int generate_rsa(void)
{
int iRet = EXIT_SUCCESS;
EVP_PKEY* pPrivKey = NULL;
EVP_PKEY* pPubKey = NULL;
FILE* pFile = NULL;
const EVP_CIPHER* pCipher = NULL;
init_openssl();
pPrivKey = create_rsa_key();
pPubKey = create_rsa_key();
if(pPrivKey && pPubKey)
{/* Save the keys */
if((pFile = fopen("privkey.pem","wt")) && (pCipher = EVP_aes_256_cbc()))
{
if(!PEM_write_PrivateKey(pFile,pPrivKey,pCipher,
(unsigned char*)pcszPassphrase,
(int)strlen(pcszPassphrase),NULL,NULL))
{
fprintf(stderr,"PEM_write_PrivateKey failed.\n");
handle_openssl_error();
iRet = EXIT_FAILURE;
}
fclose(pFile);
pFile = NULL;
if(iRet == EXIT_SUCCESS)
{
if((pFile = fopen("pubkey.pem","wt")) && PEM_write_PUBKEY(pFile,pPubKey))
fprintf(stderr,"Both keys saved.\n");
else
{
handle_openssl_error();
iRet = EXIT_FAILURE;
}
if(pFile)
{
fclose(pFile);
pFile = NULL;
}
}
}
else
{
fprintf(stderr,"Cannot create \"privkey.pem\".\n");
handle_openssl_error();
iRet = EXIT_FAILURE;
if(pFile)
{
fclose(pFile);
pFile = NULL;
}
}
if(iRet == EXIT_SUCCESS)
{/* Read the keys */
EVP_PKEY_free(pPrivKey);
pPrivKey = NULL;
EVP_PKEY_free(pPubKey);
pPubKey = NULL;
if((pFile = fopen("privkey.pem","rt")) &&
(pPrivKey = PEM_read_PrivateKey(pFile,NULL,passwd_callback,(void*)pcszPassphrase)))
{
fprintf(stderr,"Private key read.\n");
}
else
{
fprintf(stderr,"Cannot read \"privkey.pem\".\n");
handle_openssl_error();
iRet = EXIT_FAILURE;
}
if(pFile)
{
fclose(pFile);
pFile = NULL;
}
if((pFile = fopen("pubkey.pem","rt")) &&
(pPubKey = PEM_read_PUBKEY(pFile,NULL,NULL,NULL)))
{
fprintf(stderr,"Public key read.\n");
}
else
{
fprintf(stderr,"Cannot read \"pubkey.pem\".\n");
handle_openssl_error();
iRet = EXIT_FAILURE;
}
char msg[2048/8]; // Get rid of the newline
int session_seed = rand();
sprintf(msg, "%d", session_seed);
// Encrypt the message
}
}
if(pPrivKey)
{
EVP_PKEY_free(pPrivKey);
pPrivKey = NULL;
}
if(pPubKey)
{
EVP_PKEY_free(pPubKey);
pPubKey = NULL;
}
cleanup_openssl();
return iRet;
}
/**
*
* \brief Main exchange-tls12 function. For help on arguments
* see the usage() above.
*
* \param[in] argc - the number of arguments passed into the
* command line
* \param[in] argv - a pointer to the array of arguments
* \return 0 for success
*/
int main(int argc, char *argv[])
{
int err = 0;
int cmd = -1;
char ch;
uint32_t is_server = 0;
uint32_t is_client = 0;
char *ca_path = NULL;
char *chain_file = NULL;
char *cert_file = NULL;
char *key_file = NULL;
char *engine_id = NULL;
char *cipher_list = NULL;
char *ip_address = "127.0.0.1";
uint16_t port_number = PORT_NUMBER_DEFAULT;
char cwd[200];
char cmd_buffer[256];
int buf_len = 128;
verify_depth = 0;
if (getcwd(cwd, sizeof(cwd)) != NULL) {
fprintf(stderr, "Current working dir: %s\n", cwd);
} else {
fprintf(stderr, "getcwd() error");
return 100;
}
snprintf(cmd_buffer, 256, "%s/certstore", cwd);
while ((ch = getopt(argc, argv, "C:Ec:sp:b:f:k:e:d:I:P:vh?")) != (char)-1) {
switch (ch) {
case 'C':
cmd = strtol(optarg, NULL, 0);
break;
case 'E':
cmd = ECCX08_CMD_EXTRACT_ALL_CERTS;
break;
case 'c':
is_client = 1;
cipher_list = strdup(optarg);
break;
case 's':
is_server = 1;
break;
case 'p':
ca_path = strdup(optarg);
break;
case 'b':
chain_file = strdup(optarg);
break;
case 'f':
cert_file = strdup(optarg);
break;
case 'k':
key_file = strdup(optarg);
break;
case 'e':
engine_id = strdup(optarg);
break;
case 'd':
verify_depth = strtol(optarg, NULL, 0);
break;
case 'I':
ip_address = strdup(optarg);
break;
case 'P':
port_number = strtol(optarg, NULL, 0);
break;
case 'v':
printf("Exchange version = %s\n", EXCHANGE_VERSION);
cmd = ECCX08_CMD_GET_VERSION;
break;
case 'h':
case '?':
default:
usage();
break;
}
}
if (cmd != -1) {
if (!engine_id) {
fprintf(stderr, "\nNo Engine specified - cannot run a command\n");
return (10);
}
init_openssl();
err = setup_engine(engine_id);
if (err == 0) {
err = 19;
goto done;
}
err = run_engine_cmds(engine_id, cmd, cmd_buffer, buf_len);
if (err == 0) {
err = 20;
goto done;
}
if ('\0' != cmd_buffer) {
printf("%s\n", cmd_buffer);
}
err = 0;
goto done;
}
if ((is_server || is_client) == 0) {
fprintf(stderr, "\nMust specify -c or -s option");
usage();
} else if ((is_server && is_client) == 1) {
fprintf(stderr, "\nCannot specify both -c or -s options");
usage();
}
if (!ca_path) {
fprintf(stderr, "\nMust specify CA path");
usage();
}
if (!chain_file) {
fprintf(stderr, "\nMust specify Chain File (certificate bundle)");
usage();
}
if (!cert_file) {
fprintf(stderr, "\nMust specify Certificate File");
usage();
}
if (!key_file) {
fprintf(stderr, "\nMust specify Private Key File");
usage();
}
if (!engine_id) {
fprintf(stderr, "\nNo Engine specified - using software crypto/ssl libraries\n");
}
if (is_server) {
err = connect_server(engine_id, ca_path, chain_file, cert_file, key_file,
ip_address, port_number);
} else {
err = connect_client(engine_id, ca_path, chain_file, cert_file, key_file, cipher_list,
ip_address, port_number);
}
sleep(2);
return (err);
done:
sleep(2);
cleanup_openssl();
return (err);
}
