自学教程：C++ DH_check函数代码示例

   bool diffie_hellman::generate_pub_key()   {        if( !p.size() )             return valid = false;        DH* dh = DH_new();         dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL );        dh->g = BN_bin2bn( (unsigned char*)&g, 1, NULL );        int check;        DH_check(dh,&check);        if( check & DH_CHECK_P_NOT_SAFE_PRIME )        {            DH_free(dh);            return valid = false;        }        DH_generate_key(dh);        pub_key.resize( BN_num_bytes( dh->pub_key ) );        priv_key.resize( BN_num_bytes( dh->priv_key ) );        if( pub_key.size() )            BN_bn2bin( dh->pub_key, (unsigned char*)&pub_key.front()  );        if( priv_key.size() )            BN_bn2bin( dh->priv_key, (unsigned char*)&priv_key.front()  );        DH_free(dh);        return valid = true;   }

   bool diffie_hellman::compute_shared_key( const char* buf, uint32_t s ) {        ssl_dh dh = DH_new();#if OPENSSL_VERSION_NUMBER >= 0x10100000L        auto bn_p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL );        auto bn_pub_key = BN_bin2bn( (unsigned char*)&pub_key.front(), pub_key.size(), NULL );        auto bn_priv_key = BN_bin2bn( (unsigned char*)&priv_key.front(), priv_key.size(), NULL );        auto bn_g = BN_bin2bn( (unsigned char*)&g, 1, NULL );        DH_set0_pqg(dh.obj, bn_p, NULL, bn_g);        DH_set0_key(dh.obj, bn_pub_key, bn_priv_key);#else        dh->p = BN_bin2bn( (unsigned char*)&p.front(), p.size(), NULL );        dh->pub_key = BN_bin2bn( (unsigned char*)&pub_key.front(), pub_key.size(), NULL );        dh->priv_key = BN_bin2bn( (unsigned char*)&priv_key.front(), priv_key.size(), NULL );        dh->g = BN_bin2bn( (unsigned char*)&g, 1, NULL );#endif        int check;        DH_check(dh,&check);        if( !fc::validate( dh, valid ) )        {            return false;        }        ssl_bignum pk;        BN_bin2bn( (unsigned char*)buf, s, pk );        shared_key.resize( DH_size(dh) );         DH_compute_key( (unsigned char*)&shared_key.front(), pk, dh );        return true;   }

DH * dif_hel_setup(){    DH * new_dh = DH_new();    if ( !new_dh )    {	printf("%s /n","Error:Creating new dh");	error();    }    if ( !DH_generate_parameters_ex(new_dh,2,DH_GENERATOR_2,0))    {	printf("%s /n","Error:Generating paramters");	error();    }    int dh_code = 0;    if( !DH_check(new_dh,&dh_code))    {	printf("%s /n", "Error:Dh_check failed");	error();    }    if(!DH_generate_key(new_dh))    {	printf("%s /n", "Error:Generating key failed");	error();    }    return new_dh;}

void openssl_dh_crypt(){	BIO *b;	DH *d1, *d2;	int i, len1, len2;	unsigned char skey1[COMM_LEN], skey2[COMM_LEN];	d1 = DH_new();	d2 = DH_new();	DH_generate_parameters_ex(d1, 64, DH_GENERATOR_2, NULL);	DH_check(d1, &i);	printf("/nDH key size: %d/n", DH_size(d1));	DH_generate_key(d1);	d2->p = BN_dup(d1->p);	d2->g = BN_dup(d1->g);	DH_generate_key(d2);	DH_check_pub_key(d1, d1->pub_key, &i);	len1 = DH_compute_key(skey1, d2->pub_key, d1);	len2 = DH_compute_key(skey2, d1->pub_key, d2);	if ((len1 != len2) || (memcmp(skey1, skey2, len1) != 0)) {		printf("DH_compute_key err!/n");		DH_free(d1);		DH_free(d2);		return;	}	b = BIO_new(BIO_s_file());	BIO_set_fp(b, stdout, BIO_NOCLOSE);	DHparams_print(b, d1);	BIO_free(b);	DH_free(d1);	DH_free(d2);}

/* *	Load precomputed DH parameters. * *	To prevent "downgrade" attacks, we perform a number of checks *	to verify that the DBA-generated DH parameters file contains *	what we expect it to contain. */static DH  *load_dh_file(char *filename, bool isServerStart){	FILE	   *fp;	DH		   *dh = NULL;	int			codes;	/* attempt to open file.  It's not an error if it doesn't exist. */	if ((fp = AllocateFile(filename, "r")) == NULL)	{		ereport(isServerStart ? FATAL : LOG,				(errcode_for_file_access(),				 errmsg("could not open DH parameters file /"%s/": %m",						filename)));		return NULL;	}	dh = PEM_read_DHparams(fp, NULL, NULL, NULL);	FreeFile(fp);	if (dh == NULL)	{		ereport(isServerStart ? FATAL : LOG,				(errcode(ERRCODE_CONFIG_FILE_ERROR),				 errmsg("could not load DH parameters file: %s",						SSLerrmessage(ERR_get_error()))));		return NULL;	}	/* make sure the DH parameters are usable */	if (DH_check(dh, &codes) == 0)	{		ereport(isServerStart ? FATAL : LOG,				(errcode(ERRCODE_CONFIG_FILE_ERROR),				 errmsg("invalid DH parameters: %s",						SSLerrmessage(ERR_get_error()))));		return NULL;	}	if (codes & DH_CHECK_P_NOT_PRIME)	{		ereport(isServerStart ? FATAL : LOG,				(errcode(ERRCODE_CONFIG_FILE_ERROR),				 errmsg("invalid DH parameters: p is not prime")));		return NULL;	}	if ((codes & DH_NOT_SUITABLE_GENERATOR) &&		(codes & DH_CHECK_P_NOT_SAFE_PRIME))	{		ereport(isServerStart ? FATAL : LOG,				(errcode(ERRCODE_CONFIG_FILE_ERROR),				 errmsg("invalid DH parameters: neither suitable generator or safe prime")));		return NULL;	}	return dh;}

/* *	Load precomputed DH parameters. * *	To prevent "downgrade" attacks, we perform a number of checks *	to verify that the DBA-generated DH parameters file contains *	what we expect it to contain. */static DH  *load_dh_file(int keylength){	FILE	   *fp;	char		fnbuf[MAXPGPATH];	DH		   *dh = NULL;	int			codes;	/* attempt to open file.  It's not an error if it doesn't exist. */	snprintf(fnbuf, sizeof(fnbuf), "dh%d.pem", keylength);	if ((fp = fopen(fnbuf, "r")) == NULL)		return NULL;/*	flock(fileno(fp), LOCK_SH); */	dh = PEM_read_DHparams(fp, NULL, NULL, NULL);/*	flock(fileno(fp), LOCK_UN); */	fclose(fp);	/* is the prime the correct size? */	if (dh != NULL && 8 * DH_size(dh) < keylength)	{		elog(LOG, "DH errors (%s): %d bits expected, %d bits found",			 fnbuf, keylength, 8 * DH_size(dh));		dh = NULL;	}	/* make sure the DH parameters are usable */	if (dh != NULL)	{		if (DH_check(dh, &codes) == 0)		{			elog(LOG, "DH_check error (%s): %s", fnbuf,				 SSLerrmessage(ERR_get_error()));			return NULL;		}		if (codes & DH_CHECK_P_NOT_PRIME)		{			elog(LOG, "DH error (%s): p is not prime", fnbuf);			return NULL;		}		if ((codes & DH_NOT_SUITABLE_GENERATOR) &&			(codes & DH_CHECK_P_NOT_SAFE_PRIME))		{			elog(LOG,				 "DH error (%s): neither suitable generator or safe prime",				 fnbuf);			return NULL;		}	}	return dh;}

/* *  call-seq: *     dh.params_ok? -> true | false * * Validates the Diffie-Hellman parameters associated with this instance. * It checks whether a safe prime and a suitable generator are used. If this * is not the case, +false+ is returned. */static VALUEossl_dh_check_params(VALUE self){    DH *dh;    int codes;    GetDH(self, dh);    if (!DH_check(dh, &codes)) {	return Qfalse;    }    return codes == 0 ? Qtrue : Qfalse;}

int s2n_dh_params_check(struct s2n_dh_params *params){    int codes = 0;    if (DH_check(params->dh, &codes) == 0) {        S2N_ERROR(S2N_ERR_DH_PARAMETER_CHECK);    }    if (codes != 0) {        S2N_ERROR(S2N_ERR_DH_PARAMETER_CHECK);    }    return 0;}

   bool diffie_hellman::generate_params( int s, uint8_t g )   {        DH* dh = DH_generate_parameters( s, g, NULL, NULL );        p.resize( BN_num_bytes( dh->p ) );        if( p.size() )            BN_bn2bin( dh->p, (unsigned char*)&p.front()  );        this->g = g;        int check;        DH_check(dh,&check);        DH_free(dh);        if( check & DH_CHECK_P_NOT_SAFE_PRIME )            return valid = false;        return valid = true;   }

/* *  call-seq: *     dh.params_ok? -> true | false * * Validates the Diffie-Hellman parameters associated with this instance. * It checks whether a safe prime and a suitable generator are used. If this * is not the case, +false+ is returned. */static VALUEossl_dh_check_params(VALUE self){    DH *dh;    EVP_PKEY *pkey;    int codes;    GetPKeyDH(self, pkey);    dh = pkey->pkey.dh;    if (!DH_check(dh, &codes)) {	return Qfalse;    }    return codes == 0 ? Qtrue : Qfalse;}

DH *tr_create_matching_dh (unsigned char *priv_key,			   size_t keylen,			   DH *in_dh) {  DH *dh = NULL;  int dh_err = 0;  if (!in_dh)    return NULL;  if (NULL == (dh = DH_new())) {    tr_crit("tr_create_matching_dh: unable to allocate new DH structure.");    return NULL;  }  if ((NULL == (dh->g = BN_dup(in_dh->g))) ||      (NULL == (dh->p = BN_dup(in_dh->p)))) {    DH_free(dh);    tr_debug("tr_create_matching_dh: Invalid dh parameter values, can't be duped.");    return NULL;  }  /* TBD -- share code with previous function */  if ((priv_key) && (keylen > 0))    dh->priv_key = BN_bin2bn(priv_key, keylen, NULL);  DH_generate_key(dh);		/* generates the public key */  DH_check(dh, &dh_err);  if (0 != dh_err) {    tr_warning("Warning: dh_check failed with %d", dh_err);    if (dh_err & DH_CHECK_P_NOT_PRIME)      tr_warning(": p value is not prime");    else if (dh_err & DH_CHECK_P_NOT_SAFE_PRIME)      tr_warning(": p value is not a safe prime");    else if (dh_err & DH_UNABLE_TO_CHECK_GENERATOR)      tr_warning(": unable to check the generator value");    else if (dh_err & DH_NOT_SUITABLE_GENERATOR)      tr_warning(": the g value is not a generator");    else      tr_warning("unhandled error %i", dh_err);  }  return(dh);}

DH *tr_create_dh_params(unsigned char *priv_key,			size_t keylen) {  DH *dh = NULL;  int dh_err = 0;  if (NULL == (dh = DH_new()))    return NULL;  if ((NULL == (dh->g = BN_new())) ||      (NULL == (dh->p = BN_new())) ||      (NULL == (dh->q = BN_new()))) {    DH_free(dh);    return NULL;  }  BN_set_word(dh->g, 2);  dh->p = BN_bin2bn(tr_2048_dhprime, sizeof(tr_2048_dhprime), NULL);  BN_rshift1(dh->q, dh->p);  if ((priv_key) && (keylen > 0))    dh->priv_key = BN_bin2bn(priv_key, keylen, NULL);  DH_generate_key(dh);		/* generates the public key */  DH_check(dh, &dh_err);  if (0 != dh_err) {    tr_warning("Warning: dh_check failed with %d", dh_err);    if (dh_err & DH_CHECK_P_NOT_PRIME)      tr_warning(": p value is not prime");    else if (dh_err & DH_CHECK_P_NOT_SAFE_PRIME)      tr_warning(": p value is not a safe prime");    else if (dh_err & DH_UNABLE_TO_CHECK_GENERATOR)      tr_warning(": unable to check the generator value");    else if (dh_err & DH_NOT_SUITABLE_GENERATOR)      tr_warning(": the g value is not a generator");    else      tr_warning("unhandled error %i", dh_err);  }  return(dh);}

/* *	Load precomputed DH parameters. * *	To prevent "downgrade" attacks, we perform a number of checks *	to verify that the DBA-generated DH parameters file contains *	what we expect it to contain. */static DH  *load_dh_file(int keylength){	char		homedir[MAXPGPATH];	char		fnbuf[MAXPGPATH];	FILE	   *fp;	DH		   *dh;	int			codes;	if (!pqGetHomeDirectory(homedir, sizeof(homedir)))		return NULL;	/* attempt to open file.  It's not an error if it doesn't exist. */	snprintf(fnbuf, sizeof(fnbuf), DHFILEPATTERN, homedir, keylength);	if ((fp = fopen(fnbuf, "r")) == NULL)		return NULL;/*	flock(fileno(fp), LOCK_SH); */	dh = PEM_read_DHparams(fp, NULL, NULL, NULL);/*	flock(fileno(fp), LOCK_UN); */	fclose(fp);	/* is the prime the correct size? */	if (dh != NULL && 8 * DH_size(dh) < keylength)		dh = NULL;	/* make sure the DH parameters are usable */	if (dh != NULL)	{		if (DH_check(dh, &codes))			return NULL;		if (codes & DH_CHECK_P_NOT_PRIME)			return NULL;		if ((codes & DH_NOT_SUITABLE_GENERATOR) &&			(codes & DH_CHECK_P_NOT_SAFE_PRIME))			return NULL;	}	return dh;}

static DH *load_dh_params(const char *filename) {  BIO *bio;  DH *dh = NULL;  if(filename == NULL) return NULL;  bio = BIO_new_file(filename, "r");  if(bio == NULL) return NULL;  mtevL(eventer_deb, "Loading DH parameters from %s./n", filename);  PEM_read_bio_DHparams(bio, &dh, 0, NULL);  BIO_free(bio);  if(dh) {    int code = 0;    if(DH_check(dh, &code) != 1 || code != 0) {      mtevL(eventer_err, "DH Parameter in %s is bad [%x], not using./n",            filename, code);      DH_free(dh);      dh = NULL;    }  }  return dh;}

DH *createPubkey(){	DH *privkey;	int codes;		/* Generate the parameters to be used */	if(NULL == (privkey = DH_new())) handleErrors();	if(1 != DH_generate_parameters_ex(privkey, 512, DH_GENERATOR_2, NULL)) handleErrors();	if(1 != DH_check(privkey, &codes)) handleErrors();	if(codes != 0)	{	/* Problems have been found with the generated parameters */	/* Handle these here - we'll just abort for this example */	printf("DH_check failed/n");	abort();	}	/* Generate the public and private key pair */	if(1 != DH_generate_key(privkey)) handleErrors();	return privkey;	}

//.........这里部分代码省略.........            dh = DSA_dup_DH(dsa);            DSA_free(dsa);            if (dh == NULL) {                ERR_print_errors(bio_err);                goto end;            }        } else# endif        {            if (informat == FORMAT_ASN1)                dh = d2i_DHparams_bio(in, NULL);            else                /* informat == FORMAT_PEM */                dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);            if (dh == NULL) {                BIO_printf(bio_err, "unable to load DH parameters/n");                ERR_print_errors(bio_err);                goto end;            }        }        /* dh != NULL */    }    out = bio_open_default(outfile, 'w', outformat);    if (out == NULL)        goto end;    if (text) {        DHparams_print(out, dh);    }    if (check) {        if (!DH_check(dh, &i)) {            ERR_print_errors(bio_err);            goto end;        }        if (i & DH_CHECK_P_NOT_PRIME)            printf("p value is not prime/n");        if (i & DH_CHECK_P_NOT_SAFE_PRIME)            printf("p value is not a safe prime/n");        if (i & DH_UNABLE_TO_CHECK_GENERATOR)            printf("unable to check the generator value/n");        if (i & DH_NOT_SUITABLE_GENERATOR)            printf("the g value is not a generator/n");        if (i == 0)            printf("DH parameters appear to be ok./n");    }    if (C) {        unsigned char *data;        int len, bits;        len = BN_num_bytes(dh->p);        bits = BN_num_bits(dh->p);        data = app_malloc(len, "print a BN");        BIO_printf(out, "#ifndef HEADER_DH_H/n"                        "# include <openssl/dh.h>/n"                        "#endif/n"                        "/n");        BIO_printf(out, "DH *get_dh%d()/n{/n", bits);        print_bignum_var(out, dh->p, "dhp", bits, data);        print_bignum_var(out, dh->g, "dhg", bits, data);        BIO_printf(out, "    DH *dh = DN_new();/n"                        "/n"                        "    if (dh == NULL)/n"                        "        return NULL;/n");

int main(void){    DH* dh_store;    int codes;    // Allocate and initialize a DH structure    dh_store = DH_new();    // If allocation failed    if (dh_store == NULL)    {        fprintf(stderr, "Error allocating DH structure./n");        fprintf(stderr, "%s", ERR_reason_error_string(ERR_get_error()));        return 1;    }    // Generate the prime, and and initialize the generator to be used for this exchange    if (DH_generate_parameters_ex(dh_store, PRIME_LENGTH, DH_GENERATOR_2, NULL) != 1)    {        fprintf(stderr, "Error allocating parameters./n");        fprintf(stderr, "%s", ERR_reason_error_string(ERR_get_error()));        return 1;    }    // Validate the generated prime (p) and the supplied generator (g).    if (!DH_check(dh_store, &codes))    {        fprintf(stderr, "Could not perform check./n");        fprintf(stderr, "%s", ERR_reason_error_string(ERR_get_error()));        return 1;    }        // Examine the results of the check performed earlier.    if (codes != 0)    {        // Check and print out what kind of error was identified.        if (codes & DH_UNABLE_TO_CHECK_GENERATOR)            fprintf(stderr, "Generator must be either 2 or 5./n");        else if (codes & DH_NOT_SUITABLE_GENERATOR)            fprintf(stderr, "Generator is not suitable./n");        else if (codes & DH_CHECK_P_NOT_PRIME)            fprintf(stderr, "Non-prime value found in structure.");        else if (codes & DH_CHECK_P_NOT_SAFE_PRIME)            fprintf(stderr, "Unsafe prime found in structure./n");        else            fprintf(stderr, "Unknown error./n");             fprintf(stderr, "%s", ERR_reason_error_string(ERR_get_error()));        return 1;    }    // Generate the private value (aka private key) and the     // public value (aka public key).    if (!DH_generate_key(dh_store))    {        fprintf(stderr, "Error generating public and private keys.");        fprintf(stderr, "%s", ERR_reason_error_string(ERR_get_error()));                return 1;    }    printf("Generator:/n");    BN_print_fp(stdout, dh_store->g);    printf("/n/n");    printf("Prime:/n");    BN_print_fp(stdout, dh_store->p);    printf("/n/n");    printf("Private key:/n");    BN_print_fp(stdout, dh_store->priv_key);    printf("/n/n");    printf("Public key:/n");    BN_print_fp(stdout, dh_store->pub_key);    printf("/n/n");    // Free the DH structure.    DH_free(dh_store);    return 0;}

//.........这里部分代码省略.........				dh = d2i_DHparams_bio(in, NULL);			else	/* informat == FORMAT_PEM */				dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);			if (dh == NULL) {				BIO_printf(bio_err, "unable to load DH parameters/n");				ERR_print_errors(bio_err);				goto end;			}		}		/* dh != NULL */	}	out = BIO_new(BIO_s_file());	if (out == NULL) {		ERR_print_errors(bio_err);		goto end;	}	if (dhparam_config.outfile == NULL) {		BIO_set_fp(out, stdout, BIO_NOCLOSE);	} else {		if (BIO_write_filename(out, dhparam_config.outfile) <= 0) {			perror(dhparam_config.outfile);			goto end;		}	}	if (dhparam_config.text) {		DHparams_print(out, dh);	}	if (dhparam_config.check) {		if (!DH_check(dh, &i)) {			ERR_print_errors(bio_err);			goto end;		}		if (i & DH_CHECK_P_NOT_PRIME)			printf("p value is not prime/n");		if (i & DH_CHECK_P_NOT_SAFE_PRIME)			printf("p value is not a safe prime/n");		if (i & DH_UNABLE_TO_CHECK_GENERATOR)			printf("unable to check the generator value/n");		if (i & DH_NOT_SUITABLE_GENERATOR)			printf("the g value is not a generator/n");		if (i == 0)			printf("DH parameters appear to be ok./n");	}	if (dhparam_config.C) {		unsigned char *data;		int len, l, bits;		len = BN_num_bytes(dh->p);		bits = BN_num_bits(dh->p);		data = malloc(len);		if (data == NULL) {			perror("malloc");			goto end;		}		printf("#ifndef HEADER_DH_H/n"		    "#include <openssl/dh.h>/n"		    "#endif/n");		printf("DH *get_dh%d()/n/t{/n", bits);		l = BN_bn2bin(dh->p, data);		printf("/tstatic unsigned char dh%d_p[] = {", bits);

//.........这里部分代码省略.........                dh = d2i_DHparams_bio(in, NULL);            else                /* informat == FORMAT_PEM */                dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);            if (dh == NULL) {                BIO_printf(bio_err, "unable to load DH parameters/n");                ERR_print_errors(bio_err);                goto end;            }        }        /* dh != NULL */    }    out = BIO_new(BIO_s_file());    if (out == NULL) {        ERR_print_errors(bio_err);        goto end;    }    if (outfile == NULL) {        BIO_set_fp(out, stdout, BIO_NOCLOSE);    } else {        if (BIO_write_filename(out, outfile) <= 0) {            perror(outfile);            goto end;        }    }    if (text) {        DHparams_print(out, dh);    }    if (check) {        if (!DH_check(dh, &i)) {            ERR_print_errors(bio_err);            goto end;        }        if (i & DH_CHECK_P_NOT_PRIME)            printf("p value is not prime/n");        if (i & DH_CHECK_P_NOT_SAFE_PRIME)            printf("p value is not a safe prime/n");        if (i & DH_UNABLE_TO_CHECK_GENERATOR)            printf("unable to check the generator value/n");        if (i & DH_NOT_SUITABLE_GENERATOR)            printf("the g value is not a generator/n");        if (i == 0)            printf("DH parameters appear to be ok./n");    }    if (C) {        unsigned char *data;        int len, l, bits;        len = BN_num_bytes(dh->p);        bits = BN_num_bits(dh->p);        data = (unsigned char *)OPENSSL_malloc(len);        if (data == NULL) {            perror("OPENSSL_malloc");            goto end;        }        printf("#ifndef HEADER_DH_H/n"               "#include <openssl/dh.h>/n" "#endif/n");        printf("DH *get_dh%d()/n/t{/n", bits);        l = BN_bn2bin(dh->p, data);        printf("/tstatic unsigned char dh%d_p[]={", bits);        for (i = 0; i < l; i++) {

//.........这里部分代码省略.........            }        } else# endif        {            if (informat == FORMAT_ASN1) {                /*                 * We have no PEM header to determine what type of DH params it                 * is. We'll just try both.                 */                dh = d2i_DHparams_bio(in, NULL);                /* BIO_reset() returns 0 for success for file BIOs only!!! */                if (dh == NULL && BIO_reset(in) == 0)                    dh = d2i_DHxparams_bio(in, NULL);            } else {                /* informat == FORMAT_PEM */                dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);            }            if (dh == NULL) {                BIO_printf(bio_err, "unable to load DH parameters/n");                ERR_print_errors(bio_err);                goto end;            }        }        /* dh != NULL */    }    if (text) {        DHparams_print(out, dh);    }    if (check) {        if (!DH_check(dh, &i)) {            ERR_print_errors(bio_err);            goto end;        }        if (i & DH_CHECK_P_NOT_PRIME)            BIO_printf(bio_err, "WARNING: p value is not prime/n");        if (i & DH_CHECK_P_NOT_SAFE_PRIME)            BIO_printf(bio_err, "WARNING: p value is not a safe prime/n");        if (i & DH_CHECK_Q_NOT_PRIME)            BIO_printf(bio_err, "WARNING: q value is not a prime/n");        if (i & DH_CHECK_INVALID_Q_VALUE)            BIO_printf(bio_err, "WARNING: q value is invalid/n");        if (i & DH_CHECK_INVALID_J_VALUE)            BIO_printf(bio_err, "WARNING: j value is invalid/n");        if (i & DH_UNABLE_TO_CHECK_GENERATOR)            BIO_printf(bio_err,                       "WARNING: unable to check the generator value/n");        if (i & DH_NOT_SUITABLE_GENERATOR)            BIO_printf(bio_err, "WARNING: the g value is not a generator/n");        if (i == 0)            BIO_printf(bio_err, "DH parameters appear to be ok./n");        if (num != 0 && i != 0) {            /*             * We have generated parameters but DH_check() indicates they are             * invalid! This should never happen!             */            BIO_printf(bio_err, "ERROR: Invalid parameters generated/n");            goto end;        }    }    if (C) {        unsigned char *data;        int len, bits;

 static bool validate( const ssl_dh& dh, bool& valid ) {     int check;     DH_check(dh,&check);     return valid = !(check /*& DH_CHECK_P_NOT_SAFE_PRIME*/); }

intdh_main(int argc, char **argv){    DH *dh = NULL;    int i;    BIO *in = NULL, *out = NULL;    int ret = 1;    memset(&dh_config, 0, sizeof(dh_config));    dh_config.informat = FORMAT_PEM;    dh_config.outformat = FORMAT_PEM;    if (options_parse(argc, argv, dh_options, NULL, NULL) != 0) {        dh_usage();        goto end;    }    in = BIO_new(BIO_s_file());    out = BIO_new(BIO_s_file());    if (in == NULL || out == NULL) {        ERR_print_errors(bio_err);        goto end;    }    if (dh_config.infile == NULL)        BIO_set_fp(in, stdin, BIO_NOCLOSE);    else {        if (BIO_read_filename(in, dh_config.infile) <= 0) {            perror(dh_config.infile);            goto end;        }    }    if (dh_config.outfile == NULL) {        BIO_set_fp(out, stdout, BIO_NOCLOSE);    } else {        if (BIO_write_filename(out, dh_config.outfile) <= 0) {            perror(dh_config.outfile);            goto end;        }    }    if (dh_config.informat == FORMAT_ASN1)        dh = d2i_DHparams_bio(in, NULL);    else if (dh_config.informat == FORMAT_PEM)        dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);    else {        BIO_printf(bio_err, "bad input format specified/n");        goto end;    }    if (dh == NULL) {        BIO_printf(bio_err, "unable to load DH parameters/n");        ERR_print_errors(bio_err);        goto end;    }    if (dh_config.text) {        DHparams_print(out, dh);    }    if (dh_config.check) {        if (!DH_check(dh, &i)) {            ERR_print_errors(bio_err);            goto end;        }        if (i & DH_CHECK_P_NOT_PRIME)            printf("p value is not prime/n");        if (i & DH_CHECK_P_NOT_SAFE_PRIME)            printf("p value is not a safe prime/n");        if (i & DH_UNABLE_TO_CHECK_GENERATOR)            printf("unable to check the generator value/n");        if (i & DH_NOT_SUITABLE_GENERATOR)            printf("the g value is not a generator/n");        if (i == 0)            printf("DH parameters appear to be ok./n");    }    if (dh_config.C) {        unsigned char *data;        int len, l, bits;        len = BN_num_bytes(dh->p);        bits = BN_num_bits(dh->p);        data = malloc(len);        if (data == NULL) {            perror("malloc");            goto end;        }        l = BN_bn2bin(dh->p, data);        printf("static unsigned char dh%d_p[] = {", bits);        for (i = 0; i < l; i++) {            if ((i % 12) == 0)                printf("/n/t");            printf("0x%02X, ", data[i]);        }        printf("/n/t};/n");        l = BN_bn2bin(dh->g, data);        printf("static unsigned char dh%d_g[] = {", bits);        for (i = 0; i < l; i++) {            if ((i % 12) == 0)                printf("/n/t");            printf("0x%02X, ", data[i]);        }//.........这里部分代码省略.........

void Connector::onTextMsg(QString msg){    //qDebug() << msg;    QJsonDocument doc;    QJsonDocument firDoc = QJsonDocument::fromJson(msg.toUtf8());    QJsonObject firObj = firDoc.object();    if(firObj["type"].toInt() == messType::rsaOpenkey){        int codes;        myPrivKey = DH_new();        myPrivKey->p = BN_new();        myPrivKey->g = BN_new();        QByteArray pA = QByteArray::fromBase64(firObj["p"].toString().toLatin1());        QByteArray gA = QByteArray::fromBase64(firObj["g"].toString().toLatin1());        QACrypt::binArr2bn(QByteArray::fromBase64(firObj["p"].toString().toLatin1()), &myPrivKey->p);        QACrypt::binArr2bn(QByteArray::fromBase64(firObj["g"].toString().toLatin1()), &myPrivKey->g);        //BN_bin2bn((unsigned char*)pA.constData(), pA.size(), myPrivKey->p);        //BN_bin2bn((unsigned char*)gA.constData(), gA.size(), myPrivKey->g);        DH_check(myPrivKey, &codes);        if(codes!=0){            qDebug() << "DH check failed";            abort();        }        DH_generate_key(myPrivKey);        BIGNUM *pubKey = BN_new();        //QByteArray pubbK = QByteArray::fromBase64(firObj["pubKey"].toString().toLatin1());        //BN_bin2bn((unsigned char*)pubbK.constData(), pubbK.size(), pubKey);        QACrypt::binArr2bn(QByteArray::fromBase64(firObj["pubKey"].toString().toLatin1()), &pubKey);        qDebug() << "DH pubkey recieved!";        unsigned char* sharedSecret = new unsigned char[1024];        int keyLen = DH_compute_key(sharedSecret, pubKey, myPrivKey);        if(keyLen == -1){            ERR_print_errors_fp(stderr);        }        QByteArray keyArr = QByteArray::fromRawData((char*)sharedSecret, keyLen);        //qDebug() << "sharedSecret: " << keyArr.toBase64();        QJsonObject uData;        uData["type"] = messType::rsaOpenkey;        uData["pubKey"] = QString(QACrypt::bn2binArr(myPrivKey->pub_key).toBase64());        QJsonDocument uDoc(uData);        sendTextMess(uDoc.toJson(QJsonDocument::Compact));        aesKey = keyArr;        useAes = true;        emit this->enableLogin();    } else if(firObj["type"].toInt() == messType::aesKey){    } else {        if(useAes){        doc = QJsonDocument::fromJson(QACrypt::decrypt2(QByteArray::fromBase64(firObj["data"].toString().toLatin1()),                                      aesKey, QByteArray::fromBase64(firObj["iv"].toString().toLatin1())));        } else {            doc = QJsonDocument::fromJson(msg.toUtf8());        }        QJsonObject obj = doc.object();        switch (obj["command"].toInt()) {        case successLogin:        {            emit this->onSuccessLogin();            break;        }        case error:        {            emit this->onErr(obj["eRRoRcode"].toInt());            break;        }        case getItemGroups:        {            emit this->clearGr();            QJsonDocument grDoc;            grDoc = QJsonDocument::fromJson(obj["groupArr"].toString().toUtf8());            QJsonArray grArr = grDoc.array();            for (int i = 0; i < grArr.size(); i++){                emit this->onNewGroup(grArr.at(i).toObject());            }            emit this->groupsToWidget();            break;        }        case getItemsFromGroup:        {            emit this->clearItms();            QJsonDocument itmDoc;            itmDoc = QJsonDocument::fromJson(obj["itmsArr"].toString().toUtf8());            qDebug() << itmDoc.toJson(QJsonDocument::Compact);            QJsonArray itmArr = itmDoc.array();            for (int i = 0; i < itmArr.size(); i++){                emit this->onNewItem(itmArr.at(i).toObject());            }            emit this->itemsToList();//.........这里部分代码省略.........

//.........这里部分代码省略.........            perror(outfile);            goto end;        }    }    if (informat == FORMAT_ASN1)        dh = d2i_DHparams_bio(in, NULL);    else if (informat == FORMAT_PEM)        dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);    else {        BIO_printf(bio_err, "bad input format specified/n");        goto end;    }    if (dh == NULL) {        BIO_printf(bio_err, "unable to load DH parameters/n");        ERR_print_errors(bio_err);        goto end;    }    if (text) {        DHparams_print(out, dh);# ifdef undef        printf("p=");        BN_print(stdout, dh->p);        printf("/ng=");        BN_print(stdout, dh->g);        printf("/n");        if (dh->length != 0)            printf("recommended private length=%ld/n", dh->length);# endif    }    if (check) {        if (!DH_check(dh, &i)) {            ERR_print_errors(bio_err);            goto end;        }        if (i & DH_CHECK_P_NOT_PRIME)            printf("p value is not prime/n");        if (i & DH_CHECK_P_NOT_SAFE_PRIME)            printf("p value is not a safe prime/n");        if (i & DH_UNABLE_TO_CHECK_GENERATOR)            printf("unable to check the generator value/n");        if (i & DH_NOT_SUITABLE_GENERATOR)            printf("the g value is not a generator/n");        if (i == 0)            printf("DH parameters appear to be ok./n");    }    if (C) {        unsigned char *data;        int len, l, bits;        len = BN_num_bytes(dh->p);        bits = BN_num_bits(dh->p);        data = (unsigned char *)OPENSSL_malloc(len);        if (data == NULL) {            perror("OPENSSL_malloc");            goto end;        }        l = BN_bn2bin(dh->p, data);        printf("static unsigned char dh%d_p[]={", bits);        for (i = 0; i < l; i++) {            if ((i % 12) == 0)                printf("/n/t");            printf("0x%02X,", data[i]);        }

int main(int argc, char *argv[])	{	BN_GENCB _cb;	DH *a;	DH *b=NULL;	char buf[12];	unsigned char *abuf=NULL,*bbuf=NULL;	int i,alen,blen,aout,bout,ret=1;	BIO *out;	CRYPTO_malloc_debug_init();	CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);#ifdef OPENSSL_SYS_WIN32	CRYPTO_malloc_init();#endif	RAND_seed(rnd_seed, sizeof rnd_seed);	out=BIO_new(BIO_s_file());	if (out == NULL) EXIT(1);	BIO_set_fp(out,stdout,BIO_NOCLOSE);	BN_GENCB_set(&_cb, &cb, out);	if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,				DH_GENERATOR_5, &_cb))		goto err;	if (!DH_check(a, &i)) goto err;	if (i & DH_CHECK_P_NOT_PRIME)		BIO_puts(out, "p value is not prime/n");	if (i & DH_CHECK_P_NOT_SAFE_PRIME)		BIO_puts(out, "p value is not a safe prime/n");	if (i & DH_UNABLE_TO_CHECK_GENERATOR)		BIO_puts(out, "unable to check the generator value/n");	if (i & DH_NOT_SUITABLE_GENERATOR)		BIO_puts(out, "the g value is not a generator/n");	BIO_puts(out,"/np    =");	BN_print(out,a->p);	BIO_puts(out,"/ng    =");	BN_print(out,a->g);	BIO_puts(out,"/n");	b=DH_new();	if (b == NULL) goto err;	b->p=BN_dup(a->p);	b->g=BN_dup(a->g);	if ((b->p == NULL) || (b->g == NULL)) goto err;	/* Set a to run with normal modexp and b to use constant time */	a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;	b->flags |= DH_FLAG_NO_EXP_CONSTTIME;	if (!DH_generate_key(a)) goto err;	BIO_puts(out,"pri 1=");	BN_print(out,a->priv_key);	BIO_puts(out,"/npub 1=");	BN_print(out,a->pub_key);	BIO_puts(out,"/n");	if (!DH_generate_key(b)) goto err;	BIO_puts(out,"pri 2=");	BN_print(out,b->priv_key);	BIO_puts(out,"/npub 2=");	BN_print(out,b->pub_key);	BIO_puts(out,"/n");	alen=DH_size(a);	abuf=(unsigned char *)OPENSSL_malloc(alen);	aout=DH_compute_key(abuf,b->pub_key,a);	BIO_puts(out,"key1 =");	for (i=0; i<aout; i++)		{		snprintf(buf, sizeof(buf), "%02X",abuf[i]);		BIO_puts(out,buf);		}	BIO_puts(out,"/n");	blen=DH_size(b);	bbuf=(unsigned char *)OPENSSL_malloc(blen);	bout=DH_compute_key(bbuf,a->pub_key,b);	BIO_puts(out,"key2 =");	for (i=0; i<bout; i++)		{		snprintf(buf, sizeof(buf), "%02X",bbuf[i]);		BIO_puts(out,buf);		}	BIO_puts(out,"/n");	if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))		{		fprintf(stderr,"Error in DH routines/n");		ret=1;		}	else		ret=0;//.........这里部分代码省略.........