Lines Matching refs:key
992 * RSA private key file.
1360 OpenSSL_EncodePubKeyData(KMF_HANDLE_T handle, KMF_KEY_HANDLE *key,
1367 if (key == NULL || keydata == NULL ||
1368 key->keyp == NULL)
1371 if (key->keyalg == KMF_RSA) {
1372 RSA *pubkey = EVP_PKEY_get1_RSA(key->keyp);
1379 } else if (key->keyalg == KMF_DSA) {
1380 DSA *pubkey = EVP_PKEY_get1_DSA(key->keyp);
1564 /* OpenSSL derives the public key from the private */
1617 /* Make a copy for the public key */
1773 OpenSSL_SignData(KMF_HANDLE_T handle, KMF_KEY_HANDLE *key,
1782 if (key == NULL || AlgOID == NULL ||
1793 if (key->keyalg == KMF_RSA) {
1794 EVP_PKEY *pkey = (EVP_PKEY *)key->keyp;
1840 } else if (key->keyalg == KMF_DSA) {
1841 DSA *dsa = EVP_PKEY_get1_DSA(key->keyp);
1899 KMF_KEY_HANDLE *key;
1902 key = kmf_get_attr_ptr(KMF_KEY_HANDLE_ATTR, attrlist, numattr);
1903 if (key == NULL || key->keyp == NULL)
1913 if (key->keyclass != KMF_ASYM_PUB &&
1914 key->keyclass != KMF_ASYM_PRI &&
1915 key->keyclass != KMF_SYMMETRIC)
1918 if (key->keyclass == KMF_SYMMETRIC) {
1919 kmf_free_raw_sym_key((KMF_RAW_SYM_KEY *)key->keyp);
1920 key->keyp = NULL;
1922 if (key->keyp != NULL) {
1923 EVP_PKEY_free(key->keyp);
1924 key->keyp = NULL;
1928 if (key->keylabel != NULL) {
1930 /* If the file exists, make sure it is a proper key. */
1931 pkey = openssl_load_key(handle, key->keylabel);
1933 if (key->keylabel != NULL) {
1934 free(key->keylabel);
1935 key->keylabel = NULL;
1942 if (unlink(key->keylabel) != 0) {
1948 if (key->keylabel != NULL) {
1949 free(key->keylabel);
1950 key->keylabel = NULL;
2134 xcert->cert_info->key->algor->algorithm);
2237 KMF_KEY_HANDLE *key = NULL;
2238 uint32_t numkeys = 1; /* 1 key only */
2260 key = kmf_get_attr_ptr(KMF_KEY_HANDLE_ATTR, attrlist, numattr);
2261 if (key == NULL) {
2265 KMF_KEY_HANDLE_ATTR, key, sizeof (KMF_KEY_HANDLE));
2291 OpenSSL_DecryptData(KMF_HANDLE_T handle, KMF_KEY_HANDLE *key,
2302 if (key == NULL || AlgOID == NULL ||
2308 if (key->keyalg == KMF_RSA) {
2309 rsa = EVP_PKEY_get1_RSA((EVP_PKEY *)key->keyp);
2489 /* Lookup by key hash */
2491 /* If key hash isn't SHA1 length then forget it */
2496 /* Calculate hash of each key and compare */
2504 /* Use pubkey_digest to get the key ID value */
2537 * the public key from the OCSP responder certificate.
2814 KMF_KEY_CLASS keyclass, KMF_KEY_HANDLE *key)
2826 if (key != NULL) {
2828 key->keyalg = KMF_RSA;
2830 key->keyalg = KMF_DSA;
2832 key->kstype = KMF_KEYSTORE_OPENSSL;
2833 key->keyclass = keyclass;
2834 key->keyp = (void *)pkey;
2835 key->israw = FALSE;
2837 ((key->keylabel = strdup(path)) == NULL)) {
2849 * then it is NOT a symmetric key.
2857 * it is probably a symmetric key.
2864 if (key != NULL) {
2880 key->kstype = KMF_KEYSTORE_OPENSSL;
2881 key->keyclass = keyclass;
2882 key->israw = TRUE;
2883 key->keyp = (void *)rkey;
2885 ((key->keylabel = strdup(path)) == NULL)) {
2898 if (key != NULL) {
2899 key->keyalg = KMF_KEYALG_NONE;
2900 key->keyclass = KMF_KEYCLASS_NONE;
2901 key->keyp = NULL;
2915 KMF_KEY_HANDLE *key;
2952 key = kmf_get_attr_ptr(KMF_KEY_HANDLE_ATTR, attrlist, numattr);
2956 * The caller may want a list of the raw key data as well.
2980 keyclass, key ? &key[n] : NULL);
2983 if (key != NULL && rawkey != NULL)
2985 key[n].keyp, &rawkey[n]);
2989 if (rv != KMF_OK || key == NULL)
2997 rv = fetch_key(handle, fullpath, keyclass, key);
3001 if (rv != KMF_OK || key == NULL)
3004 if (rv == KMF_OK && key != NULL && rawkey != NULL) {
3005 rv = convertToRawKey(key->keyp, rawkey);
3054 /* Add the key id to the certificate bag. */
3093 /* Put the shrouded key into a PKCS#12 bag. */
3099 /* Clean up the PKCS#8 shrouded key, don't need it now. */
3111 /* Start a PKCS#12 safebag container for the private key. */
3116 /* Pile on the private key on the bag_stack. */
3130 ImportRawRSAKey(KMF_RAW_RSA_KEY *key)
3138 if ((rsa->n = BN_bin2bn(key->mod.val, key->mod.len, rsa->n)) == NULL)
3141 if ((rsa->e = BN_bin2bn(key->pubexp.val, key->pubexp.len, rsa->e)) ==
3145 if (key->priexp.val != NULL)
3146 if ((rsa->d = BN_bin2bn(key->priexp.val, key->priexp.len,
3150 if (key->prime1.val != NULL)
3151 if ((rsa->p = BN_bin2bn(key->prime1.val, key->prime1.len,
3155 if (key->prime2.val != NULL)
3156 if ((rsa->q = BN_bin2bn(key->prime2.val, key->prime2.len,
3160 if (key->exp1.val != NULL)
3161 if ((rsa->dmp1 = BN_bin2bn(key->exp1.val, key->exp1.len,
3165 if (key->exp2.val != NULL)
3166 if ((rsa->dmq1 = BN_bin2bn(key->exp2.val, key->exp2.len,
3170 if (key->coef.val != NULL)
3171 if ((rsa->iqmp = BN_bin2bn(key->coef.val, key->coef.len,
3180 /* The original key must be freed once here or it leaks memory */
3187 ImportRawDSAKey(KMF_RAW_DSA_KEY *key)
3195 if ((dsa->p = BN_bin2bn(key->prime.val, key->prime.len,
3199 if ((dsa->q = BN_bin2bn(key->subprime.val, key->subprime.len,
3203 if ((dsa->g = BN_bin2bn(key->base.val, key->base.len,
3207 if ((dsa->priv_key = BN_bin2bn(key->value.val, key->value.len,
3211 if (key->pubvalue.val != NULL) {
3212 if ((dsa->pub_key = BN_bin2bn(key->pubvalue.val,
3213 key->pubvalue.len, dsa->pub_key)) == NULL)
3222 /* The original key must be freed once here or it leaks memory */
3228 raw_key_to_pkey(KMF_KEY_HANDLE *key)
3235 if (key == NULL || !key->israw)
3238 rawkey = (KMF_RAW_KEY_DATA *)key->keyp;
3250 /* wrong kind of key */
3374 /* Check if there is a key corresponding to this cert */
3378 * If key is found, get fingerprint and create a
3395 /* Put the key safe into the Auth Safe */
3511 KMF_KEY_HANDLE key;
3545 * Now find the private key.
3558 (void) memset(&key, 0, sizeof (KMF_KEY_HANDLE));
3559 rv = fetch_key(handle, fullpath, KMF_ASYM_PRI, &key);
3575 /* Stick the key and the cert into a PKCS#12 file */
3583 1, &key, filename);
3592 kmf_free_kmf_key(handle, &key);
3599 * private key and an associated public key wrapped in an x509 cert.
3665 * Make sure the private key matchs the last cert in the file.
3900 * Set the ID and/or FriendlyName attributes on the key.
4102 exportRawRSAKey(RSA *rsa, KMF_RAW_KEY_DATA *key)
4105 KMF_RAW_RSA_KEY *kmfkey = &key->rawdata.rsa;
4139 kmf_free_raw_key(key);
4141 key->keytype = KMF_RSA;
4144 * Free the reference to this key, SSL will not actually free
4153 exportRawDSAKey(DSA *dsa, KMF_RAW_KEY_DATA *key)
4156 KMF_RAW_DSA_KEY *kmfkey = &key->rawdata.dsa;
4173 kmf_free_raw_key(key);
4175 key->keytype = KMF_DSA;
4178 * Free the reference to this key, SSL will not actually free
4274 convertToRawKey(EVP_PKEY *pkey, KMF_RAW_KEY_DATA *key)
4279 if (pkey == NULL || key == NULL)
4281 /* Convert SSL key to raw key */
4285 key);
4291 key);
4315 key->label = uni2asc(ty->value.bmpstring->data,
4318 key->label = OPENSSL_uni2asc(
4324 key->label = NULL;
4342 key->id.Data = (uchar_t *)malloc(
4344 if (key->id.Data == NULL)
4346 (void) memcpy(key->id.Data, ty->value.octet_string->data,
4348 key->id.Length = ty->value.octet_string->length;
4350 (void) memset(&key->id, 0, sizeof (KMF_DATA));
4366 KMF_RAW_KEY_DATA key;
4376 rv = convertToRawKey(pkey, &key);
4378 rv = add_key_to_list(keylist, &key, nkeys);
4526 DES_cblock *key;
4528 key = (DES_cblock *) malloc(sizeof (DES_cblock));
4529 if (key == NULL) {
4533 if (DES_random_key(key) == 0) {
4534 free(key);
4538 *deskey = key;
4559 /* create the 1st DES key */
4565 * Create the 2nd DES key and make sure its value is different
4566 * from the 1st DES key.
4591 * Create the 3rd DES key and make sure its value is different
4592 * from the 2nd DES key.
4616 /* Concatenate 3 DES keys into a DES3 key */
4938 * Exactly 1 type of key must be passed to this function.
4972 /* Store the private key to the keyfile */
5142 /* Now get the public key from the CA cert */
5150 /* Verify the CRL with the CA's public key */
5560 /* Get issuer certificate public key */