min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #353 from bluejekyll/master 

adding functionality to directly get and set RSA public key material
This commit is contained in:
Steven Fackler 2016-03-05 13:57:53 -08:00
parent 2fe3e48487 3e5b65b7fa
commit 23fd427900
4 changed files with 80 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
openssl-sys/src/lib.rs
View File

@ -589,6 +589,7 @@ extern "C" {
pub fn RAND_bytes(buf: *mut u8, num: c_int) -> c_int; pub fn RAND_bytes(buf: *mut u8, num: c_int) -> c_int;
pub fn RSA_new() -> *mut RSA;
pub fn RSA_free(rsa: *mut RSA); pub fn RSA_free(rsa: *mut RSA);
pub fn RSA_generate_key(modsz: c_int, e: c_ulong, cb: *const c_void, cbarg: *const c_void) -> *mut RSA; pub fn RSA_generate_key(modsz: c_int, e: c_ulong, cb: *const c_void, cbarg: *const c_void) -> *mut RSA;
pub fn RSA_generate_key_ex(rsa: *mut RSA, bits: c_int, e: *mut BIGNUM, cb: *const c_void) -> c_int; pub fn RSA_generate_key_ex(rsa: *mut RSA, bits: c_int, e: *mut BIGNUM, cb: *const c_void) -> c_int;

7
openssl/src/bn/mod.rs
View File

@ -1,7 +1,7 @@
use libc::{c_int, c_ulong, c_void}; use libc::{c_int, c_ulong, c_void};
use std::ffi::{CStr, CString}; use std::ffi::{CStr, CString};
use std::cmp::Ordering; use std::cmp::Ordering;
use std::{fmt, ptr}; use std::{fmt, ptr, mem};
use ffi; use ffi;
use ssl::error::SslError; use ssl::error::SslError;
@ -473,6 +473,11 @@ impl BigNum {
n n
} }
pub fn into_raw(self) -> *mut ffi::BIGNUM {
let mut me = self;
mem::replace(&mut me.0, ptr::null_mut())
}
pub fn to_vec(&self) -> Vec<u8> { pub fn to_vec(&self) -> Vec<u8> {
let size = self.num_bytes() as usize; let size = self.num_bytes() as usize;
let mut v = Vec::with_capacity(size); let mut v = Vec::with_capacity(size);

45
openssl/src/crypto/pkey.rs
View File

@ -205,6 +205,28 @@ impl PKey {
} }
} }
/// assign RSA key to this pkey
pub fn set_rsa(&mut self, rsa: &RSA) {
unsafe {
// this needs to be a reference as the set1_RSA ups the reference count
let rsa_ptr = rsa.as_ptr();
if ffi::EVP_PKEY_set1_RSA(self.evp, rsa_ptr) == 1 {
if rsa.has_e() && rsa.has_n() {
self.parts = Parts::Public;
}
}
}
}
/// get a reference to the interal RSA key for direct access to the key components
pub fn get_rsa(&self) -> RSA {
unsafe {
let evp_pkey: *mut ffi::EVP_PKEY = self.evp;
// this is safe as the ffi increments a reference counter to the internal key
RSA::from_raw(ffi::EVP_PKEY_get1_RSA(evp_pkey))
}
}
/** /**
* Returns a DER serialized form of the public key, suitable for load_pub(). * Returns a DER serialized form of the public key, suitable for load_pub().
*/ */
@ -604,6 +626,7 @@ mod tests {
use std::path::Path; use std::path::Path;
use std::fs::File; use std::fs::File;
use crypto::hash::Type::{MD5, SHA1}; use crypto::hash::Type::{MD5, SHA1};
use crypto::rsa::RSA;
#[test] #[test]
fn test_gen_pub() { fn test_gen_pub() {
@ -790,6 +813,28 @@ mod tests {
assert!(pub_key.windows(10).any(|s| s == b"PUBLIC KEY")); assert!(pub_key.windows(10).any(|s| s == b"PUBLIC KEY"));
} }
#[test]
fn test_public_key_from_raw() {
let mut k0 = super::PKey::new();
let mut k1 = super::PKey::new();
let msg = vec![0xdeu8, 0xadu8, 0xd0u8, 0x0du8];
k0.gen(512);
let sig = k0.sign(&msg);
let r0 = k0.get_rsa();
let r1 = RSA::from_public_components(r0.n().expect("n"), r0.e().expect("e")).expect("r1");
k1.set_rsa(&r1);
assert!(k1.can(super::Role::Encrypt));
assert!(!k1.can(super::Role::Decrypt));
assert!(k1.can(super::Role::Verify));
assert!(!k1.can(super::Role::Sign));
let rv = k1.verify(&msg, &sig);
assert!(rv == true);
}
#[test] #[test]
#[should_panic(expected = "Could not get RSA key for encryption")] #[should_panic(expected = "Could not get RSA key for encryption")]
fn test_nokey_encrypt() { fn test_nokey_encrypt() {

28
openssl/src/crypto/rsa.rs
View File

@ -18,6 +18,22 @@ impl Drop for RSA {
} }
impl RSA { impl RSA {
/// only useful for associating the key material directly with the key, it's safer to use
/// the supplied load and save methods for DER formatted keys.
pub fn from_public_components(n: BigNum, e: BigNum) -> Result<RSA, SslError> {
unsafe {
let rsa = try_ssl_null!(ffi::RSA_new());
(*rsa).n = n.into_raw();
(*rsa).e = e.into_raw();
Ok(RSA(rsa))
}
}
/// the caller should assert that the rsa pointer is valid.
pub unsafe fn from_raw(rsa: *mut ffi::RSA) -> RSA {
RSA(rsa)
}
/// Reads an RSA private key from PEM formatted data. /// Reads an RSA private key from PEM formatted data.
pub fn private_key_from_pem<R>(reader: &mut R) -> Result<RSA, SslError> pub fn private_key_from_pem<R>(reader: &mut R) -> Result<RSA, SslError>
where R: Read where R: Read
@ -61,6 +77,12 @@ impl RSA {
} }
} }
pub fn has_n(&self) -> bool {
unsafe {
!(*self.0).n.is_null()
}
}
pub fn d(&self) -> Result<BigNum, SslError> { pub fn d(&self) -> Result<BigNum, SslError> {
unsafe { unsafe {
BigNum::new_from_ffi((*self.0).d) BigNum::new_from_ffi((*self.0).d)
@ -73,6 +95,12 @@ impl RSA {
} }
} }
pub fn has_e(&self) -> bool {
unsafe {
!(*self.0).e.is_null()
}
}
pub fn p(&self) -> Result<BigNum, SslError> { pub fn p(&self) -> Result<BigNum, SslError> {
unsafe { unsafe {
BigNum::new_from_ffi((*self.0).p) BigNum::new_from_ffi((*self.0).p)