C 函数是:
int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
int i2d_X509(X509 *a, unsigned char **ppout);
我已经编写了这样的代码来复制到 std::vector 中:
// populate PrivateKey
std::vector<uint8_t> PrivateKey;
EVP_PKEY *privatekey = NULL;
int size = i2d_PrivateKey(privatekey, NULL);
if (size > 0)
{
PrivateKey.reserve(size);
uint8_t* ptr = &PrivateKey[0];
i2d_PrivateKey(privatekey, &ptr);
std::cout << "PrivateKey size=" << PrivateKey.size() << 'n';
}
PrivateKey.size(( 返回零,所以我知道向量尚未填充。 但是,我知道 size 是一个正整数,因此执行 if(size 块(中的代码。
如果 ptr 是私钥数组开头的地址,那么这段代码不应该工作吗?
虽然这段代码使用 openssl,但我认为它更像是一个通用的指针问题。 如果我创建一个临时uint8_t数组,那么它可以工作,但我宁愿直接复制到向量中并节省临时副本的开销。
这是代码:
#include <openssl/ssl.h>
#include <openssl/pem.h>
#include <openssl/ossl_typ.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/pkcs12.h>
#include <openssl/err.h>
#include <iostream>
#include <vector>
#include <string>
#include <cstdint>
int main()
{
std::vector<uint8_t> input; // contains pkcs12 data
std::string Password = "password";
std::vector<uint8_t> Certificate;
std::vector<uint8_t> PrivateKey;
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
ERR_load_crypto_strings();
PKCS12* p12_cert = NULL;
const uint8_t* p1 = &input[0];
if(d2i_PKCS12(&p12_cert, &p1, input.size()) != NULL) {
EVP_PKEY *privatekey = NULL;
X509 *x509_cert = NULL;
// additional certs, last arg is CA which we don't care about
if (PKCS12_parse(p12_cert, Password.c_str(), &privatekey, &x509_cert, NULL))
{
// populate m_privateKey
int size = i2d_PrivateKey(privatekey, NULL);
std::cout << "privatekey size=" << size << 'n';
if (size > 0)
{
PrivateKey.reserve(size);
uint8_t* ptr = &PrivateKey[0];
i2d_PrivateKey(privatekey, &ptr);
std::cout << "PrivateKey size=" << PrivateKey.size() << 'n';
}
// populate certificate
size = i2d_X509(x509_cert, NULL);
std::cout << "certificate size=" << size << 'n';
if(size > 0)
{
Certificate.reserve(size);
uint8_t* ptr = &Certificate[0];
int ret = i2d_X509(x509_cert, &ptr);
std::cout << "ret=" << ret <<'n';
std::cout << "cert size=" << Certificate.size() << 'n';
}
}
PKCS12_free(p12_cert);
}
}
更新,可以使用下面的代码来合并Arron的修复程序:
#include <openssl/ssl.h>
#include <openssl/pem.h>
#include <openssl/ossl_typ.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/pkcs12.h>
#include <openssl/err.h>
#include <iostream>
#include <fstream>
#include <iterator>
#include <iomanip>
#include <vector>
#include <string>
#include <cstdint>
using namespace std;
std::vector<uint8_t>& File2Buffer(const std::string path,
std::vector<uint8_t>& buffer) {
fstream fs(path, ios::in | ios::binary);
if (fs) {
// Don't skip new lines
fs.unsetf(ios::skipws);
fs.seekg(0, ios::end);
size_t size = static_cast<size_t>(fs.tellg());
fs.seekg(0, ios::beg);
buffer.reserve(size);
buffer.insert(buffer.begin(),
istream_iterator<uint8_t>(fs),
istream_iterator<uint8_t>());
}
return buffer;
}
int main(int argc, char* argv[])
{
if (argc != 3) {
cout << "Usage: " << argv[0] << " <pkcs12 file> " << "<password>n";
exit(0);
}
std::vector<uint8_t> input;
File2Buffer(argv[1], input);
std::string Password = argv[2];
std::vector<uint8_t> Certificate;
std::vector<uint8_t> PrivateKey;
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
ERR_load_crypto_strings();
PKCS12* p12_cert = NULL;
const uint8_t* p1 = &input[0];
if(d2i_PKCS12(&p12_cert, &p1, input.size()) != NULL) {
EVP_PKEY *privatekey = NULL;
X509 *x509_cert = NULL;
// additional certs, last arg is CA which we don't care about
if (PKCS12_parse(p12_cert, Password.c_str(), &privatekey, &x509_cert, NULL))
{
// populate m_privateKey
int size = i2d_PrivateKey(privatekey, NULL);
std::cout << "privatekey size=" << size << 'n';
if (size > 0)
{
PrivateKey.resize(size);
uint8_t* ptr = &PrivateKey[0];
i2d_PrivateKey(privatekey, &ptr);
std::cout << "PrivateKey size=" << PrivateKey.size() << 'n';
}
// populate certificate
size = i2d_X509(x509_cert, NULL);
std::cout << "certificate size=" << size << 'n';
if(size > 0)
{
Certificate.resize(size);
uint8_t* ptr = &Certificate[0];
int ret = i2d_X509(x509_cert, &ptr);
std::cout << "ret=" << ret <<'n';
std::cout << "cert size=" << Certificate.size() << 'n';
}
}
PKCS12_free(p12_cert);
}
// test it out:
if (Certificate.size() > 0) {
cout << "Certificate size=" << Certificate.size() << 'n';
for (auto& ch : Certificate) {
cout << hex << ch << " ";
}
}
}
使用调整大小而不是保留。保留的问题在于,如果你做一个赋值(如 PrivateKey[5] = 5(,并调用 PrivateKey.size((,大小仍将保持 0。(实际上,保留可以与 std::copy 中的back_inserter成对使用(,但在您的情况下,您应该调整大小。