本文整理匯總了C++中EC_KEY_get0_private_key函數的典型用法代碼示例。如果您正苦於以下問題:C++ EC_KEY_get0_private_key函數的具體用法?C++ EC_KEY_get0_private_key怎麽用?C++ EC_KEY_get0_private_key使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了EC_KEY_get0_private_key函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C++代碼示例。
示例1: if
void CKey::getECIESSecret (CKey& otherKey, ECIES_ENC_KEY_TYPE& enc_key, ECIES_HMAC_KEY_TYPE& hmac_key)
{
// Retrieve a secret generated from an EC key pair. At least one private key must be known.
if (!pkey || !otherKey.pkey)
throw std::runtime_error ("missing key");
EC_KEY* pubkey, *privkey;
if (EC_KEY_get0_private_key (pkey))
{
privkey = pkey;
pubkey = otherKey.pkey;
}
else if (EC_KEY_get0_private_key (otherKey.pkey))
{
privkey = otherKey.pkey;
pubkey = pkey;
}
else throw std::runtime_error ("no private key");
unsigned char rawbuf[512];
int buflen = ECDH_compute_key (rawbuf, 512, EC_KEY_get0_public_key (pubkey), privkey, NULL);
if (buflen < ECIES_MIN_SEC)
throw std::runtime_error ("ecdh key failed");
unsigned char hbuf[ECIES_KEY_LENGTH];
ECIES_KEY_HASH (rawbuf, buflen, hbuf);
memset (rawbuf, 0, ECIES_HMAC_KEY_SIZE);
assert ((ECIES_ENC_KEY_SIZE + ECIES_HMAC_KEY_SIZE) >= ECIES_KEY_LENGTH);
memcpy (enc_key.begin (), hbuf, ECIES_ENC_KEY_SIZE);
memcpy (hmac_key.begin (), hbuf + ECIES_ENC_KEY_SIZE, ECIES_HMAC_KEY_SIZE);
memset (hbuf, 0, ECIES_KEY_LENGTH);
}示例2: key_ec_validate_private
static int key_ec_validate_private(EC_KEY *key)
{
BN_CTX *bnctx = NULL;
BIGNUM *order, *tmp;
int ret = -1;
if ((bnctx = BN_CTX_new()) == NULL)
goto out;
BN_CTX_start(bnctx);
if ((order = BN_CTX_get(bnctx)) == NULL ||
(tmp = BN_CTX_get(bnctx)) == NULL)
goto out;
/* log2(private) > log2(order)/2 */
if (EC_GROUP_get_order(EC_KEY_get0_group(key), order, bnctx) != 1)
goto out;
if (BN_num_bits(EC_KEY_get0_private_key(key)) <=
BN_num_bits(order) / 2) {
goto out;
}
/* private < order - 1 */
if (!BN_sub(tmp, order, BN_value_one()))
goto out;
if (BN_cmp(EC_KEY_get0_private_key(key), tmp) >= 0) {
goto out;
}
ret = 0;
out:
if (bnctx)
BN_CTX_free(bnctx);
return ret;
}示例3: ssh_encode_identity_ssh2
static void
ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
{
buffer_put_cstring(b, key_ssh_name(key));
switch (key->type) {
case KEY_RSA:
buffer_put_bignum2(b, key->rsa->n);
buffer_put_bignum2(b, key->rsa->e);
buffer_put_bignum2(b, key->rsa->d);
buffer_put_bignum2(b, key->rsa->iqmp);
buffer_put_bignum2(b, key->rsa->p);
buffer_put_bignum2(b, key->rsa->q);
break;
case KEY_RSA_CERT_V00:
case KEY_RSA_CERT:
if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0)
fatal("%s: no cert/certblob", __func__);
buffer_put_string(b, buffer_ptr(&key->cert->certblob),
buffer_len(&key->cert->certblob));
buffer_put_bignum2(b, key->rsa->d);
buffer_put_bignum2(b, key->rsa->iqmp);
buffer_put_bignum2(b, key->rsa->p);
buffer_put_bignum2(b, key->rsa->q);
break;
case KEY_DSA:
buffer_put_bignum2(b, key->dsa->p);
buffer_put_bignum2(b, key->dsa->q);
buffer_put_bignum2(b, key->dsa->g);
buffer_put_bignum2(b, key->dsa->pub_key);
buffer_put_bignum2(b, key->dsa->priv_key);
break;
case KEY_DSA_CERT_V00:
case KEY_DSA_CERT:
if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0)
fatal("%s: no cert/certblob", __func__);
buffer_put_string(b, buffer_ptr(&key->cert->certblob),
buffer_len(&key->cert->certblob));
buffer_put_bignum2(b, key->dsa->priv_key);
break;
#ifdef OPENSSL_HAS_ECC
case KEY_ECDSA:
buffer_put_cstring(b, key_curve_nid_to_name(key->ecdsa_nid));
buffer_put_ecpoint(b, EC_KEY_get0_group(key->ecdsa),
EC_KEY_get0_public_key(key->ecdsa));
buffer_put_bignum2(b, EC_KEY_get0_private_key(key->ecdsa));
break;
case KEY_ECDSA_CERT:
if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0)
fatal("%s: no cert/certblob", __func__);
buffer_put_string(b, buffer_ptr(&key->cert->certblob),
buffer_len(&key->cert->certblob));
buffer_put_bignum2(b, EC_KEY_get0_private_key(key->ecdsa));
break;
#endif
}
buffer_put_cstring(b, comment);
}示例4: derive_rawsalt
/*
* Derive fake salt as H(username || first_private_host_key)
* This provides relatively stable fake salts for non-existent
* users and avoids the jpake method becoming an account validity
* oracle.
*/
static void
derive_rawsalt(const char *username, u_char *rawsalt, u_int len)
{
u_char *digest;
u_int digest_len;
struct sshbuf *b;
struct sshkey *k;
int r;
if ((b = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new failed", __func__);
if ((r = sshbuf_put_cstring(b, username)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
if ((k = get_hostkey_by_index(0)) == NULL ||
(k->flags & SSHKEY_FLAG_EXT))
fatal("%s: no hostkeys", __func__);
switch (k->type) {
case KEY_RSA1:
case KEY_RSA:
if (k->rsa->p == NULL || k->rsa->q == NULL)
fatal("%s: RSA key missing p and/or q", __func__);
if ((r = sshbuf_put_bignum2(b, k->rsa->p)) != 0 ||
(r = sshbuf_put_bignum2(b, k->rsa->q)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
break;
case KEY_DSA:
if (k->dsa->priv_key == NULL)
fatal("%s: DSA key missing priv_key", __func__);
if ((r = sshbuf_put_bignum2(b, k->dsa->priv_key)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
break;
case KEY_ECDSA:
if (EC_KEY_get0_private_key(k->ecdsa) == NULL)
fatal("%s: ECDSA key missing priv_key", __func__);
if ((r = sshbuf_put_bignum2(b,
EC_KEY_get0_private_key(k->ecdsa))) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
break;
default:
fatal("%s: unknown key type %d", __func__, k->type);
}
if (hash_buffer(sshbuf_ptr(b), sshbuf_len(b), EVP_sha256(),
&digest, &digest_len) != 0)
fatal("%s: hash_buffer", __func__);
sshbuf_free(b);
if (len > digest_len)
fatal("%s: not enough bytes for rawsalt (want %u have %u)",
__func__, len, digest_len);
memcpy(rawsalt, digest, len);
bzero(digest, digest_len);
xfree(digest);
}示例5: create_context
void CCryptKey::DecryptData(const std::vector<unsigned char>& encrypted, std::vector<unsigned char>& data)
{
ies_ctx_t *ctx;
char error[1024] = "Unknown error";
cryptogram_t *cryptogram;
size_t length;
unsigned char *decrypted;
ctx = create_context(pkey);
if (!EC_KEY_get0_private_key(ctx->user_key))
throw key_error("Given EC key is not private key");
size_t key_length = ctx->stored_key_length;
size_t mac_length = EVP_MD_size(ctx->md);
cryptogram = cryptogram_alloc(key_length, mac_length, encrypted.size() - key_length - mac_length);
memcpy(cryptogram_key_data(cryptogram), &encrypted[0], encrypted.size());
decrypted = ecies_decrypt(ctx, cryptogram, &length, error);
cryptogram_free(cryptogram);
free(ctx);
if (decrypted == NULL) {
throw key_error(std::string("Error in decryption: %s") + error);
}
data.resize(length);
memcpy(&data[0], decrypted, length);
free(decrypted);
}示例6: EC_KEY_new
static EC_KEY *pkcs11_get_ec(PKCS11_KEY *key)
{
EC_KEY *ec;
int no_params, no_point;
ec = EC_KEY_new();
if (ec == NULL)
return NULL;
/* For OpenSSL req we need at least the
* EC_KEY_get0_group(ec_key)) to return the group.
* Continue even if it fails, as the sign operation does not need
* it if the PKCS#11 module or the hardware can figure this out
*/
no_params = pkcs11_get_params(ec, key);
no_point = pkcs11_get_point_key(ec, key);
if (no_point && key->isPrivate) /* Retry with the public key */
no_point = pkcs11_get_point_key(ec, pkcs11_find_key_from_key(key));
if (no_point && key->isPrivate) /* Retry with the certificate */
no_point = pkcs11_get_point_cert(ec, pkcs11_find_certificate(key));
if (key->isPrivate && EC_KEY_get0_private_key(ec) == NULL) {
BIGNUM *bn = BN_new();
EC_KEY_set_private_key(ec, bn);
BN_free(bn);
}
/* A public keys requires both the params and the point to be present */
if (!key->isPrivate && (no_params || no_point)) {
EC_KEY_free(ec);
return NULL;
}
return ec;
}示例7: eccKeyGen
// unsigned char *pDKey 私鑰數據
// unsigned char *pPxKey 公鑰數據
// unsigned char *pPyKey 公鑰數據
unsigned char eccKeyGen(unsigned char *pDKey,
unsigned char *pPxKey, unsigned char *pPyKey)
{
int rv;
EC_KEY *ec_key = NULL;
EVP_PKEY *pkey = NULL;
// NID_sm2p256v1
ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime192v1);
OPENSSL_assert(ec_key);
rv = EC_KEY_generate_key(ec_key);
OPENSSL_assert(rv == 1);
// 私鑰
const BIGNUM *key = EC_KEY_get0_private_key(ec_key);
// 公鑰
const EC_POINT *point = EC_KEY_get0_public_key(ec_key);
const EC_GROUP *group = EC_KEY_get0_group(ec_key);
#define ECDH_SIZE 65
unsigned char pubkey[ECDH_SIZE];
EC_POINT_point2oct(group, point, POINT_CONVERSION_UNCOMPRESSED, pubkey, ECDH_SIZE, NULL);
memcpy (pPxKey, pubkey + 1, 32);
memcpy (pPyKey, pubkey + 33, 32);
BN_bn2bin(key, pDKey);
return 0;
}示例8: R_ecdsa_priv_decompose
SEXP R_ecdsa_priv_decompose(SEXP input){
#ifndef OPENSSL_NO_EC
BIO *mem = BIO_new_mem_buf(RAW(input), LENGTH(input));
EVP_PKEY *pkey = d2i_PrivateKey_bio(mem, NULL);
BIO_free(mem);
bail(!!pkey);
EC_KEY *ec = EVP_PKEY_get1_EC_KEY(pkey);
const EC_POINT *pubkey = EC_KEY_get0_public_key(ec);
const EC_GROUP *group = EC_KEY_get0_group(ec);
int nid = EC_GROUP_get_curve_name(group);
int keysize = nid_keysize(nid);
BIGNUM *x = BN_new();
BIGNUM *y = BN_new();
BIGNUM *z = (BIGNUM*) EC_KEY_get0_private_key(ec);
BN_CTX *ctx = BN_CTX_new();
bail(EC_POINT_get_affine_coordinates_GFp(group, pubkey, x, y, ctx));
BN_CTX_free(ctx);
SEXP res = PROTECT(allocVector(VECSXP, 4));
SET_VECTOR_ELT(res, 0, mkString(my_nid2nist(nid)));
SET_VECTOR_ELT(res, 1, bignum_to_r_size(x, keysize));
SET_VECTOR_ELT(res, 2, bignum_to_r_size(y, keysize));
SET_VECTOR_ELT(res, 3, bignum_to_r_size(z, keysize));
BN_free(x);
BN_free(y);
EVP_PKEY_free(pkey);
UNPROTECT(1);
return res;
#else //OPENSSL_NO_EC
Rf_error("OpenSSL has been configured without EC support");
#endif //OPENSSL_NO_EC
}示例9: gost_get0_priv_key
BIGNUM* gost_get0_priv_key(const EVP_PKEY *pkey)
{
switch (EVP_PKEY_base_id(pkey))
{
case NID_id_GostR3410_94:
{
DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pkey);
if (!dsa)
{
return NULL;
}
if (!dsa->priv_key) return NULL;
return dsa->priv_key;
break;
}
case NID_id_GostR3410_2001:
{
EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey);
const BIGNUM* priv;
if (!ec)
{
return NULL;
}
if (!(priv=EC_KEY_get0_private_key(ec))) return NULL;
return (BIGNUM *)priv;
break;
}
}
return NULL;
}示例10: getECIESSecret
// returns a 32-byte secret unique to these two keys. At least one private key must be known.
static void getECIESSecret (const openssl::ec_key& secretKey, const openssl::ec_key& publicKey, ECIES_ENC_KEY_TYPE& enc_key, ECIES_HMAC_KEY_TYPE& hmac_key)
{
EC_KEY* privkey = (EC_KEY*) secretKey.get();
EC_KEY* pubkey = (EC_KEY*) publicKey.get();
// Retrieve a secret generated from an EC key pair. At least one private key must be known.
if (privkey == nullptr || pubkey == nullptr)
throw std::runtime_error ("missing key");
if (! EC_KEY_get0_private_key (privkey))
{
throw std::runtime_error ("not a private key");
}
unsigned char rawbuf[512];
int buflen = ECDH_compute_key (rawbuf, 512, EC_KEY_get0_public_key (pubkey), privkey, nullptr);
if (buflen < ECIES_MIN_SEC)
throw std::runtime_error ("ecdh key failed");
unsigned char hbuf[ECIES_KEY_LENGTH];
ECIES_KEY_HASH (rawbuf, buflen, hbuf);
memset (rawbuf, 0, ECIES_HMAC_KEY_SIZE);
assert ((ECIES_ENC_KEY_SIZE + ECIES_HMAC_KEY_SIZE) >= ECIES_KEY_LENGTH);
memcpy (enc_key.begin (), hbuf, ECIES_ENC_KEY_SIZE);
memcpy (hmac_key.begin (), hbuf + ECIES_ENC_KEY_SIZE, ECIES_HMAC_KEY_SIZE);
memset (hbuf, 0, ECIES_KEY_LENGTH);
}示例11: param_copy_gost01
static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from)
{
EC_KEY *eto = EVP_PKEY_get0(to);
const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from);
if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to))
{
GOSTerr(GOST_F_PARAM_COPY_GOST01,
GOST_R_INCOMPATIBLE_ALGORITHMS);
return 0;
}
if (!efrom)
{
GOSTerr(GOST_F_PARAM_COPY_GOST01,
GOST_R_KEY_PARAMETERS_MISSING);
return 0;
}
if (!eto)
{
eto = EC_KEY_new();
EVP_PKEY_assign(to,EVP_PKEY_base_id(from),eto);
}
EC_KEY_set_group(eto,EC_KEY_get0_group(efrom));
if (EC_KEY_get0_private_key(eto))
{
gost2001_compute_public(eto);
}
return 1;
}示例12: param_copy_gost_ec
static int param_copy_gost_ec(EVP_PKEY *to, const EVP_PKEY *from)
{
EC_KEY *eto = EVP_PKEY_get0(to);
const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from);
if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
GOSTerr(GOST_F_PARAM_COPY_GOST_EC, GOST_R_INCOMPATIBLE_ALGORITHMS);
return 0;
}
if (!efrom) {
GOSTerr(GOST_F_PARAM_COPY_GOST_EC, GOST_R_KEY_PARAMETERS_MISSING);
return 0;
}
if (!eto) {
eto = EC_KEY_new();
if (!eto) {
GOSTerr(GOST_F_PARAM_COPY_GOST_EC, ERR_R_MALLOC_FAILURE);
return 0;
}
if (!EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto)) {
GOSTerr(GOST_F_PARAM_COPY_GOST_EC, ERR_R_INTERNAL_ERROR);
EC_KEY_free(eto);
return 0;
}
}
if (!EC_KEY_set_group(eto, EC_KEY_get0_group(efrom))) {
GOSTerr(GOST_F_PARAM_COPY_GOST_EC, ERR_R_INTERNAL_ERROR);
return 0;
}
if (EC_KEY_get0_private_key(eto)) {
return gost_ec_compute_public(eto);
}
return 1;
}示例13: load_pem_key
// Extract the private and public keys from the PEM file, using the supplied
// password to decrypt the file if encrypted. priv_key and pub_key must point to
// an array o at least 65 and 131 character respectively.
int load_pem_key(char *pemstr, size_t pemstr_len, char *password,
char *out_priv_key, char *out_pub_key) {
BIO *in = NULL;
BN_CTX *ctx = NULL;
const EC_GROUP *group;
EC_KEY *eckey = NULL;
const EC_POINT *pub_key_point = NULL;
const BIGNUM *priv_key = NULL, *pub_key = NULL;
char *priv_key_hex = NULL;
char *pub_key_hex = NULL;
in = BIO_new_mem_buf(pemstr, (int)pemstr_len);
// Read key from stream, decrypting with password if not NULL
if (password != NULL && strcmp("", password) != 0) {
// Initialize ciphers
ERR_load_crypto_strings ();
OpenSSL_add_all_algorithms ();
eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL, password);
if (eckey == NULL) {
return -1; // Failed to decrypt or decode private key
}
} else {
if ((eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL, NULL)) == NULL) {
return -1; // Failed to decode private key
}
}
BIO_free(in);
// Deconstruct key into big numbers
if ((ctx = BN_CTX_new()) == NULL) {
return -2; // Failed to create new big number context
}
if ((group = EC_KEY_get0_group(eckey)) == NULL) {
return -3; // Failed to load group
}
if ((priv_key = EC_KEY_get0_private_key(eckey)) == NULL) {
return -4; // Failed to load private key
}
if ((pub_key_point = EC_KEY_get0_public_key(eckey)) == NULL) {
return -5; // Failed to load public key point
}
pub_key = EC_POINT_point2bn(group, pub_key_point, EC_KEY_get_conv_form(eckey), NULL, ctx);
if (pub_key == NULL) {
return -6; // Failed to construct public key from point
}
priv_key_hex = BN_bn2hex(priv_key);
pub_key_hex = BN_bn2hex(pub_key);
strncpy_s(out_priv_key, 64 + 1, priv_key_hex, 64 + 1);
strncpy_s(out_pub_key, 130 + 1, pub_key_hex, 130 + 1);
OPENSSL_free(priv_key_hex);
OPENSSL_free(pub_key_hex);
return 0;
}示例14: ecdh_compute_key_point
int ecdh_compute_key_point(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
{
BN_CTX *ctx = NULL;
EC_POINT *tmp=NULL;
const BIGNUM *priv_key;
const EC_GROUP* group;
int ret= -1;
size_t buflen;
unsigned char *buf=NULL;
check((outlen < INT_MAX), "out of memory"); /* sort of, anyway */
if ((ctx = BN_CTX_new()) == NULL) goto err;
BN_CTX_start(ctx);
priv_key = EC_KEY_get0_private_key(ecdh);
check(priv_key, "No pivate key");
group = EC_KEY_get0_group(ecdh);
tmp = EC_POINT_new(group);
check(tmp, "Out of memory");
check((EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)),
"Arithmetic error");
buflen = EC_POINT_point2oct(group, tmp, EC_KEY_get_conv_form(ecdh), NULL,
0, ctx);
check((buflen != 0), "Failed to convert point to hex");
buf = OPENSSL_malloc(buflen);
check(buf, "Out of memory");
check((buflen == EC_POINT_point2oct(group, tmp, EC_KEY_get_conv_form(ecdh),
buf, buflen, ctx)), "Failed to convert point to hex");
if (KDF != 0)
{
check((KDF(buf, buflen, out, &outlen) != NULL),
"Key derivation function failed");
ret = outlen;
}
else
{
/* no KDF, just copy as much as we can */
if (outlen > buflen)
outlen = buflen;
memcpy(out, buf, outlen);
ret = outlen;
}
err:
if (tmp) EC_POINT_free(tmp);
if (ctx) BN_CTX_end(ctx);
if (ctx) BN_CTX_free(ctx);
if (buf) OPENSSL_free(buf);
return(ret);
}示例15: ossl_ec_key_is_private_key
/*
* call-seq:
* key.private_key? => true or false
*
* Both public_key? and private_key? may return false at the same time unlike other PKey classes.
*/
static VALUE ossl_ec_key_is_private_key(VALUE self)
{
EC_KEY *ec;
Require_EC_KEY(self, ec);
return (EC_KEY_get0_private_key(ec) ? Qtrue : Qfalse);
}