我正在開發一個 Delphi 專案,我將在其中簽署發票。我測驗了一些 OpenSSL Delphi 埠,并成功簽署和驗證了資料。問題是我無法讀取密鑰或證書檔案。我認為密鑰和證書格式存在問題。
私鑰(private-key.pem)
MHQCAQEEIP0tXvA0mhzTBgjZaAGt V3tWIr79nG/gs56jKFJb6gboAcGBSuBBAAKoUQDQgAE 39UxFUCaF5p51RTvwXL YODEpITlTdI27S72pSPJEAjQs2jBb1sLS/xg8/y5555 d19KoLmLo6gMrxvINXaHw==
證書 (cert.pem)
MIID6zCCA5CgAwIBAgITbwAAgLTUs0JsZqZVAQABAACAtDAKBggqhkjOPQQDAjBjMRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxEzARBgoJkiaJk/IsZAEZFgNnb3YxFzAVBgoJkiaJk/IsZAEZFgdleHRnYXp0MRwwGgYDVQQDExNUU1pFSU5WT0lDRS1TdWJDQS0xMB4XDTIyMTAwNjEyNTcyNloXDTI0MTAwNTEyNTcyNlowTjELMAkGA1UEBhMCU0ExEzARBgNVBAoTCjM5OTk5OTk5OTkxDDAKBgNVBAsTA1RTVDEcMBoGA1UEAxMTVFNULTM5OTk5OTk5OTkwMDAwMzBWMBAGByqGSM49AgEGBSuBBAAKA0IABGGDDKDmhWAITDv7LXqLX2cmr6 qddUkpcLCvWs5rC2O29W/hS4ajAK4Qdnahym6MaijX75Cg3j4aao7ouYXJ9GjggI5MIICNTCBmgYDVR0RBIGSMIGPpIGMMIGJMTswOQYDVQQEDDIxLVRTVHwyLVRTVHwzLTA3MzBlZThlLTA4OWQtNDQ1OS1hMzg3LWIxMTg5NGJmMTQyOTEfMB0GCgmSJomT8ixkAQEMDzM5OTk5OTk5OTkwMDAwMzENMAsGA1UEDAwEMTEwMDEMMAoGA1UEGgwDVFNUMQwwCgYDVQQPDANUU1QwHQYDVR0OBBYEFDuWYlOzWpFN3no1WtyNktQdrA8JMB8GA1UdIwQYMBaAFHZgjPsGoKxnVzWdz5qspyuZNbUvME4GA1UdHwRHMEUwQ6BBoD GPWh0dHA6Ly90c3RjcmwuemF0Y2EuZ292LnNhL0NlcnRFbnJvbGwvVFNaRUlOVk9JQ0UtU3ViQ0EtMS5jcmwwga0GCCsGAQUFBwEBBIGgMIGdMG4GCCsGAQUFBzABhmJodHRwOi8vdHN0Y3JsLnphdGNhLmdvdi5zYS9DZXJ0RW5yb2xsL1RTWkVpbnZvaWNlU0NBMS5leHRnYXp0Lmdvdi5sb2NhbF9UU1pFSU5WT0lDRS1TdWJDQS0xKDEpLmNydDArBggrBgEFBQcwAYYfaHR0cDovL3RzdGNybC56YXRjYS5nb3Yuc2Evb2NzcDAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMDMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwMwCgYIKoZIzj0EAwIDSQAwRgIhAOZ8oJnliPhdWvCiokPmStz2niL 1Rbw6y9asAh229z7AiEA0r6l1qnq6vzRjVvr9Hnbtq/9Aki0R4rF64EFNY4XACM=
讀取私鑰的代碼
bp := BIO_new_file(PAnsiChar(PrivKeyFile), 'r');
if CheckError() then Exit;
try
FPrivateKeyData := PEM_read_bio_PrivateKey(bp, nil, nil, PAnsiChar(FCertPassword));
if CheckError() then Exit;
finally
BIO_free(bp);
end;
讀取證書的代碼
bp := BIO_new_file(PAnsiChar(certFile), 'r');
if CheckError then Exit;
try
_x509 := PEM_read_bio_X509(bp, nil, nil, PAnsiChar(FCertPassword));
if CheckError then Exit;
finally
BIO_free(bp);
end;
兩種情況下的錯誤訊息
錯誤:0906D06C:PEM 例程:PEM_read_bio:沒有起始行
如果 OpenSSL 不接受檔案格式,有沒有辦法轉換檔案格式以便我可以將它們與 OpenSSL 庫一起使用?
uj5u.com熱心網友回復:
PEM 不僅僅是 BASE64。您的檔案名說.pem,您嘗試使用處理 PEM 的例程讀取它們,但它們不是PEM。PEM 是 base64(某些資料型別),帶有換行符和標題/尾行——這些不是可選的;見rfc7468。
您之前的 Q有這些正確的,只有標題/拖車中的“類??型”錯誤。
如下添加標題/拖尾行和換行符(編輯:更正的私鑰型別),您的檔案將與您的代碼一起使用:
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEIP0tXvA0mhzTBgjZaAGt V3tWIr79nG/gs56jKFJb6gboAcGBSuBBAAK
oUQDQgAE 39UxFUCaF5p51RTvwXL YODEpITlTdI27S72pSPJEAjQs2jBb1sLS/x
g8/y5555 d19KoLmLo6gMrxvINXaHw==
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIID6zCCA5CgAwIBAgITbwAAgLTUs0JsZqZVAQABAACAtDAKBggqhkjOPQQDAjBj
MRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxEzARBgoJkiaJk/IsZAEZFgNnb3YxFzAV
BgoJkiaJk/IsZAEZFgdleHRnYXp0MRwwGgYDVQQDExNUU1pFSU5WT0lDRS1TdWJD
QS0xMB4XDTIyMTAwNjEyNTcyNloXDTI0MTAwNTEyNTcyNlowTjELMAkGA1UEBhMC
U0ExEzARBgNVBAoTCjM5OTk5OTk5OTkxDDAKBgNVBAsTA1RTVDEcMBoGA1UEAxMT
VFNULTM5OTk5OTk5OTkwMDAwMzBWMBAGByqGSM49AgEGBSuBBAAKA0IABGGDDKDm
hWAITDv7LXqLX2cmr6 qddUkpcLCvWs5rC2O29W/hS4ajAK4Qdnahym6MaijX75C
g3j4aao7ouYXJ9GjggI5MIICNTCBmgYDVR0RBIGSMIGPpIGMMIGJMTswOQYDVQQE
DDIxLVRTVHwyLVRTVHwzLTA3MzBlZThlLTA4OWQtNDQ1OS1hMzg3LWIxMTg5NGJm
MTQyOTEfMB0GCgmSJomT8ixkAQEMDzM5OTk5OTk5OTkwMDAwMzENMAsGA1UEDAwE
MTEwMDEMMAoGA1UEGgwDVFNUMQwwCgYDVQQPDANUU1QwHQYDVR0OBBYEFDuWYlOz
WpFN3no1WtyNktQdrA8JMB8GA1UdIwQYMBaAFHZgjPsGoKxnVzWdz5qspyuZNbUv
ME4GA1UdHwRHMEUwQ6BBoD GPWh0dHA6Ly90c3RjcmwuemF0Y2EuZ292LnNhL0Nl
cnRFbnJvbGwvVFNaRUlOVk9JQ0UtU3ViQ0EtMS5jcmwwga0GCCsGAQUFBwEBBIGg
MIGdMG4GCCsGAQUFBzABhmJodHRwOi8vdHN0Y3JsLnphdGNhLmdvdi5zYS9DZXJ0
RW5yb2xsL1RTWkVpbnZvaWNlU0NBMS5leHRnYXp0Lmdvdi5sb2NhbF9UU1pFSU5W
T0lDRS1TdWJDQS0xKDEpLmNydDArBggrBgEFBQcwAYYfaHR0cDovL3RzdGNybC56
YXRjYS5nb3Yuc2Evb2NzcDAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYB
BQUHAwIGCCsGAQUFBwMDMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYI
KwYBBQUHAwMwCgYIKoZIzj0EAwIDSQAwRgIhAOZ8oJnliPhdWvCiokPmStz2niL
1Rbw6y9asAh229z7AiEA0r6l1qnq6vzRjVvr9Hnbtq/9Aki0R4rF64EFNY4XACM=
-----END CERTIFICATE-----
或者,您可以將 base64 解碼為二進制,然后使用決議二進制而不是 PEM 的例程,對于這種情況d2i_ECPrivateKey和d2i_x509.
請注意,此私鑰未加密,因此您實際上不需要密碼(它被忽略)。
Meta:我不確定這真的是編程還是開發,但我需要格式化,所以我回答了。如果 Q 已關閉,我會根據要求洗掉。
轉載請註明出處,本文鏈接:https://www.uj5u.com/shujuku/523070.html
標籤:德尔福openssl
上一篇:展開具有可變長度的多個陣列列