从内存中读取公钥/私钥与OpenSSL的 [英] Reading Public/Private Key from Memory with OpenSSL
问题描述
我使用的公钥/私钥在我的项目加密/解密的一些数据。
I am using Public/Private Keys in my project to encrypt/decrypt some data.
我托管服务器上的一个公共密钥(public.pem)。
I am hosting a public key ("public.pem") on a server.
public.pem看起来是这样的:
"public.pem" looks like this:
-----BEGIN PUBLIC KEY-----
.....
.....
-----END PUBLIC KEY-----
我写了这个下载公共密钥并将其保存到磁盘上的客户端,然后调用OpenSSL的PEM_read_RSA_PUBKEY()与某个文件描述符到该文件。
此操作的伟大工程,结果是一个RSA对象,已准备好进行加密。
I wrote a client side that downloads this public key and save it to disk and then calls OpenSSL's PEM_read_RSA_PUBKEY() with a File descriptor to that file. This operation works great and the result is an RSA object that is ready for encryption.
我想避免每次写公钥到磁盘(因为我已经在内存中已缓存)。
I would like to avoid writing the public key to disk each time (since i have the buffer in memory already).
我如何可以做同样的操作,而不保存中buffer to disk?
我注意到一个叫功能:)PEM_read_bio_RSAPublicKey(但我不知道它是生物结构的使用。我在正确的道路上?
How can i do the same operation without saving the buffer to disk? I noticed a function called: PEM_read_bio_RSAPublicKey() but i am not sure of it's usage of BIO structure. Am I on the right path?
所以,真正的问题是:如何做我读直接从内存中,而不是从一个文件描述符公共/私有到RSA对象键
So the real question would be: How do I read a public/private key to an RSA object straight from memory and not from a file descriptor.
推荐答案
您是在正确的轨道上。您必须已经通过BIO缓冲的方式通过 BIO_new_mem_buf包裹PEM关键存储器()
。换句话说,是这样的:
You are on the right track. You must wrap the PEM key already in memory by means of a BIO buffer via BIO_new_mem_buf()
. In other words, something like:
BIO *bufio;
RSA *rsa
bufio = BIO_new_mem_buf((void*)pem_key_buffer, pem_key_buffer_len);
PEM_read_bio_RSAPublicKey(bufio, &rsa, 0, NULL);
同样的方法是有效的RSA私钥(通过 PEM_read_bio_RSAPrivateKey
),但在这种情况下,你肯定需要迎合密码短语。检查手册页了解详情。
The same approach is valid for an RSA private key (via PEM_read_bio_RSAPrivateKey
), but in that case you most certainly need to cater for the pass phrase. Check the man page for details.
这篇关于从内存中读取公钥/私钥与OpenSSL的的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!