我需要用AES 128模式cbc加密文件。AES 的密钥需要使用公钥 X509 V3 进行加密。所有这些都需要保存在二进制文件PKCS7中。
BIO* certBIO = BIO_new_mem_buf((void*)&certData[0], certData.size());
if (certBIO)
x509 = d2i_X509_bio(certBIO, 0);
BIO_free(certBIO);
sk_X509_push(x509_stack, x509);
BIO* bio = BIO_new(BIO_s_mem());
BIO_write(bio, &inData[0], inData.size());
BIO_flush(bio);
PKCS7* pkcs7_encrypt = PKCS7_encrypt(x509_stack, bio, EVP_aes_128_cbc(), PKCS7_BINARY);
FILE *fpPKCS7 = fopen(szPKCS7File, "wb");
if (!fpPKCS7)
return 1;
i2d_PKCS7_fp(fpPKCS7, pkcs7_encrypt);
fclose(fpPKCS7);
X509_free(x509);
sk_X509_pop_free(x509_stack, X509_free);
正确的代码吗?函数i2d_PKCS7_fp崩溃。
我找到了解决方案:
PKCS7* pkcs7_encrypt = PKCS7_encrypt(x509_stack, bioIn, EVP_aes_128_cbc(), PKCS7_BINARY);
BIO *bioOut = BIO_new(BIO_s_file());
BIO_write_filename(bioOut, szPKCS7File);
i2d_PKCS7_bio(bioOut, pkcs7_encrypt);
但我还有一个问题。这个文件中到底有什么信息?它是否包含AES的加密密钥由证书的公钥?