 |
|
| |
FreeBSD Man Page Search Results
|
|
| Rank |
Title |
File Size |
| 1. |
X509V3_ADDR_ADD_INHERIT(3) - 1], i % 8 ? "" : "\n"); if (len % 8) printf("\n");}intmain(void){ IPAddrBlocks *addrblocks; X509_EXTENSION *ext; unsigned char *der; int der_len; size_t i; if (pledge("stdio", NULL) == -1) err(1, "pledge"); /* * Somebody forgot to implement IPAddrBlocks_new(). IPAddrBlocks * is the same as STACK_OF(IPAddressFamily). As such, it should * have IPAddressFamily_cmp() as its comparison function. It is * not possible to call sk_new(3) because IPAddressFamily_cmp() * is not part of the public API. The correct comparison function * can be installed as a side-effect of X509v3_addr_canonize(3). */ if ((addrblocks = sk_IPAddressFamily_new_null()) == NULL) err(1, "sk_IPAddressFamily_new_null"); if (!X509v3_addr_canonize(addrblocks)) errx(1, "X509v3_addr_canonize"); /* Add the prefixes as IPv4 unicast. */ for (i = 0; i < N_PREFIXES; i++) { unsigned char addr[16] = {0}; int len; int unicast = 1; /* SAFI for unicast forwarding. */ len = inet_net_pton(AF_INET, prefixes[i], addr, sizeof(addr)); if (len == -1) errx(1, "inet_net_pton(%s)", prefixes[i]); if (!X509v3_addr_add_prefix(addrblocks, IANA_AFI_IPV4, &unicast, addr, len)) errx(1, "X509v3_addr_add_prefix(%s)", prefixes[i]); } if (!X509v3_addr_add_inherit(addrblocks, IANA_AFI_IPV6, NULL)) errx(1, "X509v3_addr_add_inherit"); /* * Ensure the extension is in canonical form. Otherwise the two * adjacent prefixes 10.2.48/20 and 10.2.64/24 are not merged into * the range 10.2.48.0--10.2.64.255. This results in invalid DER * encoding from X509V3_EXT_i2d(3) and i2d_X509_EXTENSION(3). */ if (!X509v3_addr_canonize(addrblocks)) errx(1, "X509v3_addr_canonize"); /* Create the extension with the correct OID; mark it critical. */ ext = X509V3_EXT_i2d(NID_sbgp_ipAddrBlock, 1, addrblocks); if (ext == NULL) errx(1, "X509V3_EXT_i2d"); der = NULL; if ((der_len = i2d_X509_EXTENSION(ext, &der)) <= 0) errx(1, "i2d_X509_EXTENSION"); hexdump(der, der_len); /* One way of implementing IPAddrBlocks_free(). */ sk_IPAddressFamily_pop_free(addrblocks, IPAddressFamily_free); X509_EXTENSION_free(ext); free(der); return 0;} |
25 K |
| 2. |
EVP_AES_128_CCM(3) - nonce_len;const unsigned char aad[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};const int aad_len = sizeof(aad);const unsigned char plaintext[] = { 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E};const int text_len = sizeof(plaintext);/* expected output data */const unsigned char ciphertext[] = { 0x58, 0x8C, 0x97, 0x9A, 0x61, 0xC6, 0x63, 0xD2, 0xF0, 0x66, 0xD0, 0xC2, 0xC0, 0xF9, 0x89, 0x80, 0x6D, 0x5F, 0x6B, 0x61, 0xDA, 0xC3, 0x84};const unsigned char wanted_tag[] = { 0x17, 0xE8, 0xD1, 0x2C, 0xFD, 0xF9, 0x26, 0xE0};const int tag_len = sizeof(wanted_tag);const int out_len = aad_len + text_len + tag_len;unsigned char out_buf[out_len];unsigned char *out_p = out_buf;unsigned char *out_end = out_buf + out_len;/* auxiliary variables */EVP_CIPHER_CTX *ctx;int irv, i;/* configuration */ctx = EVP_CIPHER_CTX_new();if (ctx == NULL) err(1, "EVP_CIPHER_CTX_new");if (EVP_EncryptInit(ctx, EVP_aes_128_ccm(), NULL, NULL) != 1) err(1, "EVP_EncryptInit(NULL)");if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, size_len, NULL) <= 0) err(1, "EVP_CTRL_CCM_SET_L(%d)", size_len);if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, tag_len, NULL) <= 0) err(1, "EVP_CTRL_CCM_SET_TAG(%d)", tag_len);/* process input data */if (EVP_EncryptInit(ctx, NULL, key, nonce) != 1) err(1, "EVP_EncryptInit(key, nonce)");if (EVP_EncryptUpdate(ctx, NULL, &irv, NULL, text_len) != 1) err(1, "EVP_EncryptUpdate(len = %d)", text_len);if (irv != text_len) errx(1, "text length: want %d, got %d", text_len, irv);irv = -1;if (EVP_EncryptUpdate(ctx, NULL, &irv, aad, aad_len) != 1) err(1, "EVP_EncryptUpdate(AAD)");memcpy(out_p, aad, aad_len);out_p += aad_len;irv = -1;if (EVP_EncryptUpdate(ctx, out_p, &irv, plaintext, text_len) != 1) err(1, "EVP_EncryptUpdate(plaintext)");if (irv != text_len) errx(1, "text_len: want %d, got %d", text_len, irv);out_p += irv;/* * EVP_EncryptFinal(3) doesn't really do anything for CCM. * Call it anyway to stay closer to normal EVP_Encrypt*(3) idioms, * to match what the OpenSSL Wiki suggests since 2013, and to ease * later migration of the code to a different AEAD algorithm. */irv = -1;if (EVP_EncryptFinal(ctx, out_p, &irv) != 1) err(1, "EVP_EncryptFinal");if (irv != 0) errx(1, "final_len: want 0, got %d", irv);/* check output data */if (memcmp(out_buf + aad_len, ciphertext, text_len) != 0) errx(1, "ciphertext mismatch");if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, tag_len, out_p) <= 0) err(1, "EVP_CTRL_CCM_GET_TAG");if (memcmp(out_p, wanted_tag, tag_len) != 0) errx(1, "tag mismatch");out_p += tag_len;if (out_p != out_end) errx(1, "end of output: want %p, got %p", out_end, out_p);printf("Total packet length = %d.", out_len);printf(" [Authenticated and Encrypted Output]");for (i = 0; i < out_len; i++) { if (i % 16 == 0) printf("\n "); if (i % 4 == 0) putchar(' '); printf(" %02X", out_buf[i]);}putchar('\n');EVP_CIPHER_CTX_free(ctx); |
30 K |
| 3. |
krb5_error(3) - Heimdal Kerberos 5 error reporting functions |
28 K |
| 4. |
OSSL-GUIDE-TLS-SERVER-BLOCK(7ossl) - OpenSSL Guide: Writing a simple blocking TLS server |
22 K |
| 5. |
ERR(3) |
18 K |
| 6. |
DWARF_FINISH(3) |
12 K |
| 7. |
DWARF_CHILD(3) |
17 K |
| 8. |
DWARF_ADD_LINE_ENTRY(3) |
13 K |
| 9. |
DWARF_SRCLINES(3) |
13 K |
| 10. |
KUTIL_LOG(3) |
15 K |
| |
|
Go back to the Man Page Section.
|
This database contains 118,499 topics and 836,414 keywords
|
|
