diff options
author | oberien <jaro.fietz@gmx.de> | 2019-12-01 03:02:01 +0100 |
---|---|---|
committer | oberien <jaro.fietz@gmx.de> | 2019-12-01 03:02:01 +0100 |
commit | a7fa260331f856e45a4bb9c4eff78ed17a1cb595 (patch) | |
tree | 8eae9b65b2432d2f99940eee018cacb91c5ebca9 /openssl/src/pkey.rs | |
parent | 454cb6f9bccf8de9c4ff610d2f82e806ac17cfe7 (diff) | |
download | rust-openssl-a7fa260331f856e45a4bb9c4eff78ed17a1cb595.zip |
Support for PKCS#8 unencrypted private key deserialization
Diffstat (limited to 'openssl/src/pkey.rs')
-rw-r--r-- | openssl/src/pkey.rs | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/openssl/src/pkey.rs b/openssl/src/pkey.rs index f1ab1e2e..bcbfc385 100644 --- a/openssl/src/pkey.rs +++ b/openssl/src/pkey.rs @@ -524,6 +524,25 @@ impl PKey<Private> { ffi::d2i_AutoPrivateKey } + /// Deserializes a DER-formatted PKCS#8 unencrypted private key. + /// + /// This method is mainly for interoperability reasons. Encrypted keyfiles should be preferred. + pub fn private_key_from_pkcs8( + der: &[u8], + ) -> Result<PKey<Private>, ErrorStack> + { + unsafe { + ffi::init(); + let bio = MemBioSlice::new(der)?; + let p8inf = cvt_p(ffi::d2i_PKCS8_PRIV_KEY_INFO_bio( + bio.as_ptr(), + ptr::null_mut(), + ))?; + cvt_p(ffi::EVP_PKCS82PKEY(p8inf)) + .map(|p| PKey::from_ptr(p)) + } + } + /// Deserializes a DER-formatted PKCS#8 private key, using a callback to retrieve the password /// if the key is encrpyted. /// @@ -640,6 +659,12 @@ mod tests { } #[test] + fn test_unencrypted_pkcs8() { + let key = include_bytes!("../test/pkcs8-nocrypt.der"); + PKey::private_key_from_pkcs8(key).unwrap(); + } + + #[test] fn test_encrypted_pkcs8_passphrase() { let key = include_bytes!("../test/pkcs8.der"); PKey::private_key_from_pkcs8_passphrase(key, b"mypass").unwrap(); |