openssl3.2 - 官方demo学习 - smime - smsign.c

文章目录

    • [openssl3.2 - 官方demo学习 - smime - smsign.c](#openssl3.2 - 官方demo学习 - smime - smsign.c)
    • 概述
    • 笔记
    • END

openssl3.2 - 官方demo学习 - smime - smsign.c

概述

从证书中得到X509*和私钥指针

用证书和私钥对铭文进行签名, 得到签名后的pkcs7指针

将pkcs7指向的bio_in, 写为MIME格式的签名密文

BIO_reset() 可以将一个bio恢复到刚打开的状态(应该就是将文件指针重新指向文件头部), 一般用于只读打开的场景

经常用于多个对象要操作同一个bio的场景(一先一后的操作).

笔记

c 复制代码
/*!
\file smsign.c
\note 
openssl3.2 - 官方demo学习 - smime - smsign.c

从证书中得到X509*和私钥指针
用证书和私钥对铭文进行签名, 得到签名后的pkcs7指针
将pkcs7指向的bio_in, 写为MIME格式的签名密文

BIO_reset() 可以将一个bio恢复到刚打开的状态(应该就是将文件指针重新指向文件头部), 一般用于只读打开的场景
经常用于多个对象要操作同一个bio的场景(一先一后的操作).
*/

/*
 * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/* Simple S/MIME signing example */
#include <openssl/pem.h>
#include <openssl/pkcs7.h>
#include <openssl/err.h>

#include "my_openSSL_lib.h"

int main(int argc, char **argv)
{
    BIO *_bio_in = NULL, *_bio_out = NULL, *_bio_t = NULL;
    X509 *_x509 = NULL;
    EVP_PKEY *_evp_pkey = NULL;
    PKCS7 *_pkcs7 = NULL;
    int ret = EXIT_FAILURE;

    /*
     * For simple S/MIME signing use PKCS7_DETACHED. On OpenSSL 0.9.9 only:
     * for streaming detached set PKCS7_DETACHED|PKCS7_STREAM for streaming
     * non-detached set PKCS7_STREAM
     */
    int flags = PKCS7_DETACHED | PKCS7_STREAM;

    OpenSSL_add_all_algorithms();
    ERR_load_crypto_strings();

    /* Read in signer certificate and private key */
    _bio_t = BIO_new_file("signer.pem", "r");

    if (!_bio_t)
        goto err;

    _x509 = PEM_read_bio_X509(_bio_t, NULL, 0, NULL);

    BIO_reset(_bio_t);

    _evp_pkey = PEM_read_bio_PrivateKey(_bio_t, NULL, 0, NULL);

    if (!_x509 || !_evp_pkey)
        goto err;

    /* Open content being signed */

    _bio_in = BIO_new_file("sign.txt", "r");

    if (!_bio_in)
        goto err;

    /* Sign content */
    _pkcs7 = PKCS7_sign(_x509, _evp_pkey, NULL, _bio_in, flags);

    if (!_pkcs7)
        goto err;

    _bio_out = BIO_new_file("smout.txt", "w");
    if (!_bio_out)
        goto err;

    if (!(flags & PKCS7_STREAM))
        BIO_reset(_bio_in);

    /* Write out S/MIME message */
    if (!SMIME_write_PKCS7(_bio_out, _pkcs7, _bio_in, flags))
        goto err;

    ret = EXIT_SUCCESS;

 err:
    if (ret != EXIT_SUCCESS) {
        fprintf(stderr, "Error Signing Data\n");
        ERR_print_errors_fp(stderr);
    }
    PKCS7_free(_pkcs7);
    X509_free(_x509);
    EVP_PKEY_free(_evp_pkey);
    BIO_free(_bio_in);
    BIO_free(_bio_out);
    BIO_free(_bio_t);

    return ret;

}

END

相关推荐
胡西风_foxww6 天前
Linux下编译安装Nginx
linux·运维·nginx·编译·安装·openssl·pcre
Ho_pe10 天前
ubuntu下openssl签名证书制作流程及验证demo
服务器·ubuntu·openssl
花落已飘11 天前
openssl对称加密代码讲解实战
加密·openssl
花落已飘13 天前
openssl加密算法简介
加密·openssl
石牌桥网管14 天前
OpenSSL 生成根证书、中间证书和网站证书
网络协议·https·openssl
雨雪飘零14 天前
Windows系统使用OpenSSL生成自签名证书
nginx·证书·openssl
许野平23 天前
OpenSSL:生成 DER 格式的 RSA 密钥对
服务器·网络·openssl·rsa·pem·der
Xnah_24 天前
ubuntu 20.4 安装 openssl 3.x
ubuntu·openssl
redwingz1 个月前
openssl签名报错
openssl·random
Anlige1 个月前
PHP实现OPENSSL的EVP_BytesToKey
开发语言·php·openssl·evp