本文整理汇总了C++中EVP_PKEY_get1_RSA函数的典型用法代码示例。如果您正苦于以下问题:C++ EVP_PKEY_get1_RSA函数的具体用法?C++ EVP_PKEY_get1_RSA怎么用?C++ EVP_PKEY_get1_RSA使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了EVP_PKEY_get1_RSA函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: key_from_bio
RSA* key_from_bio(BIO *key_bio, BOOL is_private) {
EVP_PKEY *pkey = NULL;
if(is_private) {
pkey = PEM_read_bio_PrivateKey(key_bio,
NULL,NULL, NULL);
}else {
pkey = PEM_read_bio_PUBKEY(key_bio, NULL,
NULL, NULL);
}
if(!pkey) {
fprintf(stderr, "ERROR: key read from BIO is null\n");
exit(1);
}
BIO_free(key_bio);
RSA *rsa = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
return rsa;
}
开发者ID:katmagic,项目名称:perspectives-notary-server,代码行数:20,代码来源:notary_crypto.c
示例2: cryptoMagic
static int
cryptoMagic(X509 *x0, X509 *x1, X509 *x2,
const unsigned char *toHashData, int toHashLength,
/*XXX const*/ unsigned char *rsaSigData, int rsaSigLen,
DataValue *partialDigest)
{
int rv = 0;
EVP_PKEY *pk = X509_get_pubkey(x2);
if (pk) {
if (pk->type == EVP_PKEY_RSA) {
RSA *rsa = EVP_PKEY_get1_RSA(pk);
if (rsa) {
X509_STORE *store = X509_STORE_new();
if (store) {
X509_STORE_CTX ctx;
X509_STORE_add_cert(store, x0);
X509_STORE_add_cert(store, x1);
if (X509_STORE_CTX_init(&ctx, store, x2, 0) == 1) {
X509_STORE_CTX_set_flags(&ctx, X509_V_FLAG_IGNORE_CRITICAL);
if (X509_verify_cert(&ctx) == 1) {
unsigned char md[SHA_DIGEST_LENGTH];
if (partialDigest) {
// XXX we need to flip ECID back before hashing
flipAppleImg3Header((AppleImg3Header *)toHashData);
doPartialSHA1(md, toHashData, toHashLength, partialDigest);
} else {
SHA1(toHashData, toHashLength, md);
}
rv = RSA_verify(NID_sha1, md, SHA_DIGEST_LENGTH, rsaSigData, rsaSigLen, rsa);
}
X509_STORE_CTX_cleanup(&ctx);
}
X509_STORE_free(store);
}
RSA_free(rsa);
}
}
EVP_PKEY_free(pk);
}
return rv ? 0 : -1;
}
开发者ID:0neday,项目名称:xpwn,代码行数:41,代码来源:validate.c
示例3: BIO_new
char *cipher_rsa_decrypt(const char *ciphertext, size_t len, const struct private_key *private_key)
{
PKCS8_PRIV_KEY_INFO *p8inf = NULL;
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL;
BIO *memory = NULL;
char *ret = NULL;
if (!len)
return NULL;
memory = BIO_new(BIO_s_mem());
if (BIO_write(memory, private_key->key, private_key->len) < 0)
goto out;
p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(memory, NULL);
if (!p8inf)
goto out;
pkey = EVP_PKCS82PKEY(p8inf);
if (!pkey)
goto out;
if (p8inf->broken)
goto out;
rsa = EVP_PKEY_get1_RSA(pkey);
if (!rsa)
goto out;
ret = xcalloc(len + 1, 1);
if (RSA_private_decrypt(len, (unsigned char *)ciphertext, (unsigned char *)ret, rsa, RSA_PKCS1_OAEP_PADDING) < 0) {
free(ret);
ret = NULL;
goto out;
}
out:
PKCS8_PRIV_KEY_INFO_free(p8inf);
EVP_PKEY_free(pkey);
RSA_free(rsa);
BIO_free_all(memory);
return ret;
}
开发者ID:TonyAbell,项目名称:lastpass-cli,代码行数:41,代码来源:cipher.c
示例4: d2i_RSA_PUBKEY
RSA *
d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
{
EVP_PKEY *pkey;
RSA *key;
const unsigned char *q;
q = *pp;
pkey = d2i_PUBKEY(NULL, &q, length);
if (!pkey)
return NULL;
key = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
if (!key)
return NULL;
*pp = q;
if (a) {
RSA_free(*a);
*a = key;
}
return key;
}
开发者ID:mr-moai-2016,项目名称:znk_project,代码行数:21,代码来源:x_pubkey.c
示例5: get_key_pem_private
PyObject *
get_key_pem_private(const struct ccn_pkey *private_key_ccn)
{
unsigned long err;
RSA *private_key_rsa = NULL;
BIO *bio;
BUF_MEM *bufmem;
int r;
PyObject *py_res;
bio = BIO_new(BIO_s_mem());
JUMP_IF_NULL(bio, openssl_error);
private_key_rsa = EVP_PKEY_get1_RSA((EVP_PKEY *) private_key_ccn);
JUMP_IF_NULL(private_key_rsa, openssl_error);
r = PEM_write_bio_RSAPrivateKey(bio, private_key_rsa, NULL, NULL, 0, NULL,
NULL);
RSA_free(private_key_rsa);
private_key_rsa = NULL;
if (!r)
goto openssl_error;
BIO_get_mem_ptr(bio, &bufmem);
py_res = PyBytes_FromStringAndSize(bufmem->data, bufmem->length);
r = BIO_free(bio);
if (!r)
goto openssl_error;
return py_res;
openssl_error:
err = ERR_get_error();
PyErr_Format(g_PyExc_CCNKeyError, "Unable to obtain PEM: %s",
ERR_reason_error_string(err));
RSA_free(private_key_rsa);
BIO_free(bio);
return NULL;
}
开发者ID:Emat12,项目名称:PyCCN,代码行数:39,代码来源:key_utils.c
示例6: wi_socket_ssl_pubkey
void * wi_socket_ssl_pubkey(wi_socket_t *socket) {
#ifdef WI_SSL
RSA *rsa = NULL;
X509 *x509 = NULL;
EVP_PKEY *pkey = NULL;
x509 = SSL_get_peer_certificate(socket->ssl);
if(!x509) {
wi_error_set_ssl_error();
goto end;
}
pkey = X509_get_pubkey(x509);
if(!pkey) {
wi_error_set_ssl_error();
goto end;
}
rsa = EVP_PKEY_get1_RSA(pkey);
if(!rsa)
wi_error_set_ssl_error();
end:
if(x509)
X509_free(x509);
if(pkey)
EVP_PKEY_free(pkey);
return rsa;
#else
return NULL;
#endif
}
开发者ID:ProfDrLuigi,项目名称:zanka,代码行数:39,代码来源:wi-socket.c
示例7: GetRSAKey
int GetRSAKey(RSA **rsa, /* freed by caller */
X509 *x509Certificate)
{
int rc = 0;
EVP_PKEY *pkey = NULL;
if (rc == 0) {
pkey = X509_get_pubkey(x509Certificate);
if (pkey == NULL) {
printf("Error: Cannot get certificate public key\n");
rc = -1;
}
}
if (rc == 0) {
*rsa = EVP_PKEY_get1_RSA(pkey);
if (*rsa == NULL) {
printf("Error: Cannot extract certificate RSA public key\n");
rc = -1;
}
}
return rc;
}
开发者ID:osresearch,项目名称:tpmtotp,代码行数:22,代码来源:quote.c
示例8: wi_socket_ssl_public_key
wi_rsa_t * wi_socket_ssl_public_key(wi_socket_t *socket) {
#ifdef HAVE_OPENSSL_SSL_H
RSA *rsa = NULL;
X509 *x509 = NULL;
EVP_PKEY *pkey = NULL;
x509 = SSL_get_peer_certificate(socket->ssl);
if(!x509) {
wi_error_set_openssl_error();
goto end;
}
pkey = X509_get_pubkey(x509);
if(!pkey) {
wi_error_set_openssl_error();
goto end;
}
rsa = EVP_PKEY_get1_RSA(pkey);
if(!rsa)
wi_error_set_openssl_error();
end:
if(x509)
X509_free(x509);
if(pkey)
EVP_PKEY_free(pkey);
return wi_autorelease(wi_rsa_init_with_rsa(wi_rsa_alloc(), rsa));
#else
return NULL;
#endif
}
开发者ID:ProfDrLuigi,项目名称:zanka,代码行数:39,代码来源:wi-socket.c
示例9: verify_rsa
static int verify_rsa(EVP_PKEY* pkey, keymaster_rsa_sign_params_t* sign_params,
const uint8_t* signedData, const size_t signedDataLength,
const uint8_t* signature, const size_t signatureLength) {
if (sign_params->digest_type != DIGEST_NONE) {
ALOGW("Cannot handle digest type %d", sign_params->digest_type);
return -1;
} else if (sign_params->padding_type != PADDING_NONE) {
ALOGW("Cannot handle padding type %d", sign_params->padding_type);
return -1;
} else if (signatureLength != signedDataLength) {
ALOGW("signed data length must be signature length");
return -1;
}
Unique_RSA rsa(EVP_PKEY_get1_RSA(pkey));
if (rsa.get() == NULL) {
logOpenSSLError("openssl_verify_data");
return -1;
}
UniquePtr<uint8_t[]> dataPtr(new uint8_t[signedDataLength]);
if (dataPtr.get() == NULL) {
logOpenSSLError("openssl_verify_data");
return -1;
}
unsigned char* tmp = reinterpret_cast<unsigned char*>(dataPtr.get());
if (!RSA_public_decrypt(signatureLength, signature, tmp, rsa.get(), RSA_NO_PADDING)) {
logOpenSSLError("openssl_verify_data");
return -1;
}
int result = 0;
for (size_t i = 0; i < signedDataLength; i++) {
result |= tmp[i] ^ signedData[i];
}
return result == 0 ? 0 : -1;
}
开发者ID:LordNerevar,项目名称:system_security,代码行数:39,代码来源:keymaster_openssl.cpp
示例10: PKI_verify_RSA
SEXP PKI_verify_RSA(SEXP what, SEXP sMD, SEXP sKey, SEXP sig) {
int md = asInteger(sMD), type;
EVP_PKEY *key;
RSA *rsa;
switch (md) {
case PKI_MD5:
type = NID_md5;
break;
case PKI_SHA1:
type = NID_sha1;
break;
case PKI_SHA256:
type = NID_sha256;
break;
default:
Rf_error("unsupported hash type");
}
if (TYPEOF(what) != RAWSXP ||
(md == PKI_MD5 && LENGTH(what) != MD5_DIGEST_LENGTH) ||
(md == PKI_SHA1 && LENGTH(what) != SHA_DIGEST_LENGTH) ||
(md == PKI_SHA256 && LENGTH(what) != SHA256_DIGEST_LENGTH))
Rf_error("invalid hash");
if (!inherits(sKey, "public.key") && !inherits(sKey, "private.key"))
Rf_error("key must be RSA public or private key");
key = (EVP_PKEY*) R_ExternalPtrAddr(sKey);
if (!key)
Rf_error("NULL key");
if (EVP_PKEY_type(key->type) != EVP_PKEY_RSA)
Rf_error("key must be RSA public or private key");
rsa = EVP_PKEY_get1_RSA(key);
if (!rsa)
Rf_error("%s", ERR_error_string(ERR_get_error(), NULL));
return
ScalarLogical( /* FIXME: sig is not const in RSA_verify - that is odd so in theory in may modify sig ... */
(RSA_verify(type,
(const unsigned char*) RAW(what), LENGTH(what),
(unsigned char *) RAW(sig), LENGTH(sig), rsa) == 1)
? TRUE : FALSE);
}
开发者ID:rOpenSec,项目名称:PKI,代码行数:39,代码来源:pki-x509.c
示例11: Key_to_ndn_keystore
static struct ndn_keystore*
Key_to_ndn_keystore(PyObject* py_key)
{
// An imperfect conversion here, but...
// This is supposed to be an opaque type.
// We borrow this from ndn_keystore.c
// so that we can work with the ndn hashtable
// and do Key_to_keystore... but this whole method may not be
// ever needed, as the ndn_keystore type seems
// to be primarily for the use of the library internally?
struct ndn_keystore_private {
int initialized;
EVP_PKEY *private_key;
EVP_PKEY *public_key;
X509 *certificate;
ssize_t pubkey_digest_length;
unsigned char pubkey_digest[SHA256_DIGEST_LENGTH];
};
struct ndn_keystore_private* keystore = calloc(1, sizeof(struct ndn_keystore_private));
keystore->initialized = 1;
// TODO: need to INCREF here?
keystore->private_key = (EVP_PKEY*) PyCObject_AsVoidPtr(PyObject_GetAttrString(py_key, "ndn_data_private"));
keystore->public_key = (EVP_PKEY*) PyCObject_AsVoidPtr(PyObject_GetAttrString(py_key, "ndn_data_public"));
RSA* private_key_rsa = EVP_PKEY_get1_RSA((EVP_PKEY*) keystore->private_key);
unsigned char* public_key_digest;
size_t public_key_digest_len;
create_public_key_digest(private_key_rsa, &public_key_digest, &public_key_digest_len);
memcpy(keystore->pubkey_digest, public_key_digest, public_key_digest_len);
keystore->pubkey_digest_length = public_key_digest_len;
free(public_key_digest);
free(private_key_rsa);
return(struct ndn_keystore*) keystore;
}
开发者ID:named-data,项目名称:PyNDN,代码行数:39,代码来源:methods_key.c
示例12: switch
QSslKey SafetPKCS12::keyFromEVP( EVP_PKEY * evp )
{
EVP_PKEY *key = (EVP_PKEY*)evp;
unsigned char *data = NULL;
int len = 0;
QSsl::KeyAlgorithm alg;
QSsl::KeyType type;
switch( EVP_PKEY_type( key->type ) )
{
case EVP_PKEY_RSA:
{
RSA *rsa = EVP_PKEY_get1_RSA( key );
alg = QSsl::Rsa;
type = rsa->d ? QSsl::PrivateKey : QSsl::PublicKey;
len = rsa->d ? i2d_RSAPrivateKey( rsa, &data ) : i2d_RSAPublicKey( rsa, &data );
RSA_free( rsa );
break;
}
case EVP_PKEY_DSA:
{
DSA *dsa = EVP_PKEY_get1_DSA( key );
alg = QSsl::Dsa;
type = dsa->priv_key ? QSsl::PrivateKey : QSsl::PublicKey;
len = dsa->priv_key ? i2d_DSAPrivateKey( dsa, &data ) : i2d_DSAPublicKey( dsa, &data );
DSA_free( dsa );
break;
}
default: break;
}
QSslKey k;
if( len > 0 )
k = QSslKey( QByteArray( (char*)data, len ), alg, QSsl::Der, type );
OPENSSL_free( data );
return k;
}
开发者ID:Cenditel,项目名称:pysafet,代码行数:38,代码来源:safetpkcs12.cpp
示例13: throw
/**
* Verify signature with RSA public key from X.509 certificate.
*
* @param digestMethod digest method (e.g NID_sha1 for SHA1, see openssl/obj_mac.h).
* @param digest digest value, this value is compared with the digest value decrypted from the <code>signature</code>.
* @param signature signature value, this value is decrypted to get the digest and compared with
* the digest value provided in <code>digest</code>.
* @return returns <code>true</code> if the signature value matches with the digest, otherwise <code>false</code>
* is returned.
* @throws IOException throws exception if X.509 certificate is not missing or does not have a RSA public key.
*/
bool digidoc::RSACrypt::verify(int digestMethod, std::vector<unsigned char> digest, std::vector<unsigned char> signature) throw(IOException)
{
// Check that X.509 certificate is set.
if(cert == NULL)
{
THROW_IOEXCEPTION("X.509 certificate parameter is not set in RSACrypt, can not verify signature.");
}
// Extract RSA public key from X.509 certificate.
X509Cert x509(cert);
EVP_PKEY* key = x509.getPublicKey();
if(EVP_PKEY_type(key->type) != EVP_PKEY_RSA)
{
EVP_PKEY_free(key);
THROW_IOEXCEPTION("Certificate '%s' does not have a RSA public key, can not verify signature.", x509.getSubject().c_str());
}
RSA* publicKey = EVP_PKEY_get1_RSA(key);
// Verify signature with RSA public key.
int result = RSA_verify(digestMethod, &digest[0], digest.size(), &signature[0], signature.size(), publicKey);
RSA_free(publicKey);
EVP_PKEY_free(key);
return (result == 1);
}
开发者ID:Krabi,项目名称:idkaart_public,代码行数:35,代码来源:RSACrypt.cpp
示例14: PKI_decrypt
SEXP PKI_decrypt(SEXP what, SEXP sKey) {
SEXP res;
EVP_PKEY *key;
RSA *rsa;
int len;
if (TYPEOF(what) != RAWSXP)
Rf_error("invalid payload to sign - must be a raw vector");
if (!inherits(sKey, "private.key"))
Rf_error("invalid key object");
key = (EVP_PKEY*) R_ExternalPtrAddr(sKey);
if (!key)
Rf_error("NULL key");
if (EVP_PKEY_type(key->type) != EVP_PKEY_RSA)
Rf_error("Sorry only RSA keys are supported at this point");
rsa = EVP_PKEY_get1_RSA(key);
if (!rsa)
Rf_error("%s", ERR_error_string(ERR_get_error(), NULL));
len = RSA_private_decrypt(LENGTH(what), RAW(what), (unsigned char*) buf, rsa, RSA_PKCS1_PADDING);
if (len < 0)
Rf_error("%s", ERR_error_string(ERR_get_error(), NULL));
res = allocVector(RAWSXP, len);
memcpy(RAW(res), buf, len);
return res;
}
开发者ID:prateek05,项目名称:PKI,代码行数:24,代码来源:pki-x509.c
示例15: verify_image
/*
Function to verify a given image and signature.
Reference implementation in the Little Kernel source in "platform/msm_shared/image_verify.c"
Returns -1 if somethings fails otherwise 0
*/
int verify_image(unsigned char *image_ptr, unsigned char *signature_ptr, unsigned int image_size)
{
X509 *x509_certificate = NULL;
EVP_PKEY *pub_key = NULL;
RSA *rsa_key = NULL;
unsigned char *plain_text = NULL;
unsigned char digest[65];
unsigned int hash_size = SHA256_SIZE;
int ret = 0;
/*
Load certificate
*/
FILE *fcert;
fcert = fopen("prodcert.pem", "rb");
if (fcert == NULL){
fclose(fcert);
std::cerr << "[ ERROR ] Missing certificate" << std::endl;
ret = -1;
goto cleanup;
}
x509_certificate = PEM_read_X509(fcert, NULL, NULL, NULL);
fclose(fcert);
/*
Obtain RSA key
*/
pub_key = X509_get_pubkey(x509_certificate);
rsa_key = EVP_PKEY_get1_RSA(pub_key);
if (rsa_key == NULL){
std::cerr << "[ ERROR ] Couldn't obtain key from certificate" << std::endl;
ret = -1;
goto cleanup;
}
/*
Create buffer for decrypted hash
*/
plain_text = (unsigned char *)calloc(sizeof(char), SIGNATURE_SIZE);
if (plain_text == NULL) {
std::cerr << "[ ERROR ] calloc failed during verification" << std::endl;
ret = -1;
goto cleanup;
}
/*
Decrypt hash
*/
RSA_public_decrypt(SIGNATURE_SIZE, signature_ptr, plain_text, rsa_key, RSA_PKCS1_PADDING);
/*
Hash the image
*/
sha256_buffer(image_ptr, image_size, digest);
/*
Check if signature is equal to the calculated hash
*/
if (memcmp(plain_text, digest, hash_size) != 0) {
std::cerr << std::endl << "[ ERROR ] Invalid signature" << std::endl;
ret = -1;
goto cleanup;
}
else {
std::cerr << std::endl << "[ SUCCESS ] The signature is valid!" << std::endl;
}
/* Cleanup after complete usage of openssl - cached data and objects */
cleanup:
if (rsa_key != NULL)
RSA_free(rsa_key);
if (x509_certificate != NULL)
X509_free(x509_certificate);
if (pub_key != NULL)
EVP_PKEY_free(pub_key);
if (plain_text != NULL)
free(plain_text);
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
return ret;
}
开发者ID:iamfleeDemetria,项目名称:Cuber,代码行数:87,代码来源:cuber.cpp
示例16: tls_configure_ssl_keypair
int
tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx,
struct tls_keypair *keypair, int required)
{
EVP_PKEY *pkey = NULL;
BIO *bio = NULL;
if (!required &&
keypair->cert_mem == NULL &&
keypair->key_mem == NULL)
return(0);
if (keypair->cert_mem != NULL) {
if (keypair->cert_len > INT_MAX) {
tls_set_errorx(ctx, "certificate too long");
goto err;
}
if (SSL_CTX_use_certificate_chain_mem(ssl_ctx,
keypair->cert_mem, keypair->cert_len) != 1) {
tls_set_errorx(ctx, "failed to load certificate");
goto err;
}
if (tls_keypair_pubkey_hash(keypair, &keypair->pubkey_hash) == -1)
goto err;
}
if (keypair->key_mem != NULL) {
if (keypair->key_len > INT_MAX) {
tls_set_errorx(ctx, "key too long");
goto err;
}
if ((bio = BIO_new_mem_buf(keypair->key_mem,
keypair->key_len)) == NULL) {
tls_set_errorx(ctx, "failed to create buffer");
goto err;
}
if ((pkey = PEM_read_bio_PrivateKey(bio, NULL, tls_password_cb,
NULL)) == NULL) {
tls_set_errorx(ctx, "failed to read private key");
goto err;
}
if (keypair->pubkey_hash != NULL) {
RSA *rsa;
/* XXX only RSA for now for relayd privsep */
if ((rsa = EVP_PKEY_get1_RSA(pkey)) != NULL) {
RSA_set_ex_data(rsa, 0, keypair->pubkey_hash);
RSA_free(rsa);
}
}
if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1) {
tls_set_errorx(ctx, "failed to load private key");
goto err;
}
BIO_free(bio);
bio = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
}
if (!ctx->config->skip_private_key_check &&
SSL_CTX_check_private_key(ssl_ctx) != 1) {
tls_set_errorx(ctx, "private/public key mismatch");
goto err;
}
return (0);
err:
EVP_PKEY_free(pkey);
BIO_free(bio);
return (1);
}
开发者ID:soundsrc,项目名称:git-lfs-server,代码行数:77,代码来源:tls.c
示例17: generate_certificate
/** Generate a new certificate for our loaded or generated keys, and write it
* to disk. Return 0 on success, nonzero on failure. */
static int
generate_certificate(void)
{
char buf[8192];
time_t now = time(NULL);
struct tm tm;
char published[ISO_TIME_LEN+1];
char expires[ISO_TIME_LEN+1];
char id_digest[DIGEST_LEN];
char fingerprint[FINGERPRINT_LEN+1];
char *ident = key_to_string(identity_key);
char *signing = key_to_string(signing_key);
FILE *f;
size_t signed_len;
char digest[DIGEST_LEN];
char signature[1024]; /* handles up to 8192-bit keys. */
int r;
get_fingerprint(identity_key, fingerprint);
get_digest(identity_key, id_digest);
tor_localtime_r(&now, &tm);
tm.tm_mon += months_lifetime;
format_iso_time(published, now);
format_iso_time(expires, mktime(&tm));
tor_snprintf(buf, sizeof(buf),
"dir-key-certificate-version 3"
"%s%s"
"\nfingerprint %s\n"
"dir-key-published %s\n"
"dir-key-expires %s\n"
"dir-identity-key\n%s"
"dir-signing-key\n%s"
"dir-key-crosscert\n"
"-----BEGIN ID SIGNATURE-----\n",
address?"\ndir-address ":"", address?address:"",
fingerprint, published, expires, ident, signing
);
tor_free(ident);
tor_free(signing);
/* Append a cross-certification */
r = RSA_private_encrypt(DIGEST_LEN, (unsigned char*)id_digest,
(unsigned char*)signature,
EVP_PKEY_get1_RSA(signing_key),
RSA_PKCS1_PADDING);
signed_len = strlen(buf);
base64_encode(buf+signed_len, sizeof(buf)-signed_len, signature, r);
strlcat(buf,
"-----END ID SIGNATURE-----\n"
"dir-key-certification\n", sizeof(buf));
signed_len = strlen(buf);
SHA1((const unsigned char*)buf,signed_len,(unsigned char*)digest);
r = RSA_private_encrypt(DIGEST_LEN, (unsigned char*)digest,
(unsigned char*)signature,
EVP_PKEY_get1_RSA(identity_key),
RSA_PKCS1_PADDING);
strlcat(buf, "-----BEGIN SIGNATURE-----\n", sizeof(buf));
signed_len = strlen(buf);
base64_encode(buf+signed_len, sizeof(buf)-signed_len, signature, r);
strlcat(buf, "-----END SIGNATURE-----\n", sizeof(buf));
if (!(f = fopen(certificate_file, "w"))) {
log_err(LD_GENERAL, "Couldn't open %s for writing: %s",
certificate_file, strerror(errno));
return 1;
}
fputs(buf, f);
fclose(f);
return 0;
}
开发者ID:chenglong7997,项目名称:Tor,代码行数:79,代码来源:tor-gencert.c
示例18: ndn_keypair
int
ndn_keypair(int public_only, struct ndn_pkey *private_key,
PyObject **py_private_key_ndn, PyObject **py_public_key_ndn)
{
struct ndn_pkey *public_key = NULL;
struct ndn_pkey *private_key_copy = NULL;
PyObject *py_private_key = NULL, *py_public_key = NULL;
unsigned int err;
int r;
if (!public_only && py_private_key_ndn) {
private_key_copy = (struct ndn_pkey *) EVP_PKEY_new();
JUMP_IF_NULL(private_key_copy, openssl_error);
py_private_key = NDNObject_New(PKEY_PRIV, private_key_copy);
JUMP_IF_NULL(py_private_key, error);
RSA *private_key_rsa = EVP_PKEY_get1_RSA ((EVP_PKEY *)private_key);
JUMP_IF_NULL(private_key_rsa, openssl_error);
RSA* private_key_rsa_copy = RSAPrivateKey_dup (private_key_rsa);
JUMP_IF_NULL(private_key_rsa_copy, openssl_error);
r = EVP_PKEY_set1_RSA((EVP_PKEY *) private_key_copy, private_key_rsa_copy);
RSA_free(private_key_rsa_copy);
JUMP_IF_NULL(r, error);
}
if (py_public_key_ndn) {
public_key = (struct ndn_pkey *) EVP_PKEY_new();
JUMP_IF_NULL(public_key, openssl_error);
py_public_key = NDNObject_New(PKEY_PUB, public_key);
JUMP_IF_NULL(py_public_key, error);
RSA *private_key_rsa = EVP_PKEY_get1_RSA ((EVP_PKEY *)private_key);
JUMP_IF_NULL(private_key_rsa, openssl_error);
RSA* public_key_rsa = RSAPublicKey_dup (private_key_rsa);
JUMP_IF_NULL(public_key_rsa, openssl_error);
r = EVP_PKEY_set1_RSA((EVP_PKEY *) public_key, public_key_rsa);
RSA_free(public_key_rsa);
JUMP_IF_NULL(r, error);
}
if (py_private_key_ndn) {
*py_private_key_ndn = public_only ? (Py_INCREF(Py_None), Py_None) :
py_private_key;
}
if (py_public_key_ndn)
*py_public_key_ndn = py_public_key;
return 0;
openssl_error:
err = ERR_get_error();
PyErr_Format(g_PyExc_NDNKeyError, "Unable to generate keypair from the key:"
" %s", ERR_reason_error_string(err));
error:
if (!py_public_key && public_key)
ndn_pubkey_free(public_key);
Py_XDECREF(py_public_key);
Py_XDECREF(py_private_key);
return -1;
}
开发者ID:cawka,项目名称:PyNDN,代码行数:67,代码来源:key_utils.c
示例19: CompareCertToRSA
/**
* @retval 1 equal
* @retval 0 not equal
* @retval -1 error
*/
static int CompareCertToRSA(X509 *cert, RSA *rsa_key)
{
int ret;
int retval = -1; /* ERROR */
EVP_PKEY *cert_pkey = X509_get_pubkey(cert);
if (cert_pkey == NULL)
{
Log(LOG_LEVEL_ERR, "X509_get_pubkey: %s",
TLSErrorString(ERR_get_error()));
goto ret1;
}
if (EVP_PKEY_type(cert_pkey->type) != EVP_PKEY_RSA)
{
Log(LOG_LEVEL_ERR,
"Received key of unknown type, only RSA currently supported!");
goto ret2;
}
RSA *cert_rsa_key = EVP_PKEY_get1_RSA(cert_pkey);
if (cert_rsa_key == NULL)
{
Log(LOG_LEVEL_ERR, "TLSVerifyPeer: EVP_PKEY_get1_RSA failed!");
goto ret2;
}
EVP_PKEY *rsa_pkey = EVP_PKEY_new();
if (rsa_pkey == NULL)
{
Log(LOG_LEVEL_ERR, "TLSVerifyPeer: EVP_PKEY_new allocation failed!");
goto ret3;
}
ret = EVP_PKEY_set1_RSA(rsa_pkey, rsa_key);
if (ret == 0)
{
Log(LOG_LEVEL_ERR, "TLSVerifyPeer: EVP_PKEY_set1_RSA failed!");
goto ret4;
}
ret = EVP_PKEY_cmp(cert_pkey, rsa_pkey);
if (ret == 1)
{
Log(LOG_LEVEL_DEBUG,
"Public key to certificate compare equal");
retval = 1; /* EQUAL */
}
else if (ret == 0 || ret == -1)
{
Log(LOG_LEVEL_DEBUG,
"Public key to certificate compare different");
retval = 0; /* NOT EQUAL */
}
else
{
Log(LOG_LEVEL_ERR, "OpenSSL EVP_PKEY_cmp: %d %s",
ret, TLSErrorString(ERR_get_error()));
}
ret4:
EVP_PKEY_free(rsa_pkey);
ret3:
RSA_free(cert_rsa_key);
ret2:
EVP_PKEY_free(cert_pkey);
ret1:
return retval;
}
开发者ID:Kegeruneku,项目名称:core,代码行数:74,代码来源:tls_generic.c
示例20: sc_pkcs15_convert_pubkey
int
sc_pkcs15_convert_pubkey(struct sc_pkcs15_pubkey *pkcs15_key, void *evp_key)
{
#ifdef ENABLE_OPENSSL
EVP_PKEY *pk = (EVP_PKEY *)evp_key;
switch (pk->type) {
case EVP_PKEY_RSA: {
struct sc_pkcs15_pubkey_rsa *dst = &pkcs15_key->u.rsa;
RSA *src = EVP_PKEY_get1_RSA(pk);
pkcs15_key->algorithm = SC_ALGORITHM_RSA;
if (!sc_pkcs15_convert_bignum(&dst->modulus, src->n) || !sc_pkcs15_convert_bignum(&dst->exponent, src->e))
return SC_ERROR_INVALID_DATA;
RSA_free(src);
break;
}
case EVP_PKEY_DSA: {
struct sc_pkcs15_pubkey_dsa *dst = &pkcs15_key->u.dsa;
DSA *src = EVP_PKEY_get1_DSA(pk);
pkcs15_key->algorithm = SC_ALGORITHM_DSA;
sc_pkcs15_convert_bignum(&dst->pub, src->pub_key);
sc_pkcs15_convert_bignum(&dst->p, src->p);
sc_pkcs15_convert_bignum(&dst->q, src->q);
sc_pkcs15_convert_bignum(&dst->g, src->g);
DSA_free(src);
break;
}
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(OPENSSL_NO_EC)
case NID_id_GostR3410_2001: {
struct sc_pkcs15_pubkey_gostr3410 *dst = &pkcs15_key->u.gostr3410;
EC_KEY *eckey = EVP_PKEY_get0(pk);
const EC_POINT *point;
BIGNUM *X, *Y;
int r = 0;
assert(eckey);
point = EC_KEY_get0_public_key(eckey);
if (!point)
return SC_ERROR_INTERNAL;
X = BN_new();
Y = BN_new();
if (X && Y && EC_KEY_get0_group(eckey))
r = EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(eckey),
point, X, Y, NULL);
if (r == 1) {
dst->xy.len = BN_num_bytes(X) + BN_num_bytes(Y);
dst->xy.data = malloc(dst->xy.len);
if (dst->xy.data) {
BN_bn2bin(Y, dst->xy.data);
BN_bn2bin(X, dst->xy.data + BN_num_bytes(Y));
r = sc_mem_reverse(dst->xy.data, dst->xy.len);
if (!r)
r = 1;
pkcs15_key->algorithm = SC_ALGORITHM_GOSTR3410;
}
else
r = -1;
}
BN_free(X);
BN_free(Y);
if (r != 1)
return SC_ERROR_INTERNAL;
break;
}
case EVP_PKEY_EC: {
struct sc_pkcs15_pubkey_ec *dst = &pkcs15_key->u.ec;
EC_KEY *src = NULL;
const EC_GROUP *grp = NULL;
unsigned char buf[255];
size_t buflen = 255;
int nid;
src = EVP_PKEY_get0(pk);
assert(src);
assert(EC_KEY_get0_public_key(src));
pkcs15_key->algorithm = SC_ALGORITHM_EC;
grp = EC_KEY_get0_group(src);
if(grp == 0)
return SC_ERROR_INCOMPATIBLE_KEY;
/* Decode EC_POINT from a octet string */
buflen = EC_POINT_point2oct(grp, (const EC_POINT *) EC_KEY_get0_public_key(src),
POINT_CONVERSION_UNCOMPRESSED, buf, buflen, NULL);
/* get curve name */
nid = EC_GROUP_get_curve_name(grp);
if(nid != 0) {
const char *name = OBJ_nid2sn(nid);
if(sizeof(name) > 0)
dst->params.named_curve = strdup(name);
}
/* copy the public key */
if (buflen > 0) {
dst->ecpointQ.value = malloc(buflen);
memcpy(dst->ecpointQ.value, buf, buflen);
dst->ecpointQ.len = buflen;
//.........这里部分代码省略.........
开发者ID:akatopaz,项目名称:OpenSC,代码行数:101,代码来源:pkcs15-pubkey.c
注:本文中的EVP_PKEY_get1_RSA函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论