1. Zuhause
  2. Frage und Antwort
  3. wie hex format rsa privaten Schlüssel in PKCS8 Format in iOS

wie hex format rsa privaten Schlüssel in PKCS8 Format in iOS

2016-06-30 23 views
1

konvertieren Ich brauche einen privaten Schlüssel RSA Signing zu tun.wie hex format rsa privaten Schlüssel in PKCS8 Format in iOS

Das Unternehmen gab mir den privaten Schlüssel wie folgt aus:

3082025C02010002818100AB13EC000380B4E489F717440D42473BD1C0F0B4F36D765171B3868ADF1CCAA782B48C71560C48342DFAEA01C6DBAF7A36F885B58BB24D7934352AA304941B1EB8373B561C4FBF11181C2E75ED3356CAE5B0DC9759A42CE997F5E5321AA5A67C5A2AE923F4705E61C2C7C8C2441CDCE6DE8638AB9294DA7A9A5B59E2E31C8A9B0203010001028180037ECDB4965DBBD46B8933DD7D13DC96B94B62DF9F959DF43E0977F74065BB323EF667642D68E4D4C417BB4E3BFCE311F12B94B7C7D9E5C15332BEE343C5AEE4223BF3ADE524C2726A685E62938C6B62ADA73529C762A61ABF707E936CFAC2233AD2C7DB0D8764194A7648C16A85FA54E0EBA32BFAB616CBE0009E5E3B8B5349024100D463E0012A09AA1399B5AD6BDDB47A7418F35109786899DDE1913647D3864A7897747D001122E3430CA58F4E94391208 E9059606AEA8389E045B31273EBD2C75024100CE347F1CF65ACEFB6B21B758D7AB6B850F4BA1ECFC7DA1B0FC52538AF5D5280393ADB06D0A0762E66526C5755ABC6F81C22A6463E8B0E27D69BDEFFA8F3C38CF024100A10054FE8CEF668E1527339F61213EF263378F66AE701CB3A61A7E1B54ADA82662295BD88125014202843E6E42CE406DA0B72B5345731FF8293537BD9841AF410240472BDF63C3B3FC14D319440B2A05448B1C88624F45A6A7144B42AF0B1B6682F51917ADF934A8EFFDCD93E03B6D21F4EAB875A148CA9BA2D0DE9A6C25F3223A0902401E673CB216C11DCCD41D99F4892C2027A03ADE42E64C7B4410BF9C4D1B0A58C51CF33FA3BA1D8F4D693A2C5CCB0D42A4A787EE32729871FEF4FC143DFFA170A2

Es ist in einem Hex-Format, aber OpenSSL PEM_read_bio_RSAPrivateKey() Funktion gibt NULL zurück. Ich suchte nach Hilfe und fand heraus, dass der private Schlüssel im "PKCS8" -Format sein muss. Wie kann ich das obige Hexformat in das PKCS8-Format in meinem Code konvertieren?

Quelle

2016-06-30 sides

+0

Ja, vielen Dank für Ihre privaten Schlüssel ... – tkausl

+0

es nur der private Testschlüssel für das interne Netzwerk – sides

Antwort

0

Im Folgenden wird OpenSSL 1.1.0 verwendet (ich musste einige andere Tests durchführen). Es verwendet auch d2i_RSAPrivateKey statt PEM_read_bio_RSAPrivateKey. Der Schlüssel ist in ASN.1/DER, daher können Sie die PEM-Routinen nicht verwenden.

Kompilieren und verknüpfen Sie mit etwas ähnlich wie gcc -I/usr/local/ssl/1.1.0/include test.cc -o test.exe /usr/local/ssl/1.1.0/lib/libcrypto.a.

Sie sollten auch Code hinzufügen, um die Bibliothek zu bereinigen. Siehe auch Library Initialization im OpenSSL-Wiki.

#include <stdio.h> 
#include <unistd.h> 

#include <openssl/opensslconf.h> 
#include <openssl/crypto.h> 
#include <openssl/rsa.h> 

const char encoded[] = 
    "3082025C02010002818100AB13EC000380B4E489F717440D42473BD1C0" 
    "F0B4F36D765171B3868ADF1CCAA782B48C71560C48342DFAEA01C6DBAF" 
    "7A36F885B58BB24D7934352AA304941B1EB8373B561C4FBF11181C2E75" 
    "ED3356CAE5B0DC9759A42CE997F5E5321AA5A67C5A2AE923F4705E61C2" 
    "C7C8C2441CDCE6DE8638AB9294DA7A9A5B59E2E31C8A9B020301000102" 
    "8180037ECDB4965DBBD46B8933DD7D13DC96B94B62DF9F959DF43E0977" 
    "F74065BB323EF667642D68E4D4C417BB4E3BFCE311F12B94B7C7D9E5C1" 
    "5332BEE343C5AEE4223BF3ADE524C2726A685E62938C6B62ADA73529C7" 
    "62A61ABF707E936CFAC2233AD2C7DB0D8764194A7648C16A85FA54E0EB" 
    "A32BFAB616CBE0009E5E3B8B5349024100D463E0012A09AA1399B5AD6B" 
    "DDB47A7418F35109786899DDE1913647D3864A7897747D001122E3430C" 
    "A58F4E94391208E9059606AEA8389E045B31273EBD2C75024100CE347F" 
    "1CF65ACEFB6B21B758D7AB6B850F4BA1ECFC7DA1B0FC52538AF5D52803" 
    "93ADB06D0A0762E66526C5755ABC6F81C22A6463E8B0E27D69BDEFFA8F" 
    "3C38CF024100A10054FE8CEF668E1527339F61213EF263378F66AE701C" 
    "B3A61A7E1B54ADA82662295BD88125014202843E6E42CE406DA0B72B53" 
    "45731FF8293537BD9841AF410240472BDF63C3B3FC14D319440B2A0544" 
    "8B1C88624F45A6A7144B42AF0B1B6682F51917ADF934A8EFFDCD93E03B" 
    "6D21F4EAB875A148CA9BA2D0DE9A6C25F3223A0902401E673CB216C11D" 
    "CCD41D99F4892C2027A03ADE42E64C7B4410BF9C4D1B0A58C51CF33FA3" 
    "BA1D8F4D693A2C5CCB0D42A4A787EE32729871FEF4FC143DFFA170A2"; 

int main(int argc, char* argv[]) 
{ 
    long length = 0; 
    unsigned char* decoded = NULL; 
    RSA* rsa = NULL; 

    decoded = OPENSSL_hexstr2buf(encoded, &length); 
    if (decoded == NULL || length == 0) 
     return 1; 

    const unsigned char* temp = decoded; 
    rsa = d2i_RSAPrivateKey(NULL, &temp, length); 
    if (rsa == NULL) 
     return 1; 

    RSA_print_fp(stdout, rsa, 0); 

    if (rsa) 
     RSA_free(rsa); 

    if (decoded) 
     OPENSSL_free(decoded); 

    return 0; 
}

const unsigned char* temp = decoded verwendet, weil temp ist vorübergehend, und d2i_RSAPrivateKey erhöht den Zeiger auf den nächsten privaten Schlüssel (falls eine andere Parse wird versucht). Sie können immer noch zu den ursprünglichen Daten über decoded gelangen.

Es ergibt sich:

$ ./test.exe 
Private-Key: (1024 bit) 
modulus: 
    00:ab:13:ec:00:03:80:b4:e4:89:f7:17:44:0d:42: 
    47:3b:d1:c0:f0:b4:f3:6d:76:51:71:b3:86:8a:df: 
    1c:ca:a7:82:b4:8c:71:56:0c:48:34:2d:fa:ea:01: 
    c6:db:af:7a:36:f8:85:b5:8b:b2:4d:79:34:35:2a: 
    a3:04:94:1b:1e:b8:37:3b:56:1c:4f:bf:11:18:1c: 
    2e:75:ed:33:56:ca:e5:b0:dc:97:59:a4:2c:e9:97: 
    f5:e5:32:1a:a5:a6:7c:5a:2a:e9:23:f4:70:5e:61: 
    c2:c7:c8:c2:44:1c:dc:e6:de:86:38:ab:92:94:da: 
    7a:9a:5b:59:e2:e3:1c:8a:9b 
publicExponent: 65537 (0x10001) 
privateExponent: 
    03:7e:cd:b4:96:5d:bb:d4:6b:89:33:dd:7d:13:dc: 
    96:b9:4b:62:df:9f:95:9d:f4:3e:09:77:f7:40:65: 
    bb:32:3e:f6:67:64:2d:68:e4:d4:c4:17:bb:4e:3b: 
    fc:e3:11:f1:2b:94:b7:c7:d9:e5:c1:53:32:be:e3: 
    43:c5:ae:e4:22:3b:f3:ad:e5:24:c2:72:6a:68:5e: 
    62:93:8c:6b:62:ad:a7:35:29:c7:62:a6:1a:bf:70: 
    7e:93:6c:fa:c2:23:3a:d2:c7:db:0d:87:64:19:4a: 
    76:48:c1:6a:85:fa:54:e0:eb:a3:2b:fa:b6:16:cb: 
    e0:00:9e:5e:3b:8b:53:49 
prime1: 
    00:d4:63:e0:01:2a:09:aa:13:99:b5:ad:6b:dd:b4: 
    7a:74:18:f3:51:09:78:68:99:dd:e1:91:36:47:d3: 
    86:4a:78:97:74:7d:00:11:22:e3:43:0c:a5:8f:4e: 
    94:39:12:08:e9:05:96:06:ae:a8:38:9e:04:5b:31: 
    27:3e:bd:2c:75 
prime2: 
    00:ce:34:7f:1c:f6:5a:ce:fb:6b:21:b7:58:d7:ab: 
    6b:85:0f:4b:a1:ec:fc:7d:a1:b0:fc:52:53:8a:f5: 
    d5:28:03:93:ad:b0:6d:0a:07:62:e6:65:26:c5:75: 
    5a:bc:6f:81:c2:2a:64:63:e8:b0:e2:7d:69:bd:ef: 
    fa:8f:3c:38:cf 
exponent1: 
    00:a1:00:54:fe:8c:ef:66:8e:15:27:33:9f:61:21: 
    3e:f2:63:37:8f:66:ae:70:1c:b3:a6:1a:7e:1b:54: 
    ad:a8:26:62:29:5b:d8:81:25:01:42:02:84:3e:6e: 
    42:ce:40:6d:a0:b7:2b:53:45:73:1f:f8:29:35:37: 
    bd:98:41:af:41 
exponent2: 
    47:2b:df:63:c3:b3:fc:14:d3:19:44:0b:2a:05:44: 
    8b:1c:88:62:4f:45:a6:a7:14:4b:42:af:0b:1b:66: 
    82:f5:19:17:ad:f9:34:a8:ef:fd:cd:93:e0:3b:6d: 
    21:f4:ea:b8:75:a1:48:ca:9b:a2:d0:de:9a:6c:25: 
    f3:22:3a:09 
coefficient: 
    1e:67:3c:b2:16:c1:1d:cc:d4:1d:99:f4:89:2c:20: 
    27:a0:3a:de:42:e6:4c:7b:44:10:bf:9c:4d:1b:0a: 
    58:c5:1c:f3:3f:a3:ba:1d:8f:4d:69:3a:2c:5c:cb: 
    0d:42:a4:a7:87:ee:32:72:98:71:fe:f4:fc:14:3d: 
    ff:a1:70:a2

Wenn Sie Bereinigung nicht, dann wird Valgrind berichten so etwas wie:

$ valgrind --leak-check=full --show-leak-kinds=all --track-origins=yes ./test.exe 
==32773== Memcheck, a memory error detector 
==32773== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. 
==32773== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info 
==32773== Command: ./test.exe 
==32773== 
... 
==32773== 
==32773== HEAP SUMMARY: 
==32773==  in use at exit: 63,005 bytes in 365 blocks 
==32773== total heap usage: 547 allocs, 182 frees, 69,806 bytes allocated 
==32773== 
==32773== 200 bytes in 1 blocks are still reachable in loss record 55 of 83 
==32773== at 0x4D11: malloc (vg_replace_malloc.c:303) 
==32773== by 0x10010AA3E: CRYPTO_zalloc (in ./test.exe) 
==32773== by 0x1001522BB: CRYPTO_THREAD_lock_new (in ./test.exe) 
==32773== by 0x100104EC8: do_ex_data_init (in ./test.exe) 
==32773== by 0xD8FBF: pthread_once (in /usr/lib/system/libsystem_c.dylib) 
==32773== by 0x1001523A8: CRYPTO_THREAD_run_once (in ./test.exe) 
==32773== by 0x100104768: CRYPTO_new_ex_data (in ./test.exe) 
==32773== by 0x10012A9C3: RSA_new_method (in ./test.exe) 
==32773== by 0x100129ED1: rsa_cb (in ./test.exe) 
==32773== by 0x100027057: asn1_item_embed_new (in ./test.exe) 
==32773== by 0x1000244CA: asn1_item_embed_d2i (in ./test.exe) 
==32773== by 0x100024125: ASN1_item_d2i (in ./test.exe) 
==32773== 
==32773== 4,096 bytes in 1 blocks are still reachable in loss record 81 of 83 
==32773== at 0x4D11: malloc (vg_replace_malloc.c:303) 
==32773== by 0x1431D8: __smakebuf (in /usr/lib/system/libsystem_c.dylib) 
==32773== by 0x104F34: __swsetup (in /usr/lib/system/libsystem_c.dylib) 
==32773== by 0x142392: __sfvwrite (in /usr/lib/system/libsystem_c.dylib) 
==32773== by 0x142994: fwrite (in /usr/lib/system/libsystem_c.dylib) 
==32773== by 0x100031997: file_write (in ./test.exe) 
==32773== by 0x100030A29: BIO_write (in ./test.exe) 
==32773== by 0x10002CFFB: BIO_vprintf (in ./test.exe) 
==32773== by 0x10002CEFC: BIO_printf (in ./test.exe) 
==32773== by 0x100129B7C: do_rsa_print (in ./test.exe) 
==32773== by 0x10012EDBC: RSA_print_fp (in ./test.exe) 
==32773== by 0x1000010C4: main (test.cc:48) 
==32773== 
==32773== LEAK SUMMARY: 
==32773== definitely lost: 0 bytes in 0 blocks 
==32773== indirectly lost: 0 bytes in 0 blocks 
==32773==  possibly lost: 0 bytes in 0 blocks 
==32773== still reachable: 4,296 bytes in 2 blocks 
==32773==   suppressed: 58,709 bytes in 363 blocks 
==32773==

Quelle

2016-06-30 14:56:30 jww

 Verwandte Themen

  • Keine verwandten Themen^_^