问题
JKJS
Observations:
Suppose RSA private key is created by following commands:
openssl genrsa -out mykey.pem 1024
Then, there is no problem reading key from that file in C:
RSA *privatekey=NULL;
privatekey=PEM_read_RSAPrivateKey(fp,NULL,NULL,NULL);
if(privatekey==NULL)
ERR_print_errors_fp(stderr);
But, if RSA keypair is created by following command:
openssl req -newkey rsa:1024 -sha1 -keyout mykey.pem -out rootreq.pem
Then reading from mykey.pem results in error. Why?
JKJS Hardik
回答1:
In the 2nd, command, did you give a passphrase? Open the key created by the 2nd command in any editor - do you see ENCRYPTED in the haders?
If yes, then that's why you aren't able to read it using PEM_read_RSAPrivateKey because you are passing 3rd param as NULL.
Pass a callback to get a password in the call to PEM_read_RSAPrivateKey.
Alternately you can remove the password from the key by using the following command
openssl rsa -in mykey.pem -out mykey1.pem.
This will ask you for a passphrase - if you give the right passphrase, you will get the key in an unencrypted form in mykey1.pem
来源:https://stackoverflow.com/questions/13659613/reading-rsa-keys-from-pem-file-to-rsa-structure-in-c