diff --git a/openssl/src/crypto/pkey.rs b/openssl/src/crypto/pkey.rs index 314ee63d..7cfa1288 100644 --- a/openssl/src/crypto/pkey.rs +++ b/openssl/src/crypto/pkey.rs @@ -9,6 +9,7 @@ use crypto::hash; use crypto::hash::Type as HashType; use ffi; use ssl::error::{SslError, StreamError}; +use crypto::rsa::RSA; #[derive(Copy, Clone)] pub enum Parts { @@ -125,18 +126,10 @@ impl PKey { pub fn private_rsa_key_from_pem(reader: &mut R) -> Result where R: Read { - let mut mem_bio = try!(MemBio::new()); - try!(io::copy(reader, &mut mem_bio).map_err(StreamError)); - + let rsa = try!(RSA::private_key_from_pem(reader)); unsafe { - let rsa = try_ssl_null!(ffi::PEM_read_bio_RSAPrivateKey(mem_bio.get_handle(), - ptr::null_mut(), - None, - ptr::null_mut())); - let evp = ffi::EVP_PKEY_new(); - if ffi::EVP_PKEY_set1_RSA(evp, rsa) == 0 { - return Err(SslError::get()); - } + let evp = try_ssl_null!(ffi::EVP_PKEY_new()); + try_ssl!(ffi::EVP_PKEY_set1_RSA(evp, rsa.as_ptr())); Ok(PKey { evp: evp, @@ -149,18 +142,10 @@ impl PKey { pub fn public_rsa_key_from_pem(reader: &mut R) -> Result where R: Read { - let mut mem_bio = try!(MemBio::new()); - try!(io::copy(reader, &mut mem_bio).map_err(StreamError)); - + let rsa = try!(RSA::public_key_from_pem(reader)); unsafe { - let rsa = try_ssl_null!(ffi::PEM_read_bio_RSA_PUBKEY(mem_bio.get_handle(), - ptr::null_mut(), - None, - ptr::null_mut())); - let evp = ffi::EVP_PKEY_new(); - if ffi::EVP_PKEY_set1_RSA(evp, rsa) == 0 { - return Err(SslError::get()); - } + let evp = try_ssl_null!(ffi::EVP_PKEY_new()); + try_ssl!(ffi::EVP_PKEY_set1_RSA(evp, rsa.as_ptr())); Ok(PKey { evp: evp, diff --git a/openssl/src/crypto/rsa.rs b/openssl/src/crypto/rsa.rs index ffc11255..ee0d9ec4 100644 --- a/openssl/src/crypto/rsa.rs +++ b/openssl/src/crypto/rsa.rs @@ -1,41 +1,87 @@ use ffi; -use bn::BigNum; use std::fmt; -use ssl::error::SslError; +use ssl::error::{SslError, StreamError}; +use std::ptr; +use std::io::{self, Read}; -pub struct RSA { - rsa_obj : ffi::RSA +use bn::BigNum; +use bio::MemBio; + +pub struct RSA(*mut ffi::RSA); + +impl Drop for RSA { + fn drop(&mut self) { + unsafe { + ffi::RSA_free(self.0); + } + } } impl RSA { + /// Reads an RSA private key from PEM formatted data. + pub fn private_key_from_pem(reader: &mut R) -> Result + where R: Read + { + let mut mem_bio = try!(MemBio::new()); + try!(io::copy(reader, &mut mem_bio).map_err(StreamError)); + + unsafe { + let rsa = try_ssl_null!(ffi::PEM_read_bio_RSAPrivateKey(mem_bio.get_handle(), + ptr::null_mut(), + None, + ptr::null_mut())); + Ok(RSA(rsa)) + } + } + + /// Reads an RSA public key from PEM formatted data. + pub fn public_key_from_pem(reader: &mut R) -> Result + where R: Read + { + let mut mem_bio = try!(MemBio::new()); + try!(io::copy(reader, &mut mem_bio).map_err(StreamError)); + + unsafe { + let rsa = try_ssl_null!(ffi::PEM_read_bio_RSA_PUBKEY(mem_bio.get_handle(), + ptr::null_mut(), + None, + ptr::null_mut())); + Ok(RSA(rsa)) + } + } + + pub fn as_ptr(&self) -> *mut ffi::RSA { + self.0 + } + // The following getters are unsafe, since BigNum::new_from_ffi fails upon null pointers pub fn n(&self) -> Result { unsafe { - BigNum::new_from_ffi(self.rsa_obj.n) + BigNum::new_from_ffi((*self.0).n) } } pub fn d(&self) -> Result { unsafe { - BigNum::new_from_ffi(self.rsa_obj.d) + BigNum::new_from_ffi((*self.0).d) } } pub fn e(&self) -> Result { unsafe { - BigNum::new_from_ffi(self.rsa_obj.e) + BigNum::new_from_ffi((*self.0).e) } } pub fn p(&self) -> Result { unsafe { - BigNum::new_from_ffi(self.rsa_obj.p) + BigNum::new_from_ffi((*self.0).p) } } pub fn q(&self) -> Result { unsafe { - BigNum::new_from_ffi(self.rsa_obj.q) + BigNum::new_from_ffi((*self.0).q) } } }