openssl3.2 - 官方demo学习 - cms - cms_enc.c

文章目录

    • [openssl3.2 - 官方demo学习 - cms - cms_enc.c](#openssl3.2 - 官方demo学习 - cms - cms_enc.c)
    • 概述
    • 笔记
    • END

openssl3.2 - 官方demo学习 - cms - cms_enc.c

概述

用证书对明文进行CMS加密

CMS操作过的最终内容(除了反操作(解压缩, 解密))都是可见字符(数据用base64过了一遍).

笔记

c 复制代码
/*! \file cms_enc.c
* \note openssl3.2 - 官方demo学习 - cms - cms_enc.c
用证书对明文进行CMS加密
CMS操作过的最终内容(除了反操作(解压缩, 解密))都是可见字符(数据用base64过了一遍).
*/

/*
 * Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/* Simple S/MIME encrypt example */
#include <openssl/pem.h>
#include <openssl/cms.h>
#include <openssl/err.h>

#include "my_openSSL_lib.h"

int main(int argc, char **argv)
{
    BIO *in = NULL, *out = NULL, *tbio = NULL;
    X509 *rcert = NULL;
    STACK_OF(X509) *recips = NULL;
    CMS_ContentInfo *cms = NULL;
    int ret = EXIT_FAILURE;

    /*
     * On OpenSSL 1.0.0 and later only:
     * for streaming set CMS_STREAM
     */
    int flags = CMS_STREAM;

    OpenSSL_add_all_algorithms();
    ERR_load_crypto_strings();

    /* Read in recipient certificate */
    tbio = BIO_new_file("signer.pem", "r");

    if (!tbio)
        goto err;

    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);

    if (!rcert)
        goto err;

    /* Create recipient STACK and add recipient cert to it */
    recips = sk_X509_new_null();

    if (!recips || !sk_X509_push(recips, rcert))
        goto err;

    /*
     * OSSL_STACK_OF_X509_free() will free up recipient STACK and its contents
     * so set rcert to NULL so it isn't freed up twice.
     */
    rcert = NULL;

    /* Open content being encrypted */

    in = BIO_new_file("encr.txt", "r");

    if (!in)
        goto err;

    /* encrypt content */
    cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);

    if (!cms)
        goto err;

    out = BIO_new_file("smencr.txt", "w");
    if (!out)
        goto err;

    /* Write out S/MIME message */
    if (!SMIME_write_CMS(out, cms, in, flags))
        goto err;

    printf("Encryption Successful\n");

    ret = EXIT_SUCCESS;
 err:
    if (ret != EXIT_SUCCESS) {
        fprintf(stderr, "Error Encrypting Data\n");
        ERR_print_errors_fp(stderr);
    }

    CMS_ContentInfo_free(cms);
    X509_free(rcert);
    OSSL_STACK_OF_X509_free(recips);
    BIO_free(in);
    BIO_free(out);
    BIO_free(tbio);
    return ret;
}

END

相关推荐
Ho_pe3 天前
ubuntu下openssl签名证书制作流程及验证demo
服务器·ubuntu·openssl
花落已飘4 天前
openssl对称加密代码讲解实战
加密·openssl
花落已飘6 天前
openssl加密算法简介
加密·openssl
石牌桥网管7 天前
OpenSSL 生成根证书、中间证书和网站证书
网络协议·https·openssl
雨雪飘零7 天前
Windows系统使用OpenSSL生成自签名证书
nginx·证书·openssl
许野平16 天前
OpenSSL:生成 DER 格式的 RSA 密钥对
服务器·网络·openssl·rsa·pem·der
Xnah_17 天前
ubuntu 20.4 安装 openssl 3.x
ubuntu·openssl
redwingz23 天前
openssl签名报错
openssl·random
Anlige1 个月前
PHP实现OPENSSL的EVP_BytesToKey
开发语言·php·openssl·evp
cooldream20091 个月前
升级 OpenSSL 的详细步骤(解决 SSH 漏洞的前提)
运维·ssh·openssl