EMO Style ForumPro - Hos Geldiniz
Giriş yap

Şifremi unuttum

Istatistikler
Toplam 203 kayıtlı kullanıcımız var
Son kaydolan kullanıcımız: posta59

Kullanıcılarımız toplam 1186 mesaj attılar bunda 862 konu
Tarıyıcı
 Kapı
 Indeks
 Üye Listesi
 Profil
 SSS
 Arama
Arama
 
 

Sonuç :
 


Rechercher çıkıntı araştırma

RSS akısı


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Anahtar-kelime

Kimler hatta?
Toplam 6 kullanıcı online :: 0 Kayıtlı, 0 Gizli ve 6 Misafir :: 1 Arama motorları

Yok

[ Bütün listeye bak ]


Sitede bugüne kadar en çok 217 kişi C.tesi Tem. 29, 2017 1:46 am tarihinde online oldu.
En son konular
» İnternetten Para Kazandıran Oyun ! Ödeme Alt Limiti Yok ! DEV KONU
Cuma Ağus. 29, 2014 8:33 am tarafından Hello EMO

» goldenchase.net maden yaparak para kazanma
Cuma Ağus. 29, 2014 8:18 am tarafından Hello EMO

» etichal hacker görsel egitim seti
Çarş. Ağus. 06, 2014 4:57 am tarafından Hello EMO

» KO TBL Source C#
Ptsi Ara. 09, 2013 6:36 am tarafından Hello EMO

» x86 Registers
C.tesi Ağus. 24, 2013 5:02 am tarafından Hello EMO

» [Tutorial] Pegando Address, Pointers de WYD
Çarş. Tem. 10, 2013 7:25 am tarafından Hello EMO

» [Tutorial] Pegando Address, Pointers de CS Metodo²
Çarş. Tem. 10, 2013 7:23 am tarafından Hello EMO

» [Tutorial] Aprendendo basico deASM OLLYDBG
Çarş. Tem. 10, 2013 7:22 am tarafından Hello EMO

» Basic C# DLL injector
Ptsi Tem. 08, 2013 7:48 am tarafından Hello EMO

Reklam

RSA encryption with OpenSSL (tutorial)

Önceki başlık Sonraki başlık Aşağa gitmek

RSA encryption with OpenSSL (tutorial)

Mesaj tarafından EMO Bir Paz Mayıs 22, 2011 6:41 pm

[quote='clamabilk' pid='39939' dateline='1296309710']
This tutorial briefly covers using OpenSSL to encrypt something using the RSA algorithm. This isn't a full tutorial that breaks down the code and tells you to write line after line. It's a code::blocks project with a readme file and comments explaining most of the code. Familiarity with C (or C++) is assumed.If you intend on using RSA in one of your projects I suggest you look over the Wikipedia article about RSA for potential flaws and other things you should be aware of.

So, what exactly is RSA? RSA is a public key encryption algorithm, also known as asymmetric encryption algorithm. What this means is that you have two parts to the key: A public and a private part.
Once you generate a keypair you can give the public key to anyone, don't consider it private information. They can then use that public key to encrypt something, and no one will be able to decrypt that something except for the person holding the private part of that key.
Most of the security you encounter every day is possible because of public key encryption. When you visit a website oven https, use your bank's software or log in on the VPN of your job: chances are that public-key encryption is being used to keep it secure.

In the example code I encrypt a small string, but RSA has a limitation: It can only encrypt things that are shorter than the key length. In real world applications the RSA algorithm is usually used to encrypt the key of another cipher (block or stream ciphers such as AES or RC4). Then that cipher is used to encrypt larger files.

You can download the code::blocks project for this source code here: megaupload.com 493DNI3C.

Readme.txt:
Kod:

WARNING
=======
Because I know the majority will not want to compile their own OpenSSL
binaries I included them, but I do not recommend that you use the OpenSSL
binaries I supplied. Why would you run binaries from a random stranger on
the internet? Especially for a security product such as OpenSSL.
You can get the latest OpenSSL source at http://www.openssl.org/source/

I'd also like to warn about the source code examples: To keep the code short
and easy to understand I have not done any error checking at all. If you want
to use these examples in a real application I strongly suggest that you verify
the output value of every OpenSSL, WinAPI and standard library function.
You can find the relevant documentation here:
http://www.openssl.org/docs/crypto/crypto.html
http://msdn.microsoft.com/en-us/library/


CONTENTS
========

bin/mykey.priv      - Example private key (Don't use this for real projects!!!)
bin/mykey.pub      - Example public key (Again, don't use this outside testing)
bin/openssl.exe    - Binary file required to generate RSA keypairs (OpenSSL 1.0.0c)
lib/                - Static openssl libraries compiled by me (OpenSSL 1.0.0c)
include/            - OpenSSL header files (OpenSSL 1.0.0c)
doc/                - The documentation you are reading now, congrats!
encrypt.c          - Example on encryption with RSA
decrypt.c          - Example on decryption with RSA


GENERATING KEYS
===============
You can generate your own private and public keys with the openssl.exe binary.
First you should decide how strong you want your keys to be. It is suggested not to
use keys shorter than 2048 bits and if you want your keys to be useful for a few more
years you should use 4096 or perhaps 8192 bit keys. I don't suggest you use keys longer
than 8192 bit because using (and generating) those keys will require quite a lot more CPU
power for limited additional security.

To generate the keys, open a command prompt (cmd) and naviate to the location of the
openssl.exe binary (included in the bin/ directory of this project). Then issue the
following commands:

    retorut@msys ~/codeblocks/RSAExample/bin
    $ openssl.exe genrsa -out mykey.priv 4096
    Loading 'screen' into random state - done
    Generating RSA private key, 4096 bit long modulus
    .................................................................................
    .................................................................................
    .........................++
    .................................................................................
    .................................................................................
    ....++
    e is 65537 (0x10001)

    retorut@msys ~/codeblocks/RSAExample/bin
    $ openssl.exe rsa -in mykey.priv -out mykey.pub -pubout
    writing RSA key

    retorut@msys ~/codeblocks/RSAExample/bin
    $ ls
    openssl.exe  mykey.priv  mykey.pub


CONFIGURING THE PROJECT
=======================
This project should be ready to compile out of the box but there are a few things you
must verify.

1)  You have to link to libgdi32.dll, which is in your mingw directory under
    mingw/lib/libgdi32.a. This project uses C:\Mingw as mingw directory but this may
    be different for your Code::Blocks install.
    To change this go to Project -> Build Options -> (Select RSAExample) ->
    Linker Settings (tab) -> Edit C:\MinGW\lib\libgdi32.a entry.

2)  If you create your own projects make sure that you use -static-libgcc as linker
    option, this prevents a libgcc dll dependency.
    To change this go to Project -> Build Options -> (Select build ) ->
    Linker Settings (tab) -> Add '-static-libgcc' to the 'other linker options' field

3)  Depending on your compiler version, it's possible that you get some errors regaring
    C99 or about defining new variables in the middle of a function, to fix this make
    sure you are using the --std=c99 compiler flag.
    To change this go to Project -> Build Options -> (Select build ) ->
    Compiler Settings (tab) -> Other options (tab) -> Add '---std=c99'


EXPECTED OUTPUT
===============
    retorut@msys ~/codeblocks/RSAExample/bin
    $ ./encrypt.exe
    Please enter a message
    >Hello RSA!
    The encrypted message is:
    aEtwsSb4KJd4svJFMYacroVCMNvXjd7ukysiqo1KoCeUtYwF/LYSdbryl8rgheVX
    5YtIidOAapqHt8cQAfJqosfrVKkIr/Fge1PlSZvPpuEwQBMWPgWCFRjnMEaG1xdA
    FzA4J3TZ1EUL49AgKvr9UUVUkJmBMSdF/RicNmLj1e8Raskl1tBrNFUqnB6bBfLM
    KtOvf9xm2RI3LWZRrk2enHyHS4qiPYwXxvKD1gq9rxp6MSnJtAxzC+uh9IT6TNAm
    5D7rNPoibd0cwIImRqpyzAVdh8Z9PHPUamLxi7RxJnXi9et5wbX62Igs/X5qKdxU
    TmSIPibv/NpJrs0eSHTnt8DNnguO6rrQTe/vUr++oAqKhFhfoX9CqeshHzsI1PjS
    sypuhzNV32KLSDZL3/vSIrTR0QxR/9TlghL6EB5Cmm2NHJBe/B4zzRITuS612ceT
    AY255ZifeCdURFClKbCDFINmRkWDdjtznUTqlWhGs6WE9Ru9rqmv92Uqd+9GdKF+
    4+bsHWYyx/CB+/JGPng7c1QIiHI06DSzd9i0Z44QeJH8Wtqqtz6sElPy+132QBUb
    oStyyO42dqoIusM4lN59aLoAX4CCuIlvYiaqmGU2uH7L6wTS6BMdGL7FsvmWbXEK
    MtkJWsPh6f5lHg6sAuzQ9JiXwPzVLW+f+3Fy8Bwmi5A=

    retorut@msys ~/codeblocks/RSAExample/bin
    $ ./decrypt.exe
    Hello RSA!

encrypt.c
Kod:

#include <stdio.h>
#include <string.h>

#include <openssl/rsa.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/rand.h>

#include <windows.h>
#include <wincrypt.h>

// This is the public key, look at docs/README.txt for information on
// how to generate your own public key
#define PUBLIC_KEY_PEM \
"-----BEGIN PUBLIC KEY-----\n" \
"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuIcay8areeYS5gyZBjPx\n" \
"M7/NzK4w7crSjO9Ea2p4cwaWnXRSvs0yD+A9uC7nDU2UlhUy6hXQYThpjbDctyGO\n" \
"fIVmJi0Q1wjGU8mlB/NeAfxe4xhTCOIt/LdZf2py50socziysdvBxUbTKMWZPmsj\n" \
"BsvbiasIlkXRvQY3kWEUDtK6F4fO3+uXyM4tIwDNd8JCtOdFEbtvfIsu/5z2UdQn\n" \
"+olLfpt4mcyjMuRzbvTZd7qq4d5al4P2Oi5bz8ZX8SMOMBcWr1mXKp+xVmw6HfBm\n" \
"o1FZ0s9+xyedBum+2hyVrdX/6qg0FN/gU/19ESGBt3T1x0F4wHKuuZpyoVYtHCAq\n" \
"W/SR0Q2uOQY1V+Xg4s1U4dWIstJWNNdDqiYxY92K66FPu5Gzjdw8RLp3MuDQo5xT\n" \
"pWesUTQUcBhmKOptOS21FYXELWxaliefnb5BbMJ/RaLvFcH80pn2ev+tMocwZXmG\n" \
"KJ9QSCvvrgs1mB3cC5mPgw9KtEO28LIeYmzit+Qk/lGnh6k0HBa1ZCwbKjo7LX0k\n" \
"243sdkTIoUfMXjvfOH/OaVDXsTM2U8Moy4HyhNvEUSDezoTDqyZHDpRvIIx8OWMR\n" \
"8rVXVgPQr4ye64MjNYk98ye0YezYqZpW9ATkV2XxK7ZGkG6eZdR5fcvilaQEVgd4\n" \
"NM5L8o5gHCpD2VPt6T1+TX0CAwEAAQ==\n" \
"-----END PUBLIC KEY-----"

// This small function creates a new memory BIO and reads the RSA key
RSA *GetPublicKey()
{
    BIO *bp = BIO_new_mem_buf(PUBLIC_KEY_PEM, -1);          // Create a new memory buffer BIO
    RSA *pubKey = PEM_read_bio_RSA_PUBKEY(bp, 0, 0, 0);    // And read the RSA key from it
    BIO_free(bp);
    return pubKey;
}

// This function seeds the RNG to perform secure padding
// It uses the Windows cryptographic API to fetch some
// Cryptographically secure random data. In addition it also
// Uses the openssl function to use whatever is displayed on
// the screen as a source for randomness
void SeedRNG()
{
    HCRYPTPROV cryptCtx;
    CryptAcquireContext(&cryptCtx, 0, 0, PROV_RSA_FULL, 0);
    unsigned char buffer[512];
    CryptGenRandom(cryptCtx, sizeof(buffer), buffer);
    RAND_seed(buffer, sizeof(buffer));
    RAND_screen();
    CryptReleaseContext(cryptCtx, 0);
}

int main()
{
    ERR_load_crypto_strings();  // Loading the error strings, I don't use them in this project but you will want to use them
    SeedRNG();                  // Seed the RNG with secure random data

    // Reading the public key
    RSA *pubKey = GetPublicKey();

    // Asking the user for a message
    char message[RSA_size(pubKey)];
    printf("Please enter a message\n>");
    fgets(message, RSA_size(pubKey) - 41, stdin);

    // Encrypting the message
    unsigned char output[RSA_size(pubKey)];
    RSA_public_encrypt(strlen(message), (unsigned char *)message, output, pubKey, RSA_PKCS1_OAEP_PADDING);

    // Output the encrypted message in base64
    printf("The encrypted message is: \n");
    BIO *b64 = BIO_new(BIO_f_base64());                // OpenSSL uses filter BIOs that you can chain with other BIOs
                                                        // This opens a base64 filter
    BIO *bp = BIO_new_fp(stdout, BIO_NOCLOSE);          // and this opens a BIO for stdout
    bp = BIO_push(b64, bp);                            // we then chain the two BIOs so everything written to it will come
                                                        // On stdout in base64 format
    BIO_write(bp, output, RSA_size(pubKey));
    BIO_flush(bp);
    BIO_free_all(bp);

    RSA_free(pubKey);
    ERR_free_strings();
    return EXIT_SUCCESS;
}

decrypt.c
Kod:

#include <stdio.h>
#include <openssl/rsa.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/err.h>

// This is an encrypted message that was generated with encrypt.exe
// Compile encrypt.c to create your own messages
#define MESSAGE_ENCRYPTED \
"aUpeHIUBqiYnHLIs7mQF0jAmnc+P9DMk60e7GlP0HbEUs10ZnvN6/QFfEJYEluK6\n" \
"cyHS40YhAR9jYxwy2pFeRpAdfQIz+zJWRjwZZdzydj3o7ww2v+3XIzdvPofnJlin\n" \
"i8QDTlpXNeIpsenFufbTK7Hrd6xQzI2P4ulXcchuuRRs6W8MZAOODda582XZJeZW\n" \
"UepyN894Fb8IEA0YSvhs7eT2GiNbpaIEsmLH9WV2hxJ9Mu8zY3nhzR8B4t+W7FdT\n" \
"lUp4IbqR0uFLjGJFm7BW88NLb4y/0gytvvMDKv/q5Q82zoC/22hPbZu7jPj/AlnS\n" \
"sHTdpxGMh+/8YKThRZPlLRIDrBczqwQnRGReSKXwJaXbuV+ZrpNC11t7vA/mXmcP\n" \
"ai6o1ikiIdCiSNXVvGLA5bOa2jLXymV699fwEJ698BuPYMW0oiMI0yYqAU2aLAer\n" \
"Gxi5yaD/CRbH/NQmc7kxy0ysrMm7H6c8Dn14OpohLHV21TBjip4aTp+LMNof5toD\n" \
"K/UtSTauRxXiAXbmRsIDAeFkIgKtEPGM2m6xrMqMmiTd6SGx4rAb4IrhxnFzJlmh\n" \
"cQJSLaJIMIko9DDApo73igU+LtEVVRbH67W+lyZq3QORWGHdFhpsdr3QkRxmKY3/\n" \
"X7eImR3847GJuBEFLYR8V9oT2bzIu2MkFDPixGLgW7Q=\n"

int main()
{
    FILE *keyFile = fopen("mykey.priv", "r");                  // Open the private key file
    RSA *privKey = PEM_read_RSAPrivateKey(keyFile, 0, 0, 0);    // And read the RSA structure from it
    fclose(keyFile);

    unsigned char inbuffer[RSA_size(privKey)];                  // Create some buffers of the right size
    unsigned char outbuffer[RSA_size(privKey)];
    BIO *b64 = BIO_new(BIO_f_base64());                        // And a base64 filter bio
    BIO *bp = BIO_new_mem_buf(MESSAGE_ENCRYPTED, -1);
    bp = BIO_push(b64, bp);                                    // That is chained to the memory BIO (see encrypt.c for more info)
    BIO_read(bp, inbuffer, RSA_size(privKey));                  // Read from the chained BIO to receive binary data from the base64 input
    BIO_free_all(bp);

    // Decrypt the data and make sure to terminate it with a \0 byte, then print it and we're done!
    int len = RSA_private_decrypt(RSA_size(privKey), inbuffer, outbuffer, privKey, RSA_PKCS1_OAEP_PADDING);
    outbuffer[len] = '\0';
    printf("%s", outbuffer);

    RSA_free(privKey);
    return EXIT_SUCCESS;
}

I've also found some example code on using OpenSSL to create a client and server:
OpenSSL Client Tutorial
OpenSSL server tutorial and example code
[/quote]
avatar
EMO
EMO Team
EMO Team

Cinsiyet : Erkek
Burçlar : Yay
Yılan
Mesaj Sayısı : 184
Puan : 117793
Rep Puanı : 5
Doğum tarihi : 28/11/89
Kayıt tarihi : 18/05/11
Yaş : 27
Nerden : EMO world
İş/Hobiler : RCE Student / Game Hacking / Learn Beginner C#,C++,Delphi
Lakap : EMO

Kullanıcı profilini gör

Sayfa başına dön Aşağa gitmek

Önceki başlık Sonraki başlık Sayfa başına dön


 
Bu forumun müsaadesi var:
Bu forumdaki mesajlara cevap veremezsiniz