OpenSSL is a powerful toolkit that integrates many passwords.AlgorithmAnd utility. You can use the console tool provided by Alibaba Cloud to Generate Keys and certificates to encrypt and decrypt files.CodeEncrypted transmission information.
RSA is an asymmetric encryption algorithm. In short, asymmetric encryption algorithms require two keys for encrypting and decrypting a file, one for encryption, the other for public key, and the other for decryption, and the other for private key. The certificate can be used to authorize the use of the public key.
Today I have studied the RSA encryption of OpenSSL, which mainly involves the use of public keys and keys to encrypt and decrypt files, and does not involve operations on certificates. You can go:
Http://www.openssl.org/
Http://blog.csdn.net/jiangsq12345/article/details/6066275
Bytes ---------------------------------------------------------------------------------------------------------------------
The following describes how to use the OpenSSL tool in the console:
Generate a key:
OpenSSL genrsa-out test. Key 1024
Here-out specifies the file to be generated. Note that this file containsPublic Key and keyThat is to say, this file can be used for encryption or decryption. The following 1024 is the length of the generated key.
OpenSSL can extract the public key from this file:
OpenSSL RSA-InTest. Key-pubout-out test_pub.key
-In indicates the input file, and-out indicates the file name to extract the generated public key. Now we have a public key, a private key (including the public key ). Now you can use the public key to encrypt the file.
I create a hello text file in the directory, and then use the previousGenerated public key encryption File:
OpenSSL rsautl-encrypt-InHello-inkey test_pub.key-pubin-out hello. En
-In specifies the file to be encrypted,-inkey specifies the key,-pubin indicates that the file is encrypted with a pure public key, and-out indicates the encrypted file.
Decrypt the file:
OpenSSL rsautl-decrypt-InHello. En-inkey test. Key-out hello.de
-In indicates the encrypted file,-inkey indicates the private key file, and-out indicates the decrypted file.
So far, an encryption and decryption process has ended. In actual use, certificates may also be included, which will be available later ~
Bytes -------------------------------------------------------------------------------------------------------------------
Next, we will introduceProgramHow to Use the previously generated test. Key and test_pub.key for information encryption and decryption (of course, you can also directly use OpenSSL APIs to generate key files ).
The following example uses an existing key to encrypt and decrypt the source string:
1 # Include <stdio. h>
2 # Include <stdlib. h>
3 # Include < String . H>
4 # Include <OpenSSL/RSA. h>
5 # Include <OpenSSL/PEM. h>
6 # Include <OpenSSL/err. h>
7 # Define Opensslkey "test. Key"
8 # Define Publickey "test_pub.key"
9 # Define Buffsize 1024
10 Char * My_encrypt ( Char * STR, Char * Path_key ); // Encryption
11 Char * My_decrypt ( Char * STR, Char * Path_key ); // Decryption
12 Int Main ( Void ){
13 Char * Source =" I like dancing! " ;
14 Char * Ptr_en, * ptr_de;
15 Printf ( " Source is: % s \ n " , Source );
16 Ptr_en = my_encrypt (source, publickey );
17 Printf ( " After encrypt: % s \ n " , Ptr_en );
18 Ptr_de = my_decrypt (ptr_en, opensslkey );
19 Printf ( " After decrypt: % s \ n " , Ptr_de );
20 If (Ptr_en! = NULL ){
21 Free (ptr_en );
22 }
23 If (Ptr_de! = NULL ){
24 Free (ptr_de );
25 }
26 Return 0 ;
27 }
28 Char * My_encrypt ( Char * STR, Char * Path_key ){
29 Char * P_en;
30 RSA * p_rsa;
31 File * file;
32 Int FLEN, rsa_len;
33 If (File = fopen (path_key, " R " ) = NULL ){
34 Perror ( " Open key file Error " );
35 Return NULL;
36 }
37 If (P_rsa = pem_read_rsa_pubkey (file, null) = NULL ){
38 // If (p_rsa = pem_read_rsapublickey (file, null) = NULL) {This sentence cannot survive, whether or not the public key is separated from the source file
39 Err_print_errors_fp (stdout );
40 Return NULL;
41 }
42 FLEN = strlen (STR );
43 Rsa_len = rsa_size (p_rsa );
44 P_en = (unsigned Char *) Malloc (rsa_len + 1 );
45 Memset (p_en, 0 , Rsa_len + 1 );
46 If (Rsa_public_encrypt (rsa_len, (unsigned Char *) STR, (unsigned Char *) P_en, p_rsa, rsa_no_padding) < 0 ){
47 Return NULL;
48 }
49 Rsa_free (p_rsa );
50 Fclose (File );
51 Return P_en;
52 }
53 Char * My_decrypt ( Char * STR, Char * Path_key ){
54 Char * P_de;
55 RSA * p_rsa;
56 File * file;
57 Int Rsa_len;
58 If (File = fopen (path_key, " R " ) = NULL ){
59 Perror ( " Open key file Error " );
60 Return NULL;
61 }
62 If (P_rsa = pem_read_rs1_vatekey (file, null) = NULL ){
63 Err_print_errors_fp (stdout );
64 Return NULL;
65 }
66 Rsa_len = rsa_size (p_rsa );
67 P_de = (unsigned Char *) Malloc (rsa_len + 1 );
68 Memset (p_de, 0 , Rsa_len +1 );
69 If (Rsa_private_decrypt (rsa_len, (unsigned Char *) STR, (unsigned Char *) P_de, p_rsa, rsa_no_padding) < 0 ){
70 Return NULL;
71 }
72 Rsa_free (p_rsa );
73 Fclose (File );
74 Return P_de;
75 }
A strange problem:
Lines 37 and 38 get the key from the file and find that the pem_read_rsapublickey method provided by OpenSSL will always fail.
It is estimated that the file format is incorrect ~