summaryrefslogtreecommitdiff
path: root/openssl/src/pkey.rs
diff options
context:
space:
mode:
authoroberien <jaro.fietz@gmx.de>2019-12-01 03:02:01 +0100
committeroberien <jaro.fietz@gmx.de>2019-12-01 03:02:01 +0100
commita7fa260331f856e45a4bb9c4eff78ed17a1cb595 (patch)
tree8eae9b65b2432d2f99940eee018cacb91c5ebca9 /openssl/src/pkey.rs
parent454cb6f9bccf8de9c4ff610d2f82e806ac17cfe7 (diff)
downloadrust-openssl-a7fa260331f856e45a4bb9c4eff78ed17a1cb595.zip
Support for PKCS#8 unencrypted private key deserialization
Diffstat (limited to 'openssl/src/pkey.rs')
-rw-r--r--openssl/src/pkey.rs25
1 files changed, 25 insertions, 0 deletions
diff --git a/openssl/src/pkey.rs b/openssl/src/pkey.rs
index f1ab1e2e..bcbfc385 100644
--- a/openssl/src/pkey.rs
+++ b/openssl/src/pkey.rs
@@ -524,6 +524,25 @@ impl PKey<Private> {
ffi::d2i_AutoPrivateKey
}
+ /// Deserializes a DER-formatted PKCS#8 unencrypted private key.
+ ///
+ /// This method is mainly for interoperability reasons. Encrypted keyfiles should be preferred.
+ pub fn private_key_from_pkcs8(
+ der: &[u8],
+ ) -> Result<PKey<Private>, ErrorStack>
+ {
+ unsafe {
+ ffi::init();
+ let bio = MemBioSlice::new(der)?;
+ let p8inf = cvt_p(ffi::d2i_PKCS8_PRIV_KEY_INFO_bio(
+ bio.as_ptr(),
+ ptr::null_mut(),
+ ))?;
+ cvt_p(ffi::EVP_PKCS82PKEY(p8inf))
+ .map(|p| PKey::from_ptr(p))
+ }
+ }
+
/// Deserializes a DER-formatted PKCS#8 private key, using a callback to retrieve the password
/// if the key is encrpyted.
///
@@ -640,6 +659,12 @@ mod tests {
}
#[test]
+ fn test_unencrypted_pkcs8() {
+ let key = include_bytes!("../test/pkcs8-nocrypt.der");
+ PKey::private_key_from_pkcs8(key).unwrap();
+ }
+
+ #[test]
fn test_encrypted_pkcs8_passphrase() {
let key = include_bytes!("../test/pkcs8.der");
PKey::private_key_from_pkcs8_passphrase(key, b"mypass").unwrap();
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-21 06:38:37 +0000