static int generate_RSA_keypair(unsigned char** private_key_der, size_t *private_key_len, unsigned char** public_key_der, size_t *public_key_len) { RSA *private_key; private_key = RSA_generate_key(1024, 65537, NULL, NULL); unsigned char *priv, *pub; //DER encode / pkcs#1 *private_key_len = i2d_RSAPrivateKey(private_key, 0); *public_key_len = i2d_RSAPublicKey(private_key, 0); *private_key_der = priv = (unsigned char*) calloc(*private_key_len, 1); *public_key_der = pub = (unsigned char*) calloc(*public_key_len, 1); i2d_RSAPrivateKey(private_key, &priv); i2d_RSAPublicKey(private_key, &pub); RSA_free(private_key); /* // Check that all is well, DER decode fprintf(stderr, "decoded:\n"); RSA *public_key_rsa, *private_key_rsa; public_key_rsa = d2i_RSAPublicKey(0, (const unsigned char**) &public_key_der, public_key_len); private_key_rsa = d2i_RSAPrivateKey(0, (const unsigned char**) &private_key_der, private_key_len); PEM_write_RSAPrivateKey(stderr, private_key_rsa, NULL, NULL, 0, NULL, NULL); PEM_write_RSAPublicKey(stderr, private_key_rsa); */ return(0); }
int ca_key_serialize(EVP_PKEY *key, struct iked_id *id) { int len; u_int8_t *d; RSA *rsa; switch (key->type) { case EVP_PKEY_RSA: id->id_type = 0; id->id_offset = 0; ibuf_release(id->id_buf); if ((rsa = EVP_PKEY_get1_RSA(key)) == NULL) return (-1); if ((len = i2d_RSAPrivateKey(rsa, NULL)) <= 0) return (-1); if ((id->id_buf = ibuf_new(NULL, len)) == NULL) return (-1); d = ibuf_data(id->id_buf); if (i2d_RSAPrivateKey(rsa, &d) != len) { ibuf_release(id->id_buf); return (-1); } id->id_type = IKEV2_CERT_RSA_KEY; break; default: log_debug("%s: unsupported key type %d", __func__, key->type); return (-1); } return (0); }
static void keystore_save_rsakey(gpointer key, gpointer value, gpointer user_data) { const int key_index = GPOINTER_TO_INT(key); const struct rsa_key_t *rsa_key = (const struct rsa_key_t *)value; GKeyFile *key_file = (GKeyFile *)user_data; g_assert(rsa_key != NULL); g_assert(key_file != NULL); gchar *index = g_strdup_printf("%d", key_index); int pkcs_len = i2d_RSAPrivateKey(rsa_key->rsa, NULL); unsigned char *pkcs_buf = malloc(pkcs_len); unsigned char *tmp = pkcs_buf; i2d_RSAPrivateKey(rsa_key->rsa, &tmp); const gchar *const list[] = { g_strdup_printf("%d", rsa_key->keylen), g_base64_encode(pkcs_buf, pkcs_len), }; g_key_file_set_string_list(key_file, "rsa", index, list, 2); g_free(index); free(pkcs_buf); g_free((gpointer)list[0]); g_free((gpointer)list[1]); }
static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { unsigned char *rk = NULL; int rklen; ASN1_STRING *str; int strtype; if (!rsa_param_encode(pkey, &str, &strtype)) return 0; rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); if (rklen <= 0) { RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(str); return 0; } if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0, strtype, str, rk, rklen)) { RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(str); return 0; } return 1; }
PyObject * get_key_der_private(struct ccn_pkey *private_key_ccn) { PyObject *result; RSA *private_key_rsa; unsigned long err; unsigned char *private_key_der = NULL; int der_len; assert(private_key_ccn); private_key_rsa = EVP_PKEY_get1_RSA((EVP_PKEY *) private_key_ccn); JUMP_IF_NULL(private_key_rsa, openssl_error); der_len = i2d_RSAPrivateKey(private_key_rsa, &private_key_der); JUMP_IF_NEG(der_len, openssl_error); result = PyBytes_FromStringAndSize((char *) private_key_der, der_len); RSA_free(private_key_rsa); private_key_rsa = NULL; JUMP_IF_NULL(result, error); return result; openssl_error: err = ERR_get_error(); PyErr_Format(g_PyExc_CCNKeyError, "Unable to write Private Key: %s", ERR_reason_error_string(err)); error: RSA_free(private_key_rsa); return NULL; }
int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) { #ifndef OPENSSL_NO_RSA if (a->type == EVP_PKEY_RSA) { return(i2d_RSAPrivateKey(a->pkey.rsa,pp)); } else #endif #ifndef OPENSSL_NO_DSA if (a->type == EVP_PKEY_DSA) { return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); } #endif #ifndef OPENSSL_NO_EC if (a->type == EVP_PKEY_EC) { return(i2d_ECPrivateKey(a->pkey.ec, pp)); } #endif ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); return(-1); }
void RSAKey::cache() { unsigned char buffer[8192]; unsigned char* buf = buffer; int len = i2d_RSAPublicKey(d_rsa.get(), &buf); EXCEPTION_ASSERT_WITH_LOG(len >= 0, OpenSSLException, "Invalid RSA context: cannot retrieve public key"); d_public_key.clear(); d_public_key.insert(d_public_key.end(), buffer, buffer + len); if (hasPrivateCompound()) { buf = buffer; len = i2d_RSAPrivateKey(d_rsa.get(), &buf); EXCEPTION_ASSERT_WITH_LOG(len >= 0, OpenSSLException, "Invalid RSA context: cannot retrieve private key"); d_private_key.clear(); d_private_key.insert(d_private_key.end(), buffer, buffer + len); } else { d_private_key.clear(); } }
std::unique_ptr<RSA_PrivateKey> make_openssl_rsa_private_key(RandomNumberGenerator& rng, size_t rsa_bits) { if (rsa_bits > INT_MAX) throw Internal_Error("rsa_bits overflow"); secure_vector<uint8_t> seed(BOTAN_SYSTEM_RNG_POLL_REQUEST); rng.randomize(seed.data(), seed.size()); RAND_seed(seed.data(), seed.size()); std::unique_ptr<BIGNUM, std::function<void (BIGNUM*)>> bn(BN_new(), BN_free); if(!bn) throw OpenSSL_Error("BN_new"); if(!BN_set_word(bn.get(), RSA_F4)) throw OpenSSL_Error("BN_set_word"); std::unique_ptr<RSA, std::function<void (RSA*)>> rsa(RSA_new(), RSA_free); if(!rsa) throw OpenSSL_Error("RSA_new"); if(!RSA_generate_key_ex(rsa.get(), rsa_bits, bn.get(), nullptr)) throw OpenSSL_Error("RSA_generate_key_ex"); uint8_t* der = nullptr; int bytes = i2d_RSAPrivateKey(rsa.get(), &der); if(bytes < 0) throw OpenSSL_Error("i2d_RSAPrivateKey"); const secure_vector<uint8_t> keydata(der, der + bytes); memset(der, 0, bytes); free(der); return std::unique_ptr<Botan::RSA_PrivateKey> (new RSA_PrivateKey(AlgorithmIdentifier(), keydata)); }
SEXP PKI_extract_key(SEXP sKey, SEXP sPriv) { SEXP res; EVP_PKEY *key; RSA *rsa; int get_priv = asInteger(sPriv), len; if (!inherits(sKey, "public.key") && !inherits(sKey, "private.key")) Rf_error("invalid key object"); if (get_priv == NA_INTEGER) get_priv = inherits(sKey, "private.key"); if (get_priv && !inherits(sKey, "private.key")) return R_NilValue; key = (EVP_PKEY*) R_ExternalPtrAddr(sKey); if (!key) Rf_error("NULL key"); PKI_init(); if (EVP_PKEY_type(key->type) != EVP_PKEY_RSA) Rf_error("Sorry only RSA keys are supported at this point"); rsa = EVP_PKEY_get1_RSA(key); if (get_priv) { unsigned char *ptr; len = i2d_RSAPrivateKey(rsa, 0); if (len < 1) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); res = allocVector(RAWSXP, len); ptr = (unsigned char*) RAW(res); len = i2d_RSAPrivateKey(rsa, &ptr); if (len < 1) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); PROTECT(res); setAttrib(res, R_ClassSymbol, mkString("private.key.DER")); UNPROTECT(1); } else { unsigned char *ptr; len = i2d_RSA_PUBKEY(rsa, 0); if (len < 1) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); res = allocVector(RAWSXP, len); ptr = (unsigned char*) RAW(res); len = i2d_RSA_PUBKEY(rsa, &ptr); if (len < 1) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); PROTECT(res); setAttrib(res, R_ClassSymbol, mkString("public.key.DER")); UNPROTECT(1); } return res; }
/*============================================================================ * OpcUa_P_OpenSSL_RSA_GenerateKeys *===========================================================================*/ OpcUa_StatusCode OpcUa_P_OpenSSL_RSA_GenerateKeys( OpcUa_CryptoProvider* a_pProvider, OpcUa_UInt32 a_bits, OpcUa_Key* a_pPublicKey, OpcUa_Key* a_pPrivateKey) { RSA* pRsa; unsigned char* pData; OpcUa_InitializeStatus(OpcUa_Module_P_OpenSSL, "RSA_GenerateKeys"); OpcUa_ReturnErrorIfArgumentNull(a_pProvider); OpcUa_ReturnErrorIfArgumentNull(a_pPublicKey); OpcUa_ReturnErrorIfArgumentNull(a_pPrivateKey); OpcUa_ReferenceParameter(a_pProvider); /* Just 1024 or 2048 bits should be allowed for compatibility reasons */ if ((a_bits != 1024) && (a_bits != 2048) && (a_bits != 3072) && (a_bits != 4096)) { uStatus = OpcUa_BadInvalidArgument; OpcUa_GotoErrorIfBad(uStatus); } if(a_pPublicKey->Key.Data == OpcUa_Null) { a_pPublicKey->Key.Length = a_bits; OpcUa_ReturnStatusCode; } if(a_pPrivateKey->Key.Data == OpcUa_Null) { a_pPrivateKey->Key.Length = a_bits; OpcUa_ReturnStatusCode; } pRsa = RSA_generate_key(a_bits, RSA_F4, NULL, OpcUa_Null); pData = a_pPublicKey->Key.Data; a_pPublicKey->Key.Length = i2d_RSAPublicKey(pRsa, &pData); pData = a_pPrivateKey->Key.Data; a_pPrivateKey->Key.Length = i2d_RSAPrivateKey(pRsa, &pData); /* clean up */ if(pRsa != OpcUa_Null) { RSA_free(pRsa); } a_pPublicKey->Type = OpcUa_Crypto_Rsa_Alg_Id; a_pPrivateKey->Type = OpcUa_Crypto_Rsa_Alg_Id; OpcUa_ReturnStatusCode; OpcUa_BeginErrorHandling; OpcUa_FinishErrorHandling; }
int ca_privkey_serialize(EVP_PKEY *key, struct iked_id *id) { RSA *rsa = NULL; uint8_t *d; int len = 0; int ret = -1; switch (key->type) { case EVP_PKEY_RSA: id->id_type = 0; id->id_offset = 0; ibuf_release(id->id_buf); if ((rsa = EVP_PKEY_get1_RSA(key)) == NULL) goto done; if ((len = i2d_RSAPrivateKey(rsa, NULL)) <= 0) goto done; if ((id->id_buf = ibuf_new(NULL, len)) == NULL) goto done; d = ibuf_data(id->id_buf); if (i2d_RSAPrivateKey(rsa, &d) != len) { ibuf_release(id->id_buf); goto done; } id->id_type = IKEV2_CERT_RSA_KEY; break; default: log_debug("%s: unsupported key type %d", __func__, key->type); return (-1); } log_debug("%s: type %s length %d", __func__, print_map(id->id_type, ikev2_cert_map), len); ret = 0; done: if (rsa != NULL) RSA_free(rsa); return (ret); }
ndn_Error ndn_RsaPrivateKey_encodePrivateKey (const struct ndn_RsaPrivateKey *self, uint8_t *encoding, size_t *encodingLength) { int result = i2d_RSAPrivateKey(self->privateKey, encoding ? &encoding : 0); if (result < 0) return NDN_ERROR_Error_encoding_key; *encodingLength = result; return NDN_ERROR_success; }
sqbind::CSqBinary COsslKey::getPrivateKeyRaw() {_STT(); if ( !m_pkey ) return sqbind::CSqBinary(); // How big is the key? int nSize = i2d_RSAPrivateKey( m_pkey->pkey.rsa, oexNULL ); if ( 0 >= nSize ) return sqbind::CSqBinary(); // Allocate space sqbind::CSqBinary bin; if ( !bin.Allocate( nSize ) ) return bin; // Get the key data unsigned char *p = (unsigned char*)bin._Ptr(); bin.setUsed( i2d_RSAPrivateKey( m_pkey->pkey.rsa, &p ) ); return bin; }
/*----------------------------------------------* * Loads the Private Key * *----------------------------------------------*/ static int loadPemPrivateKey(unsigned char *FileName, unsigned char *buffer, int *len) { int length = 0; unsigned char *temp; BIO *bioIn = NULL; RSA *pKey = NULL; int retVal = OSPC_ERR_NO_ERROR; temp = buffer; bioIn = BIO_new_file((const char*)FileName,"r"); if (bioIn == NULL) { cw_log(LOG_WARNING,"Failed to find the File - %s \n",FileName); return -1; } else { pKey = PEM_read_bio_RSAPrivateKey(bioIn,NULL,NULL,NULL); if (pKey == NULL) { cw_log(LOG_WARNING,"Failed to parse the Private Key from the File - %s \n",FileName); return -1; } else { length = i2d_RSAPrivateKey(pKey,&temp); if (length == 0) { cw_log(LOG_WARNING,"Failed to parse the Private Key from the File - %s, Length=0 \n",FileName); return -1; } else { *len = length; } } } if (bioIn != NULL) { BIO_free(bioIn); } if (pKey != NULL) { RSA_free(pKey); } return retVal; }
SEXP R_rsa_key_build(SEXP e, SEXP n, SEXP p, SEXP q, SEXP d, SEXP dp, SEXP dq, SEXP qi){ RSA *rsa = RSA_new(); MY_RSA_set0_key(rsa, new_bignum_from_r(n), new_bignum_from_r(e), new_bignum_from_r(d)); MY_RSA_set0_factors(rsa, new_bignum_from_r(p), new_bignum_from_r(q)); MY_RSA_set0_crt_params(rsa, new_bignum_from_r(dp), new_bignum_from_r(dq), new_bignum_from_r(qi)); bail(RSA_check_key(rsa)); unsigned char *buf = NULL; int len = i2d_RSAPrivateKey(rsa, &buf); bail(len); RSA_free(rsa); SEXP res = allocVector(RAWSXP, len); memcpy(RAW(res), buf, len); OPENSSL_free(buf); return res; }
//rsa密钥对产生 bool CRsaDesManager::GenRsaKeypairs(void) { RSA *rsa = NULL; FILE *fKeyFile = NULL; fKeyFile = fopen("raskeys.key", "wb"); if(fKeyFile == NULL) { return false; } int i = 0; //把密钥对写入文件,以后从文件里读取 unsigned char ucPubKey[RSA_KEY_LEN] = {0}, ucPriKey[RSA_KEY_LEN] = {0}; for(i = 0; i < RSA_KEY_PAIR_NUM; ++i) { //生成RSA密钥对: rsa = RSA_new(); rsa = RSA_generate_key(RSA_KEY_LEN, RSA_F4, NULL, NULL); unsigned char* pt = ucPubKey; ui32 len = i2d_RSAPublicKey(rsa, &pt); if(!GetPubKey(ucPubKey, len, &m_pPubRSA[i])) break; fwrite((unsigned char*)&len, 1, sizeof(ui32), fKeyFile); fwrite(ucPubKey, 1, len, fKeyFile); m_strPubKeys[i].clear(); m_strPubKeys[i].append((char*)ucPubKey, len); unsigned char* pt2 = ucPriKey; len = i2d_RSAPrivateKey(rsa,&pt2); if(!GetPriKey(ucPriKey, len, &m_pPriRSA[i])) break; fwrite((unsigned char*)&len, 1, sizeof(ui32), fKeyFile); fwrite(ucPriKey, 1, len, fKeyFile); if(rsa != NULL) { RSA_free(rsa); rsa = NULL; } } fclose(fKeyFile); if(i < RSA_KEY_PAIR_NUM) return false; return true; }
int tgw_marshal_pb_rsareq(RsaRemoteReq *req, RSA *rsa, const uint8_t *from, int flen, int padding, int type) { req->id = 18; req->has_id = 1; req->version = 2; req->has_version = 1; req->from_len = flen; req->has_from_len = 1; req->padding = padding; req->has_padding = 1; unsigned char *key_buf = NULL; printf("hi, file:%s line:%d\n", __FILE__, __LINE__); int key_len = i2d_RSAPrivateKey(rsa, (uint8_t **) &key_buf); printf("hi, file:%s line:%d\n", __FILE__, __LINE__); req->private_key.data = (uint8_t *) malloc(key_len); if (req->private_key.data == NULL) { printf("fail to malloc for private key\n"); return -1; } req->private_key.len = key_len; req->msg.data = (uint8_t *)malloc(flen); if (req->msg.data == NULL) { printf("fail to malloc for msg\n"); return -1; } req->msg.len = flen; req->has_msg = 1; memcpy(req->private_key.data, key_buf, key_len); memcpy(req->msg.data, from, flen); printf("memcpy to req->private_key, key_len:%d\n", key_len); printf("i2d_rsaprivatekey len:%d padding:%d id:%d\n", key_len, req->padding, req->id); printf("key buf:\n"); req->private_key_len = key_len; req->has_private_key_len = 1; print_hex(key_buf, key_len); printf("private key\n"); print_hex(req->private_key.data, key_len); req->has_private_key = 1; printf("hi, private key len:%d file:%s line:%d\n", req->private_key_len, __FILE__, __LINE__); printf("encrypt txt:\n"); print_hex(req->msg.data, flen); return 0; }
static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { unsigned char *rk = NULL; int rklen; rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); if (rklen <= 0) { RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE); return 0; } if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_rsaEncryption), 0, V_ASN1_NULL, NULL, rk, rklen)) { RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE); return 0; } return 1; }
main4() { FILE *in; unsigned char buf[10240],buf2[10240],*p; int num,i; RSA *nx=NULL,*mx=NULL; in=fopen("rsa.der","r"); if (in == NULL) { perror("rsa.der"); exit(1); } num=fread(buf,1,10240,in); fclose(in); p=buf; if (d2i_RSAPrivateKey(&nx,&p,num) == NULL) goto err; printf("num=%d p-buf=%d\n",num,p-buf); p=buf2; num=i2d_RSAPrivateKey(nx,&p); printf("num=%d p-buf=%d\n",num,p-buf2); if (memcmp(buf,buf2,num) != 0) { fprintf(stderr,"data difference\n"); for (i=0; i<num; i++) fprintf(stderr,"%c%03d <%02X-%02X>\n", (buf[i] == buf2[i])?' ':'*',i, buf[i],buf2[i]); fprintf(stderr,"\n"); exit(1); } return(1); err: ERR_load_crypto_strings(); ERR_print_errors(stderr); return(0); }
static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { uint8_t *rk = NULL; int rklen; rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); if (rklen <= 0) { OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); return 0; } /* TODO(fork): const correctness in next line. */ if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_rsaEncryption), 0, V_ASN1_NULL, NULL, rk, rklen)) { OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); return 0; } return 1; }
wi_data_t * wi_rsa_private_key(wi_rsa_t *rsa) { unsigned char *buffer; int length; if(!rsa->private_key) { buffer = NULL; length = i2d_RSAPrivateKey(rsa->rsa, &buffer); if(length <= 0) { wi_error_set_openssl_error(); return NULL; } rsa->private_key = wi_data_init_with_bytes(wi_data_alloc(), buffer, length); OPENSSL_free(buffer); } return rsa->private_key; }
/* * genrsa: generates a new rsa key pair and returns the private key in the RSA * format. If `pub' is not null, it stores in it the pointer to a newly * allocated dump of the public key that is `*pub_len' bytes. The same is for * `priv' and `priv_len'. * On error null is returned. */ RSA *genrsa(int key_bits, u_char **pub, u_int *pub_len, u_char **priv, u_int *priv_len) { RSA *rsa=0; int len; rsa=RSA_generate_key(key_bits, RSA_F4, NULL, NULL); if (!rsa) { debug(DBG_SOFT, "RSA key generation failed"); goto error; } if(priv) { *priv=0; len=i2d_RSAPrivateKey(rsa, priv); if(priv_len) *priv_len=len; if(len <= 0) { debug(DBG_SOFT, "Cannot dump RSA public key: %s", ssl_strerr()); goto error; } } if(pub) { *pub=0; len=i2d_RSAPublicKey(rsa, pub); if(pub_len) *pub_len=len; if(len <= 0) { debug(DBG_SOFT, "Cannot dump RSA public key: %s", ssl_strerr()); goto error; } } return rsa; error: if(rsa) RSA_free(rsa); return 0; }
QSslKey SafetPKCS12::keyFromEVP( EVP_PKEY * evp ) { EVP_PKEY *key = (EVP_PKEY*)evp; unsigned char *data = NULL; int len = 0; QSsl::KeyAlgorithm alg; QSsl::KeyType type; switch( EVP_PKEY_type( key->type ) ) { case EVP_PKEY_RSA: { RSA *rsa = EVP_PKEY_get1_RSA( key ); alg = QSsl::Rsa; type = rsa->d ? QSsl::PrivateKey : QSsl::PublicKey; len = rsa->d ? i2d_RSAPrivateKey( rsa, &data ) : i2d_RSAPublicKey( rsa, &data ); RSA_free( rsa ); break; } case EVP_PKEY_DSA: { DSA *dsa = EVP_PKEY_get1_DSA( key ); alg = QSsl::Dsa; type = dsa->priv_key ? QSsl::PrivateKey : QSsl::PublicKey; len = dsa->priv_key ? i2d_DSAPrivateKey( dsa, &data ) : i2d_DSAPublicKey( dsa, &data ); DSA_free( dsa ); break; } default: break; } QSslKey k; if( len > 0 ) k = QSslKey( QByteArray( (char*)data, len ), alg, QSsl::Der, type ); OPENSSL_free( data ); return k; }
/* Write a private key to a file in .vbprivk format. */ int PrivateKeyWrite(const char* filename, const VbPrivateKey* key) { uint8_t *outbuf = 0; int buflen; FILE *f; buflen = i2d_RSAPrivateKey(key->rsa_private_key, &outbuf); if (buflen <= 0) { VbExError("Unable to write private key buffer\n"); return 1; } f = fopen(filename, "wb"); if (!f) { VbExError("Unable to open file %s\n", filename); free(outbuf); return 1; } if (1 != fwrite(&key->algorithm, sizeof(key->algorithm), 1, f)) { VbExError("Unable to write to file %s\n", filename); fclose(f); free(outbuf); unlink(filename); /* Delete any partial file */ } if (1 != fwrite(outbuf, buflen, 1, f)) { VbExError("Unable to write to file %s\n", filename); fclose(f); unlink(filename); /* Delete any partial file */ free(outbuf); } fclose(f); free(outbuf); return 0; }
main(){ RSA *rsa; int i,len,en_len; unsigned char buf[2048],*p,*key_p; rsa=RSA_generate_key(1024,RSA_F4,NULL,NULL); p=buf; len=i2d_RSAPublicKey(rsa,&p); len+=i2d_RSAPrivateKey(rsa,&p); RSA_free(rsa); key_p = (unsigned char*)malloc(len); memcpy(key_p,buf,len); p = buf; base64_encode(key_p,len,p,&en_len); printf("%s\n",buf); free(key_p); }
/* * ASCII-encode a key. */ char * kn_encode_key(struct keynote_deckey *dc, int iencoding, int encoding, int keytype) { char *foo, *ptr; DSA *dsa; RSA *rsa; int i; struct keynote_binary *bn; char *s; keynote_errno = 0; if (dc == NULL || dc->dec_key == NULL) { keynote_errno = ERROR_NOTFOUND; return NULL; } /* DSA keys */ if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_DSA) && (iencoding == INTERNAL_ENC_ASN1) && ((encoding == ENCODING_HEX) || (encoding == ENCODING_BASE64))) { dsa = (DSA *) dc->dec_key; if (keytype == KEYNOTE_PUBLIC_KEY) i = i2d_DSAPublicKey(dsa, NULL); else i = i2d_DSAPrivateKey(dsa, NULL); if (i <= 0) { keynote_errno = ERROR_SYNTAX; return NULL; } ptr = foo = calloc(i, sizeof(char)); if (foo == NULL) { keynote_errno = ERROR_MEMORY; return NULL; } dsa->write_params = 1; if (keytype == KEYNOTE_PUBLIC_KEY) i2d_DSAPublicKey(dsa, (unsigned char **) &foo); else i2d_DSAPrivateKey(dsa, (unsigned char **) &foo); if (encoding == ENCODING_HEX) { if (kn_encode_hex(ptr, &s, i) != 0) { free(ptr); return NULL; } free(ptr); return s; } else if (encoding == ENCODING_BASE64) { s = calloc(2 * i, sizeof(char)); if (s == NULL) { free(ptr); keynote_errno = ERROR_MEMORY; return NULL; } if (kn_encode_base64(ptr, i, s, 2 * i) == -1) { free(s); free(ptr); return NULL; } free(ptr); return s; } } /* RSA keys */ if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_RSA) && (iencoding == INTERNAL_ENC_PKCS1) && ((encoding == ENCODING_HEX) || (encoding == ENCODING_BASE64))) { rsa = (RSA *) dc->dec_key; if (keytype == KEYNOTE_PUBLIC_KEY) i = i2d_RSAPublicKey(rsa, NULL); else i = i2d_RSAPrivateKey(rsa, NULL); if (i <= 0) { keynote_errno = ERROR_SYNTAX; return NULL; } ptr = foo = calloc(i, sizeof(char)); if (foo == NULL) { keynote_errno = ERROR_MEMORY; return NULL; } if (keytype == KEYNOTE_PUBLIC_KEY) i2d_RSAPublicKey(rsa, (unsigned char **) &foo); else i2d_RSAPrivateKey(rsa, (unsigned char **) &foo); if (encoding == ENCODING_HEX) { if (kn_encode_hex(ptr, &s, i) != 0) { free(ptr); return NULL; } free(ptr); return s; } else if (encoding == ENCODING_BASE64) { s = calloc(2 * i, sizeof(char)); if (s == NULL) { free(ptr); keynote_errno = ERROR_MEMORY; return NULL; } if (kn_encode_base64(ptr, i, s, 2 * i) == -1) { free(s); free(ptr); return NULL; } free(ptr); return s; } } /* BINARY keys */ if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_BINARY) && (iencoding == INTERNAL_ENC_NONE) && ((encoding == ENCODING_HEX) || (encoding == ENCODING_BASE64))) { bn = (struct keynote_binary *) dc->dec_key; if (encoding == ENCODING_HEX) { if (kn_encode_hex(bn->bn_key, &s, bn->bn_len) != 0) return NULL; return s; } else if (encoding == ENCODING_BASE64) { s = calloc(2 * bn->bn_len, sizeof(char)); if (s == NULL) { keynote_errno = ERROR_MEMORY; return NULL; } if (kn_encode_base64(bn->bn_key, bn->bn_len, s, 2 * bn->bn_len) == -1) { free(s); return NULL; } return s; } } keynote_errno = ERROR_NOTFOUND; return NULL; }
/* * Store the given private key (key) and certificate (cert) * into the Kerberos 5 credentials cache. The "lifetime" * of the certificate is also given in notBefore, and notAfter. */ int store_in_cc(RSA *key, BYTE *cert, DWORD cert_length, char *realm, ASN1_UTCTIME *notBefore, ASN1_UTCTIME *notAfter, #if defined(KX509_LIB) char *tkt_cache_name, #endif char **err_msg) { krb5_context k5_context; krb5_ccache cc; krb5_creds fake_creds; DWORD key_length; krb5_error_code k5_rc = 0; int retcode = KX509_STATUS_GOOD; BYTE *ptr = NULL; BYTE *memptr = NULL; /* * Use fake_creds.ticket for private key and * fake_creds.second_ticket for certificate */ memset(&fake_creds, '\0', sizeof(fake_creds)); if (k5_rc = krb5_init_context(&k5_context)) { log_printf("store_in_cc: unable to initialize Kerberos 5 context (%d)\n", k5_rc); *err_msg = "Error initializing kerberos 5 environment."; return KX509_STATUS_CLNT_FIX; } #if 0 /* DON'T NEED THIS, and it is a private function anyway... */ if (k5_rc = krb5_set_default_realm(k5_context, realm)) { log_printf("store_in_cc: failed to malloc space for k5 default_realm\n"); *err_msg = "Try re-authenticating. " "Hopefully temporary client-side problem"; return KX509_STATUS_CLNT_FIX; } #endif #if defined(KX509_LIB) if (k5_rc = krb5_cc_resolve(k5_context, tkt_cache_name, &cc)) { log_printf("store_in_cc: failed to resolve credential cache (%d)\n", k5_rc); *err_msg = "Try re-authenticating. " "Could not resolve your credential cache name."; return KX509_STATUS_CLNT_FIX; } #else if (k5_rc = krb5_cc_default(k5_context, &cc)) { log_printf("store_in_cc: failed to resolve credential cache (%d)\n", k5_rc); *err_msg = "Try re-authenticating. " "Could not resolve your credential cache name."; return KX509_STATUS_CLNT_FIX; } #endif #if defined(HAVE_HEIMDAL) if (k5_rc = krb5_make_principal(k5_context, &fake_creds.server, realm, KX509_CC_PRINCIPAL, KX509_CC_INSTANCE, NULL)) #else if (k5_rc = krb5_sname_to_principal(k5_context, KX509_CC_INSTANCE, KX509_CC_PRINCIPAL, KRB5_NT_UNKNOWN, &fake_creds.server)) #endif { log_printf("store_in_cc: unable to create server principal from sname (%d)\n", k5_rc); *err_msg = "Internal error with kerberos while creating fake server principal."; retcode = KX509_STATUS_CLNT_FIX; goto close_and_return; } #if defined(CC_REMOVE_IMPLEMENTED) /* * We really want to clear out any old private key/certificate entries * from the credentials cache. However, the function to do that is * not defined... */ if (k5_rc = kx509_clear_old_certificates(k5_context, cc, fake_creds)) { log_printf("store_in_cc: couldn't clear out old certificate " "from cred cache (%d)\n", k5_rc); *err_msg = "Error removing old certificate from your kerberos credentials cache."; retcode = KX509_STATUS_CLNT_FIX; goto close_and_return; } #endif /* CC_REMOVE_IMPLEMENTED */ if (k5_rc = krb5_cc_get_principal(k5_context, cc, &fake_creds.client)) { log_printf("store_in_cc: unable to create client principal from sname (%d)\n", k5_rc); *err_msg = "Internal error with kerberos while creating fake client principal."; retcode = KX509_STATUS_CLNT_FIX; goto close_and_return; } /* * Get the DER-encoded length of the private key. * Allocate storage to hold the private key and certificate. */ key_length = i2d_RSAPrivateKey(key, NULL); /* Get DER-encoded len of Private Key */ if (key_length <= 0) { log_printf("store_in_cc: unable to determine length of " "encoded private key (%d)\n", key_length); *err_msg = "Error determining encoded length of private key."; retcode = KX509_STATUS_CLNT_FIX; goto close_and_return; } ptr = Malloc(key_length + cert_length); if (!ptr) { log_printf("store_in_cc: error allocating %d bytes for " "private key (%d) and certificate (%d)\n", key_length+cert_length, key_length, cert_length); *err_msg = "Error allocating storage for private key and certificate."; retcode = KX509_STATUS_CLNT_FIX; goto close_and_return; } memptr = ptr; /* Save a ptr to the allocated area for later when we free it */ fake_creds.ticket.data = (char *)ptr; fake_creds.ticket.length = i2d_RSAPrivateKey(key, &ptr); /* Note that i2d_RSAPrivateKey() updates ptr!!! */ memcpy(ptr, cert, cert_length); fake_creds.second_ticket.data = (char *)ptr; fake_creds.second_ticket.length = cert_length; /* Set up the ticket lifetime according to the certificate lifetime */ fake_creds.times.starttime = utc2unix(notBefore, NULL); fake_creds.times.endtime = utc2unix(notAfter, NULL); /* * Store the fake ticket (containing the private key * and certificate) into the credentials cache. */ #if defined(WRITE_CERT) /* Write the key-pair and certificate to file (code lifted from kxlist -p) */ if (k5_rc = materialize_cert(k5_context, cc, &fake_creds)) #else /* WRITE_CERT */ /* Store the key-pair and certificate into the K5 credentials cache as a mock ticket */ if (k5_rc = krb5_cc_store_cred(k5_context, cc, &fake_creds)) #endif /* WRITE_CERT */ { log_printf("store_in_cc: krb5_cc_store_cred returned %0d\n", k5_rc); *err_msg = "Try re-authenticating. " "Currently unable to write your Kerberos credentials cache."; retcode = KX509_STATUS_CLNT_FIX; goto close_and_return; } close_and_return: if (memptr) { Free(memptr); memptr = NULL; } krb5_cc_close(k5_context, cc); /* ignore return code from close */ return(retcode); }
static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) { return i2d_RSAPrivateKey(pkey->pkey.rsa, pder); }
void keyGenerator(int fileIndex, int keyLength) { int err=0; int size = 0; char * buffer = 0; char * buffer2 = 0; FILE * publicKeyFile = NULL; FILE * privateKeyFile = NULL; char fileName[256]; char publicKeyFileName[512]; char privateKeyFileName[512]; for(int i = 0; i< 1000; i++) { if( i < 10) { sprintf(publicKeyFileName, "%d00%d-PublicKey", fileIndex, i); sprintf(privateKeyFileName, "%d00%d-PrivateKey", fileIndex,i); } else if(i >= 10 && i < 100) { sprintf(publicKeyFileName, "%d0%d-PublicKey", fileIndex, i); sprintf(privateKeyFileName, "%d0%d-PrivateKey", fileIndex,i); } else { sprintf(publicKeyFileName, "%d%d-PublicKey", fileIndex, i); sprintf(privateKeyFileName, "%d%d-PrivateKey", fileIndex,i); } RSA * rsa; rsa = RSA_generate_key(keyLength, RSA_F4, NULL, (char*)stdout); int lenE = 0; unsigned char * tmp = new unsigned char[keyLength]; unsigned char *p; //public key p = tmp; lenE=i2d_RSAPublicKey(rsa,&p); buffer = new char[lenE]; memcpy(buffer, tmp, lenE); publicKeyFile = fopen(publicKeyFileName, "wb"); if (publicKeyFile == NULL) perror("publicKey"); fwrite(buffer, sizeof(char), lenE, publicKeyFile); fclose(publicKeyFile); //private key p = tmp; int lenD=i2d_RSAPrivateKey(rsa,&p); buffer2 = new char[lenD]; memcpy(buffer2, tmp, lenD); privateKeyFile = fopen(privateKeyFileName, "wb"); if (privateKeyFile == NULL) perror("PrivateKey"); fwrite(buffer2, sizeof(char), lenD, privateKeyFile); fclose(privateKeyFile); RSA_free(rsa); delete [] buffer; delete [] buffer2; delete [] tmp; } }
/*============================================================================ * OpcUa_P_OpenSSL_RSA_LoadPrivateKeyFromFile *===========================================================================*/ OpcUa_StatusCode OpcUa_P_OpenSSL_RSA_LoadPrivateKeyFromFile( OpcUa_StringA a_privateKeyFile, OpcUa_P_FileFormat a_fileFormat, OpcUa_StringA a_password, /* optional: just needed encrypted PEM */ OpcUa_ByteString* a_pPrivateKey) { BIO* pPrivateKeyFile = OpcUa_Null; RSA* pRsaPrivateKey = OpcUa_Null; EVP_PKEY* pEvpKey = OpcUa_Null; unsigned char* pData; OpcUa_InitializeStatus(OpcUa_Module_P_OpenSSL, "RSA_LoadPrivateKeyFromFile"); /* check parameters */ OpcUa_ReturnErrorIfArgumentNull(a_privateKeyFile); OpcUa_ReturnErrorIfArgumentNull(a_pPrivateKey); if(a_fileFormat == OpcUa_Crypto_Encoding_Invalid) { return OpcUa_BadInvalidArgument; } OpcUa_ReferenceParameter(a_password); /* open file */ pPrivateKeyFile = BIO_new_file((const char*)a_privateKeyFile, "rb"); OpcUa_ReturnErrorIfArgumentNull(pPrivateKeyFile); /* read and convert file */ switch(a_fileFormat) { case OpcUa_Crypto_Encoding_PEM: { /* read from file */ pEvpKey = PEM_read_bio_PrivateKey( pPrivateKeyFile, /* file */ NULL, /* key struct */ 0, /* password callback */ a_password); /* default passphrase or arbitrary handle */ OpcUa_GotoErrorIfNull(pEvpKey, OpcUa_Bad); break; } case OpcUa_Crypto_Encoding_PKCS12: { int iResult = 0; /* read from file. */ PKCS12* pPkcs12 = d2i_PKCS12_bio(pPrivateKeyFile, NULL); if (pPkcs12 == 0) { OpcUa_GotoErrorWithStatus(OpcUa_BadEncodingError); } /* parse the certificate. */ iResult = PKCS12_parse(pPkcs12, a_password, &pEvpKey, NULL, NULL); if (iResult == 0) { OpcUa_GotoErrorWithStatus(OpcUa_BadEncodingError); } /* free certificate. */ PKCS12_free(pPkcs12); pPkcs12 = NULL; break; } case OpcUa_Crypto_Encoding_DER: default: { uStatus = OpcUa_BadNotSupported; OpcUa_GotoError; } } /* convert to intermediary openssl struct */ pRsaPrivateKey = EVP_PKEY_get1_RSA(pEvpKey); EVP_PKEY_free(pEvpKey); OpcUa_GotoErrorIfNull(pRsaPrivateKey, OpcUa_Bad); /* get required length */ a_pPrivateKey->Length = i2d_RSAPrivateKey(pRsaPrivateKey, OpcUa_Null); OpcUa_GotoErrorIfTrue((a_pPrivateKey->Length <= 0), OpcUa_Bad); /* allocate target buffer */ a_pPrivateKey->Data = (OpcUa_Byte*)OpcUa_P_Memory_Alloc(a_pPrivateKey->Length); OpcUa_GotoErrorIfAllocFailed(a_pPrivateKey->Data); /* do real conversion */ pData = a_pPrivateKey->Data; a_pPrivateKey->Length = i2d_RSAPrivateKey(pRsaPrivateKey, &pData); OpcUa_GotoErrorIfTrue((a_pPrivateKey->Length <= 0), OpcUa_Bad); RSA_free(pRsaPrivateKey); BIO_free(pPrivateKeyFile); OpcUa_ReturnStatusCode; OpcUa_BeginErrorHandling; if(pEvpKey) { EVP_PKEY_free(pEvpKey); } if(a_pPrivateKey != OpcUa_Null) { if(a_pPrivateKey->Data != OpcUa_Null) { OpcUa_P_Memory_Free(a_pPrivateKey->Data); a_pPrivateKey->Data = OpcUa_Null; a_pPrivateKey->Length = -1; } } if(pPrivateKeyFile != NULL) { BIO_free(pPrivateKeyFile); } if(pRsaPrivateKey != NULL) { RSA_free(pRsaPrivateKey); } OpcUa_FinishErrorHandling; }