Warning: file_get_contents(/data/phpspider/zhask/data//catemap/6/cplusplus/142.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C++ 如何存储Diffie-HellMan对象';使用openSSL C++;_C++_Openssl_Cryptography_Pem_Diffie Hellman - Fatal编程技术网
Fatal编程技术网
  • cplusplus/
  • C++ 如何存储Diffie-HellMan对象';使用openSSL C++;

C++ 如何存储Diffie-HellMan对象';使用openSSL C++;

c++ openssl cryptography

C++ 如何存储Diffie-HellMan对象';使用openSSL C++;,c++,openssl,cryptography,pem,diffie-hellman,C++,Openssl,Cryptography,Pem,Diffie Hellman,在以PEM格式存储DH密钥时,我面临一个愚蠢的问题。这里有一个工作代码片段,用于以Diffie-Hellman格式生成密钥,我可以以PEM格式存储DH参数。但是,我在openSSL中找不到任何可以以PEM格式存储密钥的函数 DH *privkey = DH_new(); /* Generate the parameters to be used */ DH_generate_parameters_ex(privkey, 2048, DH_GENERATOR_2, NULL) /* Genera

在以PEM格式存储DH密钥时,我面临一个愚蠢的问题。这里有一个工作代码片段,用于以Diffie-Hellman格式生成密钥,我可以以PEM格式存储DH参数。但是,我在openSSL中找不到任何可以以PEM格式存储密钥的函数

DH *privkey = DH_new();
/* Generate the parameters to be used */
DH_generate_parameters_ex(privkey, 2048, DH_GENERATOR_2, NULL)

/* Generate the public and private key pair */
DH_generate_key(privkey)

/* Store DH Params in PEM Format */
FILE* fptr = fopen("dhp.pem", "w");
PEM_write_DHparams(fptr, privkey);

/* Get PublicKey of Peer To generate Shared Secret ----*/
BIGNUM *pubkeyPeer = NULL;
BN_dec2bn(&pubkeyPeer, BN_bn2dec(GetPubKeyPeer());

/* Generate Shared Secret by getting Public Key of Peer */
unsigned char *secret;
int secret_size;
if (NULL == (secret= (unsigned char *)OPENSSL_malloc(sizeof(unsigned char) * (DH_size(privkey))))) {
        printf("Can Not Allocate Memory for Shared Secret ");
    }
if (0 > (secret_size = DH_compute_key(secret, pubkeyPeer, privkey))) {
        printf("Shared Secret Generation Failure ");
}

/* DUMP Shared Secret ---*/
BIO_dump_fp(stdout, (const char *)secret, secret_size);
这一切都很好,但我需要以PEM格式与对等方共享我的公钥。是否有一些函数可以将我的DH公钥转换为PEM格式?

OpenSSL有一个通用函数,可以将
EVP_PKEY
密钥写入PEM格式的PKCS8结构。为了充分利用这一点,您必须像这样包装DH密钥,为了简洁起见,省略错误检查:

EVP_PKEY *pkey = EVP_PKEY_new();
EVP_PKEY_set1_DH(pkey, privkey);
PEM_write_PKCS8PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);
PKCS8允许您加密内容,那些我在该调用中没有设置的尾部参数用于设置加密详细信息。我在这里省略了它们,但您通常希望在实践中加密存储私钥材料

尝试(在删除您的
BIO\u dump\u fp
呼叫后):

显示PEM输出。通过管道将其输送到
asn1parse
显示其内容:

> dh_key | openssl asn1parse
    0:d=0  hl=4 l= 612 cons: SEQUENCE
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=4 l= 569 cons: SEQUENCE
   11:d=2  hl=2 l=   7 prim: OBJECT            :X9.42 DH
   20:d=2  hl=4 l= 556 cons: SEQUENCE
   24:d=3  hl=4 l= 257 prim: INTEGER           :87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F25D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA3016C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0EF13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D967E144E5140564251CCACB83E6B486F6B3CA3F7971506026C0B857F689962856DED4010ABD0BE621C3A3960A54E710C375F26375D7014103A4B54330C198AF126116D2276E11715F693877FAD7EF09CADB094AE91E1A1597
  285:d=3  hl=4 l= 256 prim: INTEGER           :3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF205407F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC831D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6184B523D1DB246C32F63078490F00EF8D647D148D47954515E2327CFEF98C582664B4C0F6CC41659
  545:d=3  hl=2 l=  33 prim: INTEGER           :8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3
  580:d=1  hl=2 l=  34 prim: OCTET STRING      [HEX DUMP]:0220537AF1D957AB4D23D3779A22F2DD20F3330A0179DCF50AE922491EFB08976517
这实际上也包括参数。

您不知道的任何特殊原因?只是好奇。 
> dh_key | openssl asn1parse
    0:d=0  hl=4 l= 612 cons: SEQUENCE
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=4 l= 569 cons: SEQUENCE
   11:d=2  hl=2 l=   7 prim: OBJECT            :X9.42 DH
   20:d=2  hl=4 l= 556 cons: SEQUENCE
   24:d=3  hl=4 l= 257 prim: INTEGER           :87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F25D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA3016C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0EF13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D967E144E5140564251CCACB83E6B486F6B3CA3F7971506026C0B857F689962856DED4010ABD0BE621C3A3960A54E710C375F26375D7014103A4B54330C198AF126116D2276E11715F693877FAD7EF09CADB094AE91E1A1597
  285:d=3  hl=4 l= 256 prim: INTEGER           :3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF205407F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC831D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6184B523D1DB246C32F63078490F00EF8D647D148D47954515E2327CFEF98C582664B4C0F6CC41659
  545:d=3  hl=2 l=  33 prim: INTEGER           :8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3
  580:d=1  hl=2 l=  34 prim: OCTET STRING      [HEX DUMP]:0220537AF1D957AB4D23D3779A22F2DD20F3330A0179DCF50AE922491EFB08976517