示例#1
0
/**
 * @ingroup TestOpenssl
 * @brief AES256 암호화 테스트
 */
void AES256( )
{
	const char * pszKey = "12345678901234567890123456789012";
	const char * pszIv = "1234567890123456";
	const char * pszInput = "ABCD";
	char szOutput[255];
	int iOutputLen, iLen;

	OpenSSL_add_all_ciphers();

	const EVP_CIPHER * psttCipher = EVP_get_cipherbyname( "aes256" );
	EVP_CIPHER_CTX sttCtx;

	memset( szOutput, 0, sizeof(szOutput) );

	EVP_CIPHER_CTX_init( &sttCtx );
	EVP_EncryptInit( &sttCtx, psttCipher, (const unsigned char *)pszKey, (const unsigned char *)pszIv );

	EVP_EncryptUpdate( &sttCtx, (uint8_t *)szOutput, &iOutputLen, (uint8_t *)pszInput, strlen(pszInput) );
	EVP_EncryptFinal( &sttCtx, (uint8_t *)szOutput + iOutputLen, &iLen );
	EVP_CIPHER_CTX_cleanup( &sttCtx );

	iOutputLen += iLen;

	for( int i = 0; i < iOutputLen; ++i )
	{
		printf( "%02X", (uint8_t)szOutput[i] );
	}

	printf( "\n" );

	EVP_cleanup();
}
示例#2
0
void SSLSupport::init(void)
{
    pthread_mutex_lock(&s_initLock);
    if (s_initCounter) {
        //already inited, exit
        pthread_mutex_unlock(&s_initLock);
        return;
    }
    ++s_initCounter;

    SSL_load_error_strings();                /* readable error messages */
    SSL_library_init();                      /* initialize library */
    OpenSSL_add_all_ciphers();
    OpenSSL_add_all_digests();
    ERR_load_crypto_strings();
    s_nLocks = CRYPTO_num_locks();

    s_mutexArray = (pthread_mutex_t*) OPENSSL_malloc(s_nLocks * sizeof(pthread_mutex_t));

    for (int i = 0; i < s_nLocks; i++) 
    {
        pthread_mutex_init(&s_mutexArray[i], NULL);
    }

    CRYPTO_set_id_callback(getThreadID);
    CRYPTO_set_locking_callback(lock);

    pthread_mutex_unlock(&s_initLock);
}
示例#3
0
void RSAZCryptor::init()
{
    m_trace_level = 0;
    m_encoding = true;

    bio_err = NULL;
    priv_mem = NULL;
    pub_mem = NULL;
    privkey = NULL;
    pubkey = NULL;
    priv_rsa = NULL;
    pub_rsa = NULL;
    priv_size = 0;
    pub_size = 0;

    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
    bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);

#if defined(_WIN32) || defined(__linux__)
    OpenSSL_add_all_ciphers();
#else
    SSL_library_init();
#endif

    ERR_load_crypto_strings ();

    seed_prng();

    m_keycache = new ZKeyCache();

    m_filesToBeZIP = NULL;

}
示例#4
0
/*
 * Create a DSA security context
 */
isns_security_t *
isns_create_dsa_context(void)
{
	isns_security_t	*ctx;

#if OPENSSL_VERSION_NUMBER < 0x10100000L
	if (!isns_openssl_init) {
		ERR_load_crypto_strings();
		OpenSSL_add_all_algorithms();
		OpenSSL_add_all_ciphers();
		OpenSSL_add_all_digests();
		isns_openssl_init = 1;
	}
#endif

	ctx = isns_calloc(1, sizeof(*ctx));

	ctx->is_name = "DSA";
	ctx->is_type = ISNS_AUTH_TYPE_SHA1_DSA;
	ctx->is_replay_window = isns_config.ic_auth.replay_window;
	ctx->is_timestamp_jitter = isns_config.ic_auth.timestamp_jitter;

	ctx->is_verify = isns_dsasig_verify;
	ctx->is_sign = isns_dsasig_sign;
	ctx->is_load_private = isns_dsasig_load_private_pem;
	ctx->is_load_public = isns_dsasig_load_public_pem;

	isns_debug_auth("Created DSA authentication context\n");
	return ctx;
}
示例#5
0
    int rsa_priv_decrypt(char ** str_out, char *str_in, size_t str_in_sz, char *key_file, char * keypass)
    {
        RSA * priv_key = NULL;
        FILE * priv_key_file;
        
        OpenSSL_add_all_algorithms();
        OpenSSL_add_all_ciphers();
        ERR_load_crypto_strings();
        
        priv_key_file = fopen(key_file, "rb");
        priv_key = PEM_read_RSAPrivateKey(priv_key_file, NULL, NULL, keypass);
        fclose(priv_key_file);

        if (!priv_key) {
            std::cerr << ERR_error_string(ERR_get_error(), NULL) << std::endl;
            return -1;
        }

        int key_size = RSA_size(priv_key);
        unsigned char *ustr_out = (unsigned char *)malloc(key_size);
        
        int len = RSA_private_decrypt(str_in_sz, (unsigned char *)&str_in[0], ustr_out, priv_key, RSA_PKCS1_PADDING);
        
        if (len == -1) {
            std::cerr << "RSA_private_decrypt error (rsa_priv_decrypt)." << std::endl;
            std::cerr << ERR_error_string(ERR_get_error(), NULL) << std::endl;
            return -1;
        }
        
        *str_out = (char *)ustr_out;
        return len;
    }
示例#6
0
int main(int argc, char **argv)
{
	int i;
	char *names[] = {
		"sms4-ecb",
		"sms4-cbc",
		"sms4-cfb",
		"sms4-ofb",
		"sms4-ctr",
	};
	const EVP_CIPHER *cipher;
	
	OpenSSL_add_all_ciphers();

	printf("%s new ciphers:\n\n", OPENSSL_VERSION_TEXT);

	for (i = 0; i < sizeof(names)/sizeof(names[i]); i++) {
		if (!(cipher = EVP_get_cipherbyname(names[i]))) {
			fprintf(stderr, "cipher \"%s\" is not supported\n", names[i]);
			continue;
		}

		printf("  cipher nid : %d\n", EVP_CIPHER_nid(cipher));
		printf(" cipher name : %s\n", EVP_CIPHER_name(cipher));
		printf("  block size : %d\n", EVP_CIPHER_block_size(cipher));
		printf("  key length : %d\n", EVP_CIPHER_key_length(cipher));
		printf("   iv length : %d\n", EVP_CIPHER_iv_length(cipher));
		printf("       flags : 0x%016lx\n", EVP_CIPHER_flags(cipher));
		printf("\n");
	}

	return 0;
}
示例#7
0
文件: sign.c 项目: uggedal/xbps 
static RSA *
load_rsa_key(const char *privkey)
{
	RSA *rsa = NULL;
	char *defprivkey;

	/*
	 * If privkey not set, default to ~/.ssh/id_rsa.
	 */
	if (privkey == NULL)
		defprivkey = xbps_xasprintf("%s/.ssh/id_rsa", getenv("HOME"));
	else
		defprivkey = strdup(privkey);

	ERR_load_crypto_strings();
	OpenSSL_add_all_algorithms();
	OpenSSL_add_all_ciphers();
	OpenSSL_add_all_digests();

	if ((rsa = load_rsa_privkey(defprivkey)) == NULL) {
		fprintf(stderr, "%s: failed to read the RSA privkey\n", _XBPS_RINDEX);
		exit(EXIT_FAILURE);
	}

	return rsa;
}
示例#8
0
文件: rsa.c 项目: HardenedBSD/pkg 
int
rsa_verify_cert(const char *path, unsigned char *key, int keylen,
    unsigned char *sig, int siglen, int fd)
{
	int ret;
	bool need_close = false;
	struct rsa_verify_cbdata cbdata;

	if (fd == -1) {
		if ((fd = open(path, O_RDONLY)) == -1) {
			pkg_emit_errno("fopen", path);
			return (EPKG_FATAL);
		}
		need_close = true;
	}
	(void)lseek(fd, 0, SEEK_SET);

	cbdata.key = key;
	cbdata.keylen = keylen;
	cbdata.sig = sig;
	cbdata.siglen = siglen;

	SSL_load_error_strings();
	OpenSSL_add_all_algorithms();
	OpenSSL_add_all_ciphers();

	ret = pkg_emit_sandbox_call(rsa_verify_cert_cb, fd, &cbdata);
	if (need_close)
		close(fd);

	return (ret);
}
示例#9
0
LIBSSH2_API int libssh2_publickey_is_privatekey(const char *keypath, const char *passphrase)
{
    int       st;
    BIO*      bp;
    EVP_PKEY* pk;

    bp = BIO_new_file(keypath, "r");
    if (bp == NULL) {
        return -1;
    }
    if (!EVP_get_cipherbyname("des")) {
        /* If this cipher isn't loaded it's a pretty good indication that none
         * are.  I have *NO DOUBT* that there's a better way to deal with this
         * ($#&%#$(%$#( Someone buy me an OpenSSL manual and I'll read up on
         * it.
         */
        OpenSSL_add_all_ciphers();
    }
    BIO_reset(bp);
    pk = PEM_read_bio_PrivateKey(bp, NULL, NULL, (void*)passphrase);
    BIO_free(bp);

    if (pk == NULL) {
        /* _libssh2_error(session, */
        /*                LIBSSH2_ERROR_FILE, */
        /*                "Wrong passphrase or invalid/unrecognized " */
        /*                "private key file format"); */
        return -1;
    }

    return 1;
}
示例#10
0
文件: c_all.c 项目: SylvestreG/bitrig 
void
OPENSSL_add_all_algorithms_noconf(void)
{
	OPENSSL_cpuid_setup();
	OpenSSL_add_all_ciphers();
	OpenSSL_add_all_digests();
}
示例#11
0
ENVELOP_API int env_init(IN const char * cert,IN const char * key)
{
	//初始化Openssl
	do { 
		CRYPTO_malloc_init(); 
		OpenSSL_add_all_algorithms();
		OpenSSL_add_all_ciphers();
		OpenSSL_add_all_digests();
		ERR_load_PEM_strings();//TaoNote ,如果不调这个函数,则在读读取PEM时会异常
		ERR_load_crypto_strings(); 
	} while(0);	 

	//检查证书文件是否可用
	if(cert != NULL)
	{
		if(g_pub_key != NULL)
			EVP_PKEY_free(g_pub_key);

		g_pub_key = read_pub_key(cert); 
		if(!g_pub_key)
			return ERR_ENV_CERT_INVALID;
		
		g_pub_key_size = EVP_PKEY_size(g_pub_key);
	}

	//检查私钥文件是否可用
	if(g_prv_key != NULL)
		EVP_PKEY_free(g_prv_key);

	g_prv_key = read_private_key(key);
	if (!g_prv_key)
		return ERR_ENV_KEY_INVALID;

	return 0;
}
示例#12
0
void openssl_init()
{
    OpenSSL_add_all_algorithms();
    OpenSSL_add_all_ciphers();
    OpenSSL_add_all_digests();
    ERR_load_crypto_strings();
}
示例#13
0
文件: pkg_repo.c 项目: dnaeon/pkgng 
int
pkg_repo_verify(const char *path, unsigned char *sig, unsigned int sig_len)
{
	char sha256[SHA256_DIGEST_LENGTH *2 +1];
	char errbuf[1024];
	RSA *rsa = NULL;

	sha256_file(path, sha256);

	SSL_load_error_strings();
	OpenSSL_add_all_algorithms();
	OpenSSL_add_all_ciphers();

	rsa = load_rsa_public_key(pkg_config("PUBKEY"));
	if (rsa == NULL)
		return(EPKG_FATAL);

	if (RSA_verify(NID_sha1, sha256, sizeof(sha256), sig, sig_len, rsa) == 0) {
		pkg_emit_error("%s: %s", pkg_config("PUBKEY"),
					   ERR_error_string(ERR_get_error(), errbuf));
		return (EPKG_FATAL);
	}

	RSA_free(rsa);
	ERR_free_strings();

	return (EPKG_OK);
}
示例#14
0
文件: binapi.c 项目: andemi02/pfs 
apisock *api_connect_ssl(){
  apisock *ret;
  SSL *ssl;
  int sock;
  sock=connect_socket(API_HOST, API_PORT_SSL);
  if (sock==-1)
    return NULL;
  if (!globalctx){
    SSL_library_init();
    OpenSSL_add_all_algorithms();
    OpenSSL_add_all_ciphers();
    SSL_load_error_strings();
    globalctx=SSL_CTX_new(SSLv23_method());
    if (!globalctx)
      return NULL;
  }
  ssl=SSL_new(globalctx);
  if (!ssl){
    close(sock);
    return NULL;
  }
  SSL_set_fd(ssl, sock);
  if (SSL_connect(ssl)!=1){
    SSL_free(ssl);
    close(sock);
    return NULL;
  }
  ret=(apisock *)malloc(sizeof(apisock));
  ret->sock=sock;
  ret->ssl=ssl;
  return ret;
}
示例#15
0
static inline void mailstream_ssl_init(void)
{
#ifdef USE_SSL
  MUTEX_LOCK(&ssl_lock);
#ifndef USE_GNUTLS
  if (!openssl_init_done) {
    #if defined (HAVE_PTHREAD_H) && !defined (WIN32) && defined (USE_SSL) && defined (LIBETPAN_REENTRANT)
      mailstream_openssl_reentrant_setup();
    #endif
    
    SSL_load_error_strings();
    SSL_library_init();
    OpenSSL_add_all_digests();
    OpenSSL_add_all_algorithms();
    OpenSSL_add_all_ciphers();
    
    openssl_init_done = 1;
  }
#else
  if (!gnutls_init_not_required)
    gnutls_global_init();
#endif
  MUTEX_UNLOCK(&ssl_lock);
#endif
}
示例#16
0
文件: ssl.c 项目: 99455125/FreeRDP 
static BOOL CALLBACK _winpr_openssl_initialize(PINIT_ONCE once, PVOID param, PVOID* context)
{
	DWORD flags = param ? *(PDWORD)param : WINPR_SSL_INIT_DEFAULT;

	if (flags & WINPR_SSL_INIT_ALREADY_INITIALIZED)
	{
		return TRUE;
	}

#ifdef WINPR_OPENSSL_LOCKING_REQUIRED

	if (flags & WINPR_SSL_INIT_ENABLE_LOCKING)
	{
		if (!_winpr_openssl_initialize_locking())
		{
			return FALSE;
		}
	}

#endif
	/* SSL_load_error_strings() is void */
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
	SSL_load_error_strings();
	/* SSL_library_init() always returns "1" */
	SSL_library_init();
	OpenSSL_add_all_digests();
	OpenSSL_add_all_ciphers();
#else

	if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
	                     OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
	                     OPENSSL_INIT_ADD_ALL_CIPHERS |
	                     OPENSSL_INIT_ADD_ALL_DIGESTS |
	                     OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL) != 1)
		return FALSE;

#endif
	g_winpr_openssl_initialized_by_winpr = TRUE;

	if (flags & WINPR_SSL_INIT_ENABLE_FIPS)
	{
#if (OPENSSL_VERSION_NUMBER < 0x10001000L)
		WLog_ERR(TAG, "Openssl fips mode ENable not available on openssl versions less than 1.0.1!");
#else
		WLog_DBG(TAG, "Ensuring openssl fips mode is ENabled");

		if (FIPS_mode() != 1)
		{
			if (FIPS_mode_set(1))
				WLog_INFO(TAG, "Openssl fips mode ENabled!");
			else
				WLog_ERR(TAG, "Openssl fips mode ENable failed!");
		}

#endif
	}

	return TRUE;
}
示例#17
0
CHTTPCrypt::CHTTPCrypt()
{
    OpenSSL_add_all_algorithms();
    OpenSSL_add_all_ciphers();
    OpenSSL_add_all_digests();

	retrievePreKey();
}
示例#18
0
文件: onload.c 项目: rOpenSec/openssl 
void R_init_openssl(DllInfo *info) {
    OpenSSL_add_all_digests();
    OpenSSL_add_all_algorithms();
    OpenSSL_add_all_ciphers();
    ERR_load_crypto_strings();
    SSL_load_error_strings();
    SSL_library_init();
}
示例#19
0
void OPENSSL_add_all_algorithms_noconf(void)
	{
	OpenSSL_add_all_ciphers();
	OpenSSL_add_all_digests();
#ifdef __OpenBSD__
	ENGINE_setup_openbsd();
#endif
	}
示例#20
0
int main(void)
{
    CRYPTO_set_mem_debug(1);
    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);

    ERR_load_crypto_strings();
    /* Load up the software EVP_CIPHER and EVP_MD definitions */
    OpenSSL_add_all_ciphers();
    OpenSSL_add_all_digests();

    if (!test_EVP_DigestSignInit()) {
        fprintf(stderr, "EVP_DigestSignInit failed\n");
        return 1;
    }

    if (!test_EVP_DigestVerifyInit()) {
        fprintf(stderr, "EVP_DigestVerifyInit failed\n");
        return 1;
    }

    if (!test_d2i_AutoPrivateKey(kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER),
                                 EVP_PKEY_RSA)) {
        fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyDER) failed\n");
        return 1;
    }

    if (!test_d2i_AutoPrivateKey
        (kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA)) {
        fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyPKCS8) failed\n");
        return 1;
    }

#ifndef OPENSSL_NO_EC
    if (!test_d2i_AutoPrivateKey(kExampleECKeyDER, sizeof(kExampleECKeyDER),
                                 EVP_PKEY_EC)) {
        fprintf(stderr, "d2i_AutoPrivateKey(kExampleECKeyDER) failed\n");
        return 1;
    }

    if (!test_EVP_PKCS82PKEY()) {
        fprintf(stderr, "test_EVP_PKCS82PKEY failed\n");
        return 1;
    }
#endif

    EVP_cleanup();
    CRYPTO_cleanup_all_ex_data();
    ERR_remove_thread_state(NULL);
    ERR_free_strings();
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
    if (CRYPTO_mem_leaks_fp(stderr) <= 0)
        return 1;
#endif

    printf("PASS\n");
    return 0;
}
示例#21
0
ikptr
ikrt_openssl_add_all_ciphers (ikpcb * pcb)
{
#ifdef HAVE_OPENSSL_ADD_ALL_CIPHERS
  OpenSSL_add_all_ciphers();
  return IK_VOID;
#else
  feature_failure(__func__);
#endif
}
示例#22
0
bool Crypto_t::symmetricCipher(const std::vector<unsigned char>& in_buffer, int nid, const std::string& key, const std::string& iv, bool encode, std::vector<unsigned char>& buffer)
{
	// load all cipher modules
	OpenSSL_add_all_ciphers();

	// Select the specific cipher module
	const EVP_CIPHER* cipher = EVP_get_cipherbynid(nid);
	if (!cipher) return false;

	// Each cipher has its own taste for the key and IV. So we need to check if the input key and IV is appropriate
	// for the specific cipher module
	if (key.size() < static_cast<size_t>(EVP_CIPHER_key_length(cipher)) || iv.size() < static_cast<size_t>(EVP_CIPHER_iv_length(cipher)))
	{
		return false;
	}

	EVP_CIPHER_CTX ctx;
	EVP_CIPHER_CTX_init(&ctx);
	EVP_CipherInit_ex(&ctx, cipher, NULL, (const unsigned char*)key.c_str(), (const unsigned char*)iv.c_str(), encode);
	size_t block_size = EVP_CIPHER_block_size(cipher);
	unsigned char* encrypt_buffer = (unsigned char*) malloc(block_size + in_buffer.size());

	// Read the raw buffer and convert to encrypt one. And then collect to the output buffer

	int out_count = 0;
	buffer.clear();
	bool fail = false;

	while (true)
	{
		if (!EVP_CipherUpdate(&ctx, encrypt_buffer, &out_count, &in_buffer[0], in_buffer.size()))
		{
			fail = true;
			break;
		}
		for (int i = 0; i < out_count; i++)
			buffer.push_back(encrypt_buffer[i]);

		// handling the last block
		unsigned char* block = encrypt_buffer + out_count;
		if (!EVP_CipherFinal_ex(&ctx, block, &out_count))
		{
			fail = true;
			break;
		}
		for (int i = 0; i < out_count; i++)
			buffer.push_back(block[i]);
		break;
	}

	// free resource
	free(encrypt_buffer);
	EVP_CIPHER_CTX_cleanup(&ctx);
	return (fail == true) ? (false) : (true);
}
示例#23
0
文件: testevp.c 项目: GDXN/test 
int main(int N, char ** S)
{
    unsigned char key[]= "helloworld" ;
    unsigned char iv[]= "12345678" ;
    char * destp ;
    int iuse, iuse2 ;

    EVP_CIPHER_CTX ctx;

    OpenSSL_add_all_ciphers() ;

    printf("test: (%s) len %zd.\n", test, strlen(test)) ;

    EVP_CIPHER_CTX_init(&ctx) ;

    // encode
    EVP_CipherInit_ex(&ctx, EVP_bf_cbc(), NULL, NULL, NULL, 1);
    EVP_CIPHER_CTX_set_key_length(&ctx, strlen(key));
    EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, -1);

    destp= buffer ;

    EVP_CipherUpdate(&ctx, destp, &iuse, test, strlen(test) +1) ;
    destp += iuse ;
    EVP_CipherFinal_ex(&ctx, destp, &iuse) ;
    destp += iuse ;
    iuse= ( destp - buffer ) ;

    EVP_CIPHER_CTX_cleanup(&ctx);

    // decode
    EVP_CipherInit_ex(&ctx, EVP_bf_cbc(), NULL, NULL, NULL, 0);
    EVP_CIPHER_CTX_set_key_length(&ctx, strlen(key));
    EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, -1);

    destp= buffer2 ;

    EVP_CipherUpdate(&ctx, destp, &iuse2, buffer, iuse ) ;
    destp += iuse2 ;
    EVP_CipherFinal_ex(&ctx, destp, &iuse2) ;
    destp += iuse2 ;
    iuse2= ( destp - buffer2 ) ;

    EVP_CIPHER_CTX_cleanup(&ctx);

    EVP_cleanup() ;

    encode_asc85(printbuf, sizeof(printbuf), test, strlen(test) +1) ;
    printf("SRC: %s\n", printbuf) ;
    encode_asc85(printbuf, sizeof(printbuf), buffer, iuse) ;
    printf("ENC: %s\n", printbuf) ;
    encode_asc85(printbuf, sizeof(printbuf), buffer2, iuse2) ;
    printf("DEC: %s\nout: %s\n", printbuf, buffer2) ;
}
示例#24
0
文件: afc.c 项目: keyidadi/asuwrt 
/* 
功能:初始化OpenSSL 
*/  
void InitOpenSSL()  
{  
    CRYPTO_malloc_init();  
    /* Just load the crypto library error strings, 
    * SSL_load_error_strings() loads the crypto AND the SSL ones */  
    /* SSL_load_error_strings();*/  
    ERR_load_crypto_strings();  
    OpenSSL_add_all_algorithms();   
    OpenSSL_add_all_ciphers();  
    OpenSSL_add_all_digests();  
}
示例#25
0
int sign_with_rsa_sha256(const char *input, const char *private_key, unsigned char *buffer_out, int *buffer_out_len) {

  FILE *fp;
  EVP_PKEY *pkey = 0;
  EVP_MD_CTX *ctx = 0;
  const EVP_MD *sha256_md = 0;
  unsigned int s = 0;
  PKCS12 *p12 = 0;
  X509 *cert = 0;

  OpenSSL_add_all_ciphers();
  OpenSSL_add_all_digests();
  OpenSSL_add_all_algorithms();
  ERR_load_crypto_strings();

  ctx = EVP_MD_CTX_create();
  EVP_MD_CTX_init(ctx);
  sha256_md = EVP_sha256(); 

  EVP_SignInit(ctx, sha256_md);
  EVP_SignUpdate(ctx, input, strlen(input));

  ERR_load_crypto_strings();
  if (!(fp = fopen(private_key, "rb"))) {
    perror("Error opening file with private key");
    return -1;
  }
  
  p12 = d2i_PKCS12_fp(fp, NULL);
  fclose (fp);
  if (!p12) {
    perror("Error reading PKCS#12 file");
    return -1;
  }

  if (!PKCS12_parse(p12, "notasecret", &pkey, &cert, NULL)) {
    perror("Error parsing PKCS#12 file");
    return -1;
  }

  s = EVP_PKEY_size(pkey);
  EVP_SignFinal(ctx, buffer_out, &s, pkey);
  
  *buffer_out_len = s;

  PKCS12_free(p12);
  EVP_MD_CTX_destroy(ctx);
  X509_free(cert);
  EVP_cleanup();

  return 0;
}
示例#26
0
文件: pkg_repo.c 项目: dnaeon/pkgng 
int
pkg_finish_repo(char *path, pem_password_cb *password_cb, char *rsa_key_path)
{
	char repo_path[MAXPATHLEN + 1];
	char repo_archive[MAXPATHLEN + 1];
	struct packing *pack;
	int max_len = 0;
	unsigned char *sigret = NULL;
	int siglen = 0;
	RSA *rsa = NULL;
	char sha256[SHA256_DIGEST_LENGTH * 2 +1];

	snprintf(repo_path, sizeof(repo_path), "%s/repo.sqlite", path);
	snprintf(repo_archive, sizeof(repo_archive), "%s/repo", path);

	packing_init(&pack, repo_archive, TXZ);
	if (rsa_key_path != NULL) {
		if (access(rsa_key_path, R_OK) == -1) {
			pkg_emit_errno("access", rsa_key_path);
			return EPKG_FATAL;
		}

		SSL_load_error_strings();

		OpenSSL_add_all_algorithms();
		OpenSSL_add_all_ciphers();

		rsa = load_rsa_private_key(rsa_key_path, password_cb);
		max_len = RSA_size(rsa);
		sigret = malloc(max_len + 1);
		memset(sigret, 0, max_len);

		sha256_file(repo_path, sha256);

		if (RSA_sign(NID_sha1, sha256, sizeof(sha256), sigret, &siglen, rsa) == 0) {
			/* XXX pass back RSA errors correctly */
			pkg_emit_error("%s: %lu", rsa_key_path, ERR_get_error());
			return EPKG_FATAL;
		}

		packing_append_buffer(pack, sigret, "signature", siglen + 1);

		free(sigret);
		RSA_free(rsa);
		ERR_free_strings();
	}
	packing_append_file(pack, repo_path, "repo.sqlite");
	unlink(repo_path);
	packing_finish(pack);

	return (EPKG_OK);
}
示例#27
0
int main(int argc, char const *argv[])
{
    // 必须添加
    OpenSSL_add_all_algorithms();
    OpenSSL_add_all_ciphers();
    OpenSSL_add_all_digests();

    BIO *bin;
    bin = BIO_new_file(PRIVATE_KEY_FILE, "rb");
    RSA *pri_key;
    pri_key = PEM_read_bio_RSAPrivateKey(bin, &pri_key, NULL, (void*)PHRASE);

    // 获取文件内容和长度
    memset(file_buf, 0, MAX_BUF_LENGTH);
    FILE *fp = fopen(FILE_TO_SIGN, "rb");
    long file_length = fread(file_buf, sizeof(char), MAX_BUF_LENGTH, fp);
    fclose(fp);
    fprintf(stdout, "File `%s` size: %ld Bytes\n", FILE_TO_SIGN, file_length);

    memset(hash, 0, MAX_BUF_LENGTH);
    MD5(file_buf, file_length, hash);
    unsigned char *ch = hash;
    fprintf(stdout, "MD5 hash of `%s` = ", FILE_TO_SIGN);
    while (*ch != '\0'){
        printf("%02x", *ch++);
    }printf("\n");
    long hash_length = ch - hash;
    printf("hash length: %ld\n", hash_length);

    memset(sign, 0, MAX_BUF_LENGTH);
    unsigned int sign_length = 0;
    if (1 != RSA_sign(
        NID_md5, hash, hash_length,
        sign, &sign_length,
        pri_key)){
        fprintf(stderr, "RSA_sign failed!\n");
        exit(-1);
    }
    printf("sign of `%s`:\n", FILE_TO_SIGN);
    for (int i=0; i!=sign_length; ++i){
        fprintf(stdout, "%02x", sign[i]);
    }fprintf(stdout, "\n");

    fp = fopen(FILE_SIGN, "wb");
    fwrite(sign, sizeof(unsigned char), sign_length, fp);
    fclose(fp);
    fprintf(stdout, 
        "sign of `%s` has been save @ `%s`\n",
        FILE_TO_SIGN, FILE_SIGN);
    return 0;
}
示例#28
0
文件: onload.c 项目: cran/openssl 
void R_init_openssl(DllInfo *info) {
  R_registerRoutines(info, NULL, NULL, NULL, NULL);
  R_useDynamicSymbols(info, TRUE);
#ifdef _WIN32
  WSADATA wsaData;
  WSAStartup(MAKEWORD(2, 2), &wsaData);
#endif
  OpenSSL_add_all_digests();
  OpenSSL_add_all_algorithms();
  OpenSSL_add_all_ciphers();
  ERR_load_crypto_strings();
  SSL_load_error_strings();
  SSL_library_init();
}
示例#29
0
文件: c_all.c 项目: jiezh/h5vcc 
void OPENSSL_add_all_algorithms_noconf(void)
	{
	/*
	 * For the moment OPENSSL_cpuid_setup does something
	 * only on IA-32, but we reserve the option for all
	 * platforms...
	 */
	OPENSSL_cpuid_setup();
	OpenSSL_add_all_ciphers();
	OpenSSL_add_all_digests();
#ifndef OPENSSL_NO_ENGINE
# if (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)) && !defined(__LB_PS4__)
	ENGINE_setup_bsd_cryptodev();
# endif
#endif
	}
示例#30
0
文件: rsa.c 项目: HardenedBSD/pkg 
int
rsa_new(struct rsa_key **rsa, pkg_password_cb *cb, char *path)
{
	assert(*rsa == NULL);

	*rsa = calloc(1, sizeof(struct rsa_key));
	(*rsa)->path = path;
	(*rsa)->pw_cb = cb;

	SSL_load_error_strings();

	OpenSSL_add_all_algorithms();
	OpenSSL_add_all_ciphers();

	return (EPKG_OK);
}