本文整理汇总了C++中EVP_PKEY_CTX_new函数的典型用法代码示例。如果您正苦于以下问题:C++ EVP_PKEY_CTX_new函数的具体用法?C++ EVP_PKEY_CTX_new怎么用?C++ EVP_PKEY_CTX_new使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了EVP_PKEY_CTX_new函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: cms_kari_create_ephemeral_key
/* Create ephemeral key and initialise context based on it */
static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
EVP_PKEY *pk)
{
EVP_PKEY_CTX *pctx = NULL;
EVP_PKEY *ekey = NULL;
int rv = 0;
pctx = EVP_PKEY_CTX_new(pk, NULL);
if (!pctx)
goto err;
if (EVP_PKEY_keygen_init(pctx) <= 0)
goto err;
if (EVP_PKEY_keygen(pctx, &ekey) <= 0)
goto err;
EVP_PKEY_CTX_free(pctx);
pctx = EVP_PKEY_CTX_new(ekey, NULL);
if (!pctx)
goto err;
if (EVP_PKEY_derive_init(pctx) <= 0)
goto err;
kari->pctx = pctx;
rv = 1;
err:
if (!rv)
EVP_PKEY_CTX_free(pctx);
EVP_PKEY_free(ekey);
return rv;
}示例2: ssl_private_key_sign
enum ssl_private_key_result_t ssl_private_key_sign(
SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out, const EVP_MD *md,
const uint8_t *in, size_t in_len) {
if (ssl->cert->key_method != NULL) {
return ssl->cert->key_method->sign(ssl, out, out_len, max_out, md, in,
in_len);
}
enum ssl_private_key_result_t ret = ssl_private_key_failure;
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(ssl->cert->privatekey, NULL);
if (ctx == NULL) {
goto end;
}
size_t len = max_out;
if (!EVP_PKEY_sign_init(ctx) ||
!EVP_PKEY_CTX_set_signature_md(ctx, md) ||
!EVP_PKEY_sign(ctx, out, &len, in, in_len)) {
goto end;
}
*out_len = len;
ret = ssl_private_key_success;
end:
EVP_PKEY_CTX_free(ctx);
return ret;
}示例3: soter_asym_cipher_init
/* Padding is ignored. We use OAEP by default. Parameter is to support more paddings in the future */
soter_status_t soter_asym_cipher_init(soter_asym_cipher_t* asym_cipher, const void* key, const size_t key_length, soter_asym_cipher_padding_t pad)
{
EVP_PKEY *pkey;
if ((!asym_cipher) || (SOTER_ASYM_CIPHER_OAEP != pad))
{
return SOTER_INVALID_PARAMETER;
}
pkey = EVP_PKEY_new();
if (!pkey)
{
return SOTER_NO_MEMORY;
}
/* Only RSA supports asymmetric encryption */
if (!EVP_PKEY_set_type(pkey, EVP_PKEY_RSA))
{
EVP_PKEY_free(pkey);
return SOTER_FAIL;
}
asym_cipher->pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);
if (!(asym_cipher->pkey_ctx))
{
EVP_PKEY_free(pkey);
return SOTER_FAIL;
}
SOTER_IF_FAIL(soter_asym_cipher_import_key(asym_cipher, key, key_length)==SOTER_SUCCESS, (EVP_PKEY_free(pkey), EVP_PKEY_CTX_free(asym_cipher->pkey_ctx)));
return SOTER_SUCCESS;
}示例4: EVP_PKEY_encrypt_old
/* GMSSL: EVP_PKEY_encrypt_old() is modified */
int EVP_PKEY_encrypt_old(unsigned char *out, const unsigned char *in,
int inlen, EVP_PKEY *pkey)
{
int ret = 0;
EVP_PKEY_CTX *ctx = NULL;
size_t size;
if (pkey->type == EVP_PKEY_RSA) {
ret = RSA_public_encrypt(inlen, in, out, pkey->pkey.rsa,
RSA_PKCS1_PADDING);
} else {
if (!(ctx = EVP_PKEY_CTX_new(pkey, NULL))) {
return 0;
}
if (1 != EVP_PKEY_encrypt_init(ctx)) {
return 0;
}
if (1 != EVP_PKEY_encrypt(ctx, out, &size, in, inlen)) {
goto end;
}
ret = (int)size;
}
end:
EVP_PKEY_CTX_free(ctx);
return ret;
}示例5: EVP_PKEY_decrypt_old
int EVP_PKEY_decrypt_old(unsigned char *out, const unsigned char *in, int inlen,
EVP_PKEY *pkey)
{
int ret = 0;
EVP_PKEY_CTX *ctx = NULL;
size_t outlen;
if (pkey->type == EVP_PKEY_RSA) {
return ossl_EVP_PKEY_decrypt_old(out, in, inlen, pkey);
}
if (!(ctx = EVP_PKEY_CTX_new(pkey, NULL))) {
return 0;
}
if (!EVP_PKEY_decrypt_init(ctx)) {
goto end;
}
if (!EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen)) {
goto end;
}
ret = (int)outlen;
end:
EVP_PKEY_CTX_free(ctx);
return ret;
}示例6: EVP_VerifyFinal
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, size_t sig_len,
EVP_PKEY *pkey) {
uint8_t m[EVP_MAX_MD_SIZE];
unsigned int m_len;
int ret = 0;
EVP_MD_CTX tmp_ctx;
EVP_PKEY_CTX *pkctx = NULL;
EVP_MD_CTX_init(&tmp_ctx);
if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) ||
!EVP_DigestFinal_ex(&tmp_ctx, m, &m_len)) {
EVP_MD_CTX_cleanup(&tmp_ctx);
goto out;
}
EVP_MD_CTX_cleanup(&tmp_ctx);
pkctx = EVP_PKEY_CTX_new(pkey, NULL);
if (!pkctx ||
!EVP_PKEY_verify_init(pkctx) ||
!EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest)) {
goto out;
}
ret = EVP_PKEY_verify(pkctx, sig, sig_len, m, m_len);
out:
EVP_PKEY_CTX_free(pkctx);
return ret;
}示例7: EVP_SignFinal
int EVP_SignFinal(const EVP_MD_CTX *ctx, uint8_t *sig,
unsigned int *out_sig_len, EVP_PKEY *pkey) {
uint8_t m[EVP_MAX_MD_SIZE];
unsigned int m_len;
int ret = 0;
EVP_MD_CTX tmp_ctx;
EVP_PKEY_CTX *pkctx = NULL;
size_t sig_len = EVP_PKEY_size(pkey);
*out_sig_len = 0;
EVP_MD_CTX_init(&tmp_ctx);
if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) ||
!EVP_DigestFinal_ex(&tmp_ctx, m, &m_len)) {
goto out;
}
EVP_MD_CTX_cleanup(&tmp_ctx);
pkctx = EVP_PKEY_CTX_new(pkey, NULL);
if (!pkctx || !EVP_PKEY_sign_init(pkctx) ||
!EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) ||
!EVP_PKEY_sign(pkctx, sig, &sig_len, m, m_len)) {
goto out;
}
*out_sig_len = sig_len;
ret = 1;
out:
if (pkctx) {
EVP_PKEY_CTX_free(pkctx);
}
return ret;
}示例8:
struct dh_message *dh_shared_secret(EVP_PKEY *priv_key, EVP_PKEY *peer_key)
{
EVP_PKEY_CTX *derive_ctx;
struct dh_message *msg = NULL, *digest = NULL;
if ((msg = OPENSSL_malloc(sizeof(struct dh_message))) == NULL)
return NULL;
if ((derive_ctx = EVP_PKEY_CTX_new(priv_key, NULL)) == NULL)
goto BAILOUT1;
if (EVP_PKEY_derive_init(derive_ctx) != 1
|| EVP_PKEY_derive_set_peer(derive_ctx, peer_key) != 1
|| EVP_PKEY_derive(derive_ctx, NULL, &msg->message_len) != 1
|| (msg->message = OPENSSL_malloc(msg->message_len)) == NULL)
goto BAILOUT2;
if (EVP_PKEY_derive(derive_ctx, msg->message, &msg->message_len) != 1)
goto BAILOUT3;
EVP_PKEY_CTX_free(derive_ctx);
digest = digest_message(msg);
free_dh_message(msg);
return digest;
BAILOUT3:
OPENSSL_free(msg->message);
BAILOUT2:
EVP_PKEY_CTX_free(derive_ctx);
BAILOUT1:
OPENSSL_free(msg);
return NULL;
}示例9: SAF_ImportEncedKey
/* 7.3.32 */
int SAF_ImportEncedKey(
void *hSymmKeyObj,
unsigned char *pucSymmKey,
unsigned int uiSymmKeyLen,
void **phKeyHandle)
{
SAF_KEY *hkey = NULL;
SAF_SYMMKEYOBJ *hobj = (SAF_SYMMKEYOBJ *)hSymmKeyObj;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx = NULL;
char key_id[1024];
/*
snprintf(key_id, sizeof(key_id), "%s.enc", hobj->pucContainerName);
*/
if (!(pkey = ENGINE_load_private_key(hobj->app->engine, key_id, NULL, NULL))
|| !(pctx = EVP_PKEY_CTX_new(pkey, hobj->app->engine))
|| EVP_PKEY_decrypt_init(pctx) <= 0
|| EVP_PKEY_decrypt(pctx, hkey->key, &hkey->keylen, pucSymmKey, uiSymmKeyLen) <= 0) {
goto end;
}
end:
return 0;
}示例10: EVP_SignFinal
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
EVP_PKEY *pkey)
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
int i,ok=0,v;
EVP_MD_CTX tmp_ctx;
*siglen=0;
EVP_MD_CTX_init(&tmp_ctx);
EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
EVP_MD_CTX_cleanup(&tmp_ctx);
if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
{
EVP_PKEY_CTX *pkctx = NULL;
size_t sltmp = (size_t)EVP_PKEY_size(pkey);
i = 0;
pkctx = EVP_PKEY_CTX_new(pkey, NULL);
if (!pkctx)
goto err;
if (EVP_PKEY_sign_init(pkctx) <= 0)
goto err;
if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
goto err;
if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
goto err;
*siglen = sltmp;
i = 1;
err:
EVP_PKEY_CTX_free(pkctx);
return i;
}
for (i=0; i<4; i++)
{
v=ctx->digest->required_pkey_type[i];
if (v == 0) break;
if (pkey->type == v)
{
ok=1;
break;
}
}
if (!ok)
{
EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
return(0);
}
if (ctx->digest->sign == NULL)
{
EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
return(0);
}
return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen,
pkey->pkey.ptr));
}示例11: EVP_VerifyFinal
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey)
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len = 0;
int i = 0, ok = 0, v = 0;
EVP_PKEY_CTX *pkctx = NULL;
if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
if (!EVP_DigestFinal_ex(ctx, m, &m_len))
goto err;
} else {
int rv = 0;
EVP_MD_CTX tmp_ctx;
EVP_MD_CTX_init(&tmp_ctx);
rv = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx);
if (rv)
rv = EVP_DigestFinal_ex(&tmp_ctx, m, &m_len);
EVP_MD_CTX_cleanup(&tmp_ctx);
if (!rv)
return 0;
}
if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
i = -1;
pkctx = EVP_PKEY_CTX_new(pkey, NULL);
if (pkctx == NULL)
goto err;
if (EVP_PKEY_verify_init(pkctx) <= 0)
goto err;
if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
goto err;
i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
err:
EVP_PKEY_CTX_free(pkctx);
return i;
}
for (i = 0; i < 4; i++) {
v = ctx->digest->required_pkey_type[i];
if (v == 0)
break;
if (pkey->type == v) {
ok = 1;
break;
}
}
if (!ok) {
EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
return (-1);
}
if (ctx->digest->verify == NULL) {
EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
return (0);
}
return (ctx->digest->verify(ctx->digest->type, m, m_len,
sigbuf, siglen, pkey->pkey.ptr));
}示例12: ERROR_MSG
// Verification functions
bool OSSLGOST::verify(PublicKey* publicKey, const ByteString& originalData,
const ByteString& signature, const AsymMech::Type mechanism,
const void* param /* = NULL */, const size_t paramLen /* = 0 */)
{
if (mechanism == AsymMech::GOST)
{
// Separate implementation for GOST verification without hash computation
// Check if the private key is the right type
if (!publicKey->isOfType(OSSLGOSTPublicKey::type))
{
ERROR_MSG("Invalid key type supplied");
return false;
}
// Perform the verification operation
OSSLGOSTPublicKey* osslKey = (OSSLGOSTPublicKey*) publicKey;
EVP_PKEY* pkey = osslKey->getOSSLKey();
if (pkey == NULL)
{
ERROR_MSG("Could not get the OpenSSL public key");
return false;
}
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey,NULL);
if (ctx == NULL)
{
ERROR_MSG("EVP_PKEY_CTX_new failed");
return false;
}
if (EVP_PKEY_verify_init(ctx) <= 0)
{
ERROR_MSG("EVP_PKEY_verify_init failed");
EVP_PKEY_CTX_free(ctx);
return false;
}
int ret = EVP_PKEY_verify(ctx, signature.const_byte_str(), signature.size(), originalData.const_byte_str(), originalData.size());
EVP_PKEY_CTX_free(ctx);
if (ret != 1)
{
if (ret < 0)
ERROR_MSG("GOST verify failed (0x%08X)", ERR_get_error());
return false;
}
return true;
}
else
{
// Call the generic function
return AsymmetricAlgorithm::verify(publicKey, originalData, signature, mechanism, param, paramLen);
}
}示例13: pkcs7_decrypt_rinfo
static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)
{
EVP_PKEY_CTX *pctx = NULL;
unsigned char *ek = NULL;
size_t eklen;
int ret = -1;
pctx = EVP_PKEY_CTX_new(pkey, NULL);
if (!pctx)
return -1;
if (EVP_PKEY_decrypt_init(pctx) <= 0)
goto err;
if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) {
PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR);
goto err;
}
if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
ri->enc_key->data, ri->enc_key->length) <= 0)
goto err;
ek = OPENSSL_malloc(eklen);
if (ek == NULL) {
PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE);
goto err;
}
if (EVP_PKEY_decrypt(pctx, ek, &eklen,
ri->enc_key->data, ri->enc_key->length) <= 0) {
ret = 0;
PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
goto err;
}
ret = 1;
if (*pek) {
OPENSSL_cleanse(*pek, *peklen);
OPENSSL_free(*pek);
}
*pek = ek;
*peklen = eklen;
err:
if (pctx)
EVP_PKEY_CTX_free(pctx);
if (!ret && ek)
OPENSSL_free(ek);
return ret;
}示例14: verify_signature
static gboolean
verify_signature (const uint8_t *hash,
const uint8_t *signature,
EVP_PKEY *pubkey,
GError **error)
{
EVP_PKEY_CTX *pkey_ctx = EVP_PKEY_CTX_new (pubkey, NULL);
gboolean ret = TRUE;
if (pkey_ctx == NULL)
{
g_set_error_literal (error,
CRYPT_ERROR,
CRYPT_ERROR_INIT,
"Error allocating pkey context");
ret = FALSE;
}
else
{
if (EVP_PKEY_verify_init (pkey_ctx) <= 0 ||
EVP_PKEY_CTX_set_rsa_padding (pkey_ctx, RSA_PKCS1_PADDING) <= 0 ||
EVP_PKEY_CTX_set_signature_md (pkey_ctx, EVP_sha256 ()) <= 0)
{
g_set_error_literal (error,
CRYPT_ERROR,
CRYPT_ERROR_INIT,
"Error initialising pkey context");
ret = FALSE;
}
else
{
int validate_ret = EVP_PKEY_verify (pkey_ctx,
signature, SIGNATURE_SIZE,
hash, SHA256_DIGEST_LENGTH);
if (validate_ret == 0)
{
g_set_error_literal (error,
CRYPT_ERROR,
CRYPT_ERROR_INVALID_SIGNATURE,
"Signature is invalid");
ret = FALSE;
}
else if (validate_ret != 1)
{
g_set_error_literal (error,
CRYPT_ERROR,
CRYPT_ERROR_VERIFY,
"Error verifying signature");
ret = FALSE;
}
}
EVP_PKEY_CTX_free (pkey_ctx);
}
return ret;
}示例15: cms_RecipientInfo_ktri_encrypt
static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms,
CMS_RecipientInfo *ri)
{
CMS_KeyTransRecipientInfo *ktri;
CMS_EncryptedContentInfo *ec;
EVP_PKEY_CTX *pctx = NULL;
unsigned char *ek = NULL;
size_t eklen;
int ret = 0;
if (ri->type != CMS_RECIPINFO_TRANS) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_NOT_KEY_TRANSPORT);
return 0;
}
ktri = ri->d.ktri;
ec = cms->d.envelopedData->encryptedContentInfo;
pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
if (!pctx)
return 0;
if (EVP_PKEY_encrypt_init(pctx) <= 0)
goto err;
if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR);
goto err;
}
if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0)
goto err;
ek = OPENSSL_malloc(eklen);
if (ek == NULL) {
CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0)
goto err;
ASN1_STRING_set0(ktri->encryptedKey, ek, eklen);
ek = NULL;
ret = 1;
err:
if (pctx)
EVP_PKEY_CTX_free(pctx);
if (ek)
OPENSSL_free(ek);
return ret;
}