您当前的位置:首页 > IT编程 > C++
| C语言 | Java | VB | VC | python | Android | TensorFlow | C++ | oracle | 学术与代码 | cnn卷积神经网络 | gnn | 图像修复 | Keras | 数据集 | Neo4j | 自然语言处理 | 深度学习 | 医学CAD | 医学影像 | 超参数 | pointnet | pytorch | 异常检测 | Transformers | 情感分类 | 知识图谱 |

自学教程:C++ ERR_print_errors_fp函数代码示例
51自学网 2021-06-01 20:34:03
  C++
这篇教程C++ ERR_print_errors_fp函数代码示例写得很实用,希望能帮到您。

本文整理汇总了C++中ERR_print_errors_fp函数的典型用法代码示例。如果您正苦于以下问题:C++ ERR_print_errors_fp函数的具体用法?C++ ERR_print_errors_fp怎么用?C++ ERR_print_errors_fp使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。

在下文中一共展示了ERR_print_errors_fp函数的30个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。

示例1: server_thread

// Minimal TLS server. This is largely based on the example at// https://wiki.openssl.org/index.php/Simple_TLS_Server and the gRPC core// internals in src/core/lib/tsi/ssl_transport_security.c.static void server_thread(void *arg) {  const server_args *args = (server_args *)arg;  SSL_load_error_strings();  OpenSSL_add_ssl_algorithms();  const SSL_METHOD *method = TLSv1_2_server_method();  SSL_CTX *ctx = SSL_CTX_new(method);  if (!ctx) {    perror("Unable to create SSL context");    ERR_print_errors_fp(stderr);    abort();  }  // Load key pair.  if (SSL_CTX_use_certificate_file(ctx, SSL_CERT_PATH, SSL_FILETYPE_PEM) < 0) {    ERR_print_errors_fp(stderr);    abort();  }  if (SSL_CTX_use_PrivateKey_file(ctx, SSL_KEY_PATH, SSL_FILETYPE_PEM) < 0) {    ERR_print_errors_fp(stderr);    abort();  }  // Set the cipher list to match the one expressed in  // src/core/lib/tsi/ssl_transport_security.c.  const char *cipher_list =      "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-"      "SHA384:ECDHE-RSA-AES256-GCM-SHA384";  if (!SSL_CTX_set_cipher_list(ctx, cipher_list)) {    ERR_print_errors_fp(stderr);    gpr_log(GPR_ERROR, "Couldn't set server cipher list.");    abort();  }  // Register the ALPN selection callback.  SSL_CTX_set_alpn_select_cb(ctx, alpn_select_cb, args->alpn_preferred);  // bind/listen/accept at TCP layer.  const int sock = args->socket;  gpr_log(GPR_INFO, "Server listening");  struct sockaddr_in addr;  socklen_t len = sizeof(addr);  const int client = accept(sock, (struct sockaddr *)&addr, &len);  if (client < 0) {    perror("Unable to accept");    abort();  }  // Establish a SSL* and accept at SSL layer.  SSL *ssl = SSL_new(ctx);  GPR_ASSERT(ssl);  SSL_set_fd(ssl, client);  if (SSL_accept(ssl) <= 0) {    ERR_print_errors_fp(stderr);    gpr_log(GPR_ERROR, "Handshake failed.");  } else {    gpr_log(GPR_INFO, "Handshake successful.");  }  // Wait until the client drops its connection.  char buf;  while (SSL_read(ssl, &buf, sizeof(buf)) > 0)    ;  SSL_free(ssl);  close(client);  close(sock);  SSL_CTX_free(ctx);  EVP_cleanup();}
开发者ID:pmarks-net,项目名称:grpc,代码行数:74,


示例2: key_new

rdpRsaKey* key_new(const char* keyfile){	FILE* fp;	RSA* rsa;	rdpRsaKey* key;	key = (rdpRsaKey*) malloc(sizeof(rdpRsaKey));	ZeroMemory(key, sizeof(rdpRsaKey));	if (key == NULL)		return NULL;	fp = fopen(keyfile, "r");	if (fp == NULL)	{		fprintf(stderr, "unable to load RSA key from %s: %s.", keyfile, strerror(errno));		free(key) ;		return NULL;	}	rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL);	if (rsa == NULL)	{		ERR_print_errors_fp(stdout);		fclose(fp);		free(key) ;		return NULL;	}	fclose(fp);	switch (RSA_check_key(rsa))	{		case 0:			RSA_free(rsa);			fprintf(stderr, "invalid RSA key in %s", keyfile);			free(key) ;			return NULL;		case 1:			/* Valid key. */			break;		default:			ERR_print_errors_fp(stderr);			RSA_free(rsa);			free(key) ;			return NULL;	}	if (BN_num_bytes(rsa->e) > 4)	{		RSA_free(rsa);		fprintf(stderr, "RSA public exponent too large in %s", keyfile);		free(key) ;		return NULL;	}	key->ModulusLength = BN_num_bytes(rsa->n);	key->Modulus = (BYTE*) malloc(key->ModulusLength);	BN_bn2bin(rsa->n, key->Modulus);	crypto_reverse(key->Modulus, key->ModulusLength);	key->PrivateExponentLength = BN_num_bytes(rsa->d);	key->PrivateExponent = (BYTE*) malloc(key->PrivateExponentLength);	BN_bn2bin(rsa->d, key->PrivateExponent);	crypto_reverse(key->PrivateExponent, key->PrivateExponentLength);	memset(key->exponent, 0, sizeof(key->exponent));	BN_bn2bin(rsa->e, key->exponent + sizeof(key->exponent) - BN_num_bytes(rsa->e));	crypto_reverse(key->exponent, sizeof(key->exponent));	RSA_free(rsa);	return key;}
开发者ID:KimDongChun,项目名称:FreeRDP,代码行数:78,


示例3: main

int main(int argc, char *argv[]) {		FILE		*fin, *fkey;	u_int16_t	siglen;	u_int32_t	magic;	long		nread, ndata;	char		*sigbuf, *inbuf;	EVP_PKEY	*pkey;	EVP_MD_CTX	ctx;	int			err, retval;		if (argc != 3)		usage();		ERR_load_crypto_strings();		/* open file and check for magic */	fin = fopen(argv[2], "r+");	if (fin == NULL) {		fprintf(stderr, "unable to open file '%s'/n", argv[2]);		exit(4);	}		fseek(fin, -(sizeof(magic)), SEEK_END);	fread(&magic, sizeof(magic), 1, fin);			if (magic != SIG_MAGIC) {		fclose(fin);		exit(2);	}		/* magic is good; get signature length */		fseek(fin, -(sizeof(magic) + sizeof(siglen)), SEEK_END);		fread(&siglen, sizeof(siglen), 1, fin);		/* read public key */	fkey = fopen(argv[1], "r");	if (fkey == NULL) {		fprintf(stderr, "unable to open public key file '%s'/n", argv[1]);		exit(4);	}		pkey = PEM_read_PUBKEY(fkey, NULL, NULL, NULL);	fclose(fkey);		if (pkey == NULL) {		ERR_print_errors_fp(stderr);		exit(4);	}		/* check if siglen is sane */	if ((siglen == 0) || (siglen > EVP_PKEY_size(pkey)))		exit(3);		/* got signature length; read signature */	sigbuf = malloc(siglen);	if (sigbuf == NULL)		exit(4);		fseek(fin, -(sizeof(magic) + sizeof(siglen) + siglen), SEEK_END);		if (fread(sigbuf, 1, siglen, fin) != siglen)		exit(4);		/* signature read; truncate file to remove sig */	fseek(fin, 0, SEEK_END);	ndata = ftell(fin) - (sizeof(magic) + sizeof(siglen) + siglen);	ftruncate(fileno(fin), ndata);		/* verify the signature now */	EVP_VerifyInit(&ctx, EVP_sha1());		/* allocate data buffer */	inbuf = malloc(SIG_INBUFLEN);	if (inbuf == NULL)		exit(4);		rewind(fin);	while (!feof(fin)) {		nread = fread(inbuf, 1, SIG_INBUFLEN, fin);		if (nread != SIG_INBUFLEN) {			if (ferror(fin)) {				fprintf(stderr, "read error in file '%s'/n", argv[2]);				exit(4);			}		}				EVP_VerifyUpdate(&ctx, inbuf, nread);	}		err = EVP_VerifyFinal(&ctx, sigbuf, siglen, pkey);	EVP_PKEY_free(pkey);		if (err == 1)		retval = 0;		/* correct signature */	else if (err == 0)		retval = 1;		/* invalid signature */	else		retval = 3;		/* error */		free(inbuf);//.........这里部分代码省略.........
开发者ID:Amokbambi,项目名称:m0n0,代码行数:101,


示例4: pCtx

SslContext_t::SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile):	pCtx (NULL),	PrivateKey (NULL),	Certificate (NULL){	/* TODO: the usage of the specified private-key and cert-chain filenames only applies to	 * client-side connections at this point. Server connections currently use the default materials.	 * That needs to be fixed asap.	 * Also, in this implementation, server-side connections use statically defined X-509 defaults.	 * One thing I'm really not clear on is whether or not you have to explicitly free X509 and EVP_PKEY	 * objects when we call our destructor, or whether just calling SSL_CTX_free is enough.	 */	if (!bLibraryInitialized) {		bLibraryInitialized = true;		SSL_library_init();		OpenSSL_add_ssl_algorithms();	        OpenSSL_add_all_algorithms();		SSL_load_error_strings();		ERR_load_crypto_strings();		InitializeDefaultCredentials();	}	bIsServer = is_server;	pCtx = SSL_CTX_new (is_server ? SSLv23_server_method() : SSLv23_client_method());	if (!pCtx)		throw std::runtime_error ("no SSL context");	SSL_CTX_set_options (pCtx, SSL_OP_ALL);	//SSL_CTX_set_options (pCtx, (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3));	if (is_server) {		// The SSL_CTX calls here do NOT allocate memory.		int e;		if (privkeyfile.length() > 0)			e = SSL_CTX_use_PrivateKey_file (pCtx, privkeyfile.c_str(), SSL_FILETYPE_PEM);		else			e = SSL_CTX_use_PrivateKey (pCtx, DefaultPrivateKey);		if (e <= 0) ERR_print_errors_fp(stderr);		assert (e > 0);		if (certchainfile.length() > 0)			e = SSL_CTX_use_certificate_chain_file (pCtx, certchainfile.c_str());		else			e = SSL_CTX_use_certificate (pCtx, DefaultCertificate);		if (e <= 0) ERR_print_errors_fp(stderr);		assert (e > 0);	}	SSL_CTX_set_cipher_list (pCtx, "ALL:!ADH:!LOW:!EXP:!DES-CBC3-SHA:@STRENGTH");	if (is_server) {		SSL_CTX_sess_set_cache_size (pCtx, 128);		SSL_CTX_set_session_id_context (pCtx, (unsigned char*)"eventmachine", 12);	}	else {		int e;		if (privkeyfile.length() > 0) {			e = SSL_CTX_use_PrivateKey_file (pCtx, privkeyfile.c_str(), SSL_FILETYPE_PEM);			if (e <= 0) ERR_print_errors_fp(stderr);			assert (e > 0);		}		if (certchainfile.length() > 0) {			e = SSL_CTX_use_certificate_chain_file (pCtx, certchainfile.c_str());			if (e <= 0) ERR_print_errors_fp(stderr);			assert (e > 0);		}	}}
开发者ID:Averell,项目名称:eventmachine,代码行数:70,


示例5: main

//.........这里部分代码省略.........		}	else		{		if (!BIO_write_filename(out,outfile))			{			perror(outfile);			EXIT(1);			}		}	if (!results)		BIO_puts(out,"obase=16/nibase=16/n");	message(out,"BN_add");	if (!test_add(out)) goto err;	BIO_flush(out);	message(out,"BN_sub");	if (!test_sub(out)) goto err;	BIO_flush(out);	message(out,"BN_lshift1");	if (!test_lshift1(out)) goto err;	BIO_flush(out);	message(out,"BN_lshift (fixed)");	if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL)))	    goto err;	BIO_flush(out);	message(out,"BN_lshift");	if (!test_lshift(out,ctx,NULL)) goto err;	BIO_flush(out);	message(out,"BN_rshift1");	if (!test_rshift1(out)) goto err;	BIO_flush(out);	message(out,"BN_rshift");	if (!test_rshift(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_sqr");	if (!test_sqr(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_mul");	if (!test_mul(out)) goto err;	BIO_flush(out);	message(out,"BN_div");	if (!test_div(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_div_recp");	if (!test_div_recp(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_mod");	if (!test_mod(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_mod_mul");	if (!test_mod_mul(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_mont");	if (!test_mont(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_mod_exp");	if (!test_mod_exp(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_exp");	if (!test_exp(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_kronecker");	if (!test_kron(out,ctx)) goto err;	BIO_flush(out);	message(out,"BN_mod_sqrt");	if (!test_sqrt(out,ctx)) goto err;	BIO_flush(out);	BN_CTX_free(ctx);	BIO_free(out);/**/	EXIT(0);err:	BIO_puts(out,"1/n"); /* make sure the Perl script fed by bc notices	                      * the failure, see test_bn in test/Makefile.ssl*/	BIO_flush(out);	ERR_load_crypto_strings();	ERR_print_errors_fp(stderr);	EXIT(1);	return(1);	}
开发者ID:froggatt,项目名称:edimax-br-6528n,代码行数:101,


示例6: digest

static voiddigest(struct executable *x){    EVP_MD_CTX *mdctx;    const EVP_MD *md;    size_t sum_of_bytes_hashed;    int i, ok;    /*     * Windows Authenticode Portable Executable Signature Format     * spec version 1.0 specifies MD5 and SHA1.  However, pesign     * and sbsign both use SHA256, so do the same.     */    md = EVP_get_digestbyname(DIGEST);    if (md == NULL) {        ERR_print_errors_fp(stderr);        errx(1, "EVP_get_digestbyname(/"%s/") failed", DIGEST);    }    mdctx = EVP_MD_CTX_create();    if (mdctx == NULL) {        ERR_print_errors_fp(stderr);        errx(1, "EVP_MD_CTX_create(3) failed");    }    ok = EVP_DigestInit_ex(mdctx, md, NULL);    if (ok == 0) {        ERR_print_errors_fp(stderr);        errx(1, "EVP_DigestInit_ex(3) failed");    }    /*     * According to the Authenticode spec, we need to compute     * the digest in a rather... specific manner; see "Calculating     * the PE Image Hash" part of the spec for details.     *     * First, everything from 0 to before the PE checksum.     */    digest_range(x, mdctx, 0, x->x_checksum_off);    /*     * Second, from after the PE checksum to before the Certificate     * entry in Data Directory.     */    digest_range(x, mdctx, x->x_checksum_off + x->x_checksum_len,                 x->x_certificate_entry_off -                 (x->x_checksum_off + x->x_checksum_len));    /*     * Then, from after the Certificate entry to the end of headers.     */    digest_range(x, mdctx,                 x->x_certificate_entry_off + x->x_certificate_entry_len,                 x->x_headers_len -                 (x->x_certificate_entry_off + x->x_certificate_entry_len));    /*     * Then, each section in turn, as specified in the PE Section Table.     *     * XXX: Sorting.     */    sum_of_bytes_hashed = x->x_headers_len;    for (i = 0; i < x->x_nsections; i++) {        digest_range(x, mdctx,                     x->x_section_off[i], x->x_section_len[i]);        sum_of_bytes_hashed += x->x_section_len[i];    }    /*     * I believe this can happen with overlapping sections.     */    if (sum_of_bytes_hashed > x->x_len)        errx(1, "number of bytes hashed is larger than file size");    /*     * I can't really explain this one; just do what the spec says.     */    if (sum_of_bytes_hashed < x->x_len) {        digest_range(x, mdctx, sum_of_bytes_hashed,                     x->x_len - (signature_size(x) + sum_of_bytes_hashed));    }    ok = EVP_DigestFinal_ex(mdctx, x->x_digest, &x->x_digest_len);    if (ok == 0) {        ERR_print_errors_fp(stderr);        errx(1, "EVP_DigestFinal_ex(3) failed");    }    EVP_MD_CTX_destroy(mdctx);}
开发者ID:jaredmcneill,项目名称:freebsd,代码行数:90,


示例7: while

/** * /brief Funtion that listens for new connetions * * Runs in a thread and adds new connections to plugin_conf->master set * * /param[in, out] config Plugin configuration structure * /return NULL always */void *input_listen(void *config){	struct plugin_conf *conf = (struct plugin_conf *) config;	int new_sock;	/* use IPv6 sockaddr structure to store address information (IPv4 fits easily) */	struct sockaddr_in6 *address = NULL;	socklen_t addr_length;	char src_addr[INET6_ADDRSTRLEN];	struct input_info_list *input_info;#ifdef TLS_SUPPORT	int ret;	int i;	SSL *ssl = NULL;           /* structure for TLS connection */	X509 *peer_cert = NULL;    /* peer's certificate */	struct cleanup maid;       /* auxiliary struct for TLS error handling */#endif	/* loop ends when thread is cancelled by pthread_cancel() function */	while (1) {		/* allocate space for the address */		addr_length = sizeof(struct sockaddr_in6);		address = malloc(addr_length);		if (!address) {			MSG_ERROR(msg_module, "Memory allocation failed (%s:%d)", __FILE__, __LINE__);			break;		}		/* ensure that address will be freed when thread is canceled */ 		pthread_cleanup_push(input_listen_cleanup, (void *) address);		if ((new_sock = accept(conf->socket, (struct sockaddr*) address, &addr_length)) == -1) {			MSG_ERROR(msg_module, "Cannot accept new socket: %s", strerror(errno));			/* exit and call cleanup */			pthread_exit(0);		}#ifdef TLS_SUPPORT		/* preparation for TLS error handling */		maid.address = address;		maid.ssl = NULL;		maid.peer_cert = NULL;		if (conf->tls) {			/* create a new SSL structure for the connection */			ssl = SSL_new(conf->ctx);			if (!ssl) {				MSG_ERROR(msg_module, "Unable to create SSL structure");				ERR_print_errors_fp(stderr);				/* cleanup */				input_listen_tls_cleanup(conf, &maid);				continue;			}			maid.ssl = ssl;			/* connect the SSL object with the socket */			ret = SSL_set_fd(ssl, new_sock);			if (ret != 1) {				MSG_ERROR(msg_module, "Unable to connect the SSL object with the socket");				ERR_print_errors_fp(stderr);				/* cleanup */				input_listen_tls_cleanup(conf, &maid);				continue;			}			/* TLS handshake */			ret = SSL_accept(ssl);			if (ret != 1) {				/* handshake wasn't successful */				MSG_ERROR(msg_module, "TLS handshake was not successful");				ERR_print_errors_fp(stderr);				/* cleanup */				input_listen_tls_cleanup(conf, &maid);				continue;			}			/* obtain peer's certificate */			peer_cert = SSL_get_peer_certificate(ssl);			if (!peer_cert) {				MSG_ERROR(msg_module, "No certificate was presented by the peer");				/* cleanup */				input_listen_tls_cleanup(conf, &maid);				continue;			}			maid.peer_cert = peer_cert;			/* verify peer's certificate */			if (SSL_get_verify_result(ssl) != X509_V_OK) {				MSG_ERROR(msg_module, "Client sent bad certificate; verification failed");				/* cleanup */				input_listen_tls_cleanup(conf, &maid);				continue;			}//.........这里部分代码省略.........
开发者ID:VisBlank,项目名称:ipfixcol,代码行数:101,


示例8: fips_check_rsa

int fips_check_rsa(RSA *rsa)    {    int n, ret = 0;    unsigned char tctext[256], *ctext = tctext;    unsigned char tptext[256], *ptext = tptext;    /* The longest we can have with PKCS#1 v1.5 padding and a 512 bit key,     * namely 512/8-11-1 = 52 bytes */    static const unsigned char original_ptext[] =	"/x01/x23/x45/x67/x89/xab/xcd/xef/x01/x23/x45/x67/x89/xab/xcd/xef"	"/x01/x23/x45/x67/x89/xab/xcd/xef/x01/x23/x45/x67/x89/xab/xcd/xef"	"/x01/x23/x45/x67/x89/xab/xcd/xef/x01/x23/x45/x67/x89/xab/xcd/xef"	"/x01/x23/x45/x67";    if (RSA_size(rsa) > sizeof(tctext))	{	ctext = OPENSSL_malloc(RSA_size(rsa));	ptext = OPENSSL_malloc(RSA_size(rsa));	if (!ctext || !ptext)		{		ERR_print_errors_fp(OPENSSL_stderr());		exit(1);		}	}	    /* this will fail for keys shorter than 512 bits */    n=RSA_private_encrypt(sizeof(original_ptext)-1,original_ptext,ctext,rsa,			 RSA_PKCS1_PADDING);    if(n < 0)	{	ERR_print_errors_fp(OPENSSL_stderr());	exit(1);	}    if(!memcmp(ctext,original_ptext,n))  	{  	FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); 	goto error; 	}    n=RSA_public_decrypt(n,ctext,ptext,rsa,RSA_PKCS1_PADDING);    if(n < 0)	{	ERR_print_errors_fp(OPENSSL_stderr());	exit(1);	}    if(n != sizeof(original_ptext)-1 || memcmp(ptext,original_ptext,n))	{	FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);	goto error;	}    ret = 1;    error:    if (RSA_size(rsa) > sizeof(tctext))	{	OPENSSL_free(ctext);	OPENSSL_free(ptext);	}    return ret;    }
开发者ID:aosm,项目名称:OpenSSL097,代码行数:62,


示例9: krb5_cproxy_process

krb5_data *krb5_cproxy_process(char *servername, char *port, krb5_data *request) {  /* SSL init */  SSL_library_init(); /* always returns 1 */  SSL_load_error_strings();  OpenSSL_add_all_algorithms();  const SSL_METHOD *method = SSLv23_client_method(); /* includes TLSv1 */  if (!method) {    ERR_print_errors_fp(stderr);    EVP_cleanup();    return NULL;  }  SSL_CTX *gamma = SSL_CTX_new(method);  if (!gamma) {    ERR_print_errors_fp(stderr);    EVP_cleanup();    return NULL;  }  SSL_CTX_set_verify(gamma, SSL_VERIFY_PEER, NULL);  if (!SSL_CTX_set_default_verify_paths(gamma)) {    ERR_print_errors_fp(stderr);    SSL_CTX_free(gamma);    EVP_cleanup();    return NULL;  }  SSL *ssl = SSL_new(gamma);  if (!ssl) {    ERR_print_errors_fp(stderr);    SSL_CTX_free(gamma);    EVP_cleanup();    return NULL;  }  /* Encoding */  char *req;  gsize out_len;  char *fmt = "POST / HTTP/1.0/r/n"    "Host: %s/r/n" /* MSFT gets upset without this */    "Content-type: application/kerberos/r/n"    "Content-length: %d/r/n"    "/r/n%s";  char *g_buf = g_base64_encode((guchar *) request->data, request->length);  size_t reqlen = asprintf(&req, fmt, servername, strlen(g_buf), g_buf);  g_free(g_buf);  /* connect to other proxy */  struct addrinfo khints, *kserverdata;  memset(&khints, 0, sizeof(khints));  khints.ai_family = AF_UNSPEC;  khints.ai_socktype = SOCK_STREAM;   /* TCP for HTTP */  int gai_ret = getaddrinfo(servername, port, &khints, &kserverdata);  if (gai_ret) {    fprintf(stderr, "%s/n", gai_strerror(gai_ret));    SSL_CTX_free(gamma);    EVP_cleanup();    free(req);    return NULL;  }  int fd_prox = -1;  for (struct addrinfo *cur = kserverdata;       cur != NULL && fd_prox == -1;       cur = cur->ai_next) {    fd_prox = socket(cur->ai_family, cur->ai_socktype, cur->ai_protocol);    if (fd_prox == -1) {      fprintf(stderr, "failed to socket/n");    } else if (connect(fd_prox, cur->ai_addr, cur->ai_addrlen) == -1) {      close(fd_prox);      fd_prox = -1;      fprintf(stderr, "failed to connect/n");    }  }  freeaddrinfo(kserverdata);  if (fd_prox == -1) {    fprintf(stderr, "unable to connect to any sockets/n");    SSL_CTX_free(gamma);    EVP_cleanup();    free(req);    return NULL;  }  /* SSL the socket */  if (!SSL_set_fd(ssl, fd_prox)) {    ERR_print_errors_fp(stderr);    close(fd_prox);    free(req);    SSL_free(ssl);    SSL_CTX_free(gamma);    EVP_cleanup();    return NULL;  }  if (SSL_connect(ssl) != 1) {    ERR_print_errors_fp(stderr); /* maybe? */    close(fd_prox);    free(req);    SSL_free(ssl);    SSL_CTX_free(gamma);    EVP_cleanup();    return NULL;  }//.........这里部分代码省略.........
开发者ID:frozencemetery,项目名称:krb-proxies,代码行数:101,


示例10: main

//.........这里部分代码省略.........				fprintf(stdout, "%s: scep msg: %s", pname,									http_string);			}			/*			 * Send http message.			 * Response is written to http_response struct "reply".			 */			reply.payload = NULL;			if ((c = send_msg (&reply, http_string, host_name,					host_port, operation_flag)) == 1) {				fprintf(stderr, "%s: error while sending "					"message/n", pname);				exit (SCEP_PKISTATUS_NET);			}			if (reply.payload == NULL) {				fprintf(stderr, "%s: no data, perhaps you "				   "should define CA identifier (-i)/n", pname);				exit (SCEP_PKISTATUS_SUCCESS);			}			if (v_flag){				printf("%s: valid response from server/n", pname);			}			if (reply.type == SCEP_MIME_GETCA_RA) {				/* XXXXXXXXXXXXXXXXXXXXX chain not verified */				write_ca_ra(&reply);			}			/* Read payload as DER X.509 object: */			bp = BIO_new_mem_buf(reply.payload, reply.bytes);			cacert = d2i_X509_bio(bp, NULL);			/* Read and print certificate information */			if (!X509_digest(cacert, fp_alg, md, &n)) {				ERR_print_errors_fp(stderr);				exit (SCEP_PKISTATUS_ERROR);			}			if (v_flag){				printf("%s: %s fingerprint: ", pname,					OBJ_nid2sn(EVP_MD_type(fp_alg)));				for (c = 0; c < (int)n; c++) {					printf("%02X%c",md[c],						(c + 1 == (int)n) ?'/n':':');				}			}			/* Write PEM-formatted file: */			#ifdef WIN32			if ((fopen_s(&fp,c_char , "w")))			#else			if (!(fp = fopen(c_char, "w")))			#endif			{				fprintf(stderr, "%s: cannot open CA file for "					"writing/n", pname);				exit (SCEP_PKISTATUS_ERROR);			}			if (PEM_write_X509(fp, c_char) != 1) {				fprintf(stderr, "%s: error while writing CA "					"file/n", pname);				ERR_print_errors_fp(stderr);				exit (SCEP_PKISTATUS_ERROR);			}			if (v_flag)			printf("%s: CA certificate written as %s/n",				pname, c_char);
开发者ID:flomar,项目名称:sscep,代码行数:67,


示例11: SSL_library_init

/* Init necessary structures for SSL in WebIf*/SSL_CTX *SSL_Webif_Init(void){	SSL_library_init();	SSL_load_error_strings();	ERR_load_BIO_strings();	ERR_load_SSL_strings();	SSL_CTX *ctx;	static const char *cs_cert = "oscam.pem";	if(pthread_key_create(&getssl, NULL))	{		cs_log("Could not create getssl");	}	// set locking callbacks for SSL	int32_t i, num = CRYPTO_num_locks();	lock_cs = (CS_MUTEX_LOCK *) OPENSSL_malloc(num * sizeof(CS_MUTEX_LOCK));	for(i = 0; i < num; ++i)	{		cs_lock_create(&lock_cs[i], "ssl_lock_cs", 10000);	}	/* static lock callbacks */	CRYPTO_set_id_callback(SSL_id_function);	CRYPTO_set_locking_callback(SSL_locking_function);	/* dynamic lock callbacks */	CRYPTO_set_dynlock_create_callback(SSL_dyn_create_function);	CRYPTO_set_dynlock_lock_callback(SSL_dyn_lock_function);	CRYPTO_set_dynlock_destroy_callback(SSL_dyn_destroy_function);	if(cfg.http_force_sslv3)	{		ctx = SSL_CTX_new(SSLv3_server_method());#ifdef SSL_CTX_clear_options		SSL_CTX_clear_options(ctx, SSL_OP_ALL); //we CLEAR all bug workarounds! This is for security reason#else		cs_log("WARNING: You enabled to force sslv3 but your system does not support to clear the ssl workarounds! SSL security will be reduced!");#endif		SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); // we force SSL v3 !		SSL_CTX_set_cipher_list(ctx, SSL_TXT_RC4);	}	else		{ ctx = SSL_CTX_new(SSLv23_server_method()); }	char path[128];	if(!cfg.http_cert)		{ get_config_filename(path, sizeof(path), cs_cert); }	else		{ cs_strncpy(path, cfg.http_cert, sizeof(path)); }	if(!ctx)	{		ERR_print_errors_fp(stderr);		return NULL;	}	if(SSL_CTX_use_certificate_file(ctx, path, SSL_FILETYPE_PEM) <= 0)	{		ERR_print_errors_fp(stderr);		return NULL;	}	if(SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0)	{		ERR_print_errors_fp(stderr);		return NULL;	}	if(!SSL_CTX_check_private_key(ctx))	{		cs_log("SSL: Private key does not match the certificate public key");		return NULL;	}	cs_log("load ssl certificate file %s", path);	return ctx;}
开发者ID:jackuzzy,项目名称:oscam_private,代码行数:80,


示例12: krx_ssl_ctx_init

int krx_ssl_ctx_init(krx* k, const char* keyname) {  int r = 0;  /* create a new context using DTLS */  k->ctx = SSL_CTX_new(DTLSv1_method());  if(!k->ctx) {    printf("Error: cannot create SSL_CTX./n");    ERR_print_errors_fp(stderr);    return -1;  }  /* set our supported ciphers */  r = SSL_CTX_set_cipher_list(k->ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");  if(r != 1) {    printf("Error: cannot set the cipher list./n");    ERR_print_errors_fp(stderr);    return -2;  }  /* the client doesn't have to send it's certificate */  SSL_CTX_set_verify(k->ctx, SSL_VERIFY_PEER, krx_ssl_verify_peer);  /* enable srtp */  r = SSL_CTX_set_tlsext_use_srtp(k->ctx, "SRTP_AES128_CM_SHA1_80");  if(r != 0) {    printf("Error: cannot setup srtp./n");    ERR_print_errors_fp(stderr);    return -3;  }  /* load key and certificate */  char certfile[1024];  char keyfile[1024];  sprintf(certfile, "./%s-cert.pem", keyname);  sprintf(keyfile, "./%s-key.pem", keyname);  /* certificate file; contains also the public key */  r = SSL_CTX_use_certificate_file(k->ctx, certfile, SSL_FILETYPE_PEM);  if(r != 1) {    printf("Error: cannot load certificate file./n");    ERR_print_errors_fp(stderr);    return -4;  }  /* load private key */  r = SSL_CTX_use_PrivateKey_file(k->ctx, keyfile, SSL_FILETYPE_PEM);  if(r != 1) {    printf("Error: cannot load private key file./n");    ERR_print_errors_fp(stderr);    return -5;  }    /* check if the private key is valid */  r = SSL_CTX_check_private_key(k->ctx);  if(r != 1) {    printf("Error: checking the private key failed. /n");    ERR_print_errors_fp(stderr);    return -6;  }  sprintf(k->name, "+ %s", keyname);  return 0;}
开发者ID:roxlu,项目名称:krx_rtc,代码行数:65,


示例13: main

int main(int argc, char *argv[]) {	BIO *sbio;	SSL_CTX *ssl_ctx;	SSL *ssl;	X509 *server_cert;	// Initialize OpenSSL	OpenSSL_add_all_algorithms();	SSL_library_init();	SSL_load_error_strings(); 	// Check OpenSSL PRNG	if(RAND_status() != 1) {		fprintf(stderr, "OpenSSL PRNG not seeded with enough data.");		goto error_1;	}	ssl_ctx = SSL_CTX_new(TLSv1_client_method());		// Enable certificate validation	SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);	// Configure the CA trust store to be used	if (SSL_CTX_load_verify_locations(ssl_ctx, TRUSTED_CA_PATHNAME, NULL) != 1) {		fprintf(stderr, "Couldn't load certificate trust store./n");		goto error_2;	}	// Only support secure cipher suites	if (SSL_CTX_set_cipher_list(ssl_ctx, SECURE_CIPHER_LIST) != 1)		goto error_2;	// Create the SSL connection	sbio = BIO_new_ssl_connect(ssl_ctx);	BIO_get_ssl(sbio, &ssl); 	if(!ssl) {	  fprintf(stderr, "Can't locate SSL pointer/n");		goto error_3;	}	// Do the SSL handshake	BIO_set_conn_hostname(sbio, TARGET_SERVER);	if(SSL_do_handshake(ssl) <= 0) {		// SSL Handshake failed		long verify_err = SSL_get_verify_result(ssl);		if (verify_err != X509_V_OK) { 			// It failed because the certificate chain validation failed			fprintf(stderr, "Certificate chain validation failed: %s/n", X509_verify_cert_error_string(verify_err));		}		else {			// It failed for another reason			ERR_print_errors_fp(stderr);		}		goto error_3;	}	// Recover the server's certificate	server_cert =  SSL_get_peer_certificate(ssl);	if (server_cert == NULL) {		// The handshake was successful although the server did not provide a certificate		// Most likely using an insecure anonymous cipher suite... get out!		goto error_4;	}	// Validate the hostname	if (validate_hostname(TARGET_HOST, server_cert) != MatchFound) {		fprintf(stderr, "Hostname validation failed./n");		goto error_5;	}	// Hostname validation succeeded; we can start sending data	send_http_get_and_print(sbio);error_5:	X509_free(server_cert);error_4:	BIO_ssl_shutdown(sbio);error_3:	BIO_free_all(sbio);error_2:	SSL_CTX_free(ssl_ctx);error_1: // OpenSSL cleanup    EVP_cleanup();    ERR_free_strings();	return 0;}
开发者ID:TrickyCat,项目名称:ssl-conservatory,代码行数:91,


示例14: test_ecdh_curve

//.........这里部分代码省略.........	BN_print(out,y_b);	BIO_puts(out,"/n");#else	BIO_printf(out,".");	(void)BIO_flush(out);#endif	alen=KDF1_SHA1_len;	abuf=(unsigned char *)OPENSSL_malloc(alen);	aout=ECDH_compute_key(abuf,alen,EC_KEY_get0_public_key(b),a,KDF1_SHA1);#ifdef NOISY	BIO_puts(out,"  key1 =");	for (i=0; i<aout; i++)		{		TINYCLR_SSL_SPRINTF(buf,"%02X",abuf[i]);		BIO_puts(out,buf);		}	BIO_puts(out,"/n");#else	BIO_printf(out,".");	(void)BIO_flush(out);#endif	blen=KDF1_SHA1_len;	bbuf=(unsigned char *)OPENSSL_malloc(blen);	bout=ECDH_compute_key(bbuf,blen,EC_KEY_get0_public_key(a),b,KDF1_SHA1);#ifdef NOISY	BIO_puts(out,"  key2 =");	for (i=0; i<bout; i++)		{		TINYCLR_SSL_SPRINTF(buf,"%02X",bbuf[i]);		BIO_puts(out,buf);		}	BIO_puts(out,"/n");#else	BIO_printf(out,".");	(void)BIO_flush(out);#endif	if ((aout < 4) || (bout != aout) || (TINYCLR_SSL_MEMCMP(abuf,bbuf,aout) != 0))		{#ifndef NOISY		BIO_printf(out, " failed/n/n");		BIO_printf(out, "key a:/n");		BIO_printf(out, "private key: ");		BN_print(out, EC_KEY_get0_private_key(a));		BIO_printf(out, "/n");		BIO_printf(out, "public key (x,y): ");		BN_print(out, x_a);		BIO_printf(out, ",");		BN_print(out, y_a);		BIO_printf(out, "/nkey b:/n");		BIO_printf(out, "private key: ");		BN_print(out, EC_KEY_get0_private_key(b));		BIO_printf(out, "/n");		BIO_printf(out, "public key (x,y): ");		BN_print(out, x_b);		BIO_printf(out, ",");		BN_print(out, y_b);		BIO_printf(out, "/n");		BIO_printf(out, "generated key a: ");		for (i=0; i<bout; i++)			{			TINYCLR_SSL_SPRINTF(buf, "%02X", bbuf[i]);			BIO_puts(out, buf);			}		BIO_printf(out, "/n");		BIO_printf(out, "generated key b: ");		for (i=0; i<aout; i++)			{			TINYCLR_SSL_SPRINTF(buf, "%02X", abuf[i]);			BIO_puts(out,buf);			}		BIO_printf(out, "/n");#endif		TINYCLR_SSL_FPRINTF(OPENSSL_TYPE__FILE_STDERR,"Error in ECDH routines/n");		ret=0;		}	else		{#ifndef NOISY		BIO_printf(out, " ok/n");#endif		ret=1;		}err:	ERR_print_errors_fp(OPENSSL_TYPE__FILE_STDERR);	if (abuf != NULL) OPENSSL_free(abuf);	if (bbuf != NULL) OPENSSL_free(bbuf);	if (x_a) BN_free(x_a);	if (y_a) BN_free(y_a);	if (x_b) BN_free(x_b);	if (y_b) BN_free(y_b);	if (b) EC_KEY_free(b);	if (a) EC_KEY_free(a);	return(ret);	}
开发者ID:EddieGarmon,项目名称:netduino-netmf,代码行数:101,


示例15: handle_error

void handle_error(const char *file, int linenum, const char *msg) {		fprintf(stderr, "*** %s:%i %s/n", file, linenum, msg);	ERR_print_errors_fp(stderr);	exit(-1);}
开发者ID:modsix,项目名称:destroyd,代码行数:6,


示例16: main

int main(int argc, char *argv[]){    char *port = "*:4433";    BIO *ssl_bio, *tmp;    SSL_CTX *ctx;    SSL_CONF_CTX *cctx;    char buf[512];    BIO *in = NULL;    int ret = 1, i;    char **args = argv + 1;    int nargs = argc - 1;    SSL_load_error_strings();    /* Add ciphers and message digests */    OpenSSL_add_ssl_algorithms();    ctx = SSL_CTX_new(SSLv23_server_method());    cctx = SSL_CONF_CTX_new();    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER);    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE);    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);    while (*args && **args == '-') {        int rv;        /* Parse standard arguments */        rv = SSL_CONF_cmd_argv(cctx, &nargs, &args);        if (rv == -3) {            fprintf(stderr, "Missing argument for %s/n", *args);            goto err;        }        if (rv < 0) {            fprintf(stderr, "Error in command %s/n", *args);            ERR_print_errors_fp(stderr);            goto err;        }        /* If rv > 0 we processed something so proceed to next arg */        if (rv > 0)            continue;        /* Otherwise application specific argument processing */        if (!strcmp(*args, "-port")) {            port = args[1];            if (port == NULL) {                fprintf(stderr, "Missing -port argument/n");                goto err;            }            args += 2;            nargs -= 2;            continue;        } else {            fprintf(stderr, "Unknown argument %s/n", *args);            goto err;        }    }    if (!SSL_CONF_CTX_finish(cctx)) {        fprintf(stderr, "Finish error/n");        ERR_print_errors_fp(stderr);        goto err;    }#ifdef ITERATE_CERTS    /*     * Demo of how to iterate over all certificates in an SSL_CTX structure.     */    {        X509 *x;        int rv;        rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST);        while (rv) {            X509 *x = SSL_CTX_get0_certificate(ctx);            X509_NAME_print_ex_fp(stdout, X509_get_subject_name(x), 0,                                  XN_FLAG_ONELINE);            printf("/n");            rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_NEXT);        }        fflush(stdout);    }#endif    /* Setup server side SSL bio */    ssl_bio = BIO_new_ssl(ctx, 0);    if ((in = BIO_new_accept(port)) == NULL)        goto err;    /*     * This means that when a new connection is accepted on 'in', The ssl_bio     * will be 'duplicated' and have the new socket BIO push into it.     * Basically it means the SSL BIO will be automatically setup     */    BIO_set_accept_bios(in, ssl_bio); again:    /*     * The first call will setup the accept socket, and the second will get a     * socket.  In this loop, the first actual accept will occur in the     * BIO_read() function.     */    if (BIO_do_accept(in) <= 0)        goto err;//.........这里部分代码省略.........
开发者ID:Adallom,项目名称:openssl,代码行数:101,


示例17: secure_and_send

void secure_and_send(int client_fd, char* read_pipe, char* write_pipe, int index, FILE* d_out){	BIO* bio;	SSL* ssl;	SSL_CTX* ctx;		/*init ssl library*/	SSL_library_init();	ERR_load_BIO_strings();	SSL_load_error_strings();	OpenSSL_add_all_algorithms();		/* Set up the SSL context */    ctx = SSL_CTX_new(SSLv23_client_method());    /* Load the trust store */    if(! SSL_CTX_load_verify_locations(ctx, "cacerts.pem", NULL))    {        fprintf(stderr, "Error loading trust store/n");        ERR_print_errors_fp(stderr);        SSL_CTX_free(ctx);        return;    }    /* Setup the connection */    bio = BIO_new_ssl_connect(ctx);    /* Set the SSL_MODE_AUTO_RETRY flag */    BIO_get_ssl(bio, & ssl);    SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);        /* Create and setup the connection */	char host[LINE];	sprintf(host,"%s:%s",safe_host[index],safe_port[index]);    BIO_set_conn_hostname(bio, safe_host[index]);    BIO_set_conn_port(bio,safe_port[index]);    if(BIO_do_connect(bio) <= 0)    {        fprintf(stderr, "Error attempting to connect/n");        ERR_print_errors_fp(stderr);        BIO_free_all(bio);        SSL_CTX_free(ctx);        return;    }    /* Check the certificate */    if(SSL_get_verify_result(ssl) != X509_V_OK)    {        fprintf(stderr, "Certificate verification error: %lu/n", SSL_get_verify_result(ssl));        BIO_free_all(bio);        SSL_CTX_free(ctx);        return;    }    /* Send the request */    BIO_write(bio, read_pipe, strlen(read_pipe));    /* Read in the response */    for(;;)    {        int p = BIO_read(bio, write_pipe, PIPE_MAX);        if(p <= 0) break;        p = write(client_fd,write_pipe,p);    }    /* Close the connection and free the context */	    BIO_free_all(bio);    SSL_CTX_free(ctx);    close(client_fd);    fclose(d_out);    return;}
开发者ID:optemino,项目名称:iggy-proxy,代码行数:78,


示例18: handleErrors

void handleErrors(void){  ERR_print_errors_fp(stderr);  abort();}
开发者ID:deepanshululla,项目名称:Network-security,代码行数:5,


示例19: main

//.........这里部分代码省略.........                        {                            *tmpstr = '/0';                            verbose("%s: INFO: Received request for a new agent (%s) from: %s", ARGV0, agentname, srcip);                            parseok = 1;                            break;                        }                        tmpstr++;                    }                }                if(parseok == 0)                {                    merror("%s: ERROR: Invalid request for new agent from: %s", ARGV0, srcip);                }                else                {                    int acount = 2;                    char fname[2048 +1];                    char response[2048 +1];                    char *finalkey = NULL;                    response[2048] = '/0';                    fname[2048] = '/0';                    if(!OS_IsValidName(agentname))                    {                        merror("%s: ERROR: Invalid agent name: %s from %s", ARGV0, agentname, srcip);                        snprintf(response, 2048, "ERROR: Invalid agent name: %s/n/n", agentname);                        ret = SSL_write(ssl, response, strlen(response));                        snprintf(response, 2048, "ERROR: Unable to add agent./n/n");                        ret = SSL_write(ssl, response, strlen(response));                        sleep(1);                        exit(0);                    }                    /* Checking for a duplicated names. */                    strncpy(fname, agentname, 2048);                    while(NameExist(fname))                    {                        snprintf(fname, 2048, "%s%d", agentname, acount);                        acount++;                        if(acount > 256)                        {                            merror("%s: ERROR: Invalid agent name %s (duplicated)", ARGV0, agentname);                            snprintf(response, 2048, "ERROR: Invalid agent name: %s/n/n", agentname);                            ret = SSL_write(ssl, response, strlen(response));                            snprintf(response, 2048, "ERROR: Unable to add agent./n/n");                            ret = SSL_write(ssl, response, strlen(response));                            sleep(1);                            exit(0);                        }                    }                    agentname = fname;                    /* Adding the new agent. */                    if (use_ip_address)                    {                        finalkey = OS_AddNewAgent(agentname, srcip, NULL);                    }                    else                    {                        finalkey = OS_AddNewAgent(agentname, NULL, NULL);                    }                    if(!finalkey)                    {                        merror("%s: ERROR: Unable to add agent: %s (internal error)", ARGV0, agentname);                        snprintf(response, 2048, "ERROR: Internal manager error adding agent: %s/n/n", agentname);                        ret = SSL_write(ssl, response, strlen(response));                        snprintf(response, 2048, "ERROR: Unable to add agent./n/n");                        ret = SSL_write(ssl, response, strlen(response));                        sleep(1);                        exit(0);                    }                    snprintf(response, 2048,"OSSEC K:'%s'/n/n", finalkey);                    verbose("%s: INFO: Agent key generated for %s (requested by %s)", ARGV0, agentname, srcip);                    ret = SSL_write(ssl, response, strlen(response));                    if(ret < 0)                    {                        merror("%s: ERROR: SSL write error (%d)", ARGV0, ret);                        merror("%s: ERROR: Agen key not saved for %s", ARGV0, agentname);                        ERR_print_errors_fp(stderr);                    }                    else                    {                        verbose("%s: INFO: Agent key created for %s (requested by %s)", ARGV0, agentname, srcip);                    }                }                clean_exit(ctx, client_sock);            }        }    }    /* Shutdown the socket */    clean_exit(ctx, sock);    return (0);}
开发者ID:hellogitcn,项目名称:ossec-hids,代码行数:101,


示例20: main

int main(int argc, char *argv[]){    char *port = NULL;    BIO *ssl_bio, *tmp;    SSL_CTX *ctx;    char buf[512];    int ret = 1, i;    if (argc <= 1)        port = "*:4433";    else        port = argv[1];    signal(SIGINT, close_up);    SSL_load_error_strings();    /* Add ciphers and message digests */    OpenSSL_add_ssl_algorithms();    ctx = SSL_CTX_new(TLS_server_method());    if (!SSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))        goto err;    if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))        goto err;    if (!SSL_CTX_check_private_key(ctx))        goto err;    /* Setup server side SSL bio */    ssl_bio = BIO_new_ssl(ctx, 0);    if ((in = BIO_new_accept(port)) == NULL)        goto err;    /*     * This means that when a new connection is accepted on 'in', The ssl_bio     * will be 'duplicated' and have the new socket BIO push into it.     * Basically it means the SSL BIO will be automatically setup     */    BIO_set_accept_bios(in, ssl_bio);again:    /*     * The first call will setup the accept socket, and the second will get a     * socket.  In this loop, the first actual accept will occur in the     * BIO_read() function.     */    if (BIO_do_accept(in) <= 0)        goto err;    for (;;) {        i = BIO_read(in, buf, 512);        if (i == 0) {            /*             * If we have finished, remove the underlying BIO stack so the             * next time we call any function for this BIO, it will attempt             * to do an accept             */            printf("Done/n");            tmp = BIO_pop(in);            BIO_free_all(tmp);            goto again;        }        if (i < 0)            goto err;        fwrite(buf, 1, i, stdout);        fflush(stdout);    }    ret = 0;err:    if (ret) {        ERR_print_errors_fp(stderr);    }    BIO_free(in);    exit(ret);    return (!ret);}
开发者ID:SpongeEdmund,项目名称:openssl,代码行数:79,


示例21: input_init

//.........这里部分代码省略.........	/* allow to reuse the address immediately */	if (setsockopt(conf->socket, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes)) == -1)	{		MSG_WARNING(msg_module, "Cannot turn on socket reuse option; it may take a while before collector can be restarted");	}	/* bind socket to address */	if (bind(conf->socket, addrinfo->ai_addr, addrinfo->ai_addrlen) != 0) {		MSG_ERROR(msg_module, "Cannot bind socket: %s", strerror(errno));		retval = 1;		goto out;	}	/* this is a listening socket */	if (listen(conf->socket, BACKLOG) == -1) {		MSG_ERROR(msg_module, "Cannot listen on socket: %s", strerror(errno));		retval = 1;		goto out;	}#ifdef TLS_SUPPORT	if (conf->tls) {		/* configure TLS */			/* initialize library */		SSL_load_error_strings();		SSL_library_init();			/* create CTX structure for TLS */		ctx = SSL_CTX_new(TLSv1_server_method());		if (!ctx) {			MSG_ERROR(msg_module, "Cannot create CTX structure");			ERR_print_errors_fp(stderr);			retval = 1;			goto out;		}			/* load server certificate into the CTX structure */		ret = SSL_CTX_use_certificate_file(ctx, conf->server_cert_file, SSL_FILETYPE_PEM);		if (ret != 1) {			MSG_ERROR(msg_module, "Unable to load server's certificate from %s", conf->server_cert_file);			ERR_print_errors_fp(stderr);			retval = 1;			goto out;		}			/* load private keys into the CTX structure */		SSL_CTX_use_PrivateKey_file(ctx, conf->server_pkey_file, SSL_FILETYPE_PEM);		if (ret <= 0) {			MSG_ERROR(msg_module, "Unable to load server's private key from %s", conf->server_pkey_file);			ERR_print_errors_fp(stderr);			retval = 1;			goto out;		}		/* set peer certificate verification parameters */		SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, NULL);				ssl_list = (SSL **) malloc(sizeof(SSL *) * DEFAULT_SIZE_SSL_LIST);		if (ssl_list == NULL) {			MSG_ERROR(msg_module, "Memory allocation failed (%s:%d)", __FILE__, __LINE__);			retval = 1;			goto out;		}		memset(ssl_list, 0, DEFAULT_SIZE_SSL_LIST * sizeof(SSL *));
开发者ID:VisBlank,项目名称:ipfixcol,代码行数:67,


示例22: main

int main(int argc, char **argv){    BIO *sbio = NULL, *out = NULL;    int i, len, rv;    char tmpbuf[1024];    SSL_CTX *ctx = NULL;    SSL_CONF_CTX *cctx = NULL;    SSL *ssl = NULL;    CONF *conf = NULL;    STACK_OF(CONF_VALUE) *sect = NULL;    CONF_VALUE *cnf;    const char *connect_str = "localhost:4433";    long errline = -1;    ERR_load_crypto_strings();    ERR_load_SSL_strings();    SSL_library_init();    conf = NCONF_new(NULL);    if (NCONF_load(conf, "connect.cnf", &errline) <= 0) {        if (errline <= 0)            fprintf(stderr, "Error processing config file/n");        else            fprintf(stderr, "Error on line %ld/n", errline);        goto end;    }    sect = NCONF_get_section(conf, "default");    if (sect == NULL) {        fprintf(stderr, "Error retrieving default section/n");        goto end;    }    ctx = SSL_CTX_new(TLS_client_method());    cctx = SSL_CONF_CTX_new();    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT);    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE);    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);    for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {        cnf = sk_CONF_VALUE_value(sect, i);        rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value);        if (rv > 0)            continue;        if (rv != -2) {            fprintf(stderr, "Error processing %s = %s/n",                    cnf->name, cnf->value);            ERR_print_errors_fp(stderr);            goto end;        }        if (strcmp(cnf->name, "Connect") == 0) {            connect_str = cnf->value;        } else {            fprintf(stderr, "Unknown configuration option %s/n", cnf->name);            goto end;        }    }    if (!SSL_CONF_CTX_finish(cctx)) {        fprintf(stderr, "Finish error/n");        ERR_print_errors_fp(stderr);        goto err;    }    /*     * We'd normally set some stuff like the verify paths and * mode here     * because as things stand this will connect to * any server whose     * certificate is signed by any CA.     */    sbio = BIO_new_ssl_connect(ctx);    BIO_get_ssl(sbio, &ssl);    if (!ssl) {        fprintf(stderr, "Can't locate SSL pointer/n");        goto end;    }    /* Don't want any retries */    SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);    /* We might want to do other things with ssl here */    BIO_set_conn_hostname(sbio, connect_str);    out = BIO_new_fp(stdout, BIO_NOCLOSE);    if (BIO_do_connect(sbio) <= 0) {        fprintf(stderr, "Error connecting to server/n");        ERR_print_errors_fp(stderr);        goto end;    }    if (BIO_do_handshake(sbio) <= 0) {        fprintf(stderr, "Error establishing SSL connection/n");        ERR_print_errors_fp(stderr);        goto end;    }//.........这里部分代码省略.........
开发者ID:AimaTeam-hehai,项目名称:openssl,代码行数:101,


示例23: main

//.........这里部分代码省略.........        EXIT(1);    BIO_set_fp(out, stdout, BIO_NOCLOSE);    BN_GENCB_set(&_cb, &cb, out);    if (((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,                                                               DH_GENERATOR_5,                                                               &_cb))        goto err;    if (!DH_check(a, &i))        goto err;    if (i & DH_CHECK_P_NOT_PRIME)        BIO_puts(out, "p value is not prime/n");    if (i & DH_CHECK_P_NOT_SAFE_PRIME)        BIO_puts(out, "p value is not a safe prime/n");    if (i & DH_UNABLE_TO_CHECK_GENERATOR)        BIO_puts(out, "unable to check the generator value/n");    if (i & DH_NOT_SUITABLE_GENERATOR)        BIO_puts(out, "the g value is not a generator/n");    BIO_puts(out, "/np    =");    BN_print(out, a->p);    BIO_puts(out, "/ng    =");    BN_print(out, a->g);    BIO_puts(out, "/n");    b = DH_new();    if (b == NULL)        goto err;    b->p = BN_dup(a->p);    b->g = BN_dup(a->g);    if ((b->p == NULL) || (b->g == NULL))        goto err;    /* Set a to run with normal modexp and b to use constant time */    a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;    b->flags |= DH_FLAG_NO_EXP_CONSTTIME;    if (!DH_generate_key(a))        goto err;    BIO_puts(out, "pri 1=");    BN_print(out, a->priv_key);    BIO_puts(out, "/npub 1=");    BN_print(out, a->pub_key);    BIO_puts(out, "/n");    if (!DH_generate_key(b))        goto err;    BIO_puts(out, "pri 2=");    BN_print(out, b->priv_key);    BIO_puts(out, "/npub 2=");    BN_print(out, b->pub_key);    BIO_puts(out, "/n");    alen = DH_size(a);    abuf = (unsigned char *)OPENSSL_malloc(alen);    aout = DH_compute_key(abuf, b->pub_key, a);    BIO_puts(out, "key1 =");    for (i = 0; i < aout; i++) {        snprintf(buf, sizeof(buf), "%02X",abuf[i]);        BIO_puts(out, buf);    }    BIO_puts(out, "/n");    blen = DH_size(b);    bbuf = (unsigned char *)OPENSSL_malloc(blen);    bout = DH_compute_key(bbuf, a->pub_key, b);    BIO_puts(out, "key2 =");    for (i = 0; i < bout; i++) {        snprintf(buf, sizeof(buf), "%02X",bbuf[i]);        BIO_puts(out, buf);    }    BIO_puts(out, "/n");    if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {        fprintf(stderr, "Error in DH routines/n");        ret = 1;    } else        ret = 0; err:    ERR_print_errors_fp(stderr);    if (abuf != NULL)        OPENSSL_free(abuf);    if (bbuf != NULL)        OPENSSL_free(bbuf);    if (b != NULL)        DH_free(b);    if (a != NULL)        DH_free(a);    BIO_free(out);# ifdef OPENSSL_SYS_NETWARE    if (ret)        printf("ERROR: %d/n", ret);# endif    EXIT(ret);    return (ret);}
开发者ID:Henauxg,项目名称:minix,代码行数:101,


示例24: main

int main(int count, char *strings[]){   	SSL_CTX *ctx;    int server;    int choice=0;    SSL *ssl;    char buf[1024];    int bytes;    char *hostname, *portnum;    char filename[20] ;    if ( count != 3 ){        printf("usage: %s <hostname> <portnum>/n", strings[0]);        exit(0);    }        SSL_library_init();    hostname=strings[1];    portnum=strings[2];    ctx = InitCTX();    server = OpenConnection(hostname, atoi(portnum));    ssl = SSL_new(ctx);      /* create new SSL connection state */    SSL_set_fd(ssl, server);    /* attach the socket descriptor */    if ( SSL_connect(ssl) == FAIL )   /* perform the connection */        ERR_print_errors_fp(stderr);    else{        printf("Connected with %s encryption/n/n", SSL_get_cipher(ssl));        ShowCerts(ssl);        /* get any certs */        printf("/n/n");        printf("Welcome to Cloud Storage System :/n Enter 1 - FILE UPLOAD/n 2 - FILE DOWNLOAD /n ");     	scanf("%d",&choice);        if(choice ==1){			printf("Enter the file name you want to upload :");			scanf("    %s",filename);			FILE *fp = fopen(filename,"r");			if(fp==NULL){				printf("File open error/n/n");				SSL_free(ssl);				 close(server);         /* close socket */				 SSL_CTX_free(ctx);				return 1;			}			SSL_write(ssl,filename,sizeof(filename));			char ack[10];			SSL_read(ssl,ack,sizeof(ack));       	    printf("File name ACK received: %s/n/n",ack);       	     /* Read data from file and send it. First read file in chunks of BUF_SIZE bytes */            unsigned char buff[BUF_SIZE]={0};            int nread = fread(buff,1,BUF_SIZE,fp);            printf("Bytes read %d /n", nread);            /* If read was success, send data. */            if(nread > 0){				printf("Sending File contents to server Side /n");				SSL_write(ssl, buff, nread);  /* send file contents to server */        		calHmac(buff,filename,choice);            }						// SSL_write(ssl, msg, strlen(msg)); 			bytes = SSL_read(ssl, buf, sizeof(buf)); /* get reply & decrypt */ 			buf[bytes] = 0;            printf("/nReceived: File Created at Server /n" );        }                    else if(choice ==2){            printf("Enter the file name you want to download :");            scanf("    %s",filename);            SSL_write(ssl,"DOWNLOAD",sizeof(filename));            char ack[30];            int replay=0;            SSL_read(ssl,ack,sizeof(ack));            printf("File name ACK received: %s/n/n",ack);            strcat(ack,"-");            strcat(ack,filename);            printf("Do you want to try Replay Attack? If yes, enter 1:");            scanf("%d",&replay);                        if(replay ==1){            	printf("Enter the data to replay :");            	scanf("%s",ack);            	SSL_write(ssl,ack,sizeof(ack));            }            else{           	SSL_write(ssl,ack,sizeof(ack));            }                        unsigned char fileContent[256];  			SSL_read(ssl,fileContent,sizeof(fileContent));            printf("File Contents received: %s/n/n",fileContent);            calHmac(fileContent,filename,choice);                        //path where downloaded files are stored            char filepath[90]="/Users/prashanth/Desktop/try-1/ProejectTry-2/Download/";            	            strcat(filepath,filename);            	            FILE *DownloadFp=0;//.........这里部分代码省略.........
开发者ID:archanap90,项目名称:DataProcessingApp-Crypto,代码行数:101,


示例25: test_mod_mul

int test_mod_mul(BIO *bp, BN_CTX *ctx)	{	BIGNUM *a,*b,*c,*d,*e;	int i,j;	a=BN_new();	b=BN_new();	c=BN_new();	d=BN_new();	e=BN_new();	for (j=0; j<3; j++) {	BN_bntest_rand(c,1024,0,0); /**/	for (i=0; i<num0; i++)		{		BN_bntest_rand(a,475+i*10,0,0); /**/		BN_bntest_rand(b,425+i*11,0,0); /**/		a->neg=rand_neg();		b->neg=rand_neg();		if (!BN_mod_mul(e,a,b,c,ctx))			{			unsigned long l;			while ((l=ERR_get_error()))				fprintf(stderr,"ERROR:%s/n",					ERR_error_string(l,NULL));			EXIT(1);			}		if (bp != NULL)			{			if (!results)				{				BN_print(bp,a);				BIO_puts(bp," * ");				BN_print(bp,b);				BIO_puts(bp," % ");				BN_print(bp,c);				if ((a->neg ^ b->neg) && !BN_is_zero(e))					{					/* If  (a*b) % c  is negative,  c  must be added					 * in order to obtain the normalized remainder					 * (new with OpenSSL 0.9.7, previous versions of					 * BN_mod_mul could generate negative results)					 */					BIO_puts(bp," + ");					BN_print(bp,c);					}				BIO_puts(bp," - ");				}			BN_print(bp,e);			BIO_puts(bp,"/n");			}		BN_mul(d,a,b,ctx);		BN_sub(d,d,e);		BN_div(a,b,d,c,ctx);		if(!BN_is_zero(b))		    {		    fprintf(stderr,"Modulo multiply test failed!/n");		    ERR_print_errors_fp(stderr);		    return 0;		    }		}	}	BN_free(a);	BN_free(b);	BN_free(c);	BN_free(d);	BN_free(e);	return(1);	}
开发者ID:froggatt,项目名称:edimax-br-6528n,代码行数:70,


示例26: OpenSSL_add_ssl_algorithms

static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,                                   const char *CAfile, const char *cert,                                   const char *key, const char *dcert,                                   const char *dkey, const char *cipher_list,                                   const char *dh_file,                                   const char *dh_special, int tmp_rsa,                                   int ctx_options, int out_state,                                   int out_verify, int verify_mode,                                   unsigned int verify_depth){    SSL_CTX *ctx = NULL, *ret = NULL;    const SSL_METHOD *meth;    ENGINE *e = NULL;    OpenSSL_add_ssl_algorithms();    SSL_load_error_strings();    meth = (server_mode ? SSLv23_server_method() : SSLv23_client_method());    if (meth == NULL)        goto err;    if (engine_id) {        ENGINE_load_builtin_engines();        if ((e = ENGINE_by_id(engine_id)) == NULL) {            fprintf(stderr, "Error obtaining '%s' engine, openssl "                    "errors follow/n", engine_id);            goto err;        }        if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {            fprintf(stderr, "Error assigning '%s' engine, openssl "                    "errors follow/n", engine_id);            goto err;        }        ENGINE_free(e);    }    if ((ctx = SSL_CTX_new(meth)) == NULL)        goto err;    /* cacert */    if (CAfile) {        if (!X509_STORE_load_locations(SSL_CTX_get_cert_store(ctx),                                       CAfile, NULL)) {            fprintf(stderr, "Error loading CA cert(s) in '%s'/n", CAfile);            goto err;        }        fprintf(stderr, "Info, operating with CA cert(s) in '%s'/n", CAfile);    } else        fprintf(stderr, "Info, operating without a CA cert(-list)/n");    if (!SSL_CTX_set_default_verify_paths(ctx)) {        fprintf(stderr, "Error setting default verify paths/n");        goto err;    }    /* cert and key */    if ((cert || key) && !ctx_set_cert(ctx, cert, key))        goto err;    /* dcert and dkey */    if ((dcert || dkey) && !ctx_set_cert(ctx, dcert, dkey))        goto err;    /* temporary RSA key generation */    if (tmp_rsa)        SSL_CTX_set_tmp_rsa_callback(ctx, cb_generate_tmp_rsa);    /* cipher_list */    if (cipher_list) {        if (!SSL_CTX_set_cipher_list(ctx, cipher_list)) {            fprintf(stderr, "Error setting cipher list '%s'/n", cipher_list);            goto err;        }        fprintf(stderr, "Info, set cipher list '%s'/n", cipher_list);    } else        fprintf(stderr, "Info, operating with default cipher list/n");    /* dh_file & dh_special */    if ((dh_file || dh_special) && !ctx_set_dh(ctx, dh_file, dh_special))        goto err;    /* ctx_options */    SSL_CTX_set_options(ctx, ctx_options);    /* out_state (output of SSL handshake states to screen). */    if (out_state)        cb_ssl_info_set_output(stderr);    /* out_verify */    if (out_verify > 0) {        cb_ssl_verify_set_output(stderr);        cb_ssl_verify_set_level(out_verify);    }    /* verify_depth */    cb_ssl_verify_set_depth(verify_depth);    /* Success! (includes setting verify_mode) */    SSL_CTX_set_info_callback(ctx, cb_ssl_info);    SSL_CTX_set_verify(ctx, verify_mode, cb_ssl_verify);    ret = ctx; err:    if (!ret) {        ERR_print_errors_fp(stderr);        if (ctx)            SSL_CTX_free(ctx);//.........这里部分代码省略.........
开发者ID:119120119,项目名称:node,代码行数:101,


示例27: SFSocketConnectToHost

int SFSocketConnectToHost (SFSocket *clientSocket, const char *host, int port) {    struct sockaddr_in *addr = NULL;    struct hostent *hp = NULL;    SSL_CTX *ctx = NULL;    int sock = 0;    if ((hp = gethostbyname(host)) == NULL)        return(-1);    /* Setup Address */    addr = SFSocketAddress(clientSocket);    memset(addr, 0, sizeof(struct sockaddr_in));    addr->sin_addr = *((struct in_addr *)hp->h_addr_list[0]);    addr->sin_family = AF_INET;    addr->sin_port = htons(port);#ifdef _WIN32    if ( INVALID_SOCKET == (sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) )#else	if (0 > (sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)))#endif		return(-2);    /* Connect to Host */#ifdef _WIN32	if (SOCKET_ERROR == connect(sock, (struct sockaddr *)addr, sizeof(struct sockaddr_in)) )#else	if (0 > connect(sock, (struct sockaddr *)addr, sizeof(struct sockaddr_in)))#endif	{#ifdef _WIN32		errno_t theError = WSAGetLastError();        closesocket(sock);#else		close(sock);#endif		sock = 0;		return(-3);    }    /* Set Socket Descriptor */    SFSocketSetDescriptor(clientSocket, sock);        if (NULL != (ctx = SFSocketContext(clientSocket))) {        BIO *bio = NULL;        SSL *ssl = NULL;        /* Setup SSL */        if (NULL == (ssl = SSL_new(ctx))) {            ERR_print_errors_fp(stderr);            SFSocketClearDescriptor(clientSocket);#ifdef _WIN32            closesocket(sock);#else			close(sock);#endif			sock = 0;            return(-4);        }        /* Setup BIO */        if ((bio = BIO_new_socket(sock, BIO_NOCLOSE)) == NULL) {            SFSocketClearDescriptor(clientSocket);            SSL_free(ssl);#ifdef _WIN32            closesocket(sock);#else			close(sock);#endif			sock = 0;			return(-5);        }        /* SSL Connect */        SSL_set_bio(ssl, bio, bio);        if (0 >= SSL_connect(ssl)) {            ERR_print_errors_fp(stderr);            return(-6);        }        /* Setup SSL/BIO on Socket */        SFSocketSetSSL(clientSocket, ssl);        SFSocketSetBIO(clientSocket, bio);		//TODO Figure out why Certs weren't working.		// TODO get certs working.		// TODO otherwise at least figure out how to call this without a cert        /* Check Certificate *///        if (__SFSocketCheckCert(clientSocket, host) < 0)//            return(-7);    }    return(0);}
开发者ID:DOUGLASMENDES,项目名称:Open-Transactions,代码行数:94,


示例28: handle_connection

/* handles a client connection */void handle_connection(int sock){        u_int32_t calculated_crc32;	command *temp_command;	packet receive_packet;	packet send_packet;	int bytes_to_send;	int bytes_to_recv;	char buffer[MAX_INPUT_BUFFER];	char raw_command[MAX_INPUT_BUFFER];	char processed_command[MAX_INPUT_BUFFER];	int result=STATE_OK;	int early_timeout=FALSE;	int rc;	int x;#ifdef DEBUG	FILE *errfp;#endif#ifdef HAVE_SSL	SSL *ssl=NULL;#endif	/* log info to syslog facility */	if(debug==TRUE)		syslog(LOG_DEBUG,"Handling the connection...");#ifdef OLDSTUFF	/* socket should be non-blocking */	fcntl(sock,F_SETFL,O_NONBLOCK);#endif	/* set connection handler */	signal(SIGALRM,my_connection_sighandler);	alarm(connection_timeout);#ifdef HAVE_SSL	/* do SSL handshake */	if(result==STATE_OK && use_ssl==TRUE){		if((ssl=SSL_new(ctx))!=NULL){			SSL_set_fd(ssl,sock);			/* keep attempting the request if needed */                        while(((rc=SSL_accept(ssl))!=1) && (SSL_get_error(ssl,rc)==SSL_ERROR_WANT_READ));			if(rc!=1){				syslog(LOG_ERR,"Error: Could not complete SSL handshake. %d/n",SSL_get_error(ssl,rc));#ifdef DEBUG				errfp=fopen("/tmp/err.log","w");				ERR_print_errors_fp(errfp);				fclose(errfp);#endif				return;			        }		        }		else{			syslog(LOG_ERR,"Error: Could not create SSL connection structure./n");#ifdef DEBUG			errfp=fopen("/tmp/err.log","w");			ERR_print_errors_fp(errfp);			fclose(errfp);#endif			return;		        }	        }#endif	bytes_to_recv=sizeof(receive_packet);	if(use_ssl==FALSE)		rc=recvall(sock,(char *)&receive_packet,&bytes_to_recv,socket_timeout);#ifdef HAVE_SSL	else{                while(((rc=SSL_read(ssl,&receive_packet,bytes_to_recv))<=0) && (SSL_get_error(ssl,rc)==SSL_ERROR_WANT_READ));		}#endif	/* recv() error or client disconnect */	if(rc<=0){		/* log error to syslog facility */		syslog(LOG_ERR,"Could not read request from client, bailing out...");#ifdef HAVE_SSL		if(ssl){			SSL_shutdown(ssl);			SSL_free(ssl);			syslog(LOG_INFO,"INFO: SSL Socket Shutdown./n");			}#endif		return;                }	/* we couldn't read the correct amount of data, so bail out */	else if(bytes_to_recv!=sizeof(receive_packet)){		/* log error to syslog facility */		syslog(LOG_ERR,"Data packet from client was too short, bailing out...");#ifdef HAVE_SSL//.........这里部分代码省略.........
开发者ID:Honwhy,项目名称:icinga-nrpe-ipv6,代码行数:101,


示例29: main

//.........这里部分代码省略.........    if (!DH_check(a, &i))        goto err;    if (i & DH_CHECK_P_NOT_PRIME)        BIO_puts(out, "p value is not prime/n");    if (i & DH_CHECK_P_NOT_SAFE_PRIME)        BIO_puts(out, "p value is not a safe prime/n");    if (i & DH_UNABLE_TO_CHECK_GENERATOR)        BIO_puts(out, "unable to check the generator value/n");    if (i & DH_NOT_SUITABLE_GENERATOR)        BIO_puts(out, "the g value is not a generator/n");    DH_get0_pqg(a, &ap, NULL, &ag);    BIO_puts(out, "/np    =");    BN_print(out, ap);    BIO_puts(out, "/ng    =");    BN_print(out, ag);    BIO_puts(out, "/n");    b = DH_new();    if (b == NULL)        goto err;    bp = BN_dup(ap);    bg = BN_dup(ag);    if ((bp == NULL) || (bg == NULL) || !DH_set0_pqg(b, bp, NULL, bg))        goto err;    bp = bg = NULL;    if (!DH_generate_key(a))        goto err;    DH_get0_key(a, &apub_key, &priv_key);    BIO_puts(out, "pri 1=");    BN_print(out, priv_key);    BIO_puts(out, "/npub 1=");    BN_print(out, apub_key);    BIO_puts(out, "/n");    if (!DH_generate_key(b))        goto err;    DH_get0_key(b, &bpub_key, &priv_key);    BIO_puts(out, "pri 2=");    BN_print(out, priv_key);    BIO_puts(out, "/npub 2=");    BN_print(out, bpub_key);    BIO_puts(out, "/n");    alen = DH_size(a);    abuf = OPENSSL_malloc(alen);    if (abuf == NULL)        goto err;    aout = DH_compute_key(abuf, bpub_key, a);    BIO_puts(out, "key1 =");    for (i = 0; i < aout; i++) {        sprintf(buf, "%02X", abuf[i]);        BIO_puts(out, buf);    }    BIO_puts(out, "/n");    blen = DH_size(b);    bbuf = OPENSSL_malloc(blen);    if (bbuf == NULL)        goto err;    bout = DH_compute_key(bbuf, apub_key, b);    BIO_puts(out, "key2 =");    for (i = 0; i < bout; i++) {        sprintf(buf, "%02X", bbuf[i]);        BIO_puts(out, buf);    }    BIO_puts(out, "/n");    if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {        fprintf(stderr, "Error in DH routines/n");        ret = 1;    } else        ret = 0;    if (!run_rfc5114_tests())        ret = 1; err:    (void)BIO_flush(out);    ERR_print_errors_fp(stderr);    OPENSSL_free(abuf);    OPENSSL_free(bbuf);    DH_free(b);    DH_free(a);    BN_free(bp);    BN_free(bg);    BN_GENCB_free(_cb);    BIO_free(out);#ifndef OPENSSL_NO_CRYPTO_MDEBUG    if (CRYPTO_mem_leaks_fp(stderr) <= 0)        ret = 1;#endif    EXIT(ret);}
开发者ID:1234-,项目名称:openssl,代码行数:101,


示例30: main

//.........这里部分代码省略.........		fprintf(stderr,_GGSL(" --help    show this list/n"));		fprintf(stderr,_GGSL(" --debug   set debugging on/n"));		fprintf(stderr,_GGSL(" --cert    file name of long term certificate/n"));		fprintf(stderr,_GGSL(" --out1     file name for name/n"));		fprintf(stderr,_GGSL(" --out2    file name for commonName/n");		exit(1);	}	home = (char *)getenv("HOME");	if (home == NULL) {#ifndef WIN32		fprintf(stderr,_GGSL("$HOME not defined"));		exit(1);#else		home = "c://windows";#endif	}	if (!strncmp(certfile,"SC:",3)) {#ifdef USE_PKCS11        char *cp;        char *kp;        int rc;        cp = certfile + 3;        kp = strchr(cp,':');        if (kp == NULL) {            fprintf(stderr,_GGSL("Bad format of cert name, SC:card:cert/n"));            exit (2);        }        kp++; /* skip the : */        if (hSession == 0) {            rc = sc_init(&hSession, cp, NULL, pin, CKU_USER, 0);            if (rc) {                fprintf(stderr,_GGSL("Failed to open card session/n"));                ERR_print_errors_fp (stderr);                exit(2);            }        }        rc = sc_get_cert_obj_by_label(hSession,kp,&ucert);        if (rc) {            fprintf(stderr,_GGSL("Failed to find certificate on card /n"));            ERR_print_errors_fp (stderr);            exit(2);        }#else        fprintf(stderr,_GGSL("Smart card support not compiled with this program/n"));            exit (2);#endif /* USE_PKCS11 */	} else {		fp = fopen (certfile, "r");		if (fp == NULL) {			fprintf(stderr,_GGSL(" failed to open %s/n",certfile));	 		exit (1);		}		ucert = PEM_read_X509 (fp, NULL, OPENSSL_PEM_CB(NULL, NULL));		fclose (fp);}	if (ucert == NULL) {		ERR_print_errors_fp (stderr);		exit (1); 	}
开发者ID:bbockelm,项目名称:globus-toolkit,代码行数:66,



注:本文中的ERR_print_errors_fp函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


C++ ERR_remove_state函数代码示例
C++ ERR_print_errors函数代码示例
万事OK自学网:51自学网_软件自学网_CAD自学网自学excel、自学PS、自学CAD、自学C语言、自学css3实例,是一个通过网络自主学习工作技能的自学平台,网友喜欢的软件自学网站。