本文整理汇总了C++中d2i_X509_bio函数的典型用法代码示例。如果您正苦于以下问题:C++ d2i_X509_bio函数的具体用法?C++ d2i_X509_bio怎么用?C++ d2i_X509_bio使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了d2i_X509_bio函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: BIO_new_mem_buf
bool Server::isKeyForCert(const QSslKey &key, const QSslCertificate &cert) {
if (key.isNull() || cert.isNull() || (key.type() != QSsl::PrivateKey))
return false;
QByteArray qbaKey = key.toDer();
QByteArray qbaCert = cert.toDer();
X509 *x509 = NULL;
EVP_PKEY *pkey = NULL;
BIO *mem = NULL;
mem = BIO_new_mem_buf(qbaKey.data(), qbaKey.size());
Q_UNUSED(BIO_set_close(mem, BIO_NOCLOSE));
pkey = d2i_PrivateKey_bio(mem, NULL);
BIO_free(mem);
mem = BIO_new_mem_buf(qbaCert.data(), qbaCert.size());
Q_UNUSED(BIO_set_close(mem, BIO_NOCLOSE));
x509 = d2i_X509_bio(mem, NULL);
BIO_free(mem);
mem = NULL;
if (x509 && pkey && X509_check_private_key(x509, pkey)) {
EVP_PKEY_free(pkey);
X509_free(x509);
return true;
}
if (pkey)
EVP_PKEY_free(pkey);
if (x509)
X509_free(x509);
return false;
}示例2: ocsp_validate_cert
/* validate the certifcate stored in 'data' by querying the ocsp-responder */
int
ocsp_validate_cert(struct iked *env, struct iked_static_id *id,
void *data, size_t len, struct iked_sahdr sh, uint8_t type)
{
struct iked_ocsp_entry *ioe;
struct iked_ocsp *ocsp;
BIO *rawcert = NULL, *bissuer = NULL;
X509 *cert = NULL, *issuer = NULL;
if ((ioe = calloc(1, sizeof(*ioe))) == NULL)
return (-1);
if ((ocsp = calloc(1, sizeof(*ocsp))) == NULL) {
free(ioe);
return (-1);
}
ocsp->ocsp_env = env;
ocsp->ocsp_sh = sh;
ocsp->ocsp_type = type;
if ((rawcert = BIO_new_mem_buf(data, len)) == NULL ||
(cert = d2i_X509_bio(rawcert, NULL)) == NULL ||
(bissuer = BIO_new_file(IKED_OCSP_ISSUER, "r")) == NULL ||
(issuer = PEM_read_bio_X509(bissuer, NULL, NULL, NULL)) == NULL ||
(ocsp->ocsp_cbio = BIO_new(BIO_s_socket())) == NULL ||
(ocsp->ocsp_req = OCSP_REQUEST_new()) == NULL ||
!(ocsp->ocsp_id = OCSP_cert_to_id(NULL, cert, issuer)) ||
!OCSP_request_add0_id(ocsp->ocsp_req, ocsp->ocsp_id))
goto err;
BIO_free(rawcert);
BIO_free(bissuer);
X509_free(cert);
X509_free(issuer);
ioe->ioe_ocsp = ocsp;
TAILQ_INSERT_TAIL(&env->sc_ocsp, ioe, ioe_entry);
/* request connection to ocsp-responder */
proc_compose_imsg(&env->sc_ps, PROC_PARENT, -1,
IMSG_OCSP_FD, -1, NULL, 0);
return (0);
err:
ca_sslerror(__func__);
free(ioe);
if (rawcert != NULL)
BIO_free(rawcert);
if (cert != NULL)
X509_free(cert);
if (bissuer != NULL)
BIO_free(bissuer);
if (issuer != NULL)
X509_free(issuer);
ocsp_validate_finish(ocsp, 0); /* failed */
return (-1);
}示例3: int
X509 *SSL_read_X509(FILE *fp, X509 **x509, int (*cb)(char *, int, int, void*))
#endif
{
X509 *rc;
BIO *bioS;
BIO *bioF;
/* 1. try PEM (= DER+Base64+headers) */
#if SSL_LIBRARY_VERSION < 0x00904000
rc = PEM_read_X509(fp, x509, cb);
#else
rc = PEM_read_X509(fp, x509, cb, NULL);
#endif
if (rc == NULL) {
/* 2. try DER+Base64 */
fseek(fp, 0L, SEEK_SET);
if ((bioS = BIO_new(BIO_s_fd())) == NULL)
return NULL;
BIO_set_fd(bioS, fileno(fp), BIO_NOCLOSE);
if ((bioF = BIO_new(BIO_f_base64())) == NULL) {
BIO_free(bioS);
return NULL;
}
bioS = BIO_push(bioF, bioS);
rc = d2i_X509_bio(bioS, NULL);
BIO_free_all(bioS);
if (rc == NULL) {
/* 3. try plain DER */
fseek(fp, 0L, SEEK_SET);
if ((bioS = BIO_new(BIO_s_fd())) == NULL)
return NULL;
BIO_set_fd(bioS, fileno(fp), BIO_NOCLOSE);
rc = d2i_X509_bio(bioS, NULL);
BIO_free(bioS);
}
}
if (rc != NULL && x509 != NULL) {
if (*x509 != NULL)
X509_free(*x509);
*x509 = rc;
}
return rc;
}示例4: main
int main(int argc, char **argv)
{
X509 *x509 = NULL;
BIO *bio = NULL;
has_t *crt = NULL;
char *json = NULL;
size_t l;
openssl_init();
if ((bio = BIO_new(BIO_s_file())) == NULL) {
return -1;
}
if(argc < 2) {
BIO_set_fp(bio, stdin, BIO_NOCLOSE);
} else {
BIO_read_filename(bio, argv[1]);
}
/* Format DER */
if((x509 = d2i_X509_bio(bio, NULL)) == NULL) {
ERR_clear_error();
BIO_reset(bio);
/* Format PEM */
x509 = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL);
}
if(!x509) {
fprintf(stderr, "Error loading certificate\n");
return -1;
}
if((crt = has_x509_new(x509)) == NULL) {
fprintf(stderr, "Error converting certificate\n");
return -1;
}
if(has_json_serialize(crt, &json, &l, HAS_JSON_SERIALIZE_PRETTY) == 0) {
printf("%s\n", json);
free(json);
} else {
fprintf(stderr, "Error serializing certificate\n");
return -1;
}
has_free(crt);
X509_free(x509);
BIO_free(bio);
openssl_cleanup();
return 0;
}示例5: PEM_read_bio_X509
X509 *SSL_read_X509(char* filename, X509 **x509, pem_password_cb *cb)
{
X509 *rc;
BIO *bioS;
BIO *bioF;
/* 1. try PEM (= DER+Base64+headers) */
if ((bioS=BIO_new_file(filename, "r")) == NULL)
return NULL;
rc = PEM_read_bio_X509 (bioS, x509, cb, NULL);
BIO_free(bioS);
if (rc == NULL) {
/* 2. try DER+Base64 */
if ((bioS=BIO_new_file(filename, "r")) == NULL)
return NULL;
if ((bioF = BIO_new(BIO_f_base64())) == NULL) {
BIO_free(bioS);
return NULL;
}
bioS = BIO_push(bioF, bioS);
rc = d2i_X509_bio(bioS, NULL);
BIO_free_all(bioS);
if (rc == NULL) {
/* 3. try plain DER */
if ((bioS=BIO_new_file(filename, "r")) == NULL)
return NULL;
rc = d2i_X509_bio(bioS, NULL);
BIO_free(bioS);
}
}
if (rc != NULL && x509 != NULL) {
if (*x509 != NULL)
X509_free(*x509);
*x509 = rc;
}
return rc;
}示例6: SSL_use_certificate_file
int SSL_use_certificate_file (SSL * ssl, const char *file, int type)
{
int j;
BIO *in;
int ret = 0;
X509 *x = NULL;
in = BIO_new (BIO_s_file_internal ());
if (in == NULL)
{
SSLerr (SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
goto end;
}
if (BIO_read_filename (in, file) <= 0)
{
SSLerr (SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
goto end;
}
if (type == SSL_FILETYPE_ASN1)
{
j = ERR_R_ASN1_LIB;
x = d2i_X509_bio (in, NULL);
}
else if (type == SSL_FILETYPE_PEM)
{
j = ERR_R_PEM_LIB;
x = PEM_read_bio_X509 (in, NULL, ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata);
}
else
{
SSLerr (SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
goto end;
}
if (x == NULL)
{
SSLerr (SSL_F_SSL_USE_CERTIFICATE_FILE, j);
goto end;
}
ret = SSL_use_certificate (ssl, x);
end:
if (x != NULL)
X509_free (x);
if (in != NULL)
BIO_free (in);
return (ret);
}示例7: x509_from_bytea
/*
* Convert bytea to X509.
*/
static X509 * x509_from_bytea(const bytea *raw) {
BIO *bio;
X509 *cert;
// convert into X509
bio = BIO_new_mem_buf(VARDATA(raw), VARSIZE(raw) - VARHDRSZ);
BIO_set_close(bio, BIO_NOCLOSE);
cert = X509_new();
d2i_X509_bio(bio, &cert);
BIO_free(bio);
return cert;
}示例8: X509_from_CERTCertificate
/*convert CERTCertificate to X509*/
static X509*
X509_from_CERTCertificate(const CERTCertificate *cert) {
X509 *x509 = NULL;
BIO *mbio;
mbio = BIO_new_mem_buf(cert->derCert.data, cert->derCert.len);
if (mbio == NULL) return(NULL);
x509 = d2i_X509_bio(mbio, NULL);
BIO_free(mbio);
return(x509);
}示例9: verify_signature
SigVerifyResult verify_signature(const char *path, const char *sig_path)
{
for (const std::string &hex_der : valid_certs) {
std::string der;
if (!hex2bin(hex_der, der)) {
LOGE("Failed to convert hex-encoded certificate to binary: %s",
hex_der.c_str());
return SigVerifyResult::Failure;
}
// Cast to (void *) is okay since BIO_new_mem_buf() creates a read-only
// BIO object
ScopedBIO bio_x509_cert(BIO_new_mem_buf(
der.data(), static_cast<int>(der.size())), BIO_free);
if (!bio_x509_cert) {
LOGE("Failed to create BIO for X509 certificate: %s",
hex_der.c_str());
openssl_log_errors();
return SigVerifyResult::Failure;
}
// Load DER-encoded certificate
ScopedX509 cert(d2i_X509_bio(bio_x509_cert.get(), nullptr), X509_free);
if (!cert) {
LOGE("Failed to load X509 certificate: %s", hex_der.c_str());
openssl_log_errors();
return SigVerifyResult::Failure;
}
// Get public key from certificate
ScopedEVP_PKEY public_key(X509_get_pubkey(cert.get()), EVP_PKEY_free);
if (!public_key) {
LOGE("Failed to load public key from X509 certificate: %s",
hex_der.c_str());
openssl_log_errors();
return SigVerifyResult::Failure;
}
SigVerifyResult result =
verify_signature_with_key(path, sig_path, *public_key);
if (result == SigVerifyResult::Invalid) {
// Keep trying ...
continue;
}
return result;
}
return SigVerifyResult::Invalid;
}示例10: BIO_new_mem_buf
swSSLCertificate *swSSLCertificateNewFromDER(swStaticBuffer *buffer)
{
swSSLCertificate *cert = NULL;
if (buffer)
{
BIO *pemBIO = BIO_new_mem_buf(buffer->data, buffer->len);
if (pemBIO)
{
cert = d2i_X509_bio(pemBIO, NULL);
BIO_free_all(pemBIO);
}
}
return cert;
}示例11: Clear
bool SslCertificate::Load(const String& data, bool asn1)
{
Clear();
SslStream in, pem, *sio = ∈
if(!in.OpenBuffer(data, data.GetLength()))
return false;
if(!asn1)
{
if(!pem.Create(BIO_f_base64()))
return false;
BIO_push(pem, in);
sio = &pem;
}
return Set(d2i_X509_bio(*sio, NULL));
}示例12: ldaplookup_data2store
/*
* We will put into store X509 object from passed data in buffer only
* when object name match passed. To compare both names we use our
* method "ssh_X509_NAME_cmp"(it is more general).
*/
static int/*bool*/
ldaplookup_data2store(
int type,
X509_NAME* name,
void* buf,
int len,
X509_STORE* store
) {
int ok = 0;
BIO *mbio;
if (name == NULL) return(0);
if (buf == NULL) return(0);
if (len <= 0) return(0);
if (store == NULL) return(0);
mbio = BIO_new_mem_buf(buf, len);
if (mbio == NULL) return(0);
switch (type) {
case X509_LU_X509: {
X509 *x509 = d2i_X509_bio(mbio, NULL);
if(x509 == NULL) goto exit;
/*This is correct since lookup method is by subject*/
if (ssh_X509_NAME_cmp(name, X509_get_subject_name(x509)) != 0) goto exit;
ok = X509_STORE_add_cert(store, x509);
} break;
case X509_LU_CRL: {
X509_CRL *crl = d2i_X509_CRL_bio(mbio, NULL);
if(crl == NULL) goto exit;
if (ssh_X509_NAME_cmp(name, X509_CRL_get_issuer(crl)) != 0) goto exit;
ok = X509_STORE_add_crl(store, crl);
} break;
}
exit:
if (mbio != NULL) BIO_free_all(mbio);
#ifdef TRACE_BY_LDAP
fprintf(stderr, "TRACE_BY_LDAP ldaplookup_data2store: ok=%d\n", ok);
#endif
return(ok);
}示例13: SSL_use_certificate_file
int SSL_use_certificate_file(SSL *ssl, const char *file, int type) {
int reason_code;
BIO *in;
int ret = 0;
X509 *x = NULL;
in = BIO_new(BIO_s_file());
if (in == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB);
goto end;
}
if (BIO_read_filename(in, file) <= 0) {
OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB);
goto end;
}
if (type == SSL_FILETYPE_ASN1) {
reason_code = ERR_R_ASN1_LIB;
x = d2i_X509_bio(in, NULL);
} else if (type == SSL_FILETYPE_PEM) {
reason_code = ERR_R_PEM_LIB;
x = PEM_read_bio_X509(in, NULL, ssl->ctx->default_passwd_callback,
ssl->ctx->default_passwd_callback_userdata);
} else {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE);
goto end;
}
if (x == NULL) {
OPENSSL_PUT_ERROR(SSL, reason_code);
goto end;
}
ret = SSL_use_certificate(ssl, x);
end:
X509_free(x);
BIO_free(in);
return ret;
}示例14: DirCliDERToX509
DWORD
DirCliDERToX509(
PBYTE pCertBytes,
DWORD dwLength,
X509** ppCert
)
{
DWORD dwError = 0;
BIO *pBioMem = NULL;
X509* pCert = NULL;
pBioMem = BIO_new_mem_buf(pCertBytes, dwLength);
if ( pBioMem == NULL)
{
dwError = ERROR_OUTOFMEMORY;
BAIL_ON_VMAFD_ERROR(dwError);
}
pCert = d2i_X509_bio(pBioMem, NULL);
if (pCert == NULL)
{
dwError = ERROR_OPEN_FAILED;
BAIL_ON_VMAFD_ERROR(dwError);
}
*ppCert = pCert;
cleanup:
if (pBioMem)
{
BIO_free(pBioMem);
}
return dwError;
error:
*ppCert = NULL;
goto cleanup;
}示例15: BIO_new_file
X509 *https_open_cert(s8 *filepath)
{
X509 *cert = NULL;
BIO *bio_cert = NULL;
bio_cert = BIO_new_file(filepath, "r");
if (!bio_cert)
{
return NULL;
}
cert = PEM_read_bio_X509(bio_cert, NULL, NULL, NULL);
if (!cert)
{
(void)BIO_reset(bio_cert);
cert = d2i_X509_bio(bio_cert, NULL);
}
BIO_free(bio_cert);
return cert;
}