自学教程：C++ EVP_PKEY_set_type函数代码示例

/* * Parses GOST algorithm parameters from X509_ALGOR and modifies pkey setting * NID and parameters */static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg){    ASN1_OBJECT *palg_obj = NULL;    int ptype = V_ASN1_UNDEF;    int pkey_nid = NID_undef, param_nid = NID_undef;    ASN1_STRING *pval = NULL;    const unsigned char *p;    GOST_KEY_PARAMS *gkp = NULL;    if (!pkey || !palg)        return 0;    X509_ALGOR_get0(&palg_obj, &ptype, (void **)&pval, palg);    if (ptype != V_ASN1_SEQUENCE) {        GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,                GOST_R_BAD_KEY_PARAMETERS_FORMAT);        return 0;    }    p = pval->data;    pkey_nid = OBJ_obj2nid(palg_obj);    gkp = d2i_GOST_KEY_PARAMS(NULL, &p, pval->length);    if (!gkp) {        GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,                GOST_R_BAD_PKEY_PARAMETERS_FORMAT);        return 0;    }    param_nid = OBJ_obj2nid(gkp->key_params);    GOST_KEY_PARAMS_free(gkp);    if (!EVP_PKEY_set_type(pkey, pkey_nid)) {        GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, ERR_R_INTERNAL_ERROR);        return 0;    }    return gost_decode_nid_params(pkey, pkey_nid, param_nid);}

/* Padding is ignored. We use OAEP by default. Parameter is to support more paddings in the future */soter_status_t soter_asym_cipher_init(soter_asym_cipher_t* asym_cipher, const void* key, const size_t key_length, soter_asym_cipher_padding_t pad){	EVP_PKEY *pkey;	if ((!asym_cipher) || (SOTER_ASYM_CIPHER_OAEP != pad))	{		return SOTER_INVALID_PARAMETER;	}	pkey = EVP_PKEY_new();	if (!pkey)	{		return SOTER_NO_MEMORY;	}	/* Only RSA supports asymmetric encryption */	if (!EVP_PKEY_set_type(pkey, EVP_PKEY_RSA))	{		EVP_PKEY_free(pkey);		return SOTER_FAIL;	}	asym_cipher->pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);	if (!(asym_cipher->pkey_ctx))	{		EVP_PKEY_free(pkey);		return SOTER_FAIL;	}	SOTER_IF_FAIL(soter_asym_cipher_import_key(asym_cipher, key, key_length)==SOTER_SUCCESS, (EVP_PKEY_free(pkey), EVP_PKEY_CTX_free(asym_cipher->pkey_ctx)));	return SOTER_SUCCESS;}

int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)	{	if (!EVP_PKEY_set_type(pkey, type))		return 0;	pkey->pkey.ptr=(char*)key;	return (key != NULL);	}

EVP_PKEY *d2i_KeyParams(int type, EVP_PKEY **a, const unsigned char **pp,                        long length){    EVP_PKEY *ret = NULL;    const unsigned char *p = *pp;    if ((a == NULL) || (*a == NULL)) {        if ((ret = EVP_PKEY_new()) == NULL)            return NULL;    } else        ret = *a;    if (type != EVP_PKEY_id(ret) && !EVP_PKEY_set_type(ret, type))        goto err;    if (ret->ameth == NULL || ret->ameth->param_decode == NULL) {        ASN1err(ASN1_F_D2I_KEYPARAMS, ASN1_R_UNSUPPORTED_TYPE);        goto err;    }    if (!ret->ameth->param_decode(ret, &p, length))        goto err;    if (a != NULL)        (*a) = ret;    return ret;err:    if (a == NULL || *a != ret)        EVP_PKEY_free(ret);    return NULL;}

/* * Parses GOST algorithm parameters from X509_ALGOR and modifies pkey setting * NID and parameters */static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg){    ASN1_OBJECT *palg_obj = NULL;    int ptype = V_ASN1_UNDEF;    int pkey_nid = NID_undef, param_nid = NID_undef;    void *_pval;    ASN1_STRING *pval = NULL;    const unsigned char *p;    GOST_KEY_PARAMS *gkp = NULL;    X509_ALGOR_get0(&palg_obj, &ptype, &_pval, palg);    pval = _pval;    if (ptype != V_ASN1_SEQUENCE) {        GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,                GOST_R_BAD_KEY_PARAMETERS_FORMAT);        return 0;    }    p = pval->data;    pkey_nid = OBJ_obj2nid(palg_obj);    gkp = d2i_GOST_KEY_PARAMS(NULL, &p, pval->length);    if (!gkp) {        GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,                GOST_R_BAD_PKEY_PARAMETERS_FORMAT);        return 0;    }    param_nid = OBJ_obj2nid(gkp->key_params);    GOST_KEY_PARAMS_free(gkp);    if(!EVP_PKEY_set_type(pkey, pkey_nid)) {        GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, ERR_R_INTERNAL_ERROR);        return 0;    }    switch (pkey_nid) {    case NID_id_GostR3410_94:        {            DSA *dsa = EVP_PKEY_get0(pkey);            if (!dsa) {                dsa = DSA_new();                if (!EVP_PKEY_assign(pkey, pkey_nid, dsa))                    return 0;            }            if (!fill_GOST94_params(dsa, param_nid))                return 0;            break;        }    case NID_id_GostR3410_2001:        {            EC_KEY *ec = EVP_PKEY_get0(pkey);            if (!ec) {                ec = EC_KEY_new();                if (!EVP_PKEY_assign(pkey, pkey_nid, ec))                    return 0;            }            if (!fill_GOST2001_params(ec, param_nid))                return 0;        }    }    return 1;}

static int set_pkey_type_from_str(EVP_PKEY *pkey, const char *name, size_t len) {  int nid = public_key_type_from_str(name, len);  if (nid == NID_undef) {    return 0;  }  return EVP_PKEY_set_type(pkey, nid);}

EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)	{	EVP_PKEY *ret=NULL;	if (key == NULL) goto error;	if (key->pkey != NULL)		{		return EVP_PKEY_dup(key->pkey);		}	if (key->public_key == NULL) goto error;	if ((ret = EVP_PKEY_new()) == NULL)		{		OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, ERR_R_MALLOC_FAILURE);		goto error;		}	if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm)))		{		OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_UNSUPPORTED_ALGORITHM);		goto error;		}	if (ret->ameth->pub_decode)		{		if (!ret->ameth->pub_decode(ret, key))			{			OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_PUBLIC_KEY_DECODE_ERROR);			goto error;			}		}	else		{		OPENSSL_PUT_ERROR(X509, X509_PUBKEY_get, X509_R_METHOD_NOT_SUPPORTED);		goto error;		}	/* Check to see if another thread set key->pkey first */	CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);	if (key->pkey)		{		CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);		EVP_PKEY_free(ret);		ret = key->pkey;		}	else		{		key->pkey = ret;		CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);		}	return EVP_PKEY_dup(ret);	error:	if (ret != NULL)		EVP_PKEY_free(ret);	return(NULL);	}

int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) {    if (!EVP_PKEY_set_type(pkey, type)) {        return 0;    }    pkey->pkey.ptr = key;    return key != NULL;}

int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from){    if (to->type == EVP_PKEY_NONE) {        if (EVP_PKEY_set_type(to, from->type) == 0)            return 0;    } else if (to->type != from->type) {        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES);        goto err;    }    if (EVP_PKEY_missing_parameters(from)) {        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);        goto err;    }    if (!EVP_PKEY_missing_parameters(to)) {        if (EVP_PKEY_cmp_parameters(to, from) == 1)            return 1;        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_PARAMETERS);        return 0;    }    if (from->ameth && from->ameth->param_copy)        return from->ameth->param_copy(to, from); err:    return 0;}

EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,                        long length){    EVP_PKEY *ret;    if ((a == NULL) || (*a == NULL)) {        if ((ret = EVP_PKEY_new()) == NULL) {            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);            return (NULL);        }    } else        ret = *a;    if (!EVP_PKEY_set_type(ret, type)) {        ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);        goto err;    }    switch (EVP_PKEY_id(ret)) {#ifndef OPENSSL_NO_RSA    case EVP_PKEY_RSA:        if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) {            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);            goto err;        }        break;#endif#ifndef OPENSSL_NO_DSA    case EVP_PKEY_DSA:        /* TMP UGLY CAST */        if (!d2i_DSAPublicKey(&ret->pkey.dsa, pp, length)) {            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);            goto err;        }        break;#endif#ifndef OPENSSL_NO_EC    case EVP_PKEY_EC:        if (!o2i_ECPublicKey(&ret->pkey.ec, pp, length)) {            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);            goto err;        }        break;#endif    default:        ASN1err(ASN1_F_D2I_PUBLICKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);        goto err;        /* break; */    }    if (a != NULL)        (*a) = ret;    return (ret); err:    if (a == NULL || *a != ret)        EVP_PKEY_free(ret);    return (NULL);}

soter_status_t soter_verify_init_rsa_pss_pkcs8(soter_sign_ctx_t* ctx,                                               const void* private_key,                                               const size_t private_key_length,                                               const void* public_key,                                               const size_t public_key_length){    /* pkey_ctx init */    EVP_PKEY* pkey;    pkey = EVP_PKEY_new();    if (!pkey) {        return SOTER_NO_MEMORY;    }    if (!EVP_PKEY_set_type(pkey, EVP_PKEY_RSA)) {        EVP_PKEY_free(pkey);        return SOTER_FAIL;    }    ctx->pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);    if (!(ctx->pkey_ctx)) {        EVP_PKEY_free(pkey);        return SOTER_FAIL;    }    if (private_key && private_key_length != 0) {        if (soter_rsa_import_key(pkey, private_key, private_key_length) != SOTER_SUCCESS) {            soter_verify_cleanup_rsa_pss_pkcs8(ctx);            return SOTER_FAIL;        }    }    if (public_key && public_key_length != 0) {        if (soter_rsa_import_key(pkey, public_key, public_key_length) != SOTER_SUCCESS) {            soter_verify_cleanup_rsa_pss_pkcs8(ctx);            return SOTER_FAIL;        }    }    /*md_ctx init*/    ctx->md_ctx = EVP_MD_CTX_create();    if (!(ctx->md_ctx)) {        soter_verify_cleanup_rsa_pss_pkcs8(ctx);        return SOTER_NO_MEMORY;    }    EVP_PKEY_CTX* md_pkey_ctx = NULL;    if (!EVP_DigestVerifyInit(ctx->md_ctx, &md_pkey_ctx, EVP_sha256(), NULL, pkey)) {        soter_verify_cleanup_rsa_pss_pkcs8(ctx);        return SOTER_FAIL;    }    if (!EVP_PKEY_CTX_set_rsa_padding(md_pkey_ctx, RSA_PKCS1_PSS_PADDING)) {        soter_verify_cleanup_rsa_pss_pkcs8(ctx);        return SOTER_FAIL;    }    if (!EVP_PKEY_CTX_set_rsa_pss_saltlen(md_pkey_ctx, -2)) {        soter_verify_cleanup_rsa_pss_pkcs8(ctx);        return SOTER_FAIL;    }    return SOTER_SUCCESS;}

EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,                         long length){    EVP_PKEY *ret;    const unsigned char *p = *pp;    if ((a == NULL) || (*a == NULL)) {        if ((ret = EVP_PKEY_new()) == NULL) {            ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);            return (NULL);        }    } else {        ret = *a;#ifndef OPENSSL_NO_ENGINE        if (ret->engine) {            ENGINE_finish(ret->engine);            ret->engine = NULL;        }#endif    }    if (!EVP_PKEY_set_type(ret, type)) {        ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);        goto err;    }    if (!ret->ameth->old_priv_decode ||        !ret->ameth->old_priv_decode(ret, &p, length)) {        if (ret->ameth->priv_decode) {            EVP_PKEY *tmp;            PKCS8_PRIV_KEY_INFO *p8 = NULL;            p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);            if (!p8)                goto err;            tmp = EVP_PKCS82PKEY(p8);            PKCS8_PRIV_KEY_INFO_free(p8);            if (tmp == NULL)                goto err;            EVP_PKEY_free(ret);            ret = tmp;        } else {            ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);            goto err;        }    }    *pp = p;    if (a != NULL)        (*a) = ret;    return (ret); err:    if ((ret != NULL) && ((a == NULL) || (*a != ret)))        EVP_PKEY_free(ret);    return (NULL);}

EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp,                         long len) {  EVP_PKEY *ret;  if (out == NULL || *out == NULL) {    ret = EVP_PKEY_new();    if (ret == NULL) {      OPENSSL_PUT_ERROR(EVP, ERR_R_EVP_LIB);      return NULL;    }  } else {    ret = *out;  }  if (!EVP_PKEY_set_type(ret, type)) {    OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE);    goto err;  }  const uint8_t *in = *inp;  if (!ret->ameth->old_priv_decode ||      !ret->ameth->old_priv_decode(ret, &in, len)) {    if (ret->ameth->priv_decode) {      /* Reset |in| in case |old_priv_decode| advanced it on error. */      in = *inp;      PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &in, len);      if (!p8) {        goto err;      }      EVP_PKEY_free(ret);      ret = EVP_PKCS82PKEY(p8);      PKCS8_PRIV_KEY_INFO_free(p8);      if (ret == NULL) {        goto err;      }    } else {      OPENSSL_PUT_ERROR(EVP, ERR_R_ASN1_LIB);      goto err;    }  }  if (out != NULL) {    *out = ret;  }  *inp = in;  return ret;err:  if (out == NULL || *out != ret) {    EVP_PKEY_free(ret);  }  return NULL;}

EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key){    EVP_PKEY *ret = NULL;    if (key == NULL)        goto error;    if (key->pkey != NULL) {        CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);        return key->pkey;    }    if (key->public_key == NULL)        goto error;    if ((ret = EVP_PKEY_new()) == NULL) {        X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);        goto error;    }    if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {        X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM);        goto error;    }    if (ret->ameth->pub_decode) {        if (!ret->ameth->pub_decode(ret, key)) {            X509err(X509_F_X509_PUBKEY_GET, X509_R_PUBLIC_KEY_DECODE_ERROR);            goto error;        }    } else {        X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED);        goto error;    }    /* Check to see if another thread set key->pkey first */    CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);    if (key->pkey) {        CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);        EVP_PKEY_free(ret);        ret = key->pkey;    } else {        key->pkey = ret;        CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);    }    CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);    return ret; error:    EVP_PKEY_free(ret);    return (NULL);}

soter_status_t soter_verify_init_ecdsa_none_pkcs8(soter_sign_ctx_t* ctx,                                                  const void* private_key,                                                  const size_t private_key_length,                                                  const void* public_key,                                                  const size_t public_key_length){    /* pkey_ctx init */    EVP_PKEY* pkey;    pkey = EVP_PKEY_new();    if (!pkey) {        return SOTER_NO_MEMORY;    }    if (!EVP_PKEY_set_type(pkey, EVP_PKEY_EC)) {        EVP_PKEY_free(pkey);        return SOTER_FAIL;    }    ctx->pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);    if (!(ctx->pkey_ctx)) {        EVP_PKEY_free(pkey);        return SOTER_FAIL;    }    /* TODO: Review needed */    if ((private_key) && (private_key_length)) {        if (soter_ec_import_key(pkey, private_key, private_key_length) != SOTER_SUCCESS) {            soter_verify_cleanup_ecdsa_none_pkcs8(ctx);            return SOTER_FAIL;        }    }    if ((public_key) && (public_key_length)) {        if (soter_ec_import_key(pkey, public_key, public_key_length) != SOTER_SUCCESS) {            soter_verify_cleanup_ecdsa_none_pkcs8(ctx);            return SOTER_FAIL;        }    }    /*md_ctx init*/    ctx->md_ctx = EVP_MD_CTX_create();    if (!(ctx->md_ctx)) {        soter_verify_cleanup_ecdsa_none_pkcs8(ctx);        return SOTER_NO_MEMORY;    }    if (!EVP_DigestVerifyInit(ctx->md_ctx, NULL, EVP_sha256(), NULL, pkey)) {        soter_verify_cleanup_ecdsa_none_pkcs8(ctx);        return SOTER_FAIL;    }    return SOTER_SUCCESS;}

EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8){	EVP_PKEY *pkey = NULL;	ASN1_OBJECT *algoid;	char obj_tmp[80];	if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))		return NULL;	if (!(pkey = EVP_PKEY_new())) {		EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE);		return NULL;	}	if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid)))		{		EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);		i2t_ASN1_OBJECT(obj_tmp, 80, algoid);		ERR_add_error_data(2, "TYPE=", obj_tmp);		goto error;		}	if (pkey->ameth->priv_decode)		{		if (!pkey->ameth->priv_decode(pkey, p8))			{			EVPerr(EVP_F_EVP_PKCS82PKEY,					EVP_R_PRIVATE_KEY_DECODE_ERROR);			goto error;			}		}	else		{		EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);		goto error;		}	return pkey;	error:	EVP_PKEY_free (pkey);	return NULL;}

soter_status_t soter_asym_ka_init(soter_asym_ka_t* asym_ka_ctx, soter_asym_ka_alg_t alg){	EVP_PKEY *pkey;	int nid = soter_alg_to_curve_nid(alg);	if ((!asym_ka_ctx) || (0 == nid))	{		return SOTER_INVALID_PARAMETER;	}	pkey = EVP_PKEY_new();	if (!pkey)	{		return SOTER_NO_MEMORY;	}	if (!EVP_PKEY_set_type(pkey, EVP_PKEY_EC))	{		EVP_PKEY_free(pkey);		return SOTER_FAIL;	}	asym_ka_ctx->pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);	if (!(asym_ka_ctx->pkey_ctx))	{		EVP_PKEY_free(pkey);		return SOTER_FAIL;	}	EC_KEY* ec = EC_KEY_new_by_curve_name(nid);	if( !ec ){		EVP_PKEY_CTX_free(asym_ka_ctx->pkey_ctx);		return SOTER_FAIL;	}		if(1!=EVP_PKEY_set1_EC_KEY(pkey, ec)){		EVP_PKEY_CTX_free(asym_ka_ctx->pkey_ctx);		EC_KEY_free(ec);		return SOTER_FAIL;	}	EC_KEY_free(ec);	return SOTER_SUCCESS;}

EVP_PKEY *EVP_parse_public_key(CBS *cbs) {  // Parse the SubjectPublicKeyInfo.  CBS spki, algorithm, key;  int type;  uint8_t padding;  if (!CBS_get_asn1(cbs, &spki, CBS_ASN1_SEQUENCE) ||      !CBS_get_asn1(&spki, &algorithm, CBS_ASN1_SEQUENCE) ||      !parse_key_type(&algorithm, &type) ||      !CBS_get_asn1(&spki, &key, CBS_ASN1_BITSTRING) ||      CBS_len(&spki) != 0 ||      // Every key type defined encodes the key as a byte string with the same      // conversion to BIT STRING.      !CBS_get_u8(&key, &padding) ||      padding != 0) {    OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);    return NULL;  }  // Set up an |EVP_PKEY| of the appropriate type.  EVP_PKEY *ret = EVP_PKEY_new();  if (ret == NULL ||      !EVP_PKEY_set_type(ret, type)) {    goto err;  }  // Call into the type-specific SPKI decoding function.  if (ret->ameth->pub_decode == NULL) {    OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);    goto err;  }  if (!ret->ameth->pub_decode(ret, &algorithm, &key)) {    goto err;  }  return ret;err:  EVP_PKEY_free(ret);  return NULL;}

soter_status_t soter_rsa_key_pair_gen_init(soter_rsa_key_pair_gen_t* ctx, const unsigned key_length){    EVP_PKEY *pkey;    pkey = EVP_PKEY_new();    SOTER_CHECK(pkey);    /* Only RSA supports asymmetric encryption */    SOTER_IF_FAIL(EVP_PKEY_set_type(pkey, EVP_PKEY_RSA), EVP_PKEY_free(pkey));    ctx->pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);    SOTER_IF_FAIL(ctx->pkey_ctx,EVP_PKEY_free(pkey));    BIGNUM *pub_exp;    SOTER_IF_FAIL(EVP_PKEY_keygen_init(ctx->pkey_ctx), EVP_PKEY_CTX_free(ctx->pkey_ctx));    /* Although it seems that OpenSSL/LibreSSL use 0x10001 as default public exponent, we will set it explicitly just in case */    pub_exp = BN_new();    SOTER_CHECK(pub_exp);    SOTER_IF_FAIL(BN_set_word(pub_exp, RSA_F4), (BN_free(pub_exp), EVP_PKEY_CTX_free(ctx->pkey_ctx)));    SOTER_IF_FAIL(1 <= EVP_PKEY_CTX_ctrl(ctx->pkey_ctx, -1, -1, EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pub_exp), (BN_free(pub_exp), EVP_PKEY_CTX_free(ctx->pkey_ctx)));    /* Override default key size for RSA key. Currently OpenSSL has default key size of 1024. LibreSSL has 2048. We will put 2048 explicitly */    SOTER_IF_FAIL((1 <= EVP_PKEY_CTX_ctrl(ctx->pkey_ctx, -1, -1, EVP_PKEY_CTRL_RSA_KEYGEN_BITS, rsa_key_length(key_length), NULL)), (BN_free(pub_exp), EVP_PKEY_CTX_free(ctx->pkey_ctx)));    SOTER_IF_FAIL(EVP_PKEY_keygen(ctx->pkey_ctx, &pkey), (BN_free(pub_exp), EVP_PKEY_CTX_free(ctx->pkey_ctx)));    return SOTER_SUCCESS;}

EVP_PKEY *EVP_parse_private_key(CBS *cbs) {  // Parse the PrivateKeyInfo.  CBS pkcs8, algorithm, key;  uint64_t version;  int type;  if (!CBS_get_asn1(cbs, &pkcs8, CBS_ASN1_SEQUENCE) ||      !CBS_get_asn1_uint64(&pkcs8, &version) ||      version != 0 ||      !CBS_get_asn1(&pkcs8, &algorithm, CBS_ASN1_SEQUENCE) ||      !parse_key_type(&algorithm, &type) ||      !CBS_get_asn1(&pkcs8, &key, CBS_ASN1_OCTETSTRING)) {    OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);    return NULL;  }  // A PrivateKeyInfo ends with a SET of Attributes which we ignore.  // Set up an |EVP_PKEY| of the appropriate type.  EVP_PKEY *ret = EVP_PKEY_new();  if (ret == NULL ||      !EVP_PKEY_set_type(ret, type)) {    goto err;  }  // Call into the type-specific PrivateKeyInfo decoding function.  if (ret->ameth->priv_decode == NULL) {    OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);    goto err;  }  if (!ret->ameth->priv_decode(ret, &algorithm, &key)) {    goto err;  }  return ret;err:  EVP_PKEY_free(ret);  return NULL;}

static int x509_pubkey_decode(EVP_PKEY **ppkey, X509_PUBKEY *key)    {    EVP_PKEY *pkey = EVP_PKEY_new();    if (pkey == NULL) {        X509err(X509_F_X509_PUBKEY_DECODE, ERR_R_MALLOC_FAILURE);        return -1;    }    if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(key->algor->algorithm))) {        X509err(X509_F_X509_PUBKEY_DECODE, X509_R_UNSUPPORTED_ALGORITHM);        goto error;    }    if (pkey->ameth->pub_decode) {        /*         * Treat any failure of pub_decode as a decode error. In         * future we could have different return codes for decode         * errors and fatal errors such as malloc failure.         */        if (!pkey->ameth->pub_decode(pkey, key)) {            X509err(X509_F_X509_PUBKEY_DECODE, X509_R_PUBLIC_KEY_DECODE_ERROR);            goto error;        }    } else {        X509err(X509_F_X509_PUBKEY_DECODE, X509_R_METHOD_NOT_SUPPORTED);        goto error;    }    *ppkey = pkey;    return 1; error:    EVP_PKEY_free(pkey);    return 0;}

/* * Process a key_share extension received in the ClientHello. |pkt| contains * the raw PACKET data for the extension. Returns 1 on success or 0 on failure. * If a failure occurs then |*al| is set to an appropriate alert value. */int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, int *al){    unsigned int group_id;    PACKET key_share_list, encoded_pt;    const unsigned char *clntcurves, *srvrcurves;    size_t clnt_num_curves, srvr_num_curves;    int group_nid, found = 0;    unsigned int curve_flags;    if (s->hit)        return 1;    /* Sanity check */    if (s->s3->peer_tmp != NULL) {        *al = SSL_AD_INTERNAL_ERROR;        SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR);        return 0;    }    if (!PACKET_as_length_prefixed_2(pkt, &key_share_list)) {        *al = SSL_AD_HANDSHAKE_FAILURE;        SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_LENGTH_MISMATCH);        return 0;    }    /* Get our list of supported curves */    if (!tls1_get_curvelist(s, 0, &srvrcurves, &srvr_num_curves)) {        *al = SSL_AD_INTERNAL_ERROR;        SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR);        return 0;    }    /*     * Get the clients list of supported curves.     * TODO(TLS1.3): We should validate that we actually received     * supported_groups!     */    if (!tls1_get_curvelist(s, 1, &clntcurves, &clnt_num_curves)) {        *al = SSL_AD_INTERNAL_ERROR;        SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR);        return 0;    }    while (PACKET_remaining(&key_share_list) > 0) {        if (!PACKET_get_net_2(&key_share_list, &group_id)                || !PACKET_get_length_prefixed_2(&key_share_list, &encoded_pt)                || PACKET_remaining(&encoded_pt) == 0) {            *al = SSL_AD_HANDSHAKE_FAILURE;            SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE,                   SSL_R_LENGTH_MISMATCH);            return 0;        }        /*         * If we already found a suitable key_share we loop through the         * rest to verify the structure, but don't process them.         */        if (found)            continue;        /* Check if this share is in supported_groups sent from client */        if (!check_in_list(s, group_id, clntcurves, clnt_num_curves, 0)) {            *al = SSL_AD_HANDSHAKE_FAILURE;            SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_KEY_SHARE);            return 0;        }        /* Check if this share is for a group we can use */        if (!check_in_list(s, group_id, srvrcurves, srvr_num_curves, 1)) {            /* Share not suitable */            continue;        }        group_nid = tls1_ec_curve_id2nid(group_id, &curve_flags);        if (group_nid == 0) {            *al = SSL_AD_INTERNAL_ERROR;            SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE,                   SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);            return 0;        }        if ((curve_flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) {            /* Can happen for some curves, e.g. X25519 */            EVP_PKEY *key = EVP_PKEY_new();            if (key == NULL || !EVP_PKEY_set_type(key, group_nid)) {                *al = SSL_AD_INTERNAL_ERROR;                SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_EVP_LIB);                EVP_PKEY_free(key);                return 0;            }            s->s3->peer_tmp = key;        } else {            /* Set up EVP_PKEY with named curve as parameters *///.........这里部分代码省略.........

static CK_RV gostr3410_verify_data(const unsigned char *pubkey, int pubkey_len,		const unsigned char *params, int params_len,		unsigned char *data, int data_len,		unsigned char *signat, int signat_len){	EVP_PKEY *pkey;	EVP_PKEY_CTX *pkey_ctx;	EC_POINT *P;	BIGNUM *X, *Y;	ASN1_OCTET_STRING *octet;	const EC_GROUP *group = NULL;	char paramset[2] = "A";	int r = -1, ret_vrf = 0;	pkey = EVP_PKEY_new();	if (!pkey)		return CKR_HOST_MEMORY;	r = EVP_PKEY_set_type(pkey, NID_id_GostR3410_2001);	if (r == 1) {		pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);		if (!pkey_ctx) {			EVP_PKEY_free(pkey);			return CKR_HOST_MEMORY;		}		/* FIXME: fully check params[] */		if (params_len > 0 && params[params_len - 1] >= 1 &&				params[params_len - 1] <= 3) {			paramset[0] += params[params_len - 1] - 1;			r = EVP_PKEY_CTX_ctrl_str(pkey_ctx, "paramset", paramset);		}		else			r = -1;		if (r == 1)			r = EVP_PKEY_paramgen_init(pkey_ctx);		if (r == 1)			r = EVP_PKEY_paramgen(pkey_ctx, &pkey);		if (r == 1 && EVP_PKEY_get0(pkey) != NULL)			group = EC_KEY_get0_group(EVP_PKEY_get0(pkey));		r = -1;		if (group)			octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey, (long)pubkey_len);		if (group && octet) {			reverse(octet->data, octet->length);			Y = BN_bin2bn(octet->data, octet->length / 2, NULL);			X = BN_bin2bn((const unsigned char*)octet->data +					octet->length / 2, octet->length / 2, NULL);			ASN1_OCTET_STRING_free(octet);			P = EC_POINT_new(group);			if (P && X && Y)				r = EC_POINT_set_affine_coordinates_GFp(group,						P, X, Y, NULL);			BN_free(X);			BN_free(Y);			if (r == 1 && EVP_PKEY_get0(pkey) && P)				r = EC_KEY_set_public_key(EVP_PKEY_get0(pkey), P);			EC_POINT_free(P);		}		if (r == 1) {			r = EVP_PKEY_verify_init(pkey_ctx);			reverse(data, data_len);			if (r == 1)				ret_vrf = EVP_PKEY_verify(pkey_ctx, signat, signat_len,						data, data_len);		}	}	EVP_PKEY_CTX_free(pkey_ctx);	EVP_PKEY_free(pkey);	if (r != 1)		return CKR_GENERAL_ERROR;	return ret_vrf == 1 ? CKR_OK : CKR_SIGNATURE_INVALID;}

//.........这里部分代码省略.........    if (!tls1_get_curvelist(s, 1, &clntcurves, &clnt_num_curves)) {        *al = SSL_AD_INTERNAL_ERROR;        SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR);        return 0;    }    if (clnt_num_curves == 0) {        /*         * This can only happen if the supported_groups extension was not sent,         * because we verify that the length is non-zero when we process that         * extension.         */        *al = SSL_AD_MISSING_EXTENSION;        SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE,               SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION);        return 0;    }    while (PACKET_remaining(&key_share_list) > 0) {        if (!PACKET_get_net_2(&key_share_list, &group_id)                || !PACKET_get_length_prefixed_2(&key_share_list, &encoded_pt)                || PACKET_remaining(&encoded_pt) == 0) {            *al = SSL_AD_DECODE_ERROR;            SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE,                   SSL_R_LENGTH_MISMATCH);            return 0;        }        /*         * If we already found a suitable key_share we loop through the         * rest to verify the structure, but don't process them.         */        if (found)            continue;        /* Check if this share is in supported_groups sent from client */        if (!check_in_list(s, group_id, clntcurves, clnt_num_curves, 0)) {            *al = SSL_AD_ILLEGAL_PARAMETER;            SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_KEY_SHARE);            return 0;        }        /* Check if this share is for a group we can use */        if (!check_in_list(s, group_id, srvrcurves, srvr_num_curves, 1)) {            /* Share not suitable */            continue;        }        group_nid = tls1_ec_curve_id2nid(group_id, &curve_flags);        if (group_nid == 0) {            *al = SSL_AD_INTERNAL_ERROR;            SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE,                   SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);            return 0;        }        if ((curve_flags & TLS_CURVE_TYPE) == TLS_CURVE_CUSTOM) {            /* Can happen for some curves, e.g. X25519 */            EVP_PKEY *key = EVP_PKEY_new();            if (key == NULL || !EVP_PKEY_set_type(key, group_nid)) {                *al = SSL_AD_INTERNAL_ERROR;                SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_EVP_LIB);                EVP_PKEY_free(key);                return 0;            }            s->s3->peer_tmp = key;        } else {            /* Set up EVP_PKEY with named curve as parameters */            EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);            if (pctx == NULL                    || EVP_PKEY_paramgen_init(pctx) <= 0                    || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,                                                              group_nid) <= 0                    || EVP_PKEY_paramgen(pctx, &s->s3->peer_tmp) <= 0) {                *al = SSL_AD_INTERNAL_ERROR;                SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, ERR_R_EVP_LIB);                EVP_PKEY_CTX_free(pctx);                return 0;            }            EVP_PKEY_CTX_free(pctx);            pctx = NULL;        }        s->s3->group_id = group_id;        if (!EVP_PKEY_set1_tls_encodedpoint(s->s3->peer_tmp,                PACKET_data(&encoded_pt),                PACKET_remaining(&encoded_pt))) {            *al = SSL_AD_ILLEGAL_PARAMETER;            SSLerr(SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_ECPOINT);            return 0;        }        found = 1;    }#endif    return 1;}

/* * Key parameter decoder. */static OSSL_STORE_INFO *try_decode_params(const char *pem_name,                                          const char *pem_header,                                          const unsigned char *blob,                                          size_t len, void **pctx,                                          int *matchcount,                                          const UI_METHOD *ui_method,                                          void *ui_data){    OSSL_STORE_INFO *store_info = NULL;    int slen = 0;    EVP_PKEY *pkey = NULL;    const EVP_PKEY_ASN1_METHOD *ameth = NULL;    int ok = 0;    if (pem_name != NULL) {        if ((slen = pem_check_suffix(pem_name, "PARAMETERS")) == 0)            return NULL;        *matchcount = 1;    }    if (slen > 0) {        if ((pkey = EVP_PKEY_new()) == NULL) {            OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PARAMS, ERR_R_EVP_LIB);            return NULL;        }        if (EVP_PKEY_set_type_str(pkey, pem_name, slen)            && (ameth = EVP_PKEY_get0_asn1(pkey)) != NULL            && ameth->param_decode != NULL            && ameth->param_decode(pkey, &blob, len))            ok = 1;    } else {        int i;        EVP_PKEY *tmp_pkey = NULL;        for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {            const unsigned char *tmp_blob = blob;            if (tmp_pkey == NULL && (tmp_pkey = EVP_PKEY_new()) == NULL) {                OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PARAMS, ERR_R_EVP_LIB);                break;            }            ameth = EVP_PKEY_asn1_get0(i);            if (ameth->pkey_flags & ASN1_PKEY_ALIAS)                continue;            if (EVP_PKEY_set_type(tmp_pkey, ameth->pkey_id)                && (ameth = EVP_PKEY_get0_asn1(tmp_pkey)) != NULL                && ameth->param_decode != NULL                && ameth->param_decode(tmp_pkey, &tmp_blob, len)) {                if (pkey != NULL)                    EVP_PKEY_free(tmp_pkey);                else                    pkey = tmp_pkey;                tmp_pkey = NULL;                (*matchcount)++;            }        }        EVP_PKEY_free(tmp_pkey);        if (*matchcount == 1) {            ok = 1;        }    }    if (ok)        store_info = OSSL_STORE_INFO_new_PARAMS(pkey);    if (store_info == NULL)        EVP_PKEY_free(pkey);    return store_info;}

soter_status_t soter_sign_init_ecdsa_none_pkcs8(soter_sign_ctx_t* ctx, const void* private_key, const size_t private_key_length, const void* public_key, const size_t public_key_length){  /* pkey_ctx init */    EVP_PKEY *pkey;  pkey = EVP_PKEY_new();  if (!pkey){    return SOTER_NO_MEMORY;  }  if (!EVP_PKEY_set_type(pkey, EVP_PKEY_EC)){    EVP_PKEY_free(pkey);    return SOTER_FAIL;  }  ctx->pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);  if (!(ctx->pkey_ctx)){    EVP_PKEY_free(pkey);    return SOTER_FAIL;  }  if (!EVP_PKEY_paramgen_init(ctx->pkey_ctx)){    soter_sign_cleanup_ecdsa_none_pkcs8(ctx);    return SOTER_FAIL;  }  if (!EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx->pkey_ctx, NID_X9_62_prime256v1)){    soter_sign_cleanup_ecdsa_none_pkcs8(ctx);    return SOTER_FAIL;  }  if (!EVP_PKEY_paramgen(ctx->pkey_ctx, &pkey)){    soter_sign_cleanup_ecdsa_none_pkcs8(ctx);    return SOTER_FAIL;  }  if((!private_key)&&(!public_key)){    if(soter_ec_gen_key(ctx->pkey_ctx)!=SOTER_SUCCESS){      soter_sign_cleanup_ecdsa_none_pkcs8(ctx);      return SOTER_FAIL;    }  }else{    if(private_key!=NULL){      if(soter_ec_import_key(pkey, private_key, private_key_length)!=SOTER_SUCCESS){        soter_sign_cleanup_ecdsa_none_pkcs8(ctx);	return SOTER_FAIL;      }    }    if(public_key!=NULL){      if(soter_ec_import_key(pkey, public_key, public_key_length)!=SOTER_SUCCESS){        soter_sign_cleanup_ecdsa_none_pkcs8(ctx);	return SOTER_FAIL;      }    }  }  /*md_ctx init*/    ctx->md_ctx = EVP_MD_CTX_create();    if(!(ctx->md_ctx)){        soter_sign_cleanup_ecdsa_none_pkcs8(ctx);	return SOTER_NO_MEMORY;    }  if(EVP_DigestSignInit(ctx->md_ctx, NULL, EVP_sha256(), NULL, pkey)!=1){    soter_sign_cleanup_ecdsa_none_pkcs8(ctx);    return SOTER_FAIL;  }  return SOTER_SUCCESS;}