我需要使用私钥来进行RSA签名。
公司给了我这样的私钥:
3082025C02010002818100AB13EC000380B4E489F717440D42473BD1C0F0B4F36D765171B3868ADF1CCAA782B48C71560C48342DFAEA01C6DBAF7A36F885B58BB24D7934352AA304941B1EB8373B561C4FBF11181C2E75ED3356CAE5B0DC9759A42CE997F5E5321AA5A67C5A2AE923F4705E61C2C7C8C2441CDCE6DE8638AB9294DA7A9A5B59E2E31C8A9B0203010001028180037ECDB4965DBBD46B8933DD7D13DC96B94B62DF9F959DF43E0977F74065BB323EF667642D68E4D4C417BB4E3BFCE311F12B94B7C7D9E5C15332BEE343C5AEE4223BF3ADE524C2726A685E62938C6B62ADA73529C762A61ABF707E936CFAC2233AD2C7DB0D8764194A7648C16A85FA54E0EBA32BFAB616CBE0009E5E3B8B5349024100D463E0012A09AA1399B5AD6BDDB47A7418F35109786899DDE1913647D3864A7897747D001122E3430CA58F4E94391208E9059606AEA8389E045B31273EBD2C75024100CE347F1CF65ACEFB6B21B758D7AB6B850F4BA1ECFC7DA1B0FC52538AF5D5280393ADB06D0A0762E66526C5755ABC6F81C22A6463E8B0E27D69BDEFFA8F3C38CF024100A10054FE8CEF668E1527339F61213EF263378F66AE701CB3A61A7E1B54ADA82662295BD88125014202843E6E42CE406DA0B72B5345731FF8293537BD9841AF410240472BDF63C3B3FC14D319440B2A05448B1C88624F4 5A6A7144B42AF0B1B6682F51917ADF934A8EFFDCD93E03B6D21F4EAB875A148CA9BA2D0DE9A6C25F3223A0902401E673CB216C11DCCD41D99F4892C2027A03ADE42E64C7B4410BF9C4D1B0A58C51CF33FA3BA1D8F4D693A2C5CCB0D42A4A787EE32729871FEF4FC143DFFA170A2
它采用十六进制格式,但OpenSSL的PEM_read_bio_RSAPrivateKey()函数返回NULL。我搜索了这方面的帮助,发现私钥必须在" PKCS8"格式。那么如何在我的代码中将上面的十六进制格式转换为PKCS8格式呢?
答案 0 :(得分:0)
以下使用OpenSSL 1.1.0(我需要做一些其他测试)。它还使用d2i_RSAPrivateKey而不是PEM_read_bio_RSAPrivateKey。密钥在ASN.1 / DER中,因此您无法使用PEM例程。
编译并链接类似于gcc -I/usr/local/ssl/1.1.0/include test.cc -o test.exe /usr/local/ssl/1.1.0/lib/libcrypto.a的内容。
您还应该添加代码来清理库。另请参阅OpenSSL wiki上的Library Initialization。
#include <stdio.h>
#include <unistd.h>
#include <openssl/opensslconf.h>
#include <openssl/crypto.h>
#include <openssl/rsa.h>
const char encoded[] =
"3082025C02010002818100AB13EC000380B4E489F717440D42473BD1C0"
"F0B4F36D765171B3868ADF1CCAA782B48C71560C48342DFAEA01C6DBAF"
"7A36F885B58BB24D7934352AA304941B1EB8373B561C4FBF11181C2E75"
"ED3356CAE5B0DC9759A42CE997F5E5321AA5A67C5A2AE923F4705E61C2"
"C7C8C2441CDCE6DE8638AB9294DA7A9A5B59E2E31C8A9B020301000102"
"8180037ECDB4965DBBD46B8933DD7D13DC96B94B62DF9F959DF43E0977"
"F74065BB323EF667642D68E4D4C417BB4E3BFCE311F12B94B7C7D9E5C1"
"5332BEE343C5AEE4223BF3ADE524C2726A685E62938C6B62ADA73529C7"
"62A61ABF707E936CFAC2233AD2C7DB0D8764194A7648C16A85FA54E0EB"
"A32BFAB616CBE0009E5E3B8B5349024100D463E0012A09AA1399B5AD6B"
"DDB47A7418F35109786899DDE1913647D3864A7897747D001122E3430C"
"A58F4E94391208E9059606AEA8389E045B31273EBD2C75024100CE347F"
"1CF65ACEFB6B21B758D7AB6B850F4BA1ECFC7DA1B0FC52538AF5D52803"
"93ADB06D0A0762E66526C5755ABC6F81C22A6463E8B0E27D69BDEFFA8F"
"3C38CF024100A10054FE8CEF668E1527339F61213EF263378F66AE701C"
"B3A61A7E1B54ADA82662295BD88125014202843E6E42CE406DA0B72B53"
"45731FF8293537BD9841AF410240472BDF63C3B3FC14D319440B2A0544"
"8B1C88624F45A6A7144B42AF0B1B6682F51917ADF934A8EFFDCD93E03B"
"6D21F4EAB875A148CA9BA2D0DE9A6C25F3223A0902401E673CB216C11D"
"CCD41D99F4892C2027A03ADE42E64C7B4410BF9C4D1B0A58C51CF33FA3"
"BA1D8F4D693A2C5CCB0D42A4A787EE32729871FEF4FC143DFFA170A2";
int main(int argc, char* argv[])
{
long length = 0;
unsigned char* decoded = NULL;
RSA* rsa = NULL;
decoded = OPENSSL_hexstr2buf(encoded, &length);
if (decoded == NULL || length == 0)
return 1;
const unsigned char* temp = decoded;
rsa = d2i_RSAPrivateKey(NULL, &temp, length);
if (rsa == NULL)
return 1;
RSA_print_fp(stdout, rsa, 0);
if (rsa)
RSA_free(rsa);
if (decoded)
OPENSSL_free(decoded);
return 0;
}
const unsigned char* temp = decoded是因为temp是临时的,d2i_RSAPrivateKey将指针递增到下一个私钥(如果将尝试另一个解析)。您仍然可以通过decoded获取原始数据。
结果是:
$ ./test.exe
Private-Key: (1024 bit)
modulus:
00:ab:13:ec:00:03:80:b4:e4:89:f7:17:44:0d:42:
47:3b:d1:c0:f0:b4:f3:6d:76:51:71:b3:86:8a:df:
1c:ca:a7:82:b4:8c:71:56:0c:48:34:2d:fa:ea:01:
c6:db:af:7a:36:f8:85:b5:8b:b2:4d:79:34:35:2a:
a3:04:94:1b:1e:b8:37:3b:56:1c:4f:bf:11:18:1c:
2e:75:ed:33:56:ca:e5:b0:dc:97:59:a4:2c:e9:97:
f5:e5:32:1a:a5:a6:7c:5a:2a:e9:23:f4:70:5e:61:
c2:c7:c8:c2:44:1c:dc:e6:de:86:38:ab:92:94:da:
7a:9a:5b:59:e2:e3:1c:8a:9b
publicExponent: 65537 (0x10001)
privateExponent:
03:7e:cd:b4:96:5d:bb:d4:6b:89:33:dd:7d:13:dc:
96:b9:4b:62:df:9f:95:9d:f4:3e:09:77:f7:40:65:
bb:32:3e:f6:67:64:2d:68:e4:d4:c4:17:bb:4e:3b:
fc:e3:11:f1:2b:94:b7:c7:d9:e5:c1:53:32:be:e3:
43:c5:ae:e4:22:3b:f3:ad:e5:24:c2:72:6a:68:5e:
62:93:8c:6b:62:ad:a7:35:29:c7:62:a6:1a:bf:70:
7e:93:6c:fa:c2:23:3a:d2:c7:db:0d:87:64:19:4a:
76:48:c1:6a:85:fa:54:e0:eb:a3:2b:fa:b6:16:cb:
e0:00:9e:5e:3b:8b:53:49
prime1:
00:d4:63:e0:01:2a:09:aa:13:99:b5:ad:6b:dd:b4:
7a:74:18:f3:51:09:78:68:99:dd:e1:91:36:47:d3:
86:4a:78:97:74:7d:00:11:22:e3:43:0c:a5:8f:4e:
94:39:12:08:e9:05:96:06:ae:a8:38:9e:04:5b:31:
27:3e:bd:2c:75
prime2:
00:ce:34:7f:1c:f6:5a:ce:fb:6b:21:b7:58:d7:ab:
6b:85:0f:4b:a1:ec:fc:7d:a1:b0:fc:52:53:8a:f5:
d5:28:03:93:ad:b0:6d:0a:07:62:e6:65:26:c5:75:
5a:bc:6f:81:c2:2a:64:63:e8:b0:e2:7d:69:bd:ef:
fa:8f:3c:38:cf
exponent1:
00:a1:00:54:fe:8c:ef:66:8e:15:27:33:9f:61:21:
3e:f2:63:37:8f:66:ae:70:1c:b3:a6:1a:7e:1b:54:
ad:a8:26:62:29:5b:d8:81:25:01:42:02:84:3e:6e:
42:ce:40:6d:a0:b7:2b:53:45:73:1f:f8:29:35:37:
bd:98:41:af:41
exponent2:
47:2b:df:63:c3:b3:fc:14:d3:19:44:0b:2a:05:44:
8b:1c:88:62:4f:45:a6:a7:14:4b:42:af:0b:1b:66:
82:f5:19:17:ad:f9:34:a8:ef:fd:cd:93:e0:3b:6d:
21:f4:ea:b8:75:a1:48:ca:9b:a2:d0:de:9a:6c:25:
f3:22:3a:09
coefficient:
1e:67:3c:b2:16:c1:1d:cc:d4:1d:99:f4:89:2c:20:
27:a0:3a:de:42:e6:4c:7b:44:10:bf:9c:4d:1b:0a:
58:c5:1c:f3:3f:a3:ba:1d:8f:4d:69:3a:2c:5c:cb:
0d:42:a4:a7:87:ee:32:72:98:71:fe:f4:fc:14:3d:
ff:a1:70:a2
如果你不清理,那么Valgrind会报告类似的事情:
$ valgrind --leak-check=full --show-leak-kinds=all --track-origins=yes ./test.exe
==32773== Memcheck, a memory error detector
==32773== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==32773== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==32773== Command: ./test.exe
==32773==
...
==32773==
==32773== HEAP SUMMARY:
==32773== in use at exit: 63,005 bytes in 365 blocks
==32773== total heap usage: 547 allocs, 182 frees, 69,806 bytes allocated
==32773==
==32773== 200 bytes in 1 blocks are still reachable in loss record 55 of 83
==32773== at 0x4D11: malloc (vg_replace_malloc.c:303)
==32773== by 0x10010AA3E: CRYPTO_zalloc (in ./test.exe)
==32773== by 0x1001522BB: CRYPTO_THREAD_lock_new (in ./test.exe)
==32773== by 0x100104EC8: do_ex_data_init (in ./test.exe)
==32773== by 0xD8FBF: pthread_once (in /usr/lib/system/libsystem_c.dylib)
==32773== by 0x1001523A8: CRYPTO_THREAD_run_once (in ./test.exe)
==32773== by 0x100104768: CRYPTO_new_ex_data (in ./test.exe)
==32773== by 0x10012A9C3: RSA_new_method (in ./test.exe)
==32773== by 0x100129ED1: rsa_cb (in ./test.exe)
==32773== by 0x100027057: asn1_item_embed_new (in ./test.exe)
==32773== by 0x1000244CA: asn1_item_embed_d2i (in ./test.exe)
==32773== by 0x100024125: ASN1_item_d2i (in ./test.exe)
==32773==
==32773== 4,096 bytes in 1 blocks are still reachable in loss record 81 of 83
==32773== at 0x4D11: malloc (vg_replace_malloc.c:303)
==32773== by 0x1431D8: __smakebuf (in /usr/lib/system/libsystem_c.dylib)
==32773== by 0x104F34: __swsetup (in /usr/lib/system/libsystem_c.dylib)
==32773== by 0x142392: __sfvwrite (in /usr/lib/system/libsystem_c.dylib)
==32773== by 0x142994: fwrite (in /usr/lib/system/libsystem_c.dylib)
==32773== by 0x100031997: file_write (in ./test.exe)
==32773== by 0x100030A29: BIO_write (in ./test.exe)
==32773== by 0x10002CFFB: BIO_vprintf (in ./test.exe)
==32773== by 0x10002CEFC: BIO_printf (in ./test.exe)
==32773== by 0x100129B7C: do_rsa_print (in ./test.exe)
==32773== by 0x10012EDBC: RSA_print_fp (in ./test.exe)
==32773== by 0x1000010C4: main (test.cc:48)
==32773==
==32773== LEAK SUMMARY:
==32773== definitely lost: 0 bytes in 0 blocks
==32773== indirectly lost: 0 bytes in 0 blocks
==32773== possibly lost: 0 bytes in 0 blocks
==32773== still reachable: 4,296 bytes in 2 blocks
==32773== suppressed: 58,709 bytes in 363 blocks
==32773==