/* sqCreateSSL: Creates a new SSL instance. Arguments: None. Returns: SSL handle. */ sqInt sqCreateSSL(void) { sqInt handle = 0; sqSSL *ssl = NULL; SSL_library_init(); SSL_load_error_strings(); ssl = calloc(1, sizeof(sqSSL)); ssl->bioRead = BIO_new(BIO_s_mem()); ssl->bioWrite = BIO_new(BIO_s_mem()); BIO_set_close(ssl->bioRead, BIO_CLOSE); BIO_set_close(ssl->bioWrite, BIO_CLOSE); /* Find a free handle */ for(handle = 1; handle < handleMax; handle++) if(handleBuf[handle] == NULL) break; if(handle >= handleMax) { int i, delta = 100; /* Resize the handle buffer */ handleBuf = realloc(handleBuf, (handleMax+delta)*sizeof(void*)); for(i = handleMax; i < handleMax+delta; i++) handleBuf[i] = NULL; handleMax += delta; } handleBuf[handle] = ssl; return handle; }
bool Server::isKeyForCert(const QSslKey &key, const QSslCertificate &cert) { if (key.isNull() || cert.isNull() || (key.type() != QSsl::PrivateKey)) return false; QByteArray qbaKey = key.toDer(); QByteArray qbaCert = cert.toDer(); X509 *x509 = NULL; EVP_PKEY *pkey = NULL; BIO *mem = NULL; mem = BIO_new_mem_buf(qbaKey.data(), qbaKey.size()); Q_UNUSED(BIO_set_close(mem, BIO_NOCLOSE)); pkey = d2i_PrivateKey_bio(mem, NULL); BIO_free(mem); mem = BIO_new_mem_buf(qbaCert.data(), qbaCert.size()); Q_UNUSED(BIO_set_close(mem, BIO_NOCLOSE)); x509 = d2i_X509_bio(mem, NULL); BIO_free(mem); mem = NULL; if (x509 && pkey && X509_check_private_key(x509, pkey)) { EVP_PKEY_free(pkey); X509_free(x509); return true; } if (pkey) EVP_PKEY_free(pkey); if (x509) X509_free(x509); return false; }
void BIO::setClose(bool closedescriptor) { long l; if (closedescriptor) l = BIO_set_close(itsBIO, BIO_CLOSE); else l = BIO_set_close(itsBIO, BIO_NOCLOSE); if (l != 1) throw StdException("Could not set close mode for BIO"); }
const datetime X509Certificate_OpenSSL::convertX509Date(void* time) const { char* buffer; BIO* out = BIO_new(BIO_s_mem()); BIO_set_close(out, BIO_CLOSE); ASN1_TIME* asn1_time = reinterpret_cast<ASN1_TIME*>(time); ASN1_TIME_print(out, asn1_time); int sz = BIO_get_mem_data(out, &buffer); char* dest = new char[sz + 1]; dest[sz] = 0; memcpy(dest, buffer, sz); vmime::string t(dest); BIO_free(out); delete dest; if (t.size() > 0) { char month[4] = {0}; char zone[4] = {0}; int day, hour, minute, second, year; int nrconv = sscanf(t.c_str(), "%s %2d %02d:%02d:%02d %d%s", month, &day, &hour, &minute, &second,&year,zone); if (nrconv >= 6) return datetime(year, sg_monthMap.getMonth(vmime::string(month)), day, hour, minute, second); } // let datetime try and parse it return datetime(t); }
void ssl3_init_finished_mac(SSL *s) { if (s->s3->handshake_buffer) BIO_free(s->s3->handshake_buffer); if (s->s3->handshake_dgst) ssl3_free_digest_list(s); s->s3->handshake_buffer=BIO_new(BIO_s_mem()); (void)BIO_set_close(s->s3->handshake_buffer,BIO_CLOSE); }
/* * Converts OpenSSL ASN1_STRING structure into text * * Converts ASN1_STRING into text, converting all the characters into * current database encoding if possible. Any invalid characters are * replaced by question marks. * * Parameter: str - OpenSSL ASN1_STRING structure. Memory managment * of this structure is responsibility of caller. * * Returns Datum, which can be directly returned from a C language SQL * function. */ datum_t ASN1_STRING_to_text(ASN1_STRING *str) { BIO *membuf; size_t size; char nullterm; char *sp; char *dp; text *result; membuf = BIO_new(BIO_s_mem()); (void) BIO_set_close(membuf, BIO_CLOSE); ASN1_STRING_print_ex(membuf, str, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) | ASN1_STRFLGS_UTF8_CONVERT)); /* ensure null termination of the BIO's content */ nullterm = '\0'; BIO_write(membuf, &nullterm, 1); size = BIO_get_mem_data(membuf, &sp); dp = (char *) pg_do_encoding_conversion((unsigned char *) sp, size - 1, PG_UTF8, get_db_encoding()); result = cstring_to_text(dp); if (dp != sp) pfree(dp); BIO_free(membuf); RET_TEXT_P(result); }
/* * Converts OpenSSL ASN1_STRING structure into text * * Converts ASN1_STRING into text, converting all the characters into * current database encoding if possible. Any invalid characters are * replaced by question marks. * * Parameter: str - OpenSSL ASN1_STRING structure. Memory managment * of this structure is responsibility of caller. * * Returns Datum, which can be directly returned from a C language SQL * function. */ Datum ASN1_STRING_to_text(ASN1_STRING *str) { BIO *membuf = NULL; size_t size, outlen; char *sp; char *dp; text *result; membuf = BIO_new(BIO_s_mem()); (void) BIO_set_close(membuf, BIO_CLOSE); ASN1_STRING_print_ex(membuf, str, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) | ASN1_STRFLGS_UTF8_CONVERT)); outlen = 0; BIO_write(membuf, &outlen, 1); size = BIO_get_mem_data(membuf, &sp); dp = (char *) pg_do_encoding_conversion((unsigned char *) sp, size - 1, PG_UTF8, GetDatabaseEncoding()); outlen = strlen(dp); result = palloc(VARHDRSZ + outlen); memcpy(VARDATA(result), dp, outlen); if (dp != sp) pfree(dp); BIO_free(membuf); VARATT_SIZEP(result) = outlen + VARHDRSZ; PG_RETURN_TEXT_P(result); }
/* * Converts OpenSSL ASN1_STRING structure into text * * Converts ASN1_STRING into text, converting all the characters into * current database encoding if possible. Any invalid characters are * replaced by question marks. * * Parameter: str - OpenSSL ASN1_STRING structure. Memory management * of this structure is responsibility of caller. * * Returns Datum, which can be directly returned from a C language SQL * function. */ static Datum ASN1_STRING_to_text(ASN1_STRING *str) { BIO *membuf; size_t size; char nullterm; char *sp; char *dp; text *result; membuf = BIO_new(BIO_s_mem()); (void) BIO_set_close(membuf, BIO_CLOSE); ASN1_STRING_print_ex(membuf, str, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) | ASN1_STRFLGS_UTF8_CONVERT)); /* ensure null termination of the BIO's content */ nullterm = '\0'; BIO_write(membuf, &nullterm, 1); size = BIO_get_mem_data(membuf, &sp); dp = pg_any_to_server(sp, size - 1, PG_UTF8); result = cstring_to_text(dp); if (dp != sp) pfree(dp); BIO_free(membuf); PG_RETURN_TEXT_P(result); }
/** b64encode Encodes raw data in base64. Pass the data and the length of the data. b64encode returns the base64-encoded data as a dynamically allocated char *. */ char *b64encode(char *data, size_t datalen) { BIO *b64, *bmem; BUF_MEM *bptr; char *encoded = NULL; b64 = BIO_new(BIO_f_base64()); bmem = BIO_new(BIO_s_mem()); if(bmem == NULL || b64 == NULL) { print_loc(); io_debug("Calls to libssl failed!\n"); abort(); //I don't think this will ever happen. } bmem = BIO_push(b64, bmem); BIO_write(bmem, data, datalen); BIO_flush(bmem); BIO_get_mem_ptr(bmem, &bptr); BIO_set_close(bmem, BIO_NOCLOSE); safe_malloc(encoded, bptr->length); memcpy(encoded, bptr->data, bptr->length); encoded[bptr->length] = '\0'; BIO_free_all(bmem); BUF_MEM_free(bptr); return encoded; }
/** Encode <b>key</b> in the format used in directory documents; return * a newly allocated string holding the result or NULL on failure. */ static char * key_to_string(EVP_PKEY *key) { BUF_MEM *buf; BIO *b; RSA *rsa = EVP_PKEY_get1_RSA(key); char *result; if (!rsa) return NULL; b = BIO_new(BIO_s_mem()); if (!PEM_write_bio_RSAPublicKey(b, rsa)) { crypto_log_errors(LOG_WARN, "writing public key to string"); return NULL; } BIO_get_mem_ptr(b, &buf); (void) BIO_set_close(b, BIO_NOCLOSE); BIO_free(b); result = tor_malloc(buf->length + 1); memcpy(result, buf->data, buf->length); result[buf->length] = 0; BUF_MEM_free(buf); return result; }
/* * Converts OpenSSL ASN1_STRING structure into text * * Converts ASN1_STRING into text, converting all the characters into * current database encoding if possible. Any invalid characters are * replaced by question marks. * * Parameter: str - OpenSSL ASN1_STRING structure. Memory management * of this structure is responsibility of caller. * * Returns Datum, which can be directly returned from a C language SQL * function. */ static Datum ASN1_STRING_to_text(ASN1_STRING *str) { BIO *membuf; size_t size; char nullterm; char *sp; char *dp; text *result; membuf = BIO_new(BIO_s_mem()); if (membuf == NULL) ereport(ERROR, (errcode(ERRCODE_OUT_OF_MEMORY), errmsg("could not create OpenSSL BIO structure"))); (void) BIO_set_close(membuf, BIO_CLOSE); ASN1_STRING_print_ex(membuf, str, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) | ASN1_STRFLGS_UTF8_CONVERT)); /* ensure null termination of the BIO's content */ nullterm = '\0'; BIO_write(membuf, &nullterm, 1); size = BIO_get_mem_data(membuf, &sp); dp = pg_any_to_server(sp, size - 1, PG_UTF8); result = cstring_to_text(dp); if (dp != sp) pfree(dp); if (BIO_free(membuf) != 1) elog(ERROR, "could not free OpenSSL BIO structure"); PG_RETURN_TEXT_P(result); }
Settings::KeyPair CertWizard::importCert(QByteArray data, const QString &pw) { X509 *x509 = NULL; EVP_PKEY *pkey = NULL; PKCS12 *pkcs = NULL; BIO *mem = NULL; STACK_OF(X509) *certs = NULL; Settings::KeyPair kp; int ret = 0; mem = BIO_new_mem_buf(data.data(), data.size()); Q_UNUSED(BIO_set_close(mem, BIO_NOCLOSE)); pkcs = d2i_PKCS12_bio(mem, NULL); if (pkcs) { ret = PKCS12_parse(pkcs, NULL, &pkey, &x509, &certs); if (pkcs && !pkey && !x509 && ! pw.isEmpty()) { if (certs) { if (ret) sk_X509_free(certs); certs = NULL; } ret = PKCS12_parse(pkcs, pw.toUtf8().constData(), &pkey, &x509, &certs); } if (pkey && x509 && X509_check_private_key(x509, pkey)) { unsigned char *dptr; QByteArray key, crt; key.resize(i2d_PrivateKey(pkey, NULL)); dptr=reinterpret_cast<unsigned char *>(key.data()); i2d_PrivateKey(pkey, &dptr); crt.resize(i2d_X509(x509, NULL)); dptr=reinterpret_cast<unsigned char *>(crt.data()); i2d_X509(x509, &dptr); QSslCertificate qscCert = QSslCertificate(crt, QSsl::Der); QSslKey qskKey = QSslKey(key, QSsl::Rsa, QSsl::Der); QList<QSslCertificate> qlCerts; qlCerts << qscCert; if (certs) { for (int i=0;i<sk_X509_num(certs);++i) { X509 *c = sk_X509_value(certs, i); crt.resize(i2d_X509(c, NULL)); dptr=reinterpret_cast<unsigned char *>(crt.data()); i2d_X509(c, &dptr); QSslCertificate cert = QSslCertificate(crt, QSsl::Der); qlCerts << cert; } } bool valid = ! qskKey.isNull(); foreach(const QSslCertificate &cert, qlCerts) valid = valid && ! cert.isNull(); if (valid) kp = Settings::KeyPair(qlCerts, qskKey); } }
BIO *neo4j_openssl_new_bio(BIO *delegate, const char *hostname, int port, const neo4j_config_t *config, uint_fast32_t flags) { neo4j_logger_t *logger = neo4j_get_logger(config, "tls"); SSL_CTX *ctx = new_ctx(config, logger); if (ctx == NULL) { return NULL; } BIO *ssl_bio = BIO_new_ssl(ctx, 1); if (ssl_bio == NULL) { errno = openssl_error(logger, NEO4J_LOG_ERROR, __FILE__, __LINE__); SSL_CTX_free(ctx); goto failure; } SSL_CTX_free(ctx); BIO_push(ssl_bio, delegate); if (BIO_set_close(ssl_bio, BIO_CLOSE) != 1) { errno = openssl_error(logger, NEO4J_LOG_ERROR, __FILE__, __LINE__); goto failure; } int result = BIO_do_handshake(ssl_bio); if (result != 1) { if (result == 0) { errno = NEO4J_NO_SERVER_TLS_SUPPORT; goto failure; } errno = openssl_error(logger, NEO4J_LOG_ERROR, __FILE__, __LINE__); goto failure; } SSL *ssl = NULL; BIO_get_ssl(ssl_bio, &ssl); assert(ssl != NULL); if (verify(ssl, hostname, port, config, flags, logger)) { goto failure; } return ssl_bio; int errsv; failure: errsv = errno; BIO_free(ssl_bio); errno = errsv; return NULL; }
/* * Equivalent of X509_NAME_oneline that respects encoding * * This function converts X509_NAME structure to the text variable * converting all textual data into current database encoding. * * Parameter: X509_NAME *name X509_NAME structure to be converted * * Returns: text datum which contains string representation of * X509_NAME */ static Datum X509_NAME_to_text(X509_NAME *name) { BIO *membuf = BIO_new(BIO_s_mem()); int i, nid, count = X509_NAME_entry_count(name); X509_NAME_ENTRY *e; ASN1_STRING *v; const char *field_name; size_t size; char nullterm; char *sp; char *dp; text *result; if (membuf == NULL) ereport(ERROR, (errcode(ERRCODE_OUT_OF_MEMORY), errmsg("could not create OpenSSL BIO structure"))); (void) BIO_set_close(membuf, BIO_CLOSE); for (i = 0; i < count; i++) { e = X509_NAME_get_entry(name, i); nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(e)); if (nid == NID_undef) ereport(ERROR, (errcode(ERRCODE_INVALID_PARAMETER_VALUE), errmsg("could not get NID for ASN1_OBJECT object"))); v = X509_NAME_ENTRY_get_data(e); field_name = OBJ_nid2sn(nid); if (field_name == NULL) field_name = OBJ_nid2ln(nid); if (field_name == NULL) ereport(ERROR, (errcode(ERRCODE_INVALID_PARAMETER_VALUE), errmsg("could not convert NID %d to an ASN1_OBJECT structure", nid))); BIO_printf(membuf, "/%s=", field_name); ASN1_STRING_print_ex(membuf, v, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) | ASN1_STRFLGS_UTF8_CONVERT)); } /* ensure null termination of the BIO's content */ nullterm = '\0'; BIO_write(membuf, &nullterm, 1); size = BIO_get_mem_data(membuf, &sp); dp = pg_any_to_server(sp, size - 1, PG_UTF8); result = cstring_to_text(dp); if (dp != sp) pfree(dp); if (BIO_free(membuf) != 1) elog(ERROR, "could not free OpenSSL BIO structure"); PG_RETURN_TEXT_P(result); }
int ssl3_init_finished_mac(SSL *s) { BIO_free(s->s3->handshake_buffer); ssl3_free_digest_list(s); s->s3->handshake_buffer = BIO_new(BIO_s_mem()); if (s->s3->handshake_buffer == NULL) { return 0; } BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE); return 1; }
/* * Equivalent of X509_NAME_oneline that respects encoding * * This function converts X509_NAME structure to the text variable * converting all textual data into current database encoding. * * Parameter: X509_NAME *name X509_NAME structure to be converted * * Returns: text datum which contains string representation of * X509_NAME */ Datum X509_NAME_to_text(X509_NAME *name) { BIO *membuf = BIO_new(BIO_s_mem()); int i, nid, count = X509_NAME_entry_count(name); X509_NAME_ENTRY *e; ASN1_STRING *v; const char *field_name; size_t size, outlen; char *sp; char *dp; text *result; (void) BIO_set_close(membuf, BIO_CLOSE); for (i = 0; i < count; i++) { e = X509_NAME_get_entry(name, i); nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(e)); v = X509_NAME_ENTRY_get_data(e); field_name = OBJ_nid2sn(nid); if (!field_name) field_name = OBJ_nid2ln(nid); BIO_printf(membuf, "/%s=", field_name); ASN1_STRING_print_ex(membuf, v, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) | ASN1_STRFLGS_UTF8_CONVERT)); } i = 0; BIO_write(membuf, &i, 1); size = BIO_get_mem_data(membuf, &sp); dp = (char *) pg_do_encoding_conversion((unsigned char *) sp, size - 1, PG_UTF8, GetDatabaseEncoding()); BIO_free(membuf); outlen = strlen(dp); result = palloc(VARHDRSZ + outlen); memcpy(VARDATA(result), dp, outlen); /* * pg_do_encoding_conversion has annoying habit of returning source * pointer */ if (dp != sp) pfree(dp); VARATT_SIZEP(result) = outlen + VARHDRSZ; PG_RETURN_TEXT_P(result); }
/* * Convert bytea to X509. */ static X509 * x509_from_bytea(const bytea *raw) { BIO *bio; X509 *cert; // convert into X509 bio = BIO_new_mem_buf(VARDATA(raw), VARSIZE(raw) - VARHDRSZ); BIO_set_close(bio, BIO_NOCLOSE); cert = X509_new(); d2i_X509_bio(bio, &cert); BIO_free(bio); return cert; }
void pki_write_certificate_in_mem(X509 *certificate, char **certificate_ptr, long *size) { BIO *bio_mem = NULL; bio_mem = BIO_new(BIO_s_mem()); PEM_write_bio_X509(bio_mem, certificate); *size = BIO_get_mem_data(bio_mem, certificate_ptr); *(*certificate_ptr + *size) = '\0'; (void)BIO_set_close(bio_mem, BIO_NOCLOSE); BIO_free(bio_mem); }
int ssl3_init_finished_mac(SSL *s) { BIO *buf = BIO_new(BIO_s_mem()); if (buf == NULL) { SSLerr(SSL_F_SSL3_INIT_FINISHED_MAC, ERR_R_MALLOC_FAILURE); return 0; } ssl3_free_digest_list(s); s->s3->handshake_buffer = buf; (void)BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE); return 1; }
void pki_write_privatekey_in_mem(EVP_PKEY *privatekey, char **privatekey_ptr, long *size) { BIO *bio_mem = NULL; bio_mem = BIO_new(BIO_s_mem()); PEM_write_bio_PrivateKey(bio_mem, privatekey, NULL, NULL, 0, 0, NULL); *size = BIO_get_mem_data(bio_mem, privatekey_ptr); *(*privatekey_ptr + *size) = '\0'; (void)BIO_set_close(bio_mem, BIO_NOCLOSE); BIO_free(bio_mem); }
void X509Certificate_OpenSSL::write (utility::outputStream& os, const Format format) const { BIO* membio = 0; int dataSize = 0; unsigned char* out = 0; if (format == FORMAT_DER) { if ((dataSize = i2d_X509(m_data->cert, &out)) < 0) goto err; os.write(reinterpret_cast <utility::stream::value_type*>(out), dataSize); os.flush(); OPENSSL_free(out); } else if (format == FORMAT_PEM) { membio = BIO_new(BIO_s_mem()); BIO_set_close(membio, BIO_CLOSE); if (!PEM_write_bio_X509(membio, m_data->cert)) goto pem_err; dataSize = BIO_get_mem_data(membio, &out); os.write(reinterpret_cast <utility::stream::value_type*>(out), dataSize); os.flush(); BIO_vfree(membio); } else { throw vmime::exceptions::unsupported_certificate_type("Unknown cert type"); } return; // #### Early Return #### pem_err: { if (membio) BIO_vfree(membio); } err: { char errstr[256]; long ec = ERR_get_error(); ERR_error_string(ec, errstr); throw vmime::exceptions::certificate_exception( "OpenSSLX509Certificate_OpenSSL::write exception - " + string(errstr)); } }
int Base64Encode(unsigned char **dest, const char *src, unsigned int slen){ BIO *bio, *b64; BUF_MEM *bufferPtr; int numBytesEncoded = 0; b64 = BIO_new(BIO_f_base64()); if (!b64) return 0; bio = BIO_new(BIO_s_mem()); if (!bio) return 0; bio = BIO_push(b64, bio); if (!bio) return 0; BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); if (BIO_write(bio, src, slen - 1) <= 0){ if (bio) BIO_free_all(bio); return 0; } if (1 != BIO_flush(bio)) { if (bio) BIO_free_all(bio); return 0; } BIO_get_mem_ptr(bio, &bufferPtr); BIO_set_close(bio, BIO_NOCLOSE); if (bio) BIO_free_all(bio); // *dest = (char *)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, (*bufferPtr).length + 1); *dest = (char *)malloc((*bufferPtr).length + 1); if (*dest == NULL) return false; (*bufferPtr).data[(*bufferPtr).length] = '\0'; //strncpy_s(*dest, (*bufferPtr).length + 1, (*bufferPtr).data, (*bufferPtr).length); strncpy(*dest, (*bufferPtr).data, (*bufferPtr).length + 1); numBytesEncoded = (*bufferPtr).length + 1; if (bufferPtr) { free(bufferPtr); bufferPtr = NULL; } return numBytesEncoded; }
char *base64encode (const void *b64_encode_this, int encode_this_many_bytes){ BIO *b64_bio, *mem_bio; //Declares two OpenSSL BIOs: a base64 filter and a memory BIO. BUF_MEM *mem_bio_mem_ptr; //Pointer to a "memory BIO" structure holding our base64 data. b64_bio = BIO_new(BIO_f_base64()); //Initialize our base64 filter BIO. mem_bio = BIO_new(BIO_s_mem()); //Initialize our memory sink BIO. BIO_push(b64_bio, mem_bio); //Link the BIOs by creating a filter-sink BIO chain. BIO_set_flags(b64_bio, BIO_FLAGS_BASE64_NO_NL); //No newlines every 64 characters or less. BIO_write(b64_bio, b64_encode_this, encode_this_many_bytes); //Records base64 encoded data. BIO_flush(b64_bio); //Flush data. Necessary for b64 encoding, because of pad characters. BIO_get_mem_ptr(mem_bio, &mem_bio_mem_ptr); //Store address of mem_bio's memory structure. BIO_set_close(mem_bio, BIO_NOCLOSE); //Permit access to mem_ptr after BIOs are destroyed. BIO_free_all(b64_bio); //Destroys all BIOs in chain, starting with b64 (i.e. the 1st one). BUF_MEM_grow(mem_bio_mem_ptr, (*mem_bio_mem_ptr).length + 1); //Makes space for end null. (*mem_bio_mem_ptr).data[(*mem_bio_mem_ptr).length] = '\0'; //Adds null-terminator to tail. return (*mem_bio_mem_ptr).data; //Returns base-64 encoded data. (See: "buf_mem_st" struct). }
const byteArray X509Certificate_OpenSSL::getFingerprint(const DigestAlgorithm algo) const { BIO *out; int j; unsigned int n; const EVP_MD *digest; unsigned char * fingerprint, *result; unsigned char md[EVP_MAX_MD_SIZE]; switch (algo) { case DIGEST_MD5: digest = EVP_md5(); break; default: case DIGEST_SHA1: digest = EVP_sha1(); break; } out = BIO_new(BIO_s_mem()); BIO_set_close(out, BIO_CLOSE); if (X509_digest(m_data->cert, digest, md, &n)) { for (j=0; j<(int)n; j++) { BIO_printf (out, "%02X",md[j]); if (j+1 != (int)n) BIO_printf(out, ":"); } } n = BIO_get_mem_data(out, &fingerprint); result = new unsigned char[n]; memcpy (result, fingerprint, n); BIO_free(out); byteArray res; res.insert(res.end(), &result[0], &result[0] + n); delete [] result; return res; }
// Adds a buffer containing one or more PEM-encoded // root certificates to the X509PEMVerifier. // // If the certificate (or one of the certificates) could not be // parsed AddPEM will return immediately, resulting in all of the // certificates up to the bad certicate being added to the verifier. bool X509PEMVerifier::AddPEM(const ByteArray &buf) { BIO *mem = BIO_new_mem_buf(static_cast<void *>(const_cast<char *>(buf.ConstData())), buf.Length()); (void) BIO_set_close(mem, BIO_NOCLOSE); int ncerts = 0; while (1) { X509 *x = PEM_read_bio_X509_AUX(mem, nullptr, nullptr, nullptr); if (x == nullptr) { return false; } X509_STORE_add_cert(store_, x); X509_free(x); ncerts++; } return true; }
/* * Equivalent of X509_NAME_oneline that respects encoding * * This function converts X509_NAME structure to the text variable * converting all textual data into current database encoding. * * Parameter: X509_NAME *name X509_NAME structure to be converted * * Returns: text datum which contains string representation of * X509_NAME */ datum_t X509_NAME_to_text(X509_NAME *name) { BIO *membuf = BIO_new(BIO_s_mem()); int i, nid, count = X509_NAME_entry_count(name); X509_NAME_ENTRY *e; ASN1_STRING *v; const char *field_name; size_t size; char nullterm; char *sp; char *dp; text *result; (void) BIO_set_close(membuf, BIO_CLOSE); for (i = 0; i < count; i++) { e = X509_NAME_get_entry(name, i); nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(e)); v = X509_NAME_ENTRY_get_data(e); field_name = OBJ_nid2sn(nid); if (!field_name) field_name = OBJ_nid2ln(nid); BIO_printf(membuf, "/%s=", field_name); ASN1_STRING_print_ex(membuf, v, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) | ASN1_STRFLGS_UTF8_CONVERT)); } /* ensure null termination of the BIO's content */ nullterm = '\0'; BIO_write(membuf, &nullterm, 1); size = BIO_get_mem_data(membuf, &sp); dp = (char *) pg_do_encoding_conversion((unsigned char *) sp, size - 1, PG_UTF8, get_db_encoding()); result = cstring_to_text(dp); if (dp != sp) pfree(dp); BIO_free(membuf); RET_TEXT_P(result); }
/* * Convert an X509 subject name to a cstring. * */ static char * X509_NAME_to_cstring(X509_NAME *name) { BIO *membuf = BIO_new(BIO_s_mem()); int i, nid, count = X509_NAME_entry_count(name); X509_NAME_ENTRY *e; ASN1_STRING *v; const char *field_name; size_t size; char nullterm; char *sp; char *dp; char *result; (void) BIO_set_close(membuf, BIO_CLOSE); for (i = 0; i < count; i++) { e = X509_NAME_get_entry(name, i); nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(e)); v = X509_NAME_ENTRY_get_data(e); field_name = OBJ_nid2sn(nid); if (!field_name) field_name = OBJ_nid2ln(nid); BIO_printf(membuf, "/%s=", field_name); ASN1_STRING_print_ex(membuf, v, ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB) | ASN1_STRFLGS_UTF8_CONVERT)); } /* ensure null termination of the BIO's content */ nullterm = '\0'; BIO_write(membuf, &nullterm, 1); size = BIO_get_mem_data(membuf, &sp); dp = pg_any_to_server(sp, size - 1, PG_UTF8); result = pstrdup(dp); if (dp != sp) pfree(dp); BIO_free(membuf); return result; }
static LUA_FUNCTION(openssl_bio_new_mem) { size_t l = 0; BIO *bio = BIO_new(BIO_s_mem()); if (lua_isnumber(L, 1)) { l = lua_tointeger(L, 1); BIO_set_buffer_size(bio, l); } else if (lua_isstring(L, 1)) { const char* d = (char*)luaL_checklstring(L, 1, &l); BIO_write(bio, d, l); } BIO_set_close(bio, BIO_CLOSE); PUSH_OBJECT(bio, "openssl.bio"); return 1; }
char* encode_base64(unsigned char* data, size_t length) { BIO *bmem, *b64; BUF_MEM *bufmem; b64 = BIO_new(BIO_f_base64()); bmem = BIO_new(BIO_s_mem()); b64 = BIO_push(b64, bmem); BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); BIO_write(b64, data, length); BIO_flush(b64); BIO_get_mem_ptr(b64, &bufmem); BIO_set_close(b64, BIO_NOCLOSE); BIO_free_all(b64); return bufmem->data; }
int Base64Encode(const unsigned char* buffer, size_t length, char** b64text) { //Encodes a binary safe base 64 string BIO *bio, *b64; BUF_MEM *bufferPtr; b64 = BIO_new(BIO_f_base64()); bio = BIO_new(BIO_s_mem()); bio = BIO_push(b64, bio); BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); //Ignore newlines - write everything in one line BIO_write(bio, buffer, length); BIO_flush(bio); BIO_get_mem_ptr(bio, &bufferPtr); BIO_set_close(bio, BIO_NOCLOSE); BIO_free_all(bio); *b64text=(*bufferPtr).data; return (0); //success }