[OpenSSL} Read certificate.pem 在C lang中获取RSA格式的public key
[OpenSSL} Read certificate.pem to get the public key in RSA format in C lang
我对 OpenSSL 和密钥格式一窍不通。我正在使用 C 语言。
我想更改 pem 格式的证书文件(ABCcert.pem 文件 - 它以 -----BEGIN CERTIFICATE----- 开头并以 ----- 结尾END CERTIFICATE-----) 使用 C.
到 RSA public 密钥
换句话说,我有一个 pem 格式的证书,我想从中取出 public 密钥并加密我的消息。
我使用 openssl 控制台找到了很多很好的答案,但我只想使用 C lang。
有人能帮忙吗?
你想要PEM_read_X509()
:
X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
.
.
.
The PEM read functions all take an argument TYPE **x and return a TYPE * pointer. Where TYPE is whatever structure the function uses. If x is NULL then the parameter is ignored. If x is not NULL but *x is NULL then the structure returned will be written to *x. If neither x nor *x is NULL then an attempt is made to reuse the structure at *x (but see BUGS and EXAMPLES sections). Irrespective of the value of x a pointer to the structure is always returned (or NULL if an error occurred).
The PEM functions which write private keys take an enc parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.
The cb argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).
For the PEM write routines if the kstr parameter is not NULL then klen bytes at kstr are used as the passphrase and cb is ignored.
If the cb parameters is set to NULL and the u parameter is not NULL then the u parameter is interpreted as a null terminated string to use as the passphrase. If both cb and u are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.
您可能只需要这样的东西:
FILE *pemFile = fopen(...);
X509 *x509 = PEM_read_X509( pemFile, NULL, NULL, NULL );
获得 X509
证书后,您可以使用 X509_get_pubkey()
获取 RSA public 密钥:
#include <openssl/x509.h>
EVP_PKEY *X509_get_pubkey(X509 *x);
EVP_PKEY *X509_get0_pubkey(const X509 *x);
我对 OpenSSL 和密钥格式一窍不通。我正在使用 C 语言。
我想更改 pem 格式的证书文件(ABCcert.pem 文件 - 它以 -----BEGIN CERTIFICATE----- 开头并以 ----- 结尾END CERTIFICATE-----) 使用 C.
到 RSA public 密钥换句话说,我有一个 pem 格式的证书,我想从中取出 public 密钥并加密我的消息。
我使用 openssl 控制台找到了很多很好的答案,但我只想使用 C lang。
有人能帮忙吗?
你想要PEM_read_X509()
:
X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u); . . .
The PEM read functions all take an argument TYPE **x and return a TYPE * pointer. Where TYPE is whatever structure the function uses. If x is NULL then the parameter is ignored. If x is not NULL but *x is NULL then the structure returned will be written to *x. If neither x nor *x is NULL then an attempt is made to reuse the structure at *x (but see BUGS and EXAMPLES sections). Irrespective of the value of x a pointer to the structure is always returned (or NULL if an error occurred).
The PEM functions which write private keys take an enc parameter which specifies the encryption algorithm to use, encryption is done at the PEM level. If this parameter is set to NULL then the private key is written in unencrypted form.
The cb argument is the callback to use when querying for the pass phrase used for encrypted PEM structures (normally only private keys).
For the PEM write routines if the kstr parameter is not NULL then klen bytes at kstr are used as the passphrase and cb is ignored.
If the cb parameters is set to NULL and the u parameter is not NULL then the u parameter is interpreted as a null terminated string to use as the passphrase. If both cb and u are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off.
您可能只需要这样的东西:
FILE *pemFile = fopen(...);
X509 *x509 = PEM_read_X509( pemFile, NULL, NULL, NULL );
获得 X509
证书后,您可以使用 X509_get_pubkey()
获取 RSA public 密钥:
#include <openssl/x509.h>
EVP_PKEY *X509_get_pubkey(X509 *x);
EVP_PKEY *X509_get0_pubkey(const X509 *x);