自学教程：C++ BIO_new_mem_buf函数代码示例

int utils::Base64Decode(char* b64message, size_t* length, unsigned char** buffer) { //Decodes a base64 encoded string	BIO *bio, *b64;	int decodeLen = calcDecodeLength(b64message);	*buffer = (unsigned char*)malloc(decodeLen + 1);	(*buffer)[decodeLen] = '/0';	bio = BIO_new_mem_buf(b64message, -1);	b64 = BIO_new(BIO_f_base64());	bio = BIO_push(b64, bio);	BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); //Do not use newlines to flush buffer	*length = BIO_read(bio, *buffer, strlen(b64message));	//length should equal decodeLen, else something went horribly wrong	BIO_free_all(bio);	return (*length == decodeLen); //success}

char* CryptoHandler::base64decode(unsigned char *input, int length){	BIO *b64, *bmem;	char *buffer = (char *)malloc(length);	memset(buffer, 0, length);	b64 = BIO_new(BIO_f_base64());	BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);	bmem = BIO_new_mem_buf(input, length);	bmem = BIO_push(b64, bmem);	BIO_read(bmem, buffer, length);	BIO_free_all(bmem);	return buffer;}

/* *	Load hardcoded DH parameters. * *	To prevent problems if the DH parameters files don't even *	exist, we can load DH parameters hardcoded into this file. */static DH  *load_dh_buffer(const char *buffer, size_t len){	BIO		   *bio;	DH		   *dh = NULL;	bio = BIO_new_mem_buf((char *) buffer, len);	if (bio == NULL)		return NULL;	dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);	if (dh == NULL)		ereport(DEBUG2,				(errmsg_internal("DH load buffer: %s",								 SSLerrmessage())));	BIO_free(bio);	return dh;}

static EVP_PKEY *getkey(void){	EVP_PKEY *key;	BIO *bio;	/* new read-only BIO backed by KEY. */	bio = BIO_new_mem_buf((char*)KEY, -1);	tt_assert(bio);	key = PEM_read_bio_PrivateKey(bio,NULL,NULL,NULL);	BIO_free(bio);	tt_assert(key);	return key;end:	return NULL;}

voidtls_ctx_load_extra_certs (struct tls_root_ctx *ctx, const char *extra_certs_file,    const char *extra_certs_file_inline    ){  BIO *in;  if (!strcmp (extra_certs_file, INLINE_FILE_TAG) && extra_certs_file_inline)    in = BIO_new_mem_buf ((char *)extra_certs_file_inline, -1);  else    in = BIO_new_file (extra_certs_file, "r");  if (in == NULL)    msg (M_SSLERR, "Cannot load extra-certs file: %s", extra_certs_file);  else    tls_ctx_add_extra_certs (ctx, in);  BIO_free (in);}

intSSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len){	BIO *in;	int ret = 0;	in = BIO_new_mem_buf(buf, len);	if (in == NULL) {		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);		goto end;	}	ret = ssl_ctx_use_certificate_chain_bio(ctx, in);end:	BIO_free(in);	return (ret);}

  bool TLSEncryption::load_certificate(const char* certificate_buf)  {        if (!certificate_buf) return false;        bool result = false;         #if defined(SSL_LIB_OPENSSL)                X509 *cert = NULL;        EVP_PKEY *pkey = NULL;        BIO *bio_buffer;         //create readonly memory BIO        if (!(bio_buffer = BIO_new_mem_buf((void*)certificate_buf, -1))) return false; //certificate_buf should be null terminated;                       //load PEM cert from buffer        if(PEM_read_bio_X509(bio_buffer, &cert, 0, NULL))        {                             result = (SSL_CTX_use_certificate(m_ctx, cert) == SSL_SUCCESS);                                X509_free(cert);                BIO_reset(bio_buffer);        }                                 //load PEM private key from buffer        if(result && PEM_read_bio_PrivateKey(bio_buffer, &pkey, 0, NULL))         {                result = (SSL_CTX_use_PrivateKey(m_ctx, pkey) == SSL_SUCCESS);                                                               EVP_PKEY_free(pkey);        }                     BIO_free(bio_buffer);           #elif defined(SSL_LIB_CYASSL)           uint certificate_buf_len = strlen(certificate_buf);        if (CyaSSL_CTX_use_certificate_buffer(m_ctx, (const unsigned char*)certificate_buf,                         certificate_buf_len, SSL_FILETYPE_PEM) == SSL_SUCCESS) {                                result = (CyaSSL_CTX_use_PrivateKey_buffer(m_ctx, (const unsigned char*)certificate_buf,                         certificate_buf_len, SSL_FILETYPE_PEM) == SSL_SUCCESS);                }                       #endif          return result;   }

QString countBetaVersionSignature(quint64 version) { // duplicated in autoupdate.cpp	QByteArray cBetaPrivateKey(BetaPrivateKey);	if (cBetaPrivateKey.isEmpty()) {		cout << "Error: Trying to count beta version signature without beta private key!/n";		return QString();	}	QByteArray signedData = (QLatin1String("TelegramBeta_") + QString::number(version, 16).toLower()).toUtf8();	static const int32 shaSize = 20, keySize = 128;	uchar sha1Buffer[shaSize];	hashSha1(signedData.constData(), signedData.size(), sha1Buffer); // count sha1	uint32 siglen = 0;	RSA *prKey = PEM_read_bio_RSAPrivateKey(BIO_new_mem_buf(const_cast<char*>(cBetaPrivateKey.constData()), -1), 0, 0, 0);	if (!prKey) {		cout << "Error: Could not read beta private key!/n";		return QString();	}	if (RSA_size(prKey) != keySize) {		cout << "Error: Bad beta private key size: " << RSA_size(prKey) << "/n";		RSA_free(prKey);		return QString();	}	QByteArray signature;	signature.resize(keySize);	if (RSA_sign(NID_sha1, (const uchar*)(sha1Buffer), shaSize, (uchar*)(signature.data()), &siglen, prKey) != 1) { // count signature		cout << "Error: Counting beta version signature failed!/n";		RSA_free(prKey);		return QString();	}	RSA_free(prKey);	if (siglen != keySize) {		cout << "Error: Bad beta version signature length: " << siglen << "/n";		return QString();	}	signature = signature.toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals);	signature = signature.replace('-', '8').replace('_', 'B');	return QString::fromUtf8(signature.mid(19, 32));}

/** * Call Lua user function to get the DH key. */static DH *dhparam_cb(SSL *ssl, int is_export, int keylength){  BIO *bio;  lua_State *L;  DH *dh_tmp = NULL;  SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);  p_context pctx = (p_context)SSL_CTX_get_app_data(ctx);  L = pctx->L;  /* Get the callback */  luaL_getmetatable(L, "SSL:DH:Registry");  lua_pushlightuserdata(L, (void*)ctx);  lua_gettable(L, -2);  /* Invoke the callback */  lua_pushboolean(L, is_export);  lua_pushnumber(L, keylength);  lua_call(L, 2, 1);  /* Load parameters from returned value */  if (lua_type(L, -1) != LUA_TSTRING) {    lua_pop(L, 2);  /* Remove values from stack */    return NULL;  }  bio = BIO_new_mem_buf((void*)lua_tostring(L, -1),     lua_rawlen(L, -1));  if (bio) {    dh_tmp = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);    BIO_free(bio);  }  /*   * OpenSSL exepcts the callback to maintain a reference to the DH*.  So,   * cache it here, and clean up the previous set of parameters.  Any remaining   * set is cleaned up when destroying the LuaSec context.   */  if (pctx->dh_param)    DH_free(pctx->dh_param);  pctx->dh_param = dh_tmp;  lua_pop(L, 2);    /* Remove values from stack */  return dh_tmp;}

intput_key_pem(int is_public_only, PyObject *py_key_pem,		PyObject **py_private_key_ccn, PyObject **py_public_key_ccn,		PyObject **py_public_key_digest){	unsigned char *key_pem;	Py_ssize_t pem_len;	RSA *key_rsa = NULL;	BIO *bio = NULL;	int r;	unsigned long err;	r = PyBytes_AsStringAndSize(py_key_pem, (char **) &key_pem, &pem_len);	JUMP_IF_NEG(r, error);	bio = BIO_new_mem_buf(key_pem, pem_len);	JUMP_IF_NULL(bio, openssl_error);	if (is_public_only)		key_rsa = PEM_read_bio_RSAPublicKey(bio, NULL, NULL, NULL);	else		key_rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);	JUMP_IF_NULL(key_rsa, openssl_error);	r = ccn_keypair_from_rsa(is_public_only, key_rsa, py_private_key_ccn,			py_public_key_ccn);	JUMP_IF_NEG(r, error);	r = create_public_key_digest(key_rsa, py_public_key_digest, NULL);	JUMP_IF_NEG(r, error);	RSA_free(key_rsa);	return 0;openssl_error:	err = ERR_get_error();	PyErr_Format(g_PyExc_CCNKeyError, "Unable to parse key: %s",			ERR_reason_error_string(err));error:	RSA_free(key_rsa);	BIO_free(bio);	return -1;}

/* 功能：验证签名 入口： char*certFile    证书（含匙） char* plainText  明文 char* cipherText 签名 出口： bool true  签名验证成功 bool false 验证失败 */  bool PKCS7_VerifySign(char*certFile,char* plainText,char* cipherText )  {      /* Get X509 */      FILE* fp = fopen (certFile, "r");      if (fp == NULL)           return false;      X509* x509 = PEM_read_X509(fp, NULL, NULL, NULL);      fclose (fp);        if (x509 == NULL) {          ERR_print_errors_fp (stderr);          return false;      }        //BASE64解码      unsigned char *retBuf[1024*8];      int retBufLen = sizeof(retBuf);      memset(retBuf,0,sizeof(retBuf));      decodeBase64(cipherText,(void *)retBuf,&retBufLen);        //从签名中取PKCS7对象      BIO* vin = BIO_new_mem_buf(retBuf,retBufLen);      PKCS7 *p7 = d2i_PKCS7_bio(vin,NULL);          //取STACK_OF(X509)对象      STACK_OF(X509) *stack=sk_X509_new_null();//X509_STORE_new()      sk_X509_push(stack,x509);          //明码数据转为BIO      BIO *bio = BIO_new(BIO_s_mem());        BIO_puts(bio,plainText);        //验证签名      int err = PKCS7_verify(p7, stack, NULL,bio, NULL, PKCS7_NOVERIFY);        if (err != 1) {          ERR_print_errors_fp (stderr);          return false;      }        return true;  }  

static CURLcode load_cert(const char* mypem,void * sslctx) {    X509_STORE * store = NULL;    X509 * cert = NULL;    BIO * bio = NULL;    bio = BIO_new_mem_buf((void*)mypem, -1);    if (bio == NULL)    {        return CURLE_SSL_CACERT;    }    /* use it to read the PEM formatted certificate from memory into an X509    * structure that SSL can use    */     PEM_read_bio_X509(bio, &cert, 0, NULL);    if (cert == NULL)    {        BIO_free(bio);        return CURLE_SSL_CACERT;    }    /* get a pointer to the X509 certificate store (which may be empty!) */     store = SSL_CTX_get_cert_store((SSL_CTX*)sslctx);    if (store == NULL)    {        X509_free(cert);        BIO_free(bio);        return CURLE_SSL_CACERT;    }    /* add our certificate to this store */     if (X509_STORE_add_cert(store, cert)==0)    {        X509_free(cert);        BIO_free(bio);        return CURLE_SSL_CACERT;    }    /* decrease reference counts */     X509_free(cert);    BIO_free(bio);    return CURLE_OK;}

static PyObject *load_key(PyObject *self, PyObject *args){    Py_buffer data;    BIO *bio = NULL;    RSA *rsa = NULL;    RSAObject *result = NULL;#if PY_MAJOR_VERSION >= 3    if (!PyArg_ParseTuple(args, "y*:load_key", &data))        return NULL;#else    if (!PyArg_ParseTuple(args, "s*:load_key", &data))        return NULL;#endif    bio = BIO_new_mem_buf(data.buf, data.len);    if (bio == NULL)    {        PyErr_SetString(PyExc_RuntimeError, "BIO_new_mem_buf");        goto cleanup;    }    if (PEM_read_bio_RSAPublicKey(bio, &rsa, NULL, NULL) == NULL)    {        PyErr_SetString(PyExc_ValueError, "invalid PKCS1 key");        goto cleanup;    }    result = PyObject_NEW(RSAObject, &RSAType);    if (result == NULL)        goto cleanup;    result->rsa = rsa;    rsa = NULL;cleanup:    if (rsa)        RSA_free(rsa);    if (bio)        BIO_free(bio);    PyBuffer_Release(&data);    return (PyObject *) result;}

LLBasicCertificate::LLBasicCertificate(const std::string& pem_cert) {		// BIO_new_mem_buf returns a read only bio, but takes a void* which isn't const	// so we need to cast it.	BIO * pem_bio = BIO_new_mem_buf((void*)pem_cert.c_str(), pem_cert.length());	if(pem_bio == NULL)	{		LL_WARNS("SECAPI") << "Could not allocate an openssl memory BIO." << LL_ENDL;		throw LLInvalidCertificate(this);	}	mCert = NULL;	PEM_read_bio_X509(pem_bio, &mCert, 0, NULL);	BIO_free(pem_bio);	if (!mCert)	{		throw LLInvalidCertificate(this);	}}

//============================================================// Decodes binary (DER) OCSP_RESPONSE data and returns a OCSP_RESPONSE object// ppResp - pointer to a buffer to receive newly allocated OCSP_RESPONSE pointer// data - (DER) OCSP_RESPONSE data// len - length of data in bytes//============================================================EXP_OPTION int ddocDecodeOCSPResponseData(OCSP_RESPONSE **ppResp, const byte* data, int len){  BIO* b1 = 0;  // check input params  RETURN_IF_NULL_PARAM(data);  RETURN_IF_NULL_PARAM(ppResp);  // mark as not read yet  *ppResp = 0;  // create BIO  b1 = BIO_new_mem_buf((void*)data, len);  RETURN_IF_NOT(b1, ERR_NULL_POINTER);  // decode OCSP  *ppResp = d2i_OCSP_RESPONSE_bio(b1, NULL);  BIO_free(b1);  ddocDebug(3, "ddocDecodeOCSPResponseData", "Decoding %d bytes DER data - OCSP_RESPONSE %s", len, (*ppResp ? "OK" : "ERROR"));  RETURN_IF_NOT(*ppResp, ERR_OCSP_UNKNOWN_TYPE);  return ERR_OK;}

OpenSSLCertificate* OpenSSLCertificate::FromPEMString(    const std::string& pem_string, int* pem_length) {  BIO* bio = BIO_new_mem_buf(const_cast<char*>(pem_string.c_str()), -1);  if (!bio)    return NULL;  (void)BIO_set_close(bio, BIO_NOCLOSE);  BIO_set_mem_eof_return(bio, 0);  X509 *x509 = PEM_read_bio_X509(bio, NULL, NULL,                                 const_cast<char*>("/0"));  char *ptr;  int remaining_length = BIO_get_mem_data(bio, &ptr);  BIO_free(bio);  if (pem_length)    *pem_length = pem_string.length() - remaining_length;  if (x509)    return new OpenSSLCertificate(x509);  else    return NULL;}

char* base64_decode(char *input, int length, bool with_new_line){    BIO * b64 = NULL;    BIO * bmem = NULL;    char * buffer = (char *)malloc(length);    memset(buffer, 0, length);    b64 = BIO_new(BIO_f_base64());    if (!with_new_line) {        BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);    }    bmem = BIO_new_mem_buf(input, length);    bmem = BIO_push(b64, bmem);    BIO_read(bmem, buffer, length);    BIO_free_all(bmem);    return buffer;}

/* * This function is used to load an X509_STORE using raw * data from a buffer.  The data is expected to be PEM * encoded. * * Returns the number of certs added to the store */static int ossl_init_cert_store_from_raw (X509_STORE *store,                                           unsigned char *raw, int size){    STACK_OF(X509_INFO) * sk = NULL;    X509_INFO *xi;    BIO *in;    int cert_cnt = 0;    in = BIO_new_mem_buf(raw, size);    if (in == NULL) {        EST_LOG_ERR("Unable to open the raw CA cert buffer");        return 0;    }    /* This loads from a file, a stack of x509/crl/pkey sets */    sk = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);    if (sk == NULL) {        EST_LOG_ERR("Unable to read PEM encoded certs from BIO");        BIO_free(in);        return 0;    }    BIO_free(in);    /* scan over it and pull out the CRL's */    while (sk_X509_INFO_num(sk)) {        xi = sk_X509_INFO_shift(sk);        if (xi->x509 != NULL) {            EST_LOG_INFO("Adding cert to store (%s)", xi->x509->name);            X509_STORE_add_cert(store, xi->x509);	    cert_cnt++;        }        if (xi->crl != NULL) {            EST_LOG_INFO("Adding CRL to store");            X509_STORE_add_crl(store, xi->crl);        }        X509_INFO_free(xi);    }    if (sk != NULL) {        sk_X509_INFO_pop_free(sk, X509_INFO_free);    }    return (cert_cnt);}

X509 *read_x509_from_x509_flat(const struct X509_flat *fx){	BIO *in = NULL;	X509 *x = NULL;	if (fx == NULL) {		return NULL;	}	in = BIO_new_mem_buf(fx->data, fx->len);	if (in == NULL) {		return NULL;	}	x = PEM_read_bio_X509(in, NULL, 0, NULL);	BIO_free(in);	return x;}

RSA		*zt_rsa_new(const char *key, bool is_public){  RSA		*rsa;  BIO		*bio;  if (key == NULL)    return (NULL);  rsa = NULL;  bio = NULL;  if ((bio = BIO_new_mem_buf((void *)key, -1)) == NULL)    return (NULL);  if (is_public)    rsa = PEM_read_bio_RSA_PUBKEY(bio, &rsa, NULL, NULL);  else    rsa = PEM_read_bio_RSAPrivateKey(bio, &rsa, NULL, NULL);  if (rsa == NULL)    BIO_free_all(bio);  return (rsa);}

static intuse_inline_load_verify_locations (SSL_CTX *ctx, const char *ca_string){  X509_STORE *store = NULL;  X509* cert = NULL;  BIO *in = NULL;  int ret = 0;  in = BIO_new_mem_buf ((char *)ca_string, -1);  if (!in)    goto err;  for (;;)    {      if (!PEM_read_bio_X509 (in, &cert, 0, NULL))	{	  ret = 1;	  break;	}      if (!cert)	break;      store = SSL_CTX_get_cert_store (ctx);      if (!store)	break;      if (!X509_STORE_add_cert (store, cert))	break;      if (cert)	{	  X509_free (cert);	  cert = NULL;	}    } err:  if (cert)    X509_free (cert);  if (in)    BIO_free (in);  return ret;}

int decode64( char *input, char* output, int length){  BIO *b64, *bmem;  int len;  char *buffer = (char *)malloc(length);  memset(buffer, 0, length);  b64 = BIO_new(BIO_f_base64());  bmem = BIO_new_mem_buf(input, length);  bmem = BIO_push(b64, bmem);  len = BIO_read(bmem, buffer, length);  printf("length %d/n", len);  BIO_free_all(bmem);  memcpy(output, buffer, len);  output[len] = '/0';  free(buffer);  return len;}

	std::string base64::decode(std::string const& _str)	{		std::string ret;		ret.resize(_str.length());		BIO *b64 = BIO_new(BIO_f_base64());		BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);		BIO *bmem = BIO_new_mem_buf((void*)_str.data(), _str.length());		b64 = BIO_push(b64, bmem);		int len = BIO_read(b64, (void*)ret.data(), ret.length());		if(len <= 0)			ret.resize(0);		else			ret.resize(len);		return ret;	}

/* * Convert string to X. */void * pgx_X_from_string(const char *txt,		void * (*new_object)(void),		int (*read)(BIO *, void **, pem_password_cb *, void *)) {    BIO *inp;	void *x;	int r;	x = new_object();    inp = BIO_new_mem_buf((char *) txt, strlen(txt));    if ((r = read(inp, &x, 0, NULL)) == NULL) {            ereport(ERROR,                (errcode(ERRCODE_DATA_CORRUPTED), errmsg("%s:%d: unable to retrieve data (%d) 1", __FILE__, __LINE__, ERR_get_error())));    }        BIO_free(inp);    return x;}

SEXP loadPKCS12(SEXP privateKey) {  EVP_PKEY *key;  BIO *bio_mem;  PKCS12 *p12;  X509 *cert;    if (TYPEOF(privateKey) != RAWSXP)    Rf_error("PKCS12 private key must be a raw vector");  bio_mem = BIO_new_mem_buf((void *) RAW(privateKey), LENGTH(privateKey));  p12 = d2i_PKCS12_bio(bio_mem, &p12);  if (!p12    || !PKCS12_verify_mac(p12, pass, strlen(pass))    || !PKCS12_parse(p12, pass, &key, &cert, NULL)    || !key) {    Rf_error("%s", ERR_error_string(ERR_get_error(), NULL));  }  return wrap_EVP_PKEY(key);}

BIO* load_bio_object(lua_State* L, int idx){  BIO* bio = NULL;  if (lua_isstring(L, idx))  {    size_t l = 0;    const char* ctx = lua_tolstring(L, idx, &l);    /* read only */    bio = (BIO*)BIO_new_mem_buf((void*)ctx, l);  }  else if (auxiliar_getclassudata(L, "openssl.bio", idx))  {    bio = CHECK_OBJECT(idx, BIO, "openssl.bio");    BIO_up_ref(bio);  }  else    luaL_argerror(L, idx, "only support string or openssl.bio");  return bio;}

intput_key_pem(int is_public_only, PyObject *py_key_pem,            PyObject **py_private_key_ndn, PyObject **py_public_key_ndn,            PyObject **py_public_key_digest,            char *password){	unsigned char *key_pem;	Py_ssize_t pem_len;	struct ndn_pkey *key = NULL;	BIO *bio = NULL;	int r;	unsigned long err;	r = PyBytes_AsStringAndSize(py_key_pem, (char **) &key_pem, &pem_len);	JUMP_IF_NEG(r, error);	bio = BIO_new_mem_buf(key_pem, pem_len);	JUMP_IF_NULL(bio, openssl_error);	if (is_public_only)          key = (struct ndn_pkey*)PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);	else          key = (struct ndn_pkey*)PEM_read_bio_PrivateKey(bio, NULL, NULL, password);	JUMP_IF_NULL(key, openssl_error);	r = ndn_keypair(is_public_only, key, py_private_key_ndn, py_public_key_ndn);	JUMP_IF_NEG(r, error);	r = create_public_key_digest(key, py_public_key_digest, NULL);	JUMP_IF_NEG(r, error);	return 0;openssl_error:	err = ERR_get_error();	PyErr_Format(g_PyExc_NDNKeyError, "Unable to parse key: %s",			ERR_reason_error_string(err));error:	EVP_PKEY_free ((EVP_PKEY *)key);	BIO_free(bio);	return -1;}

intssl_by_mem_ctrl(X509_LOOKUP *lu, int cmd, const char *buf,    long type, char **ret){	STACK_OF(X509_INFO)	*inf;	const struct iovec	*iov;	X509_INFO		*itmp;	BIO			*in = NULL;	int			 i, count = 0;	iov = (const struct iovec *)buf;	if (type != X509_FILETYPE_PEM)		goto done;	if ((in = BIO_new_mem_buf(iov->iov_base, iov->iov_len)) == NULL)		goto done;	if ((inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL)) == NULL)		goto done;	for (i = 0; i < sk_X509_INFO_num(inf); i++) {		itmp = sk_X509_INFO_value(inf, i);		if (itmp->x509) {			X509_STORE_add_cert(lu->store_ctx, itmp->x509);			count++;		}		if (itmp->crl) {			X509_STORE_add_crl(lu->store_ctx, itmp->crl);			count++;		}	}	sk_X509_INFO_pop_free(inf, X509_INFO_free); done:	if (!count)		X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_PEM_LIB);	if (in != NULL)		BIO_free(in);	return (count);}

void CC_RSASHA(unsigned int hashlen, int nid, void (*CC)(const void *data, uint32_t len, unsigned char *md),							 C_BLOB &Param1,							 C_BLOB &Param2,							 C_LONGINT &Param3,							 C_TEXT &returnValue){	uint8_t *buf = (uint8_t *)calloc(hashlen, sizeof(uint8_t));	unsigned int signatureLength = 0;		CC((unsigned char *)Param1.getBytesPtr(), Param1.getBytesLength(), buf);	BIO *bio = BIO_new_mem_buf((void *)Param2.getBytesPtr(), Param2.getBytesLength());		if(bio)	{		RSA *key = NULL;		key = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);		if(key)		{			uint8_t *sgn = (uint8_t *)calloc(RSA_size(key), sizeof(uint8_t));			if(RSA_sign(nid, buf, hashlen, sgn, &signatureLength, key))			{				C_BLOB temp;				temp.setBytes((const uint8_t *)sgn, signatureLength);				switch (Param3.getIntValue())				{					case 1:						temp.toB64Text(&returnValue);						break;					case 2:						temp.toB64Text(&returnValue, true);						break;					default:						temp.toHexText(&returnValue);						break;				}			}			free(sgn);		}		BIO_free(bio);	}	free(buf);}

DWORDDirCliDERToX509(    PBYTE pCertBytes,    DWORD dwLength,    X509** ppCert    ){    DWORD dwError = 0;    BIO *pBioMem = NULL;    X509* pCert = NULL;    pBioMem = BIO_new_mem_buf(pCertBytes, dwLength);    if ( pBioMem == NULL)    {        dwError = ERROR_OUTOFMEMORY;        BAIL_ON_VMAFD_ERROR(dwError);    }    pCert = d2i_X509_bio(pBioMem, NULL);    if (pCert  == NULL)    {        dwError = ERROR_OPEN_FAILED;        BAIL_ON_VMAFD_ERROR(dwError);    }    *ppCert = pCert;cleanup:    if (pBioMem)    {        BIO_free(pBioMem);    }    return dwError;error:    *ppCert = NULL;    goto cleanup;}