我正在使用OpenSSL的c库生成椭圆曲线Diffie-Hellman(ECDH)密钥对,遵循此处的第一个代码示例.它掩盖了这一行的实际公钥交换:
peerkey = get_peerkey(pkey);
所述pkey变量和返回值的类型都是的EVP *.pkey包含先前生成的公钥,私钥和参数,返回值仅包含对等方的公钥.所以这提出了三个问题:
get_peerkey()实际提取公钥pkey以便发送给对等方?pKey密钥交换后提取私钥和params 来存储它们以供以后使用?get_peerkey()生成新EVP_PKEY结构?我已经看到了OpenSSL的功能EVP_PKEY_print_public(),EVP_PKEY_print_private()和EVP_PKEY_print_params()但这些是用于产生人类可读输出.我还没有找到任何将人类可读的公钥转换回EVP_PKEY结构的等价物.
我有一个DER证书,我从中检索unsigned char缓冲区中的公钥,如下所示,这是正确的获取方式吗?
pStoredPublicKey = X509_get_pubkey(x509);
if(pStoredPublicKey == NULL)
{
printf(": publicKey is NULL\n");
}
if(pStoredPublicKey->type == EVP_PKEY_RSA) {
RSA *x = pStoredPublicKey->pkey.rsa;
bn = x->n;
}
else if(pStoredPublicKey->type == EVP_PKEY_DSA) {
}
else if(pStoredPublicKey->type == EVP_PKEY_EC) {
}
else {
printf(" : Unkown publicKey\n");
}
//extracts the bytes from public key & convert into unsigned char buffer
buf_len = (size_t) BN_num_bytes (bn);
key = (unsigned char *)malloc (buf_len);
n = BN_bn2bin (bn, (unsigned char *) key);
for (i = 0; …