我目前在.pem文件中有私钥。在我的应用程序(iOS)中,我想将私钥加载到EVP_PKEY结构中以签署X509_REQ。
我目前的问题是我能够加载私钥,但实际上它与我文件系统中的私钥不同。
这是我的代码:
BIO *bio_err;
X509_REQ *x509=NULL;
EVP_PKEY *pkey= NULL;
EVP_PKEY *pubKey = NULL;
NSString *privateKeyFile = [SecurityManager privateKeyFileAndProof:YES];
char const *privKeyPath = [[NSFileManager defaultManager] fileSystemRepresentationWithPath:privateKeyFile];
FILE *fp = fopen(privKeyPath, "r");
PEM_read_PrivateKey(fp, &pkey, NULL, NULL);
fclose(fp);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
PEM_write_PrivateKey(stdout,pkey,NULL,NULL,0,NULL, NULL);
这是我的实际私钥文件:
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAzl8TJ46uLTo6ELLrEPRpS7S0IYBAhAXbxvvKaRLvjBi9khud
8ybfDSjoD//uoAlZDIfRak31tHIXqiJntaDZJ8ujIEK4DdRBVHowPNC/tKuYUti8
vZ94BkN48nyJwfFtYPtqaMI6XC0Vh0ffQnQ9jl1d8TVfvxuhlK2+C/WG8Gz9NmRu
JGgCiNuHOIIjaDtlJW36fj21KxW5de1dEW1GUF9GPctN0QjeU4xPFukbu0w8qrr7
ShiIlz0DCkzuj2ww1mr/Gpt4boGCmyM9u+IMg30WMGYacb1+qIpswHJIVaDx7Jmf
xnn8k2rVZT5FUpSjyusSeWFkU7Qh0cKm5BrFNQIDAQABAoIBAEJV2Uhb2qz7DHMV
r+2xQq9tFIG4QgSuBWk+wl9oEMwNn9H5QppIImaOgZmzALc8if03Ix9yk8o+6lBr
4r5FR8g88uCJ0bPQSHepFxxVVWnzxnDK7lBdlC0fPx9i3L0Up74G0rt9w1ihvUvQ
1Hj9+FNsu6evKmm5rgSmnHInqApbyivyogqqSFZ1WlbR9PlT7J15RJAL6lVL+6DP
bIyFDL38degVtOUCAekTsBj1tpewfpFYIb6g5ovVFMgbzXBFL8tEmTe40UheUD1R
LBSaBISQQdl1b6dp0A7jPisk6NE9RZRv0aXLf/t1GrCGIVNQ73+ZtJPETL5Ckk3n
+eEWizkCgYEA9Vmg3pfMHB6QAcsEASK+bdOx2p+Sq47Yd4wISWXKpiylYudKFv0I
bm/0fhU3QOwIUpD0/i5dvUetE08ARU8vXHS+Aar9Gr109KslgdoLFnwTp9A9MsJP
Kuo7ZV3/P3APYlsCdoA2YmR8ys6JIooNlwwV523vI0S7q0Jc277tHf8CgYEA11RO
7FpFMYgYniSyal4Sze+YLXbhvhTPdmbhY+zAh3U0aJ4WHckmofeyomgqQ9ZAdcfu
cUyZKqxJ6FQelc5voBjOTj6rNfziWrU618ldIgmW/0hsQ4Wb+j7W+csqJVTPPGCy
bg+jRIv0W9foIPFhXijC/HWS3Vq2QCklGO5kBMsCgYBC1B4AY4KCKkT5aA34LTmH
esEYFp0Bw8/siCT9sQ9IwiJuVSeWKWfxhOcorKi3M1N1Aezpi0GXO/3Fo6AkQNRa
r6XNmICGlxJTTobR3s1kW3mTHSJ+P/UGcHSrQLY01lYqaTW7h2LI3CwtpaIu2UGo
Ye9ZcVVQ2vjvRg07Ab9eiwKBgFrmWlLoYKFiRJIuB6tjfyi0Zld7Ah0OB+6By9A1
F6mXTsKDSe7VBZwGRsDMnFr6zUdrWTs3DMm45ZJQQIEZHoJFNoJNblViJeQI8Yg6
lzhROA8YcauncYsYkAPvQiF0Re/FGk3gCBpdwpAq+vE9NM9dAcM1lwQe0SUQuXpm
2I41AoGBALUMXfvtDKzcHnZ3UjXuVHM/H6gFiOLx9GhQ9K4BMe7nkbKsDnwbw6Z2
124ZdhkBMgFsL8XTyhyGo2upB/Sq9enLT5fNcD3OZcfRfBGgQO/27IV/A5/ofpG6
N3bDZhBhKHvriP683gXF/L2ki4OTtDI6gym/jaXn3RdNK0kL4tJu
-----END RSA PRIVATE KEY-----
这是我打印的私钥,当我加载了EVP_PKEY结构
时-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDOXxMnjq4tOjoQ
susQ9GlLtLQhgECEBdvG+8ppEu+MGL2SG53zJt8NKOgP/+6gCVkMh9FqTfW0cheq
Ime1oNkny6MgQrgN1EFUejA80L+0q5hS2Ly9n3gGQ3jyfInB8W1g+2powjpcLRWH
R99CdD2OXV3xNV+/G6GUrb4L9YbwbP02ZG4kaAKI24c4giNoO2Ulbfp+PbUrFbl1
7V0RbUZQX0Y9y03RCN5TjE8W6Ru7TDyquvtKGIiXPQMKTO6PbDDWav8am3hugYKb
Iz274gyDfRYwZhpxvX6oimzAckhVoPHsmZ/GefyTatVlPkVSlKPK6xJ5YWRTtCHR
wqbkGsU1AgMBAAECggEAQlXZSFvarPsMcxWv7bFCr20UgbhCBK4FaT7CX2gQzA2f
0flCmkgiZo6BmbMAtzyJ/TcjH3KTyj7qUGvivkVHyDzy4InRs9BId6kXHFVVafPG
cMruUF2ULR8/H2LcvRSnvgbSu33DWKG9S9DUeP34U2y7p68qabmuBKaccieoClvK
K/KiCqpIVnVaVtH0+VPsnXlEkAvqVUv7oM9sjIUMvfx16BW05QIB6ROwGPW2l7B+
kVghvqDmi9UUyBvNcEUvy0SZN7jRSF5QPVEsFJoEhJBB2XVvp2nQDuM+KyTo0T1F
lG/Rpct/+3UasIYhU1Dvf5m0k8RMvkKSTef54RaLOQKBgQD1WaDel8wcHpABywQB
Ir5t07Han5Krjth3jAhJZcqmLKVi50oW/Qhub/R+FTdA7AhSkPT+Ll29R60TTwBF
Ty9cdL4Bqv0avXT0qyWB2gsWfBOn0D0ywk8q6jtlXf8/cA9iWwJ2gDZiZHzKzoki
ig2XDBXnbe8jRLurQlzbvu0d/wKBgQDXVE7sWkUxiBieJLJqXhLN75gtduG+FM92
ZuFj7MCHdTRonhYdySah97KiaCpD1kB1x+5xTJkqrEnoVB6Vzm+gGM5OPqs1/OJa
tTrXyV0iCZb/SGxDhZv6Ptb5yyolVM88YLJuD6NEi/Rb1+gg8WFeKML8dZLdWrZA
KSUY7mQEywKBgELUHgBjgoIqRPloDfgtOYd6wRgWnQHDz+yIJP2xD0jCIm5VJ5Yp
Z/GE5yisqLczU3UB7OmLQZc7/cWjoCRA1Fqvpc2YgIaXElNOhtHezWRbeZMdIn4/
9QZwdKtAtjTWVippNbuHYsjcLC2loi7ZQahh71lxVVDa+O9GDTsBv16LAoGAWuZa
UuhgoWJEki4Hq2N/KLRmV3sCHQ4H7oHL0DUXqZdOwoNJ7tUFnAZGwMycWvrNR2tZ
OzcMybjlklBAgRkegkU2gk1uVWIl5AjxiDqXOFE4Dxhxq6dxixiQA+9CIXRF78Ua
TeAIGl3CkCr68T00z10BwzWXBB7RJRC5embYjjUCgYEAtQxd++0MrNwedndSNe5U
cz8fqAWI4vH0aFD0rgEx7ueRsqwOfBvDpnbXbhl2GQEyAWwvxdPKHIaja6kH9Kr1
6ctPl81wPc5lx9F8EaBA7/bshX8Dn+h+kbo3dsNmEGEoe+uI/rzeBcX8vaSLg5O0
MjqDKb+NpefdF00rSQvi0m4=
-----END PRIVATE KEY-----
答案 0 :(得分:2)
从OpenSSL版本1.0.0开始,像PEM_write_PrivateKey
这样的例程默认为PKCS8格式,其页眉和页脚如下:
----- BEGIN PRIVATE KEY -----
----- END PRIVATE KEY -----
如果要在1.0.0之后的版本中使用传统格式编写,请务必调用PEM_read_RSAPrivateKey
和PEM_write_RSAPrivateKey
之类的读写例程。
Unknown option CN=...
传统密钥格式的页眉和页脚如下:
-----开始RSA私钥-----
----- END RSA私钥-----