//------------------------------------------------------------------------------------- bool KBE_RSA::loadPrivate(const std::string& keyname) { FILE *fp = NULL; if(rsa_private == NULL) { fp = fopen(keyname.c_str(), "rb"); if (!fp) { return false; } rsa_private = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); if(NULL == rsa_private) { ERR_load_crypto_strings(); char err[1024]; char* errret = ERR_error_string(ERR_get_error(), err); ERROR_MSG(fmt::format("KBE_RSA::loadPrivate: PEM_read_RSAPrivateKey error({} : {})\n", errret, err)); fclose(fp); return false; } } if(fp) fclose(fp); return rsa_private != NULL; }
/* * Load CA certificate and private key from current dir */ static int load_ca(char * ca_name, identity * ca) { FILE * f ; RSA * rsa ; char filename[FIELD_SZ+1] ; sprintf(filename, "%s.crt", ca_name); if ((f=fopen(filename, "r"))==NULL) { fprintf(stderr, "Cannot find: %s\n", filename); return -1 ; } ca->cert = PEM_read_X509(f, NULL, NULL, NULL); fclose(f); sprintf(filename, "%s.key", ca_name); if ((f=fopen(filename, "r"))==NULL) { return -1 ; } rsa = PEM_read_RSAPrivateKey(f, NULL, NULL, NULL); fclose(f); ca->key = EVP_PKEY_new(); EVP_PKEY_assign_RSA(ca->key, rsa); if (!X509_check_private_key(ca->cert, ca->key)) { fprintf(stderr, "CA certificate and private key do not match\n"); return -1 ; } return 0; }
//使用私钥解密 int rsa_decrypt(char *in, const char *key_path, char* out) { RSA *p_rsa; FILE *file; int rsa_len; if ((file=fopen(key_path, "r"))==NULL) { perror("open key file error"); return 0; } if ((p_rsa=PEM_read_RSAPrivateKey(file, NULL, NULL, NULL))==NULL) { ERR_print_errors_fp(stdout); return 0; } rsa_len=RSA_size(p_rsa); if (RSA_private_decrypt(rsa_len, (unsigned char*)in, (unsigned char*)out, p_rsa, RSA_NO_PADDING)<0) { return 0; } RSA_free(p_rsa); fclose(file); return 1; }
svRSAKey::svRSAKey(const string &pem) : svObject("svRSAKey"), type(svRSA_TYPE_NULL), key(NULL), mtime(0) { struct stat key_stat; if (stat(pem.c_str(), &key_stat) == -1) throw svExRSAKeyStat(pem, strerror(errno)); mtime = key_stat.st_mtime; FILE *h_key = fopen(pem.c_str(), "r"); if (!h_key) throw svExRSAKeyOpen(pem, strerror(errno)); if ((key = PEM_read_RSA_PUBKEY(h_key, NULL, NULL, NULL))) type = svRSA_TYPE_PUBLIC; else { rewind(h_key); if ((key = PEM_read_RSAPrivateKey(h_key, NULL, NULL, NULL))) type = svRSA_TYPE_PRIVATE; else { ERR_load_crypto_strings(); svError("%s: %s: %s", name.c_str(), pem.c_str(), ERR_error_string(ERR_get_error(), NULL)); } } fclose(h_key); if (type == svRSA_TYPE_NULL) throw svExRSAKeyInvalid(pem); name = pem; }
Key::Key(string publicKeyFile, string privateKeyFile) { rsa = NULL; privateKey = NULL; publicKey = NULL; priName = privateKeyFile; pubName = publicKeyFile; if (!privateKeyFile.empty()) { FILE *fp = fopen(privateKeyFile.c_str(), "r"); if (fp == NULL) { cout << "Private Key File Error!" << endl; return ; } privateKey = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); fclose(fp); } if (!publicKeyFile.empty()) { FILE *fp = fopen(publicKeyFile.c_str(), "r"); if (fp == NULL) { cout << "Public Key File Error!" << endl; return ; } // rsa = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL); publicKey = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL); fclose(fp); return ; } cout << "Error Open Private Key or Public Key!" << endl; }
char * decrypt(char * p_ecypt,int len_ecypt,char * priv_key){ char * p_dcypt; int rsa_len; // open private key file FILE* priv_fp=fopen(priv_key,"r"); if(priv_fp==NULL){ printf("failed to open priv_key file %s!\n", priv_key); return NULL; } // read private key from private key file RSA *rsa2=PEM_read_RSAPrivateKey(priv_fp,NULL,NULL,NULL); if(rsa2==NULL){ printf("unable to read private key!\n"); return NULL; } rsa_len=RSA_size(rsa2); p_dcypt=(char *)malloc(rsa_len+1); memset(p_dcypt,0,rsa_len+1); // decrypt by using private key decrylen=RSA_private_decrypt(len_ecypt,(const unsigned char*)p_ecypt,(unsigned char*)p_dcypt,rsa2,RSA_PKCS1_PADDING); if(decrylen==-1){ printf("failed to decrypt!\n"); return NULL; } fclose(priv_fp); return p_dcypt; }
int sign(char* private_key_path, unsigned char *msg, int msg_len, unsigned char *sig, unsigned int *sig_len) { //Load private key FILE *fp = fopen(private_key_path, "r"); if(!fp) { DEBUGMSG(ERROR, "Could not find private key\n"); return 0; } RSA *rsa = (RSA *) PEM_read_RSAPrivateKey(fp,NULL,NULL,NULL); fclose(fp); if(!rsa) return 0; unsigned char md[SHA256_DIGEST_LENGTH]; sha(msg, msg_len, md); //Compute signatur int err = RSA_sign(NID_sha256, md, SHA256_DIGEST_LENGTH, (unsigned char*)sig, (unsigned int*)sig_len, rsa); if(!err){ printf("Error: %ul\n", (unsigned int)ERR_get_error()); } RSA_free(rsa); return err; }
char* my_decrypt(char* str, char* path_key) { char* p_de; RSA* p_rsa; FILE *file; int rsa_len; if((file = fopen(path_key,"r")) == NULL) { perror("open key file error"); return NULL; } if((p_rsa = PEM_read_RSAPrivateKey(file,NULL,NULL,NULL)) == NULL) { ERR_print_errors_fp(stdout); return NULL; } rsa_len = RSA_size(p_rsa); p_de = (unsigned char*)malloc(rsa_len + 1); memset(p_de,0,rsa_len+1); if(RSA_private_decrypt(rsa_len,(unsigned char*)str,(unsigned char*)p_de,p_rsa,RSA_NO_PADDING) < 0) { return NULL; } RSA_free(p_rsa); fclose(file); return p_de; }
int UtlCryptoKeyRsa::importFromFile(const char* pFilename) { // Make sure we don't leave any previous keys hanging around clearKey(); FILE *pFile = fopen(pFilename, "rt"); if (!pFile) return -1; // First try to read a public key mpRsa = PEM_read_RSA_PUBKEY(pFile, 0, 0, 0); if (mpRsa) setKeyType(KEY_PUBLIC); else { // If that failed, try to read a private key fseek(pFile, 0, SEEK_SET); mpRsa = PEM_read_RSAPrivateKey(pFile, 0, 0, 0); if (mpRsa) setKeyType(KEY_PRIVATE); } fclose(pFile); if (isValid()) return setLastError(0); else return -1; }
/* * rsa public key encrypt */ char* rsa_encrypt_public(unsigned char*txt,int txt_len,char* public_key_str,int p_len,int* enc_len) { //char *public_key = "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAL331YpDOljAJznk4eNt0TfZJREYypIhWTN/gx0g1iUIaLPlFR7ydjaB\npd9V7G3GvvOf3mGijP+9LjKdgQ8p1pgDW7DeXZk2dTAeQ4hdY287/sw6NFKJxMXA\nFGoUdARObVespCZBdHSqo8kFMAjVGge6ZoH6nAjGzvIfijgsj+2jAgMBAAE=\n-----END RSA PUBLIC KEY-----\n"; //char * private_key = "-----BEGIN RSA PRIVATE KEY-----\nMIICXQIBAAKBgQC999WKQzpYwCc55OHjbdE32SURGMqSIVkzf4MdINYlCGiz5RUe\n8nY2gaXfVextxr7zn95hooz/vS4ynYEPKdaYA1uw3l2ZNnUwHkOIXWNvO/7MOjRS\nicTFwBRqFHQETm1XrKQmQXR0qqPJBTAI1RoHumaB+pwIxs7yH4o4LI/towIDAQAB\nAoGBAI1ALF2EI2w+ZGxdzcBntXtLUI5n2qfReBwcogcUlWYv3Hp2yb+bFV7uA8IO\nh6AQeYd4xcffL+wwZJtqFb6Ko25XAei8Os3xjb9k5fCcyrmyY+5oeXdQHlcbd/f8\niy8/rOEHZTr4iBXe/8ADlQZlRUkYCblPZ4i4BgzBUB6HzhxhAkEA8wJRx/FjOo6F\noO1aTewbvFIv4Dckqq5j/pBu9fkv1AhMxSfdGnsYcuIn15Y1/RlnpxrmJNWgryvd\n+6LJGDgjWQJBAMgfoINe80YiPCdMoboMd/u1uf1BhwujbiJPSrS40lc3jfyPmHA4\n8hppo8QuELI4rXRE/im4c+zmyphxEyULpVsCQQDnD96JGin65MeE1AsYqpdYwmEJ\ndgVkUXt88wK+2ZizqMyubpAa/M6rdgTiRc7CASUAzF/myEYIKdLh0NAbOk3JAkAE\nxEQVfPh8bipSoU+k19EvzKdOcfYef9kKtirIXTKdYzRdlKoD2kdh+6wr6xD4vcLb\n5xzKr5sLRIAE24SiOEHLAkB1TBlvvvIltttSc9lOpq3UhmtHQJaS32lD2Lk2/zNx\nW6Jbsk+sCQXM0ww4GTCpHMISfokEPtqOPikPcVFs98Oj\n-----END RSA PRIVATE KEY-----\n"; RSA* rsa; int rsa_len; char *p_en; #if 1 //public_key = rsa_key_seliaze(public_key_str); BIO* p_bio = BIO_new_mem_buf(public_key_str, -1); printf("rsa_encrypt is %p \n",p_bio); rsa = PEM_read_bio_RSAPublicKey(p_bio, NULL, NULL, NULL); //PEM_read_bio_RSAPrivateKey if ( rsa == NULL ) { printf("RSA is NULL\n"); return NULL; } #else FILE* file=fopen("/tmp/r_pub.key","r"); rsa=PEM_read_RSAPrivateKey(file,NULL,NULL,NULL);//PEM_read_RSAPrivateKey #endif rsa_len=RSA_size(rsa); p_en=(unsigned char *)calloc(rsa_len+1,1); printf("rsa length = %d\n",rsa_len); int rc=0; if((rc=RSA_public_encrypt(txt_len,(unsigned char *)txt,(unsigned char*)p_en,rsa,RSA_PKCS1_PADDING))<=0) { int e=ERR_get_error(); printf("error code is:%s\n",ERR_error_string(e,NULL)); return NULL; } printf("rsa length = %d\n",strlen(p_en)); RSA_free(rsa); *enc_len = rc; return p_en; }
void get_privkey_from_file(Octstr* s, RSA** priv_key, Octstr* passwd) { char *password; char *filename; /* Check errors!!!! */ FILE* fp; filename = octstr_get_cstr(s); password = passwd != NULL ? octstr_get_cstr(passwd) : NULL; /* Open the file specified by "s" */ fp = fopen(filename,"r"); if (fp == NULL) warning(0,"Can't read private key %s", filename); /* Load up that there certificate */ *priv_key = PEM_read_RSAPrivateKey(fp,NULL,NULL,password); /* Close the file specified by "s" */ fclose(fp); if (priv_key == NULL) { ERR_print_errors_fp (stderr); } }
wi_boolean_t wi_socket_context_set_ssl_privkey(wi_socket_context_t *context, wi_string_t *path) { #ifdef WI_SSL FILE *fp; fp = fopen(wi_string_cstring(path), "r"); if(!fp) { wi_error_set_errno(errno); return false; } context->priv_rsa = PEM_read_RSAPrivateKey(fp, NULL, 0, NULL); if(!context->priv_rsa) wi_error_set_ssl_error(); fclose(fp); return (context->priv_rsa != NULL); #else wi_error_set_lib_error(WI_ERROR_SOCKET_NOSSL); return false; #endif }
static RSA * load_rsa_privkey(const char *path) { FILE *fp; RSA *rsa = NULL; const char *p; char *passphrase = NULL; if ((fp = fopen(path, "r")) == 0) return NULL; if ((rsa = RSA_new()) == NULL) { fclose(fp); return NULL; } p = getenv("XBPS_PASSPHRASE"); if (p) { passphrase = strdup(p); } rsa = PEM_read_RSAPrivateKey(fp, 0, NULL, passphrase); if (passphrase) { free(passphrase); passphrase = NULL; } fclose(fp); return rsa; }
/* * rsa private encrypt */ char* rsa_encrypt_private(unsigned char*txt,int txt_len,char* public_key_str,int p_len,int* enc_len) { RSA* rsa; int rsa_len; char *p_en; #if 1 //public_key = rsa_key_seliaze(public_key_str); BIO* p_bio = BIO_new_mem_buf(public_key_str, -1); printf("rsa_encrypt is %p \n",p_bio); rsa = PEM_read_bio_RSAPrivateKey(p_bio, NULL, NULL, NULL); //PEM_read_bio_RSAPrivateKey if ( rsa == NULL ) { printf("RSA is NULL\n"); return NULL; } #else FILE* file=fopen("/tmp/r_pub.key","r"); rsa=PEM_read_RSAPrivateKey(file,NULL,NULL,NULL);//PEM_read_RSAPrivateKey #endif rsa_len=RSA_size(rsa); p_en=(unsigned char *)calloc(rsa_len+1,1); //printf("rsa length = %d\n",rsa_len); int rc=0; if((rc=RSA_private_encrypt(txt_len,(unsigned char *)txt,(unsigned char*)p_en,rsa,RSA_PKCS1_PADDING))<=0) { int e=ERR_get_error(); printf("error code is:%s\n",ERR_error_string(e,NULL)); return NULL; } RSA_free(rsa); *enc_len = rc; return p_en; }
wi_rsa_t * wi_rsa_init_with_pem_file(wi_rsa_t *rsa, wi_string_t *path) { FILE *fp; fp = fopen(wi_string_cstring(path), "r"); if(!fp) { wi_error_set_errno(errno); wi_release(rsa); return NULL; } rsa->rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); fclose(fp); if(!rsa->rsa) { wi_error_set_openssl_error(); wi_release(rsa); return NULL; } return rsa; }
int openssl_read_pem_seckey(const char *f, __ops_key_t *key, const char *type, int verbose) { FILE *fp; DSA *dsa; RSA *rsa; int ok; OpenSSL_add_all_algorithms(); if ((fp = fopen(f, "r")) == NULL) { if (verbose) { (void) fprintf(stderr, "can't open '%s'\n", f); } return 0; } ok = 1; if (strcmp(type, "ssh-rsa") == 0) { rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); key->key.seckey.key.rsa.d = rsa->d; key->key.seckey.key.rsa.p = rsa->p; key->key.seckey.key.rsa.q = rsa->q; key->key.seckey.key.rsa.d = rsa->d; } else if (strcmp(type, "ssh-dss") == 0) { if ((dsa = PEM_read_DSAPrivateKey(fp, NULL, NULL, NULL)) == NULL) { ok = 0; } else { key->key.seckey.key.dsa.x = dsa->priv_key; } } else { ok = 0; } (void) fclose(fp); return ok; }
int rsa_priv_decrypt(char ** str_out, char *str_in, size_t str_in_sz, char *key_file, char * keypass) { RSA * priv_key = NULL; FILE * priv_key_file; OpenSSL_add_all_algorithms(); OpenSSL_add_all_ciphers(); ERR_load_crypto_strings(); priv_key_file = fopen(key_file, "rb"); priv_key = PEM_read_RSAPrivateKey(priv_key_file, NULL, NULL, keypass); fclose(priv_key_file); if (!priv_key) { std::cerr << ERR_error_string(ERR_get_error(), NULL) << std::endl; return -1; } int key_size = RSA_size(priv_key); unsigned char *ustr_out = (unsigned char *)malloc(key_size); int len = RSA_private_decrypt(str_in_sz, (unsigned char *)&str_in[0], ustr_out, priv_key, RSA_PKCS1_PADDING); if (len == -1) { std::cerr << "RSA_private_decrypt error (rsa_priv_decrypt)." << std::endl; std::cerr << ERR_error_string(ERR_get_error(), NULL) << std::endl; return -1; } *str_out = (char *)ustr_out; return len; }
static gint lua_rsa_privkey_load (lua_State *L) { RSA *rsa = NULL, **prsa; const gchar *filename; FILE *f; filename = luaL_checkstring (L, 1); if (filename != NULL) { f = fopen (filename, "r"); if (f == NULL) { msg_err ("cannot open private key from file: %s, %s", filename, strerror (errno)); lua_pushnil (L); } else { if (!PEM_read_RSAPrivateKey (f, &rsa, NULL, NULL)) { msg_err ("cannot open private key from file: %s, %s", filename, ERR_error_string (ERR_get_error (), NULL)); lua_pushnil (L); } else { prsa = lua_newuserdata (L, sizeof (RSA *)); rspamd_lua_setclass (L, "rspamd{rsa_privkey}", -1); *prsa = rsa; } fclose (f); } } else { lua_pushnil (L); } return 1; }
/** * rsa_get_priv_key() - read a private key from a .key file * * @keydir: Directory containins the key * @name Name of key file (will have a .key extension) * @rsap Returns RSA object, or NULL on failure * @return 0 if ok, -ve on error (in which case *rsap will be set to NULL) */ static int rsa_get_priv_key(const char *keydir, const char *name, RSA **rsap) { char path[1024]; RSA *rsa; FILE *f; *rsap = NULL; snprintf(path, sizeof(path), "%s/%s.key", keydir, name); f = fopen(path, "r"); if (!f) { fprintf(stderr, "Couldn't open RSA private key: '%s': %s\n", path, strerror(errno)); return -ENOENT; } rsa = PEM_read_RSAPrivateKey(f, 0, NULL, path); if (!rsa) { rsa_err("Failure reading private key"); fclose(f); return -EPROTO; } fclose(f); *rsap = rsa; return 0; }
int main(int argc, char **argv) { FILE *kfile; RSA *rsa = NULL; char ndata[257], ddata[257]; /* respond privatefile challenge */ if (argc < 3) { puts("Usage: respond privatefile challenge [passphrase]"); return 0; } if (argc == 4) { /* This is TOTALLY insecure and not recommended, but for ** interfacing with irc client scripts, it's either this ** or don't use a passphrase. ** ** The likelihood of a passphrase leaking isn't TOO great, ** only ps auxww will show it, and even then, only at the ** precise moment this is called. */ insecure_mode = 1; pass_param = argv[3]; } if (!(kfile = fopen(argv[1], "r"))) { puts("Could not open the private keyfile."); return 0; } SSLeay_add_all_ciphers(); rsa = PEM_read_RSAPrivateKey(kfile, NULL,pass_cb, NULL); if(!rsa) { puts("Unable to read your private key, is the passphrase wrong?"); return 0; } fclose(kfile); if (hex_to_binary(argv[2], ndata, 128) != 128) { puts("Bad challenge."); return -1; } if (RSA_private_decrypt(128, (unsigned char*)ndata, (unsigned char*)ddata, rsa, RSA_PKCS1_PADDING) == -1) { puts("Decryption error."); return -1; } binary_to_hex((unsigned char*)ddata, ndata, 32); puts(ndata); return 0; }
bool read_rsa_private_key(void) { FILE *fp; char *fname, *key, *pubkey; struct stat s; if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key)) { if(!get_config_string(lookup_config(config_tree, "PublicKey"), &pubkey)) { logger(LOG_ERR, "PrivateKey used but no PublicKey found!"); return false; } myself->connection->rsa_key = RSA_new(); // RSA_blinding_on(myself->connection->rsa_key, NULL); BN_hex2bn(&myself->connection->rsa_key->d, key); BN_hex2bn(&myself->connection->rsa_key->n, pubkey); BN_hex2bn(&myself->connection->rsa_key->e, "FFFF"); free(key); free(pubkey); return true; } if(!get_config_string(lookup_config(config_tree, "PrivateKeyFile"), &fname)) xasprintf(&fname, "%s/rsa_key.priv", confbase); fp = fopen(fname, "r"); if(!fp) { logger(LOG_ERR, "Error reading RSA private key file `%s': %s", fname, strerror(errno)); free(fname); return false; } #if !defined(HAVE_MINGW) && !defined(HAVE_CYGWIN) if(fstat(fileno(fp), &s)) { logger(LOG_ERR, "Could not stat RSA private key file `%s': %s'", fname, strerror(errno)); free(fname); return false; } if(s.st_mode & ~0100700) logger(LOG_WARNING, "Warning: insecure file permissions for RSA private key file `%s'!", fname); #endif myself->connection->rsa_key = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); fclose(fp); if(!myself->connection->rsa_key) { logger(LOG_ERR, "Reading RSA private key file `%s' failed: %s", fname, strerror(errno)); free(fname); return false; } free(fname); return true; }
int load_rsa_pkey(RSA ** rsa_priv_key) { FILE *fp; // Read PEM Private Key fp = fopen(f_rsa_private_key, "r"); if (fp) { LOG(DEBUG, "[API] Private key found"); *rsa_priv_key = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); } else { LOG(DEBUG, "[API] No private key found, generating new key"); if (generate_rsa_pkey() < 0) return -1; fp = fopen(f_rsa_private_key, "r"); *rsa_priv_key = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); } fclose(fp); return 0; }
void OAuthTokenEndpoint::setRSAKey(const std::string &path) { if (privateKey) RSA_free(privateKey); RSA* rsa = RSA_new(); privateKey = PEM_read_RSAPrivateKey(fopen(path.c_str(), "rb"), &rsa, NULL, NULL); if (!privateKey) { throw WException("OAuthTokenEndpoint: invalid RSA key \"" + path + "\""); } }
int openssl_read_pem_seckey(const char *f, __ops_key_t *key, const char *type, int verbose) { FILE *fp; char prompt[BUFSIZ]; char *pass; DSA *dsa; RSA *rsa; int ok; OpenSSL_add_all_algorithms(); if ((fp = fopen(f, "r")) == NULL) { if (verbose) { (void) fprintf(stderr, "can't open '%s'\n", f); } return 0; } ok = 1; if (strcmp(type, "ssh-rsa") == 0) { if ((rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL)) == NULL) { (void) snprintf(prompt, sizeof(prompt), "netpgp PEM %s passphrase: ", f); do { pass = getpass(prompt); rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, pass); } while (rsa == NULL); } key->key.seckey.key.rsa.d = rsa->d; key->key.seckey.key.rsa.p = rsa->p; key->key.seckey.key.rsa.q = rsa->q; key->key.seckey.key.rsa.d = rsa->d; } else if (strcmp(type, "ssh-dss") == 0) { if ((dsa = PEM_read_DSAPrivateKey(fp, NULL, NULL, NULL)) == NULL) { ok = 0; } else { key->key.seckey.key.dsa.x = dsa->priv_key; } } else { ok = 0; } (void) fclose(fp); return ok; }
/* caller must free the returned string */ char * euca_sign_url (const char * verb, const char * date, const char * url) { if (!initialized) euca_init_cert (); char * sig_str = NULL; RSA * rsa = NULL; FILE * fp = NULL; if ( verb==NULL || date==NULL || url==NULL ) return NULL; if ( ( rsa = RSA_new() ) == NULL ) { logprintfl (EUCAERROR, "error: RSA_new() failed\n"); } else if ( ( fp = fopen (pk_file, "r") ) == NULL) { logprintfl (EUCAERROR, "error: failed to open private key file %s\n", pk_file); RSA_free (rsa); } else { logprintfl (EUCADEBUG2, "euca_sign_url(): reading private key file %s\n", pk_file); PEM_read_RSAPrivateKey(fp, &rsa, NULL, NULL); /* read the PEM-encoded file into rsa struct */ if ( rsa==NULL ) { logprintfl (EUCAERROR, "error: failed to read private key file %s\n", pk_file); } else { unsigned char * sig; // RSA_print_fp (stdout, rsa, 0); /* (for debugging) */ if ( (sig = malloc(RSA_size(rsa))) == NULL) { logprintfl (EUCAERROR, "error: out of memory (for RSA key)\n"); } else { unsigned char sha1 [SHA_DIGEST_LENGTH]; #define BUFSIZE 2024 char input [BUFSIZE]; unsigned int siglen; int ret; /* finally, SHA1 and sign with PK */ assert ((strlen(verb)+strlen(date)+strlen(url)+4)<=BUFSIZE); snprintf (input, BUFSIZE, "%s\n%s\n%s\n", verb, date, url); logprintfl (EUCADEBUG2, "euca_sign_url(): signing input %s\n", get_string_stats(input)); SHA1 ((unsigned char *)input, strlen(input), sha1); if ((ret = RSA_sign (NID_sha1, sha1, SHA_DIGEST_LENGTH, sig, &siglen, rsa))!=1) { logprintfl (EUCAERROR, "error: RSA_sign() failed\n"); } else { logprintfl (EUCADEBUG2, "euca_sign_url(): signing output %d\n", sig[siglen-1]); sig_str = base64_enc (sig, siglen); logprintfl (EUCADEBUG2, "euca_sign_url(): base64 signature %s\n", get_string_stats((char *)sig_str)); } free (sig); } RSA_free (rsa); } fclose(fp); } return sig_str; }
int read_keypair_pem(FILE *fp, struct keypair** KP) { (*KP) = (struct keypair*) calloc(sizeof(struct keypair), 1); RSA *private_key_rsa; PEM_read_RSAPrivateKey(fp, &private_key_rsa, NULL, NULL); ccn_keypair_from_rsa(private_key_rsa, &(*KP)->private_key, &(*KP)->public_key); create_public_key_digest(private_key_rsa, &(*KP)->public_key_digest, &(*KP)->public_key_digest_len); RSA_free(private_key_rsa); return 0; }
int rsa_encrypt (const char *const private_key_name, void *input, int ilen, void **output, int *olen) { vkprintf (3, "rsa_encrypt (private_key_name = %s, ilen = %d)\n", private_key_name, ilen); int err = 0; RSA *privKey = NULL; *output = NULL; *olen = -1; FILE *f = fopen (private_key_name, "rb"); if (f == NULL) { kprintf ("Couldn't open private key file: %s\n", private_key_name); return -1; } privKey = PEM_read_RSAPrivateKey (f, NULL, NULL, NULL); if (privKey == NULL) { kprintf ("PEM_read_RSAPrivateKey returns NULL.\n"); err = -2; goto clean; } fclose (f); f = NULL; unsigned char key[32], iv[32]; generate_aes_key (key, iv); const int rsa_size = RSA_size (privKey); *olen = 4 + rsa_size + 32 + ilen + AES_BLOCK_SIZE; unsigned char *b = *output = malloc (*olen); memcpy (b, &rsa_size, 4); if (!RSA_private_encrypt (32, key, b + 4, privKey, RSA_PKCS1_PADDING)) { kprintf ("RSA_private_encrypt fail.\n"); err = -3; goto clean; } memcpy (b + 4 + rsa_size, iv, 32); EVP_CIPHER_CTX e; EVP_CIPHER_CTX_init (&e); EVP_EncryptInit_ex (&e, EVP_aes_256_cbc(), NULL, key, iv); int c_len, f_len; EVP_EncryptUpdate (&e, b + 4 + rsa_size + 32, &c_len, input, ilen); EVP_EncryptFinal_ex (&e, b + 4 + rsa_size + 32 + c_len, &f_len); EVP_CIPHER_CTX_cleanup (&e); int r = 4 + rsa_size + 32 + c_len + f_len; vkprintf (3, "c_len = %d, f_len = %d\n", c_len, f_len); assert (r <= *olen); *olen = r; clean: if (f != NULL) { fclose (f); } if (privKey) { RSA_free (privKey); } return err; }
/** * @brief Initialize the signing subsystem * * @param key_filename The pathname to the private key file * @param bad_passphrase Pointer to flag that is set if the failure was * likley due to an incorrect passphrase * * @returns True on success, false on failure. */ bool sign_init(char * key_filename, bool * bad_passphrase) { FILE * fp; if (bad_passphrase) { *bad_passphrase = false; } if (!crypto_initialized) { /* (From: https://wiki.openssl.org/index.php/Libcrypto_API) */ /* Load the human readable error strings for libcrypto */ ERR_load_crypto_strings(); /* Load all digest and cipher algorithms */ OpenSSL_add_all_algorithms(); /* Load config file, and other important initialisation */ OPENSSL_config(NULL); crypto_initialized = true; } /** * Load the RSA key object from the private key file * (see: http://hayageek.com/rsa-encryption-decryption-openssl-c/#private-encrypt) */ fp = fopen(key_filename,"rb"); if (fp == NULL) { fprintf(stderr, "ERROR: Can't open private key '%s' (err %d)\n", key_filename, errno); return false; } rsa = RSA_new(); if (rsa == NULL) { fprintf(stderr, "ERROR: Can't allocate RSA for key '%s': %s\n", key_filename, ERR_error_string(ERR_get_error(), NULL)); return false; } else { rsa = PEM_read_RSAPrivateKey(fp, &rsa, NULL, passphrase); if (rsa == NULL) { fprintf(stderr, "ERROR: Can't read private key '%s' (%s)\n", key_filename, ERR_error_string(ERR_get_error(), NULL)); if (bad_passphrase) { *bad_passphrase = true; } return false; } } return true; }
RSA* rsa_read_private_key_from_PEM(const std::string& path) { // std::cout << "(i) " << __func__ << ": trying to open " << path << std::endl; FILE* pem_file = fopen(path.c_str(), "rb"); if(pem_file == nullptr) return nullptr; RSA* rsa = PEM_read_RSAPrivateKey(pem_file, NULL,NULL, NULL); fclose(pem_file); return rsa; }
RSA* get_private_key(){ RSA* rsa=NULL; FILE* bp=fopen("privatekey.pem","r"); if(bp==NULL){ printf("Error opening private key file\n"); } rsa=PEM_read_RSAPrivateKey(bp,NULL,NULL,NULL); if(rsa==NULL){ printf("Error reading private key from file\n"); } fclose(bp); return rsa; }