OpenSSL is a powerful toolkit that integrates a wide range of cryptographic algorithms and utilities. We can use the command desk tools it provides to generate keys, certificates to encrypt and decrypt files, or to encrypt the transmitted information in code using the API interfaces it provides.
RSA is an asymmetric encryption algorithm. In short, the asymmetric encryption algorithm means that encrypting and decrypting a file requires two keys, one for encryption, the public key, one for decryption, and the private key. Certificates can be used to authorize the use of public keys.
Today a small study of the next OpenSSL RSA encryption, which mainly involves the use of public keys and keys to decrypt files, does not involve the operation of the certificate. What you want to know collectively is:
http://www.openssl.org/
http://blog.csdn.net/jiangsq12345/article/details/6066275
--------------------------------------------------------------------------------------------------------------- ------
Let's start with the simple use of the OpenSSL tool under the command desk:
Generate a key:
OpenSSL genrsa-out Test.key 1024
Here-out specifies the generation file. It is important to note that this file contains both the public key and the key, which means that the file can be used for encryption or decryption. The following 1024 is the length of the generated key.
OpenSSL can extract the public key from this file:
OpenSSL rsa-in test.key-pubout-out Test_pub.key
-in Specifies the input file,-out specifies the file name to extract the generated public key. At this point, we have a public key in hand, a private key (including the public key). You can now encrypt the file with the public key.
I created a hello text file in the directory and then encrypted the file with the public key generated earlier:
-in specifies the file to encrypt,-inkey specifies the key,-pubin indicates that it is encrypted with a pure public key file, and-out as the encrypted file.
Decrypt file:
OpenSSL rsautl-decrypt-in Hello.en-inkey test.key-out hello.de
-in Specifies the encrypted file,-inkey specifies the private key file,-out the decrypted file.
At this point, a cryptographic decryption process has ended. In the actual use may also include the certificate, this later has the opportunity to say again ~
--------------------------------------------------------------------------------------------------------------- ----
This article describes how the program uses the Test.key and Test_pub.key generated earlier to encrypt and decrypt information (or, of course, to generate a key file directly from the OpenSSL API).
Here is an example that uses an existing key to encrypt and decrypt the source string:
1 #include <stdio.h>
2 #include <stdlib.h>
3 #include <string.h>
4 #include <openssl/rsa.h>
5 #include <openssl/pem.h>
6 #include <openssl/err.h>
7 #define Opensslkey "Test.key"
8 #define PUBLICKEY "Test_pub.key"
9 #define BUFFSIZE 1024
char* My_encrypt (char *str,char *path_key);//encryption
char* My_decrypt (char *str,char *path_key);//decryption
int main (void) {
Char *source= "I like dancing!";
*ptr_en,*ptr_de Char;
printf ("Source is:%s\n", source);
Ptr_en=my_encrypt (Source,publickey);
-printf ("After encrypt:%s\n", ptr_en);
Ptr_de=my_decrypt (Ptr_en,opensslkey);
printf ("After decrypt:%s\n", Ptr_de);
if (ptr_en!=null) {
(ptr_en);
22}
if (ptr_de!=null) {
(PTR_DE);
25}
return 0;
27}
*my_encrypt Char (char *str,char *path_key) {
Char *p_en;
RSA *p_rsa;
FILE *file;
Flen,rsa_len int;
if ((File=fopen (Path_key, "R")) ==null) {
Perror ("Open key file Error");
return NULL;
36}
PNS if ((P_rsa=pem_read_rsa_pubkey (file,null,null,null)) ==null) {
//if ((P_rsa=pem_read_rsapublickey (file,null,null,null)) ==null) {This is the way it's going to be. Regardless of whether the public key is detached from the source file
ERR_PRINT_ERRORS_FP (stdout);
return NULL;
41}
Flen=strlen (str);
Rsa_len=rsa_size (P_RSA);
p_en= (unsigned char *) malloc (rsa_len+1);
memset (p_en,0,rsa_len+1);
if (Rsa_public_encrypt (Rsa_len, (unsigned char *) str, (unsigned char*) p_en,p_rsa,rsa_no_padding) <0) {
return NULL;
48}
Rsa_free (P_RSA);
fclose (file);
P_en return;
52}
*my_decrypt Char (char *str,char *path_key) {
*p_de Char;
*p_rsa RSA;
*file FILE;
Rsa_len int;
(File=fopen (Path_key, "R")) (==null) {
Perror ("Open key file Error");
return NULL;
61}
if ((P_rsa=pem_read_rsaprivatekey (file,null,null,null)) ==null) {
ERR_PRINT_ERRORS_FP (stdout);
+ Return NULL;
65}
Rsa_len=rsa_size (P_RSA);
p_de= (unsigned char *) malloc (rsa_len+1);
memset (p_de,0,rsa_len+1);
if (Rsa_private_decrypt (Rsa_len, (unsigned char *) str, (unsigned char*) p_de,p_rsa,rsa_no_padding) <0) {
return NULL;
71}
Rsa_free (P_RSA);
fclose (file);
P_de return;
75}
A rather odd question:
37, 38 in line to get the key from the file, found that if using OpenSSL provided by the Pem_read_rsapublickey method will continue to fail.
Estimated to be a problem with file format ~
Using OpenSSL for RSA encryption and decryption