Overview
Environment Installation
Symetric & Asymetric Algorithm
- Symetric
- Asymetric
Generate encrypt key by below funs in OpenSSL
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
int DSA_generate_key(DSA *dsa);
int EC_KEY_generate_key(EC_KEY *eckey);
int DH_generate_key(DH *dh);
Entities
- EVP_PKEY
struct evp_pkey_st
{
int type;
int save_type;
int references;
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine;
union {
char *ptr;
#ifndef OPENSSL_NO_RSA
struct rsa_st *rsa; /* RSA */
#endif
#ifndef OPENSSL_NO_DSA
struct dsa_st *dsa; /* DSA */
#endif
#ifndef OPENSSL_NO_DH
struct dh_st *dh; /* DH */
#endif
#ifndef OPENSSL_NO_EC
struct ec_key_st *ec; /* ECC */
#endif
} pkey;
int save_parameters;
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
} /* EV
- ECC结构在ecc.h
struct ec_key_st {
EC_GROUP *group;
EC_POINT *pub_key;
BIGNUM *priv_key;
} /* EC_KEY */;
Usage
- AES(Encrypt | Decrypt)
#include<stdio.h>
#include<string.h>
#include<windows.h>
#include<openssl/evp.h>
#include<openssl/x509.h>
#pragma comment(lib, "libeay32.lib")
#define BUFSIZE 128
void tEVP_Encrpyt()
{
unsigned char key[EVP_MAX_KEY_LENGTH]; //密钥
unsigned char iv[EVP_MAX_IV_LENGTH]; // 初始化向量
EVP_CIPHER_CTX ctx;
//EVP算法上下文
int outl;
int outltmp;
int rv;
int i;
unsigned char out[BUFSIZE]; // 输出密文缓冲区
unsigned char in[BUFSIZE];
const unsigned char *buffer;
buffer=(unsigned char *)malloc(sizeof(in));
memset(in,NULL,sizeof(in));
memset(out,NULL,sizeof(out));
//unsigned char *out;
printf("请输入明文");
scanf("%s",in);
//const unsigned char *msg="Hello OpenSSL";
//设置key 和iv (可采用随机数,也可以由用户输入)
/*for(i=0;i<24;i++)
{
key[i]=i;
}*/
printf("请输入密钥:");
scanf("%s",key);
for(i=0;i<8;i++)
{
iv[i]=i;
}
//初始化密码算法结构体
EVP_CIPHER_CTX_init(&ctx);
//设置算法和密钥以及初始化向量
//rv= EVP_EncryptInit_ex(&ctx,EVP_aes_128_cbc(),NULL,key,iv);
rv= EVP_DecryptInit_ex(&ctx,EVP_aes_128_cbc(),NULL,key,iv);
if(rv!=1)
{
printf("Err\n");
return ;
}
//数据加密
//rv=EVP_EncryptUpdate(&ctx,out,&outl,in,strlen(in));
rv=EVP_DecryptUpdate(&ctx,out,&outl,in,strlen(in));
if(rv!=1)
{
printf("Err\n");
return;
}
//结束数据加密,把剩余数据输出
//rv=EVP_EncryptFinal_ex(&ctx,out+outl,&outltmp);
rv=EVP_DecryptFinal_ex(&ctx,out+outl,&outltmp);
if(rv!=1)
{
printf("Err\n");
return;
}
outl=outl+outltmp;
printf("原文为:%s\n",in);
//打印输出密文
printf("密文长度:%d\n密文数据:\n",outl);
for(i=0;i<outl;i++)
{
printf("0X%02x ",out[i]);
}
}
- ECC
1.Generate key pair
groupt -> ec_key -> evp_ec_key
- ECDH
1.Generate Shared secret (using private key and other Public key)
#include <openssl/evp.h>
int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX *ctx, EVP_PKEY *peer,
int validate_peer);
int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
2.get private key
3.get public key
如何在OpenSSL的EVP_PKEY结构中访问原始ECDH公钥,私钥和参数?
Appendix
【1】 OpenSSL
网友评论