/* * Pass the key-size and the password and this function returns * the PKCS12 structure as a stream. */ PKCS12* create_PKCS12_stream(int keysize, const char *password) { EVP_PKEY *privkey = NULL; X509 *x509_cert = NULL; STACK_OF(X509) *cacertstack = NULL; PKCS12 *pkcs12bundle = NULL; if(!keysize || !password) { fprintf(stderr,"Invalid key-size and/or password.\n"); return NULL; } if(keysize > MAX_KEY_SIZE) { fprintf(stderr,"Limit the keysize to 4096 bits.\n"); return NULL; } init_openssl(); privkey = create_rsa_key(keysize); if(privkey == NULL) { return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } fprintf(stdout,"Successfully created rsa key.\n"); x509_cert = create_x509_cert(privkey); if(x509_cert == NULL) { return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } fprintf(stdout,"Successfully created x509 certificate.\n"); cacertstack = create_ca_cert_stack(x509_cert); if(cacertstack == NULL) { return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } fprintf(stdout,"Successfully created stack-of-x509.\n"); if ((pkcs12bundle = PKCS12_new()) == NULL) { fprintf(stderr,"PKCS12_new failed.\n"); return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } pkcs12bundle = PKCS12_create( (char*)password, // certbundle access password "thali", // friendly certname privkey, // the certificate private key x509_cert, // the main certificate cacertstack, // stack of CA cert chain 0, // int nid_key (default 3DES) 0, // int nid_cert (40bitRC2) 0, // int iter (default 2048) 0, // int mac_iter (default 1) 0 // int keytype (default no flag) ); if (pkcs12bundle == NULL) { fprintf(stderr,"PKCS12_create failed.\n"); return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } fprintf(stdout,"Successfully created pkcs12 bundle.\n"); free_openssl_resources(privkey, x509_cert, cacertstack); return pkcs12bundle; //TODO: Make this a stream (char *) }
NEINT32 init_server_app(struct srv_config *run_config) { NEINT32 ssize = 0; create_rsa_key() ; //open net server listen_handle = ne_object_create(run_config->listen_name) ; if(!listen_handle) { ne_logfatal("create object!\n") ; return -1 ; } #ifdef SINGLE_THREAD_MOD ne_listensrv_set_single_thread(listen_handle) ; #else //set listen attribute if(session_size < sizeof(player_header_t)) session_size = sizeof(player_header_t) ; ssize = session_size + ne_getclient_hdr_size(((struct listen_contex*)listen_handle)->io_mod) ; #endif if(-1==ne_listensrv_session_info(listen_handle, run_config->max_connect, ssize) ) { ne_logfatal("create client map allocator!\n") ; return -1 ; } NE_SET_ONCONNECT_ENTRY(listen_handle,accept_entry,pre_close_entry,close_entry) ; //ne_listensrv_set_entry(listen_handle,accept_entry,pre_close_entry,close_entry) ; ne_srv_msgtable_create(listen_handle, MSG_CLASS_NUM, MAXID_BASE) ; install_start_session(listen_handle) ; NE_INSTALL_HANDLER(listen_handle,srv_echo_handler,MAXID_SYS,SYM_ECHO,EPL_CONNECT) ; NE_INSTALL_HANDLER(listen_handle,srv_broadcast_handler,MAXID_SYS,SYM_BROADCAST,EPL_CONNECT) ; //set crypt function ne_net_set_crypt((ne_netcrypt)ne_TEAencrypt, (ne_netcrypt)ne_TEAdecrypt, sizeof(tea_v)) ; if(-1==ne_listensrv_open(run_config->port, listen_handle) ) { ne_logfatal("open port!\n") ; return -1 ; } #ifndef SINGLE_THREAD_MOD if(-1==start_timer_srv(5000) ) { ne_logfatal("start time server!\n") ; return -1 ; } #endif /**/ return 0; }
int generate_rsa(void) { int iRet = EXIT_SUCCESS; EVP_PKEY* pPrivKey = NULL; EVP_PKEY* pPubKey = NULL; FILE* pFile = NULL; const EVP_CIPHER* pCipher = NULL; init_openssl(); pPrivKey = create_rsa_key(); pPubKey = create_rsa_key(); if(pPrivKey && pPubKey) {/* Save the keys */ if((pFile = fopen("privkey.pem","wt")) && (pCipher = EVP_aes_256_cbc())) { if(!PEM_write_PrivateKey(pFile,pPrivKey,pCipher, (unsigned char*)pcszPassphrase, (int)strlen(pcszPassphrase),NULL,NULL)) { fprintf(stderr,"PEM_write_PrivateKey failed.\n"); handle_openssl_error(); iRet = EXIT_FAILURE; } fclose(pFile); pFile = NULL; if(iRet == EXIT_SUCCESS) { if((pFile = fopen("pubkey.pem","wt")) && PEM_write_PUBKEY(pFile,pPubKey)) fprintf(stderr,"Both keys saved.\n"); else { handle_openssl_error(); iRet = EXIT_FAILURE; } if(pFile) { fclose(pFile); pFile = NULL; } } } else { fprintf(stderr,"Cannot create \"privkey.pem\".\n"); handle_openssl_error(); iRet = EXIT_FAILURE; if(pFile) { fclose(pFile); pFile = NULL; } } if(iRet == EXIT_SUCCESS) {/* Read the keys */ EVP_PKEY_free(pPrivKey); pPrivKey = NULL; EVP_PKEY_free(pPubKey); pPubKey = NULL; if((pFile = fopen("privkey.pem","rt")) && (pPrivKey = PEM_read_PrivateKey(pFile,NULL,passwd_callback,(void*)pcszPassphrase))) { fprintf(stderr,"Private key read.\n"); } else { fprintf(stderr,"Cannot read \"privkey.pem\".\n"); handle_openssl_error(); iRet = EXIT_FAILURE; } if(pFile) { fclose(pFile); pFile = NULL; } if((pFile = fopen("pubkey.pem","rt")) && (pPubKey = PEM_read_PUBKEY(pFile,NULL,NULL,NULL))) { fprintf(stderr,"Public key read.\n"); } else { fprintf(stderr,"Cannot read \"pubkey.pem\".\n"); handle_openssl_error(); iRet = EXIT_FAILURE; } char msg[2048/8]; // Get rid of the newline int session_seed = rand(); sprintf(msg, "%d", session_seed); // Encrypt the message } } if(pPrivKey) { EVP_PKEY_free(pPrivKey); pPrivKey = NULL; } if(pPubKey) { EVP_PKEY_free(pPubKey); pPubKey = NULL; } cleanup_openssl(); return iRet; }