示例#1
0
int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
	{
	int j,ret=0;
	BIO *in;
	EVP_PKEY *pkey=NULL;

	in=BIO_new(BIO_s_file_internal());
	if (in == NULL)
		{
		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
		goto end;
		}

	if (BIO_read_filename(in,file) <= 0)
		{
		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
		goto end;
		}
	if (type == SSL_FILETYPE_PEM)
		{
		j=ERR_R_PEM_LIB;
		pkey=PEM_read_bio_PrivateKey(in,NULL,
			ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
		}
	else if (type == SSL_FILETYPE_ASN1)
		{
		j = ERR_R_ASN1_LIB;
		pkey = d2i_PrivateKey_bio(in,NULL);
		}
	else
		{
		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
		goto end;
		}
	if (pkey == NULL)
		{
		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
		goto end;
		}
	ret=SSL_use_PrivateKey(ssl,pkey);
	EVP_PKEY_free(pkey);
end:
	if (in != NULL) BIO_free(in);
	return(ret);
	}
示例#2
0
//----------------START Get Private key--------------------------
EVP_PKEY*
an_key_get_private_key_from_keypair (uint8_t *key_label)
{
    const char cert_filestr[] = PRIVATE_KEY_LOCATION;
    EVP_PKEY *pkey;

    BIO* rsa_pub_bio = BIO_new_file(cert_filestr, "r");
    pkey = PEM_read_bio_PrivateKey(rsa_pub_bio, NULL, NULL, NULL);
    if (pkey == NULL) {
        DEBUG_AN_LOG(AN_LOG_BS_EVENT, AN_DEBUG_INFO, NULL,
                "\n%sFailed to read private key from key pair",an_bs_event);
        return FALSE;
    }
    fprintf(stdout, "RSA Private Key: (%d bit)\n", EVP_PKEY_bits(pkey));

    BIO_free(rsa_pub_bio);
    return(pkey);
}
示例#3
0
static EVP_PKEY *
getkey(void)
{
	EVP_PKEY *key;
	BIO *bio;

	/* new read-only BIO backed by KEY. */
	bio = BIO_new_mem_buf((char*)KEY, -1);
	tt_assert(bio);

	key = PEM_read_bio_PrivateKey(bio,NULL,NULL,NULL);
	BIO_free(bio);
	tt_assert(key);

	return key;
end:
	return NULL;
}
示例#4
0
文件: us894.c 项目: DDvO/libest 
/*
 * Corrupted CA chain when initializing server
 */
static void us894_test19 (void)
{
    BIO *certin, *keyin;
    X509 *x;
    EVP_PKEY *priv_key;
    int rv;
    EST_CTX *ctx;

    LOG_FUNC_NM;
    
    /*
     * Read the server cert
     */
    certin = BIO_new(BIO_s_file_internal());
    rv = BIO_read_filename(certin, US894_SERVER_CERT); 
    CU_ASSERT(rv > 0);
    x = PEM_read_bio_X509(certin, NULL, NULL, NULL);
    CU_ASSERT(x != NULL);
    BIO_free(certin);

    /*
     * Read the server key 
     */
    keyin = BIO_new(BIO_s_file_internal());
    rv = BIO_read_filename(keyin, US894_SERVER_KEY);
    CU_ASSERT(rv > 0);
    priv_key = PEM_read_bio_PrivateKey(keyin, NULL, NULL, NULL);
    CU_ASSERT(priv_key != NULL);
    BIO_free(keyin);

    /* 
     * Attempt to init EST proxy a corrupted CA chain
     */
    est_init_logger(EST_LOG_LVL_INFO, NULL);
    ctx = est_proxy_init((unsigned char*)"Bogus CA chain", 14, 
                         (unsigned char*)"Bogus CA chain", 14,
                         EST_CERT_FORMAT_PEM, "testrealm", x, priv_key,
                         "estuser", "estpwd");

    CU_ASSERT(ctx == NULL);

    X509_free(x);
    EVP_PKEY_free(priv_key);
}
示例#5
0
  bool TLSEncryption::load_certificate(const char* certificate_buf)
  {
        if (!certificate_buf) return false;
        bool result = false;
         
#if defined(SSL_LIB_OPENSSL)        

        X509 *cert = NULL;
        EVP_PKEY *pkey = NULL;
        BIO *bio_buffer; 
        //create readonly memory BIO
        if (!(bio_buffer = BIO_new_mem_buf((void*)certificate_buf, -1))) return false; //certificate_buf should be null terminated;  
             
        //load PEM cert from buffer
        if(PEM_read_bio_X509(bio_buffer, &cert, 0, NULL))
        {             
                result = (SSL_CTX_use_certificate(m_ctx, cert) == SSL_SUCCESS);                
                X509_free(cert);
                BIO_reset(bio_buffer);
        }                 
        
        //load PEM private key from buffer
        if(result && PEM_read_bio_PrivateKey(bio_buffer, &pkey, 0, NULL)) 
        {
                result = (SSL_CTX_use_PrivateKey(m_ctx, pkey) == SSL_SUCCESS);                                               
                EVP_PKEY_free(pkey);
        }
             
        BIO_free(bio_buffer);   
        
#elif defined(SSL_LIB_CYASSL)   

        uint certificate_buf_len = strlen(certificate_buf);
        if (CyaSSL_CTX_use_certificate_buffer(m_ctx, (const unsigned char*)certificate_buf, 
                        certificate_buf_len, SSL_FILETYPE_PEM) == SSL_SUCCESS) {
                
                result = (CyaSSL_CTX_use_PrivateKey_buffer(m_ctx, (const unsigned char*)certificate_buf, 
                        certificate_buf_len, SSL_FILETYPE_PEM) == SSL_SUCCESS);        
        }      
                 
#endif  

        return result; 
  }
示例#6
0
Handle<Key> Provider_System::getKeyFromURI(Handle<std::string> uri, Handle<std::string> format, bool enc){
	LOGGER_FN();

	try{
		if (enc){
			THROW_EXCEPTION(0, Provider_System, NULL, "Encrypted key need password callback function. Unsupported now");
		}
		BIO *bioFile = NULL;
		EVP_PKEY *hkey = NULL;

		LOGGER_OPENSSL(BIO_new);
		bioFile = BIO_new(BIO_s_file());
		LOGGER_OPENSSL(BIO_read_filename);
		if (BIO_read_filename(bioFile, uri->c_str()) > 0){
			LOGGER_OPENSSL(BIO_seek);
			BIO_seek(bioFile, 0);

			if (strcmp(format->c_str(), "PEM") == 0){
				LOGGER_OPENSSL(PEM_read_bio_PrivateKey);
				hkey = PEM_read_bio_PrivateKey(bioFile, NULL, 0, NULL);
			}
			else if (strcmp(format->c_str(), "DER") == 0){
				LOGGER_OPENSSL(d2i_PKCS8PrivateKey_bio);
				hkey = d2i_PKCS8PrivateKey_bio(bioFile, NULL, 0, NULL);
			}
			else{
				THROW_EXCEPTION(0, Provider_System, NULL, "Unsupported format. Only PEM | DER");
			}
		}

		LOGGER_OPENSSL(BIO_free);
		BIO_free(bioFile);

		if (!hkey){
			THROW_EXCEPTION(0, Provider_System, NULL, "Unable decode key from PEM/DER");
		}
		else{
			return new Key(hkey);
		}
	}
	catch (Handle<Exception> e){
		THROW_EXCEPTION(0, Provider_System, e, "getCSRFromURI");
	}
}
示例#7
0
文件: rsa.cpp 项目: mildrock/dummy 
    // 根据给定的私钥获取RSA结构
    // 
    // 本函数从openssl源码中crypto/pem/pem_all.c中第186行:
    //         RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u)
    // 的函数修改而来,由从pem文件读取改为从内存中读取
    RSA* get_rsa_from_private_key(const char* private_key)
    {
        RSA* rsa        = NULL;

        BIO *bio        = NULL;
        EVP_PKEY *pktmp = NULL;

        if ((bio=BIO_new(BIO_s_mem())) == NULL)
        {
            PEMerr(PEM_F_PEM_READ_PRIVATEKEY,ERR_R_BUF_LIB);
            return(0);
        }
        BIO_puts(bio, private_key);

        pktmp=PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
        BIO_free(bio);

        return pkey_get_rsa(pktmp, &rsa);
    }
示例#8
0
EVP_PKEY *fileio_read_pkey(const char *filename)
{
	EVP_PKEY *key = NULL;
	BIO *bio;

	bio = BIO_new_file(filename, "r");
	if (!bio)
		goto out;

	key = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);

out:
	BIO_free_all(bio);
	if (!key) {
		fprintf(stderr, "Can't load key from file '%s'\n", filename);
		ERR_print_errors_fp(stderr);
	}
	return key;
}
示例#9
0
EVP_PKEY* copyPrivateKey(EVP_PKEY* from)
{
    BIO* b = BIO_new( BIO_s_mem() );

    BioAutoPtr bio(b);

    if (PEM_write_bio_PKCS8PrivateKey(bio.get(), from, 0, 0, 0, 0, 0) <= 0) 
    {
        throw InvalidCertificate("invalid certificate");
    }

    EVP_PKEY *target = 0;
    if (PEM_read_bio_PrivateKey(bio.get(), &target, 0, 0) == 0) 
    {
        throw InvalidCertificate("invalid certificate");
    }
    
    return target;
}
示例#10
0
文件: key_utils.c 项目: cawka/PyNDN 
int
put_key_pem(int is_public_only, PyObject *py_key_pem,
            PyObject **py_private_key_ndn, PyObject **py_public_key_ndn,
            PyObject **py_public_key_digest,
            char *password)
{
	unsigned char *key_pem;
	Py_ssize_t pem_len;
	struct ndn_pkey *key = NULL;
	BIO *bio = NULL;
	int r;
	unsigned long err;

	r = PyBytes_AsStringAndSize(py_key_pem, (char **) &key_pem, &pem_len);
	JUMP_IF_NEG(r, error);

	bio = BIO_new_mem_buf(key_pem, pem_len);
	JUMP_IF_NULL(bio, openssl_error);

	if (is_public_only)
          key = (struct ndn_pkey*)PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
	else
          key = (struct ndn_pkey*)PEM_read_bio_PrivateKey(bio, NULL, NULL, password);
	JUMP_IF_NULL(key, openssl_error);

	r = ndn_keypair(is_public_only, key, py_private_key_ndn, py_public_key_ndn);
	JUMP_IF_NEG(r, error);

	r = create_public_key_digest(key, py_public_key_digest, NULL);
	JUMP_IF_NEG(r, error);

	return 0;

openssl_error:
	err = ERR_get_error();
	PyErr_Format(g_PyExc_NDNKeyError, "Unable to parse key: %s",
			ERR_reason_error_string(err));
error:
	EVP_PKEY_free ((EVP_PKEY *)key);
	BIO_free(bio);
	return -1;
}
示例#11
0
static EVP_PKEY* load_key(const char* key,
                          size_t key_size,
                          const char* password) {
  BIO* bio = BIO_new_mem_buf(const_cast<char*>(key), key_size);
  if (bio == NULL) {
    return NULL;
  }

  EVP_PKEY* pkey = PEM_read_bio_PrivateKey(bio,
                                           NULL,
                                           pem_password_callback,
                                           const_cast<char*>(password));
  if (pkey == NULL) {
    ssl_log_errors("Unable to load private key");
  }

  BIO_free_all(bio);

  return pkey;
}
示例#12
0
RSA* key_from_bio(BIO *key_bio, BOOL is_private) {

  EVP_PKEY *pkey = NULL;
  
  if(is_private) {
    pkey = PEM_read_bio_PrivateKey(key_bio, 
                          NULL,NULL, NULL);
  }else {
    pkey = PEM_read_bio_PUBKEY(key_bio, NULL,
                                        NULL, NULL);
  }
  if(!pkey) {
      fprintf(stderr, "ERROR: key read from BIO is null\n");
      exit(1);
  }
  BIO_free(key_bio);
  RSA *rsa = EVP_PKEY_get1_RSA(pkey);
  EVP_PKEY_free(pkey);
  return rsa;
}
示例#13
0
/*
 * Null trusted CA chain when initializing server
 */
static void us901_test18(void) {
    BIO *certin, *keyin;
    X509 *x;
    EVP_PKEY *priv_key;
    int rv;
    EST_CTX *ctx;

    LOG_FUNC_NM
    ;

    /*
     * Read the server cert
     */
    certin = BIO_new(BIO_s_file_internal());
    rv = BIO_read_filename(certin, US901_SERVER_CERT);
    CU_ASSERT(rv > 0);
    x = PEM_read_bio_X509(certin, NULL, NULL, NULL);
    CU_ASSERT(x != NULL);
    BIO_free(certin);

    /*
     * Read the server key
     */
    keyin = BIO_new(BIO_s_file_internal());
    rv = BIO_read_filename(keyin, US901_SERVER_KEY);
    CU_ASSERT(rv > 0);
    priv_key = PEM_read_bio_PrivateKey(keyin, NULL, NULL, NULL);
    CU_ASSERT(priv_key != NULL);
    BIO_free(keyin);

    /*
     * Attempt to init EST server using NULL local CA chain
     */
    est_init_logger(EST_LOG_LVL_INFO, NULL);
    ctx = est_server_init(NULL, 0, NULL, 0, EST_CERT_FORMAT_PEM, "testrealm", x,
            priv_key);
    CU_ASSERT(ctx == NULL);

    X509_free(x);
    EVP_PKEY_free(priv_key);
}
示例#14
0
static EP_CRYPTO_KEY *
key_read_bio(BIO *bio,
		const char *filename,
		int keyform,
		uint32_t flags)
{
	EVP_PKEY *key = NULL;
	const char *pubsec = EP_UT_BITSET(EP_CRYPTO_F_SECRET, flags) ?
		"secret" : "public";

	ep_dbg_cprintf(Dbg, 20, "key_read_bio: name %s, form %d, flags %x\n",
			filename, keyform, flags);
	EP_ASSERT(bio != NULL);
	if (keyform <= 0)
		return _ep_crypto_error("keyform must be specified");

	if (keyform == EP_CRYPTO_KEYFORM_PEM)
	{
		// easy case
		if (EP_UT_BITSET(EP_CRYPTO_F_SECRET, flags))
			key = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
		else
			key = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
	}
	else if (keyform == EP_CRYPTO_KEYFORM_DER)
	{
		if (EP_UT_BITSET(EP_CRYPTO_F_SECRET, flags))
			key = d2i_PrivateKey_bio(bio, NULL);
		else
			key = d2i_PUBKEY_bio(bio, NULL);
	}
	else
	{
		return _ep_crypto_error("unknown key format %d", keyform);
	}

	if (key == NULL)
		return _ep_crypto_error("cannot read %s key from %s",
				pubsec, filename);
	return key;
}
示例#15
0
static void InitializeDefaultCredentials()
{
	BIO *bio = BIO_new_mem_buf (PrivateMaterials, -1);
	assert (bio);

	if (DefaultPrivateKey) {
		// we may come here in a restart.
		EVP_PKEY_free (DefaultPrivateKey);
		DefaultPrivateKey = NULL;
	}
	PEM_read_bio_PrivateKey (bio, &DefaultPrivateKey, builtin_passwd_cb, 0);

	if (DefaultCertificate) {
		// we may come here in a restart.
		X509_free (DefaultCertificate);
		DefaultCertificate = NULL;
	}
	PEM_read_bio_X509 (bio, &DefaultCertificate, NULL, 0);

	BIO_free (bio);
}
示例#16
0
EVP_PKEY *modssl_read_privatekey(const char* filename, EVP_PKEY **key, pem_password_cb *cb, void *s)
{
    EVP_PKEY *rc;
    BIO *bioS;
    BIO *bioF;

    /* 1. try PEM (= DER+Base64+headers) */
    if ((bioS=BIO_new_file(filename, "r")) == NULL)
        return NULL;
    rc = PEM_read_bio_PrivateKey(bioS, key, cb, s);
    BIO_free(bioS);

    if (rc == NULL) {
        /* 2. try DER+Base64 */
        if ((bioS = BIO_new_file(filename, "r")) == NULL)
            return NULL;

        if ((bioF = BIO_new(BIO_f_base64())) == NULL) {
            BIO_free(bioS);
            return NULL;
        }
        bioS = BIO_push(bioF, bioS);
        rc = d2i_PrivateKey_bio(bioS, NULL);
        BIO_free_all(bioS);

        if (rc == NULL) {
            /* 3. try plain DER */
            if ((bioS = BIO_new_file(filename, "r")) == NULL)
                return NULL;
            rc = d2i_PrivateKey_bio(bioS, NULL);
            BIO_free(bioS);
        }
    }
    if (rc != NULL && key != NULL) {
        if (*key != NULL)
            EVP_PKEY_free(*key);
        *key = rc;
    }
    return rc;
}
示例#17
0
文件: test.c 项目: deweerdt/quicly 
int main(int argc, char **argv)
{
    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();
#if !defined(OPENSSL_NO_ENGINE)
    /* Load all compiled-in ENGINEs */
    ENGINE_load_builtin_engines();
    ENGINE_register_all_ciphers();
    ENGINE_register_all_digests();
#endif

    {
        BIO *bio = BIO_new_mem_buf(RSA_CERTIFICATE, strlen(RSA_CERTIFICATE));
        X509 *x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
        assert(x509 != NULL || !!"failed to load certificate");
        BIO_free(bio);
        cert.len = i2d_X509(x509, &cert.base);
        X509_free(x509);
    }

    {
        BIO *bio = BIO_new_mem_buf(RSA_PRIVATE_KEY, strlen(RSA_PRIVATE_KEY));
        EVP_PKEY *pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
        assert(pkey != NULL || !"failed to load private key");
        BIO_free(bio);
        ptls_openssl_init_sign_certificate(&cert_signer, pkey);
        EVP_PKEY_free(pkey);
    }

    subtest("next-packet-number", test_next_packet_number);
    subtest("ranges", test_ranges);
    subtest("frame", test_frame);
    subtest("maxsender", test_maxsender);
    subtest("ack", test_ack);
    subtest("simple", test_simple);
    subtest("stream-concurrency", test_stream_concurrency);
    subtest("loss", test_loss);

    return done_testing();
}
示例#18
0
embassy_t *pki_embassy_load_from_memory(char *certificate, char *privatekey, uint32_t serial)
{
	BIO *bio_memory = NULL;
	embassy_t *embassy;

	// create an empty embassy
	embassy = calloc(1, sizeof(embassy_t));

	// fetch the certificate in PEM format and convert to X509
	bio_memory = BIO_new_mem_buf(certificate, strlen(certificate));
	embassy->certificate = PEM_read_bio_X509(bio_memory, NULL, NULL, NULL);
	BIO_free(bio_memory);

	// fetch the private key in PEM format and convert to EVP
	bio_memory = BIO_new_mem_buf(privatekey, strlen(privatekey));
	embassy->keyring = PEM_read_bio_PrivateKey(bio_memory, NULL, NULL, NULL);
	BIO_free(bio_memory);

	embassy->serial = serial;

	return embassy;
}
示例#19
0
/* Loads an in-memory PEM private key into the SSL context. */
static tsi_result ssl_ctx_use_private_key(SSL_CTX* context,
                                          const unsigned char* pem_key,
                                          size_t pem_key_size) {
  tsi_result result = TSI_OK;
  EVP_PKEY* private_key = NULL;
  BIO* pem = BIO_new_mem_buf((void*)pem_key, pem_key_size);
  if (pem == NULL) return TSI_OUT_OF_RESOURCES;
  do {
    private_key = PEM_read_bio_PrivateKey(pem, NULL, NULL, "");
    if (private_key == NULL) {
      result = TSI_INVALID_ARGUMENT;
      break;
    }
    if (!SSL_CTX_use_PrivateKey(context, private_key)) {
      result = TSI_INVALID_ARGUMENT;
      break;
    }
  } while (0);
  if (private_key != NULL) EVP_PKEY_free(private_key);
  BIO_free(pem);
  return result;
}
示例#20
0
文件: us894.c 项目: DDvO/libest 
/*
 * Null Server certificate when initializing server
 */
static void us894_test16 (void)
{
    unsigned char *cacerts = NULL;
    int cacerts_len = 0;
    BIO *keyin;
    EVP_PKEY *priv_key;
    int rv;
    EST_CTX *ctx;

    LOG_FUNC_NM;
    
    /*
     * Read in the CA certificates
     */
    cacerts_len = read_binary_file(US894_CACERT, &cacerts);
    CU_ASSERT(cacerts_len > 0);

    /*
     * Read the server key 
     */
    keyin = BIO_new(BIO_s_file_internal());
    rv = BIO_read_filename(keyin, US894_SERVER_KEY);
    CU_ASSERT(rv > 0);
    priv_key = PEM_read_bio_PrivateKey(keyin, NULL, NULL, NULL);
    CU_ASSERT(priv_key != NULL);
    BIO_free(keyin);

    /* 
     * Attempt to init EST proxy using NULL server key
     */
    est_init_logger(EST_LOG_LVL_INFO, NULL);
    ctx = est_proxy_init(cacerts, cacerts_len, cacerts, cacerts_len, 
                         EST_CERT_FORMAT_PEM,
                         "testrealm", NULL, priv_key,
                         "estuser", "estpwd");
    CU_ASSERT(ctx == NULL);

    EVP_PKEY_free(priv_key);
}
示例#21
0
文件: ssl_rsa.c 项目: a397871706/plug 
int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) {
  int reason_code, ret = 0;
  BIO *in;
  EVP_PKEY *pkey = NULL;

  in = BIO_new(BIO_s_file());
  if (in == NULL) {
    OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB);
    goto end;
  }

  if (BIO_read_filename(in, file) <= 0) {
    OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB);
    goto end;
  }

  if (type == SSL_FILETYPE_PEM) {
    reason_code = ERR_R_PEM_LIB;
    pkey = PEM_read_bio_PrivateKey(in, NULL, ctx->default_passwd_callback,
                                   ctx->default_passwd_callback_userdata);
  } else if (type == SSL_FILETYPE_ASN1) {
    reason_code = ERR_R_ASN1_LIB;
    pkey = d2i_PrivateKey_bio(in, NULL);
  } else {
    OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE);
    goto end;
  }

  if (pkey == NULL) {
    OPENSSL_PUT_ERROR(SSL, reason_code);
    goto end;
  }
  ret = SSL_CTX_use_PrivateKey(ctx, pkey);
  EVP_PKEY_free(pkey);

end:
  BIO_free(in);
  return ret;
}
示例#22
0
文件: pki_evp.cpp 项目: J-Javan/xca 
void pki_evp::fromPEM_BIO(BIO *bio, QString name)
{
	EVP_PKEY *pkey;
	int pos;
	pass_info p(XCA_TITLE, QObject::tr(
			"Please enter the password to decrypt the private key."));
	pos = BIO_tell(bio);
	pkey = PEM_read_bio_PrivateKey(bio, NULL, MainWindow::passRead, &p);
	if (!pkey){
		pki_ign_openssl_error();
		pos = BIO_seek(bio, pos);
		pkey = PEM_read_bio_PUBKEY(bio, NULL, MainWindow::passRead, &p);
	}
	if (pkey){
		if (key)
			EVP_PKEY_free(key);
		key = pkey;
		if (EVP_PKEY_isPrivKey(key))
			bogusEncryptKey();
		setIntName(rmslashdot(name));
	}
	openssl_error(name);
}
示例#23
0
EVP_PKEY* VSslServer::loadKey(VError& error, QString fileName)
{
  BIO* bio = BIO_new(BIO_s_file());
  if (bio == NULL)
  {
    QString msg = "BIO_s_file return NULL";
    LOG_ERROR("%s", qPrintable(msg));
    error = VSslError(msg, VSslError::IN_BIO_S_FILE);
    return NULL;
  }

  long res = BIO_read_filename(bio, qPrintable(fileName));
  if (res <= 0)
  {
    QString msg = QString("BIO_read_filename(%1) return %2").arg(fileName).arg(res);
    LOG_ERROR("%s", qPrintable(msg));
    error = VSslError(msg, VSslError::IN_BIO_READ_FILENAME);
    BIO_free(bio);
    return NULL;
  }

  EVP_PKEY* key = PEM_read_bio_PrivateKey(bio, NULL,
    NULL, // (pem_password_cb*)password_callback // gilgil temp 2008.10.29
    NULL  // &cb_data);
  );
  if (key == NULL)
  {
    QString msg = "PEM_read_bio_PrivateKey return NULL";
    LOG_ERROR("%s", qPrintable(msg));
    error = VSslError(msg, VSslError::IN_PEM_READ_BIO_PRIVATEKEY);
    BIO_free(bio);
    return NULL;
  }

  BIO_free(bio);
  return key;
}
示例#24
0
bool
CertificateManager::isCertificateValid (std::string certificate)
{
  std::shared_ptr <BIO> bio;
  std::shared_ptr <X509> x509;
  std::shared_ptr <EVP_PKEY> private_key;

  bio = std::shared_ptr<BIO>
        (BIO_new_mem_buf ( (gpointer) certificate.c_str (), -1),
  [] (BIO * obj) {
    BIO_free_all (obj);
  });

  if (!bio) {
    return false;
  }

  x509 = std::shared_ptr<X509>(
      PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr),
      [](X509 *obj) { X509_free(obj); });

  if (!x509) {
    return false;
  }

  (void) BIO_reset (bio.get() );
  private_key = std::shared_ptr<EVP_PKEY>(
      PEM_read_bio_PrivateKey(bio.get(), nullptr, nullptr, nullptr),
      [](EVP_PKEY *obj) { EVP_PKEY_free(obj); });

  if (!private_key) {
    return false;
  }

  return true;
}
示例#25
0
文件: signature.c 项目: ukleinek/rauc 
static EVP_PKEY *load_key_file(const gchar *keyfile, GError **error)
{
	EVP_PKEY *res = NULL;
	BIO *key = NULL;
	unsigned long err;
	const gchar *data;
	int flags;

	g_return_val_if_fail(keyfile != NULL, NULL);
	g_return_val_if_fail(error == NULL || *error == NULL, NULL);

	key = BIO_new_file(keyfile, "r");
	if (key == NULL) {
		g_set_error(
				error,
				R_SIGNATURE_ERROR,
				R_SIGNATURE_ERROR_LOAD_FAILED,
				"failed to load key file '%s'", keyfile);
		goto out;
	}

	res = PEM_read_bio_PrivateKey(key, NULL, NULL, NULL);
	if (res == NULL) {
		err = ERR_get_error_line_data(NULL, NULL, &data, &flags);
		g_set_error(
				error,
				R_SIGNATURE_ERROR,
				R_SIGNATURE_ERROR_PARSE_ERROR,
				"failed to parse key file '%s': %s", keyfile,
				(flags & ERR_TXT_STRING) ? data : ERR_error_string(err, NULL));
		goto out;
	}
out:
	BIO_free_all(key);
	return res;
}
示例#26
0
static void
init_from_pem_string (GstDtlsCertificate * self, const gchar * pem)
{
  GstDtlsCertificatePrivate *priv = self->priv;
  BIO *bio;

  g_return_if_fail (pem);
  g_return_if_fail (!priv->x509);
  g_return_if_fail (!priv->private_key);

  bio = BIO_new_mem_buf ((gpointer) pem, -1);
  g_return_if_fail (bio);

  priv->x509 = PEM_read_bio_X509 (bio, NULL, NULL, NULL);

  if (!priv->x509) {
    GST_WARNING_OBJECT (self, "failed to read certificate from pem string");
    return;
  }

  (void) BIO_reset (bio);

  priv->private_key = PEM_read_bio_PrivateKey (bio, NULL, NULL, NULL);

  BIO_free (bio);
  bio = NULL;

  if (!priv->private_key) {
    GST_WARNING_OBJECT (self, "failed to read private key from pem string");
    X509_free (priv->x509);
    priv->x509 = NULL;
    return;
  }

  self->priv->pem = g_strdup (pem);
}
示例#27
0
文件: sslserver.c 项目: 274914765/C 
int SSL_CTX_use_PrivateKey_file_pass (SSL_CTX * ctx, char *filename, char *pass)
{
    EVP_PKEY *pkey = NULL;

    BIO *key = NULL;

    key = BIO_new (BIO_s_file ());
    BIO_read_filename (key, filename);
    pkey = PEM_read_bio_PrivateKey (key, NULL, NULL, pass);
    if (pkey == NULL)

    {
        printf ("PEM_read_bio_PrivateKey err");
        return -1;
    }
    if (SSL_CTX_use_PrivateKey (ctx, pkey) <= 0)

    {
        printf ("SSL_CTX_use_PrivateKey err\n");
        return -1;
    }
    BIO_free (key);
    return 1;
}
示例#28
0
static int get_cert_and_key(X509 **cert_out, EVP_PKEY **key_out)
{
    BIO *certbio, *keybio;
    X509 *cert = NULL;
    EVP_PKEY *key = NULL;

    if (!TEST_ptr(certbio = BIO_new_file(certstr, "r")))
        return 0;
    cert = PEM_read_bio_X509(certbio, NULL, NULL, NULL);
    BIO_free(certbio);
    if (!TEST_ptr(keybio = BIO_new_file(privkeystr, "r")))
        goto end;
    key = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL);
    BIO_free(keybio);
    if (!TEST_ptr(cert) || !TEST_ptr(key))
        goto end;
    *cert_out = cert;
    *key_out = key;
    return 1;
 end:
    X509_free(cert);
    EVP_PKEY_free(key);
    return 0;
}
示例#29
0
/*============================================================================
 * OpcUa_P_OpenSSL_RSA_LoadPrivateKeyFromFile
 *===========================================================================*/
OpcUa_StatusCode OpcUa_P_OpenSSL_RSA_LoadPrivateKeyFromFile(
    OpcUa_StringA           a_privateKeyFile,
    OpcUa_P_FileFormat      a_fileFormat,
    OpcUa_StringA           a_password,         /* optional: just needed encrypted PEM */
    OpcUa_ByteString*       a_pPrivateKey)
{
    BIO*            pPrivateKeyFile     = OpcUa_Null;
    RSA*            pRsaPrivateKey      = OpcUa_Null;
    EVP_PKEY*       pEvpKey             = OpcUa_Null;
    unsigned char*  pData;

OpcUa_InitializeStatus(OpcUa_Module_P_OpenSSL, "RSA_LoadPrivateKeyFromFile");

    /* check parameters */
    OpcUa_ReturnErrorIfArgumentNull(a_privateKeyFile);
    OpcUa_ReturnErrorIfArgumentNull(a_pPrivateKey);

    if(a_fileFormat == OpcUa_Crypto_Encoding_Invalid)
    {
        return OpcUa_BadInvalidArgument;
    }

    OpcUa_ReferenceParameter(a_password);

    /* open file */
    pPrivateKeyFile = BIO_new_file((const char*)a_privateKeyFile, "rb");
    OpcUa_ReturnErrorIfArgumentNull(pPrivateKeyFile);

    /* read and convert file */
    switch(a_fileFormat)
    {
    case OpcUa_Crypto_Encoding_PEM:
        {
            /* read from file */
            pEvpKey = PEM_read_bio_PrivateKey(  pPrivateKeyFile,    /* file                 */
                                                NULL,               /* key struct           */
                                                0,                  /* password callback    */
                                                a_password);        /* default passphrase or arbitrary handle */
            OpcUa_GotoErrorIfNull(pEvpKey, OpcUa_Bad);
            break;
        }
    case OpcUa_Crypto_Encoding_PKCS12:
        {
            int iResult = 0;

            /* read from file. */
            PKCS12* pPkcs12 = d2i_PKCS12_bio(pPrivateKeyFile, NULL);

            if (pPkcs12 == 0)
            {
                OpcUa_GotoErrorWithStatus(OpcUa_BadEncodingError);
            }

            /*  parse the certificate. */
            iResult = PKCS12_parse(pPkcs12, a_password, &pEvpKey, NULL, NULL);

            if (iResult == 0)
            {
                OpcUa_GotoErrorWithStatus(OpcUa_BadEncodingError);
            }

            /*  free certificate. */
            PKCS12_free(pPkcs12);
            pPkcs12 = NULL;
            break;
        }
    case OpcUa_Crypto_Encoding_DER:
    default:
        {
            uStatus = OpcUa_BadNotSupported;
            OpcUa_GotoError;
        }
    }

    /* convert to intermediary openssl struct */
    pRsaPrivateKey = EVP_PKEY_get1_RSA(pEvpKey);
    EVP_PKEY_free(pEvpKey);
    OpcUa_GotoErrorIfNull(pRsaPrivateKey, OpcUa_Bad);

    /* get required length */
    a_pPrivateKey->Length = i2d_RSAPrivateKey(pRsaPrivateKey, OpcUa_Null);
    OpcUa_GotoErrorIfTrue((a_pPrivateKey->Length <= 0), OpcUa_Bad);

    /* allocate target buffer */
    a_pPrivateKey->Data = (OpcUa_Byte*)OpcUa_P_Memory_Alloc(a_pPrivateKey->Length);
    OpcUa_GotoErrorIfAllocFailed(a_pPrivateKey->Data);

    /* do real conversion */
    pData = a_pPrivateKey->Data;
    a_pPrivateKey->Length = i2d_RSAPrivateKey(pRsaPrivateKey, &pData);
    OpcUa_GotoErrorIfTrue((a_pPrivateKey->Length <= 0), OpcUa_Bad);

    RSA_free(pRsaPrivateKey);
    BIO_free(pPrivateKeyFile);

OpcUa_ReturnStatusCode;
OpcUa_BeginErrorHandling;

    if(pEvpKey)
    {
        EVP_PKEY_free(pEvpKey);
    }

    if(a_pPrivateKey != OpcUa_Null)
    {
        if(a_pPrivateKey->Data != OpcUa_Null)
        {
            OpcUa_P_Memory_Free(a_pPrivateKey->Data);
            a_pPrivateKey->Data = OpcUa_Null;
            a_pPrivateKey->Length = -1;
        }
    }

    if(pPrivateKeyFile != NULL)
    {
        BIO_free(pPrivateKeyFile);
    }

    if(pRsaPrivateKey != NULL)
    {
        RSA_free(pRsaPrivateKey);
    }

OpcUa_FinishErrorHandling;
}
示例#30
0
文件: smdec.c 项目: 277800076/openssl 
int main(int argc, char **argv)
{
    BIO *in = NULL, *out = NULL, *tbio = NULL;
    X509 *rcert = NULL;
    EVP_PKEY *rkey = NULL;
    PKCS7 *p7 = NULL;
    int ret = 1;

    OpenSSL_add_all_algorithms();
    ERR_load_crypto_strings();

    /* Read in recipient certificate and private key */
    tbio = BIO_new_file("signer.pem", "r");

    if (!tbio)
        goto err;

    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);

    BIO_reset(tbio);

    rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);

    if (!rcert || !rkey)
        goto err;

    /* Open content being signed */

    in = BIO_new_file("smencr.txt", "r");

    if (!in)
        goto err;

    /* Sign content */
    p7 = SMIME_read_PKCS7(in, NULL);

    if (!p7)
        goto err;

    out = BIO_new_file("encrout.txt", "w");
    if (!out)
        goto err;

    /* Decrypt S/MIME message */
    if (!PKCS7_decrypt(p7, rkey, rcert, out, 0))
        goto err;

    ret = 0;

 err:
    if (ret) {
        fprintf(stderr, "Error Signing Data\n");
        ERR_print_errors_fp(stderr);
    }
    PKCS7_free(p7);
    X509_free(rcert);
    EVP_PKEY_free(rkey);
    BIO_free(in);
    BIO_free(out);
    BIO_free(tbio);

    return ret;

}