本文整理汇总了C++中PKCS7_free函数的典型用法代码示例。如果您正苦于以下问题:C++ PKCS7_free函数的具体用法?C++ PKCS7_free怎么用?C++ PKCS7_free使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了PKCS7_free函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: CryptoNative_Pkcs7CreateSigned
extern "C" PKCS7* CryptoNative_Pkcs7CreateSigned()
{
PKCS7* pkcs7 = PKCS7_new();
if (pkcs7 == nullptr)
{
return nullptr;
}
if (!PKCS7_set_type(pkcs7, NID_pkcs7_signed) || !PKCS7_content_new(pkcs7, NID_pkcs7_data))
{
PKCS7_free(pkcs7);
return nullptr;
}
return pkcs7;
}示例2: PKCS7_content_new
int PKCS7_content_new(PKCS7 *p7, int type)
{
PKCS7 *ret = NULL;
if ((ret = PKCS7_new()) == NULL)
goto err;
if (!PKCS7_set_type(ret, type))
goto err;
if (!PKCS7_set_content(p7, ret))
goto err;
return (1);
err:
if (ret != NULL)
PKCS7_free(ret);
return (0);
}示例3: verify_command
static int verify_command(char *data, char *digest, char *queryfile,
char *in, int token_in,
char *CApath, char *CAfile, char *untrusted,
X509_VERIFY_PARAM *vpm)
{
BIO *in_bio = NULL;
PKCS7 *token = NULL;
TS_RESP *response = NULL;
TS_VERIFY_CTX *verify_ctx = NULL;
int ret = 0;
if ((in_bio = BIO_new_file(in, "rb")) == NULL)
goto end;
if (token_in) {
if ((token = d2i_PKCS7_bio(in_bio, NULL)) == NULL)
goto end;
} else {
if ((response = d2i_TS_RESP_bio(in_bio, NULL)) == NULL)
goto end;
}
if ((verify_ctx = create_verify_ctx(data, digest, queryfile,
CApath, CAfile, untrusted,
vpm)) == NULL)
goto end;
ret = token_in
? TS_RESP_verify_token(verify_ctx, token)
: TS_RESP_verify_response(verify_ctx, response);
end:
printf("Verification: ");
if (ret)
printf("OK\n");
else {
printf("FAILED\n");
ERR_print_errors(bio_err);
}
BIO_free_all(in_bio);
PKCS7_free(token);
TS_RESP_free(response);
TS_VERIFY_CTX_free(verify_ctx);
return ret;
}示例4: PEM_write_bio_SCEP_MSG
int PEM_write_bio_SCEP_MSG(BIO *bio, SCEP_MSG *msg, EVP_PKEY *pkey) {
PKCS7 *p7 = NULL;
int ret = 0;
/* Generate the signed pkcs7 message */
if( (p7 = i2pk7_SCEP_MSG( msg, pkey )) == NULL )
return 0;
BIO_printf( bio, "-----BEGIN SCEP MESSAGE-----\n" );
ret = B64_write_bio_PKCS7(bio, p7);
BIO_printf( bio, "-----END SCEP MESSAGE-----\n" );
PKCS7_free( p7 );
ERR_clear_error();
return ret;
}示例5: read_PKCS7
/* Reads a PKCS7 token and adds default 'granted' status info to it. */
static TS_RESP *
read_PKCS7(BIO * in_bio)
{
int ret = 0;
PKCS7 *token = NULL;
TS_TST_INFO *tst_info = NULL;
TS_RESP *resp = NULL;
TS_STATUS_INFO *si = NULL;
/* Read PKCS7 object and extract the signed time stamp info. */
if (!(token = d2i_PKCS7_bio(in_bio, NULL)))
goto end;
if (!(tst_info = PKCS7_to_TS_TST_INFO(token)))
goto end;
/* Creating response object. */
if (!(resp = TS_RESP_new()))
goto end;
/* Create granted status info. */
if (!(si = TS_STATUS_INFO_new()))
goto end;
if (!(ASN1_INTEGER_set(si->status, TS_STATUS_GRANTED)))
goto end;
if (!TS_RESP_set_status_info(resp, si))
goto end;
/* Setting encapsulated token. */
TS_RESP_set_tst_info(resp, token, tst_info);
token = NULL; /* Ownership is lost. */
tst_info = NULL; /* Ownership is lost. */
ret = 1;
end:
PKCS7_free(token);
TS_TST_INFO_free(tst_info);
if (!ret) {
TS_RESP_free(resp);
resp = NULL;
}
TS_STATUS_INFO_free(si);
return resp;
}示例6: ossl_pkcs7_copy
static VALUE
ossl_pkcs7_copy(VALUE self, VALUE other)
{
PKCS7 *a, *b, *pkcs7;
rb_check_frozen(self);
if (self == other) return self;
GetPKCS7(self, a);
SafeGetPKCS7(other, b);
pkcs7 = PKCS7_dup(b);
if (!pkcs7) {
ossl_raise(ePKCS7Error, NULL);
}
DATA_PTR(self) = pkcs7;
PKCS7_free(a);
return self;
}示例7: LUA_FUNCTION
static LUA_FUNCTION(openssl_pkcs7_new)
{
int type = luaL_optint(L, 1, NID_pkcs7_signed);
int content_nid = luaL_optint(L, 1, NID_pkcs7_data);
PKCS7 *p7 = PKCS7_new();
if (p7)
{
int ret = 1;
ret = PKCS7_set_type(p7, type);
if (ret)
ret = PKCS7_content_new(p7, content_nid);
if (ret)
{
PUSH_OBJECT(p7, "openssl.pkcs7");
return 1;
}
else
PKCS7_free(p7);
}
return 0;
}示例8: openssl_pkcs7_msg
void openssl_pkcs7_msg()
{
int len;
FILE *fp;
PKCS7 *p7;
unsigned char *der, *p, buf[SHA_DIGEST_LENGTH] = "pkcs7 msg";
p7 = PKCS7_new();
PKCS7_set_type(p7, NID_pkcs7_data);
ASN1_OCTET_STRING_set(p7->d.data, buf, SHA_DIGEST_LENGTH);
len = i2d_PKCS7(p7, NULL);
der = (unsigned char *)malloc(len);
p = der;
len = i2d_PKCS7(p7, &p);
fp = fopen("/tmp/test.cer", "wb");
fwrite(der, 1, len, fp);
fclose(fp);
free(der);
PKCS7_free(p7);
}示例9: util_sign
// Sign this block of data, the first 32 bytes of the block must be avaialble to add the certificate hash.
int __fastcall util_sign(struct util_cert cert, char* data, int datalen, char** signature)
{
int size = 0;
unsigned int hashsize = UTIL_HASHSIZE;
BIO *in = NULL;
PKCS7 *message = NULL;
*signature = NULL;
if (datalen <= UTIL_HASHSIZE) return 0;
// Add hash of the certificate to start of data
X509_digest(cert.x509, EVP_sha256(), (unsigned char*)data, &hashsize);
// Sign the block
in = BIO_new_mem_buf(data, datalen);
message = PKCS7_sign(cert.x509, cert.pkey, NULL, in, PKCS7_BINARY);
if (message == NULL) goto error;
size = i2d_PKCS7(message, (unsigned char**)signature);
error:
if (message != NULL) PKCS7_free(message);
if (in != NULL) BIO_free(in);
return size;
}示例10: EAC_CTX_init_ef_cardsecurity
int
EAC_CTX_init_ef_cardsecurity(const unsigned char *ef_cardsecurity,
size_t ef_cardsecurity_len, EAC_CTX *ctx)
{
PKCS7 *p7 = NULL, *signed_data;
ASN1_OCTET_STRING *os;
int r = 0;
check(ef_cardsecurity, "Invalid arguments");
if (!d2i_PKCS7(&p7, &ef_cardsecurity, ef_cardsecurity_len)
|| !PKCS7_type_is_signed(p7))
goto err;
if (ctx && ctx->ca_ctx &&
!(ctx->ca_ctx->flags & CA_FLAG_DISABLE_PASSIVE_AUTH))
check((CA_passive_authentication(ctx, p7) == 1),
"Failed to perform passive authentication");
signed_data = p7->d.sign->contents;
if (OBJ_obj2nid(signed_data->type) != NID_id_SecurityObject
|| ASN1_TYPE_get(signed_data->d.other) != V_ASN1_OCTET_STRING)
goto err;
os = signed_data->d.other->value.octet_string;
if (!EAC_CTX_init_ef_cardaccess(os->data, os->length, ctx)
|| !ctx || !ctx->ca_ctx || !ctx->ca_ctx->ka_ctx)
goto err;
r = 1;
err:
if (p7)
PKCS7_free(p7);
return r;
}示例11: util_encrypt
// Encrypt a block of data for a target certificate
int __fastcall util_encrypt(struct util_cert cert, char* data, int datalen, char** encdata)
{
int size = 0;
BIO *in = NULL;
PKCS7 *message = NULL;
STACK_OF(X509) *encerts = NULL;
*encdata = NULL;
if (datalen == 0) return 0;
// Setup certificates
encerts = sk_X509_new_null();
sk_X509_push(encerts, cert.x509);
// Encrypt the block
*encdata = NULL;
in = BIO_new_mem_buf(data, datalen);
message = PKCS7_encrypt(encerts, in, EVP_aes_128_cbc(), PKCS7_BINARY);
if (message == NULL) return 0;
size = i2d_PKCS7(message, (unsigned char**)encdata);
BIO_free(in);
PKCS7_free(message);
sk_X509_free(encerts);
return size;
}示例12: STACK_OF
//.........这里部分代码省略.........
// open the file
bio_ptr = BIO_new(BIO_s_file_internal());
if (bio_ptr == NULL)
{
openSslM_ptr->printError(loggerM_ptr, LOG_ERROR, "setting up to read PKCS #7 file");
status = MSG_ERROR;
goto end;
}
if (BIO_read_filename(bio_ptr, filename) <= 0)
{
err = ERR_peek_error();
if ((ERR_GET_LIB(err) == ERR_LIB_SYS) && (ERR_GET_REASON(err) == ERROR_FILE_NOT_FOUND))
{
// file does not exist
ERR_clear_error(); // eat any errors
status = MSG_FILE_NOT_EXIST;
}
else
{
openSslM_ptr->printError(loggerM_ptr, LOG_ERROR, "opening PKCS #7 file for reading");
status = MSG_ERROR;
}
goto end;
}
// try reading the file as a PEM file
p7_ptr = PEM_read_bio_PKCS7(bio_ptr, NULL, NULL, NULL);
if (p7_ptr == NULL)
{
err = ERR_peek_error();
if ((ERR_GET_LIB(err) == ERR_LIB_PEM) && (ERR_GET_REASON(err) == PEM_R_NO_START_LINE))
{
// no PEM start line
ERR_clear_error(); // eat any errors
BIO_reset(bio_ptr); // reset the file to the beginning
// try reading the file as DER
p7_ptr = d2i_PKCS7_bio(bio_ptr, NULL);
}
}
if (p7_ptr == NULL)
{
openSslM_ptr->printError(loggerM_ptr, LOG_ERROR, "reading PKCS #7 file");
status = MSG_ERROR;
}
else
{
// get the certificates from the p7 structure
int p7Type = OBJ_obj2nid(p7_ptr->type);
switch (p7Type)
{
case NID_pkcs7_signed:
certStack_ptr = p7_ptr->d.sign->cert;
break;
case NID_pkcs7_signedAndEnveloped:
certStack_ptr = p7_ptr->d.signed_and_enveloped->cert;
break;
default:
openSslM_ptr->printError(loggerM_ptr, LOG_ERROR, "unsupported PKCS #7 file type");
status = MSG_ERROR;
goto end;
}
if ((certStack_ptr != NULL) && (sk_X509_num(certStack_ptr) > 0))
{
X509* x509_ptr;
// save each of the certificates
while ((x509_ptr = sk_X509_shift(certStack_ptr)) != NULL)
{
if (!push(x509_ptr))
{
status = MSG_ERROR;
goto end;
}
count++;
}
}
if (count == 0)
{
status = MSG_NO_VALUE;
}
else
{
status = MSG_OK;
}
}
end:
// certStack_ptr freed by the PKCS7_free() below
if (p7_ptr != NULL) PKCS7_free(p7_ptr);
if (bio_ptr != NULL) BIO_free(bio_ptr);
return status;
}示例13: pkcs7_to_cert
static int pkcs7_to_cert(struct hs20_osu_client *ctx, const u8 *pkcs7,
size_t len, char *pem_file, char *der_file)
{
#ifdef OPENSSL_IS_BORINGSSL
CBS pkcs7_cbs;
#else /* OPENSSL_IS_BORINGSSL */
PKCS7 *p7 = NULL;
const unsigned char *p = pkcs7;
#endif /* OPENSSL_IS_BORINGSSL */
STACK_OF(X509) *certs;
int i, num, ret = -1;
BIO *out = NULL;
#ifdef OPENSSL_IS_BORINGSSL
certs = sk_X509_new_null();
if (!certs)
goto fail;
CBS_init(&pkcs7_cbs, pkcs7, len);
if (!PKCS7_get_certificates(certs, &pkcs7_cbs)) {
wpa_printf(MSG_INFO, "Could not parse PKCS#7 object: %s",
ERR_error_string(ERR_get_error(), NULL));
write_result(ctx, "Could not parse PKCS#7 object from EST");
goto fail;
}
#else /* OPENSSL_IS_BORINGSSL */
p7 = d2i_PKCS7(NULL, &p, len);
if (p7 == NULL) {
wpa_printf(MSG_INFO, "Could not parse PKCS#7 object: %s",
ERR_error_string(ERR_get_error(), NULL));
write_result(ctx, "Could not parse PKCS#7 object from EST");
goto fail;
}
switch (OBJ_obj2nid(p7->type)) {
case NID_pkcs7_signed:
certs = p7->d.sign->cert;
break;
case NID_pkcs7_signedAndEnveloped:
certs = p7->d.signed_and_enveloped->cert;
break;
default:
certs = NULL;
break;
}
#endif /* OPENSSL_IS_BORINGSSL */
if (!certs || ((num = sk_X509_num(certs)) == 0)) {
wpa_printf(MSG_INFO, "No certificates found in PKCS#7 object");
write_result(ctx, "No certificates found in PKCS#7 object");
goto fail;
}
if (der_file) {
FILE *f = fopen(der_file, "wb");
if (f == NULL)
goto fail;
i2d_X509_fp(f, sk_X509_value(certs, 0));
fclose(f);
}
if (pem_file) {
out = BIO_new(BIO_s_file());
if (out == NULL ||
BIO_write_filename(out, pem_file) <= 0)
goto fail;
for (i = 0; i < num; i++) {
X509 *cert = sk_X509_value(certs, i);
X509_print(out, cert);
PEM_write_bio_X509(out, cert);
BIO_puts(out, "\n");
}
}
ret = 0;
fail:
#ifdef OPENSSL_IS_BORINGSSL
if (certs)
sk_X509_pop_free(certs, X509_free);
#else /* OPENSSL_IS_BORINGSSL */
PKCS7_free(p7);
#endif /* OPENSSL_IS_BORINGSSL */
if (out)
BIO_free_all(out);
return ret;
}示例14: cert_pkcs7_unwrap
//.........这里部分代码省略.........
/* Get failInfo */
if (s->pki_status == SCEP_PKISTATUS_FAILURE)
{
if (1 != cert_get_signed_attribute(attribs, nid_failInfo,V_ASN1_PRINTABLESTRING, &p))
{
goto end;
}
switch (atoi(p))
{
case SCEP_FAILINFO_BADALG:
s->fail_info = SCEP_FAILINFO_BADALG;
break;
case SCEP_FAILINFO_BADMSGCHK:
s->fail_info = SCEP_FAILINFO_BADMSGCHK;
break;
case SCEP_FAILINFO_BADREQ:
s->fail_info = SCEP_FAILINFO_BADREQ;
break;
case SCEP_FAILINFO_BADTIME:
s->fail_info = SCEP_FAILINFO_BADTIME;
break;
case SCEP_FAILINFO_BADCERTID:
s->fail_info = SCEP_FAILINFO_BADCERTID;
break;
default:
goto end;
}
}
/* If FAILURE or PENDING, we can return */
if (s->pki_status != SCEP_PKISTATUS_SUCCESS)
{
/* There shouldn't be any more data... */
retval = 1;
goto end;
}
/* We got success and expect data */
if (used == 0)
{
goto end;
}
/* Decrypt the inner PKCS#7 */
if ((s->request_type == SCEP_REQUEST_PKCSREQ) || (s->request_type == SCEP_REQUEST_GETCERTINIT))
{
recipientcert = s->signercert;
recipientkey = s->signerkey;
}
else
{
recipientcert = cert_localcert;
recipientkey = cert_rsa;
}
p7enc = d2i_PKCS7_bio(outbio, NULL);
if (p7enc == NULL)
{
goto end;
}
BIO_free(outbio);
outbio = NULL;
/* Decrypt the data */
outbio = BIO_new(BIO_s_mem());
if (PKCS7_decrypt(p7enc, recipientkey, recipientcert, outbio, 0) == 0)
{
goto end;
}
(void)BIO_flush(outbio);
/* Write decrypted data */
s->reply_len = BIO_get_mem_data(outbio, &s->reply_payload);
BIO_set_flags(outbio, BIO_FLAGS_MEM_RDONLY);
s->reply_p7 = d2i_PKCS7_bio(outbio, NULL);
retval = 1;
end:
if(NULL != outbio)
{
BIO_free(outbio);
}
if(NULL != memorybio)
{
BIO_free(memorybio);
}
if(NULL != pkcs7bio)
{
BIO_free(pkcs7bio);
}
if(NULL != p7enc)
{
PKCS7_free(p7enc);
}
return retval;
}示例15: parse_pkcs7_data
static int parse_pkcs7_data(const options_t *options, const CRYPT_DATA_BLOB *blob)
{
int result = 0;
const cert_format_e input_fmt = CERT_FORMAT_DER;
PKCS7 *p7 = NULL;
BIO *in = NULL;
CRYPTO_malloc_init();
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
in = BIO_new_mem_buf(blob->pbData, blob->cbData);
if (in == NULL) {
result = -2;
goto error;
}
switch (input_fmt) {
default: EXIT_ERROR("unhandled input format for certificate");
case CERT_FORMAT_DER:
p7 = d2i_PKCS7_bio(in, NULL);
break;
case CERT_FORMAT_PEM:
p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
break;
}
if (p7 == NULL) {
ERR_print_errors_fp(stderr);
result = -3;
goto error;
}
STACK_OF(X509) *certs = NULL;
int type = OBJ_obj2nid(p7->type);
switch (type) {
default: break;
case NID_pkcs7_signed: // PKCS7_type_is_signed(p7)
certs = p7->d.sign->cert;
break;
case NID_pkcs7_signedAndEnveloped: // PKCS7_type_is_signedAndEnveloped(p7)
certs = p7->d.signed_and_enveloped->cert;
break;
}
const int numcerts = certs != NULL ? sk_X509_num(certs) : 0;
for (int i = 0; i < numcerts; i++) {
X509 *cert = sk_X509_value(certs, i);
print_certificate(options->certout, options->certoutform, cert);
// NOTE: Calling X509_free(cert) is unnecessary.
}
// Print whether certificate signature is valid
if (numcerts > 0) {
X509 *subject = sk_X509_value(certs, 0);
X509 *issuer = sk_X509_value(certs, numcerts - 1);
int valid_sig = X509_verify(subject, X509_get_pubkey(issuer));
output("Signature", valid_sig == 1 ? "valid" : "invalid");
}
// Print signers
if (numcerts > 0) {
output_open_scope("signers", OUTPUT_SCOPE_TYPE_ARRAY);
for (int i = 0; i < numcerts; i++) {
X509 *cert = sk_X509_value(certs, i);
X509_NAME *name = X509_get_subject_name(cert);
int issuer_name_len = X509_NAME_get_text_by_NID(name, NID_commonName, NULL, 0);
if (issuer_name_len > 0) {
output_open_scope("signer", OUTPUT_SCOPE_TYPE_OBJECT);
char issuer_name[issuer_name_len + 1];
X509_NAME_get_text_by_NID(name, NID_commonName, issuer_name, issuer_name_len + 1);
output("Issuer", issuer_name);
output_close_scope(); // signer
}
}
output_close_scope(); // signers
}
error:
if (p7 != NULL)
PKCS7_free(p7);
if (in != NULL)
BIO_free(in);
// Deallocate everything from OpenSSL_add_all_algorithms
EVP_cleanup();
// Deallocate everything from ERR_load_crypto_strings
ERR_free_strings();
return result;
}