1 #include <stdio.h>
2 #include <openssl/rsa.h>
3 #include <openssl/pem.h>
4 #include <openssl/err.h>
5
6 //加密
7 int my_encrypt(const char *input, int input_len, char *output, int *output_len, const char *pri_key_fn)
8 {
9 RSA *p_rsa = NULL;
10 FILE *file = NULL;
11 int ret = 0;
12
13 if((file = fopen(pri_key_fn, "rb")) == NULL)
14 {
15 ret = -1;
16 goto End;
17 }
18
19 if((p_rsa = PEM_read_RSAPrivateKey(file, NULL,NULL,NULL )) == NULL)
20 {
21 ret = -2;
22 goto End;
23 }
24
25 if((*output_len = RSA_private_encrypt(input_len, (unsigned char*)input, (unsigned char*)output, p_rsa, RSA_PKCS1_PADDING)) < 0)
26 {
27 ret = -4;
28 goto End;
29 }
30
31 End:
32 if(p_rsa != NULL)
33 RSA_free(p_rsa);
34 if(file != NULL)
35 fclose(file);
36
37 return ret;
38 }
39
40 //解密
41 int my_decrypt(const char *input, int input_len, char *output, int *output_len, const char *pri_key_fn)
42 {
43 RSA *p_rsa = NULL;
44 FILE *file = NULL;
45 int ret = 0;
46
47 file = fopen(pri_key_fn, "rb");
48 if(!file)
49 {
50 ret = -1;
51 goto End;
52 }
53
54 if((p_rsa = PEM_read_RSA_PUBKEY(file, NULL,NULL,NULL )) == NULL)
55 {
56 ret = -2;
57 goto End;
58 }
59
60 if((*output_len=RSA_public_decrypt(input_len, (unsigned char*)input, (unsigned char*)output, p_rsa, RSA_PKCS1_PADDING)) < 0)
61 {
62 ret = -3;
63 goto End;
64 }
65 End:
66 if(p_rsa != NULL)
67 RSA_free(p_rsa);
68 if(file != NULL)
69 fclose(file);
70
71 return ret;
72 }
73
74 int main(int argc, char**argv)
75 {
76 char src[256];
77 char dst[256];
78 int src_len;
79 int dst_len;
80 int ret;
81 FILE *f;
82
83 src_len = fread(src, 1, 256, stdin);
84
85 if(argv[1][0] == 'e') {
86 ret = my_encrypt(src, src_len, dst, &dst_len, argv[2]);
87 }else {
88 ret = my_decrypt(src, src_len, dst, &dst_len, argv[2]);
89 }
90
91 if(ret) {
92 fprintf(stderr, "Error\n");
93 }
94 fwrite(dst,1,dst_len,stdout);
95 return ret;
96 }
以上是一个示例,测试了私钥加密(签名)/公钥解密(验证),main函数是一个测试
测试一下,先生成2048位公钥、私钥对
colin@colin-VirtualBox:/tmp$ openssl genrsa -out pri2048.pem 2048
Generating RSA private key, 2048 bit long modulus
................................+++
.............+++
e is 65537 (0x10001)
colin@colin-VirtualBox:/tmp$ openssl rsa -in pri2048.pem -pubout -out pub2048.pem
writing RSA key
编译、文件测试
colin@colin-VirtualBox:/tmp$ gcc t.c -lssl -lcrypto -lm
colin@colin-VirtualBox:/tmp$ ./a.out en pri2048.pem <data >data.en
colin@colin-VirtualBox:/tmp$ ./a.out enc pri2048.pem <data >data.en
colin@colin-VirtualBox:/tmp$ ./a.out dec pub2048.pem <data.en >data2
colin@colin-VirtualBox:/tmp$ openssl rsautl -verify -in data.en -inkey pub2048.pem -pubin -out data3
对比一下
colin@colin-VirtualBox:/tmp$ cmp data data2
colin@colin-VirtualBox:/tmp$ cmp data data3
colin@colin-VirtualBox:/tmp$ md5sum data data2 data3
7a71146998ad521bab336a49f65c90c4 data
7a71146998ad521bab336a49f65c90c4 data2
7a71146998ad521bab336a49f65c90c4 data3
公钥加密、私钥解密就不写了,对着看就会很明白了。
int RSA_public_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int RSA_private_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int RSA_public_decrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int RSA_private_decrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding);