예제 #1
0
RSA *svRSAKey::Duplicate(void)
{
	if (type == svRSA_TYPE_PUBLIC)
		return RSAPublicKey_dup(key);
	else if (type == svRSA_TYPE_PRIVATE)
		return RSAPrivateKey_dup(key);
	return NULL;
}
예제 #2
0
TAO_BEGIN_VERSIONED_NAMESPACE_DECL

::EVP_PKEY *
TAO::SSLIOP::OpenSSL_traits< ::EVP_PKEY >::copy (::EVP_PKEY const & key)
{
  ::EVP_PKEY * pkey = const_cast< ::EVP_PKEY *> (&key);

  // We're using the EVP_PKEY_var even though it depends on this
  // trait function.  This works since we're not actually using
  // any of the EVP_PKEY_var methods that call this copy()
  // trait.  This allows us to maintain exception safety.
  TAO::SSLIOP::EVP_PKEY_var p = ::EVP_PKEY_new ();

  switch (::EVP_PKEY_type (pkey->type))
    {
    case EVP_PKEY_RSA:
      {
        RSA * rsa = ::EVP_PKEY_get1_RSA (pkey);
        if (rsa != 0)
          {
            // Not exception safe!
            ::EVP_PKEY_set1_RSA (p.in (), RSAPrivateKey_dup (rsa));
            ::RSA_free (rsa);
          }
      }
      break;

    case EVP_PKEY_DSA:
      {
        DSA * dsa = ::EVP_PKEY_get1_DSA (pkey);
        if (dsa != 0)
          {
            // Not exception safe!
            ::EVP_PKEY_set1_DSA (p.in (), DSAPARAMS_DUP_WRAPPER_NAME (dsa));
            ::DSA_free (dsa);
          }
      }
      break;

    case EVP_PKEY_DH:
      {
        DH * dh = ::EVP_PKEY_get1_DH (pkey);
        if (dh != 0)
          {
            // Not exception safe!
            ::EVP_PKEY_set1_DH (p.in (), DHPARAMS_DUP_WRAPPER_NAME (dh));
            ::DH_free (dh);
          }
      }
      break;

    default:
      // We should never get here!
      return 0;
    }

  return p._retn ();
}
예제 #3
0
static bool generate_keys(ScopedEVP_PKEY &private_key_out,
                          ScopedEVP_PKEY &public_key_out)
{
    ScopedEVP_PKEY private_key(EVP_PKEY_new(), EVP_PKEY_free);
    ScopedEVP_PKEY public_key(EVP_PKEY_new(), EVP_PKEY_free);
    ScopedRSA rsa(RSA_new(), RSA_free);
    ScopedBIGNUM e(BN_new(), BN_free);

    if (!private_key) {
        LOGE("Failed to allocate private key");
        openssl_log_errors();
        return false;
    }

    if (!public_key) {
        LOGE("Failed to allocate public key");
        openssl_log_errors();
        return false;
    }

    if (!rsa) {
        LOGE("Failed to allocate RSA");
        openssl_log_errors();
        return false;
    }

    if (!e) {
        LOGE("Failed to allocate BIGNUM");
        openssl_log_errors();
        return false;
    }

    BN_set_word(e.get(), RSA_F4);

    if (RSA_generate_key_ex(rsa.get(), 2048, e.get(), nullptr) < 0) {
        LOGE("RSA_generate_key_ex() failed");
        openssl_log_errors();
        return false;
    }

    if (!EVP_PKEY_assign_RSA(private_key.get(), RSAPrivateKey_dup(rsa.get()))) {
        LOGE("EVP_PKEY_assign_RSA() failed for private key");
        openssl_log_errors();
        return false;
    }

    if (!EVP_PKEY_assign_RSA(public_key.get(), RSAPublicKey_dup(rsa.get()))) {
        LOGE("EVP_PKEY_assign_RSA() failed for public key");
        openssl_log_errors();
        return false;
    }

    private_key_out = std::move(private_key);
    public_key_out = std::move(public_key);
    return true;
}
예제 #4
0
static EVP_PKEY* ssls_dup_PrivateRSA_ENV_PKEY( EVP_PKEY* src )
{
	EVP_PKEY* pDupKey = EVP_PKEY_new();
	RSA* pRSA = EVP_PKEY_get1_RSA(src);
	RSA* pRSADupKey = RSAPrivateKey_dup(pRSA);
	RSA_free(pRSA);
	EVP_PKEY_set1_RSA(pDupKey, pRSADupKey);
	RSA_free(pRSADupKey);
	return(pDupKey);
}
예제 #5
0
static RSA *
generate_key(int bits)
{
  RSA *rsa = NULL;
  crypto_pk_t *env = crypto_pk_new();
  if (crypto_pk_generate_key_with_bits(env,bits)<0)
    goto done;
  rsa = _crypto_pk_get_rsa(env);
  rsa = RSAPrivateKey_dup(rsa);
 done:
  crypto_pk_free(env);
  return rsa;
}
예제 #6
0
        RSAKey RSAKey::createFromRaw(RSA* raw, bool has_private_key)
        {
            std::shared_ptr<RSA> sprsa;

            if (has_private_key)
            {
                sprsa.reset(RSAPrivateKey_dup(raw), RSA_free);
            }
            else
            {
                sprsa.reset(RSAPublicKey_dup(raw), RSA_free);
            }

            return RSAKey(sprsa, has_private_key);
        }
예제 #7
0
int generateKeysRSA(EVP_PKEY** privKey, EVP_PKEY** pubKey){
	RSA* rsa =  NULL;
	if(privKey == NULL || pubKey == NULL)
		return 0;

	*privKey = EVP_PKEY_new();
	if(*privKey == NULL){
		printf("ERR EVP_PKEY_new\n");
		return 0;
	}

	*pubKey = EVP_PKEY_new();
	if(*pubKey == NULL){
		printf("ERR EVP_PKEY_new\n");
		return 0;
	}
	
	rsa = RSA_generate_key(2048, RSA_F4, NULL, NULL);
	
	if(rsa == NULL){
		printf("ERR RSA_generate_key\n");
		return 0;		
	}
	
	if(1 != EVP_PKEY_assign_RSA(*privKey, 
						RSAPrivateKey_dup(rsa))){
		
		printf("ERR EVP_PKEY_assign_RSA\n");
		return 0;
	}

	if(1 != EVP_PKEY_assign_RSA(*pubKey, 
						RSAPublicKey_dup(rsa))){
		
		printf("ERR EVP_PKEY_assign_RSA\n");
		return 0;
	}
	return 1;
}
예제 #8
0
파일: key_utils.c 프로젝트: cawka/PyNDN
int
ndn_keypair(int public_only, struct ndn_pkey *private_key,
            PyObject **py_private_key_ndn, PyObject **py_public_key_ndn)
{
	struct ndn_pkey *public_key = NULL;
	struct ndn_pkey *private_key_copy = NULL;
	PyObject *py_private_key = NULL, *py_public_key = NULL;
	unsigned int err;
	int r;

	if (!public_only && py_private_key_ndn) {
                private_key_copy = (struct ndn_pkey *) EVP_PKEY_new();
                JUMP_IF_NULL(private_key_copy, openssl_error);

                py_private_key = NDNObject_New(PKEY_PRIV, private_key_copy);
		JUMP_IF_NULL(py_private_key, error);
                
                RSA *private_key_rsa = EVP_PKEY_get1_RSA ((EVP_PKEY *)private_key);
                JUMP_IF_NULL(private_key_rsa, openssl_error);
                
                RSA* private_key_rsa_copy = RSAPrivateKey_dup (private_key_rsa);
                JUMP_IF_NULL(private_key_rsa_copy, openssl_error);
                
		r = EVP_PKEY_set1_RSA((EVP_PKEY *) private_key_copy, private_key_rsa_copy);
		RSA_free(private_key_rsa_copy);
		JUMP_IF_NULL(r, error);
	}

	if (py_public_key_ndn) {
		public_key = (struct ndn_pkey *) EVP_PKEY_new();
		JUMP_IF_NULL(public_key, openssl_error);

		py_public_key = NDNObject_New(PKEY_PUB, public_key);
		JUMP_IF_NULL(py_public_key, error);

                RSA *private_key_rsa = EVP_PKEY_get1_RSA ((EVP_PKEY *)private_key);
                JUMP_IF_NULL(private_key_rsa, openssl_error);
                
                RSA* public_key_rsa = RSAPublicKey_dup (private_key_rsa);
                JUMP_IF_NULL(public_key_rsa, openssl_error);

		r = EVP_PKEY_set1_RSA((EVP_PKEY *) public_key, public_key_rsa);
		RSA_free(public_key_rsa);
		JUMP_IF_NULL(r, error);
	}

	if (py_private_key_ndn) {
		*py_private_key_ndn = public_only ? (Py_INCREF(Py_None), Py_None) :
				py_private_key;
	}

	if (py_public_key_ndn)
		*py_public_key_ndn = py_public_key;

	return 0;

openssl_error:
	err = ERR_get_error();
	PyErr_Format(g_PyExc_NDNKeyError, "Unable to generate keypair from the key:"
			" %s", ERR_reason_error_string(err));
error:
	if (!py_public_key && public_key)
		ndn_pubkey_free(public_key);
	Py_XDECREF(py_public_key);
	Py_XDECREF(py_private_key);
	return -1;
}
예제 #9
0
EVP_PKEY *
EVP_PKEY_dup(EVP_PKEY *key)
{
    EVP_PKEY *out = NULL;
    DH *dh_in = NULL, *dh_out = NULL;
    EC_KEY *ec_in = NULL, *ec_out = NULL;
    RSA *rsa_in = NULL, *rsa_out = NULL;

    check(key, "Invalid arguments");

    out = EVP_PKEY_new();

    if (!out)
        goto err;

    switch (EVP_PKEY_base_id(key)) {
        case EVP_PKEY_DH:
            dh_in = EVP_PKEY_get1_DH(key);
            if (!dh_in)
                goto err;

            dh_out = DHparams_dup_with_q(dh_in);
            if (!dh_out)
                goto err;

            EVP_PKEY_set1_DH(out, dh_out);
            DH_free(dh_out);
            DH_free(dh_in);
            break;

        case EVP_PKEY_EC:
            ec_in = EVP_PKEY_get1_EC_KEY(key);
            if (!ec_in)
                goto err;

            ec_out = EC_KEY_dup(ec_in);
            if (!ec_out)
                goto err;

            EVP_PKEY_set1_EC_KEY(out, ec_out);
            EC_KEY_free(ec_out);
            EC_KEY_free(ec_in);
            break;

        case EVP_PKEY_RSA:
            rsa_in = EVP_PKEY_get1_RSA(key);
            if (!rsa_in)
                goto err;

            rsa_out = RSAPrivateKey_dup(rsa_in);
            if (!rsa_out)
                goto err;

            EVP_PKEY_set1_RSA(out, rsa_out);
            RSA_free(rsa_out);
            RSA_free(rsa_in);
            break;

        default:
            log_err("Unknown protocol");
            goto err;
    }

    return out;

err:
    if (dh_in)
        DH_free(dh_in);
    if (ec_in)
        EC_KEY_free(ec_in);
    if (rsa_in)
        RSA_free(rsa_in);

    return NULL;
}
예제 #10
0
void Key::generateNewKey(string publicKeyFile, string privateKeyFile)
{
    priName = privateKeyFile;
    pubName = publicKeyFile;
    
    RSA *rsa = RSA_generate_key(LENGTH, RSA_F4, NULL, NULL);
    if (rsa == NULL) {
        cout << "RSA_generate_key Error!" << endl;
        return ;
    }
    
    BIO *priBio = BIO_new_file(privateKeyFile.c_str(), "w");
    if (PEM_write_bio_RSAPrivateKey(priBio, rsa, NULL, NULL, 0, NULL, NULL) <= 0) {
        cout << "Save to private key file error!" << endl;
    }
    
    BIO *pubBio = BIO_new_file(publicKeyFile.c_str(), "w");
    if (PEM_write_bio_RSAPublicKey(pubBio, rsa) <= 0) {
        cout << "Save to public key file error!" << endl;
    }
    
    BIO_free(priBio);
    BIO_free(pubBio);
    
//    FILE *priFile = fopen(privateKeyFile.c_str(), "w+");
//    if (PEM_write_RSAPrivateKey(priFile, rsa, EVP_des_ede3_ofb(), NULL, NULL, NULL, NULL) <= 0) {
//        cout << "Save to private key file error!" << endl;
//    }
//    fclose(priFile);
//    
//    FILE *pubFile = fopen(publicKeyFile.c_str(), "w+");
//    if (PEM_write_RSA_PUBKEY(pubFile, rsa) <= 0) {
//        cout << "Save to public key file error!" << endl;
//    }
//    fclose(pubFile);
//    
//    BIO *bp = BIO_new(BIO_s_file());
//    if (bp == NULL) {
//        cout << "BIO_new Error!" << endl;
//        return ;
//    }
//    if (BIO_write_filename(bp, (void *)publicKeyFile.c_str()) <= 0) {
//        cout << "BIO_write_filename Error!" << endl;
//        return ;
//    }
//    if (PEM_write_bio_RSAPublicKey(bp, rsa) != 1) {
//        cout << "PEM_write_bio_RSAPublicKey Error!" << endl;
//        return ;
//    }
//    cout << "Created Public Key" << endl;
//    
//    bp = BIO_new_file(privateKeyFile.c_str(), "w+");
//    if(NULL == bp) {
//        cout << "BIO_new_file error(private key)!" << endl;
//        return ;
//    }
//    if (PEM_write_bio_RSAPrivateKey(bp, rsa, EVP_des_ede3_ofb(), NULL, NULL, NULL, NULL) != 1) {
//        cout << "PEM_write_bio_RSAPrivateKey Error!" << endl;
//        return ;
//    }
//
//    BIO_free_all(bp);
    this->rsa = rsa;
    privateKey = RSAPrivateKey_dup(rsa);
    publicKey = RSAPublicKey_dup(rsa);
}
예제 #11
0
int make_keys(EVP_PKEY** skey, EVP_PKEY** vkey)
{
    int result = -1;
    
    if(!skey || !vkey)
        return -1;
    
    if(*skey != NULL) {
        EVP_PKEY_free(*skey);
        *skey = NULL;
    }
    
    if(*vkey != NULL) {
        EVP_PKEY_free(*vkey);
        *vkey = NULL;
    }
    
    RSA* rsa = NULL;
    
    do
    {
        *skey = EVP_PKEY_new();
        assert(*skey != NULL);
        if(*skey == NULL) {
            printf("EVP_PKEY_new failed (1), error 0x%lx\n", ERR_get_error());
            break; /* failed */
        }
        
        *vkey = EVP_PKEY_new();
        assert(*vkey != NULL);
        if(*vkey == NULL) {
            printf("EVP_PKEY_new failed (2), error 0x%lx\n", ERR_get_error());
            break; /* failed */
        }
        rsa=readkey("alice.priv",PRIKEY);
        //rsa = RSA_generate_key(2048, RSA_F4, NULL, NULL);
	
       // assert(rsa != NULL);
       // if(rsa == NULL) {
        //    printf("RSA_generate_key failed, error 0x%lx\n", ERR_get_error());
         //   break; /* failed */
        //}
        
        /* Set signing key */
        int rc = EVP_PKEY_assign_RSA(*skey, RSAPrivateKey_dup(rsa));
        assert(rc == 1);
        if(rc != 1) {
            printf("EVP_PKEY_assign_RSA (1) failed, error 0x%lx\n", ERR_get_error());
            break; /* failed */
        }
        
        /* Sanity check. Verify private exponent is present */
        /* assert(EVP_PKEY_get0_RSA(*skey)->d != NULL); */

        /* Set verifier key */
	 RSA *rsa1=readkey("bob.pub",PUBKEY);
        rc = EVP_PKEY_assign_RSA(*vkey, RSAPublicKey_dup(rsa1));
        assert(rc == 1);
        if(rc != 1) {
            printf("EVP_PKEY_assign_RSA (2) failed, error 0x%lx\n", ERR_get_error());
            break; /* failed */
        }
        
        /* Sanity check. Verify private exponent is missing */
        /* assert(EVP_PKEY_get0_RSA(*vkey)->d == NULL); */
        
        result = 0;
        
    } while(0);
    
    if(rsa) {
        RSA_free(rsa);
        rsa = NULL;
    }
    
    return !!result;
}
예제 #12
0
Certificate *Certificate::create(const string subject, const string issuer, const string validity, const Node::Id_t owner, RSA **privKey, size_t keyLength)
{
        Certificate *c = NULL;
	RSA *pubKey, *keyPair;
	
#if HAVE_RSA_GENERATE_KEY_EX
        BIGNUM *e;

        e = BN_new();
        
        if (!e)
                return NULL;

        // The exponent is an odd number, typically 3, 17 or 65537.
        if (BN_set_word(e, 65537) == 0) {
                BN_free(e);
                return NULL;
        }

	keyPair = RSA_new();

        if (!keyPair) {
                BN_free(e);
                return NULL;
        }

	if (RSA_generate_key_ex(keyPair, keyLength, e, NULL) == -1) {
		BN_free(e);
                goto out;
        }
	
        BN_free(e);
#else
	// RSA_generate_key is deprecated, but MacOS X seems to bundle an old version of OpenSSL
	// with only the old function.
	keyPair = RSA_generate_key(keyLength, RSA_F4, NULL, NULL);
	
	if (!keyPair)
		return NULL;
#endif
	*privKey = RSAPrivateKey_dup(keyPair);
	
	if (!*privKey) 
                goto out;
	
	pubKey = RSAPublicKey_dup(keyPair);
	
	if (!pubKey) {
                RSA_free(*privKey);
		*privKey = NULL;
                goto out;
        }
	
        c = new Certificate(subject, issuer, validity, owner, pubKey);
	
	RSA_free(pubKey);
	
        if (!c) {
                RSA_free(*privKey);
        }
out:           
	RSA_free(keyPair);
	
	return c;
}