openssl: Add a generic private key loader

2025-10-09 00:00:53 -04:00 · 2016-09-22 16:21:22 +02:00 · 2016-09-22 16:21:22 +02:00 · 4a6f97d00b
commit 4a6f97d00b
parent 437610ace5
7 changed files with 129 additions and 18 deletions
--- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
@ -1,7 +1,7 @@
 /*
- * Copyright (C) 2008-2012 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
 * Copyright (C) 2009 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
@ -304,7 +304,26 @@ static private_openssl_ec_private_key_t *create_empty(void)
 	return this;
 }
-/**
+/*
 * See header.
 */
 private_key_t *openssl_ec_private_key_create(EVP_PKEY *key)
 {
 	private_openssl_ec_private_key_t *this;
 	EC_KEY *ec;
 	ec = EVP_PKEY_get1_EC_KEY(key);
 	EVP_PKEY_free(key);
 	if (!ec)
 	{
 		return NULL;
 	}
 	this = create_empty();
 	this->ec = ec;
 	return &this->public.key;
 }
 /*
 * See header.
 */
 openssl_ec_private_key_t *openssl_ec_private_key_gen(key_type_t type,
--- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.h
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.h
@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2008 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
@ -21,6 +21,8 @@
 #ifndef OPENSSL_EC_PRIVATE_KEY_H_
 #define OPENSSL_EC_PRIVATE_KEY_H_
 #include <openssl/evp.h>
 #include <credentials/builder.h>
 #include <credentials/keys/private_key.h>
@ -61,4 +63,12 @@ openssl_ec_private_key_t *openssl_ec_private_key_gen(key_type_t type,
 openssl_ec_private_key_t *openssl_ec_private_key_load(key_type_t type,
 													  va_list args);
 /**
 * Wrap an EVP_PKEY object of type EVP_PKEY_EC
 *
 * @param key		EVP_PKEY_EC key object (adopted)
 * @return 			loaded key, NULL on failure
 */
 private_key_t *openssl_ec_private_key_create(EVP_PKEY *key);
 #endif /** OPENSSL_EC_PRIVATE_KEY_H_ @}*/
--- a/src/libstrongswan/plugins/openssl/openssl_pkcs12.c
+++ b/src/libstrongswan/plugins/openssl/openssl_pkcs12.c
@ -23,10 +23,6 @@
 #include <library.h>
 #include <credentials/sets/mem_cred.h>
 #ifdef OPENSSL_IS_BORINGSSL
 #define EVP_PKEY_base_id(p) EVP_PKEY_type(p->type)
 #endif
 typedef struct private_pkcs12_t private_pkcs12_t;
 /**
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@ -1,7 +1,7 @@
 /*
- * Copyright (C) 2008-2013 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
 * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
@ -269,6 +269,53 @@ static bool seed_rng()
 	return TRUE;
 }
 /**
 * Generic key loader
 */
 static private_key_t *openssl_private_key_load(key_type_t type, va_list args)
 {
 	chunk_t blob = chunk_empty;
 	EVP_PKEY *key;
 	while (TRUE)
 	{
 		switch (va_arg(args, builder_part_t))
 		{
 			case BUILD_BLOB_ASN1_DER:
 				blob = va_arg(args, chunk_t);
 				continue;
 			case BUILD_END:
 				break;
 			default:
 				return NULL;
 		}
 		break;
 	}
 	if (blob.ptr)
 	{
 		key = d2i_AutoPrivateKey(NULL, (const u_char**)&blob.ptr, blob.len);
 		if (key)
 		{
 			switch (EVP_PKEY_base_id(key))
 			{
 #ifndef OPENSSL_NO_RSA
 				case EVP_PKEY_RSA:
 					return openssl_rsa_private_key_create(key);
 #endif
 #ifndef OPENSSL_NO_ECDSA
 				case EVP_PKEY_EC:
 					return openssl_ec_private_key_create(key);
 #endif
 				default:
 					EVP_PKEY_free(key);
 					break;
 			}
 		}
 	}
 	return NULL;
 }
 METHOD(plugin_t, get_name, char*,
 	private_openssl_plugin_t *this)
 {
@ -504,6 +551,9 @@ METHOD(plugin_t, get_features, int,
 		PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_521),
 #endif
 #endif /* OPENSSL_NO_ECDSA */
 		/* generic key loader */
 		PLUGIN_REGISTER(PRIVKEY, openssl_private_key_load, TRUE),
 			PLUGIN_PROVIDE(PRIVKEY, KEY_ANY),
 		PLUGIN_REGISTER(RNG, openssl_rng_create),
 			PLUGIN_PROVIDE(RNG, RNG_STRONG),
 			PLUGIN_PROVIDE(RNG, RNG_WEAK),
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@ -1,7 +1,7 @@
 /*
 * Copyright (C) 2008-2016 Tobias Brunner
 * Copyright (C) 2009 Martin Willi
- * Copyright (C) 2008 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
@ -327,7 +327,7 @@ static private_openssl_rsa_private_key_t *create_empty()
 	return this;
 }
-/**
+/*
 * See header.
 */
 openssl_rsa_private_key_t *openssl_rsa_private_key_gen(key_type_t type,
@ -383,7 +383,26 @@ error:
 	return NULL;
 }
-/**
+/*
 * See header
 */
 private_key_t *openssl_rsa_private_key_create(EVP_PKEY *key)
 {
 	private_openssl_rsa_private_key_t *this;
 	RSA *rsa;
 	rsa = EVP_PKEY_get1_RSA(key);
 	EVP_PKEY_free(key);
 	if (!rsa)
 	{
 		return NULL;
 	}
 	this = create_empty();
 	this->rsa = rsa;
 	return &this->public.key;
 }
 /*
 * See header
 */
 openssl_rsa_private_key_t *openssl_rsa_private_key_load(key_type_t type,
@ -528,7 +547,7 @@ static bool login(ENGINE *engine, chunk_t keyid)
 }
 #endif /* OPENSSL_NO_ENGINE */
-/**
+/*
 * See header.
 */
 openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.h
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.h
@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2008 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
@ -21,6 +21,8 @@
 #ifndef OPENSSL_RSA_PRIVATE_KEY_H_
 #define OPENSSL_RSA_PRIVATE_KEY_H_
 #include <openssl/evp.h>
 #include <credentials/builder.h>
 #include <credentials/keys/private_key.h>
@ -61,6 +63,14 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_gen(key_type_t type,
 openssl_rsa_private_key_t *openssl_rsa_private_key_load(key_type_t type,
 														va_list args);
 /**
 * Wrap an EVP_PKEY object of type EVP_PKEY_RSA
 *
 * @param key		EVP_PKEY_RSA key object (adopted)
 * @return 			loaded key, NULL on failure
 */
 private_key_t *openssl_rsa_private_key_create(EVP_PKEY *key);
 /**
 * Connect to a RSA private key on a smartcard.
 *
--- a/src/libstrongswan/plugins/openssl/openssl_util.h
+++ b/src/libstrongswan/plugins/openssl/openssl_util.h
@ -135,6 +135,13 @@ int openssl_asn1_known_oid(ASN1_OBJECT *obj);
 */
 time_t openssl_asn1_to_time(ASN1_TIME *time);
 /**
 * Compatibility macros
 */
 #ifdef OPENSSL_IS_BORINGSSL
 #define EVP_PKEY_base_id(p) EVP_PKEY_type(p->type)
 #endif
 /**
 * Macros to define fallback getters/setters to access keys (BIGNUM*) for types
 * that were made opaque with OpenSSL 1.1.0.