0

在这里,我的主要目的是在客户端和服务器上交换公钥。然后使用它们通过加密相互发送消息,而另一个使用其私钥解密。现在我已经在客户端和服务器的 c 中生成了 rsa 密钥对,并获得了字符串格式的公钥和私钥,交换了它们,但我不知道如何使用它们来加密消息。请帮忙。这是我的客户代码:

#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>
#include <sys/types.h>
#include <time.h>

#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/err.h>

#define KEY_LENGTH  2048
#define PUB_EXP     3
#define PRINT_KEYS
#define WRITE_TO_FILE

int main(int argc, char *argv[])
{
struct sockaddr_in serv;
int sockfd,newsockfd,portno=3000,test_v;
char buffer_c[4096],publickey[4096];

size_t pri_len;            // Length of private key
size_t pub_len;            // Length of public key
char   *pri_key;           // Private key
char   *pub_key;           // Public key
char   msg[KEY_LENGTH/8];  // Message to encrypt
char   *encrypt = NULL;    // Encrypted message
char   *decrypt = NULL;    // Decrypted message
char   *err;               // Buffer for any error messages
char   *pub2;   

// Generate key pair
printf("Generating RSA (%d bits) keypair...", KEY_LENGTH);
fflush(stdout);
RSA *keypair = RSA_generate_key(KEY_LENGTH, PUB_EXP, NULL, NULL);

// To get the C-string PEM form:
BIO *pri = BIO_new(BIO_s_mem());
BIO *pub = BIO_new(BIO_s_mem());

PEM_write_bio_RSAPrivateKey(pri, keypair, NULL, NULL, 0, NULL, NULL);
PEM_write_bio_RSAPublicKey(pub, keypair);

pri_len = BIO_pending(pri);
pub_len = BIO_pending(pub);

pri_key = malloc(pri_len + 1);
pub_key = malloc(pub_len + 1);

BIO_read(pri, pri_key, pri_len);
BIO_read(pub, pub_key, pub_len);

pri_key[pri_len] = '\0';
pub_key[pub_len] = '\0';

#ifdef PRINT_KEYS
    printf("\nCLIENTPRIVATEKEY:\N%s\n", pri_key);
#endif
printf("done.\n");

if((sockfd=socket(AF_INET,SOCK_STREAM,0))<0)
{
    printf("socket not created\n");
    exit(0);
}
else
    printf("socket created\n");

memset(&serv,'0',sizeof(serv));
memset(&buffer_c,'0',sizeof(buffer_c));

serv.sin_family=AF_INET;
serv.sin_addr.s_addr=htonl(INADDR_ANY);
serv.sin_port=htons(portno);


if(connect(sockfd,(struct sockaddr*)&serv,sizeof(serv))<0)
{
    printf("not connected.\n");
    exit(0);
}
else
    printf("connected\n");

//send the pub-key
strcpy(buffer_c,pub_key);
test_v=send(sockfd,buffer_c,strlen(buffer_c),0);
if(test_v<0)
{
    printf("error sending.\n");
    exit(0);
}
else
{
    printf("client sent pub-key\n");
}

test_v=recv(sockfd,publickey,4095,0);
if(test_v<0)
{
    printf("error recving.\n");
    exit(0);
}
else
{
    publickey[test_v]='\0';
    printf("server pub-key:\n%s",publickey);

    * pub2 = publickey; 
}

 // Get the message to encrypt
    printf("Message to encrypt: ");
    fgets(msg, KEY_LENGTH-1, stdin);
    msg[strlen(msg)-1] = '\0';

// Encrypt the message
    encrypt = malloc(RSA_size(keypair));
    int encrypt_len;
    err = malloc(130);
    if((encrypt_len = RSA_public_encrypt(strlen(msg), (unsigned char*)msg, (unsigned char*)encrypt,keypair,RSA_PKCS1_OAEP_PADDING))==-1)        {
    ERR_load_crypto_strings();
    ERR_error_string(ERR_get_error(), err);
    fprintf(stderr, "Error encrypting message: %s\n", err);
    goto free_stuff;
    }   

close(sockfd);

    free_stuff:
    RSA_free(keypair);
    BIO_free_all(pub);
    BIO_free_all(pri);
    free(pri_key);
    free(pub_key);
    free(encrypt);
    free(decrypt);
    free(err);
return 0;

}

4

1 回答 1

0

您实际上不使用公钥来加密消息,而是加密一个新的随机密钥,该密钥将用于使用对称密钥算法加密消息,例如AES,因为使用非对称密钥加密涉及的高复杂性算法。当然可以,如果你愿意...

为了对其进行加密,您必须执行一些模块算术计算:

enc_message = message^public_key mod product_of_2_chosen_primes

并对其进行解码:

message = enc_message^private_key mod product_of_2_chosen_primes

看看RSA。顺便说一句,由于您正在处理非常大的数字,因此您将不得不查看一些 Big Number 库

于 2013-11-08T17:53:56.507 回答