自学教程：C++ BN_GENCB_set函数代码示例

		bool GenerateRSAKeyPair(int numBits, std::string& privKey, std::string& pubKey)		{			// TODO: add some error checking			RSA* rsa = RSA_new();			BIGNUM* bn = BN_new();			BN_GENCB cb;			BIO* bio_err = NULL;			BN_GENCB_set(&cb, genrsa_cb, bio_err);			BN_set_word(bn, RSA_F4);			RSA_generate_key_ex(rsa, numBits, bn, &cb);			BIO* privKeyBuff = BIO_new(BIO_s_mem());			BIO* pubKeyBuff = BIO_new(BIO_s_mem());			PEM_write_bio_RSAPrivateKey(privKeyBuff, rsa, 0, 0, 0, 0, 0);			PEM_write_bio_RSA_PUBKEY(pubKeyBuff, rsa); // RSA_PUBKEY includes some data that RSAPublicKey doesn't have			char* privKeyData;			char* pubKeyData;			auto privKeySize = BIO_get_mem_data(privKeyBuff, &privKeyData);			auto pubKeySize = BIO_get_mem_data(pubKeyBuff, &pubKeyData);			privKey = std::string(privKeyData, privKeySize);			pubKey = std::string(pubKeyData, pubKeySize);						BIO_free_all(privKeyBuff);			BIO_free_all(pubKeyBuff);			BN_free(bn);			RSA_free(rsa);			return true;		}

static isc_result_topenssldsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {	DSA *dsa;	unsigned char rand_array[ISC_SHA1_DIGESTLENGTH];	isc_result_t result;#if OPENSSL_VERSION_NUMBER > 0x00908000L	BN_GENCB cb;	union {		void *dptr;		void (*fptr)(int);	} u;#else	UNUSED(callback);#endif	UNUSED(unused);	result = dst__entropy_getdata(rand_array, sizeof(rand_array),				      ISC_FALSE);	if (result != ISC_R_SUCCESS)		return (result);#if OPENSSL_VERSION_NUMBER > 0x00908000L	dsa = DSA_new();	if (dsa == NULL)		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	if (callback == NULL) {		BN_GENCB_set_old(&cb, NULL, NULL);	} else {		u.fptr = callback;		BN_GENCB_set(&cb, &progress_cb, u.dptr);	}	if (!DSA_generate_parameters_ex(dsa, key->key_size, rand_array,					ISC_SHA1_DIGESTLENGTH,  NULL, NULL,					&cb))	{		DSA_free(dsa);		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	}#else	dsa = DSA_generate_parameters(key->key_size, rand_array,				      ISC_SHA1_DIGESTLENGTH, NULL, NULL,				      NULL, NULL);	if (dsa == NULL)		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));#endif	if (DSA_generate_key(dsa) == 0) {		DSA_free(dsa);		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	}	dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;	key->keydata.dsa = dsa;	return (ISC_R_SUCCESS);}

static ERL_NIF_TERM rsa_generate_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]){/* (ModulusSize, PublicExponent) */    int modulus_bits;    BIGNUM *pub_exp, *three;    RSA *rsa;    int success;    ERL_NIF_TERM result;    BN_GENCB *intr_cb;#ifndef HAVE_OPAQUE_BN_GENCB    BN_GENCB intr_cb_buf;#endif    if (!enif_get_int(env, argv[0], &modulus_bits) || modulus_bits < 256) {	return enif_make_badarg(env);    }    if (!get_bn_from_bin(env, argv[1], &pub_exp)) {	return enif_make_badarg(env);    }    /* Make sure the public exponent is large enough (at least 3).     * Without this, RSA_generate_key_ex() can run forever. */    three = BN_new();    BN_set_word(three, 3);    success = BN_cmp(pub_exp, three);    BN_free(three);    if (success < 0) {	BN_free(pub_exp);	return enif_make_badarg(env);    }    /* For large keys, prime generation can take many seconds. Set up     * the callback which we use to test whether the process has been     * interrupted. */#ifdef HAVE_OPAQUE_BN_GENCB    intr_cb = BN_GENCB_new();#else    intr_cb = &intr_cb_buf;#endif    BN_GENCB_set(intr_cb, check_erlang_interrupt, env);    rsa = RSA_new();    success = RSA_generate_key_ex(rsa, modulus_bits, pub_exp, intr_cb);    BN_free(pub_exp);#ifdef HAVE_OPAQUE_BN_GENCB    BN_GENCB_free(intr_cb);#endif    if (!success) {        RSA_free(rsa);	return atom_error;    }    result = put_rsa_private_key(env, rsa);    RSA_free(rsa);    return result;}

int genrsa_main(int argc, char **argv){    BN_GENCB *cb = BN_GENCB_new();    PW_CB_DATA cb_data;    ENGINE *eng = NULL;    BIGNUM *bn = BN_new();    BIO *out = NULL;    BIGNUM *e;    RSA *rsa = NULL;    const EVP_CIPHER *enc = NULL;    int ret = 1, num = DEFBITS, private = 0;    unsigned long f4 = RSA_F4;    char *outfile = NULL, *passoutarg = NULL, *passout = NULL;    char *inrand = NULL, *prog, *hexe, *dece;    OPTION_CHOICE o;    if (bn == NULL || cb == NULL)        goto end;    BN_GENCB_set(cb, genrsa_cb, bio_err);    prog = opt_init(argc, argv, genrsa_options);    while ((o = opt_next()) != OPT_EOF) {        switch (o) {        case OPT_EOF:        case OPT_ERR:            BIO_printf(bio_err, "%s: Use -help for summary./n", prog);            goto end;        case OPT_HELP:            ret = 0;            opt_help(genrsa_options);            goto end;        case OPT_3:            f4 = 3;            break;        case OPT_F4:            f4 = RSA_F4;            break;        case OPT_OUT:            outfile = opt_arg();            break;        case OPT_ENGINE:            eng = setup_engine(opt_arg(), 0);            break;        case OPT_RAND:            inrand = opt_arg();            break;        case OPT_PASSOUT:            passoutarg = opt_arg();            break;        case OPT_CIPHER:            if (!opt_cipher(opt_unknown(), &enc))                goto end;            break;        }    }    argc = opt_num_rest();    argv = opt_rest();    private = 1;

intisns_dsa_init_params(const char *filename){	FILE	*fp;	DSA	*dsa;#if OPENSSL_VERSION_NUMBER >= 0x10002000L	BN_GENCB	*cb;#endif	const int dsa_key_bits = 1024;	if (access(filename, R_OK) == 0)		return 1;	isns_mkdir_recursive(isns_dirname(filename));	if (!(fp = fopen(filename, "w"))) {		isns_error("Unable to open %s: %m/n", filename);		return 0;	}	isns_notice("Generating DSA parameters; this may take a while/n");#if OPENSSL_VERSION_NUMBER >= 0x10002000L	cb = BN_GENCB_new();	BN_GENCB_set(cb, (int (*)(int, int, BN_GENCB *)) isns_dsa_param_gen_callback, NULL);	dsa = DSA_new();	if (!DSA_generate_parameters_ex(dsa, dsa_key_bits, NULL, 0, NULL, NULL, cb)) {		DSA_free(dsa);		dsa = NULL;	}	BN_GENCB_free(cb);#else	dsa = DSA_generate_parameters(dsa_key_bits, NULL, 0,			NULL, NULL, isns_dsa_param_gen_callback, NULL);#endif	write(1, "/n", 1);	if (dsa == NULL) {		isns_dsasig_report_errors("Error generating DSA parameters",				isns_error);		fclose(fp);		return 0;	}	if (!PEM_write_DSAparams(fp, dsa)) {		isns_dsasig_report_errors("Error writing DSA parameters",				isns_error);		DSA_free(dsa);		fclose(fp);		return 0;	}	DSA_free(dsa);	fclose(fp);	return 1;}

static int dsa_test(void){    BN_GENCB *cb;    DSA *dsa = NULL;    int counter, ret = 0, i, j;    unsigned char buf[256];    unsigned long h;    unsigned char sig[256];    unsigned int siglen;    const BIGNUM *p = NULL, *q = NULL, *g = NULL;    if (!TEST_ptr(cb = BN_GENCB_new()))        goto end;    BN_GENCB_set(cb, dsa_cb, NULL);    if (!TEST_ptr(dsa = DSA_new())        || !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20,                                                &counter, &h, cb)))        goto end;    if (!TEST_int_eq(counter, 105))        goto end;    if (!TEST_int_eq(h, 2))        goto end;    DSA_get0_pqg(dsa, &p, &q, &g);    i = BN_bn2bin(q, buf);    j = sizeof(out_q);    if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_q, i))        goto end;    i = BN_bn2bin(p, buf);    j = sizeof(out_p);    if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_p, i))        goto end;    i = BN_bn2bin(g, buf);    j = sizeof(out_g);    if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_g, i))        goto end;    DSA_generate_key(dsa);    DSA_sign(0, str1, 20, sig, &siglen, dsa);    if (TEST_true(DSA_verify(0, str1, 20, sig, siglen, dsa)))        ret = 1; end:    DSA_free(dsa);    BN_GENCB_free(cb);    return ret;}

static DH *dh_generate(int size, int gen){    struct ossl_generate_cb_arg cb_arg = { 0 };    struct dh_blocking_gen_arg gen_arg;    DH *dh = DH_new();    BN_GENCB *cb = BN_GENCB_new();    if (!dh || !cb) {	DH_free(dh);	BN_GENCB_free(cb);	return NULL;    }    if (rb_block_given_p())	cb_arg.yield = 1;    BN_GENCB_set(cb, ossl_generate_cb_2, &cb_arg);    gen_arg.dh = dh;    gen_arg.size = size;    gen_arg.gen = gen;    gen_arg.cb = cb;    if (cb_arg.yield == 1) {	/* we cannot release GVL when callback proc is supplied */	dh_blocking_gen(&gen_arg);    } else {	/* there's a chance to unblock */	rb_thread_call_without_gvl(dh_blocking_gen, &gen_arg, ossl_generate_cb_stop, &cb_arg);    }    BN_GENCB_free(cb);    if (!gen_arg.result) {	DH_free(dh);	if (cb_arg.state) {	    /* Clear OpenSSL error queue before re-raising. */	    ossl_clear_error();	    rb_jump_tag(cb_arg.state);	}	return NULL;    }    if (!DH_generate_key(dh)) {        DH_free(dh);        return NULL;    }    return dh;}

static DH *dh_generate(int size, int gen){#if defined(HAVE_DH_GENERATE_PARAMETERS_EX) && HAVE_BN_GENCB    BN_GENCB cb;    struct ossl_generate_cb_arg cb_arg;    struct dh_blocking_gen_arg gen_arg;    DH *dh = DH_new();    if (!dh) return 0;    memset(&cb_arg, 0, sizeof(struct ossl_generate_cb_arg));    if (rb_block_given_p())	cb_arg.yield = 1;    BN_GENCB_set(&cb, ossl_generate_cb_2, &cb_arg);    gen_arg.dh = dh;    gen_arg.size = size;    gen_arg.gen = gen;    gen_arg.cb = &cb;    if (cb_arg.yield == 1) {	/* we cannot release GVL when callback proc is supplied */	dh_blocking_gen(&gen_arg);    } else {	/* there's a chance to unblock */	rb_thread_call_without_gvl(dh_blocking_gen, &gen_arg, ossl_generate_cb_stop, &cb_arg);    }    if (!gen_arg.result) {	DH_free(dh);	if (cb_arg.state) rb_jump_tag(cb_arg.state);	return 0;    }#else    DH *dh;    dh = DH_generate_parameters(size, gen, rb_block_given_p() ? ossl_generate_cb : NULL, NULL);    if (!dh) return 0;#endif    if (!DH_generate_key(dh)) {        DH_free(dh);        return 0;    }    return dh;}

intdhparam_main(int argc, char **argv){	BIO *in = NULL, *out = NULL;	char *num_bits = NULL;	DH *dh = NULL;	int num = 0;	int ret = 1;	int i;	memset(&dhparam_config, 0, sizeof(dhparam_config));	dhparam_config.informat = FORMAT_PEM;	dhparam_config.outformat = FORMAT_PEM;	if (options_parse(argc, argv, dhparam_options, &num_bits, NULL) != 0) {		dhparam_usage();		return (1);	}	if (num_bits != NULL) {		if(sscanf(num_bits, "%d", &num) == 0 || num <= 0) {			BIO_printf(bio_err, "invalid number of bits: %s/n",			    num_bits);			return (1);		}	}	if (dhparam_config.g && !num)		num = DEFBITS;	if (dhparam_config.dsaparam) {		if (dhparam_config.g) {			BIO_printf(bio_err, "generator may not be chosen for DSA parameters/n");			goto end;		}	} else {		/* DH parameters */		if (num && !dhparam_config.g)			dhparam_config.g = 2;	}	if (num) {		BN_GENCB cb;		BN_GENCB_set(&cb, dh_cb, bio_err);		if (dhparam_config.dsaparam) {			DSA *dsa = DSA_new();			BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime/n", num);			if (!dsa || !DSA_generate_parameters_ex(dsa, num,				NULL, 0, NULL, NULL, &cb)) {				if (dsa)					DSA_free(dsa);				ERR_print_errors(bio_err);				goto end;			}			dh = DSA_dup_DH(dsa);			DSA_free(dsa);			if (dh == NULL) {				ERR_print_errors(bio_err);				goto end;			}		} else {			dh = DH_new();			BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime, generator %d/n", num, dhparam_config.g);			BIO_printf(bio_err, "This is going to take a long time/n");			if (!dh || !DH_generate_parameters_ex(dh, num, dhparam_config.g, &cb)) {				ERR_print_errors(bio_err);				goto end;			}		}	} else {		in = BIO_new(BIO_s_file());		if (in == NULL) {			ERR_print_errors(bio_err);			goto end;		}		if (dhparam_config.infile == NULL)			BIO_set_fp(in, stdin, BIO_NOCLOSE);		else {			if (BIO_read_filename(in, dhparam_config.infile) <= 0) {				perror(dhparam_config.infile);				goto end;			}		}		if (dhparam_config.informat != FORMAT_ASN1 &&		    dhparam_config.informat != FORMAT_PEM) {			BIO_printf(bio_err, "bad input format specified/n");			goto end;		}		if (dhparam_config.dsaparam) {			DSA *dsa;			if (dhparam_config.informat == FORMAT_ASN1)				dsa = d2i_DSAparams_bio(in, NULL);			else	/* informat == FORMAT_PEM */				dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL);//.........这里部分代码省略.........

void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx){    BN_GENCB_set(cb, trans_cb, ctx);}

//.........这里部分代码省略.........                   " -5            generate parameters using  5 as the generator value/n");        BIO_printf(bio_err,                   " numbits       number of bits in to generate (default 2048)/n");        BIO_printf(bio_err, " -rand file%cfile%c.../n", LIST_SEPARATOR_CHAR,                   LIST_SEPARATOR_CHAR);        BIO_printf(bio_err,                   "               - load the file (or the files in the directory) into/n");        BIO_printf(bio_err, "               the random number generator/n");        BIO_printf(bio_err, " -noout        no output/n");        goto end;    }    ERR_load_crypto_strings();    if (g && !num)        num = DEFBITS;    if (dsaparam) {        if (g) {            BIO_printf(bio_err,                       "generator may not be chosen for DSA parameters/n");            goto end;        }    } else    {        /* DH parameters */        if (num && !g)            g = 2;    }    if (num) {        BN_GENCB cb;        BN_GENCB_set(&cb, dh_cb, bio_err);        if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {            BIO_printf(bio_err,                       "warning, not much extra random data, consider using the -rand option/n");        }        if (inrand != NULL)            BIO_printf(bio_err, "%ld semi-random bytes loaded/n",                       app_RAND_load_files(inrand));# ifndef OPENSSL_NO_DSA        if (dsaparam) {            DSA *dsa = DSA_new();            BIO_printf(bio_err,                       "Generating DSA parameters, %d bit long prime/n", num);            if (!dsa                || !DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL,                                               &cb)) {                if (dsa)                    DSA_free(dsa);                ERR_print_errors(bio_err);                goto end;            }            dh = DSA_dup_DH(dsa);            DSA_free(dsa);            if (dh == NULL) {                ERR_print_errors(bio_err);                goto end;            }        } else# endif        {

int main(int argc, char **argv){    BN_GENCB *cb;    DSA *dsa = NULL;    int counter, ret = 0, i, j;    unsigned char buf[256];    unsigned long h;    unsigned char sig[256];    unsigned int siglen;    BIGNUM *p = NULL, *q = NULL, *g = NULL;    if (bio_err == NULL)        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);    CRYPTO_set_mem_debug(1);    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);    RAND_seed(rnd_seed, sizeof rnd_seed);    BIO_printf(bio_err, "test generation of DSA parameters/n");    cb = BN_GENCB_new();    if (!cb)        goto end;    BN_GENCB_set(cb, dsa_cb, bio_err);    if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,                                                                   seed, 20,                                                                   &counter,                                                                   &h, cb))        goto end;    BIO_printf(bio_err, "seed/n");    for (i = 0; i < 20; i += 4) {        BIO_printf(bio_err, "%02X%02X%02X%02X ",                   seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);    }    BIO_printf(bio_err, "/ncounter=%d h=%ld/n", counter, h);    DSA_print(bio_err, dsa, 0);    if (counter != 105) {        BIO_printf(bio_err, "counter should be 105/n");        goto end;    }    if (h != 2) {        BIO_printf(bio_err, "h should be 2/n");        goto end;    }    DSA_get0_pqg(dsa, &p, &q, &g);    i = BN_bn2bin(q, buf);    j = sizeof(out_q);    if ((i != j) || (memcmp(buf, out_q, i) != 0)) {        BIO_printf(bio_err, "q value is wrong/n");        goto end;    }    i = BN_bn2bin(p, buf);    j = sizeof(out_p);    if ((i != j) || (memcmp(buf, out_p, i) != 0)) {        BIO_printf(bio_err, "p value is wrong/n");        goto end;    }    i = BN_bn2bin(g, buf);    j = sizeof(out_g);    if ((i != j) || (memcmp(buf, out_g, i) != 0)) {        BIO_printf(bio_err, "g value is wrong/n");        goto end;    }    DSA_set_flags(dsa, DSA_FLAG_NO_EXP_CONSTTIME);    DSA_generate_key(dsa);    DSA_sign(0, str1, 20, sig, &siglen, dsa);    if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)        ret = 1;    DSA_clear_flags(dsa, DSA_FLAG_NO_EXP_CONSTTIME);    DSA_generate_key(dsa);    DSA_sign(0, str1, 20, sig, &siglen, dsa);    if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)        ret = 1; end:    if (!ret)        ERR_print_errors(bio_err);    DSA_free(dsa);    BN_GENCB_free(cb);#ifndef OPENSSL_NO_CRYPTO_MDEBUG    if (CRYPTO_mem_leaks(bio_err) <= 0)        ret = 0;#endif    BIO_free(bio_err);    bio_err = NULL;    EXIT(!ret);}

intgenrsa_main(int argc, char **argv){	BN_GENCB cb;	int ret = 1;	int i, num = DEFBITS;	long l;	const EVP_CIPHER *enc = NULL;	unsigned long f4 = RSA_F4;	char *outfile = NULL;	char *passargout = NULL, *passout = NULL;	BIO *out = NULL;	BIGNUM *bn = BN_new();	RSA *rsa = NULL;	if (single_execution) {		if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {			perror("pledge");			exit(1);		}	}	if (!bn)		goto err;	BN_GENCB_set(&cb, genrsa_cb, bio_err);	if ((out = BIO_new(BIO_s_file())) == NULL) {		BIO_printf(bio_err, "unable to create BIO for output/n");		goto err;	}	argv++;	argc--;	for (;;) {		if (argc <= 0)			break;		if (strcmp(*argv, "-out") == 0) {			if (--argc < 1)				goto bad;			outfile = *(++argv);		} else if (strcmp(*argv, "-3") == 0)			f4 = 3;		else if (strcmp(*argv, "-F4") == 0 || strcmp(*argv, "-f4") == 0)			f4 = RSA_F4;#ifndef OPENSSL_NO_DES		else if (strcmp(*argv, "-des") == 0)			enc = EVP_des_cbc();		else if (strcmp(*argv, "-des3") == 0)			enc = EVP_des_ede3_cbc();#endif#ifndef OPENSSL_NO_IDEA		else if (strcmp(*argv, "-idea") == 0)			enc = EVP_idea_cbc();#endif#ifndef OPENSSL_NO_AES		else if (strcmp(*argv, "-aes128") == 0)			enc = EVP_aes_128_cbc();		else if (strcmp(*argv, "-aes192") == 0)			enc = EVP_aes_192_cbc();		else if (strcmp(*argv, "-aes256") == 0)			enc = EVP_aes_256_cbc();#endif#ifndef OPENSSL_NO_CAMELLIA		else if (strcmp(*argv, "-camellia128") == 0)			enc = EVP_camellia_128_cbc();		else if (strcmp(*argv, "-camellia192") == 0)			enc = EVP_camellia_192_cbc();		else if (strcmp(*argv, "-camellia256") == 0)			enc = EVP_camellia_256_cbc();#endif		else if (strcmp(*argv, "-passout") == 0) {			if (--argc < 1)				goto bad;			passargout = *(++argv);		} else			break;		argv++;		argc--;	}	if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) { bad:		BIO_printf(bio_err, "usage: genrsa [args] [numbits]/n");		BIO_printf(bio_err, " -des            encrypt the generated key with DES in cbc mode/n");		BIO_printf(bio_err, " -des3           encrypt the generated key with DES in ede cbc mode (168 bit key)/n");#ifndef OPENSSL_NO_IDEA		BIO_printf(bio_err, " -idea           encrypt the generated key with IDEA in cbc mode/n");#endif#ifndef OPENSSL_NO_AES		BIO_printf(bio_err, " -aes128, -aes192, -aes256/n");		BIO_printf(bio_err, "                 encrypt PEM output with cbc aes/n");#endif#ifndef OPENSSL_NO_CAMELLIA		BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256/n");		BIO_printf(bio_err, "                 encrypt PEM output with cbc camellia/n");#endif		BIO_printf(bio_err, " -out file       output the key to 'file/n");		BIO_printf(bio_err, " -passout arg    output file pass phrase source/n");		BIO_printf(bio_err, " -f4             use F4 (0x10001) for the E value/n");		BIO_printf(bio_err, " -3              use 3 for the E value/n");		goto err;//.........这里部分代码省略.........

int dhparam_main(int argc, char **argv){    BIO *in = NULL, *out = NULL;    DH *dh = NULL;    char *infile = NULL, *outfile = NULL, *prog, *inrand = NULL;#ifndef OPENSSL_NO_DSA    int dsaparam = 0;#endif    int i, text = 0, C = 0, ret = 1, num = 0, g = 0;    int informat = FORMAT_PEM, outformat = FORMAT_PEM, check = 0, noout = 0;    OPTION_CHOICE o;    prog = opt_init(argc, argv, dhparam_options);    while ((o = opt_next()) != OPT_EOF) {        switch (o) {        case OPT_EOF:        case OPT_ERR: opthelp:            BIO_printf(bio_err, "%s: Use -help for summary./n", prog);            goto end;        case OPT_HELP:            opt_help(dhparam_options);            ret = 0;            goto end;        case OPT_INFORM:            if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))                goto opthelp;            break;        case OPT_OUTFORM:            if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))                goto opthelp;            break;        case OPT_IN:            infile = opt_arg();            break;        case OPT_OUT:            outfile = opt_arg();            break;        case OPT_ENGINE:            (void)setup_engine(opt_arg(), 0);            break;        case OPT_CHECK:            check = 1;            break;        case OPT_TEXT:            text = 1;            break;        case OPT_DSAPARAM:#ifndef OPENSSL_NO_DSA            dsaparam = 1;#endif            break;        case OPT_C:            C = 1;            break;        case OPT_2:            g = 2;            break;        case OPT_5:            g = 5;            break;        case OPT_NOOUT:            noout = 1;            break;        case OPT_RAND:            inrand = opt_arg();            break;        }    }    argc = opt_num_rest();    argv = opt_rest();    if (argv[0] && (!opt_int(argv[0], &num) || num <= 0))        goto end;    if (g && !num)        num = DEFBITS;# ifndef OPENSSL_NO_DSA    if (dsaparam && g) {        BIO_printf(bio_err,                   "generator may not be chosen for DSA parameters/n");        goto end;    }# endif    /* DH parameters */    if (num && !g)        g = 2;    if (num) {        BN_GENCB *cb;        cb = BN_GENCB_new();        if (cb == NULL) {            ERR_print_errors(bio_err);            goto end;        }        BN_GENCB_set(cb, dh_cb, bio_err);        if (!app_RAND_load_file(NULL, 1) && inrand == NULL) {//.........这里部分代码省略.........

//.........这里部分代码省略.........	return 0;    }*/    if (rsa_key) {	rsa = read_key(engine, rsa_key);	/*	 * Assuming that you use the RSA key in the distribution, this	 * test will generate a signature have a starting zero and thus	 * will generate a checksum that is 127 byte instead of the	 * checksum that is 128 byte (like the key).	 */	{	    const unsigned char sha1[20] = {		0x6d, 0x33, 0xf9, 0x40, 0x75, 0x5b, 0x4e, 0xc5, 0x90, 0x35,		0x48, 0xab, 0x75, 0x02, 0x09, 0x76, 0x9a, 0xb4, 0x7d, 0x6b	    };	    check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);	}	for (i = 0; i < 128; i++) {	    unsigned char sha1[20];		    CCRandomCopyBytes(kCCRandomDefault, sha1, sizeof(sha1));	    check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);	}	for (i = 0; i < 128; i++) {	    unsigned char des3[21];	    CCRandomCopyBytes(kCCRandomDefault, des3, sizeof(des3));	    check_rsa(des3, sizeof(des3), rsa, RSA_PKCS1_PADDING);	}	for (i = 0; i < 128; i++) {	    unsigned char aes[32];	    CCRandomCopyBytes(kCCRandomDefault, aes, sizeof(aes));	    check_rsa(aes, sizeof(aes), rsa, RSA_PKCS1_PADDING);	}	RSA_free(rsa);    }    if (verbose) {	    printf("[BEGIN] RSA loops/n");	    printf("Running %d loops/n", loops);    }    total++;    for (i = 0; i < loops; i++) {	BN_GENCB cb;	BIGNUM *e;	unsigned int n;	rsa = RSA_new_method(engine);	if (!key_blinding)	    rsa->flags |= RSA_FLAG_NO_BLINDING;	e = BN_new();	BN_set_word(e, 0x10001);	BN_GENCB_set(&cb, cb_func, NULL);		CCRandomCopyBytes(kCCRandomDefault, &n, sizeof(n));	n &= 0x1ff;	n += 1024;	if (RSA_generate_key_ex(rsa, n, e, &cb) != 1) {	    fprintf(stderr, "RSA_generate_key_ex");	    fail++;	    return 1;	}	BN_free(e);	for (j = 0; j < 8; j++) {	    unsigned char sha1[20];	    CCRandomCopyBytes(kCCRandomDefault, sha1, sizeof(sha1));	    check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);	}	RSA_free(rsa);    }    if (verbose) printf("[PASS] RSA loops/n");    pass++;    if (verbose) {	    printf("[SUMMARY]/n");	    printf("total: %d/n", total);	    printf("passed: %d/n", pass);	    printf("failed: %d/n", fail);    }    /* ENGINE_finish(engine); */    return (fail);}

//.........这里部分代码省略.........	if (qscCert.isNull() || qskKey.isNull()) {		if (! key.isEmpty() || ! crt.isEmpty()) {			log("Certificate specified, but failed to load.");		}		qskKey = Meta::mp.qskKey;		qscCert = Meta::mp.qscCert;		if (qscCert.isNull() || qskKey.isNull()) {			log("Generating new server certificate.");			CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);			X509 *x509 = X509_new();			EVP_PKEY *pkey = EVP_PKEY_new();			RSA *rsa = RSA_generate_key(2048,RSA_F4,NULL,NULL);			EVP_PKEY_assign_RSA(pkey, rsa);			X509_set_version(x509, 2);			ASN1_INTEGER_set(X509_get_serialNumber(x509),1);			X509_gmtime_adj(X509_get_notBefore(x509),0);			X509_gmtime_adj(X509_get_notAfter(x509),60*60*24*365*20);			X509_set_pubkey(x509, pkey);			X509_NAME *name=X509_get_subject_name(x509);			X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, reinterpret_cast<unsigned char *>(const_cast<char *>("Murmur Autogenerated Certificate v2")), -1, -1, 0);			X509_set_issuer_name(x509, name);			add_ext(x509, NID_basic_constraints, SSL_STRING("critical,CA:FALSE"));			add_ext(x509, NID_ext_key_usage, SSL_STRING("serverAuth,clientAuth"));			add_ext(x509, NID_subject_key_identifier, SSL_STRING("hash"));			add_ext(x509, NID_netscape_comment, SSL_STRING("Generated from murmur"));			X509_sign(x509, pkey, EVP_sha1());			crt.resize(i2d_X509(x509, NULL));			unsigned char *dptr=reinterpret_cast<unsigned char *>(crt.data());			i2d_X509(x509, &dptr);			qscCert = QSslCertificate(crt, QSsl::Der);			if (qscCert.isNull())				log("Certificate generation failed");			key.resize(i2d_PrivateKey(pkey, NULL));			dptr=reinterpret_cast<unsigned char *>(key.data());			i2d_PrivateKey(pkey, &dptr);			qskKey = QSslKey(key, QSsl::Rsa, QSsl::Der);			if (qskKey.isNull())				log("Key generation failed");			setConf("certificate", qscCert.toPem());			setConf("key", qskKey.toPem());		}	}#if defined(USE_QSSLDIFFIEHELLMANPARAMETERS)	if (qsdhpDHParams.isEmpty()) {		log("Generating new server 2048-bit Diffie-Hellman parameters. This could take a while...");		DH *dh = DH_new();		if (dh == NULL) {			qFatal("DH_new failed: unable to generate Diffie-Hellman parameters for virtual server");		}		// Generate DH params.		// We register a status callback in order to update the UI		// for Murmur on Windows. We don't show the actual status,		// but we do it to keep Murmur on Windows responsive while		// generating the parameters.		BN_GENCB cb;		memset(&cb, 0, sizeof(BN_GENCB));		BN_GENCB_set(&cb, dh_progress, NULL);		if (DH_generate_parameters_ex(dh, 2048, 2, &cb) == 0) {			qFatal("DH_generate_parameters_ex failed: unable to generate Diffie-Hellman parameters for virtual server");		}		BIO *mem = BIO_new(BIO_s_mem());		if (PEM_write_bio_DHparams(mem, dh) == 0) {			qFatal("PEM_write_bio_DHparams failed: unable to write generated Diffie-Hellman parameters to memory");		}		char *pem = NULL;		long len = BIO_get_mem_data(mem, &pem);		if (len <= 0) {			qFatal("BIO_get_mem_data returned an empty or invalid buffer");		}		QByteArray pemdh(pem, len);		QSslDiffieHellmanParameters qdhp(pemdh);		if (!qdhp.isValid()) {			qFatal("QSslDiffieHellmanParameters: unable to import generated Diffie-HellmanParameters: %s", qdhp.errorString().toStdString().c_str());		}		qsdhpDHParams = qdhp;		setConf("sslDHParams", pemdh);		BIO_free(mem);		DH_free(dh);	}#endif}

//.........这里部分代码省略.........    argv = opt_rest();    if (argv[0] != NULL && (!opt_int(argv[0], &num) || num <= 0))        goto end;    if (g && !num)        num = DEFBITS;# ifndef OPENSSL_NO_DSA    if (dsaparam && g) {        BIO_printf(bio_err,                   "generator may not be chosen for DSA parameters/n");        goto end;    }# endif    out = bio_open_default(outfile, 'w', outformat);    if (out == NULL)        goto end;    /* DH parameters */    if (num && !g)        g = 2;    if (num) {        BN_GENCB *cb;        cb = BN_GENCB_new();        if (cb == NULL) {            ERR_print_errors(bio_err);            goto end;        }        BN_GENCB_set(cb, dh_cb, bio_err);# ifndef OPENSSL_NO_DSA        if (dsaparam) {            DSA *dsa = DSA_new();            BIO_printf(bio_err,                       "Generating DSA parameters, %d bit long prime/n", num);            if (dsa == NULL                || !DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL,                                               cb)) {                DSA_free(dsa);                BN_GENCB_free(cb);                ERR_print_errors(bio_err);                goto end;            }            dh = DSA_dup_DH(dsa);            DSA_free(dsa);            if (dh == NULL) {                BN_GENCB_free(cb);                ERR_print_errors(bio_err);                goto end;            }        } else# endif        {            dh = DH_new();            BIO_printf(bio_err,                       "Generating DH parameters, %d bit long safe prime, generator %d/n",                       num, g);            BIO_printf(bio_err, "This is going to take a long time/n");            if (dh == NULL || !DH_generate_parameters_ex(dh, num, g, cb)) {

int main(int argc, char *argv[])	{	BN_GENCB _cb;	DH *a;	DH *b=NULL;	char buf[12];	unsigned char *abuf=NULL,*bbuf=NULL;	int i,alen,blen,aout,bout,ret=1;	BIO *out;	CRYPTO_malloc_debug_init();	CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);#ifdef OPENSSL_SYS_WIN32	CRYPTO_malloc_init();#endif	RAND_seed(rnd_seed, sizeof rnd_seed);	out=BIO_new(BIO_s_file());	if (out == NULL) EXIT(1);	BIO_set_fp(out,stdout,BIO_NOCLOSE);	BN_GENCB_set(&_cb, &cb, out);	if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,				DH_GENERATOR_5, &_cb))		goto err;	if (!DH_check(a, &i)) goto err;	if (i & DH_CHECK_P_NOT_PRIME)		BIO_puts(out, "p value is not prime/n");	if (i & DH_CHECK_P_NOT_SAFE_PRIME)		BIO_puts(out, "p value is not a safe prime/n");	if (i & DH_UNABLE_TO_CHECK_GENERATOR)		BIO_puts(out, "unable to check the generator value/n");	if (i & DH_NOT_SUITABLE_GENERATOR)		BIO_puts(out, "the g value is not a generator/n");	BIO_puts(out,"/np    =");	BN_print(out,a->p);	BIO_puts(out,"/ng    =");	BN_print(out,a->g);	BIO_puts(out,"/n");	b=DH_new();	if (b == NULL) goto err;	b->p=BN_dup(a->p);	b->g=BN_dup(a->g);	if ((b->p == NULL) || (b->g == NULL)) goto err;	/* Set a to run with normal modexp and b to use constant time */	a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;	b->flags |= DH_FLAG_NO_EXP_CONSTTIME;	if (!DH_generate_key(a)) goto err;	BIO_puts(out,"pri 1=");	BN_print(out,a->priv_key);	BIO_puts(out,"/npub 1=");	BN_print(out,a->pub_key);	BIO_puts(out,"/n");	if (!DH_generate_key(b)) goto err;	BIO_puts(out,"pri 2=");	BN_print(out,b->priv_key);	BIO_puts(out,"/npub 2=");	BN_print(out,b->pub_key);	BIO_puts(out,"/n");	alen=DH_size(a);	abuf=(unsigned char *)OPENSSL_malloc(alen);	aout=DH_compute_key(abuf,b->pub_key,a);	BIO_puts(out,"key1 =");	for (i=0; i<aout; i++)		{		snprintf(buf, sizeof(buf), "%02X",abuf[i]);		BIO_puts(out,buf);		}	BIO_puts(out,"/n");	blen=DH_size(b);	bbuf=(unsigned char *)OPENSSL_malloc(blen);	bout=DH_compute_key(bbuf,a->pub_key,b);	BIO_puts(out,"key2 =");	for (i=0; i<bout; i++)		{		snprintf(buf, sizeof(buf), "%02X",bbuf[i]);		BIO_puts(out,buf);		}	BIO_puts(out,"/n");	if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))		{		fprintf(stderr,"Error in DH routines/n");		ret=1;		}	else		ret=0;//.........这里部分代码省略.........

intgendh_main(int argc, char **argv){	BN_GENCB cb;	DH *dh = NULL;	int ret = 1, num = DEFBITS;	int g = 2;	char *outfile = NULL;#ifndef OPENSSL_NO_ENGINE	char *engine = NULL;#endif	BIO *out = NULL;	BN_GENCB_set(&cb, dh_cb, bio_err);	argv++;	argc--;	for (;;) {		if (argc <= 0)			break;		if (strcmp(*argv, "-out") == 0) {			if (--argc < 1)				goto bad;			outfile = *(++argv);		} else if (strcmp(*argv, "-2") == 0)			g = 2;		/*		 * else if (strcmp(*argv,"-3") == 0) g=3;		 */		else if (strcmp(*argv, "-5") == 0)			g = 5;#ifndef OPENSSL_NO_ENGINE		else if (strcmp(*argv, "-engine") == 0) {			if (--argc < 1)				goto bad;			engine = *(++argv);		}#endif		else			break;		argv++;		argc--;	}	if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {bad:		BIO_printf(bio_err, "usage: gendh [args] [numbits]/n");		BIO_printf(bio_err, " -out file - output the key to 'file/n");		BIO_printf(bio_err, " -2        - use 2 as the generator value/n");		/*		 * BIO_printf(bio_err," -3        - use 3 as the generator		 * value/n");		 */		BIO_printf(bio_err, " -5        - use 5 as the generator value/n");#ifndef OPENSSL_NO_ENGINE		BIO_printf(bio_err, " -engine e - use engine e, possibly a hardware device./n");#endif		goto end;	}#ifndef OPENSSL_NO_ENGINE	setup_engine(bio_err, engine, 0);#endif	out = BIO_new(BIO_s_file());	if (out == NULL) {		ERR_print_errors(bio_err);		goto end;	}	if (outfile == NULL) {		BIO_set_fp(out, stdout, BIO_NOCLOSE);	} else {		if (BIO_write_filename(out, outfile) <= 0) {			perror(outfile);			goto end;		}	}	BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime, generator %d/n", num, g);	BIO_printf(bio_err, "This is going to take a long time/n");	if (((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb))		goto end;	if (!PEM_write_bio_DHparams(out, dh))		goto end;	ret = 0;end:	if (ret != 0)		ERR_print_errors(bio_err);	if (out != NULL)		BIO_free_all(out);	if (dh != NULL)		DH_free(dh);	return (ret);}

int main(int argc, char *argv[]){    BN_GENCB *_cb = NULL;    DH *a = NULL;    DH *b = NULL;    BIGNUM *ap = NULL, *ag = NULL, *bp = NULL, *bg = NULL, *apub_key = NULL;    BIGNUM *bpub_key = NULL, *priv_key = NULL;    char buf[12] = {0};    unsigned char *abuf = NULL;    unsigned char *bbuf = NULL;    int i, alen, blen, aout, bout;    int ret = 1;    BIO *out = NULL;    CRYPTO_set_mem_debug(1);    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);    RAND_seed(rnd_seed, sizeof rnd_seed);    out = BIO_new(BIO_s_file());    if (out == NULL)        EXIT(1);    BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);    _cb = BN_GENCB_new();    if (_cb == NULL)        goto err;    BN_GENCB_set(_cb, &cb, out);    if (((a = DH_new()) == NULL)        || (!DH_generate_parameters_ex(a, 64, DH_GENERATOR_5, _cb)))        goto err;    if (!DH_check(a, &i))        goto err;    if (i & DH_CHECK_P_NOT_PRIME)        BIO_puts(out, "p value is not prime/n");    if (i & DH_CHECK_P_NOT_SAFE_PRIME)        BIO_puts(out, "p value is not a safe prime/n");    if (i & DH_UNABLE_TO_CHECK_GENERATOR)        BIO_puts(out, "unable to check the generator value/n");    if (i & DH_NOT_SUITABLE_GENERATOR)        BIO_puts(out, "the g value is not a generator/n");    DH_get0_pqg(a, &ap, NULL, &ag);    BIO_puts(out, "/np    =");    BN_print(out, ap);    BIO_puts(out, "/ng    =");    BN_print(out, ag);    BIO_puts(out, "/n");    b = DH_new();    if (b == NULL)        goto err;    bp = BN_dup(ap);    bg = BN_dup(ag);    if ((bp == NULL) || (bg == NULL) || !DH_set0_pqg(b, bp, NULL, bg))        goto err;    bp = bg = NULL;    if (!DH_generate_key(a))        goto err;    DH_get0_key(a, &apub_key, &priv_key);    BIO_puts(out, "pri 1=");    BN_print(out, priv_key);    BIO_puts(out, "/npub 1=");    BN_print(out, apub_key);    BIO_puts(out, "/n");    if (!DH_generate_key(b))        goto err;    DH_get0_key(b, &bpub_key, &priv_key);    BIO_puts(out, "pri 2=");    BN_print(out, priv_key);    BIO_puts(out, "/npub 2=");    BN_print(out, bpub_key);    BIO_puts(out, "/n");    alen = DH_size(a);    abuf = OPENSSL_malloc(alen);    if (abuf == NULL)        goto err;    aout = DH_compute_key(abuf, bpub_key, a);    BIO_puts(out, "key1 =");    for (i = 0; i < aout; i++) {        sprintf(buf, "%02X", abuf[i]);        BIO_puts(out, buf);    }    BIO_puts(out, "/n");    blen = DH_size(b);    bbuf = OPENSSL_malloc(blen);    if (bbuf == NULL)        goto err;    bout = DH_compute_key(bbuf, apub_key, b);    BIO_puts(out, "key2 =");//.........这里部分代码省略.........

int ssl_test_dsa(int argc, char **argv)	{	BN_GENCB cb;	DSA *dsa=NULL;	int counter,ret=0,i,j;	unsigned char buf[256];	unsigned long h;	unsigned char sig[256];	unsigned int siglen;#ifndef OPENSSL_SYS_WINDOWS		bio_err = BIO_new(BIO_s_mem());		if (bio_err == NULL) return(1);	#else		if (bio_err == NULL)			bio_err=BIO_new_fp(OPENSSL_TYPE__FILE_STDERR,BIO_NOCLOSE);#endif	CRYPTO_malloc_debug_init();	CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);	ERR_load_crypto_strings();	RAND_seed(rnd_seed, sizeof rnd_seed);	TINYCLR_SSL_PRINTF("test generation of DSA parameters/n");	BN_GENCB_set(&cb, dsa_cb, bio_err);	if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,				seed, 20, &counter, &h, &cb))		goto end;	TINYCLR_SSL_PRINTF("seed/n");	for (i=0; i<20; i+=4)		{		TINYCLR_SSL_PRINTF("%02X%02X%02X%02X ",			seed[i],seed[i+1],seed[i+2],seed[i+3]);		}	TINYCLR_SSL_PRINTF("/ncounter=%d h=%ld/n",counter,h);			DSA_print(bio_err,dsa,0);	if (counter != 105) 		{		TINYCLR_SSL_PRINTF("counter should be 105/n");		goto end;		}	if (h != 2)		{		TINYCLR_SSL_PRINTF("h should be 2/n");		goto end;		}	i=BN_bn2bin(dsa->q,buf);	j=sizeof(out_q);	if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_q,i) != 0))		{		TINYCLR_SSL_PRINTF("q value is wrong/n");		goto end;		}	i=BN_bn2bin(dsa->p,buf);	j=sizeof(out_p);	if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_p,i) != 0))		{		TINYCLR_SSL_PRINTF("p value is wrong/n");		goto end;		}	i=BN_bn2bin(dsa->g,buf);	j=sizeof(out_g);	if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_g,i) != 0))		{		TINYCLR_SSL_PRINTF("g value is wrong/n");		goto end;		}	dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;	DSA_generate_key(dsa);	DSA_sign(0, str1, 20, sig, &siglen, dsa);	if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)		ret=1;	dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;	DSA_generate_key(dsa);	DSA_sign(0, str1, 20, sig, &siglen, dsa);	if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)		ret=1;end:	if (!ret)		ERR_print_errors(bio_err);	if (dsa != NULL) DSA_free(dsa);	CRYPTO_cleanup_all_ex_data();	ERR_remove_thread_state(NULL);	ERR_free_strings();	CRYPTO_mem_leaks(bio_err);	if (bio_err != NULL)		{		BIO_free(bio_err);//.........这里部分代码省略.........

int MAIN(int argc, char **argv)	{	BN_GENCB cb;	DH *dh=NULL;	int ret=1,num=DEFBITS;	int g=2;	char *outfile=NULL;	char *inrand=NULL;#ifndef OPENSSL_NO_ENGINE	char *engine=NULL;#endif	BIO *out=NULL;	apps_startup();	BN_GENCB_set(&cb, dh_cb, bio_err);	if (bio_err == NULL)		if ((bio_err=BIO_new(BIO_s_file())) != NULL)			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);	if (!load_config(bio_err, NULL))		goto end;	argv++;	argc--;	for (;;)		{		if (argc <= 0) break;		if (strcmp(*argv,"-out") == 0)			{			if (--argc < 1) goto bad;			outfile= *(++argv);			}		else if (strcmp(*argv,"-2") == 0)			g=2;	/*	else if (strcmp(*argv,"-3") == 0)			g=3; */		else if (strcmp(*argv,"-5") == 0)			g=5;#ifndef OPENSSL_NO_ENGINE		else if (strcmp(*argv,"-engine") == 0)			{			if (--argc < 1) goto bad;			engine= *(++argv);			}#endif		else if (strcmp(*argv,"-rand") == 0)			{			if (--argc < 1) goto bad;			inrand= *(++argv);			}		else			break;		argv++;		argc--;		}	if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))		{bad:		BIO_printf(bio_err,"usage: gendh [args] [numbits]/n");		BIO_printf(bio_err," -out file - output the key to 'file/n");		BIO_printf(bio_err," -2        - use 2 as the generator value/n");	/*	BIO_printf(bio_err," -3        - use 3 as the generator value/n"); */		BIO_printf(bio_err," -5        - use 5 as the generator value/n");#ifndef OPENSSL_NO_ENGINE		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device./n");#endif		BIO_printf(bio_err," -rand file%cfile%c.../n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);		BIO_printf(bio_err,"           - load the file (or the files in the directory) into/n");		BIO_printf(bio_err,"             the random number generator/n");		goto end;		}		#ifndef OPENSSL_NO_ENGINE        setup_engine(bio_err, engine, 0);#endif	out=BIO_new(BIO_s_file());	if (out == NULL)		{		ERR_print_errors(bio_err);		goto end;		}	if (outfile == NULL)		{		BIO_set_fp(out,stdout,BIO_NOCLOSE);#ifdef OPENSSL_SYS_VMS		{		BIO *tmpbio = BIO_new(BIO_f_linebuffer());		out = BIO_push(tmpbio, out);		}#endif		}	else		{		if (BIO_write_filename(out,outfile) <= 0)			{			perror(outfile);			goto end;//.........这里部分代码省略.........

//.........这里部分代码省略.........		{		BIO_set_fp(out,stdout,BIO_NOCLOSE);#ifdef OPENSSL_SYS_VMS		{		BIO *tmpbio = BIO_new(BIO_f_linebuffer());		out = BIO_push(tmpbio, out);		}#endif		}	else		{		if (BIO_write_filename(out,outfile) <= 0)			{			perror(outfile);			goto end;			}		}#ifndef OPENSSL_NO_ENGINE        e = setup_engine(bio_err, engine, 0);#endif	if (need_rand)		{		app_RAND_load_file(NULL, bio_err, (inrand != NULL));		if (inrand != NULL)			BIO_printf(bio_err,"%ld semi-random bytes loaded/n",				app_RAND_load_files(inrand));		}	if (numbits > 0)		{		BN_GENCB cb;		BN_GENCB_set(&cb, dsa_cb, bio_err);		assert(need_rand);		dsa = DSA_new();		if(!dsa)			{			BIO_printf(bio_err,"Error allocating DSA object/n");			goto end;			}		BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime/n",num);	        BIO_printf(bio_err,"This could take some time/n");#ifdef GENCB_TEST		if(timebomb > 0)	{		struct sigaction act;		act.sa_handler = timebomb_sigalarm;		act.sa_flags = 0;		BIO_printf(bio_err,"(though I'll stop it if not done within %d secs)/n",				timebomb);		if(sigaction(SIGALRM, &act, NULL) != 0)			{			BIO_printf(bio_err,"Error, couldn't set SIGALRM handler/n");			goto end;			}		alarm(timebomb);	}#endif	        if(!DSA_generate_parameters_ex(dsa,num,NULL,0,NULL,NULL, &cb))			{#ifdef GENCB_TEST			if(stop_keygen_flag)				{				BIO_printf(bio_err,"DSA key generation time-stopped/n");				/* This is an asked-for behaviour! */

/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB * style callbacks. */static int trans_cb(int a, int b, BN_GENCB *gcb)	{	EVP_PKEY_CTX *ctx = gcb->arg;	ctx->keygen_info[0] = a;	ctx->keygen_info[1] = b;	return ctx->pkey_gencb(ctx);	}	void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)	{	BN_GENCB_set(cb, trans_cb, ctx)	}int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)	{	if (idx == -1)		return ctx->keygen_info_count; 	if (idx < 0 || idx > ctx->keygen_info_count)		return 0;	return ctx->keygen_info[idx];	}EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,				unsigned char *key, int keylen)	{	EVP_PKEY_CTX *mac_ctx = NULL;

static isc_result_topensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) {#if OPENSSL_VERSION_NUMBER > 0x00908000L	isc_result_t ret = DST_R_OPENSSLFAILURE;	BN_GENCB cb;	union {		void *dptr;		void (*fptr)(int);	} u;	RSA *rsa = RSA_new();	BIGNUM *e = BN_new();#if USE_EVP	EVP_PKEY *pkey = EVP_PKEY_new();#endif	if (rsa == NULL || e == NULL)		goto err;#if USE_EVP	if (pkey == NULL)		goto err;	if (!EVP_PKEY_set1_RSA(pkey, rsa))		goto err;#endif	if (exp == 0) {		/* RSA_F4 0x10001 */		BN_set_bit(e, 0);		BN_set_bit(e, 16);	} else {		/* F5 0x100000001 */		BN_set_bit(e, 0);		BN_set_bit(e, 32);	}	if (callback == NULL) {		BN_GENCB_set_old(&cb, NULL, NULL);	} else {		u.fptr = callback;		BN_GENCB_set(&cb, &progress_cb, u.dptr);	}	if (RSA_generate_key_ex(rsa, key->key_size, e, &cb)) {		BN_free(e);		SET_FLAGS(rsa);#if USE_EVP		key->keydata.pkey = pkey;		RSA_free(rsa);#else		key->keydata.rsa = rsa;#endif		return (ISC_R_SUCCESS);	}	ret = dst__openssl_toresult2("RSA_generate_key_ex",				     DST_R_OPENSSLFAILURE);err:#if USE_EVP	if (pkey != NULL)		EVP_PKEY_free(pkey);#endif	if (e != NULL)		BN_free(e);	if (rsa != NULL)		RSA_free(rsa);	return (dst__openssl_toresult(ret));#else	RSA *rsa;	unsigned long e;#if USE_EVP	EVP_PKEY *pkey = EVP_PKEY_new();	UNUSED(callback);	if (pkey == NULL)		return (ISC_R_NOMEMORY);#else	UNUSED(callback);#endif	if (exp == 0)	       e = RSA_F4;	else	       e = 0x40000003;	rsa = RSA_generate_key(key->key_size, e, NULL, NULL);	if (rsa == NULL) {#if USE_EVP		EVP_PKEY_free(pkey);#endif		return (dst__openssl_toresult2("RSA_generate_key",					       DST_R_OPENSSLFAILURE));	}	SET_FLAGS(rsa);#if USE_EVP	if (!EVP_PKEY_set1_RSA(pkey, rsa)) {		EVP_PKEY_free(pkey);		RSA_free(rsa);		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	}	key->keydata.pkey = pkey;//.........这里部分代码省略.........

/*  Generate a public/private RSA keypair, and ask for a file to store  them in.*/static bool keygen(int bits) {	BIGNUM *e = NULL;	RSA *rsa_key;	FILE *f;	char filename[PATH_MAX];	BN_GENCB *cb;	int result;	fprintf(stderr, "Generating %d bits keys:/n", bits);	cb = BN_GENCB_new();	if(!cb) {		abort();	}	BN_GENCB_set(cb, indicator, NULL);	rsa_key = RSA_new();	if(BN_hex2bn(&e, "10001") == 0) {		abort();	}	if(!rsa_key || !e) {		abort();	}	result = RSA_generate_key_ex(rsa_key, bits, e, cb);	BN_free(e);	BN_GENCB_free(cb);	if(!result) {		fprintf(stderr, "Error during key generation!/n");		RSA_free(rsa_key);		return false;	} else {		fprintf(stderr, "Done./n");	}	snprintf(filename, sizeof(filename), "%s/rsa_key.priv", confbase);	f = ask_and_open(filename, "private RSA key");	if(!f) {		RSA_free(rsa_key);		return false;	}#ifdef HAVE_FCHMOD	/* Make it unreadable for others. */	fchmod(fileno(f), 0600);#endif	fputc('/n', f);	PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL);	fclose(f);	char *name = get_name();	if(name) {		snprintf(filename, sizeof(filename), "%s/hosts/%s", confbase, name);		free(name);	} else {		snprintf(filename, sizeof(filename), "%s/rsa_key.pub", confbase);	}	f = ask_and_open(filename, "public RSA key");	if(!f) {		RSA_free(rsa_key);		return false;	}	fputc('/n', f);	PEM_write_RSAPublicKey(f, rsa_key);	fclose(f);	RSA_free(rsa_key);	return true;}

int MAIN(int argc, char **argv)	{	BN_GENCB cb;#ifndef OPENSSL_NO_ENGINE	ENGINE *e = NULL;#endif	int ret=1;	int i,num=DEFBITS;	long l;	const EVP_CIPHER *enc=NULL;	unsigned long f4=RSA_F4;	char *outfile=NULL;	char *passargout = NULL, *passout = NULL;#ifndef OPENSSL_NO_ENGINE	char *engine=NULL;#endif	char *inrand=NULL;	BIO *out=NULL;	BIGNUM *bn = BN_new();	RSA *rsa = NULL;	if(!bn) goto err;	apps_startup();	BN_GENCB_set(&cb, genrsa_cb, bio_err);	if (bio_err == NULL)		if ((bio_err=BIO_new(BIO_s_file())) != NULL)			BIO_set_fp(bio_err,OPENSSL_TYPE__FILE_STDERR,BIO_NOCLOSE|BIO_FP_TEXT);	if (!load_config(bio_err, NULL))		goto err;	if ((out=BIO_new(BIO_s_file())) == NULL)		{		BIO_printf(bio_err,"unable to create BIO for output/n");		goto err;		}	argv++;	argc--;	for (;;)		{		if (argc <= 0) break;		if (TINYCLR_SSL_STRCMP(*argv,"-out") == 0)			{			if (--argc < 1) goto bad;			outfile= *(++argv);			}		else if (TINYCLR_SSL_STRCMP(*argv,"-3") == 0)			f4=3;		else if (TINYCLR_SSL_STRCMP(*argv,"-F4") == 0 || TINYCLR_SSL_STRCMP(*argv,"-f4") == 0)			f4=RSA_F4;#ifndef OPENSSL_NO_ENGINE		else if (TINYCLR_SSL_STRCMP(*argv,"-engine") == 0)			{			if (--argc < 1) goto bad;			engine= *(++argv);			}#endif		else if (TINYCLR_SSL_STRCMP(*argv,"-rand") == 0)			{			if (--argc < 1) goto bad;			inrand= *(++argv);			}#ifndef OPENSSL_NO_DES		else if (TINYCLR_SSL_STRCMP(*argv,"-des") == 0)			enc=EVP_des_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-des3") == 0)			enc=EVP_des_ede3_cbc();#endif#ifndef OPENSSL_NO_IDEA		else if (TINYCLR_SSL_STRCMP(*argv,"-idea") == 0)			enc=EVP_idea_cbc();#endif#ifndef OPENSSL_NO_SEED		else if (TINYCLR_SSL_STRCMP(*argv,"-seed") == 0)			enc=EVP_seed_cbc();#endif#ifndef OPENSSL_NO_AES		else if (TINYCLR_SSL_STRCMP(*argv,"-aes128") == 0)			enc=EVP_aes_128_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-aes192") == 0)			enc=EVP_aes_192_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-aes256") == 0)			enc=EVP_aes_256_cbc();#endif#ifndef OPENSSL_NO_CAMELLIA		else if (TINYCLR_SSL_STRCMP(*argv,"-camellia128") == 0)			enc=EVP_camellia_128_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-camellia192") == 0)			enc=EVP_camellia_192_cbc();		else if (TINYCLR_SSL_STRCMP(*argv,"-camellia256") == 0)			enc=EVP_camellia_256_cbc();#endif		else if (TINYCLR_SSL_STRCMP(*argv,"-passout") == 0)			{			if (--argc < 1) goto bad;			passargout= *(++argv);			}		else//.........这里部分代码省略.........

static isc_result_topenssldh_generate(dst_key_t *key, int generator, void (*callback)(int)) {	DH *dh = NULL;#if OPENSSL_VERSION_NUMBER > 0x00908000L	BN_GENCB *cb;#if OPENSSL_VERSION_NUMBER < 0x10100000L	BN_GENCB _cb;#endif	union {		void *dptr;		void (*fptr)(int);	} u;#else	UNUSED(callback);#endif	if (generator == 0) {		if (key->key_size == 768 ||		    key->key_size == 1024 ||		    key->key_size == 1536)		{			dh = DH_new();			if (dh == NULL)				return (dst__openssl_toresult(ISC_R_NOMEMORY));			if (key->key_size == 768)				dh->p = bn768;			else if (key->key_size == 1024)				dh->p = bn1024;			else				dh->p = bn1536;			dh->g = bn2;		} else			generator = 2;	}	if (generator != 0) {#if OPENSSL_VERSION_NUMBER > 0x00908000L		dh = DH_new();		if (dh == NULL)			return (dst__openssl_toresult(ISC_R_NOMEMORY));		cb = BN_GENCB_new();#if OPENSSL_VERSION_NUMBER >= 0x10100000L		if (cb == NULL) {			DH_free(dh);			return (dst__openssl_toresult(ISC_R_NOMEMORY));		}#endif		if (callback == NULL) {			BN_GENCB_set_old(cb, NULL, NULL);		} else {			u.fptr = callback;			BN_GENCB_set(cb, &progress_cb, u.dptr);		}		if (!DH_generate_parameters_ex(dh, key->key_size, generator,					       cb)) {			DH_free(dh);			BN_GENCB_free(cb);			return (dst__openssl_toresult2(					"DH_generate_parameters_ex",					DST_R_OPENSSLFAILURE));		}		BN_GENCB_free(cb);#else		dh = DH_generate_parameters(key->key_size, generator,					    NULL, NULL);		if (dh == NULL)			return (dst__openssl_toresult2(					"DH_generate_parameters",					DST_R_OPENSSLFAILURE));#endif	}	if (DH_generate_key(dh) == 0) {		DH_free(dh);		return (dst__openssl_toresult2("DH_generate_key",					       DST_R_OPENSSLFAILURE));	}	dh->flags &= ~DH_FLAG_CACHE_MONT_P;	key->keydata.dh = dh;	return (ISC_R_SUCCESS);}