srandom(seed);
}
+static int check_key_file(const char *file, int private)
+{
+ struct stat st;
+
+ if (stat(file, &st) != 0)
+ return -ERRNO_TO_PARA_ERROR(errno);
+ if (private != LOAD_PRIVATE_KEY)
+ return 0;
+ if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0)
+ return -E_KEY_PERM;
+ return 1;
+}
+
static EVP_PKEY *load_key(const char *file, int private)
{
BIO *key;
EVP_PKEY *pkey = NULL;
+ int ret = check_key_file(file, private);
+ if (ret < 0) {
+ PARA_ERROR_LOG("%s\n", para_strerror(-ret));
+ return NULL;
+ }
key = BIO_new(BIO_s_file());
if (!key)
return NULL;