我有一个 DER 证书,我正在从中检索 unsigned char 缓冲区中的公钥,如下所示,这是正确的获取方式吗?
pStoredPublicKey = X509_get_pubkey(x509);
if(pStoredPublicKey == NULL)
{
printf(": publicKey is NULL\n");
}
if(pStoredPublicKey->type == EVP_PKEY_RSA) {
RSA *x = pStoredPublicKey->pkey.rsa;
bn = x->n;
}
else if(pStoredPublicKey->type == EVP_PKEY_DSA) {
}
else if(pStoredPublicKey->type == EVP_PKEY_EC) {
}
else {
printf(" : Unkown publicKey\n");
}
//extracts the bytes from public key & convert into unsigned char buffer
buf_len = (size_t) BN_num_bytes (bn);
key = (unsigned char *)malloc (buf_len);
n = BN_bn2bin (bn, (unsigned char *) key);
for (i = 0; i < n; i++)
{
printf("%02x\n", (unsigned char) key[i]);
}
keyLen = EVP_PKEY_size(pStoredPublicKey);
EVP_PKEY_free(pStoredPublicKey);
并且,使用这个无符号字符缓冲区,如何取回 RSA 的 EVP_PKEY? 或者我可以使用以下???,
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, long length);
int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
最佳答案
以下 openssl API 适用于 EVP_PKEY 的无符号字符缓冲区,
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, long length);
int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
并且,以下方法适用于将 EVP_PKEY 转换为无符号字符缓冲区。
int pkeyLen;
unsigned char *ucBuf, *uctempBuf;
pkeyLen = i2d_PublicKey(pkey, NULL);
ucBuf = (unsigned char *)malloc(pkeyLen+1);
uctempBuf = ucBuf;
i2d_PublicKey(pkey, &uctempBuf);
int ii;
for (ii = 0; ii < pkeyLen; ii++)
{
printf("%02x\n", (unsigned char) ucBuf[ii]);
}
谢谢-opensid
关于openssl - 来自 x509 中字符缓冲区的 EVP_PKEY (PKCS7),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/2918923/