openssl3.2 - exp - generate ecc priv key

  • 开发
  • 20

文章目录

openssl3.2 - exp - generate ecc priv key

概述

前面实验已经将ECC加解密的流程用openssl命令模拟出来了.
现在开始将ECC加解密流程中的知识点从openssl.exe源码中迁移到自己工程.

先迁移了一个命令如下

openssl ecparam -name sect571r1 -genkey -noout -out priv_key_s.pem

封装了一个函数, 产生ecc密钥到buffer, 好使.

笔记

/*!
* \file exp020_ecc_gen_priv_key.cpp
* \note openssl3.2 - exp - generate ecc priv key
	产生ECC私钥
	单步调试, 移植openssl命令行的实现
	openssl ecparam -name sect571r1 -genkey -noout -out priv_key_s.pem
*/

#include "my_openSSL_lib.h"
#include <openssl/crypto.h>
#include <openssl/bio.h>
#include <openssl/params.h>
#include <openssl/core_names.h>
#include <openssl/evp.h>
#include <openssl/encoder.h>

#include <stdlib.h>
#include <stdio.h>
#include <assert.h>

#include "CMemHookRec.h"

void my_openssl_app();
bool my_ecc_gen_priv_key(const char* keytype, const char* curve_name, const char* out_format, unsigned char*& pdata, size_t& data_len);

int main(int argc, char** argv)
{
	setvbuf(stdout, NULL, _IONBF, 0); // 清掉stdout缓存, 防止调用printf时阻塞
	mem_hook();

	my_openssl_app();

	mem_unhook();

	/*! run result
	ec priv key:
	0000 - 2d 2d 2d 2d 2d 42 45 47-49 4e 20 45 43 20 50 52   -----BEGIN EC PR
	0010 - 49 56 41 54 45 20 4b 45-59 2d 2d 2d 2d 2d 0a 4d   IVATE KEY-----.M
	0020 - 49 48 75 41 67 45 42 42-45 67 43 53 4d 2f 56 6a   IHuAgEBBEgCSM/Vj
	// ...
	0160 - 2b 31 64 0a 58 41 3d 3d-0a 2d 2d 2d 2d 2d 45 4e   +1d.XA==.-----EN
	0170 - 44 20 45 43 20 50 52 49-56 41 54 45 20 4b 45 59   D EC PRIVATE KEY
	0180 - 2d 2d 2d 2d 2d 0a                                 -----.
	free map, g_mem_hook_map.size() = 0
	*/

	return 0;
}

void my_openssl_app()
{
	bool b_rc = false;
	unsigned char* pdata = NULL;
	size_t data_len = 0;

	b_rc = my_ecc_gen_priv_key("ec", "sect571r1", "PEM", pdata, data_len);
	assert(b_rc);

	printf("ec priv key:\n");
	BIO_dump_fp(stdout, pdata, data_len);

	if (NULL != pdata)
	{
		OPENSSL_free(pdata);
		pdata = NULL;
	}
}

bool my_ecc_gen_priv_key(const char* keytype, const char* curve_name, const char* out_format, unsigned char*& pdata, size_t& data_len)
{
	// openssl ecparam -name sect571r1 -genkey -noout -out priv_key_s.pem
	bool b_rc = false;
	OSSL_PARAM _ossl_param_ary[2];
	EVP_PKEY_CTX* _evp_pkey_ctx_key_type = NULL;
	EVP_PKEY* _evp_pkey_key_type = NULL;

	EVP_PKEY_CTX* _evp_pkey_ctx_key = NULL;
	OSSL_ENCODER_CTX* _ossl_encoder_ctx = NULL;
	OSSL_LIB_CTX* _ossl_lib_ctx = NULL;
	
	EVP_PKEY* _evp_pkey = NULL;

	do {
		_ossl_lib_ctx = OSSL_LIB_CTX_new();
		if (NULL == _ossl_lib_ctx)
		{
			break;
		}

		_evp_pkey_ctx_key_type = EVP_PKEY_CTX_new_from_name(_ossl_lib_ctx, keytype, NULL);
		if (NULL == _evp_pkey_ctx_key_type)
		{
			break;
		}

		if (EVP_PKEY_keygen_init(_evp_pkey_ctx_key_type) <= 0)
		{
			break;
		}

		_ossl_param_ary[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, (char*)curve_name, 0);
		_ossl_param_ary[1] = OSSL_PARAM_construct_end();
		if (EVP_PKEY_CTX_set_params(_evp_pkey_ctx_key_type, _ossl_param_ary) <= 0)
		{
			break;
		}

		if (EVP_PKEY_keygen(_evp_pkey_ctx_key_type, &_evp_pkey_key_type) <= 0)
		{
			break;
		}

		_evp_pkey_ctx_key = EVP_PKEY_CTX_new_from_pkey(_ossl_lib_ctx, _evp_pkey_key_type, NULL);
		if (NULL == _evp_pkey_ctx_key)
		{
			break;
		}

		if (EVP_PKEY_keygen_init(_evp_pkey_ctx_key) <= 0)
		{
			break;
		}

		if (EVP_PKEY_keygen(_evp_pkey_ctx_key, &_evp_pkey) <= 0)
		{
			break;
		}

		_ossl_encoder_ctx = OSSL_ENCODER_CTX_new_for_pkey(_evp_pkey, OSSL_KEYMGMT_SELECT_ALL, out_format, NULL, NULL);
		if (NULL == _ossl_encoder_ctx)
		{
			break;
		}

		/*
		int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, size_t *pdata_len);
		, unsigned char*& pdata, size_t& data_len*/

		if (1 != OSSL_ENCODER_to_data(_ossl_encoder_ctx, &pdata, &data_len))
		{
			break;
		}

		b_rc = true;
	} while (false);

	if (NULL != _ossl_encoder_ctx)
	{
		OSSL_ENCODER_CTX_free(_ossl_encoder_ctx);
		_ossl_encoder_ctx = NULL;
	}

	if (NULL != _evp_pkey)
	{
		EVP_PKEY_free(_evp_pkey);
		_evp_pkey = NULL;
	}

	if (NULL != _evp_pkey_key_type)
	{
		EVP_PKEY_free(_evp_pkey_key_type);
	}

	if (NULL != _evp_pkey_ctx_key_type)
	{
		EVP_PKEY_CTX_free(_evp_pkey_ctx_key_type);
		_evp_pkey_ctx_key_type = NULL;
	}

	if (NULL != _evp_pkey_ctx_key)
	{
		EVP_PKEY_CTX_free(_evp_pkey_ctx_key);
		_evp_pkey_ctx_key = NULL;
	}

	if (NULL != _ossl_lib_ctx)
	{
		OSSL_LIB_CTX_free(_ossl_lib_ctx);
		_ossl_lib_ctx = NULL;
	}

	return b_rc;
}

备注

在网上查的资料, 大概只能参考一下思路. 想找和自己想的一模一样的东西基本不可能.
还是有了思路, 自己从官方实现(权威, 质量有保证)中移植(扒代码)爽.

END

阅读全部

相关推荐

  1. openssl3.2 - exp - RAND_bytes_ex

    2024-03-17 01:42:03       28 阅读

  3. openssl+EVP详解

    2024-03-17 01:42:03       28 阅读

  4. openssl3.2 - exp - get openssl version info

    2024-03-17 01:42:03       9 阅读

  6. openssl3.2 - exp - PEM <==> DER

    2024-03-17 01:42:03       26 阅读

  7. openssl3.2 - exp - AES-256-GCM

    2024-03-17 01:42:03       16 阅读

  9. openssl3.2 - exp - generate prime

    2024-03-17 01:42:03       20 阅读

  10. openssl3.2 - exp - aes-128-cbc

    2024-03-17 01:42:03       16 阅读

最近更新

  4. TCP协议是安全的吗?

    2024-03-17 01:42:03       18 阅读

  12. 阿里云服务器执行yum,一直下载docker-ce-stable失败

    2024-03-17 01:42:03       19 阅读

  13. 【Python教程】压缩PDF文件大小

    2024-03-17 01:42:03       19 阅读

  18. 通过文章id递归查询所有评论(xml)

    2024-03-17 01:42:03       20 阅读

热门阅读

  5. PyTorch入门

    2024-03-17 01:42:03       20 阅读

  10. 指定元素懒加载

    2024-03-17 01:42:03       21 阅读

  11. 【爬虫介绍】了解爬虫的魅力

    2024-03-17 01:42:03       18 阅读

  17. linux下自定义显示文件拷贝进度

    2024-03-17 01:42:03       24 阅读

  18. 详解优雅版线程池ThreadPoolTaskExecutor和ThreadPoolTaskExecutor的装饰器

    2024-03-17 01:42:03       22 阅读
  23. 2024/3/26

    2024/3/26

    2024-03-17 01:42:03      19 阅读