コード例 #1
0
ファイル: utils.cpp プロジェクト: athongintel/irm5-ec_crypto
int utils::Base64Decode(char* b64message, size_t* length, unsigned char** buffer) { //Decodes a base64 encoded string
	BIO *bio, *b64;

	int decodeLen = calcDecodeLength(b64message);
	*buffer = (unsigned char*)malloc(decodeLen + 1);
	(*buffer)[decodeLen] = '\0';

	bio = BIO_new_mem_buf(b64message, -1);
	b64 = BIO_new(BIO_f_base64());
	bio = BIO_push(b64, bio);

	BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); //Do not use newlines to flush buffer
	*length = BIO_read(bio, *buffer, strlen(b64message));
	//length should equal decodeLen, else something went horribly wrong
	BIO_free_all(bio);

	return (*length == decodeLen); //success
}
コード例 #2
0
ファイル: CryptoHandler.cpp プロジェクト: OlegUA/ffead-cpp
char* CryptoHandler::base64decode(unsigned char *input, int length)
{
	BIO *b64, *bmem;

	char *buffer = (char *)malloc(length);
	memset(buffer, 0, length);

	b64 = BIO_new(BIO_f_base64());
	BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
	bmem = BIO_new_mem_buf(input, length);
	bmem = BIO_push(b64, bmem);

	BIO_read(bmem, buffer, length);

	BIO_free_all(bmem);

	return buffer;
}
コード例 #3
0
ファイル: be-secure.c プロジェクト: Deepakkothandan/postgres
/*
 *	Load hardcoded DH parameters.
 *
 *	To prevent problems if the DH parameters files don't even
 *	exist, we can load DH parameters hardcoded into this file.
 */
static DH  *
load_dh_buffer(const char *buffer, size_t len)
{
	BIO		   *bio;
	DH		   *dh = NULL;

	bio = BIO_new_mem_buf((char *) buffer, len);
	if (bio == NULL)
		return NULL;
	dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
	if (dh == NULL)
		ereport(DEBUG2,
				(errmsg_internal("DH load buffer: %s",
								 SSLerrmessage())));
	BIO_free(bio);

	return dh;
}
コード例 #4
0
ファイル: regress_ssl.c プロジェクト: Cue/Pincaster
static EVP_PKEY *
getkey(void)
{
	EVP_PKEY *key;
	BIO *bio;

	/* new read-only BIO backed by KEY. */
	bio = BIO_new_mem_buf((char*)KEY, -1);
	tt_assert(bio);

	key = PEM_read_bio_PrivateKey(bio,NULL,NULL,NULL);
	BIO_free(bio);
	tt_assert(key);

	return key;
end:
	return NULL;
}
コード例 #5
0
ファイル: ssl_openssl.c プロジェクト: kruton/openvpn
void
tls_ctx_load_extra_certs (struct tls_root_ctx *ctx, const char *extra_certs_file,
    const char *extra_certs_file_inline
    )
{
  BIO *in;
  if (!strcmp (extra_certs_file, INLINE_FILE_TAG) && extra_certs_file_inline)
    in = BIO_new_mem_buf ((char *)extra_certs_file_inline, -1);
  else
    in = BIO_new_file (extra_certs_file, "r");

  if (in == NULL)
    msg (M_SSLERR, "Cannot load extra-certs file: %s", extra_certs_file);
  else
    tls_ctx_add_extra_certs (ctx, in);

  BIO_free (in);
}
コード例 #6
0
ファイル: ssl_rsa.c プロジェクト: Heratom/Firefly-project
int
SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
{
	BIO *in;
	int ret = 0;

	in = BIO_new_mem_buf(buf, len);
	if (in == NULL) {
		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
		goto end;
	}

	ret = ssl_ctx_use_certificate_chain_bio(ctx, in);

end:
	BIO_free(in);
	return (ret);
}
コード例 #7
0
  bool TLSEncryption::load_certificate(const char* certificate_buf)
  {
        if (!certificate_buf) return false;
        bool result = false;
         
#if defined(SSL_LIB_OPENSSL)        

        X509 *cert = NULL;
        EVP_PKEY *pkey = NULL;
        BIO *bio_buffer; 
        //create readonly memory BIO
        if (!(bio_buffer = BIO_new_mem_buf((void*)certificate_buf, -1))) return false; //certificate_buf should be null terminated;  
             
        //load PEM cert from buffer
        if(PEM_read_bio_X509(bio_buffer, &cert, 0, NULL))
        {             
                result = (SSL_CTX_use_certificate(m_ctx, cert) == SSL_SUCCESS);                
                X509_free(cert);
                BIO_reset(bio_buffer);
        }                 
        
        //load PEM private key from buffer
        if(result && PEM_read_bio_PrivateKey(bio_buffer, &pkey, 0, NULL)) 
        {
                result = (SSL_CTX_use_PrivateKey(m_ctx, pkey) == SSL_SUCCESS);                                               
                EVP_PKEY_free(pkey);
        }
             
        BIO_free(bio_buffer);   
        
#elif defined(SSL_LIB_CYASSL)   

        uint certificate_buf_len = strlen(certificate_buf);
        if (CyaSSL_CTX_use_certificate_buffer(m_ctx, (const unsigned char*)certificate_buf, 
                        certificate_buf_len, SSL_FILETYPE_PEM) == SSL_SUCCESS) {
                
                result = (CyaSSL_CTX_use_PrivateKey_buffer(m_ctx, (const unsigned char*)certificate_buf, 
                        certificate_buf_len, SSL_FILETYPE_PEM) == SSL_SUCCESS);        
        }      
                 
#endif  

        return result; 
  }
コード例 #8
0
ファイル: packer.cpp プロジェクト: MobinRanjbar/tdesktop
QString countBetaVersionSignature(quint64 version) { // duplicated in autoupdate.cpp
	QByteArray cBetaPrivateKey(BetaPrivateKey);
	if (cBetaPrivateKey.isEmpty()) {
		cout << "Error: Trying to count beta version signature without beta private key!\n";
		return QString();
	}

	QByteArray signedData = (QLatin1String("TelegramBeta_") + QString::number(version, 16).toLower()).toUtf8();

	static const int32 shaSize = 20, keySize = 128;

	uchar sha1Buffer[shaSize];
	hashSha1(signedData.constData(), signedData.size(), sha1Buffer); // count sha1

	uint32 siglen = 0;

	RSA *prKey = PEM_read_bio_RSAPrivateKey(BIO_new_mem_buf(const_cast<char*>(cBetaPrivateKey.constData()), -1), 0, 0, 0);
	if (!prKey) {
		cout << "Error: Could not read beta private key!\n";
		return QString();
	}
	if (RSA_size(prKey) != keySize) {
		cout << "Error: Bad beta private key size: " << RSA_size(prKey) << "\n";
		RSA_free(prKey);
		return QString();
	}
	QByteArray signature;
	signature.resize(keySize);
	if (RSA_sign(NID_sha1, (const uchar*)(sha1Buffer), shaSize, (uchar*)(signature.data()), &siglen, prKey) != 1) { // count signature
		cout << "Error: Counting beta version signature failed!\n";
		RSA_free(prKey);
		return QString();
	}
	RSA_free(prKey);

	if (siglen != keySize) {
		cout << "Error: Bad beta version signature length: " << siglen << "\n";
		return QString();
	}

	signature = signature.toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals);
	signature = signature.replace('-', '8').replace('_', 'B');
	return QString::fromUtf8(signature.mid(19, 32));
}
コード例 #9
0
ファイル: context.c プロジェクト: armatys/luasec
/**
 * Call Lua user function to get the DH key.
 */
static DH *dhparam_cb(SSL *ssl, int is_export, int keylength)
{
  BIO *bio;
  lua_State *L;
  DH *dh_tmp = NULL;
  SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
  p_context pctx = (p_context)SSL_CTX_get_app_data(ctx);

  L = pctx->L;

  /* Get the callback */
  luaL_getmetatable(L, "SSL:DH:Registry");
  lua_pushlightuserdata(L, (void*)ctx);
  lua_gettable(L, -2);

  /* Invoke the callback */
  lua_pushboolean(L, is_export);
  lua_pushnumber(L, keylength);
  lua_call(L, 2, 1);

  /* Load parameters from returned value */
  if (lua_type(L, -1) != LUA_TSTRING) {
    lua_pop(L, 2);  /* Remove values from stack */
    return NULL;
  }
  bio = BIO_new_mem_buf((void*)lua_tostring(L, -1), 
    lua_rawlen(L, -1));
  if (bio) {
    dh_tmp = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
    BIO_free(bio);
  }

  /*
   * OpenSSL exepcts the callback to maintain a reference to the DH*.  So,
   * cache it here, and clean up the previous set of parameters.  Any remaining
   * set is cleaned up when destroying the LuaSec context.
   */
  if (pctx->dh_param)
    DH_free(pctx->dh_param);
  pctx->dh_param = dh_tmp;

  lua_pop(L, 2);    /* Remove values from stack */
  return dh_tmp;
}
コード例 #10
0
ファイル: key_utils.c プロジェクト: Emat12/PyCCN
int
put_key_pem(int is_public_only, PyObject *py_key_pem,
		PyObject **py_private_key_ccn, PyObject **py_public_key_ccn,
		PyObject **py_public_key_digest)
{
	unsigned char *key_pem;
	Py_ssize_t pem_len;
	RSA *key_rsa = NULL;
	BIO *bio = NULL;
	int r;
	unsigned long err;

	r = PyBytes_AsStringAndSize(py_key_pem, (char **) &key_pem, &pem_len);
	JUMP_IF_NEG(r, error);

	bio = BIO_new_mem_buf(key_pem, pem_len);
	JUMP_IF_NULL(bio, openssl_error);

	if (is_public_only)
		key_rsa = PEM_read_bio_RSAPublicKey(bio, NULL, NULL, NULL);
	else
		key_rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
	JUMP_IF_NULL(key_rsa, openssl_error);

	r = ccn_keypair_from_rsa(is_public_only, key_rsa, py_private_key_ccn,
			py_public_key_ccn);
	JUMP_IF_NEG(r, error);

	r = create_public_key_digest(key_rsa, py_public_key_digest, NULL);
	JUMP_IF_NEG(r, error);

	RSA_free(key_rsa);

	return 0;

openssl_error:
	err = ERR_get_error();
	PyErr_Format(g_PyExc_CCNKeyError, "Unable to parse key: %s",
			ERR_reason_error_string(err));
error:
	RSA_free(key_rsa);
	BIO_free(bio);
	return -1;
}
コード例 #11
0
ファイル: afc.c プロジェクト: keyidadi/asuwrt
/* 
功能:验证签名 
入口: 
char*certFile    证书(含匙) 
char* plainText  明文 
char* cipherText 签名 
出口: 
bool true  签名验证成功 
bool false 验证失败 
*/  
bool PKCS7_VerifySign(char*certFile,char* plainText,char* cipherText )  
{  
    /* Get X509 */  
    FILE* fp = fopen (certFile, "r");  
    if (fp == NULL)   
        return false;  
    X509* x509 = PEM_read_X509(fp, NULL, NULL, NULL);  
    fclose (fp);  
  
    if (x509 == NULL) {  
        ERR_print_errors_fp (stderr);  
        return false;  
    }  
  
    //BASE64解码  
    unsigned char *retBuf[1024*8];  
    int retBufLen = sizeof(retBuf);  
    memset(retBuf,0,sizeof(retBuf));  
    decodeBase64(cipherText,(void *)retBuf,&retBufLen);  
  
    //从签名中取PKCS7对象  
    BIO* vin = BIO_new_mem_buf(retBuf,retBufLen);  
    PKCS7 *p7 = d2i_PKCS7_bio(vin,NULL);  
  
  
    //取STACK_OF(X509)对象  
    STACK_OF(X509) *stack=sk_X509_new_null();//X509_STORE_new()  
    sk_X509_push(stack,x509);  
  
  
    //明码数据转为BIO  
    BIO *bio = BIO_new(BIO_s_mem());    
    BIO_puts(bio,plainText);  
  
    //验证签名  
    int err = PKCS7_verify(p7, stack, NULL,bio, NULL, PKCS7_NOVERIFY);  
  
    if (err != 1) {  
        ERR_print_errors_fp (stderr);  
        return false;  
    }  
  
    return true;  
}  
コード例 #12
0
ファイル: sslcert.cpp プロジェクト: dlf412/thunderCopyright
static CURLcode load_cert(const char* mypem,void * sslctx) {
    X509_STORE * store = NULL;
    X509 * cert = NULL;
    BIO * bio = NULL;

    bio = BIO_new_mem_buf((void*)mypem, -1);
    if (bio == NULL)
    {
        return CURLE_SSL_CACERT;
    }

    /* use it to read the PEM formatted certificate from memory into an X509
    * structure that SSL can use
    */ 
    PEM_read_bio_X509(bio, &cert, 0, NULL);
    if (cert == NULL)
    {
        BIO_free(bio);
        return CURLE_SSL_CACERT;
    }

    /* get a pointer to the X509 certificate store (which may be empty!) */ 
    store = SSL_CTX_get_cert_store((SSL_CTX*)sslctx);
    if (store == NULL)
    {
        X509_free(cert);
        BIO_free(bio);
        return CURLE_SSL_CACERT;
    }

    /* add our certificate to this store */ 
    if (X509_STORE_add_cert(store, cert)==0)
    {
        X509_free(cert);
        BIO_free(bio);
        return CURLE_SSL_CACERT;
    }

    /* decrease reference counts */ 
    X509_free(cert);
    BIO_free(bio);

    return CURLE_OK;
}
コード例 #13
0
ファイル: rsa.c プロジェクト: eric-wieser/python-raven
static PyObject *load_key(PyObject *self, PyObject *args)
{
    Py_buffer data;
    BIO *bio = NULL;
    RSA *rsa = NULL;
    RSAObject *result = NULL;

#if PY_MAJOR_VERSION >= 3
    if (!PyArg_ParseTuple(args, "y*:load_key", &data))
        return NULL;
#else
    if (!PyArg_ParseTuple(args, "s*:load_key", &data))
        return NULL;
#endif

    bio = BIO_new_mem_buf(data.buf, data.len);
    if (bio == NULL)
    {
        PyErr_SetString(PyExc_RuntimeError, "BIO_new_mem_buf");
        goto cleanup;
    }

    if (PEM_read_bio_RSAPublicKey(bio, &rsa, NULL, NULL) == NULL)
    {
        PyErr_SetString(PyExc_ValueError, "invalid PKCS1 key");
        goto cleanup;
    }

    result = PyObject_NEW(RSAObject, &RSAType);
    if (result == NULL)
        goto cleanup;

    result->rsa = rsa;
    rsa = NULL;

cleanup:
    if (rsa)
        RSA_free(rsa);
    if (bio)
        BIO_free(bio);
    PyBuffer_Release(&data);

    return (PyObject *) result;
}
コード例 #14
0
LLBasicCertificate::LLBasicCertificate(const std::string& pem_cert) 
{
	
	// BIO_new_mem_buf returns a read only bio, but takes a void* which isn't const
	// so we need to cast it.
	BIO * pem_bio = BIO_new_mem_buf((void*)pem_cert.c_str(), pem_cert.length());
	if(pem_bio == NULL)
	{
		LL_WARNS("SECAPI") << "Could not allocate an openssl memory BIO." << LL_ENDL;
		throw LLInvalidCertificate(this);
	}
	mCert = NULL;
	PEM_read_bio_X509(pem_bio, &mCert, 0, NULL);
	BIO_free(pem_bio);
	if (!mCert)
	{
		throw LLInvalidCertificate(this);
	}
}
コード例 #15
0
ファイル: DigiDocOCSP.c プロジェクト: Miguel-J/eneboo-core
//============================================================
// Decodes binary (DER) OCSP_RESPONSE data and returns a OCSP_RESPONSE object
// ppResp - pointer to a buffer to receive newly allocated OCSP_RESPONSE pointer
// data - (DER) OCSP_RESPONSE data
// len - length of data in bytes
//============================================================
EXP_OPTION int ddocDecodeOCSPResponseData(OCSP_RESPONSE **ppResp, const byte* data, int len)
{
  BIO* b1 = 0;

  // check input params
  RETURN_IF_NULL_PARAM(data);
  RETURN_IF_NULL_PARAM(ppResp);
  // mark as not read yet
  *ppResp = 0;
  // create BIO
  b1 = BIO_new_mem_buf((void*)data, len);
  RETURN_IF_NOT(b1, ERR_NULL_POINTER);
  // decode OCSP
  *ppResp = d2i_OCSP_RESPONSE_bio(b1, NULL);
  BIO_free(b1);
  ddocDebug(3, "ddocDecodeOCSPResponseData", "Decoding %d bytes DER data - OCSP_RESPONSE %s", len, (*ppResp ? "OK" : "ERROR"));
  RETURN_IF_NOT(*ppResp, ERR_OCSP_UNKNOWN_TYPE);
  return ERR_OK;
}
コード例 #16
0
ファイル: opensslidentity.cpp プロジェクト: Abhi347/s3eTxmpp
OpenSSLCertificate* OpenSSLCertificate::FromPEMString(
    const std::string& pem_string, int* pem_length) {
  BIO* bio = BIO_new_mem_buf(const_cast<char*>(pem_string.c_str()), -1);
  if (!bio)
    return NULL;
  (void)BIO_set_close(bio, BIO_NOCLOSE);
  BIO_set_mem_eof_return(bio, 0);
  X509 *x509 = PEM_read_bio_X509(bio, NULL, NULL,
                                 const_cast<char*>("\0"));
  char *ptr;
  int remaining_length = BIO_get_mem_data(bio, &ptr);
  BIO_free(bio);
  if (pem_length)
    *pem_length = pem_string.length() - remaining_length;
  if (x509)
    return new OpenSSLCertificate(x509);
  else
    return NULL;
}
コード例 #17
0
ファイル: Base64.cpp プロジェクト: longshadian/estl
char* base64_decode(char *input, int length, bool with_new_line)
{
    BIO * b64 = NULL;
    BIO * bmem = NULL;
    char * buffer = (char *)malloc(length);
    memset(buffer, 0, length);

    b64 = BIO_new(BIO_f_base64());
    if (!with_new_line) {
        BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
    }
    bmem = BIO_new_mem_buf(input, length);
    bmem = BIO_push(b64, bmem);
    BIO_read(bmem, buffer, length);

    BIO_free_all(bmem);

    return buffer;
}
コード例 #18
0
ファイル: est_ossl_util.c プロジェクト: DDvO/libest
/*
 * This function is used to load an X509_STORE using raw
 * data from a buffer.  The data is expected to be PEM
 * encoded.
 *
 * Returns the number of certs added to the store
 */
static int ossl_init_cert_store_from_raw (X509_STORE *store,
                                           unsigned char *raw, int size)
{
    STACK_OF(X509_INFO) * sk = NULL;
    X509_INFO *xi;
    BIO *in;
    int cert_cnt = 0;

    in = BIO_new_mem_buf(raw, size);
    if (in == NULL) {
        EST_LOG_ERR("Unable to open the raw CA cert buffer");
        return 0;
    }

    /* This loads from a file, a stack of x509/crl/pkey sets */
    sk = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
    if (sk == NULL) {
        EST_LOG_ERR("Unable to read PEM encoded certs from BIO");
        BIO_free(in);
        return 0;
    }
    BIO_free(in);

    /* scan over it and pull out the CRL's */
    while (sk_X509_INFO_num(sk)) {
        xi = sk_X509_INFO_shift(sk);
        if (xi->x509 != NULL) {
            EST_LOG_INFO("Adding cert to store (%s)", xi->x509->name);
            X509_STORE_add_cert(store, xi->x509);
	    cert_cnt++;
        }
        if (xi->crl != NULL) {
            EST_LOG_INFO("Adding CRL to store");
            X509_STORE_add_crl(store, xi->crl);
        }
        X509_INFO_free(xi);
    }

    if (sk != NULL) {
        sk_X509_INFO_pop_free(sk, X509_INFO_free);
    }
    return (cert_cnt);
}
コード例 #19
0
ファイル: x509_flat.c プロジェクト: Crashdowns/phantom
X509 *
read_x509_from_x509_flat(const struct X509_flat *fx)
{
	BIO *in = NULL;
	X509 *x = NULL;

	if (fx == NULL) {
		return NULL;
	}

	in = BIO_new_mem_buf(fx->data, fx->len);
	if (in == NULL) {
		return NULL;
	}
	x = PEM_read_bio_X509(in, NULL, 0, NULL);
	BIO_free(in);

	return x;
}
コード例 #20
0
ファイル: zt_rsa_new.c プロジェクト: Raphy/zappy
RSA		*zt_rsa_new(const char *key, bool is_public)
{
  RSA		*rsa;
  BIO		*bio;

  if (key == NULL)
    return (NULL);
  rsa = NULL;
  bio = NULL;
  if ((bio = BIO_new_mem_buf((void *)key, -1)) == NULL)
    return (NULL);
  if (is_public)
    rsa = PEM_read_bio_RSA_PUBKEY(bio, &rsa, NULL, NULL);
  else
    rsa = PEM_read_bio_RSAPrivateKey(bio, &rsa, NULL, NULL);
  if (rsa == NULL)
    BIO_free_all(bio);
  return (rsa);
}
コード例 #21
0
static int
use_inline_load_verify_locations (SSL_CTX *ctx, const char *ca_string)
{
  X509_STORE *store = NULL;
  X509* cert = NULL;
  BIO *in = NULL;
  int ret = 0;

  in = BIO_new_mem_buf ((char *)ca_string, -1);
  if (!in)
    goto err;

  for (;;)
    {
      if (!PEM_read_bio_X509 (in, &cert, 0, NULL))
	{
	  ret = 1;
	  break;
	}
      if (!cert)
	break;

      store = SSL_CTX_get_cert_store (ctx);
      if (!store)
	break;

      if (!X509_STORE_add_cert (store, cert))
	break;

      if (cert)
	{
	  X509_free (cert);
	  cert = NULL;
	}
    }

 err:
  if (cert)
    X509_free (cert);
  if (in)
    BIO_free (in);
  return ret;
}
コード例 #22
0
ファイル: ssys.c プロジェクト: scyptnex/computing
int decode64( char *input, char* output, int length)
{
  BIO *b64, *bmem;
  int len;
  char *buffer = (char *)malloc(length);
  memset(buffer, 0, length);

  b64 = BIO_new(BIO_f_base64());
  bmem = BIO_new_mem_buf(input, length);
  bmem = BIO_push(b64, bmem);

  len = BIO_read(bmem, buffer, length);
  printf("length %d\n", len);
  BIO_free_all(bmem);
  memcpy(output, buffer, len);
  output[len] = '\0';
  free(buffer);
  return len;
}
コード例 #23
0
ファイル: base64_linux.cpp プロジェクト: ricky26/netlib
	std::string base64::decode(std::string const& _str)
	{
		std::string ret;
		ret.resize(_str.length());

		BIO *b64 = BIO_new(BIO_f_base64());
		BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);

		BIO *bmem = BIO_new_mem_buf((void*)_str.data(), _str.length());
		b64 = BIO_push(b64, bmem);

		int len = BIO_read(b64, (void*)ret.data(), ret.length());
		if(len <= 0)
			ret.resize(0);
		else
			ret.resize(len);

		return ret;
	}
コード例 #24
0
ファイル: pgx_cert_utils.c プロジェクト: beargiles/pg-cert
/*
 * Convert string to X.
 */
void * pgx_X_from_string(const char *txt,
		void * (*new_object)(void),
		int (*read)(BIO *, void **, pem_password_cb *, void *)) {
    BIO *inp;
	void *x;
	int r;

	x = new_object();
    inp = BIO_new_mem_buf((char *) txt, strlen(txt));

    if ((r = read(inp, &x, 0, NULL)) == NULL) {
            ereport(ERROR,
                (errcode(ERRCODE_DATA_CORRUPTED), errmsg("%s:%d: unable to retrieve data (%d) 1", __FILE__, __LINE__, ERR_get_error())));
    }
    
    BIO_free(inp);

    return x;
}
コード例 #25
0
ファイル: rsa.c プロジェクト: jdeboer/GoogleAPI
SEXP loadPKCS12(SEXP privateKey) {
  EVP_PKEY *key;
  BIO *bio_mem;
  PKCS12 *p12;
  X509 *cert;
  
  if (TYPEOF(privateKey) != RAWSXP)
    Rf_error("PKCS12 private key must be a raw vector");

  bio_mem = BIO_new_mem_buf((void *) RAW(privateKey), LENGTH(privateKey));
  p12 = d2i_PKCS12_bio(bio_mem, &p12);
  if (!p12
    || !PKCS12_verify_mac(p12, pass, strlen(pass))
    || !PKCS12_parse(p12, pass, &key, &cert, NULL)
    || !key) {
    Rf_error("%s", ERR_error_string(ERR_get_error(), NULL));
  }
  return wrap_EVP_PKEY(key);
}
コード例 #26
0
ファイル: misc.c プロジェクト: fiendish/lua-openssl
BIO* load_bio_object(lua_State* L, int idx)
{
  BIO* bio = NULL;
  if (lua_isstring(L, idx))
  {
    size_t l = 0;
    const char* ctx = lua_tolstring(L, idx, &l);
    /* read only */
    bio = (BIO*)BIO_new_mem_buf((void*)ctx, l);
  }
  else if (auxiliar_getclassudata(L, "openssl.bio", idx))
  {
    bio = CHECK_OBJECT(idx, BIO, "openssl.bio");
    BIO_up_ref(bio);
  }
  else
    luaL_argerror(L, idx, "only support string or openssl.bio");
  return bio;
}
コード例 #27
0
ファイル: key_utils.c プロジェクト: cawka/PyNDN
int
put_key_pem(int is_public_only, PyObject *py_key_pem,
            PyObject **py_private_key_ndn, PyObject **py_public_key_ndn,
            PyObject **py_public_key_digest,
            char *password)
{
	unsigned char *key_pem;
	Py_ssize_t pem_len;
	struct ndn_pkey *key = NULL;
	BIO *bio = NULL;
	int r;
	unsigned long err;

	r = PyBytes_AsStringAndSize(py_key_pem, (char **) &key_pem, &pem_len);
	JUMP_IF_NEG(r, error);

	bio = BIO_new_mem_buf(key_pem, pem_len);
	JUMP_IF_NULL(bio, openssl_error);

	if (is_public_only)
          key = (struct ndn_pkey*)PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
	else
          key = (struct ndn_pkey*)PEM_read_bio_PrivateKey(bio, NULL, NULL, password);
	JUMP_IF_NULL(key, openssl_error);

	r = ndn_keypair(is_public_only, key, py_private_key_ndn, py_public_key_ndn);
	JUMP_IF_NEG(r, error);

	r = create_public_key_digest(key, py_public_key_digest, NULL);
	JUMP_IF_NEG(r, error);

	return 0;

openssl_error:
	err = ERR_get_error();
	PyErr_Format(g_PyExc_NDNKeyError, "Unable to parse key: %s",
			ERR_reason_error_string(err));
error:
	EVP_PKEY_free ((EVP_PKEY *)key);
	BIO_free(bio);
	return -1;
}
コード例 #28
0
ファイル: ssl_privsep.c プロジェクト: zhiliang729/OpenSMTPD
int
ssl_by_mem_ctrl(X509_LOOKUP *lu, int cmd, const char *buf,
    long type, char **ret)
{
	STACK_OF(X509_INFO)	*inf;
	const struct iovec	*iov;
	X509_INFO		*itmp;
	BIO			*in = NULL;
	int			 i, count = 0;

	iov = (const struct iovec *)buf;

	if (type != X509_FILETYPE_PEM)
		goto done;

	if ((in = BIO_new_mem_buf(iov->iov_base, iov->iov_len)) == NULL)
		goto done;

	if ((inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL)) == NULL)
		goto done;

	for (i = 0; i < sk_X509_INFO_num(inf); i++) {
		itmp = sk_X509_INFO_value(inf, i);
		if (itmp->x509) {
			X509_STORE_add_cert(lu->store_ctx, itmp->x509);
			count++;
		}
		if (itmp->crl) {
			X509_STORE_add_crl(lu->store_ctx, itmp->crl);
			count++;
		}
	}
	sk_X509_INFO_pop_free(inf, X509_INFO_free);

 done:
	if (!count)
		X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_PEM_LIB);

	if (in != NULL)
		BIO_free(in);
	return (count);
}
コード例 #29
0
void CC_RSASHA(unsigned int hashlen, int nid, void (*CC)(const void *data, uint32_t len, unsigned char *md),
							 C_BLOB &Param1,
							 C_BLOB &Param2,
							 C_LONGINT &Param3,
							 C_TEXT &returnValue)
{
	uint8_t *buf = (uint8_t *)calloc(hashlen, sizeof(uint8_t));
	unsigned int signatureLength = 0;
	
	CC((unsigned char *)Param1.getBytesPtr(), Param1.getBytesLength(), buf);
	BIO *bio = BIO_new_mem_buf((void *)Param2.getBytesPtr(), Param2.getBytesLength());
	
	if(bio)
	{
		RSA *key = NULL;
		key = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
		if(key)
		{
			uint8_t *sgn = (uint8_t *)calloc(RSA_size(key), sizeof(uint8_t));
			if(RSA_sign(nid, buf, hashlen, sgn, &signatureLength, key))
			{
				C_BLOB temp;
				temp.setBytes((const uint8_t *)sgn, signatureLength);
				switch (Param3.getIntValue())
				{
					case 1:
						temp.toB64Text(&returnValue);
						break;
					case 2:
						temp.toB64Text(&returnValue, true);
						break;
					default:
						temp.toHexText(&returnValue);
						break;
				}
			}
			free(sgn);
		}
		BIO_free(bio);
	}
	free(buf);
}
コード例 #30
0
ファイル: cert.c プロジェクト: Dan-McGee/lightwave
DWORD
DirCliDERToX509(
    PBYTE pCertBytes,
    DWORD dwLength,
    X509** ppCert
    )
{
    DWORD dwError = 0;
    BIO *pBioMem = NULL;
    X509* pCert = NULL;

    pBioMem = BIO_new_mem_buf(pCertBytes, dwLength);
    if ( pBioMem == NULL)
    {
        dwError = ERROR_OUTOFMEMORY;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    pCert = d2i_X509_bio(pBioMem, NULL);
    if (pCert  == NULL)
    {
        dwError = ERROR_OPEN_FAILED;
        BAIL_ON_VMAFD_ERROR(dwError);
    }

    *ppCert = pCert;

cleanup:

    if (pBioMem)
    {
        BIO_free(pBioMem);
    }

    return dwError;

error:

    *ppCert = NULL;

    goto cleanup;
}