本文整理汇总了C++中SSL_use_certificate函数的典型用法代码示例。如果您正苦于以下问题:C++ SSL_use_certificate函数的具体用法?C++ SSL_use_certificate怎么用?C++ SSL_use_certificate使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SSL_use_certificate函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: LOG_ASSERT
bool VSslServer::setKeyCrtStuff(VError& error, SSL* con, EVP_PKEY* key, X509* crt)
{
LOG_ASSERT(key != NULL);
LOG_ASSERT(crt != NULL);
// LOG_DEBUG("con=%p key=%p crt=%p", con, key, crt); // gilgil temp 2014.03.14
int res = SSL_use_certificate(con, crt);
if (res <= 0)
{
error = VSslError(QString("SSL_use_certificate return %1").arg(res), VSslError::IN_SSL_CTX_USE_CERTIFICATE);
return false;
}
res = SSL_use_PrivateKey(con, key);
if (res <= 0)
{
error = VSslError(QString("SSL_use_PrivateKey return %1").arg(res), VSslError::SSL_CTX_USER_PRIVATEKEY);
return false;
}
res = SSL_check_private_key(con);
if (!res)
{
error = VSslError(QString("SSL_check_private_key return %1").arg(res), VSslError::SSL_CTX_CHECK_PRIVATEKEY);
return false;
}
return true;
}示例2: BIO_new
bool Engine::set_p12_certificate_privatekey(const Data & data, const std::string & password)
{
if( data.empty() ) // BIO undefined behaviour when writing 0
return false;
BIO *mem = BIO_new(BIO_s_mem());
BIO_write(mem, data.getData(), data.getSize());
PKCS12 * pkcs12 = d2i_PKCS12_bio(mem, NULL);
BIO_free(mem);
mem = 0;
X509 * cax = 0;
EVP_PKEY * pkey = 0;
// int succ =
PKCS12_parse(pkcs12, password.c_str(), &pkey, &cax, NULL);
// int err = ERR_get_error();
// const char * err_str = ERR_error_string(err, 0);
int cert_res = SSL_use_certificate(ssl, cax);
if (cax)
X509_free(cax);
cax = 0;
int key_res = SSL_use_PrivateKey(ssl, pkey);
if( pkey )
EVP_PKEY_free(pkey);
pkey = 0;
int check_res = SSL_check_private_key(ssl);
return cert_res == 1 && key_res == 1 && check_res == 1;
}示例3: krypt_set_rsa
// XXX Clean up this function, we MUST handle all errors possible
int krypt_set_rsa(krypt_t *kconn)
{
if (kconn->security_level == KRYPT_RSA) {
jlog(L_NOTICE, "the security level is already set to RSA");
return 0;
}
SSL_set_cipher_list(kconn->ssl, "AES256-SHA");
// Load the trusted certificate store into our SSL_CTX
SSL_CTX_set_cert_store(kconn->ctx, kconn->passport->trusted_authority);
// Force the peer cert verifying + fail if no cert is sent by the peer
SSL_set_verify(kconn->ssl, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verify_callback);
// Set the certificate and key
SSL_use_certificate(kconn->ssl, kconn->passport->certificate);
SSL_use_PrivateKey(kconn->ssl, kconn->passport->keyring);
if (kconn->conn_type == KRYPT_SERVER) {
jlog(L_NOTICE, "set verify");
// Change the session id to avoid resuming ADH session
SSL_set_session_id_context(kconn->ssl, (void*)&s_server_auth_session_id_context,
sizeof(s_server_auth_session_id_context));
}
kconn->security_level = KRYPT_RSA;
return 0;
}示例4: openssl_iostream_use_certificate
static int
openssl_iostream_use_certificate(struct ssl_iostream *ssl_io, const char *cert)
{
BIO *in;
X509 *x;
int ret = 0;
in = BIO_new_mem_buf(t_strdup_noconst(cert), strlen(cert));
if (in == NULL) {
i_error("BIO_new_mem_buf() failed: %s", openssl_iostream_error());
return -1;
}
x = PEM_read_bio_X509(in, NULL, NULL, NULL);
if (x != NULL) {
ret = SSL_use_certificate(ssl_io->ssl, x);
if (ERR_peek_error() != 0)
ret = 0;
X509_free(x);
}
BIO_free(in);
if (ret == 0) {
i_error("%s: Can't load ssl_cert: %s", ssl_io->source,
ssl_iostream_get_use_certificate_error(cert));
return -1;
}
return 0;
}示例5: tr
void SSLConnect::setToken( const QSslCertificate &cert, Qt::HANDLE key )
{
if( !d->ssl )
return d->setError( tr("SSL context is missing") );
if( cert.isNull() )
return d->setError( tr("Certificate is empty") );
if( !SSL_use_certificate( d->ssl, X509_dup( (X509*)cert.handle() ) ) ||
!SSL_use_PrivateKey( d->ssl, (EVP_PKEY*)key ) )
d->setError();
}示例6: regress_bufferevent_openssl
static void
regress_bufferevent_openssl(void *arg)
{
struct basic_test_data *data = arg;
struct bufferevent *bev1, *bev2;
SSL *ssl1, *ssl2;
X509 *cert = getcert();
EVP_PKEY *key = getkey();
const int start_open = strstr((char*)data->setup_data, "open")!=NULL;
const int filter = strstr((char*)data->setup_data, "filter")!=NULL;
int flags = BEV_OPT_DEFER_CALLBACKS;
struct bufferevent *bev_ll[2] = { NULL, NULL };
evutil_socket_t *fd_pair = NULL;
tt_assert(cert);
tt_assert(key);
init_ssl();
if (strstr((char*)data->setup_data, "renegotiate")) {
if (SSLeay() >= 0x10001000 &&
SSLeay() < 0x1000104f) {
/* 1.0.1 up to 1.0.1c has a bug where TLS1.1 and 1.2
* can't renegotiate with themselves. Disable. */
disable_tls_11_and_12 = 1;
}
renegotiate_at = 600;
}
ssl1 = SSL_new(get_ssl_ctx());
ssl2 = SSL_new(get_ssl_ctx());
SSL_use_certificate(ssl2, cert);
SSL_use_PrivateKey(ssl2, key);
if (! start_open)
flags |= BEV_OPT_CLOSE_ON_FREE;
if (!filter) {
tt_assert(strstr((char*)data->setup_data, "socketpair"));
fd_pair = data->pair;
} else {
bev_ll[0] = bufferevent_socket_new(data->base, data->pair[0],
BEV_OPT_CLOSE_ON_FREE);
bev_ll[1] = bufferevent_socket_new(data->base, data->pair[1],
BEV_OPT_CLOSE_ON_FREE);
}
open_ssl_bufevs(&bev1, &bev2, data->base, 0, flags, ssl1, ssl2,
fd_pair, bev_ll);
if (!filter) {
tt_int_op(bufferevent_getfd(bev1), ==, data->pair[0]);
} else {示例7: SSL_use_certificate_file
int SSL_use_certificate_file (SSL * ssl, const char *file, int type)
{
int j;
BIO *in;
int ret = 0;
X509 *x = NULL;
in = BIO_new (BIO_s_file_internal ());
if (in == NULL)
{
SSLerr (SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
goto end;
}
if (BIO_read_filename (in, file) <= 0)
{
SSLerr (SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
goto end;
}
if (type == SSL_FILETYPE_ASN1)
{
j = ERR_R_ASN1_LIB;
x = d2i_X509_bio (in, NULL);
}
else if (type == SSL_FILETYPE_PEM)
{
j = ERR_R_PEM_LIB;
x = PEM_read_bio_X509 (in, NULL, ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata);
}
else
{
SSLerr (SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
goto end;
}
if (x == NULL)
{
SSLerr (SSL_F_SSL_USE_CERTIFICATE_FILE, j);
goto end;
}
ret = SSL_use_certificate (ssl, x);
end:
if (x != NULL)
X509_free (x);
if (in != NULL)
BIO_free (in);
return (ret);
}示例8: SSL_use_certificate_ASN1
int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *d, int len) {
X509 *x;
int ret;
x = d2i_X509(NULL, &d, (long)len);
if (x == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);
return 0;
}
ret = SSL_use_certificate(ssl, x);
X509_free(x);
return ret;
}示例9: SSL_use_certificate_ASN1
int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
{
X509 *x;
int ret;
x = d2i_X509(NULL, &d, (long)len);
if (x == NULL) {
SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
return (0);
}
ret = SSL_use_certificate(ssl, x);
X509_free(x);
return (ret);
}示例10: regress_bufferevent_openssl
static void
regress_bufferevent_openssl(void *arg)
{
struct basic_test_data *data = arg;
struct bufferevent *bev1, *bev2;
SSL *ssl1, *ssl2;
X509 *cert = getcert();
EVP_PKEY *key = getkey();
const int start_open = strstr((char*)data->setup_data, "open")!=NULL;
const int filter = strstr((char*)data->setup_data, "filter")!=NULL;
int flags = BEV_OPT_DEFER_CALLBACKS;
struct bufferevent *bev_ll[2] = { NULL, NULL };
int *fd_pair = NULL;
tt_assert(cert);
tt_assert(key);
init_ssl();
ssl1 = SSL_new(get_ssl_ctx());
ssl2 = SSL_new(get_ssl_ctx());
SSL_use_certificate(ssl2, cert);
SSL_use_PrivateKey(ssl2, key);
if (! start_open)
flags |= BEV_OPT_CLOSE_ON_FREE;
if (strstr((char*)data->setup_data, "renegotiate"))
renegotiate_at = 600;
if (!filter) {
tt_assert(strstr((char*)data->setup_data, "socketpair"));
fd_pair = data->pair;
} else {
bev_ll[0] = bufferevent_socket_new(data->base, data->pair[0],
BEV_OPT_CLOSE_ON_FREE);
bev_ll[1] = bufferevent_socket_new(data->base, data->pair[1],
BEV_OPT_CLOSE_ON_FREE);
}
open_ssl_bufevs(&bev1, &bev2, data->base, 0, flags, ssl1, ssl2,
fd_pair, bev_ll);
if (!filter) {
tt_int_op(bufferevent_getfd(bev1), ==, data->pair[0]);
} else {示例11: SSL_use_certificate_ASN1
int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *der, size_t der_len) {
if (der_len > LONG_MAX) {
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
return 0;
}
const uint8_t *p = der;
X509 *x509 = d2i_X509(NULL, &p, (long)der_len);
if (x509 == NULL || p != der + der_len) {
OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);
X509_free(x509);
return 0;
}
int ret = SSL_use_certificate(ssl, x509);
X509_free(x509);
return ret;
}示例12: openssl_ssl_use
static int openssl_ssl_use(lua_State*L)
{
SSL* s = CHECK_OBJECT(1, SSL, "openssl.ssl");
X509* x = CHECK_OBJECT(2, X509, "openssl.x509");
EVP_PKEY* pkey = CHECK_OBJECT(3, EVP_PKEY, "openssl.evp_pkey");
int ret;
luaL_argcheck(L, openssl_pkey_is_private(pkey), 3, "must be private key");
ret = SSL_use_PrivateKey(s, pkey);
if (ret == 1)
{
ret = SSL_use_certificate(s, x);
if (ret == 1)
{
ret = SSL_check_private_key(s);
}
}
return openssl_pushresult(L, ret);
}示例13: SSL_use_certificate_file
int SSL_use_certificate_file(SSL *ssl, const char *file, int type) {
int reason_code;
BIO *in;
int ret = 0;
X509 *x = NULL;
in = BIO_new(BIO_s_file());
if (in == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB);
goto end;
}
if (BIO_read_filename(in, file) <= 0) {
OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB);
goto end;
}
if (type == SSL_FILETYPE_ASN1) {
reason_code = ERR_R_ASN1_LIB;
x = d2i_X509_bio(in, NULL);
} else if (type == SSL_FILETYPE_PEM) {
reason_code = ERR_R_PEM_LIB;
x = PEM_read_bio_X509(in, NULL, ssl->ctx->default_passwd_callback,
ssl->ctx->default_passwd_callback_userdata);
} else {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE);
goto end;
}
if (x == NULL) {
OPENSSL_PUT_ERROR(SSL, reason_code);
goto end;
}
ret = SSL_use_certificate(ssl, x);
end:
X509_free(x);
BIO_free(in);
return ret;
}示例14: tls_accept
//.........这里部分代码省略.........
* support empty fragments. This needs to be disabled.
*/
options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
if (!tls_prepare(tls, underlying, SSLv23_server_method(), options, FALSE))
return FALSE;
if (settings->PrivateKeyFile)
{
bio = BIO_new_file(settings->PrivateKeyFile, "rb");
if (!bio)
{
WLog_ERR(TAG, "BIO_new_file failed for private key %s",
settings->PrivateKeyFile);
return FALSE;
}
}
else if (settings->PrivateKeyContent)
{
bio = BIO_new_mem_buf(settings->PrivateKeyContent,
strlen(settings->PrivateKeyContent));
if (!bio)
{
WLog_ERR(TAG, "BIO_new_mem_buf failed for private key");
return FALSE;
}
}
else
{
WLog_ERR(TAG, "no private key defined");
return FALSE;
}
rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
BIO_free(bio);
if (!rsa)
{
WLog_ERR(TAG, "invalid private key");
return FALSE;
}
if (SSL_use_RSAPrivateKey(tls->ssl, rsa) <= 0)
{
WLog_ERR(TAG, "SSL_CTX_use_RSAPrivateKey_file failed");
RSA_free(rsa);
return FALSE;
}
if (settings->CertificateFile)
{
bio = BIO_new_file(settings->CertificateFile, "rb");
if (!bio)
{
WLog_ERR(TAG, "BIO_new_file failed for certificate %s",
settings->CertificateFile);
return FALSE;
}
}
else if (settings->CertificateContent)
{
bio = BIO_new_mem_buf(settings->CertificateContent,
strlen(settings->CertificateContent));
if (!bio)
{
WLog_ERR(TAG, "BIO_new_mem_buf failed for certificate");
return FALSE;
}
}
else
{
WLog_ERR(TAG, "no certificate defined");
return FALSE;
}
x509 = PEM_read_bio_X509(bio, NULL, NULL, 0);
BIO_free(bio);
if (!x509)
{
WLog_ERR(TAG, "invalid certificate");
return FALSE;
}
if (SSL_use_certificate(tls->ssl, x509) <= 0)
{
WLog_ERR(TAG, "SSL_use_certificate_file failed");
X509_free(x509);
return FALSE;
}
#if defined(MICROSOFT_IOS_SNI_BUG) && !defined(OPENSSL_NO_TLSEXT)
SSL_set_tlsext_debug_callback(tls->ssl, tls_openssl_tlsext_debug_callback);
#endif
return tls_do_handshake(tls, FALSE) > 0;
}示例15: ngx_http_multiple_ssl_set_der_certificate
static int
ngx_http_multiple_ssl_set_der_certificate(ngx_ssl_conn_t *ssl_conn, ngx_str_t *cert, ngx_str_t *key)
{
BIO *bio = NULL;
X509 *x509 = NULL;
u_long n;
bio = BIO_new_file((char *) cert->data, "r");
if (bio == NULL) {
return NGX_ERROR;
}
x509 = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL);
if (x509 == NULL) {
BIO_free(bio);
return NGX_ERROR;
}
SSL_certs_clear(ssl_conn);
if (SSL_use_certificate(ssl_conn, x509) == 0) {
X509_free(x509);
BIO_free(bio);
return NGX_ERROR;
}
#if 0
if (SSL_set_ex_data(ssl_conn, ngx_ssl_certificate_index, x509) == 0) {
X509_free(x509);
BIO_free(bio);
return NGX_ERROR;
}
#endif
X509_free(x509);
x509 = NULL;
/* read rest of the chain */
for ( ;; ) {
x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
if (x509 == NULL) {
n = ERR_peek_last_error();
if (ERR_GET_LIB(n) == ERR_LIB_PEM
&& ERR_GET_REASON(n) == PEM_R_NO_START_LINE)
{
ERR_clear_error();
break;
}
BIO_free(bio);
return NGX_ERROR;
}
if (SSL_add0_chain_cert(ssl_conn, x509) == 0) {
X509_free(x509);
BIO_free(bio);
return NGX_ERROR;
}
}
BIO_free(bio);
bio = NULL;
if (SSL_use_PrivateKey_file(ssl_conn, (char *) key->data,
SSL_FILETYPE_PEM) != 1)
{
return NGX_ERROR;
}
return NGX_OK;
}