• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

C++ EVP_PKEY_get1_RSA函数代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了C++中EVP_PKEY_get1_RSA函数的典型用法代码示例。如果您正苦于以下问题:C++ EVP_PKEY_get1_RSA函数的具体用法?C++ EVP_PKEY_get1_RSA怎么用?C++ EVP_PKEY_get1_RSA使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。



在下文中一共展示了EVP_PKEY_get1_RSA函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。

示例1: key_from_bio

RSA* key_from_bio(BIO *key_bio, BOOL is_private) {

  EVP_PKEY *pkey = NULL;
  
  if(is_private) {
    pkey = PEM_read_bio_PrivateKey(key_bio, 
                          NULL,NULL, NULL);
  }else {
    pkey = PEM_read_bio_PUBKEY(key_bio, NULL,
                                        NULL, NULL);
  }
  if(!pkey) {
      fprintf(stderr, "ERROR: key read from BIO is null\n");
      exit(1);
  }
  BIO_free(key_bio);
  RSA *rsa = EVP_PKEY_get1_RSA(pkey);
  EVP_PKEY_free(pkey);
  return rsa;
}
开发者ID:katmagic,项目名称:perspectives-notary-server,代码行数:20,代码来源:notary_crypto.c


示例2: cryptoMagic

static int
cryptoMagic(X509 *x0, X509 *x1, X509 *x2,
	    const unsigned char *toHashData, int toHashLength,
	    /*XXX const*/ unsigned char *rsaSigData, int rsaSigLen,
	    DataValue *partialDigest)
{
	int rv = 0;
	EVP_PKEY *pk = X509_get_pubkey(x2);
	if (pk) {
		if (pk->type == EVP_PKEY_RSA) {
			RSA *rsa = EVP_PKEY_get1_RSA(pk);
			if (rsa) {
				X509_STORE *store = X509_STORE_new();
				if (store) {
					X509_STORE_CTX ctx;
					X509_STORE_add_cert(store, x0);
					X509_STORE_add_cert(store, x1);
					if (X509_STORE_CTX_init(&ctx, store, x2, 0) == 1) {
						X509_STORE_CTX_set_flags(&ctx, X509_V_FLAG_IGNORE_CRITICAL);
						if (X509_verify_cert(&ctx) == 1) {
							unsigned char md[SHA_DIGEST_LENGTH];
							if (partialDigest) {
								// XXX we need to flip ECID back before hashing
								flipAppleImg3Header((AppleImg3Header *)toHashData);
								doPartialSHA1(md, toHashData, toHashLength, partialDigest);
							} else {
								SHA1(toHashData, toHashLength, md);
							}
							rv = RSA_verify(NID_sha1, md, SHA_DIGEST_LENGTH, rsaSigData, rsaSigLen, rsa);
						}
						X509_STORE_CTX_cleanup(&ctx);
					}
					X509_STORE_free(store);
				}
				RSA_free(rsa);
			}
		}
		EVP_PKEY_free(pk);
	}
	return rv ? 0 : -1;
}
开发者ID:0neday,项目名称:xpwn,代码行数:41,代码来源:validate.c


示例3: BIO_new

char *cipher_rsa_decrypt(const char *ciphertext, size_t len, const struct private_key *private_key)
{
	PKCS8_PRIV_KEY_INFO *p8inf = NULL;
	EVP_PKEY *pkey = NULL;
	RSA *rsa = NULL;
	BIO *memory = NULL;
	char *ret = NULL;

	if (!len)
		return NULL;

	memory = BIO_new(BIO_s_mem());
	if (BIO_write(memory, private_key->key, private_key->len) < 0)
		goto out;

	p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(memory, NULL);
	if (!p8inf)
		goto out;
	pkey = EVP_PKCS82PKEY(p8inf);
	if (!pkey)
		goto out;
	if (p8inf->broken)
		goto out;
	rsa = EVP_PKEY_get1_RSA(pkey);
	if (!rsa)
		goto out;

	ret = xcalloc(len + 1, 1);
	if (RSA_private_decrypt(len, (unsigned char *)ciphertext, (unsigned char *)ret, rsa, RSA_PKCS1_OAEP_PADDING) < 0) {
		free(ret);
		ret = NULL;
		goto out;
	}

out:
	PKCS8_PRIV_KEY_INFO_free(p8inf);
	EVP_PKEY_free(pkey);
	RSA_free(rsa);
	BIO_free_all(memory);
	return ret;
}
开发者ID:TonyAbell,项目名称:lastpass-cli,代码行数:41,代码来源:cipher.c


示例4: d2i_RSA_PUBKEY

RSA *
d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
{
	EVP_PKEY *pkey;
	RSA *key;
	const unsigned char *q;
	q = *pp;
	pkey = d2i_PUBKEY(NULL, &q, length);
	if (!pkey)
		return NULL;
	key = EVP_PKEY_get1_RSA(pkey);
	EVP_PKEY_free(pkey);
	if (!key)
		return NULL;
	*pp = q;
	if (a) {
		RSA_free(*a);
		*a = key;
	}
	return key;
}
开发者ID:mr-moai-2016,项目名称:znk_project,代码行数:21,代码来源:x_pubkey.c


示例5: get_key_pem_private

PyObject *
get_key_pem_private(const struct ccn_pkey *private_key_ccn)
{
	unsigned long err;
	RSA *private_key_rsa = NULL;
	BIO *bio;
	BUF_MEM *bufmem;
	int r;
	PyObject *py_res;

	bio = BIO_new(BIO_s_mem());
	JUMP_IF_NULL(bio, openssl_error);

	private_key_rsa = EVP_PKEY_get1_RSA((EVP_PKEY *) private_key_ccn);
	JUMP_IF_NULL(private_key_rsa, openssl_error);

	r = PEM_write_bio_RSAPrivateKey(bio, private_key_rsa, NULL, NULL, 0, NULL,
			NULL);
	RSA_free(private_key_rsa);
	private_key_rsa = NULL;
	if (!r)
		goto openssl_error;

	BIO_get_mem_ptr(bio, &bufmem);
	py_res = PyBytes_FromStringAndSize(bufmem->data, bufmem->length);
	r = BIO_free(bio);
	if (!r)
		goto openssl_error;

	return py_res;

openssl_error:
	err = ERR_get_error();
	PyErr_Format(g_PyExc_CCNKeyError, "Unable to obtain PEM: %s",
			ERR_reason_error_string(err));
	RSA_free(private_key_rsa);
	BIO_free(bio);
	return NULL;
}
开发者ID:Emat12,项目名称:PyCCN,代码行数:39,代码来源:key_utils.c


示例6: wi_socket_ssl_pubkey

void * wi_socket_ssl_pubkey(wi_socket_t *socket) {
#ifdef WI_SSL
	RSA			*rsa = NULL;
	X509		*x509 = NULL;
	EVP_PKEY	*pkey = NULL;

	x509 = SSL_get_peer_certificate(socket->ssl);

	if(!x509) {
		wi_error_set_ssl_error();
		
		goto end;
	}
	
	pkey = X509_get_pubkey(x509);
	
	if(!pkey) {
		wi_error_set_ssl_error();

		goto end;
	}
	
	rsa = EVP_PKEY_get1_RSA(pkey);
	
	if(!rsa)
		wi_error_set_ssl_error();

end:
	if(x509)
		X509_free(x509);
	
	if(pkey)
		EVP_PKEY_free(pkey);
	
	return rsa;
#else
	return NULL;
#endif
}
开发者ID:ProfDrLuigi,项目名称:zanka,代码行数:39,代码来源:wi-socket.c


示例7: GetRSAKey

int GetRSAKey(RSA **rsa,		/* freed by caller */	
	      X509 *x509Certificate)
{
    int 		rc = 0;
    EVP_PKEY 		*pkey = NULL;
    
    if (rc == 0) {
	pkey = X509_get_pubkey(x509Certificate);
	if (pkey == NULL) {
	    printf("Error: Cannot get certificate public key\n");
	    rc = -1;
	}
    }
    if (rc == 0) {
	*rsa = EVP_PKEY_get1_RSA(pkey);
	if (*rsa == NULL) {
	    printf("Error: Cannot extract certificate RSA public key\n");
	    rc = -1;
	}
    }
    return rc;
}
开发者ID:osresearch,项目名称:tpmtotp,代码行数:22,代码来源:quote.c


示例8: wi_socket_ssl_public_key

wi_rsa_t * wi_socket_ssl_public_key(wi_socket_t *socket) {
#ifdef HAVE_OPENSSL_SSL_H
	RSA			*rsa = NULL;
	X509		*x509 = NULL;
	EVP_PKEY	*pkey = NULL;

	x509 = SSL_get_peer_certificate(socket->ssl);

	if(!x509) {
		wi_error_set_openssl_error();
		
		goto end;
	}
	
	pkey = X509_get_pubkey(x509);
	
	if(!pkey) {
		wi_error_set_openssl_error();

		goto end;
	}
	
	rsa = EVP_PKEY_get1_RSA(pkey);
	
	if(!rsa)
		wi_error_set_openssl_error();

end:
	if(x509)
		X509_free(x509);
	
	if(pkey)
		EVP_PKEY_free(pkey);
	
	return wi_autorelease(wi_rsa_init_with_rsa(wi_rsa_alloc(), rsa));
#else
	return NULL;
#endif
}
开发者ID:ProfDrLuigi,项目名称:zanka,代码行数:39,代码来源:wi-socket.c


示例9: verify_rsa

static int verify_rsa(EVP_PKEY* pkey, keymaster_rsa_sign_params_t* sign_params,
                      const uint8_t* signedData, const size_t signedDataLength,
                      const uint8_t* signature, const size_t signatureLength) {
    if (sign_params->digest_type != DIGEST_NONE) {
        ALOGW("Cannot handle digest type %d", sign_params->digest_type);
        return -1;
    } else if (sign_params->padding_type != PADDING_NONE) {
        ALOGW("Cannot handle padding type %d", sign_params->padding_type);
        return -1;
    } else if (signatureLength != signedDataLength) {
        ALOGW("signed data length must be signature length");
        return -1;
    }

    Unique_RSA rsa(EVP_PKEY_get1_RSA(pkey));
    if (rsa.get() == NULL) {
        logOpenSSLError("openssl_verify_data");
        return -1;
    }

    UniquePtr<uint8_t[]> dataPtr(new uint8_t[signedDataLength]);
    if (dataPtr.get() == NULL) {
        logOpenSSLError("openssl_verify_data");
        return -1;
    }

    unsigned char* tmp = reinterpret_cast<unsigned char*>(dataPtr.get());
    if (!RSA_public_decrypt(signatureLength, signature, tmp, rsa.get(), RSA_NO_PADDING)) {
        logOpenSSLError("openssl_verify_data");
        return -1;
    }

    int result = 0;
    for (size_t i = 0; i < signedDataLength; i++) {
        result |= tmp[i] ^ signedData[i];
    }

    return result == 0 ? 0 : -1;
}
开发者ID:LordNerevar,项目名称:system_security,代码行数:39,代码来源:keymaster_openssl.cpp


示例10: PKI_verify_RSA

SEXP PKI_verify_RSA(SEXP what, SEXP sMD, SEXP sKey, SEXP sig) {
    int md = asInteger(sMD), type;
    EVP_PKEY *key;
    RSA *rsa;
    switch (md) {
    case PKI_MD5:
  type = NID_md5;
  break;
    case PKI_SHA1:
  type = NID_sha1;
  break;
    case PKI_SHA256:
  type = NID_sha256;
  break;
    default:
  Rf_error("unsupported hash type");
  }
    if (TYPEOF(what) != RAWSXP ||
  (md == PKI_MD5 && LENGTH(what) != MD5_DIGEST_LENGTH) ||
  (md == PKI_SHA1 && LENGTH(what) != SHA_DIGEST_LENGTH) ||
  (md == PKI_SHA256 && LENGTH(what) != SHA256_DIGEST_LENGTH))
	Rf_error("invalid hash");
    if (!inherits(sKey, "public.key") && !inherits(sKey, "private.key"))
	Rf_error("key must be RSA public or private key");
    key = (EVP_PKEY*) R_ExternalPtrAddr(sKey);
    if (!key)
	Rf_error("NULL key");
    if (EVP_PKEY_type(key->type) != EVP_PKEY_RSA)
	Rf_error("key must be RSA public or private key");
    rsa = EVP_PKEY_get1_RSA(key);
    if (!rsa)
	Rf_error("%s", ERR_error_string(ERR_get_error(), NULL));
    return
	ScalarLogical( /* FIXME: sig is not const in RSA_verify - that is odd so in theory in may modify sig ... */
		      (RSA_verify(type,
				  (const unsigned char*) RAW(what), LENGTH(what),
				  (unsigned char *) RAW(sig), LENGTH(sig), rsa) == 1)
		      ? TRUE : FALSE);
}
开发者ID:rOpenSec,项目名称:PKI,代码行数:39,代码来源:pki-x509.c


示例11: Key_to_ndn_keystore

static struct ndn_keystore*
Key_to_ndn_keystore(PyObject* py_key)
{
    // An imperfect conversion here, but...

    // This is supposed to be an opaque type.
    // We borrow this from ndn_keystore.c
    // so that we can work with the ndn hashtable
    // and do Key_to_keystore... but this whole method may not be
    // ever needed, as the ndn_keystore type seems
    // to be primarily for the use of the library internally?

    struct ndn_keystore_private {
        int initialized;
        EVP_PKEY *private_key;
        EVP_PKEY *public_key;
        X509 *certificate;
        ssize_t pubkey_digest_length;
        unsigned char pubkey_digest[SHA256_DIGEST_LENGTH];
    };


    struct ndn_keystore_private* keystore = calloc(1, sizeof(struct ndn_keystore_private));
    keystore->initialized = 1;
    // TODO: need to INCREF here?
    keystore->private_key = (EVP_PKEY*) PyCObject_AsVoidPtr(PyObject_GetAttrString(py_key, "ndn_data_private"));
    keystore->public_key = (EVP_PKEY*) PyCObject_AsVoidPtr(PyObject_GetAttrString(py_key, "ndn_data_public"));

    RSA* private_key_rsa = EVP_PKEY_get1_RSA((EVP_PKEY*) keystore->private_key);
    unsigned char* public_key_digest;
    size_t public_key_digest_len;
    create_public_key_digest(private_key_rsa, &public_key_digest, &public_key_digest_len);
    memcpy(keystore->pubkey_digest, public_key_digest, public_key_digest_len);
    keystore->pubkey_digest_length = public_key_digest_len;
    free(public_key_digest);
    free(private_key_rsa);
    return(struct ndn_keystore*) keystore;

}
开发者ID:named-data,项目名称:PyNDN,代码行数:39,代码来源:methods_key.c


示例12: switch

QSslKey SafetPKCS12::keyFromEVP( EVP_PKEY * evp )
{
    EVP_PKEY *key = (EVP_PKEY*)evp;
    unsigned char *data = NULL;
    int len = 0;
    QSsl::KeyAlgorithm alg;
    QSsl::KeyType type;

    switch( EVP_PKEY_type( key->type ) )
    {
        case EVP_PKEY_RSA:
        {
            RSA *rsa = EVP_PKEY_get1_RSA( key );
            alg = QSsl::Rsa;
            type = rsa->d ? QSsl::PrivateKey : QSsl::PublicKey;
            len = rsa->d ? i2d_RSAPrivateKey( rsa, &data ) : i2d_RSAPublicKey( rsa, &data );
            RSA_free( rsa );
            break;
        }
        case EVP_PKEY_DSA:
        {
            DSA *dsa = EVP_PKEY_get1_DSA( key );
            alg = QSsl::Dsa;
            type = dsa->priv_key ? QSsl::PrivateKey : QSsl::PublicKey;
            len = dsa->priv_key ? i2d_DSAPrivateKey( dsa, &data ) : i2d_DSAPublicKey( dsa, &data );
            DSA_free( dsa );
            break;
        }
        default: break;
    }

    QSslKey k;
    if( len > 0 )
        k = QSslKey( QByteArray( (char*)data, len ), alg, QSsl::Der, type );
    OPENSSL_free( data );

    return k;
}
开发者ID:Cenditel,项目名称:pysafet,代码行数:38,代码来源:safetpkcs12.cpp


示例13: throw

/**
 * Verify signature with RSA public key from X.509 certificate.
 *
 * @param digestMethod digest method (e.g NID_sha1 for SHA1, see openssl/obj_mac.h).
 * @param digest digest value, this value is compared with the digest value decrypted from the <code>signature</code>.
 * @param signature signature value, this value is decrypted to get the digest and compared with
 *        the digest value provided in <code>digest</code>.
 * @return returns <code>true</code> if the signature value matches with the digest, otherwise <code>false</code>
 *         is returned.
 * @throws IOException throws exception if X.509 certificate is not missing or does not have a RSA public key.
 */
bool digidoc::RSACrypt::verify(int digestMethod, std::vector<unsigned char> digest, std::vector<unsigned char> signature) throw(IOException)
{
    // Check that X.509 certificate is set.
    if(cert == NULL)
    {
        THROW_IOEXCEPTION("X.509 certificate parameter is not set in RSACrypt, can not verify signature.");
    }

    // Extract RSA public key from X.509 certificate.
    X509Cert x509(cert);
    EVP_PKEY* key = x509.getPublicKey();
    if(EVP_PKEY_type(key->type) != EVP_PKEY_RSA)
    {
        EVP_PKEY_free(key);
        THROW_IOEXCEPTION("Certificate '%s' does not have a RSA public key, can not verify signature.", x509.getSubject().c_str());
    }
    RSA* publicKey = EVP_PKEY_get1_RSA(key);

    // Verify signature with RSA public key.
    int result = RSA_verify(digestMethod, &digest[0], digest.size(), &signature[0], signature.size(), publicKey);
    RSA_free(publicKey);
    EVP_PKEY_free(key);
    return (result == 1);
}
开发者ID:Krabi,项目名称:idkaart_public,代码行数:35,代码来源:RSACrypt.cpp


示例14: PKI_decrypt

SEXP PKI_decrypt(SEXP what, SEXP sKey) {
    SEXP res;
    EVP_PKEY *key;
    RSA *rsa;
    int len;
    if (TYPEOF(what) != RAWSXP)
	Rf_error("invalid payload to sign - must be a raw vector");
    if (!inherits(sKey, "private.key"))
	Rf_error("invalid key object");
    key = (EVP_PKEY*) R_ExternalPtrAddr(sKey);
    if (!key)
	Rf_error("NULL key");
    if (EVP_PKEY_type(key->type) != EVP_PKEY_RSA)
	Rf_error("Sorry only RSA keys are supported at this point");
    rsa = EVP_PKEY_get1_RSA(key);
    if (!rsa)
	Rf_error("%s", ERR_error_string(ERR_get_error(), NULL));
    len = RSA_private_decrypt(LENGTH(what), RAW(what), (unsigned char*) buf, rsa, RSA_PKCS1_PADDING);
    if (len < 0)
	Rf_error("%s", ERR_error_string(ERR_get_error(), NULL));
    res = allocVector(RAWSXP, len);
    memcpy(RAW(res), buf, len);
    return res;
}
开发者ID:prateek05,项目名称:PKI,代码行数:24,代码来源:pki-x509.c


示例15: verify_image

/*
Function to verify a given image and signature.
Reference implementation in the Little Kernel source in "platform/msm_shared/image_verify.c"
Returns -1 if somethings fails otherwise 0
*/
int verify_image(unsigned char *image_ptr, unsigned char *signature_ptr, unsigned int image_size)
{
	X509 *x509_certificate = NULL;
	EVP_PKEY *pub_key = NULL;
	RSA *rsa_key = NULL;
	unsigned char *plain_text = NULL;
	unsigned char digest[65];
	unsigned int hash_size = SHA256_SIZE;
	int ret = 0;

	/*
	Load certificate
	*/
	FILE *fcert;
	fcert = fopen("prodcert.pem", "rb");
	if (fcert == NULL){
		fclose(fcert);
		std::cerr << "[ ERROR ] Missing certificate" << std::endl;
		ret = -1;
		goto cleanup;
	}
	x509_certificate = PEM_read_X509(fcert, NULL, NULL, NULL);
	fclose(fcert);

	/*
	Obtain RSA key
	*/
	pub_key = X509_get_pubkey(x509_certificate);
	rsa_key = EVP_PKEY_get1_RSA(pub_key);

	if (rsa_key == NULL){
		std::cerr << "[ ERROR ] Couldn't obtain key from certificate" << std::endl;
		ret = -1;
		goto cleanup;
	}

	/*
	Create buffer for decrypted hash
	*/
	plain_text = (unsigned char *)calloc(sizeof(char), SIGNATURE_SIZE);
	if (plain_text == NULL) {
		std::cerr << "[ ERROR ] calloc failed during verification" << std::endl;
		ret = -1;
		goto cleanup;
	}

	/*
	Decrypt hash
	*/
	RSA_public_decrypt(SIGNATURE_SIZE, signature_ptr, plain_text, rsa_key, RSA_PKCS1_PADDING);

	/*
	Hash the image
	*/
	sha256_buffer(image_ptr, image_size, digest);

	/*
	Check if signature is equal to the calculated hash
	*/
	if (memcmp(plain_text, digest, hash_size) != 0) {
		std::cerr << std::endl << "[ ERROR ] Invalid signature" << std::endl;
		ret = -1;
		goto cleanup;
	}
	else {
		std::cerr << std::endl << "[ SUCCESS ] The signature is valid!" << std::endl;
	}

	/* Cleanup after complete usage of openssl - cached data and objects */
cleanup:
	if (rsa_key != NULL)
		RSA_free(rsa_key);
	if (x509_certificate != NULL)
		X509_free(x509_certificate);
	if (pub_key != NULL)
		EVP_PKEY_free(pub_key);
	if (plain_text != NULL)
		free(plain_text);
	EVP_cleanup();
	CRYPTO_cleanup_all_ex_data();
	return ret;
}
开发者ID:iamfleeDemetria,项目名称:Cuber,代码行数:87,代码来源:cuber.cpp


示例16: tls_configure_ssl_keypair

int
tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx,
    struct tls_keypair *keypair, int required)
{
	EVP_PKEY *pkey = NULL;
	BIO *bio = NULL;

	if (!required &&
	    keypair->cert_mem == NULL &&
	    keypair->key_mem == NULL)
		return(0);

	if (keypair->cert_mem != NULL) {
		if (keypair->cert_len > INT_MAX) {
			tls_set_errorx(ctx, "certificate too long");
			goto err;
		}

		if (SSL_CTX_use_certificate_chain_mem(ssl_ctx,
		    keypair->cert_mem, keypair->cert_len) != 1) {
			tls_set_errorx(ctx, "failed to load certificate");
			goto err;
		}
		if (tls_keypair_pubkey_hash(keypair, &keypair->pubkey_hash) == -1)
			goto err;
	}

	if (keypair->key_mem != NULL) {
		if (keypair->key_len > INT_MAX) {
			tls_set_errorx(ctx, "key too long");
			goto err;
		}

		if ((bio = BIO_new_mem_buf(keypair->key_mem,
		    keypair->key_len)) == NULL) {
			tls_set_errorx(ctx, "failed to create buffer");
			goto err;
		}
		if ((pkey = PEM_read_bio_PrivateKey(bio, NULL, tls_password_cb,
		    NULL)) == NULL) {
			tls_set_errorx(ctx, "failed to read private key");
			goto err;
		}

		if (keypair->pubkey_hash != NULL) {
			RSA *rsa;
			/* XXX only RSA for now for relayd privsep */
			if ((rsa = EVP_PKEY_get1_RSA(pkey)) != NULL) {
				RSA_set_ex_data(rsa, 0, keypair->pubkey_hash);
				RSA_free(rsa);
			}
		}

		if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1) {
			tls_set_errorx(ctx, "failed to load private key");
			goto err;
		}
		BIO_free(bio);
		bio = NULL;
		EVP_PKEY_free(pkey);
		pkey = NULL;
	}

	if (!ctx->config->skip_private_key_check &&
	    SSL_CTX_check_private_key(ssl_ctx) != 1) {
		tls_set_errorx(ctx, "private/public key mismatch");
		goto err;
	}

	return (0);

 err:
	EVP_PKEY_free(pkey);
	BIO_free(bio);

	return (1);
}
开发者ID:soundsrc,项目名称:git-lfs-server,代码行数:77,代码来源:tls.c


示例17: generate_certificate

/** Generate a new certificate for our loaded or generated keys, and write it
 * to disk.  Return 0 on success, nonzero on failure. */
static int
generate_certificate(void)
{
  char buf[8192];
  time_t now = time(NULL);
  struct tm tm;
  char published[ISO_TIME_LEN+1];
  char expires[ISO_TIME_LEN+1];
  char id_digest[DIGEST_LEN];
  char fingerprint[FINGERPRINT_LEN+1];
  char *ident = key_to_string(identity_key);
  char *signing = key_to_string(signing_key);
  FILE *f;
  size_t signed_len;
  char digest[DIGEST_LEN];
  char signature[1024]; /* handles up to 8192-bit keys. */
  int r;

  get_fingerprint(identity_key, fingerprint);
  get_digest(identity_key, id_digest);

  tor_localtime_r(&now, &tm);
  tm.tm_mon += months_lifetime;

  format_iso_time(published, now);
  format_iso_time(expires, mktime(&tm));

  tor_snprintf(buf, sizeof(buf),
               "dir-key-certificate-version 3"
               "%s%s"
               "\nfingerprint %s\n"
               "dir-key-published %s\n"
               "dir-key-expires %s\n"
               "dir-identity-key\n%s"
               "dir-signing-key\n%s"
               "dir-key-crosscert\n"
               "-----BEGIN ID SIGNATURE-----\n",
               address?"\ndir-address ":"", address?address:"",
               fingerprint, published, expires, ident, signing
               );
  tor_free(ident);
  tor_free(signing);

  /* Append a cross-certification */
  r = RSA_private_encrypt(DIGEST_LEN, (unsigned char*)id_digest,
                          (unsigned char*)signature,
                          EVP_PKEY_get1_RSA(signing_key),
                          RSA_PKCS1_PADDING);
  signed_len = strlen(buf);
  base64_encode(buf+signed_len, sizeof(buf)-signed_len, signature, r);

  strlcat(buf,
          "-----END ID SIGNATURE-----\n"
          "dir-key-certification\n", sizeof(buf));

  signed_len = strlen(buf);
  SHA1((const unsigned char*)buf,signed_len,(unsigned char*)digest);

  r = RSA_private_encrypt(DIGEST_LEN, (unsigned char*)digest,
                          (unsigned char*)signature,
                          EVP_PKEY_get1_RSA(identity_key),
                          RSA_PKCS1_PADDING);
  strlcat(buf, "-----BEGIN SIGNATURE-----\n", sizeof(buf));
  signed_len = strlen(buf);
  base64_encode(buf+signed_len, sizeof(buf)-signed_len, signature, r);
  strlcat(buf, "-----END SIGNATURE-----\n", sizeof(buf));

  if (!(f = fopen(certificate_file, "w"))) {
    log_err(LD_GENERAL, "Couldn't open %s for writing: %s",
            certificate_file, strerror(errno));
    return 1;
  }

  fputs(buf, f);
  fclose(f);
  return 0;
}
开发者ID:chenglong7997,项目名称:Tor,代码行数:79,代码来源:tor-gencert.c


示例18: ndn_keypair

int
ndn_keypair(int public_only, struct ndn_pkey *private_key,
            PyObject **py_private_key_ndn, PyObject **py_public_key_ndn)
{
	struct ndn_pkey *public_key = NULL;
	struct ndn_pkey *private_key_copy = NULL;
	PyObject *py_private_key = NULL, *py_public_key = NULL;
	unsigned int err;
	int r;

	if (!public_only && py_private_key_ndn) {
                private_key_copy = (struct ndn_pkey *) EVP_PKEY_new();
                JUMP_IF_NULL(private_key_copy, openssl_error);

                py_private_key = NDNObject_New(PKEY_PRIV, private_key_copy);
		JUMP_IF_NULL(py_private_key, error);
                
                RSA *private_key_rsa = EVP_PKEY_get1_RSA ((EVP_PKEY *)private_key);
                JUMP_IF_NULL(private_key_rsa, openssl_error);
                
                RSA* private_key_rsa_copy = RSAPrivateKey_dup (private_key_rsa);
                JUMP_IF_NULL(private_key_rsa_copy, openssl_error);
                
		r = EVP_PKEY_set1_RSA((EVP_PKEY *) private_key_copy, private_key_rsa_copy);
		RSA_free(private_key_rsa_copy);
		JUMP_IF_NULL(r, error);
	}

	if (py_public_key_ndn) {
		public_key = (struct ndn_pkey *) EVP_PKEY_new();
		JUMP_IF_NULL(public_key, openssl_error);

		py_public_key = NDNObject_New(PKEY_PUB, public_key);
		JUMP_IF_NULL(py_public_key, error);

                RSA *private_key_rsa = EVP_PKEY_get1_RSA ((EVP_PKEY *)private_key);
                JUMP_IF_NULL(private_key_rsa, openssl_error);
                
                RSA* public_key_rsa = RSAPublicKey_dup (private_key_rsa);
                JUMP_IF_NULL(public_key_rsa, openssl_error);

		r = EVP_PKEY_set1_RSA((EVP_PKEY *) public_key, public_key_rsa);
		RSA_free(public_key_rsa);
		JUMP_IF_NULL(r, error);
	}

	if (py_private_key_ndn) {
		*py_private_key_ndn = public_only ? (Py_INCREF(Py_None), Py_None) :
				py_private_key;
	}

	if (py_public_key_ndn)
		*py_public_key_ndn = py_public_key;

	return 0;

openssl_error:
	err = ERR_get_error();
	PyErr_Format(g_PyExc_NDNKeyError, "Unable to generate keypair from the key:"
			" %s", ERR_reason_error_string(err));
error:
	if (!py_public_key && public_key)
		ndn_pubkey_free(public_key);
	Py_XDECREF(py_public_key);
	Py_XDECREF(py_private_key);
	return -1;
}
开发者ID:cawka,项目名称:PyNDN,代码行数:67,代码来源:key_utils.c


示例19: CompareCertToRSA

/**
 * @retval 1 equal
 * @retval 0 not equal
 * @retval -1 error
 */
static int CompareCertToRSA(X509 *cert, RSA *rsa_key)
{
    int ret;
    int retval = -1;                                            /* ERROR */

    EVP_PKEY *cert_pkey = X509_get_pubkey(cert);
    if (cert_pkey == NULL)
    {
        Log(LOG_LEVEL_ERR, "X509_get_pubkey: %s",
            TLSErrorString(ERR_get_error()));
        goto ret1;
    }
    if (EVP_PKEY_type(cert_pkey->type) != EVP_PKEY_RSA)
    {
        Log(LOG_LEVEL_ERR,
            "Received key of unknown type, only RSA currently supported!");
        goto ret2;
    }

    RSA *cert_rsa_key = EVP_PKEY_get1_RSA(cert_pkey);
    if (cert_rsa_key == NULL)
    {
        Log(LOG_LEVEL_ERR, "TLSVerifyPeer: EVP_PKEY_get1_RSA failed!");
        goto ret2;
    }

    EVP_PKEY *rsa_pkey = EVP_PKEY_new();
    if (rsa_pkey == NULL)
    {
        Log(LOG_LEVEL_ERR, "TLSVerifyPeer: EVP_PKEY_new allocation failed!");
        goto ret3;
    }

    ret = EVP_PKEY_set1_RSA(rsa_pkey, rsa_key);
    if (ret == 0)
    {
        Log(LOG_LEVEL_ERR, "TLSVerifyPeer: EVP_PKEY_set1_RSA failed!");
        goto ret4;
    }

    ret = EVP_PKEY_cmp(cert_pkey, rsa_pkey);
    if (ret == 1)
    {
        Log(LOG_LEVEL_DEBUG,
            "Public key to certificate compare equal");
        retval = 1;                                             /* EQUAL */
    }
    else if (ret == 0 || ret == -1)
    {
        Log(LOG_LEVEL_DEBUG,
            "Public key to certificate compare different");
        retval = 0;                                            /* NOT EQUAL */
    }
    else
    {
        Log(LOG_LEVEL_ERR, "OpenSSL EVP_PKEY_cmp: %d %s",
            ret, TLSErrorString(ERR_get_error()));
    }

  ret4:
    EVP_PKEY_free(rsa_pkey);
  ret3:
    RSA_free(cert_rsa_key);
  ret2:
    EVP_PKEY_free(cert_pkey);

  ret1:
    return retval;
}
开发者ID:Kegeruneku,项目名称:core,代码行数:74,代码来源:tls_generic.c


示例20: sc_pkcs15_convert_pubkey

int
sc_pkcs15_convert_pubkey(struct sc_pkcs15_pubkey *pkcs15_key, void *evp_key)
{
#ifdef ENABLE_OPENSSL
	EVP_PKEY *pk = (EVP_PKEY *)evp_key;

	switch (pk->type) {
	case EVP_PKEY_RSA: {
		struct sc_pkcs15_pubkey_rsa *dst = &pkcs15_key->u.rsa;
		RSA *src = EVP_PKEY_get1_RSA(pk);

		pkcs15_key->algorithm = SC_ALGORITHM_RSA;
		if (!sc_pkcs15_convert_bignum(&dst->modulus, src->n) || !sc_pkcs15_convert_bignum(&dst->exponent, src->e))
			return SC_ERROR_INVALID_DATA;
		RSA_free(src);
		break;
		}
	case EVP_PKEY_DSA: {
		struct sc_pkcs15_pubkey_dsa *dst = &pkcs15_key->u.dsa;
		DSA *src = EVP_PKEY_get1_DSA(pk);

		pkcs15_key->algorithm = SC_ALGORITHM_DSA;
		sc_pkcs15_convert_bignum(&dst->pub, src->pub_key);
		sc_pkcs15_convert_bignum(&dst->p, src->p);
		sc_pkcs15_convert_bignum(&dst->q, src->q);
		sc_pkcs15_convert_bignum(&dst->g, src->g);
		DSA_free(src);
		break;
		}
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(OPENSSL_NO_EC)
	case NID_id_GostR3410_2001: {
		struct sc_pkcs15_pubkey_gostr3410 *dst = &pkcs15_key->u.gostr3410;
		EC_KEY *eckey = EVP_PKEY_get0(pk);
		const EC_POINT *point;
		BIGNUM *X, *Y;
		int r = 0;

		assert(eckey);
		point = EC_KEY_get0_public_key(eckey);
		if (!point)
			return SC_ERROR_INTERNAL;
		X = BN_new();
		Y = BN_new();
		if (X && Y && EC_KEY_get0_group(eckey))
			r = EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(eckey),
					point, X, Y, NULL);
		if (r == 1) {
			dst->xy.len = BN_num_bytes(X) + BN_num_bytes(Y);
			dst->xy.data = malloc(dst->xy.len);
			if (dst->xy.data) {
				BN_bn2bin(Y, dst->xy.data);
				BN_bn2bin(X, dst->xy.data + BN_num_bytes(Y));
				r = sc_mem_reverse(dst->xy.data, dst->xy.len);
				if (!r)
					r = 1;
				pkcs15_key->algorithm = SC_ALGORITHM_GOSTR3410;
			}
			else
				r = -1;
		}
		BN_free(X);
		BN_free(Y);
		if (r != 1)
			return SC_ERROR_INTERNAL;
		break;
		}
	case EVP_PKEY_EC: {
		struct sc_pkcs15_pubkey_ec *dst = &pkcs15_key->u.ec;
		EC_KEY *src = NULL;
		const EC_GROUP *grp = NULL;
		unsigned char buf[255];
		size_t buflen = 255;
		int nid;

		src = EVP_PKEY_get0(pk);
		assert(src);
		assert(EC_KEY_get0_public_key(src));

		pkcs15_key->algorithm = SC_ALGORITHM_EC;
		grp = EC_KEY_get0_group(src);
		if(grp == 0)
			return SC_ERROR_INCOMPATIBLE_KEY;

		/* Decode EC_POINT from a octet string */
		buflen = EC_POINT_point2oct(grp, (const EC_POINT *) EC_KEY_get0_public_key(src),
				POINT_CONVERSION_UNCOMPRESSED, buf, buflen, NULL);

		/* get curve name */
		nid = EC_GROUP_get_curve_name(grp);
		if(nid != 0) {
			const char *name = OBJ_nid2sn(nid);
			if(sizeof(name) > 0)
				dst->params.named_curve = strdup(name);
		}

		/* copy the public key */
		if (buflen > 0) {
			dst->ecpointQ.value = malloc(buflen);
			memcpy(dst->ecpointQ.value, buf, buflen);
			dst->ecpointQ.len = buflen;
//.........这里部分代码省略.........
开发者ID:akatopaz,项目名称:OpenSC,代码行数:101,代码来源:pkcs15-pubkey.c



注:本文中的EVP_PKEY_get1_RSA函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
C++ EVP_PKEY_id函数代码示例发布时间:2022-05-30
下一篇:
C++ EVP_PKEY_get1_EC_KEY函数代码示例发布时间:2022-05-30
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap