#include #include #include #include #include #include #define PRIVATE_KEY_FILE "/mit/sit/.lynx/new-private-keys" void genrsa_cb( int p, int n ); EVP_PKEY *LYfind_pkey_for( X509 * x ); void main( int argc, char *argv[] ) { X509 *x = NULL; RSA *rsa = NULL; FILE *fp = NULL; EVP_PKEY *pk = NULL; char *pp = "my passphrase"; ERR_load_crypto_strings(); SSLeay_add_all_ciphers(); /* printf("Generating key...\n"); fp = fopen("/tmp/test-cert-store", "w"); rsa = RSA_generate_key(512, RSA_F4, genrsa_cb); PEM_write_RSAPrivateKey(fp, rsa, EVP_des_ede3_cbc(), pp, strlen(pp), NULL); RSA_free(rsa); rsa = NULL; fclose(fp); fp = fopen("/tmp/test-cert-store", "r"); rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL); if (rsa == NULL) { unsigned long e; char buf[256]; fprintf(stderr, "Unable to load private key.\n"); e = ERR_peek_error(); printf( "Error: %s\n", ERR_error_string(e,buf) ); ERR_print_errors_fp(stderr); } else { RSA_print_fp(stdout, rsa, 0 ); } RSA_free(rsa); fclose(fp); */ fp = fopen("/mit/sit/.lynx/mycert.ca", "r"); x = d2i_X509_fp(fp, NULL); pk = LYfind_pkey_for(x); if (pk != NULL) { printf("Cool.\n"); } } void genrsa_cb( int p, int n ) { char c = '*'; if (p == 0) c='.'; else if (p == 1) c='+'; else if (p == 2) c='*'; else if (p == 3) c='\n'; fprintf(stderr, "%c", c); } EVP_PKEY *LYfind_pkey_for( X509 * x ) { FILE *fp; EVP_PKEY *tmp = NULL, *rv = NULL; fp = fopen( PRIVATE_KEY_FILE, "r" ); tmp = EVP_PKEY_new(); while (!feof(fp)) { RSA *rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL); if (rsa == NULL) { printf("Skipping...\n"); continue; } EVP_PKEY_assign_RSA( tmp, rsa ); if (X509_check_private_key(x, tmp)) { rv = tmp; break; } /* else { RSA_free(rsa); rsa = NULL; } */ } fclose(fp); if (rv == NULL) EVP_PKEY_free(tmp); return (rv); }