本文整理汇总了C++中EVP_PKEY_id函数的典型用法代码示例。如果您正苦于以下问题:C++ EVP_PKEY_id函数的具体用法?C++ EVP_PKEY_id怎么用?C++ EVP_PKEY_id使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了EVP_PKEY_id函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: ec_pkey_ctrl
static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
{
switch (op) {
case ASN1_PKEY_CTRL_PKCS7_SIGN:
if (arg1 == 0) {
int snid, hnid;
X509_ALGOR *alg1, *alg2;
PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
if (alg1 == NULL || alg1->algorithm == NULL)
return -1;
hnid = OBJ_obj2nid(alg1->algorithm);
if (hnid == NID_undef)
return -1;
if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
return -1;
X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
}
return 1;
#ifndef OPENSSL_NO_CMS
case ASN1_PKEY_CTRL_CMS_SIGN:
if (arg1 == 0) {
int snid, hnid;
X509_ALGOR *alg1, *alg2;
CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
if (alg1 == NULL || alg1->algorithm == NULL)
return -1;
hnid = OBJ_obj2nid(alg1->algorithm);
if (hnid == NID_undef)
return -1;
if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
return -1;
X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
}
return 1;
case ASN1_PKEY_CTRL_CMS_ENVELOPE:
if (arg1 == 1)
return ecdh_cms_decrypt(arg2);
else if (arg1 == 0)
return ecdh_cms_encrypt(arg2);
return -2;
case ASN1_PKEY_CTRL_CMS_RI_TYPE:
*(int *)arg2 = CMS_RECIPINFO_AGREE;
return 1;
#endif
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
*(int *)arg2 = NID_sha256;
return 2;
default:
return -2;
}
}
示例2: ASN1err
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
{
EVP_PKEY *ret;
if ((a == NULL) || (*a == NULL)) {
if ((ret = EVP_PKEY_new()) == NULL) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
return NULL;
}
} else
ret = *a;
if (type != EVP_PKEY_id(ret) && !EVP_PKEY_set_type(ret, type)) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
goto err;
}
switch (EVP_PKEY_id(ret)) {
#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
}
break;
#endif
#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:
/* TMP UGLY CAST */
if (!d2i_DSAPublicKey(&ret->pkey.dsa, pp, length)) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
}
break;
#endif
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
if (!o2i_ECPublicKey(&ret->pkey.ec, pp, length)) {
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
}
break;
#endif
default:
ASN1err(ASN1_F_D2I_PUBLICKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
goto err;
}
if (a != NULL)
(*a) = ret;
return ret;
err:
if (a == NULL || *a != ret)
EVP_PKEY_free(ret);
return NULL;
}
示例3: test_d2i_AutoPrivateKey
static int test_d2i_AutoPrivateKey(const unsigned char *input,
size_t input_len, int expected_id)
{
int ret = 0;
const unsigned char *p;
EVP_PKEY *pkey = NULL;
p = input;
pkey = d2i_AutoPrivateKey(NULL, &p, input_len);
if (pkey == NULL || p != input + input_len) {
fprintf(stderr, "d2i_AutoPrivateKey failed\n");
goto done;
}
if (EVP_PKEY_id(pkey) != expected_id) {
fprintf(stderr, "Did not decode expected type\n");
goto done;
}
ret = 1;
done:
if (!ret) {
ERR_print_errors_fp(stderr);
}
EVP_PKEY_free(pkey);
return ret;
}
示例4:
EVP_PKEY *d2i_KeyParams(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
{
EVP_PKEY *ret = NULL;
const unsigned char *p = *pp;
if ((a == NULL) || (*a == NULL)) {
if ((ret = EVP_PKEY_new()) == NULL)
return NULL;
} else
ret = *a;
if (type != EVP_PKEY_id(ret) && !EVP_PKEY_set_type(ret, type))
goto err;
if (ret->ameth == NULL || ret->ameth->param_decode == NULL) {
ASN1err(ASN1_F_D2I_KEYPARAMS, ASN1_R_UNSUPPORTED_TYPE);
goto err;
}
if (!ret->ameth->param_decode(ret, &p, length))
goto err;
if (a != NULL)
(*a) = ret;
return ret;
err:
if (a == NULL || *a != ret)
EVP_PKEY_free(ret);
return NULL;
}
示例5: soter_ec_gen_key
soter_status_t soter_ec_gen_key(EVP_PKEY_CTX *pkey_ctx)
{
EVP_PKEY *pkey;
EC_KEY *ec=NULL;
if (!pkey_ctx){
return SOTER_INVALID_PARAMETER;
}
pkey = EVP_PKEY_CTX_get0_pkey(pkey_ctx);
if (!pkey){
return SOTER_INVALID_PARAMETER;
}
if (EVP_PKEY_EC != EVP_PKEY_id(pkey)){
return SOTER_INVALID_PARAMETER;
}
/* ec = EVP_PKEY_get0_EC_KEY(pkey); */
/* if (NULL == ec){ */
/* return SOTER_INVALID_PARAMETER; */
/* } */
ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
if(!ec){
return SOTER_ENGINE_FAIL;
}
if (!EC_KEY_generate_key(ec)){
return SOTER_ENGINE_FAIL;
}
if(!EVP_PKEY_set1_EC_KEY(pkey, ec)){
return SOTER_ENGINE_FAIL;
}
EC_KEY_free(ec);
return SOTER_SUCCESS;
}
示例6: soter_asym_ka_export_key
soter_status_t soter_asym_ka_export_key(soter_asym_ka_t* asym_ka_ctx,
void* key,
size_t* key_length,
bool isprivate)
{
EVP_PKEY* pkey;
if (!asym_ka_ctx) {
return SOTER_INVALID_PARAMETER;
}
pkey = EVP_PKEY_CTX_get0_pkey(asym_ka_ctx->pkey_ctx);
if (!pkey) {
return SOTER_INVALID_PARAMETER;
}
if (EVP_PKEY_EC != EVP_PKEY_id(pkey)) {
return SOTER_INVALID_PARAMETER;
}
if (isprivate) {
return soter_engine_specific_to_ec_priv_key((const soter_engine_specific_ec_key_t*)pkey,
(soter_container_hdr_t*)key,
key_length);
}
return soter_engine_specific_to_ec_pub_key((const soter_engine_specific_ec_key_t*)pkey,
(soter_container_hdr_t*)key,
key_length);
}
示例7: ssl_set_cert
static int ssl_set_cert(CERT *c, X509 *x)
{
EVP_PKEY *pkey;
int i;
pkey = X509_get0_pubkey(x);
if (pkey == NULL) {
SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
return (0);
}
i = ssl_cert_type(x, pkey);
if (i < 0) {
SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
return 0;
}
#ifndef OPENSSL_NO_EC
if (i == SSL_PKEY_ECC && !EC_KEY_can_sign(EVP_PKEY_get0_EC_KEY(pkey))) {
SSLerr(SSL_F_SSL_SET_CERT, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
return 0;
}
#endif
if (c->pkeys[i].privatekey != NULL) {
/*
* The return code from EVP_PKEY_copy_parameters is deliberately
* ignored. Some EVP_PKEY types cannot do this.
*/
EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
ERR_clear_error();
#ifndef OPENSSL_NO_RSA
/*
* Don't check the public/private key, this is mostly for smart
* cards.
*/
if (EVP_PKEY_id(c->pkeys[i].privatekey) == EVP_PKEY_RSA
&& RSA_flags(EVP_PKEY_get0_RSA(c->pkeys[i].privatekey)) &
RSA_METHOD_FLAG_NO_CHECK) ;
else
#endif /* OPENSSL_NO_RSA */
if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
/*
* don't fail for a cert/key mismatch, just free current private
* key (when switching to a different cert & key, first this
* function should be used, then ssl_set_pkey
*/
EVP_PKEY_free(c->pkeys[i].privatekey);
c->pkeys[i].privatekey = NULL;
/* clear error queue */
ERR_clear_error();
}
}
X509_free(c->pkeys[i].x509);
X509_up_ref(x);
c->pkeys[i].x509 = x;
c->key = &(c->pkeys[i]);
return 1;
}
示例8: dsa_pkey_ctrl
static int
dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
{
switch (op) {
case ASN1_PKEY_CTRL_PKCS7_SIGN:
if (arg1 == 0) {
int snid, hnid;
X509_ALGOR *alg1, *alg2;
PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
if (alg1 == NULL || alg1->algorithm == NULL)
return -1;
hnid = OBJ_obj2nid(alg1->algorithm);
if (hnid == NID_undef)
return -1;
if (!OBJ_find_sigid_by_algs(&snid, hnid,
EVP_PKEY_id(pkey)))
return -1;
X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF,
0);
}
return 1;
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
*(int *)arg2 = NID_sha1;
return 2;
default:
return -2;
}
}
示例9: soter_asym_ka_gen_key
soter_status_t soter_asym_ka_gen_key(soter_asym_ka_t* asym_ka_ctx)
{
EVP_PKEY* pkey;
EC_KEY* ec;
if (!asym_ka_ctx) {
return SOTER_INVALID_PARAMETER;
}
pkey = EVP_PKEY_CTX_get0_pkey(asym_ka_ctx->pkey_ctx);
if (!pkey) {
return SOTER_INVALID_PARAMETER;
}
if (EVP_PKEY_EC != EVP_PKEY_id(pkey)) {
return SOTER_INVALID_PARAMETER;
}
ec = EVP_PKEY_get0_EC_KEY(pkey);
if (NULL == ec) {
return SOTER_INVALID_PARAMETER;
}
if (1 == EC_KEY_generate_key(ec)) {
return SOTER_SUCCESS;
}
return SOTER_FAIL;
}
示例10: x509_digest_sign_algorithm
int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
if (pkey == NULL) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_CONTEXT_NOT_INITIALISED);
return 0;
}
if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {
int pad_mode;
if (!EVP_PKEY_CTX_get_rsa_padding(ctx->pctx, &pad_mode)) {
return 0;
}
/* RSA-PSS has special signature algorithm logic. */
if (pad_mode == RSA_PKCS1_PSS_PADDING) {
return x509_rsa_ctx_to_pss(ctx, algor);
}
}
if (EVP_PKEY_id(pkey) == EVP_PKEY_ED25519) {
return X509_ALGOR_set0(algor, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, NULL);
}
/* Default behavior: look up the OID for the algorithm/hash pair and encode
* that. */
const EVP_MD *digest = EVP_MD_CTX_md(ctx);
if (digest == NULL) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_CONTEXT_NOT_INITIALISED);
return 0;
}
int sign_nid;
if (!OBJ_find_sigid_by_algs(&sign_nid, EVP_MD_type(digest),
EVP_PKEY_id(pkey))) {
OPENSSL_PUT_ERROR(ASN1, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
return 0;
}
/* RSA signature algorithms include an explicit NULL parameter. Others omit
* it. */
int paramtype =
(EVP_PKEY_id(pkey) == EVP_PKEY_RSA) ? V_ASN1_NULL : V_ASN1_UNDEF;
X509_ALGOR_set0(algor, OBJ_nid2obj(sign_nid), paramtype, NULL);
return 1;
}
示例11: SSL_CTX_set1_tls_channel_id
int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, EVP_PKEY *private_key) {
ctx->tlsext_channel_id_enabled = 1;
if (EVP_PKEY_id(private_key) != EVP_PKEY_EC ||
EVP_PKEY_bits(private_key) != 256) {
OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_NOT_P256);
return 0;
}
EVP_PKEY_free(ctx->tlsext_channel_id_private);
ctx->tlsext_channel_id_private = EVP_PKEY_up_ref(private_key);
return 1;
}
示例12: pkey_type
static int pkey_type(EVP_PKEY *pkey)
{
int nid = EVP_PKEY_id(pkey);
#ifndef OPENSSL_NO_EC
if (nid == EVP_PKEY_EC) {
const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey);
return EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
}
#endif
return nid;
}
示例13: ssl_check_leaf_certificate
int ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
const CRYPTO_BUFFER *leaf) {
SSL *const ssl = hs->ssl;
assert(ssl3_protocol_version(ssl) < TLS1_3_VERSION);
/* Check the certificate's type matches the cipher. */
if (!(hs->new_cipher->algorithm_auth & ssl_cipher_auth_mask_for_key(pkey))) {
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CERTIFICATE_TYPE);
return 0;
}
/* Check key usages for all key types but RSA. This is needed to distinguish
* ECDH certificates, which we do not support, from ECDSA certificates. In
* principle, we should check RSA key usages based on cipher, but this breaks
* buggy antivirus deployments. Other key types are always used for signing.
*
* TODO(davidben): Get more recent data on RSA key usages. */
if (EVP_PKEY_id(pkey) != EVP_PKEY_RSA) {
CBS leaf_cbs;
CBS_init(&leaf_cbs, CRYPTO_BUFFER_data(leaf), CRYPTO_BUFFER_len(leaf));
if (!ssl_cert_check_digital_signature_key_usage(&leaf_cbs)) {
return 0;
}
}
if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
/* Check the key's group and point format are acceptable. */
EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(pkey);
uint16_t group_id;
if (!ssl_nid_to_group_id(
&group_id, EC_GROUP_get_curve_name(EC_KEY_get0_group(ec_key))) ||
!tls1_check_group_id(ssl, group_id) ||
EC_KEY_get_conv_form(ec_key) != POINT_CONVERSION_UNCOMPRESSED) {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_ECC_CERT);
return 0;
}
}
return 1;
}
示例14: main
int main(int argc, char *argv[])
{
const char *cert_filename = "ecc_server.crt";
BIO *cert_bio = NULL;
BIO *out_bio = NULL;
X509 *cert = NULL;
EVP_PKEY *pkey = NULL;
int ret;
OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
ERR_load_crypto_strings();
cert_bio = BIO_new(BIO_s_file());
out_bio = BIO_new_fp(stdout, BIO_NOCLOSE);
ret = BIO_read_filename(cert_bio, cert_filename);
if (!(cert = PEM_read_bio_X509(cert_bio, NULL, 0, NULL)))
{
BIO_printf(out_bio, "Error loading cert into memory\n");
exit(-1);
}
if ((pkey = X509_get_pubkey(cert)) == NULL)
BIO_printf(out_bio, "Error getting public key from certificate\n");
if (pkey)
{
switch (EVP_PKEY_id(pkey))
{
case EVP_PKEY_RSA:
BIO_printf(out_bio, "%d bit RSA Key\n\n", EVP_PKEY_bits(pkey));
break;
case EVP_PKEY_DSA:
BIO_printf(out_bio, "%d bit DSA Key\n\n", EVP_PKEY_bits(pkey));
break;
default:
BIO_printf(out_bio, "%d bit non-RSA/DSA\n\n", EVP_PKEY_bits(pkey));
break;
}
}
if (!PEM_write_bio_PUBKEY(out_bio, pkey))
BIO_printf(out_bio, "Error writing public key data in PEM format\n");
EVP_PKEY_free(pkey);
X509_free(cert);
BIO_free_all(cert_bio);
BIO_free_all(out_bio);
return 0;
}
示例15: ssl_set_pkey
static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
{
int i;
i = ssl_cert_type(NULL, pkey);
if (i < 0) {
SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
return (0);
}
#ifndef OPENSSL_NO_GMTLS
if (i == SSL_PKEY_SM2 && c->pkeys[SSL_PKEY_SM2_ENC].x509)
i = SSL_PKEY_SM2_ENC;
#endif
if (c->pkeys[i].x509 != NULL) {
EVP_PKEY *pktmp;
pktmp = X509_get0_pubkey(c->pkeys[i].x509);
if (pktmp == NULL) {
SSLerr(SSL_F_SSL_SET_PKEY, ERR_R_MALLOC_FAILURE);
return 0;
}
/*
* The return code from EVP_PKEY_copy_parameters is deliberately
* ignored. Some EVP_PKEY types cannot do this.
*/
EVP_PKEY_copy_parameters(pktmp, pkey);
ERR_clear_error();
#ifndef OPENSSL_NO_RSA
/*
* Don't check the public/private key, this is mostly for smart
* cards.
*/
if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA
&& RSA_flags(EVP_PKEY_get0_RSA(pkey)) & RSA_METHOD_FLAG_NO_CHECK) ;
else
#endif
if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
X509_free(c->pkeys[i].x509);
c->pkeys[i].x509 = NULL;
return 0;
}
}
EVP_PKEY_free(c->pkeys[i].privatekey);
EVP_PKEY_up_ref(pkey);
c->pkeys[i].privatekey = pkey;
c->key = &(c->pkeys[i]);
return (1);
}