ENVELOP_API int env_init(IN const char * cert,IN const char * key)
{
//初始化Openssl
do {
CRYPTO_malloc_init();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
ERR_load_PEM_strings();//TaoNote ,如果不调这个函数,则在读读取PEM时会异常
ERR_load_crypto_strings();
} while(0);
//检查证书文件是否可用
if(cert != NULL)
{
if(g_pub_key != NULL)
EVP_PKEY_free(g_pub_key);
g_pub_key = read_pub_key(cert);
if(!g_pub_key)
return ERR_ENV_CERT_INVALID;
g_pub_key_size = EVP_PKEY_size(g_pub_key);
}
//检查私钥文件是否可用
if(g_prv_key != NULL)
EVP_PKEY_free(g_prv_key);
g_prv_key = read_private_key(key);
if (!g_prv_key)
return ERR_ENV_KEY_INVALID;
return 0;
}
///设置对方的证书文件
ENVELOP_API int env_set_peer_cert(
IN int id, ///< 由对方的ID
IN const char * name,
IN const char * cert///< 对方的证书文件名
)
{
int ret = 0;
char path[128];
EVP_PKEY * pub_key ;
LinkList node = NULL;
cc_get_path(name,path);
ret = cc_save(path,cert);
if(ret != 0)
return ret;
pub_key = read_pub_key(path);
if(!pub_key)
return ERR_ENV_CERT_INVALID;
node = (LinkList)malloc(sizeof(LNode));
node->id = id;
node->data = pub_key;
ListAppend_L(g_pub_key_list,node);
return 0;
}
int
get_pub_key (unsigned char *ID, PUBLIC_KEY * pubkey)
{
/* must return key id and algorithm identifier */
unsigned char line[1024], IDstr[80];
unsigned char newID[16];
int found = 0;
FILE *pubring;
FILE *publock;
encode_ID (IDstr, ID);
mix_lock ("pubring", &publock);
if ((pubring = open_mix_file (PUBRING, "r")) == NULL)
{
mix_unlock ("pubring", publock);
return (-1);
}
while (!found)
{
getline (line, sizeof (line), pubring);
while (!streq (line, begin_key))
{
if (getline (line, sizeof (line), pubring) == NULL)
{
fprintf (errlog, "End of file pubring.mix\n");
fclose (pubring);
mix_unlock ("pubring", publock);
return (-1);
}
}
getline (line, sizeof (line), pubring);
if (strstr (line, IDstr))
{
read_pub_key (pubring, pubkey, newID);
/* compare new ID with passed ID */
if (memcmp (ID, newID, 16) != 0)
{
fprintf (errlog, "Error: Public Key IDs do not match!\n");
break;
}
found = 1; /* this will end the loop */
}
}
fclose (pubring);
mix_unlock ("pubring", publock);
if (found)
return (0);
return (1);
}
ENVELOP_API int env_check(IN const char * cert,IN const char * key)
{
EVP_PKEY * pub_key = NULL;
EVP_PKEY * prv_key = NULL;
pub_key = read_pub_key(cert);
if(!pub_key)
return ERR_ENV_CERT_INVALID;
EVP_PKEY_free(pub_key);
prv_key = read_private_key(key);
if(!prv_key)
return ERR_ENV_KEY_INVALID;
EVP_PKEY_free(prv_key);
return 0;
}
