DSA与OpenSSL的签名 [英] DSA Signing with OpenSSL
问题描述
我tryng使用DSA从OpenSSL的签署。我有一个包含公钥和私钥的文件。
首先我做出单播连接和每一件事是好的。之后,我需要一个多播UDP连接,我要签名的数据包。我想,以从我的证书加载我的公钥使用功能 PEM_read_DSA_PUBKEY()
,但它不工作。它总是返回 NULL
,而不是DSA结构。
在这里,你有code的一个简单的版本。我编译如下:
的gcc -Wall -g -lm prueba.c -o prueba -lcrypto
你知道吗?谢谢!
的#include<&stdio.h中GT;
#包括LT&;的OpenSSL / dsa.h>
#包括LT&;的OpenSSL / pem.h>诠释的main()
{
FILE * DSA_cert_file =的fopen(./证书/ cert.pem,R);
如果(DSA_cert_file == NULL)
返回1; 的printf(证书读\\ n); DSA * DSA = DSA_new();
如果((DSA = PEM_read_DSA_PUBKEY(DSA_cert_file,0,0,0))== NULL)
返回1; 的printf(DSA公钥读\\ n); 返回0;
}
请问您cert.pem包含X.509证书?它看起来像 PEM_read_DSA_PUBKEY
需要一个PEM-CN codeD DSA公共而不X.509容器键。
尝试类似的东西来代替:
X509 *证书;
EVP_PKEY * PK;
DSA * DSA;证书= PEM_read_X509(DSA_cert_file,NULL,NULL,NULL);
如果(!CERT){/ *错误* /}
PK = X509_get_pubkey(CERT);
如果(!PK){/ *错误* /}
如果(PK-GT&;!键入= 116){/ *不是DSA密钥* /}
DSA = PK-GT&; pkey.dsa
I'm tryng to sign using DSA from OpenSSL. I have the files containing public and private keys.
First of all I make an unicast connection and every thing is fine. After that I need a multicast UDP connection and I want to sign the packets. I'm trying to use function PEM_read_DSA_PUBKEY()
in order to load my public key from my cert but it doesn't work. It returns always NULL
instead of a DSA struct.
Here you have a simplistic version of the code. I compile like this:
gcc -Wall -g -lm prueba.c -o prueba -lcrypto
Any idea? Thank you!
#include <stdio.h>
#include <openssl/dsa.h>
#include <openssl/pem.h>
int main()
{
FILE *DSA_cert_file = fopen("./certs/cert.pem", "r");
if (DSA_cert_file == NULL)
return 1;
printf("Certificate read\n");
DSA *dsa = DSA_new();
if((dsa = PEM_read_DSA_PUBKEY(DSA_cert_file, 0, 0, 0)) == NULL)
return 1;
printf("DSA public key read\n");
return 0;
}
Does your cert.pem contains a X.509 certificate ? It looks like PEM_read_DSA_PUBKEY
expects a PEM-encoded DSA public key without the X.509 container.
Try something like that instead:
X509 *cert;
EVP_PKEY *pk;
DSA *dsa;
cert = PEM_read_X509(DSA_cert_file,NULL,NULL,NULL);
if (!cert) { /* error */ }
pk = X509_get_pubkey(cert);
if (!pk) { /* error */ }
if (pk->type != 116) { /* not a dsa key */ }
dsa = pk->pkey.dsa
这篇关于DSA与OpenSSL的签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!