通過OpenSSL的接口實現Base64編解碼

對openssl genrsa產生的rsa私鑰pem文件，使用普通的base64解碼會有問題，如使用https://blog.csdn.net/fengbingchun/article/details/85218653 中介紹的方法，一是有可能不能從返回的結果中直接使用strlen來獲得最終字符的大小，因爲返回的結果中可能會有0x00；二是pem文件中會有換行符，每行的字節長度超過64個字節就會有換行，普通的base64解碼中不會對換行符有處理。在OpenSSL中，默認情況下，base64行長度限制爲64個字符。

先介紹下使用命令行openssl base64進行編解碼：

(1).對” https://blog.csdn.net/fengbingchun”進行編解碼，執行命令及結果如下：

(2).對長串進行編解碼，如” https://blog.csdn.net/fengbingchun https://github.com//fengbingchun”，執行命令及結果如下：編碼長度超過64個字符長度，會進行換行，若不想換行，可增加使用”-A”選項

(3).對指定文件進行編解碼：如文件1.txt，先進行編碼生成2.txt，然後再對2.txt進行解碼生成3.txt，執行命令及結果如下：

下面是通過調用openssl的相關接口組合成的base64編解碼實現：由外部負責申請足夠的空間用於存放結果，最後一個參數用於指明編解碼中是否換行。

int openssl_base64_encode(const unsigned char* in, int inlen, char* out, int* outlen, bool newline)
{
	BIO* b64 = BIO_new(BIO_f_base64());
	BIO* bmem = BIO_new(BIO_s_mem());
	if (!b64 || !bmem) {
		fprintf(stderr, "fail to BIO_new\n");
		return -1;
	}
	b64 = BIO_push(b64, bmem);

	if (!newline)
		BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); // ignore newlines, write everything in one line

	*outlen = BIO_write(b64, in, inlen);
	if (*outlen <= 0 || *outlen != inlen) {
		fprintf(stderr, "fail to BIO_write\n");
		return -1;
	}
	BIO_flush(b64);

	BUF_MEM* buf = nullptr;
	BIO_get_mem_ptr(b64, &buf);
	*outlen = buf->length;
	memcpy(out, buf->data, *outlen);

	BIO_free_all(b64);
	return 0;
}

int openssl_base64_decode(const char* in, int inlen, unsigned char* out, int* outlen, bool newline)
{
	BIO* b64 = BIO_new(BIO_f_base64());
	BIO* bmem = BIO_new_mem_buf(in, inlen);
	if (!b64 || !bmem) {
		fprintf(stderr, "fail to BIO_new\n");
		return -1;
	}
	b64 = BIO_push(b64, bmem);

	if (!newline)
		BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); // ignore newlines, write everything in one line

	*outlen = BIO_read(b64, out, inlen);
	if (*outlen <= 0) {
		fprintf(stderr, "fail to BIO_read\n");
		return -1;
	}

	BIO_free_all(b64);
	return 0;
}

下面是通過編解碼字符串的測試代碼：

int test_openssl_base64_simple()
{
	const char* src = "https://blog.csdn.net/fengbingchun https://github.com//fengbingchun";
	int inlen = strlen(src);
	int outlen = (inlen + 2) / 3 * 4 + ((inlen + 2) / 3 * 4 + 63) / 64;
	std::unique_ptr<char[]> out1(new char[outlen]);
	bool newline = true;

	int ret = openssl_base64_encode((const unsigned char*)src, inlen, out1.get(), &outlen, newline);
	if (ret != 0) {
		fprintf(stderr, "fail to openssl_base64_encode\n");
		return -1;
	}
	fprintf(stdout, "encode result:\n");
	std::for_each(out1.get(), out1.get() + outlen, [](char& c) { fprintf(stdout, "%c", c); });
	fprintf(stdout, "\n");

	std::unique_ptr<unsigned char[]> dst(new unsigned char[outlen]);
	int outlen1 = 0;
	ret = openssl_base64_decode(out1.get(), outlen, dst.get(), &outlen1, newline);
	if (ret != 0) {
		fprintf(stderr, "fail to openssl_base64_decode\n");
		return -1;
	}
	fprintf(stdout, "decode result:\n");
	std::for_each(dst.get(), dst.get() + outlen1, [](unsigned char& c) { fprintf(stdout, "%c", (char)c); });
	fprintf(stdout, "\n");

	dst[outlen1] = '\0';
	if (strcmp(src, (const char*)dst.get()) == 0) {
		fprintf(stdout, "test success\n");
		return 0;
	} else {
		fprintf(stdout, "test fail\n");
		return -1;
	}
}

執行結果如下圖所示：

之前在https://blog.csdn.net/fengbingchun/article/details/106546012中使用OpenSSL的函數PEM_read_RSAPrivateKey直接對pem文件進行解析，下面測試代碼是通過調用上面的base64解碼函數實現的解析：

int test_openssl_base64_complex()
{
#ifdef _MSC_VER
	const char* name = "E:/GitCode/OpenSSL_Test/testdata/rsa_private.pem";
#else
	const char* name = "testdata/rsa_private.pem";
#endif
	const char* begin = "-----BEGIN RSA PRIVATE KEY-----";
	const char* end = "-----END RSA PRIVATE KEY-----";
	
	FILE *fp = fopen(name, "rb");
	if (!fp) {
		fprintf(stderr, "fail to open file: %s\n", name);
		return -1;
	}
	fseek(fp, 0, SEEK_END);
	long length = ftell(fp);
	rewind(fp);
	
	std::unique_ptr<unsigned char[]> data(new unsigned char[length]);
	fread(data.get(), 1, length, fp);
	fclose(fp);
	
	const char* p1 = strstr((const char*)data.get(), begin);
	if (!p1) {
		fprintf(stderr, "it's not a pem file: %s\n", name);
		return -1;
	}
	
	const char* p2 = strstr((const char*)data.get(), end);
	if (!p2) {
		fprintf(stderr, "it's not a pem file: %s\n", name);
		return -1;
	}
	
	bool newline = true;
	long length2 = p2 - p1;
	std::unique_ptr<unsigned char[]> decoded(new unsigned char[length2]);
	int outlen = 0;
	int ret = openssl_base64_decode(p1 + strlen(begin) + 1, length2, decoded.get(), &outlen, newline); // + 一個換行符長度
	
	const unsigned char* p = decoded.get();
	RSA_PRIVATE_KEY* key = d2i_RSA_PRIVATE_KEY(nullptr, &p, outlen);
	if (!key) {
		fprintf(stderr, "fail to d2i_RSA_PRIVATE_KEY\n");
		return -1;
	}
	
	print(key->version, "version");
	print(key->n, "n");
	print(key->e, "e");
	print(key->d, "d");
	print(key->p, "p");
	print(key->q, "q");
	print(key->exp1, "exp1");
	print(key->exp2, "exp2");
	print(key->coeff, "coeff");
	
	RSA_PRIVATE_KEY_free(key);
	return 0;
}

執行結果如下：與直接使用PEM_read_RSAPrivateKey得到的結果是一致的

以上代碼段的完整code見：GitHub/OpenSSL_Test

GitHub：https://github.com/fengbingchun/OpenSSL_Test

通過OpenSSL的接口實現Base64編解碼

C和C++安全編碼筆記：文件I/O

C和C++安全編碼筆記：併發

C++中獲取日期函數gmtime和localtime區別

SSL/TLS單向認證和雙向認證介紹

通過Windows DShow獲取設備名、支持的編解碼及視頻size列表實現

Mac下配置sublime實現LaTeX

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結