本文整理汇总了C++中EC_KEY_generate_key函数的典型用法代码示例。如果您正苦于以下问题:C++ EC_KEY_generate_key函数的具体用法?C++ EC_KEY_generate_key怎么用?C++ EC_KEY_generate_key使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了EC_KEY_generate_key函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: test_builtin
int test_builtin(BIO *out)
{
EC_builtin_curve *curves = NULL;
size_t crv_len = 0, n = 0;
EC_KEY *eckey = NULL, *wrong_eckey = NULL;
EC_GROUP *group;
ECDSA_SIG *ecdsa_sig = NULL;
unsigned char digest[20], wrong_digest[20];
unsigned char *signature = NULL;
const unsigned char *sig_ptr;
unsigned char *sig_ptr2;
unsigned char *raw_buf = NULL;
unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len;
int nid, ret = 0;
/* fill digest values with some random data */
if (!RAND_pseudo_bytes(digest, 20) ||
!RAND_pseudo_bytes(wrong_digest, 20)) {
BIO_printf(out, "ERROR: unable to get random data\n");
goto builtin_err;
}
/*
* create and verify a ecdsa signature with every availble curve (with )
*/
BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() "
"with some internal curves:\n");
/* get a list of all internal curves */
crv_len = EC_get_builtin_curves(NULL, 0);
curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
if (curves == NULL) {
BIO_printf(out, "malloc error\n");
goto builtin_err;
}
if (!EC_get_builtin_curves(curves, crv_len)) {
BIO_printf(out, "unable to get internal curves\n");
goto builtin_err;
}
/* now create and verify a signature for every curve */
for (n = 0; n < crv_len; n++) {
unsigned char dirt, offset;
nid = curves[n].nid;
if (nid == NID_ipsec4)
continue;
/* create new ecdsa key (== EC_KEY) */
if ((eckey = EC_KEY_new()) == NULL)
goto builtin_err;
group = EC_GROUP_new_by_curve_name(nid);
if (group == NULL)
goto builtin_err;
if (EC_KEY_set_group(eckey, group) == 0)
goto builtin_err;
EC_GROUP_free(group);
degree = EC_GROUP_get_degree(EC_KEY_get0_group(eckey));
if (degree < 160)
/* drop the curve */
{
EC_KEY_free(eckey);
eckey = NULL;
continue;
}
BIO_printf(out, "%s: ", OBJ_nid2sn(nid));
/* create key */
if (!EC_KEY_generate_key(eckey)) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
/* create second key */
if ((wrong_eckey = EC_KEY_new()) == NULL)
goto builtin_err;
group = EC_GROUP_new_by_curve_name(nid);
if (group == NULL)
goto builtin_err;
if (EC_KEY_set_group(wrong_eckey, group) == 0)
goto builtin_err;
EC_GROUP_free(group);
if (!EC_KEY_generate_key(wrong_eckey)) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
BIO_printf(out, ".");
(void)BIO_flush(out);
/* check key */
if (!EC_KEY_check_key(eckey)) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
BIO_printf(out, ".");
(void)BIO_flush(out);
/* create signature */
sig_len = ECDSA_size(eckey);
if ((signature = OPENSSL_malloc(sig_len)) == NULL)
goto builtin_err;
//.........这里部分代码省略.........
示例2: opensslecdsa_generate
static isc_result_t
opensslecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
isc_result_t ret;
EVP_PKEY *pkey;
EC_KEY *eckey = NULL;
int group_nid;
REQUIRE(key->key_alg == DST_ALG_ECDSA256 ||
key->key_alg == DST_ALG_ECDSA384);
UNUSED(unused);
UNUSED(callback);
if (key->key_alg == DST_ALG_ECDSA256)
group_nid = NID_X9_62_prime256v1;
else
group_nid = NID_secp384r1;
eckey = EC_KEY_new_by_curve_name(group_nid);
if (eckey == NULL)
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (EC_KEY_generate_key(eckey) != 1)
DST_RET (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
pkey = EVP_PKEY_new();
if (pkey == NULL)
DST_RET (ISC_R_NOMEMORY);
if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) {
EVP_PKEY_free(pkey);
DST_RET (ISC_R_FAILURE);
}
key->keydata.pkey = pkey;
ret = ISC_R_SUCCESS;
err:
if (eckey != NULL)
EC_KEY_free(eckey);
return (ret);
}示例3: pkey_ec_keygen
static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
EC_KEY *ec = NULL;
EC_PKEY_CTX *dctx = ctx->data;
if (ctx->pkey == NULL && dctx->gen_group == NULL) {
ECerr(EC_F_PKEY_EC_KEYGEN, EC_R_NO_PARAMETERS_SET);
return 0;
}
ec = EC_KEY_new();
if (!ec)
return 0;
EVP_PKEY_assign_EC_KEY(pkey, ec);
if (ctx->pkey) {
/* Note: if error return, pkey is freed by parent routine */
if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
return 0;
} else {
if (!EC_KEY_set_group(ec, dctx->gen_group))
return 0;
}
return EC_KEY_generate_key(pkey->pkey.ec);
}示例4: soter_ec_gen_key
soter_status_t soter_ec_gen_key(EVP_PKEY_CTX *pkey_ctx)
{
EVP_PKEY *pkey;
EC_KEY *ec;
if (!pkey_ctx){
return SOTER_INVALID_PARAMETER;
}
pkey = EVP_PKEY_CTX_get0_pkey(pkey_ctx);
if (!pkey){
return SOTER_INVALID_PARAMETER;
}
if (EVP_PKEY_EC != EVP_PKEY_id(pkey)){
return SOTER_INVALID_PARAMETER;
}
ec = EVP_PKEY_get0(pkey);
if (NULL == ec){
return SOTER_INVALID_PARAMETER;
}
if (1 == EC_KEY_generate_key(ec)){
return SOTER_SUCCESS;
}
return SOTER_FAIL;
}示例5: soter_asym_ka_gen_key
soter_status_t soter_asym_ka_gen_key(soter_asym_ka_t* asym_ka_ctx)
{
EVP_PKEY *pkey;
EC_KEY *ec;
if (!asym_ka_ctx)
{
return SOTER_INVALID_PARAMETER;
}
pkey = EVP_PKEY_CTX_get0_pkey(asym_ka_ctx->pkey_ctx);
if (!pkey)
{
return SOTER_INVALID_PARAMETER;
}
if (EVP_PKEY_EC != EVP_PKEY_id(pkey))
{
return SOTER_INVALID_PARAMETER;
}
ec = EVP_PKEY_get0_EC_KEY(pkey);
if (NULL == ec)
{
return SOTER_INVALID_PARAMETER;
}
if (1 == EC_KEY_generate_key(ec))
{
return SOTER_SUCCESS;
}
else
{
return SOTER_FAIL;
}
}示例6: test_ecdsa_sign
static void test_ecdsa_sign(void)
{
EVP_PKEY *pkey;
{ /* create pkey */
EC_KEY *eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
EC_KEY_generate_key(eckey);
pkey = EVP_PKEY_new();
EVP_PKEY_set1_EC_KEY(pkey, eckey);
EC_KEY_free(eckey);
}
const char *message = "hello world";
ptls_buffer_t sigbuf;
uint8_t sigbuf_small[1024];
ptls_buffer_init(&sigbuf, sigbuf_small, sizeof(sigbuf_small));
ok(do_sign(pkey, &sigbuf, ptls_iovec_init(message, strlen(message)), EVP_sha256()) == 0);
EVP_PKEY_up_ref(pkey);
ok(verify_sign(pkey, ptls_iovec_init(message, strlen(message)), ptls_iovec_init(sigbuf.base, sigbuf.off)) == 0);
ptls_buffer_dispose(&sigbuf);
EVP_PKEY_free(pkey);
}示例7: generate_ec_key
static EP_STAT
generate_ec_key(EP_CRYPTO_KEY *key, const char *curve)
{
if (curve == NULL)
curve = ep_adm_getstrparam("libep.crypto.key.ec.curve",
"sect283r1");
int nid = OBJ_txt2nid(curve);
if (nid == NID_undef)
{
_ep_crypto_error("unknown EC curve name %s", curve);
goto fail0;
}
EC_KEY *eckey = EC_KEY_new_by_curve_name(nid);
if (eckey == NULL)
{
_ep_crypto_error("cannot create EC key");
goto fail0;
}
if (!EC_KEY_generate_key(eckey))
{
_ep_crypto_error("cannot generate EC key");
goto fail1;
}
if (EVP_PKEY_assign_EC_KEY(key, eckey) != 1)
{
_ep_crypto_error("cannot assign EC key");
goto fail1;
}
return EP_STAT_OK;
fail1:
EC_KEY_free(eckey);
fail0:
return EP_STAT_CRYPTO_KEYCREATE;
}示例8: test_ecdh_curve
static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
{
EC_KEY *a = NULL;
EC_KEY *b = NULL;
BIGNUM *x_a = NULL, *y_a = NULL, *x_b = NULL, *y_b = NULL;
char buf[12];
unsigned char *abuf = NULL, *bbuf = NULL;
int i, alen, blen, aout, bout, ret = 0;
const EC_GROUP *group;
a = EC_KEY_new_by_curve_name(nid);
b = EC_KEY_new_by_curve_name(nid);
if (a == NULL || b == NULL)
goto err;
group = EC_KEY_get0_group(a);
if ((x_a = BN_new()) == NULL)
goto err;
if ((y_a = BN_new()) == NULL)
goto err;
if ((x_b = BN_new()) == NULL)
goto err;
if ((y_b = BN_new()) == NULL)
goto err;
BIO_puts(out, "Testing key generation with ");
BIO_puts(out, text);
# ifdef NOISY
BIO_puts(out, "\n");
# else
(void)BIO_flush(out);
# endif
if (!EC_KEY_generate_key(a))
goto err;
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp
(group, EC_KEY_get0_public_key(a), x_a, y_a, ctx))
goto err;
}
# ifndef OPENSSL_NO_EC2M
else {
if (!EC_POINT_get_affine_coordinates_GF2m(group,
EC_KEY_get0_public_key(a),
x_a, y_a, ctx))
goto err;
}
# endif
# ifdef NOISY
BIO_puts(out, " pri 1=");
BN_print(out, a->priv_key);
BIO_puts(out, "\n pub 1=");
BN_print(out, x_a);
BIO_puts(out, ",");
BN_print(out, y_a);
BIO_puts(out, "\n");
# else
BIO_printf(out, " .");
(void)BIO_flush(out);
# endif
if (!EC_KEY_generate_key(b))
goto err;
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp
(group, EC_KEY_get0_public_key(b), x_b, y_b, ctx))
goto err;
}
# ifndef OPENSSL_NO_EC2M
else {
if (!EC_POINT_get_affine_coordinates_GF2m(group,
EC_KEY_get0_public_key(b),
x_b, y_b, ctx))
goto err;
}
# endif
# ifdef NOISY
BIO_puts(out, " pri 2=");
BN_print(out, b->priv_key);
BIO_puts(out, "\n pub 2=");
BN_print(out, x_b);
BIO_puts(out, ",");
BN_print(out, y_b);
BIO_puts(out, "\n");
# else
BIO_printf(out, ".");
(void)BIO_flush(out);
# endif
alen = KDF1_SHA1_len;
abuf = (unsigned char *)OPENSSL_malloc(alen);
aout =
ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(b), a, KDF1_SHA1);
//.........这里部分代码省略.........
示例9: input_kex_ecdh_init
static int
input_kex_ecdh_init(int type, u_int32_t seq, struct ssh *ssh)
{
struct kex *kex = ssh->kex;
EC_POINT *client_public;
EC_KEY *server_key = NULL;
const EC_GROUP *group;
const EC_POINT *public_key;
BIGNUM *shared_secret = NULL;
struct sshkey *server_host_private, *server_host_public;
u_char *server_host_key_blob = NULL, *signature = NULL;
u_char *kbuf = NULL;
u_char hash[SSH_DIGEST_MAX_LENGTH];
size_t slen, sbloblen;
size_t klen = 0, hashlen;
int r;
if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if (EC_KEY_generate_key(server_key) != 1) {
r = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
group = EC_KEY_get0_group(server_key);
#ifdef DEBUG_KEXECDH
fputs("server private key:\n", stderr);
sshkey_dump_ec_key(server_key);
#endif
if (kex->load_host_public_key == NULL ||
kex->load_host_private_key == NULL) {
r = SSH_ERR_INVALID_ARGUMENT;
goto out;
}
server_host_public = kex->load_host_public_key(kex->hostkey_type,
kex->hostkey_nid, ssh);
server_host_private = kex->load_host_private_key(kex->hostkey_type,
kex->hostkey_nid, ssh);
if (server_host_public == NULL) {
r = SSH_ERR_NO_HOSTKEY_LOADED;
goto out;
}
if ((client_public = EC_POINT_new(group)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if ((r = sshpkt_get_ec(ssh, client_public, group)) != 0 ||
(r = sshpkt_get_end(ssh)) != 0)
goto out;
#ifdef DEBUG_KEXECDH
fputs("client public key:\n", stderr);
sshkey_dump_ec_point(group, client_public);
#endif
if (sshkey_ec_validate_public(group, client_public) != 0) {
sshpkt_disconnect(ssh, "invalid client public key");
r = SSH_ERR_MESSAGE_INCOMPLETE;
goto out;
}
/* Calculate shared_secret */
klen = (EC_GROUP_get_degree(group) + 7) / 8;
if ((kbuf = malloc(klen)) == NULL ||
(shared_secret = BN_new()) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if (ECDH_compute_key(kbuf, klen, client_public,
server_key, NULL) != (int)klen ||
BN_bin2bn(kbuf, klen, shared_secret) == NULL) {
r = SSH_ERR_LIBCRYPTO_ERROR;
goto out;
}
#ifdef DEBUG_KEXECDH
dump_digest("shared secret", kbuf, klen);
#endif
/* calc H */
if ((r = sshkey_to_blob(server_host_public, &server_host_key_blob,
&sbloblen)) != 0)
goto out;
hashlen = sizeof(hash);
if ((r = kex_ecdh_hash(
kex->hash_alg,
group,
kex->client_version_string,
kex->server_version_string,
sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
sshbuf_ptr(kex->my), sshbuf_len(kex->my),
server_host_key_blob, sbloblen,
client_public,
EC_KEY_get0_public_key(server_key),
shared_secret,
hash, &hashlen)) != 0)
goto out;
/* save session id := H */
//.........这里部分代码省略.........
示例10: generate_dh_keyblock
static krb5_error_code
generate_dh_keyblock(krb5_context context,
pk_client_params *client_params,
krb5_enctype enctype)
{
unsigned char *dh_gen_key = NULL;
krb5_keyblock key;
krb5_error_code ret;
size_t dh_gen_keylen, size;
memset(&key, 0, sizeof(key));
if (client_params->keyex == USE_DH) {
if (client_params->u.dh.public_key == NULL) {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret, "public_key");
goto out;
}
if (!DH_generate_key(client_params->u.dh.key)) {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret,
"Can't generate Diffie-Hellman keys");
goto out;
}
dh_gen_keylen = DH_size(client_params->u.dh.key);
size = BN_num_bytes(client_params->u.dh.key->p);
if (size < dh_gen_keylen)
size = dh_gen_keylen;
dh_gen_key = malloc(size);
if (dh_gen_key == NULL) {
ret = ENOMEM;
krb5_set_error_message(context, ret, "malloc: out of memory");
goto out;
}
memset(dh_gen_key, 0, size - dh_gen_keylen);
dh_gen_keylen = DH_compute_key(dh_gen_key + (size - dh_gen_keylen),
client_params->u.dh.public_key,
client_params->u.dh.key);
if (dh_gen_keylen == -1) {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret,
"Can't compute Diffie-Hellman key");
goto out;
}
ret = 0;
#ifdef HAVE_OPENSSL
} else if (client_params->keyex == USE_ECDH) {
if (client_params->u.ecdh.public_key == NULL) {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret, "public_key");
goto out;
}
client_params->u.ecdh.key = EC_KEY_new();
if (client_params->u.ecdh.key == NULL) {
ret = ENOMEM;
goto out;
}
EC_KEY_set_group(client_params->u.ecdh.key,
EC_KEY_get0_group(client_params->u.ecdh.public_key));
if (EC_KEY_generate_key(client_params->u.ecdh.key) != 1) {
ret = ENOMEM;
goto out;
}
size = (EC_GROUP_get_degree(EC_KEY_get0_group(client_params->u.ecdh.key)) + 7) / 8;
dh_gen_key = malloc(size);
if (dh_gen_key == NULL) {
ret = ENOMEM;
krb5_set_error_message(context, ret,
N_("malloc: out of memory", ""));
goto out;
}
dh_gen_keylen = ECDH_compute_key(dh_gen_key, size,
EC_KEY_get0_public_key(client_params->u.ecdh.public_key),
client_params->u.ecdh.key, NULL);
#endif /* HAVE_OPENSSL */
} else {
ret = KRB5KRB_ERR_GENERIC;
krb5_set_error_message(context, ret,
"Diffie-Hellman not selected keys");
goto out;
}
ret = _krb5_pk_octetstring2key(context,
enctype,
dh_gen_key, dh_gen_keylen,
NULL, NULL,
&client_params->reply_key);
out:
//.........这里部分代码省略.........
示例11: test_builtin
static int test_builtin(void)
{
EC_builtin_curve *curves = NULL;
size_t crv_len = 0, n = 0;
EC_KEY *eckey = NULL, *wrong_eckey = NULL;
EC_GROUP *group;
ECDSA_SIG *ecdsa_sig = NULL, *modified_sig = NULL;
unsigned char digest[20], wrong_digest[20];
unsigned char *signature = NULL;
const unsigned char *sig_ptr;
unsigned char *sig_ptr2;
unsigned char *raw_buf = NULL;
const BIGNUM *sig_r, *sig_s;
BIGNUM *modified_r = NULL, *modified_s = NULL;
BIGNUM *unmodified_r = NULL, *unmodified_s = NULL;
unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len;
int nid, ret = 0;
/* fill digest values with some random data */
if (!TEST_true(RAND_bytes(digest, 20))
|| !TEST_true(RAND_bytes(wrong_digest, 20)))
goto builtin_err;
/* create and verify a ecdsa signature with every available curve */
/* get a list of all internal curves */
crv_len = EC_get_builtin_curves(NULL, 0);
if (!TEST_ptr(curves = OPENSSL_malloc(sizeof(*curves) * crv_len))
|| !TEST_true(EC_get_builtin_curves(curves, crv_len)))
goto builtin_err;
/* now create and verify a signature for every curve */
for (n = 0; n < crv_len; n++) {
unsigned char dirt, offset;
nid = curves[n].nid;
if (nid == NID_ipsec4 || nid == NID_X25519)
continue;
/* create new ecdsa key (== EC_KEY) */
if (!TEST_ptr(eckey = EC_KEY_new())
|| !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))
|| !TEST_true(EC_KEY_set_group(eckey, group)))
goto builtin_err;
EC_GROUP_free(group);
degree = EC_GROUP_get_degree(EC_KEY_get0_group(eckey));
if (degree < 160) {
/* drop the curve */
EC_KEY_free(eckey);
eckey = NULL;
continue;
}
TEST_info("testing %s", OBJ_nid2sn(nid));
/* create key */
if (!TEST_true(EC_KEY_generate_key(eckey)))
goto builtin_err;
/* create second key */
if (!TEST_ptr(wrong_eckey = EC_KEY_new())
|| !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))
|| !TEST_true(EC_KEY_set_group(wrong_eckey, group)))
goto builtin_err;
EC_GROUP_free(group);
if (!TEST_true(EC_KEY_generate_key(wrong_eckey)))
goto builtin_err;
/* check key */
if (!TEST_true(EC_KEY_check_key(eckey)))
goto builtin_err;
/* create signature */
sig_len = ECDSA_size(eckey);
if (!TEST_ptr(signature = OPENSSL_malloc(sig_len))
|| !TEST_true(ECDSA_sign(0, digest, 20, signature, &sig_len,
eckey)))
goto builtin_err;
/* verify signature */
if (!TEST_int_eq(ECDSA_verify(0, digest, 20, signature, sig_len,
eckey), 1))
goto builtin_err;
/* verify signature with the wrong key */
if (!TEST_int_ne(ECDSA_verify(0, digest, 20, signature, sig_len,
wrong_eckey), 1))
goto builtin_err;
/* wrong digest */
if (!TEST_int_ne(ECDSA_verify(0, wrong_digest, 20, signature,
sig_len, eckey), 1))
goto builtin_err;
/* wrong length */
if (!TEST_int_ne(ECDSA_verify(0, digest, 20, signature,
sig_len - 1, eckey), 1))
goto builtin_err;
/*
* Modify a single byte of the signature: to ensure we don't garble
* the ASN1 structure, we read the raw signature and modify a byte in
* one of the bignums directly.
*/
//.........这里部分代码省略.........
示例12: kexecdh_client
void
kexecdh_client(Kex *kex)
{
EC_KEY *client_key;
EC_POINT *server_public;
const EC_GROUP *group;
BIGNUM *shared_secret;
Key *server_host_key;
u_char *server_host_key_blob = NULL, *signature = NULL;
u_char *kbuf, *hash;
u_int klen, slen, sbloblen, hashlen;
if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL)
fatal("%s: EC_KEY_new_by_curve_name failed", __func__);
if (EC_KEY_generate_key(client_key) != 1)
fatal("%s: EC_KEY_generate_key failed", __func__);
group = EC_KEY_get0_group(client_key);
packet_start(SSH2_MSG_KEX_ECDH_INIT);
packet_put_ecpoint(group, EC_KEY_get0_public_key(client_key));
packet_send();
debug("sending SSH2_MSG_KEX_ECDH_INIT");
#ifdef DEBUG_KEXECDH
fputs("client private key:\n", stderr);
key_dump_ec_key(client_key);
#endif
debug("expecting SSH2_MSG_KEX_ECDH_REPLY");
packet_read_expect(SSH2_MSG_KEX_ECDH_REPLY);
/* hostkey */
server_host_key_blob = packet_get_string(&sbloblen);
server_host_key = key_from_blob(server_host_key_blob, sbloblen);
if (server_host_key == NULL)
fatal("cannot decode server_host_key_blob");
if (server_host_key->type != kex->hostkey_type)
fatal("type mismatch for decoded server_host_key_blob");
if (kex->verify_host_key == NULL)
fatal("cannot verify server_host_key");
if (kex->verify_host_key(server_host_key) == -1)
fatal("server_host_key verification failed");
/* Q_S, server public key */
if ((server_public = EC_POINT_new(group)) == NULL)
fatal("%s: EC_POINT_new failed", __func__);
packet_get_ecpoint(group, server_public);
if (key_ec_validate_public(group, server_public) != 0)
fatal("%s: invalid server public key", __func__);
#ifdef DEBUG_KEXECDH
fputs("server public key:\n", stderr);
key_dump_ec_point(group, server_public);
#endif
/* signed H */
signature = packet_get_string(&slen);
packet_check_eom();
klen = (EC_GROUP_get_degree(group) + 7) / 8;
kbuf = xmalloc(klen);
if (ECDH_compute_key(kbuf, klen, server_public,
client_key, NULL) != (int)klen)
fatal("%s: ECDH_compute_key failed", __func__);
#ifdef DEBUG_KEXECDH
dump_digest("shared secret", kbuf, klen);
#endif
if ((shared_secret = BN_new()) == NULL)
fatal("%s: BN_new failed", __func__);
if (BN_bin2bn(kbuf, klen, shared_secret) == NULL)
fatal("%s: BN_bin2bn failed", __func__);
memset(kbuf, 0, klen);
free(kbuf);
/* calc and verify H */
kex_ecdh_hash(
kex->evp_md,
group,
kex->client_version_string,
kex->server_version_string,
buffer_ptr(&kex->my), buffer_len(&kex->my),
buffer_ptr(&kex->peer), buffer_len(&kex->peer),
server_host_key_blob, sbloblen,
EC_KEY_get0_public_key(client_key),
server_public,
shared_secret,
&hash, &hashlen
);
free(server_host_key_blob);
EC_POINT_clear_free(server_public);
EC_KEY_free(client_key);
if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1)
fatal("key_verify failed for server_host_key");
key_free(server_host_key);
free(signature);
/* save session id */
//.........这里部分代码省略.........
示例13: CryptoNative_EcKeyGenerateKey
extern "C" int32_t CryptoNative_EcKeyGenerateKey(EC_KEY* eckey)
{
return EC_KEY_generate_key(eckey);
}示例14: x9_62_test_internal
/* some tests from the X9.62 draft */
int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
{
int ret = 0;
const char message[] = "abc";
unsigned char digest[20];
unsigned int dgst_len = 0;
EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
EC_KEY *key = NULL;
ECDSA_SIG *signature = NULL;
BIGNUM *r = NULL, *s = NULL;
BIGNUM *kinv = NULL, *rp = NULL;
BIGNUM *sig_r, *sig_s;
if (md_ctx == NULL)
goto x962_int_err;
/* get the message digest */
if (!EVP_DigestInit(md_ctx, EVP_sha1())
|| !EVP_DigestUpdate(md_ctx, (const void *)message, 3)
|| !EVP_DigestFinal(md_ctx, digest, &dgst_len))
goto x962_int_err;
BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
/* create the key */
if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
goto x962_int_err;
use_fake = 1;
if (!EC_KEY_generate_key(key))
goto x962_int_err;
BIO_printf(out, ".");
(void)BIO_flush(out);
/* create the signature */
use_fake = 1;
/* Use ECDSA_sign_setup to avoid use of ECDSA nonces */
if (!ECDSA_sign_setup(key, NULL, &kinv, &rp))
goto x962_int_err;
signature = ECDSA_do_sign_ex(digest, 20, kinv, rp, key);
if (signature == NULL)
goto x962_int_err;
BIO_printf(out, ".");
(void)BIO_flush(out);
/* compare the created signature with the expected signature */
if ((r = BN_new()) == NULL || (s = BN_new()) == NULL)
goto x962_int_err;
if (!BN_dec2bn(&r, r_in) || !BN_dec2bn(&s, s_in))
goto x962_int_err;
ECDSA_SIG_get0(&sig_r, &sig_s, signature);
if (BN_cmp(sig_r, r) || BN_cmp(sig_s, s))
goto x962_int_err;
BIO_printf(out, ".");
(void)BIO_flush(out);
/* verify the signature */
if (ECDSA_do_verify(digest, 20, signature, key) != 1)
goto x962_int_err;
BIO_printf(out, ".");
(void)BIO_flush(out);
BIO_printf(out, " ok\n");
ret = 1;
x962_int_err:
if (!ret)
BIO_printf(out, " failed\n");
EC_KEY_free(key);
ECDSA_SIG_free(signature);
BN_free(r);
BN_free(s);
EVP_MD_CTX_free(md_ctx);
BN_clear_free(kinv);
BN_clear_free(rp);
return ret;
}示例15: main
int main(int argc, char *argv[]) {
void *bb;
BN_CTX *ctx = NULL;
int nid;
BIO *out;
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
const char *text = "NIST Prime-Curve P-192";
#ifdef OPENSSL_SYS_WIN32
CRYPTO_malloc_init();
#endif
RAND_seed(rnd_seed, sizeof rnd_seed);
out = BIO_new(BIO_s_file());
if (out == NULL)
EXIT(1);
BIO_set_fp(out, stdout, BIO_NOCLOSE);
if ((ctx = BN_CTX_new()) == NULL)
goto err;
nid = NID_X9_62_prime192v1;
//EC_POINT *bb;
EC_KEY *a = NULL; //EC_KEY is a structure
BIGNUM *x_a = NULL, *y_a = NULL;
char buf[12];
//unsigned char *abuf=NULL,*bbuf=NULL;
int i, alen, blen, aout, bout;
const EC_GROUP *group;
a = EC_KEY_new_by_curve_name(nid);
if (a == NULL)
goto err;
group = EC_KEY_get0_group(a);
if ((x_a = BN_new()) == NULL)
goto err;
//BN_new returns a pointer to the bignum
if ((y_a = BN_new()) == NULL)
goto err;
BIO_puts(out, "Testing key generation with ");
BIO_puts(out, text);
if (!EC_KEY_generate_key(a))
goto err;
printf("\n1 ) generating keys\n");
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group))
== NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group,
EC_KEY_get0_public_key(a), x_a, y_a, ctx))
goto err;
}
//returns the public key
else {
if (!EC_POINT_get_affine_coordinates_GF2m(group,
EC_KEY_get0_public_key(a), x_a, y_a, ctx))
goto err;
}
BIO_puts(out, " pri 1=");
BN_print(out, EC_KEY_get0_private_key(a));
BIO_puts(out, "\n pub 1=");
BN_print(out, x_a);
BIO_puts(out, ",");
BN_print(out, y_a);
BIO_puts(out, "\n");
func(EC_KEY_get0_public_key(a));
err: ERR_print_errors_fp(stderr);
if (x_a)
BN_free(x_a);
if (y_a)
BN_free(y_a);
if (a)
EC_KEY_free(a);
if (ctx)
BN_CTX_free(ctx);
BIO_free(out);
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
CRYPTO_mem_leaks_fp(stderr);
return 0;
}