void pki_x509req::writeReq(const QString fname, bool pem) { FILE *fp = fopen(QString2filename(fname), "w"); if (fp) { if (request){ if (pem) PEM_write_X509_REQ(fp, request); else i2d_X509_REQ_fp(fp, request); } fclose(fp); pki_openssl_error(); } else fopen_error(fname); }
void RunEaSession(SSL* ssl, void* data) { int rfd, wfd; FILE* rfp; FILE* wfp; SetupFileDescriptors(ssl, &rfd, &rfp, &wfd, &wfp); RsaDevice device = (RsaDevice)data; // Device makes entropy request BIGNUM* v1 = BN_new(); BIGNUM* v2 = BN_new(); BIGNUM* v3 = BN_new(); BIGNUM* v4 = BN_new(); CHECK_CALL(v1); CHECK_CALL(v2); CHECK_CALL(RsaDevice_GenEntropyRequest(device, v1, v2)); PrintTime("Sending commits to EA"); // Send mode flag CHECK_CALL(fprintf(wfp, "%d\n", RSA_CLIENT)); CHECK_CALL(!fflush(wfp)); CHECK_CALL(WriteOneBignum(STRING_COMMIT_X, sizeof(STRING_COMMIT_X), wfp, v1)); CHECK_CALL(WriteOneBignum(STRING_COMMIT_Y, sizeof(STRING_COMMIT_Y), wfp, v2)); CHECK_CALL(!fflush(wfp)); PrintTime("...done"); // Read x', y' from EA PrintTime("Reading entropy from EA"); CHECK_CALL(ReadOneBignum(&v1, rfp, STRING_X_PRIME)); CHECK_CALL(ReadOneBignum(&v2, rfp, STRING_Y_PRIME)); PrintTime("...done"); CHECK_CALL(RsaDevice_SetEntropyResponse(device, v1, v2)); // Send proof to EA ProductEvidence ev; CHECK_CALL(ev); X509_REQ* req = X509_REQ_new(); CHECK_CALL(req); CHECK_CALL(RsaDevice_GenEaSigningRequest(device, req, v1, v2, v3, &ev)); PrintTime("Sending cert to EA"); CHECK_CALL(i2d_X509_REQ_fp(wfp, req)); //fprintf(wfp, "\n"); CHECK_CALL(!fflush(wfp)); CHECK_CALL(WriteOneBignum(STRING_DELTA_X, sizeof(STRING_DELTA_X), wfp, v1)); CHECK_CALL(WriteOneBignum(STRING_DELTA_Y, sizeof(STRING_DELTA_Y), wfp, v2)); CHECK_CALL(WriteOneBignum(STRING_MODULUS_RAND, sizeof(STRING_MODULUS_RAND), wfp, v3)); CHECK_CALL(ProductEvidence_Serialize(ev, wfp)); CHECK_CALL(!fflush(wfp)); PrintTime("...done"); X509_REQ_free(req); ProductEvidence_Free(ev); X509* cert = NULL; PrintTime("Reading cert from EA"); if(!(cert = d2i_X509_fp(rfp, NULL))) { fatal("Could not read X509 response"); } PrintTime("...done"); fclose(rfp); fclose(wfp); BN_clear_free(v1); BN_clear_free(v2); BN_clear_free(v3); BN_clear_free(v4); // Give EA signature back to device CHECK_CALL(RsaDevice_SetEaCertResponse(device, cert)); X509_free(cert); return; }
inline void certificate_request::write_der(file _file) const { error::throw_error_if_not(i2d_X509_REQ_fp(_file.raw(), ptr().get()) != 0); }