本文整理汇总了C++中OpenSSL_add_all_algorithms函数的典型用法代码示例。如果您正苦于以下问题:C++ OpenSSL_add_all_algorithms函数的具体用法?C++ OpenSSL_add_all_algorithms怎么用?C++ OpenSSL_add_all_algorithms使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了OpenSSL_add_all_algorithms函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: main
//.........这里部分代码省略.........
}
executable = rindex(argv[0], '/');
if (executable != NULL) executable++;
else executable = argv[0];
if (strcmp(executable, "htproxydestroy") == 0) method = HTPROXY_DESTROY;
else if (strcmp(executable, "htproxyrenew") == 0) method = HTPROXY_RENEW;
else if (strcmp(executable, "htproxytime") == 0) method = HTPROXY_TIME;
else if (strcmp(executable, "htproxyunixtime") == 0)
method = HTPROXY_UNIXTIME;
else if (strcmp(executable, "htproxymake") == 0) method = HTPROXY_MAKE;
else if (strcmp(executable, "htproxyinfo") == 0) method = HTPROXY_INFO;
if ((method != HTPROXY_MAKE) &&
(method != HTPROXY_INFO) && (optind + 1 != argc))
{
fprintf(stderr, "Must specify a delegation service URL!\n");
return 1;
}
if ((method == HTPROXY_RENEW) && (delegation_id[0] == '\0'))
{
fprintf(stderr, "Must give a Delegation ID when renewing\n");
return 1;
}
if (valid == NULL) minutes = 60 * 12;
else minutes = atoi(valid);
if (verbose) fprintf(stderr, "Proxy valid for %d minutes\n", minutes);
ERR_load_crypto_strings ();
OpenSSL_add_all_algorithms();
if ((cert == NULL) && (key != NULL)) cert = key;
else if ((cert != NULL) && (key == NULL)) key = cert;
else if ((cert == NULL) && (key == NULL))
{
if (method != HTPROXY_MAKE) cert = getenv("X509_USER_PROXY");
if (cert != NULL) key = cert;
else
{
if (method != HTPROXY_MAKE)
asprintf(&(cert), "/tmp/x509up_u%d", geteuid());
/* one fine day, we will check the proxy file for
expiry too to avoid suprises when we try to use it ... */
if (stat(cert, &statbuf) == 0) key = cert;
else if (method != HTPROXY_INFO)
{
cert = getenv("X509_USER_CERT");
key = getenv("X509_USER_KEY");
userpasswd = getpwuid(geteuid());
if ((cert == NULL) &&
(userpasswd != NULL) &&
(userpasswd->pw_dir != NULL))
asprintf(&(cert), "%s/.globus/usercert.pem",
userpasswd->pw_dir);
if ((key == NULL) &&
(userpasswd != NULL) &&示例2: Init_openssl
/*
* OSSL library init
*/
void
Init_openssl()
{
/*
* Init timezone info
*/
#if 0
tzset();
#endif
/*
* Init all digests, ciphers
*/
/* CRYPTO_malloc_init(); */
/* ENGINE_load_builtin_engines(); */
OpenSSL_add_ssl_algorithms();
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
SSL_load_error_strings();
/*
* FIXME:
* On unload do:
*/
#if 0
CONF_modules_unload(1);
destroy_ui_method();
EVP_cleanup();
ENGINE_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
ERR_free_strings();
#endif
/*
* Init main module
*/
mOSSL = rb_define_module("OpenSSL");
/*
* Constants
*/
rb_define_const(mOSSL, "VERSION", rb_str_new2(OSSL_VERSION));
rb_define_const(mOSSL, "OPENSSL_VERSION", rb_str_new2(OPENSSL_VERSION_TEXT));
rb_define_const(mOSSL, "OPENSSL_VERSION_NUMBER", INT2NUM(OPENSSL_VERSION_NUMBER));
/*
* Generic error,
* common for all classes under OpenSSL module
*/
eOSSLError = rb_define_class_under(mOSSL,"OpenSSLError",rb_eStandardError);
/*
* Verify callback Proc index for ext-data
*/
if ((ossl_verify_cb_idx = X509_STORE_CTX_get_ex_new_index(0, (void *)"ossl_verify_cb_idx", 0, 0, 0)) < 0)
ossl_raise(eOSSLError, "X509_STORE_CTX_get_ex_new_index");
/*
* Init debug core
*/
dOSSL = Qfalse;
rb_define_module_function(mOSSL, "debug", ossl_debug_get, 0);
rb_define_module_function(mOSSL, "debug=", ossl_debug_set, 1);
rb_define_module_function(mOSSL, "errors", ossl_get_errors, 0);
/*
* Get ID of to_der
*/
ossl_s_to_der = rb_intern("to_der");
/*
* Init components
*/
Init_ossl_bn();
Init_ossl_cipher();
Init_ossl_config();
Init_ossl_digest();
Init_ossl_hmac();
Init_ossl_ns_spki();
Init_ossl_pkcs12();
Init_ossl_pkcs7();
Init_ossl_pkcs5();
Init_ossl_pkey();
Init_ossl_rand();
Init_ossl_ssl();
Init_ossl_x509();
Init_ossl_ocsp();
Init_ossl_engine();
Init_ossl_asn1();
}示例3: main
int
main(int argc, char **argv)
{
Buffer b;
Options options;
#define NUM_KEYTYPES 3
Key *keys[NUM_KEYTYPES], *key = NULL;
struct passwd *pw;
int key_fd[NUM_KEYTYPES], i, found, version = 2, fd;
u_char *signature, *data;
char *host;
u_int slen, dlen;
u_int32_t rnd[256];
/* Ensure that stdin and stdout are connected */
if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2)
exit(1);
/* Leave /dev/null fd iff it is attached to stderr */
if (fd > 2)
close(fd);
i = 0;
key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY);
key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
original_real_uid = getuid(); /* XXX readconf.c needs this */
if ((pw = getpwuid(original_real_uid)) == NULL)
fatal("getpwuid failed");
pw = pwcopy(pw);
permanently_set_uid(pw);
#ifdef DEBUG_SSH_KEYSIGN
log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0);
#endif
/* verify that ssh-keysign is enabled by the admin */
initialize_options(&options);
(void)read_config_file(_PATH_HOST_CONFIG_FILE, "", &options, 0);
fill_default_options(&options);
if (options.enable_ssh_keysign != 1)
fatal("ssh-keysign not enabled in %s",
_PATH_HOST_CONFIG_FILE);
for (i = found = 0; i < NUM_KEYTYPES; i++) {
if (key_fd[i] != -1)
found = 1;
}
if (found == 0)
fatal("could not open any host key");
OpenSSL_add_all_algorithms();
for (i = 0; i < 256; i++)
rnd[i] = arc4random();
RAND_seed(rnd, sizeof(rnd));
found = 0;
for (i = 0; i < NUM_KEYTYPES; i++) {
keys[i] = NULL;
if (key_fd[i] == -1)
continue;
keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC,
NULL, NULL);
close(key_fd[i]);
if (keys[i] != NULL)
found = 1;
}
if (!found)
fatal("no hostkey found");
buffer_init(&b);
if (ssh_msg_recv(STDIN_FILENO, &b) < 0)
fatal("ssh_msg_recv failed");
if (buffer_get_char(&b) != version)
fatal("bad version");
fd = buffer_get_int(&b);
if ((fd == STDIN_FILENO) || (fd == STDOUT_FILENO))
fatal("bad fd");
if ((host = get_local_name(fd)) == NULL)
fatal("cannot get local name for fd");
data = buffer_get_string(&b, &dlen);
if (valid_request(pw, host, &key, data, dlen) < 0)
fatal("not a valid request");
xfree(host);
found = 0;
for (i = 0; i < NUM_KEYTYPES; i++) {
if (keys[i] != NULL &&
key_equal_public(key, keys[i])) {
found = 1;
break;
}
}
if (!found)
fatal("no matching hostkey found");
if (key_sign(keys[i], &signature, &slen, data, dlen) != 0)
fatal("key_sign failed");
//.........这里部分代码省略.........
示例4: main
int main(int argc, char **argv)
{
int sockfd, len;
struct sockaddr_in dest;
char buffer[MAXBUF + 1];
SSL_CTX *ctx;
SSL *ssl;
if (argc != 3) {
printf("参数格式错误!正确用法如下:\n\t\t%s IP地址 端口\n\t比如:\t%s 127.0.0.1 80\n此程序用来从某个"
"IP 地址的服务器某个端口接收最多 MAXBUF 个字节的消息",
argv[0], argv[0]);
exit(0);
}
SSL_library_init();
OpenSSL_add_all_algorithms();
SSL_load_error_strings();
ctx = SSL_CTX_new(SSLv23_client_method());
if (ctx == NULL) {
ERR_print_errors_fp(stdout);
exit(1);
}
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("Socket");
exit(errno);
}
printf("socket created\n");
bzero(&dest, sizeof(dest));
dest.sin_family = AF_INET;
dest.sin_port = htons(atoi(argv[2]));
if (inet_aton(argv[1], (struct in_addr *) &dest.sin_addr.s_addr) == 0) {
perror(argv[1]);
exit(errno);
}
printf("address created\n");
if (connect(sockfd, (struct sockaddr *) &dest, sizeof(dest)) != 0) {
perror("Connect ");
exit(errno);
}
printf("server connected\n");
ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) == -1)
ERR_print_errors_fp(stderr);
else {
printf("Connected with %s encryption\n", SSL_get_cipher(ssl));
ShowCerts(ssl);
}
bzero(buffer, MAXBUF + 1);
len = SSL_read(ssl, buffer, MAXBUF);
if (len > 0)
printf("接收消息成功:'%s',共%d个字节的数据\n",
buffer, len);
else {
printf
("消息接收失败!错误代码是%d,错误信息是'%s'\n",
errno, strerror(errno));
goto finish;
}
bzero(buffer, MAXBUF + 1);
strcpy(buffer, "from client->server");
len = SSL_write(ssl, buffer, strlen(buffer));
if (len < 0)
printf
("消息'%s'发送失败!错误代码是%d,错误信息是'%s'\n",
buffer, errno, strerror(errno));
else
printf("消息'%s'发送成功,共发送了%d个字节!\n",
buffer, len);
finish:
SSL_shutdown(ssl);
SSL_free(ssl);
close(sockfd);
SSL_CTX_free(ctx);
return 0;
}示例5: mod_init
/**
* init module function
* return value: -1: error
* 0: else
*/
static int mod_init(void)
{
LM_INFO("initializing ...\n");
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
if(!caList)
{
LM_ERR("caList not set\n");
return 0;
}
if(!privKey)
{
LM_ERR("modparam privKey not set\n");
return 0;
}
if(!authCert)
{
LM_ERR("param authCert not set\n");
return 0;
}
if(!verCert)
{
LM_ERR("verCert not set\n");
return 0;
}
if(useCrls && (!crlList))
{
LM_ERR("useCrls=1 and crlList not set\n");
return 0;
}
if(!setAuthCertPeriod())
{
LM_ERR("initialization failed\n");
return -1;
}
if(!readPrivKey())
{
LM_ERR("initialization failed\n");
return -1;
}
if(!certUri)
{
LM_ERR("certUri not set\n");
return -1;
}
if(!initVerCertWithSlash())
{
LM_ERR("initialization failed\n");
return -1;
}
if(!prepareCertValidation())
{
LM_ERR("initialization failed\n");
return -1;
}
return 0;
}示例6: main
//.........这里部分代码省略.........
}
else if (swl_min != NULL && swl_max == NULL)
wordlength_max = wordlength_min;
else if (swl_min == NULL && swl_max != NULL)
wordlength_min = wordlength_max;
}
if (isbrute) {
if (ics != NULL) {
base = ics;
}
else {
if (scs == NULL)
scs = "x"; // by default all character sets
base = getbase(scs);
if (base == NULL)
usage();
}
}
else if (scs != NULL || ics != NULL) {
printf("-c and -s flags require -b, -m or -M flags\n");
usage();
}
if (nt != NULL) {
nthreads = strtol(nt, NULL, 10);
if (errno == EINVAL)
usage();
}
if (!quiet)
nthreads_total++;
OpenSSL_add_all_algorithms();
pthread_t *thread = (pthread_t *) calloc(nthreads_total,sizeof(pthread_t));
int *thread_ret = (int *) calloc(nthreads_total, sizeof(int));
pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
count = calloc(nthreads, sizeof(unsigned long long));
int i;
if (isdict) {
// Opening dictionary file
FILE *dictfile = fopen(dict,"r");
if (!dictfile) {
fprintf(stderr,"Dictionary file not found: %s\n",dict);
exit(20);
}
workerdict *wthread = (workerdict *) calloc(nthreads,sizeof(workerdict));
printf("\nDictionary attack - Starting %d threads\n",nthreads);
for (i=0; i<nthreads; i++) {
wthread[i].id = i;
wthread[i].m = &mutex;
wthread[i].dictfile = dictfile;
wthread[i].file2crack = infile;
wthread[i].quiet = quiet;
wthread[i].count = count+i;
thread_ret[i] = pthread_create( &thread[i], NULL, work_dict, (void*) &wthread[i]);
}
if (!quiet)
pthread_create(&thread[i], NULL, print_output, (void*) count);
for (i=0; i<nthreads_total; i++) {
pthread_join(thread[i], NULL);
}
示例7: main
//.........这里部分代码省略.........
err("url must be http or https");
goto error;
}
host = evhttp_uri_get_host(http_uri);
if (host == NULL) {
err("url must have a host");
goto error;
}
port = evhttp_uri_get_port(http_uri);
if (port == -1) {
port = (strcasecmp(scheme, "http") == 0) ? 80 : 443;
}
path = evhttp_uri_get_path(http_uri);
if (strlen(path) == 0) {
path = "/";
}
query = evhttp_uri_get_query(http_uri);
if (query == NULL) {
snprintf(uri, sizeof(uri) - 1, "%s", path);
} else {
snprintf(uri, sizeof(uri) - 1, "%s?%s", path, query);
}
uri[sizeof(uri) - 1] = '\0';
#if OPENSSL_VERSION_NUMBER < 0x10100000L
// Initialize OpenSSL
SSL_library_init();
ERR_load_crypto_strings();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
#endif
/* This isn't strictly necessary... OpenSSL performs RAND_poll
* automatically on first use of random number generator. */
r = RAND_poll();
if (r == 0) {
err_openssl("RAND_poll");
goto error;
}
/* Create a new OpenSSL context */
ssl_ctx = SSL_CTX_new(SSLv23_method());
if (!ssl_ctx) {
err_openssl("SSL_CTX_new");
goto error;
}
#ifndef _WIN32
/* TODO: Add certificate loading on Windows as well */
/* Attempt to use the system's trusted root certificates.
* (This path is only valid for Debian-based systems.) */
if (1 != SSL_CTX_load_verify_locations(ssl_ctx, crt, NULL)) {
err_openssl("SSL_CTX_load_verify_locations");
goto error;
}
/* Ask OpenSSL to verify the server certificate. Note that this
* does NOT include verifying that the hostname is correct.
* So, by itself, this means anyone with any legitimate
* CA-issued certificate for any website, can impersonate any
* other website in the world. This is not good. See "The
* Most Dangerous Code in the World" article at示例8: pk7_verify
static int pk7_verify(X509_STORE *cert_store, PKCS7 *p7, BIO *detached, char *ebuf, int ebufsize)
{
PKCS7_SIGNER_INFO *si;
verify_context vctx;
BIO *p7bio=NULL;
char readbuf[1024*4];
int res = 1;
int i;
STACK_OF(PKCS7_SIGNER_INFO) *sk;
vctx.err = X509_V_OK;
ebuf[0] = 0;
OpenSSL_add_all_algorithms();
EVP_add_digest(EVP_md5());
EVP_add_digest(EVP_sha1());
ERR_load_crypto_strings();
ERR_clear_error();
X509_VERIFY_PARAM_set_flags(cert_store->param, X509_V_FLAG_CB_ISSUER_CHECK);
X509_STORE_set_verify_cb_func(cert_store, verify_callback);
p7bio = PKCS7_dataInit(p7, detached);
/* We now have to 'read' from p7bio to calculate digests etc. */
while (BIO_read(p7bio, readbuf, sizeof(readbuf)) > 0)
;
/* We can now verify signatures */
sk = PKCS7_get_signer_info(p7);
if (sk == NULL)
{
/* there are no signatures on this data */
res = 0;
fz_strlcpy(ebuf, "No signatures", ebufsize);
goto exit;
}
for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sk); i++)
{
int rc;
si = sk_PKCS7_SIGNER_INFO_value(sk, i);
rc = PKCS7_dataVerify(cert_store, &vctx.x509_ctx, p7bio,p7, si);
if (rc <= 0 || vctx.err != X509_V_OK)
{
char tbuf[120];
if (rc <= 0)
{
fz_strlcpy(ebuf, ERR_error_string(ERR_get_error(), tbuf), ebufsize);
}
else
{
/* Error while checking the certificate chain */
snprintf(ebuf, ebufsize, "%s(%d): %s", X509_verify_cert_error_string(vctx.err), vctx.err, vctx.certdesc);
}
res = 0;
goto exit;
}
}
exit:
X509_STORE_CTX_cleanup(&vctx.x509_ctx);
ERR_free_strings();
return res;
}示例9: main
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *rcert = NULL;
EVP_PKEY *rkey = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Read in recipient certificate and private key */
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
if (!rcert || !rkey)
goto err;
/* Open S/MIME message to decrypt */
in = BIO_new_file("smencr.txt", "r");
if (!in)
goto err;
/* Parse message */
cms = SMIME_read_CMS(in, NULL);
if (!cms)
goto err;
out = BIO_new_file("decout.txt", "w");
if (!out)
goto err;
/* Decrypt S/MIME message */
if (!CMS_decrypt(cms, rkey, rcert, NULL, out, 0))
goto err;
ret = 0;
err:
if (ret) {
fprintf(stderr, "Error Decrypting Data\n");
ERR_print_errors_fp(stderr);
}
if (cms)
CMS_ContentInfo_free(cms);
if (rcert)
X509_free(rcert);
if (rkey)
EVP_PKEY_free(rkey);
if (in)
BIO_free(in);
if (out)
BIO_free(out);
if (tbio)
BIO_free(tbio);
return ret;
}示例10: main
int main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL;
X509 *scert = NULL, *scert2 = NULL;
EVP_PKEY *skey = NULL, *skey2 = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
tbio = BIO_new_file("signer.pem", "r");
if (!tbio)
goto err;
scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
BIO_free(tbio);
tbio = BIO_new_file("signer2.pem", "r");
if (!tbio)
goto err;
scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL);
BIO_reset(tbio);
skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
if (!scert2 || !skey2)
goto err;
in = BIO_new_file("sign.txt", "r");
if (!in)
goto err;
cms = CMS_sign(NULL, NULL, NULL, in, CMS_STREAM|CMS_PARTIAL);
if (!cms)
goto err;
/* Add each signer in turn */
if (!CMS_add1_signer(cms, scert, skey, NULL, 0))
goto err;
if (!CMS_add1_signer(cms, scert2, skey2, NULL, 0))
goto err;
out = BIO_new_file("smout.txt", "w");
if (!out)
goto err;
/* NB: content included and finalized by SMIME_write_CMS */
if (!SMIME_write_CMS(out, cms, in, CMS_STREAM))
goto err;
ret = 0;
err:
if (ret)
{
fprintf(stderr, "Error Signing Data\n");
ERR_print_errors_fp(stderr);
}
if (cms)
CMS_ContentInfo_free(cms);
if (scert)
X509_free(scert);
if (skey)
EVP_PKEY_free(skey);
if (scert2)
X509_free(scert2);
if (skey)
EVP_PKEY_free(skey2);
if (in)
BIO_free(in);
if (out)
BIO_free(out);
if (tbio)
BIO_free(tbio);
return ret;
}示例11: _backend_init
static bool _backend_init(Backend *backend) {
OpenSSL_add_all_algorithms();
//listTokens(backend);
return true;
}示例12: main
int main() {
char dest_url[] = "https://www.hp.com";
BIO *certbio = NULL;
BIO *outbio = NULL;
X509 *cert = NULL;
X509_NAME *certname = NULL;
const SSL_METHOD *method;
SSL_CTX *ctx;
SSL *ssl;
int server = 0;
int ret, i;
EVP_PKEY *pkey = NULL;
/* ---------------------------------------------------------- *
* These function calls initialize openssl for correct work. *
* ---------------------------------------------------------- */
OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
ERR_load_crypto_strings();
SSL_load_error_strings();
/* ---------------------------------------------------------- *
* Create the Input/Output BIO's. *
* ---------------------------------------------------------- */
certbio = BIO_new(BIO_s_file());
outbio = BIO_new_fp(stdout, BIO_NOCLOSE);
/* ---------------------------------------------------------- *
* initialize SSL library and register algorithms *
* ---------------------------------------------------------- */
if(SSL_library_init() < 0)
BIO_printf(outbio, "Could not initialize the OpenSSL library !\n");
/* ---------------------------------------------------------- *
* Set SSLv2 client hello, also announce SSLv3 and TLSv1 *
* ---------------------------------------------------------- */
method = SSLv23_client_method();
/* ---------------------------------------------------------- *
* Try to create a new SSL context *
* ---------------------------------------------------------- */
if ( (ctx = SSL_CTX_new(method)) == NULL)
BIO_printf(outbio, "Unable to create a new SSL context structure.\n");
/* ---------------------------------------------------------- *
* Disabling SSLv2 will leave v3 and TSLv1 for negotiation *
* ---------------------------------------------------------- */
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
/* ---------------------------------------------------------- *
* Create new SSL connection state object *
* ---------------------------------------------------------- */
ssl = SSL_new(ctx);
/* ---------------------------------------------------------- *
* Make the underlying TCP socket connection *
* ---------------------------------------------------------- */
server = create_socket(dest_url, outbio);
if(server != 0)
BIO_printf(outbio, "Successfully made the TCP connection to: %s.\n", dest_url);
/* ---------------------------------------------------------- *
* Attach the SSL session to the socket descriptor *
* ---------------------------------------------------------- */
SSL_set_fd(ssl, server);
/* ---------------------------------------------------------- *
* Try to SSL-connect here, returns 1 for success *
* ---------------------------------------------------------- */
if ( SSL_connect(ssl) != 1 )
BIO_printf(outbio, "Error: Could not build a SSL session to: %s.\n", dest_url);
else
BIO_printf(outbio, "Successfully enabled SSL/TLS session to: %s.\n", dest_url);
/* ---------------------------------------------------------- *
* Get the remote certificate into the X509 structure *
* ---------------------------------------------------------- */
cert = SSL_get_peer_certificate(ssl);
if (cert == NULL)
BIO_printf(outbio, "Error: Could not get a certificate from: %s.\n", dest_url);
else
BIO_printf(outbio, "Retrieved the server's certificate from: %s.\n", dest_url);
if ((pkey = X509_get_pubkey(cert)) == NULL)
BIO_printf(outbio, "Error getting public key from certificate");
if (pkey) {
switch (pkey->type) {
case EVP_PKEY_RSA:
BIO_printf(outbio, "%d bit RSA Key\n\n", EVP_PKEY_bits(pkey));
break;
case EVP_PKEY_DSA:
BIO_printf(outbio, "%d bit DSA Key\n\n", EVP_PKEY_bits(pkey));
break;
default:
BIO_printf(outbio, "%d bit non-RSA/DSA Key\n\n", EVP_PKEY_bits(pkey));
break;
}
//.........这里部分代码省略.........
示例13: main
int main(int argc, char * const argv[])
{
int err = 0, r, c, long_optind = 0;
int action_count = 0;
int do_initialize = 0;
int do_import_dkek_share = 0;
int do_create_dkek_share = 0;
int do_wrap_key = 0;
int do_unwrap_key = 0;
sc_path_t path;
sc_file_t *file = NULL;
const char *opt_so_pin = NULL;
const char *opt_pin = NULL;
const char *opt_filename = NULL;
char *opt_password = NULL;
int opt_retry_counter = 3;
int opt_dkek_shares = -1;
int opt_key_reference = -1;
int opt_password_shares_threshold = -1;
int opt_password_shares_total = -1;
int opt_force = 0;
int opt_iter = 10000000;
sc_context_param_t ctx_param;
setbuf(stderr, NULL);
setbuf(stdout, NULL);
while (1) {
c = getopt_long(argc, argv, "XC:I:W:U:s:i:fr:wv", options, &long_optind);
if (c == -1)
break;
if (c == '?')
util_print_usage_and_die(app_name, options, option_help, NULL);
switch (c) {
case 'X':
do_initialize = 1;
action_count++;
break;
case 'C':
do_create_dkek_share = 1;
opt_filename = optarg;
action_count++;
break;
case 'I':
do_import_dkek_share = 1;
opt_filename = optarg;
action_count++;
break;
case 'W':
do_wrap_key = 1;
opt_filename = optarg;
action_count++;
break;
case 'U':
do_unwrap_key = 1;
opt_filename = optarg;
action_count++;
break;
case OPT_PASSWORD:
opt_password = optarg;
break;
case OPT_SO_PIN:
opt_so_pin = optarg;
break;
case OPT_PIN:
opt_pin = optarg;
break;
case OPT_RETRY:
opt_retry_counter = atol(optarg);
break;
case OPT_PASSWORD_SHARES_THRESHOLD:
opt_password_shares_threshold = atol(optarg);
break;
case OPT_PASSWORD_SHARES_TOTAL:
opt_password_shares_total = atol(optarg);
break;
case 's':
opt_dkek_shares = atol(optarg);
break;
case 'f':
opt_force = 1;
break;
case 'i':
opt_key_reference = atol(optarg);
break;
case 'r':
opt_reader = optarg;
break;
case 'v':
verbose++;
break;
case 'w':
opt_wait = 1;
break;
}
}
CRYPTO_malloc_init();
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
//.........这里部分代码省略.........
示例14: main
int main (int argc, char **argv)
{
BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL;
X509_STORE *st = NULL;
X509 *cacert = NULL;
CMS_ContentInfo *cms = NULL;
int ret = 1;
OpenSSL_add_all_algorithms ();
ERR_load_crypto_strings ();
/* Set up trusted CA certificate store */
st = X509_STORE_new ();
/* Read in CA certificate */
tbio = BIO_new_file ("cacert.pem", "r");
if (!tbio)
goto err;
cacert = PEM_read_bio_X509 (tbio, NULL, 0, NULL);
if (!cacert)
goto err;
if (!X509_STORE_add_cert (st, cacert))
goto err;
/* Open message being verified */
in = BIO_new_file ("smout.txt", "r");
if (!in)
goto err;
/* parse message */
cms = SMIME_read_CMS (in, &cont);
if (!cms)
goto err;
/* File to output verified content to */
out = BIO_new_file ("smver.txt", "w");
if (!out)
goto err;
if (!CMS_verify (cms, NULL, st, cont, out, 0))
{
fprintf (stderr, "Verification Failure\n");
goto err;
}
fprintf (stderr, "Verification Successful\n");
ret = 0;
err:
if (ret)
{
fprintf (stderr, "Error Verifying Data\n");
ERR_print_errors_fp (stderr);
}
if (cms)
CMS_ContentInfo_free (cms);
if (cacert)
X509_free (cacert);
if (in)
BIO_free (in);
if (out)
BIO_free (out);
if (tbio)
BIO_free (tbio);
return ret;
}示例15: enc_key_init
void enc_key_init(int method, const char *pass)
{
if (method <= TABLE || method >= CIPHER_NUM) {
LOGE("enc_key_init(): Illegal method");
return;
}
// Inilitialize cache
cache_create(&iv_cache, 256, NULL);
#if defined(USE_CRYPTO_OPENSSL)
OpenSSL_add_all_algorithms();
#endif
uint8_t iv[MAX_IV_LENGTH];
cipher_kt_t *cipher;
cipher_kt_t cipher_info;
if (method == SALSA20 || method == CHACHA20) {
if (sodium_init() == -1) {
FATAL("Failed to initialize sodium");
}
// Fake cipher
cipher = (cipher_kt_t *)&cipher_info;
#if defined(USE_CRYPTO_OPENSSL)
cipher->key_len = supported_ciphers_key_size[method];
cipher->iv_len = supported_ciphers_iv_size[method];
#endif
#if defined(USE_CRYPTO_POLARSSL)
cipher->base = NULL;
cipher->key_length = supported_ciphers_key_size[method] * 8;
cipher->iv_size = supported_ciphers_iv_size[method];
#endif
#if defined(USE_CRYPTO_MBEDTLS)
// XXX: key_length changed to key_bitlen in mbed TLS 2.0.0
cipher->base = NULL;
cipher->key_bitlen = supported_ciphers_key_size[method] * 8;
cipher->iv_size = supported_ciphers_iv_size[method];
#endif
} else {
cipher = (cipher_kt_t *)get_cipher_type(method);
}
if (cipher == NULL) {
do {
#if defined(USE_CRYPTO_POLARSSL) && defined(USE_CRYPTO_APPLECC)
if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid) {
cipher_info.base = NULL;
cipher_info.key_length = supported_ciphers_key_size[method] * 8;
cipher_info.iv_size = supported_ciphers_iv_size[method];
cipher = (cipher_kt_t *)&cipher_info;
break;
}
#endif
#if defined(USE_CRYPTO_MBEDTLS) && defined(USE_CRYPTO_APPLECC)
// XXX: key_length changed to key_bitlen in mbed TLS 2.0.0
if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid) {
cipher_info.base = NULL;
cipher_info.key_bitlen = supported_ciphers_key_size[method] * 8;
cipher_info.iv_size = supported_ciphers_iv_size[method];
cipher = (cipher_kt_t *)&cipher_info;
break;
}
#endif
LOGE("Cipher %s not found in crypto library",
supported_ciphers[method]);
FATAL("Cannot initialize cipher");
} while (0);
}
const digest_type_t *md = get_digest_type("MD5");
if (md == NULL) {
FATAL("MD5 Digest not found in crypto library");
}
enc_key_len = bytes_to_key(cipher, md, (const uint8_t *)pass, enc_key, iv);
if (enc_key_len == 0) {
FATAL("Cannot generate key and IV");
}
if (method == RC4_MD5) {
enc_iv_len = 16;
} else {
enc_iv_len = cipher_iv_size(cipher);
}
enc_method = method;
}