
    RSA             *tem = NULL;
    BIO             *out = NULL, *keyFileBIO = NULL;
    FILE            *pubKeyFile = NULL;

    if (strlen(saveCsrFilePath) == 0) {
        fprintf(stderr, "MakeLocalCsrSSLApi save path is empty\n");
        return false;
    }

    //not exists public key file, create one immediately.
    if (strlen(keyFilePath) == 0) {
        // 1. generate rsa key
        bne = BN_new();
        ret = BN_set_word(bne, e);
        if (ret != 1) {
            fprintf(stderr, "MakeLocalCsrSSLApi BN_set_word err\n");
            goto free_all;
        }

        r = RSA_new();
        ret = RSA_generate_key_ex(r, bits, bne, NULL);
        if (ret != 1) {
            fprintf(stderr, "MakeLocalCsrSSLApi RSA_generate_key_ex err\n");
            goto free_all;
        }
    } else { //open it
        pubKeyFile = fopen(keyFilePath, "r");
        if (pubKeyFile == NULL) {
            fprintf(stderr, "MakeLocalCsrSSLApi opening file %s err\n", keyFilePath);
            goto free_all;
        }

        keyFileBIO = BIO_new_file(keyFilePath, "r");
        if (keyFileBIO == NULL) {
            fprintf(stderr, "MakeLocalCsrSSLApi BIO_new_file err %s\n", keyFilePath);
            goto free_all;
        }

        r = PEM_read_bio_RSAPrivateKey(keyFileBIO, NULL, NULL, NULL);
        if (r == NULL) {
            fprintf(stderr, "MakeLocalCsrSSLApi PEM_read_bio_RSAPrivateKey err\n");
            goto free_all;
        }

        /*
        //从csr文件中获取私钥
        BIO* bio = bio_open_default(csrFilePath, "r", 1);
        r = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
        if (r == NULL) {
            fprintf(stderr, "Error PEM_read_RSAPublicKey file %s\n", savePrivateKeyFilePath);
            return false;
        }*/
    }

    // 2. set version of x509 req
    x509_req = X509_REQ_new();
    ret = X509_REQ_set_version(x509_req, nVersion);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_REQ_set_version err\n");
        goto free_all;
    }

    // 3. set subject of x509 req
    x509_name = X509_REQ_get_subject_name(x509_req); //x509_req->req_info.subject;

    ret = X509_NAME_add_entry_by_txt(x509_name, "emailAddress", MBSTRING_ASC, (const unsigned char*)email, -1, -1, 0);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_NAME_add_entry_by_txt emailAddress err\n");
        goto free_all;
    }

    ret = X509_NAME_add_entry_by_txt(x509_name, "CN", MBSTRING_ASC, (const unsigned char*)name, -1, -1, 0);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_NAME_add_entry_by_txt CN err\n");
        goto free_all;
    }

    ret = X509_NAME_add_entry_by_txt(x509_name, "C", MBSTRING_ASC, (const unsigned char*)country, -1, -1, 0);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_NAME_add_entry_by_txt C err\n");
        goto free_all;
    }

    // 4. set public key of x509 req
    pKey = EVP_PKEY_new();
    EVP_PKEY_assign_RSA(pKey, r);
    r = NULL;   // will be free rsa when EVP_PKEY_free(pKey)

    ret = X509_REQ_set_pubkey(x509_req, pKey);
    if (ret != 1) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_REQ_set_pubkey err\n");
        goto free_all;
    }

    // 5. set sign key of x509 req
    ret = X509_REQ_sign(x509_req, pKey, EVP_sha1());    // return x509_req->signature->length
    if (ret <= 0) {
        fprintf(stderr, "MakeLocalCsrSSLApi X509_REQ_sign err\n");
        goto free_all;
    }

    out = BIO_new_file(saveCsrFilePath, "w");
    crt = X509_REQ_to_X509(x509_req, 1000, pKey);
    ret = PEM_write_bio_X509_REQ(out, x509_req);

    // 6. free
free_all:
    BIO_free_all(keyFileBIO);
    X509_REQ_free(x509_req);
    BIO_free_all(out);
    // r = NULL; 
    EVP_PKEY_free(pKey);
    BN_free(bne);
    if (pubKeyFile) fclose(pubKeyFile);

    return (ret == 1);
}

相关文章

  • 安全算法实验(三)

    编程实现实验二中的功能 目录 实验环境配置 具体实现过程 环境配置 添加相关属性12 将OpenSSL安装目录下b...

  • 安全算法实验(二)

    具体要求 使用openssl工具完成如下操作:(1)RSA 2048位 密钥生成;(2)导出公钥;(3)生成数字证...

  • 厉害了!阿里安全图灵实验室在ICDAR2017 MLT竞赛刷新世

    摘要: 近日,阿里安全图灵实验室(Alibaba Turing Lab)的ATL Cangjie OCR算法在IC...

  • 加密和安全

    1 安全机制 安全攻击: STRIDE 常用的安全算法 对称加密算法 非对称加密算法 单向算法 CA和证书 安全协...

  • 死锁的避免

    死锁的避免主要包含安全性检查算法和银行家算法两个部分,在书上介绍的较为清晰了 【实验目的】 为了解系统的资源分配情...

  • 19-加密和安全

    本章内容 墨菲定律 安全机制 安全 安全设计基本原则 安全算法 对称加密算法 非对称加密算法 非对称加密 RSA和...

  • 椭圆曲线加密解密算法python3实现

    信息安全课程的实验,根据课件及网上资料,参考实现 代码中注释比较完善,算法的实现整体流程如下: - 实现基本流程:...

  • 2019-10-28

    算法的上机实验

  • DES算法实现

    实验目标 完成一个DES 算法的详细设计,内容包括: 算法概述; 总体结构; 数据结构。 实验概述 算法原理 DE...

  • 密码学第二次实验报告:RSA算法

    实验题目 RSA算法 实验目的 了解公钥算法基本原理和RSA算法的原理。了解RSA算法在数据加密和数字签名中的应用...

网友评论

      本文标题:安全算法实验(三)

      本文链接:https://www.haomeiwen.com/subject/kmsgtktx.html

      延伸阅读

      深度阅读

      • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

      栏目导航

      热点阅读

      关于我们|服务条款|联系我们|安全算法实验(三)|投稿指南|网站地图|RSS订阅|排版工具|手机版

      提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

      Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

      备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

      本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

      所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!