1. 首頁
  2. 問答
  3. 將RSA私鑰加載到EVP_PKEY

將RSA私鑰加載到EVP_PKEY

2015-05-11 571 views
1

我目前在.pem文件中有私鑰。在我的應用程序(iOS)中,我想將私鑰加載到EVP_PKEY結構中以簽署X509_REQ。將RSA私鑰加載到EVP_PKEY

我目前的問題是我能夠加載私鑰,但實際上它是一個不同於我的文件系統中的私鑰。

這裏是我的代碼:

BIO *bio_err; 
X509_REQ *x509=NULL; 
EVP_PKEY *pkey= NULL; 
EVP_PKEY *pubKey = NULL; 

NSString *privateKeyFile = [SecurityManager privateKeyFileAndProof:YES]; 
char const *privKeyPath = [[NSFileManager defaultManager] fileSystemRepresentationWithPath:privateKeyFile]; 
FILE *fp = fopen(privKeyPath, "r"); 

PEM_read_PrivateKey(fp, &pkey, NULL, NULL); 

fclose(fp); 
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 

bio_err=BIO_new_fp(stderr, BIO_NOCLOSE); 

PEM_write_PrivateKey(stdout,pkey,NULL,NULL,0,NULL, NULL);

這是我的實際的私用密鑰文件:

-----BEGIN RSA PRIVATE KEY----- 
MIIEowIBAAKCAQEAzl8TJ46uLTo6ELLrEPRpS7S0IYBAhAXbxvvKaRLvjBi9khud 
8ybfDSjoD//uoAlZDIfRak31tHIXqiJntaDZJ8ujIEK4DdRBVHowPNC/tKuYUti8 
vZ94BkN48nyJwfFtYPtqaMI6XC0Vh0ffQnQ9jl1d8TVfvxuhlK2+C/WG8Gz9NmRu 
JGgCiNuHOIIjaDtlJW36fj21KxW5de1dEW1GUF9GPctN0QjeU4xPFukbu0w8qrr7 
ShiIlz0DCkzuj2ww1mr/Gpt4boGCmyM9u+IMg30WMGYacb1+qIpswHJIVaDx7Jmf 
xnn8k2rVZT5FUpSjyusSeWFkU7Qh0cKm5BrFNQIDAQABAoIBAEJV2Uhb2qz7DHMV 
r+2xQq9tFIG4QgSuBWk+wl9oEMwNn9H5QppIImaOgZmzALc8if03Ix9yk8o+6lBr 
4r5FR8g88uCJ0bPQSHepFxxVVWnzxnDK7lBdlC0fPx9i3L0Up74G0rt9w1ihvUvQ 
1Hj9+FNsu6evKmm5rgSmnHInqApbyivyogqqSFZ1WlbR9PlT7J15RJAL6lVL+6DP 
bIyFDL38degVtOUCAekTsBj1tpewfpFYIb6g5ovVFMgbzXBFL8tEmTe40UheUD1R 
LBSaBISQQdl1b6dp0A7jPisk6NE9RZRv0aXLf/t1GrCGIVNQ73+ZtJPETL5Ckk3n 
+eEWizkCgYEA9Vmg3pfMHB6QAcsEASK+bdOx2p+Sq47Yd4wISWXKpiylYudKFv0I 
bm/0fhU3QOwIUpD0/i5dvUetE08ARU8vXHS+Aar9Gr109KslgdoLFnwTp9A9MsJP 
Kuo7ZV3/P3APYlsCdoA2YmR8ys6JIooNlwwV523vI0S7q0Jc277tHf8CgYEA11RO 
7FpFMYgYniSyal4Sze+YLXbhvhTPdmbhY+zAh3U0aJ4WHckmofeyomgqQ9ZAdcfu 
cUyZKqxJ6FQelc5voBjOTj6rNfziWrU618ldIgmW/0hsQ4Wb+j7W+csqJVTPPGCy 
bg+jRIv0W9foIPFhXijC/HWS3Vq2QCklGO5kBMsCgYBC1B4AY4KCKkT5aA34LTmH 
esEYFp0Bw8/siCT9sQ9IwiJuVSeWKWfxhOcorKi3M1N1Aezpi0GXO/3Fo6AkQNRa 
r6XNmICGlxJTTobR3s1kW3mTHSJ+P/UGcHSrQLY01lYqaTW7h2LI3CwtpaIu2UGo 
Ye9ZcVVQ2vjvRg07Ab9eiwKBgFrmWlLoYKFiRJIuB6tjfyi0Zld7Ah0OB+6By9A1 
F6mXTsKDSe7VBZwGRsDMnFr6zUdrWTs3DMm45ZJQQIEZHoJFNoJNblViJeQI8Yg6 
lzhROA8YcauncYsYkAPvQiF0Re/FGk3gCBpdwpAq+vE9NM9dAcM1lwQe0SUQuXpm 
2I41AoGBALUMXfvtDKzcHnZ3UjXuVHM/H6gFiOLx9GhQ9K4BMe7nkbKsDnwbw6Z2 
124ZdhkBMgFsL8XTyhyGo2upB/Sq9enLT5fNcD3OZcfRfBGgQO/27IV/A5/ofpG6 
N3bDZhBhKHvriP683gXF/L2ki4OTtDI6gym/jaXn3RdNK0kL4tJu 
-----END RSA PRIVATE KEY-----

這是我印的私鑰,當我加載EVP_PKEY結構

-----BEGIN PRIVATE KEY----- 
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDOXxMnjq4tOjoQ 
susQ9GlLtLQhgECEBdvG+8ppEu+MGL2SG53zJt8NKOgP/+6gCVkMh9FqTfW0cheq 
Ime1oNkny6MgQrgN1EFUejA80L+0q5hS2Ly9n3gGQ3jyfInB8W1g+2powjpcLRWH 
R99CdD2OXV3xNV+/G6GUrb4L9YbwbP02ZG4kaAKI24c4giNoO2Ulbfp+PbUrFbl1 
7V0RbUZQX0Y9y03RCN5TjE8W6Ru7TDyquvtKGIiXPQMKTO6PbDDWav8am3hugYKb 
Iz274gyDfRYwZhpxvX6oimzAckhVoPHsmZ/GefyTatVlPkVSlKPK6xJ5YWRTtCHR 
wqbkGsU1AgMBAAECggEAQlXZSFvarPsMcxWv7bFCr20UgbhCBK4FaT7CX2gQzA2f 
0flCmkgiZo6BmbMAtzyJ/TcjH3KTyj7qUGvivkVHyDzy4InRs9BId6kXHFVVafPG 
cMruUF2ULR8/H2LcvRSnvgbSu33DWKG9S9DUeP34U2y7p68qabmuBKaccieoClvK 
K/KiCqpIVnVaVtH0+VPsnXlEkAvqVUv7oM9sjIUMvfx16BW05QIB6ROwGPW2l7B+ 
kVghvqDmi9UUyBvNcEUvy0SZN7jRSF5QPVEsFJoEhJBB2XVvp2nQDuM+KyTo0T1F 
lG/Rpct/+3UasIYhU1Dvf5m0k8RMvkKSTef54RaLOQKBgQD1WaDel8wcHpABywQB 
Ir5t07Han5Krjth3jAhJZcqmLKVi50oW/Qhub/R+FTdA7AhSkPT+Ll29R60TTwBF 
Ty9cdL4Bqv0avXT0qyWB2gsWfBOn0D0ywk8q6jtlXf8/cA9iWwJ2gDZiZHzKzoki 
ig2XDBXnbe8jRLurQlzbvu0d/wKBgQDXVE7sWkUxiBieJLJqXhLN75gtduG+FM92 
ZuFj7MCHdTRonhYdySah97KiaCpD1kB1x+5xTJkqrEnoVB6Vzm+gGM5OPqs1/OJa 
tTrXyV0iCZb/SGxDhZv6Ptb5yyolVM88YLJuD6NEi/Rb1+gg8WFeKML8dZLdWrZA 
KSUY7mQEywKBgELUHgBjgoIqRPloDfgtOYd6wRgWnQHDz+yIJP2xD0jCIm5VJ5Yp 
Z/GE5yisqLczU3UB7OmLQZc7/cWjoCRA1Fqvpc2YgIaXElNOhtHezWRbeZMdIn4/ 
9QZwdKtAtjTWVippNbuHYsjcLC2loi7ZQahh71lxVVDa+O9GDTsBv16LAoGAWuZa 
UuhgoWJEki4Hq2N/KLRmV3sCHQ4H7oHL0DUXqZdOwoNJ7tUFnAZGwMycWvrNR2tZ 
OzcMybjlklBAgRkegkU2gk1uVWIl5AjxiDqXOFE4Dxhxq6dxixiQA+9CIXRF78Ua 
TeAIGl3CkCr68T00z10BwzWXBB7RJRC5embYjjUCgYEAtQxd++0MrNwedndSNe5U 
cz8fqAWI4vH0aFD0rgEx7ueRsqwOfBvDpnbXbhl2GQEyAWwvxdPKHIaja6kH9Kr1 
6ctPl81wPc5lx9F8EaBA7/bshX8Dn+h+kbo3dsNmEGEoe+uI/rzeBcX8vaSLg5O0 
MjqDKb+NpefdF00rSQvi0m4= 
-----END PRIVATE KEY-----

來源

2015-05-11 Sn0wfreeze

+0

通常私鑰是使用密鑰(密碼)加密存儲的。你有一個空密碼。這可能是問題嗎? – pedwards

+0

重新閱讀後,您正試圖讀取(可能)加密的私鑰而不進行解密,然後將其寫回文件中......使用加密的函數,然後使用NULL密碼寫入私鑰......這樣會使它不同。嘗試使用您的密碼。 (只是一個猜測) – pedwards

+0

其實密鑰是在該應用程序中生成的,該應用程序在沙箱中運行。所以我沒有添加密鑰 – Sn0wfreeze

回答

2

自OpenSSL版本1.0.0以來,例如PEM_write_PrivateKey的例程默認爲PKCS8格式,其中包含標頭和像d頁腳:

----- BEGIN PRIVATE KEY -----

----- END PRIVATE KEY -----

如果您想在1.0.0以後的版本中以傳統格式寫入,則可以通過以下方式讀取和寫入例程:PEM_read_RSAPrivateKeyPEM_write_RSAPrivateKey

傳統密鑰格式的頁眉和頁腳是這樣的:

----- BEGIN RSA私鑰-----

----- END RSA私鑰-----

來源

2015-05-11 20:20:46 Prabhu

+0

這似乎是一個好主意。我嘗試使用該方法獲取密鑰,但始終返回NULL ... – Sn0wfreeze

+1

是否可以將RSA結構傳遞給EVP_PKEY結構? 我需要一個EVP_PKEY簽名我的X509_REQ – Sn0wfreeze

+0

將傳統編碼的PEM密鑰轉換爲PKCS#8格式如何? – Prabhu

相關問題

 相關問題