Xcode 生成openssl密钥对osx openssl_Xcode_Macos_Openssl

Xcode 生成openssl密钥对osx openssl

xcode macos openssl

Xcode 生成openssl密钥对osx openssl,xcode,macos,openssl,Xcode,Macos,Openssl,我尝试将以下工作终端命令转换为xcode/obj c： openssl genrsa -out privatekey.pem 1024 openssl req -new -x509 -key privatekey.pem -out publickey.cer -days 1825 我已经针对openssl编译了我的项目，下面的代码正在生成一些密钥对： RSA *keypair = RSA_generate_key(1024, 3, NULL, NULL); BIO *pri = BIO_ne

我尝试将以下工作终端命令转换为xcode/obj c：

openssl genrsa -out privatekey.pem 1024

openssl req -new -x509 -key privatekey.pem -out publickey.cer -days 1825

我已经针对openssl编译了我的项目，下面的代码正在生成一些密钥对：

RSA *keypair = RSA_generate_key(1024, 3, NULL, NULL);
BIO *pri = BIO_new(BIO_s_mem());
BIO *pub = BIO_new(BIO_s_mem());

PEM_write_bio_RSAPrivateKey(pri, keypair, NULL, NULL, 0, NULL, NULL);
PEM_write_bio_RSAPublicKey(pub, keypair);

size_t pri_len = BIO_pending(pri);
size_t pub_len = BIO_pending(pub);

char *pri_key = malloc(pri_len + 1);
char *pub_key = malloc(pub_len + 1);

BIO_read(pri, pri_key, (int) pri_len);
BIO_read(pub, pub_key, (int) pub_len);

pri_key[pri_len] = '\0';
pub_key[pub_len] = '\0';

printf("\n%s\n%s\n", pri_key, pub_key);

问题是它们的格式不对。我怀疑是x509参数。任何帮助都将不胜感激

----更新--------

我现在根据Nathan Osman在这里发表的一篇很棒的文章来做这件事：

这是我的完整代码：

EVP_PKEY * pkey;
pkey = EVP_PKEY_new();

RSA * rsa;
rsa = RSA_generate_key(
                       1024,
                       RSA_F4, /* exponent - RSA_F4 is defined as 0x10001L */
                       NULL,   /* callback - can be NULL if we aren't displaying progress */
                       NULL    /* callback argument - not needed in this case */
                       );
EVP_PKEY_assign_RSA(pkey, rsa);

X509 * x509;
x509 = X509_new();

ASN1_INTEGER_set(X509_get_serialNumber(x509), 1);

X509_gmtime_adj(X509_get_notBefore(x509), 0);
X509_gmtime_adj(X509_get_notAfter(x509), 157680000L); //31536000L = 360 days, xero recommend 1825 days

X509_set_pubkey(x509, pkey);

X509_NAME * name;
name = X509_get_subject_name(x509);

X509_NAME_add_entry_by_txt(name, "C",  MBSTRING_ASC,
                           (unsigned char *)"AU", -1, -1, 0);
X509_NAME_add_entry_by_txt(name, "O",  MBSTRING_ASC,
                           (unsigned char *)"MyCompany Inc.", -1, -1, 0);
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
                           (unsigned char *)"localhost", -1, -1, 0);

X509_set_issuer_name(x509, name);

X509_sign(x509, pkey, EVP_sha1());

FILE * f;
f = fopen("privatekey.pem", "wb");
PEM_write_PrivateKey(
                     f,                  /* write the key to the file we've opened */
                     pkey,               /* our key from earlier */
                     NULL, /* default cipher for encrypting the key on disk */
                     NULL,       /* passphrase required for decrypting the key on disk */
                     10,                 /* length of the passphrase string */
                     NULL,               /* callback for requesting a password */
                     NULL                /* data to pass to the callback */
                     );
fclose(f);

f = fopen("publickey.cer", "wb");
PEM_write_X509(
               f,   /* write the certificate to the file we've opened */
               x509 /* our certificate */
               );
fclose(f);

您需要在第一个变体中进行更改： RSA*keypair=RSA_generate_key1024，3，NULL，NULL

至->

RSA * keypair = RSA_generate_key(1024, RSA_F4, NULL, NULL);

这是以以下格式提供发布密钥：

'---开始RSA公钥--- MIGJAoGBAOg0U9Do/+11jhmYFO9jdvPqOYcE0CDOfYDXbY+2u0/RTOb3jXL5mF19 E4SPsqHvrDGtRGOh8X8Sind1SWjfaeiFH0ooFa+67FR4iOa0KQXq/PRpAIRRmi/3 IODSHJWQTLCIQPymoneoudDdJ82GUACREGLC1OBPAZLIYVHJ9WFJAGMBAAE=

---结束RSA公钥--'

什么让您相信格式错误？您好，dbasic，我与远程api的连接未被接受。