Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
libvmod-crypto
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
uplex-varnish
libvmod-crypto
Commits
86c5efcf
Unverified
Commit
86c5efcf
authored
Mar 24, 2021
by
Nils Goroll
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add private key initialization
parent
5e7bc11b
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
83 additions
and
0 deletions
+83
-0
vmod_crypto.c
src/vmod_crypto.c
+56
-0
vmod_crypto.rst
src/vmod_crypto.rst
+16
-0
vmod_crypto.vcc
src/vmod_crypto.vcc
+11
-0
No files found.
src/vmod_crypto.c
View file @
86c5efcf
...
...
@@ -292,6 +292,50 @@ pubkey_pem(VRT_CTX, VCL_STRING pem)
return
(
NULL
);
}
static
int
literal_pw_cb
(
char
*
buf
,
int
size
,
int
rwflag
,
void
*
u
)
{
size_t
len
;
(
void
)
rwflag
;
if
(
u
==
NULL
)
return
(
0
);
len
=
strlen
(
u
);
if
(
len
>
size
)
len
=
size
;
memcpy
(
buf
,
u
,
len
);
return
(
len
);
}
/* to be freed by caller */
static
EVP_PKEY
*
privkey_pem
(
VRT_CTX
,
VCL_STRING
pem
,
VCL_STRING
password
)
{
EVP_PKEY
*
pkey
;
BIO
*
bio
;
ERR_clear_error
();
bio
=
BIO_new_mem_buf
(
pem
,
-
1
);
if
(
bio
==
NULL
)
{
VRT_fail
(
ctx
,
"key bio failed"
);
return
(
NULL
);
}
pkey
=
PEM_read_bio_PrivateKey
(
bio
,
NULL
,
literal_pw_cb
,
TRUST_ME
(
password
));
BIO_free_all
(
bio
);
if
(
pkey
!=
NULL
)
return
(
pkey
);
VRT_fail
(
ctx
,
"read public key failed, error 0x%lx"
,
ERR_get_error
());
return
(
NULL
);
}
static
struct
VPFX
(
crypto_key
)
*
crypto_key_ok
(
VRT_CTX
,
VCL_STRING
name
,
struct
VPFX
(
crypto_key
)
*
k
)
{
...
...
@@ -319,6 +363,18 @@ vmod_key_pem_pubkey(VRT_CTX, struct VPFX(crypto_key) *k,
k
->
pkey
=
pubkey_pem
(
ctx
,
pem
);
}
VCL_VOID
vmod_key_pem_privkey
(
VRT_CTX
,
struct
VPFX
(
crypto_key
)
*
k
,
VCL_STRING
pem
,
VCL_STRING
password
)
{
k
=
crypto_key_ok
(
ctx
,
"pem_privkey"
,
k
);
if
(
k
==
NULL
)
return
;
k
->
pkey
=
privkey_pem
(
ctx
,
pem
,
password
);
}
VCL_VOID
vmod_key_rsa
(
VRT_CTX
,
struct
VPFX
(
crypto_key
)
*
k
,
struct
VARGS
(
key_rsa
)
*
args
)
{
BIGNUM
*
n
=
NULL
,
*
e
=
NULL
,
*
d
=
NULL
;
...
...
src/vmod_crypto.rst
View file @
86c5efcf
...
...
@@ -26,6 +26,8 @@ SYNOPSIS
:ref:`xkey.pem_pubkey()`
:ref:`xkey.pem_privkey()`
:ref:`xkey.rsa()`
:ref:`crypto.verifier()`
...
...
@@ -96,6 +98,20 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
.. _xkey.pem_privkey():
VOID xkey.pem_privkey(STRING, STRING password=0)
------------------------------------------------
Create a key from the PEM-encoded private key, optionally decrypting
it using `password`.
The cryptographic method to be used and the key length are
automatically determined from _pem_. Typically supported methods
comprise RSA and DSA.
Any error is fatal to vcl initialization.
.. _xkey.rsa():
VOID xkey.rsa(BLOB n, BLOB e, [BLOB d])
...
...
src/vmod_crypto.vcc
View file @
86c5efcf
...
...
@@ -58,6 +58,17 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
$Method VOID .pem_privkey(STRING, STRING password=0)
Create a key from the PEM-encoded private key, optionally decrypting
it using `password`.
The cryptographic method to be used and the key length are
automatically determined from _pem_. Typically supported methods
comprise RSA and DSA.
Any error is fatal to vcl initialization.
$Method VOID .rsa(BLOB n, BLOB e, [BLOB d])
Create an RSA key from the parameters n, e, and optionally d.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment