本文整理汇总了C++中OBJ_sn2nid函数的典型用法代码示例。如果您正苦于以下问题:C++ OBJ_sn2nid函数的具体用法?C++ OBJ_sn2nid怎么用?C++ OBJ_sn2nid使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了OBJ_sn2nid函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: OBJ_sn2nid
void Context::initECDH(const std::string& curve)
{
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
int nid = 0;
if (!curve.empty())
{
nid = OBJ_sn2nid(curve.c_str());
}
else
{
nid = OBJ_sn2nid("prime256v1");
}
if (nid == 0)
{
throw SSLContextException("Unknown ECDH curve name", curve);
}
EC_KEY* ecdh = EC_KEY_new_by_curve_name(nid);
if (!ecdh)
{
throw SSLContextException("Cannot create ECDH curve");
}
SSL_CTX_set_tmp_ecdh(_pSSLContext, ecdh);
SSL_CTX_set_options(_pSSLContext, SSL_OP_SINGLE_ECDH_USE);
EC_KEY_free(ecdh);
#endif
#endif
}示例2: ssl_set_ecdh_curve
void
ssl_set_ecdh_curve(SSL_CTX *ctx, const char *curve)
{
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
int nid;
EC_KEY *ecdh;
if (curve == NULL)
curve = SSL_ECDH_CURVE;
if ((nid = OBJ_sn2nid(curve)) == 0) {
ssl_error("ssl_set_ecdh_curve");
fatal("ssl_set_ecdh_curve: unknown curve name %s", curve);
}
if ((ecdh = EC_KEY_new_by_curve_name(nid)) == NULL) {
ssl_error("ssl_set_ecdh_curve");
fatal("ssl_set_ecdh_curve: unable to create curve %s", curve);
}
SSL_CTX_set_tmp_ecdh(ctx, ecdh);
SSL_CTX_set_options(ctx, SSL_OP_SINGLE_ECDH_USE);
EC_KEY_free(ecdh);
#endif
#endif
}示例3: tls_config_set_ecdhecurves
int
tls_config_set_ecdhecurves(struct tls_config *config, const char *curves)
{
int *curves_list = NULL, *curves_new;
size_t curves_num = 0;
char *cs = NULL;
char *p, *q;
int rv = -1;
int nid;
free(config->ecdhecurves);
config->ecdhecurves = NULL;
config->ecdhecurves_len = 0;
if (curves == NULL || strcasecmp(curves, "default") == 0)
curves = TLS_ECDHE_CURVES;
if ((cs = strdup(curves)) == NULL) {
tls_config_set_errorx(config, "out of memory");
goto err;
}
q = cs;
while ((p = strsep(&q, ",:")) != NULL) {
while (*p == ' ' || *p == '\t')
p++;
nid = OBJ_sn2nid(p);
if (nid == NID_undef)
nid = OBJ_ln2nid(p);
if (nid == NID_undef)
nid = EC_curve_nist2nid(p);
if (nid == NID_undef) {
tls_config_set_errorx(config,
"invalid ecdhe curve '%s'", p);
goto err;
}
if ((curves_new = reallocarray(curves_list, curves_num + 1,
sizeof(int))) == NULL) {
tls_config_set_errorx(config, "out of memory");
goto err;
}
curves_list = curves_new;
curves_list[curves_num] = nid;
curves_num++;
}
config->ecdhecurves = curves_list;
config->ecdhecurves_len = curves_num;
curves_list = NULL;
rv = 0;
err:
free(cs);
free(curves_list);
return (rv);
}示例4: OBJ_sn2nid
static void *construct_method(const char *algorithm_name,
const OSSL_DISPATCH *fns, OSSL_PROVIDER *prov,
void *data)
{
struct method_data_st *methdata = data;
void *method = NULL;
int nid = OBJ_sn2nid(algorithm_name);
if (nid == NID_undef) {
/* Create a new NID for that name on the fly */
ASN1_OBJECT tmpobj;
/* This is the same as OBJ_create() but without requiring a OID */
tmpobj.nid = OBJ_new_nid(1);
tmpobj.sn = tmpobj.ln = methdata->name;
tmpobj.flags = ASN1_OBJECT_FLAG_DYNAMIC;
tmpobj.length = 0;
tmpobj.data = NULL;
nid = OBJ_add_object(&tmpobj);
}
if (nid == NID_undef)
return NULL;
method = methdata->method_from_dispatch(nid, fns, prov);
if (method == NULL)
return NULL;
return method;
}示例5: keytype_from_text
/*
* keytype_from_text returns OpenSSL NID for digest by name, and
* optionally the associated digest length.
*
* Used by ntpd authreadkeys(), ntpq keytype()
*/
int
keytype_from_text(
const char *text,
size_t *pdigest_len
)
{
int key_type;
u_int digest_len;
#ifdef HAVE_OPENSSL
const u_long max_digest_len = MAX_MAC_LEN - sizeof(keyid_t);
uint8_t digest[EVP_MAX_MD_SIZE];
char * upcased;
char * pch;
EVP_MD_CTX ctx;
/*
* OpenSSL digest short names are capitalized, so uppercase the
* digest name before passing to OBJ_sn2nid(). If it is not
* recognized but begins with 'M' use NID_md5 to be consistent
* with past behavior.
*/
INIT_SSL();
LIB_GETBUF(upcased);
strlcpy(upcased, text, LIB_BUFLENGTH);
for (pch = upcased; '\0' != *pch; pch++)
*pch = (char)toupper((unsigned char)*pch);
key_type = OBJ_sn2nid(upcased);
#else
key_type = 0;
#endif
if (!key_type && 'm' == tolower((unsigned char)text[0]))
key_type = NID_md5;
if (!key_type)
return 0;
if (NULL != pdigest_len) {
#ifdef HAVE_OPENSSL
EVP_DigestInit(&ctx, EVP_get_digestbynid(key_type));
EVP_DigestFinal(&ctx, digest, &digest_len);
if (digest_len > max_digest_len) {
fprintf(stderr,
"key type %s %u octet digests are too big, max %lu\n",
keytype_name(key_type), digest_len,
max_digest_len);
msyslog(LOG_ERR,
"key type %s %u octet digests are too big, max %lu",
keytype_name(key_type), digest_len,
max_digest_len);
return 0;
}
#else
digest_len = 16;
#endif
*pdigest_len = digest_len;
}
return key_type;
}示例6: e
blob WSService::pubkey_from_cert(X509* x509) {
std::runtime_error e("Certificate error");
EC_GROUP* ec_group = EC_GROUP_new_by_curve_name(OBJ_sn2nid("prime256v1"));
BN_CTX* bn_ctx = BN_CTX_new();
std::vector<uint8_t> raw_public(33);
try {
if(ec_group == NULL || bn_ctx == NULL) throw e;
EVP_PKEY* remote_pkey = X509_get_pubkey(x509); if(remote_pkey == NULL) throw e;
EC_KEY* remote_eckey = EVP_PKEY_get1_EC_KEY(remote_pkey); if(remote_eckey == NULL) throw e;
const EC_POINT* remote_pubkey = EC_KEY_get0_public_key(remote_eckey); if(remote_pubkey == NULL) throw e;
EC_POINT_point2oct(ec_group, remote_pubkey, POINT_CONVERSION_COMPRESSED, raw_public.data(), raw_public.size(), bn_ctx);
}catch(...){
BN_CTX_free(bn_ctx); EC_GROUP_free(ec_group);
bn_ctx = NULL; ec_group = NULL;
throw;
}
BN_CTX_free(bn_ctx); EC_GROUP_free(ec_group);
return raw_public;
}示例7: cmd_ECDHParameters
/* ECDH temporary parameters */
static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
{
int rv = 1;
EC_KEY *ecdh;
int nid;
/* Ignore values supported by 1.0.2 for the automatic selection */
if ((cctx->flags & SSL_CONF_FLAG_FILE) &&
strcasecmp(value, "+automatic") == 0)
return 1;
if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) &&
strcmp(value, "auto") == 0)
return 1;
nid = EC_curve_nist2nid(value);
if (nid == NID_undef)
nid = OBJ_sn2nid(value);
if (nid == 0)
return 0;
ecdh = EC_KEY_new_by_curve_name(nid);
if (!ecdh)
return 0;
if (cctx->ctx)
rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh);
else if (cctx->ssl)
rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh);
EC_KEY_free(ecdh);
return rv > 0;
}示例8: swSSL_set_ecdh_curve
static int swSSL_set_ecdh_curve(SSL_CTX* ssl_context)
{
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh;
/*
* Elliptic-Curve Diffie-Hellman parameters are either "named curves"
* from RFC 4492 section 5.1.1, or explicitly described curves over
* binary fields. OpenSSL only supports the "named curves", which provide
* maximum interoperability.
*/
int nid = OBJ_sn2nid(SW_SSL_ECDH_CURVE);
if (nid == 0)
{
swWarn("Unknown curve name \"%s\"", SW_SSL_ECDH_CURVE);
return SW_ERR;
}
ecdh = EC_KEY_new_by_curve_name(nid);
if (ecdh == NULL)
{
swWarn("Unable to create curve \"%s\"", SW_SSL_ECDH_CURVE);
return SW_ERR;
}
SSL_CTX_set_options(ssl_context, SSL_OP_SINGLE_ECDH_USE);
SSL_CTX_set_tmp_ecdh(ssl_context, ecdh);
EC_KEY_free(ecdh);
#endif
#endif
return SW_OK;
}示例9: OBJ_sn2nid
void SSLContext::setServerECCurve(const std::string& curveName) {
bool validCall = false;
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
validCall = true;
#endif
#endif
if (!validCall) {
throw std::runtime_error("Elliptic curve encryption not allowed");
}
EC_KEY* ecdh = nullptr;
int nid;
/*
* Elliptic-Curve Diffie-Hellman parameters are either "named curves"
* from RFC 4492 section 5.1.1, or explicitly described curves over
* binary fields. OpenSSL only supports the "named curves", which provide
* maximum interoperability.
*/
nid = OBJ_sn2nid(curveName.c_str());
if (nid == 0) {
LOG(FATAL) << "Unknown curve name:" << curveName.c_str();
return;
}
ecdh = EC_KEY_new_by_curve_name(nid);
if (ecdh == nullptr) {
LOG(FATAL) << "Unable to create curve:" << curveName.c_str();
return;
}
SSL_CTX_set_tmp_ecdh(ctx_, ecdh);
EC_KEY_free(ecdh);
}示例10: tls_init_ecdh_curve
static int tls_init_ecdh_curve(void)
{
#ifdef SSL_CTRL_SET_ECDH_AUTO
SSL_CTX_ctrl(tls_ctx, SSL_CTRL_SET_ECDH_AUTO, 1, NULL);
return 0;
#else
# ifndef SSL_OP_SINGLE_ECDH_USE
errno = ENOTSUP;
return -1;
# else
const char *curve_name;
EC_KEY *curve;
int nid;
curve_name = TLS_DEFAULT_ECDH_CURVE;
if ((nid = OBJ_sn2nid(curve_name)) == NID_undef) {
logfile(LOG_INFO, "Curve [%s] not supported", curve_name);
errno = ENOTSUP;
return -1;
}
if ((curve = EC_KEY_new_by_curve_name(nid)) == NULL) {
logfile(LOG_INFO, "Curve [%s] is not usable", curve_name);
errno = ENOTSUP;
return -1;
}
SSL_CTX_set_options(tls_ctx, SSL_OP_SINGLE_ECDH_USE);
SSL_CTX_set_tmp_ecdh(tls_ctx, curve);
EC_KEY_free(curve);
return 0;
# endif
#endif
}示例11: ecies_test
void ecies_test(void)
{
int r;
EC_GROUP *ec_group = NULL;
EC_KEY *ec_key = NULL;
ECIES_PARAMS params;
ECIES_PARAMS *param2 = NULL;
ECIES_CIPHERTEXT_VALUE *cv = NULL;
unsigned char buffer1[1024];
unsigned char buffer2[1024];
unsigned char buffer3[1024];
unsigned char *der = NULL;
int derlen;
unsigned char *p;
const unsigned char *cp;
ec_key = EC_KEY_new_by_curve_name(OBJ_sn2nid("secp192k1"));
OPENSSL_assert(ec_key);
r = EC_KEY_generate_key(ec_key);
assert(r);
/* set ECIESParameters */
params.kdf_md = EVP_sha1();
params.sym_cipher = EVP_aes_128_cbc();
params.mac_md = EVP_sha1();
derlen = i2d_ECIESParameters(¶ms, NULL);
printf("ECIESParameters DER length = %d\n", derlen);
memset(buffer1, 0, sizeof(buffer1));
strcpy((char *)buffer1, "hello");
cv = ECIES_do_encrypt(¶ms, buffer1, strlen(buffer1) + 1, ec_key);
assert(cv);
memset(buffer3, 0, sizeof(buffer3));
if (!ECIES_do_decrypt(cv, ¶ms, buffer3, &derlen, ec_key)) {
ERR_print_errors_fp(stderr);
return;
}
printf("decrypted plaintext length = %d\n", derlen);
printf("%s\n", buffer3);
derlen = i2d_ECIES_CIPHERTEXT_VALUE(cv, NULL);
printf("ECIES Test: ECIES_CIPHERTEXT_VALUE DER encoding length = %d\n", derlen);
der = OPENSSL_malloc(derlen);
assert(der);
p = der;
i2d_ECIES_CIPHERTEXT_VALUE(cv, &p);
ECIES_CIPHERTEXT_VALUE_free(cv);
cv = NULL;
cp = der;
cv = d2i_ECIES_CIPHERTEXT_VALUE(NULL, &cp, derlen);
assert(cv);
ecies_test_ECIESParameters();
}示例12: ec_key_new_from_group
/*
* Creates a new EC_KEY on the EC group obj. arg can be an EC::Group or a String
* representing an OID.
*/
static EC_KEY *
ec_key_new_from_group(VALUE arg)
{
EC_KEY *ec;
if (rb_obj_is_kind_of(arg, cEC_GROUP)) {
EC_GROUP *group;
SafeRequire_EC_GROUP(arg, group);
if (!(ec = EC_KEY_new()))
ossl_raise(eECError, NULL);
if (!EC_KEY_set_group(ec, group)) {
EC_KEY_free(ec);
ossl_raise(eECError, NULL);
}
} else {
int nid = OBJ_sn2nid(StringValueCStr(arg));
if (nid == NID_undef)
ossl_raise(eECError, "invalid curve name");
if (!(ec = EC_KEY_new_by_curve_name(nid)))
ossl_raise(eECError, NULL);
EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
EC_KEY_set_conv_form(ec, POINT_CONVERSION_UNCOMPRESSED);
}
return ec;
}示例13: ribs_ssl_set_options
int ribs_ssl_set_options(SSL_CTX *ssl_ctx, char *cipher_list) {
/* bugs */
SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); /* almost all bugs */
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2); /* disable SSLv2 per RFC 6176 */
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3); /* disable SSLv3. goodbye IE6 */
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION);
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
/* ciphers */
if (!cipher_list)
cipher_list = _HTTP_SERVER_SSL_CIPHERS;
SSL_CTX_set_options(ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
if (0 == SSL_CTX_set_cipher_list(ssl_ctx, cipher_list))
return LOGGER_ERROR("failed to initialize SSL:cipher_list"), -1;
/* DH 2048 bits */
SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_DH_USE);
DH *dh = DH_new();
dh->p = get_rfc3526_prime_2048(NULL);
BN_dec2bn(&dh->g, "2");
if (0 == SSL_CTX_set_tmp_dh(ssl_ctx, dh))
return LOGGER_ERROR("failed to initialize SSL:dh"), -1;
DH_free(dh);
/* Ecliptic Curve DH */
SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_ECDH_USE);
EC_KEY *ecdh = EC_KEY_new_by_curve_name(OBJ_sn2nid("prime256v1"));
if (ecdh == NULL)
return LOGGER_ERROR("failed to initialize SSL:edch"), -1;
SSL_CTX_set_tmp_ecdh(ssl_ctx, ecdh);
EC_KEY_free(ecdh);
return 0;
}示例14: lws_context_ssl_init_ecdh_curve
static int
lws_context_ssl_init_ecdh_curve(struct lws_context_creation_info *info,
struct lws_vhost *vhost)
{
#ifdef LWS_HAVE_OPENSSL_ECDH_H
EC_KEY *ecdh;
int ecdh_nid;
const char *ecdh_curve = "prime256v1";
if (info->ecdh_curve)
ecdh_curve = info->ecdh_curve;
ecdh_nid = OBJ_sn2nid(ecdh_curve);
if (NID_undef == ecdh_nid) {
lwsl_err("SSL: Unknown curve name '%s'", ecdh_curve);
return 1;
}
ecdh = EC_KEY_new_by_curve_name(ecdh_nid);
if (NULL == ecdh) {
lwsl_err("SSL: Unable to create curve '%s'", ecdh_curve);
return 1;
}
SSL_CTX_set_tmp_ecdh(vhost->ssl_ctx, ecdh);
EC_KEY_free(ecdh);
SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_SINGLE_ECDH_USE);
lwsl_notice(" SSL ECDH curve '%s'\n", ecdh_curve);
#else
lwsl_notice(" OpenSSL doesn't support ECDH\n");
#endif
return 0;
}示例15: initialize_ecdh
/*
* Set ECDH parameters for generating ephemeral Elliptic Curve DH
* keys. This is much simpler than the DH parameters, as we just
* need to provide the name of the curve to OpenSSL.
*/
static bool
initialize_ecdh(SSL_CTX *context, bool isServerStart)
{
#ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh;
int nid;
nid = OBJ_sn2nid(SSLECDHCurve);
if (!nid)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("ECDH: unrecognized curve name: %s", SSLECDHCurve)));
return false;
}
ecdh = EC_KEY_new_by_curve_name(nid);
if (!ecdh)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("ECDH: could not create key")));
return false;
}
SSL_CTX_set_options(context, SSL_OP_SINGLE_ECDH_USE);
SSL_CTX_set_tmp_ecdh(context, ecdh);
EC_KEY_free(ecdh);
#endif
return true;
}