libsec: recognize and decode PKCS#8 wrapped RSA private keys for auth/asn12rsa
example usage: auth/pemdecode 'PRIVATE KEY' test.pem | auth/asn12rsa
This commit is contained in:
parent
1628c97d1e
commit
294e08fa1e
|
@ -1960,16 +1960,19 @@ decode_rsapubkey(Bytes* a)
|
||||||
Elist *el;
|
Elist *el;
|
||||||
RSApub* key;
|
RSApub* key;
|
||||||
|
|
||||||
key = rsapuballoc();
|
key = nil;
|
||||||
if(decode(a->data, a->len, &e) != ASN_OK)
|
if(decode(a->data, a->len, &e) != ASN_OK)
|
||||||
goto errret;
|
goto errret;
|
||||||
if(!is_seq(&e, &el) || elistlen(el) != 2)
|
if(!is_seq(&e, &el) || elistlen(el) != 2)
|
||||||
goto errret;
|
goto errret;
|
||||||
|
|
||||||
|
key = rsapuballoc();
|
||||||
if((key->n = asn1mpint(&el->hd)) == nil)
|
if((key->n = asn1mpint(&el->hd)) == nil)
|
||||||
goto errret;
|
goto errret;
|
||||||
el = el->tl;
|
el = el->tl;
|
||||||
if((key->ek = asn1mpint(&el->hd)) == nil)
|
if((key->ek = asn1mpint(&el->hd)) == nil)
|
||||||
goto errret;
|
goto errret;
|
||||||
|
|
||||||
freevalfields(&e.val);
|
freevalfields(&e.val);
|
||||||
return key;
|
return key;
|
||||||
errret:
|
errret:
|
||||||
|
@ -1998,14 +2001,27 @@ decode_rsaprivkey(Bytes* a)
|
||||||
Elist *el;
|
Elist *el;
|
||||||
RSApriv* key;
|
RSApriv* key;
|
||||||
|
|
||||||
key = rsaprivalloc();
|
key = nil;
|
||||||
if(decode(a->data, a->len, &e) != ASN_OK)
|
if(decode(a->data, a->len, &e) != ASN_OK)
|
||||||
goto errret;
|
goto errret;
|
||||||
if(!is_seq(&e, &el) || elistlen(el) != 9)
|
if(!is_seq(&e, &el))
|
||||||
goto errret;
|
goto errret;
|
||||||
|
|
||||||
if(!is_int(&el->hd, &version) || version != 0)
|
if(!is_int(&el->hd, &version) || version != 0)
|
||||||
goto errret;
|
goto errret;
|
||||||
|
|
||||||
|
if(elistlen(el) != 9){
|
||||||
|
if(elistlen(el) == 3
|
||||||
|
&& parse_alg(&el->tl->hd) == ALG_rsaEncryption
|
||||||
|
&& is_octetstring(&el->tl->tl->hd, &a)){
|
||||||
|
key = decode_rsaprivkey(a);
|
||||||
|
if(key != nil)
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
goto errret;
|
||||||
|
}
|
||||||
|
|
||||||
|
key = rsaprivalloc();
|
||||||
el = el->tl;
|
el = el->tl;
|
||||||
if((key->pub.n = asn1mpint(&el->hd)) == nil)
|
if((key->pub.n = asn1mpint(&el->hd)) == nil)
|
||||||
goto errret;
|
goto errret;
|
||||||
|
@ -2038,6 +2054,7 @@ decode_rsaprivkey(Bytes* a)
|
||||||
if((key->c2 = asn1mpint(&el->hd)) == nil)
|
if((key->c2 = asn1mpint(&el->hd)) == nil)
|
||||||
goto errret;
|
goto errret;
|
||||||
|
|
||||||
|
done:
|
||||||
freevalfields(&e.val);
|
freevalfields(&e.val);
|
||||||
return key;
|
return key;
|
||||||
errret:
|
errret:
|
||||||
|
@ -2362,6 +2379,9 @@ X509toRSApub(uchar *cert, int ncert, char *name, int nname)
|
||||||
CertX509 *c;
|
CertX509 *c;
|
||||||
RSApub *pub;
|
RSApub *pub;
|
||||||
|
|
||||||
|
if(name != nil)
|
||||||
|
memset(name, 0, nname);
|
||||||
|
|
||||||
b = makebytes(cert, ncert);
|
b = makebytes(cert, ncert);
|
||||||
c = decode_cert(b);
|
c = decode_cert(b);
|
||||||
freebytes(b);
|
freebytes(b);
|
||||||
|
|
Loading…
Reference in a new issue