Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
libvmod-crypto
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
uplex-varnish
libvmod-crypto
Commits
86c5efcf
Unverified
Commit
86c5efcf
authored
Mar 24, 2021
by
Nils Goroll
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add private key initialization
parent
5e7bc11b
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
83 additions
and
0 deletions
+83
-0
vmod_crypto.c
src/vmod_crypto.c
+56
-0
vmod_crypto.rst
src/vmod_crypto.rst
+16
-0
vmod_crypto.vcc
src/vmod_crypto.vcc
+11
-0
No files found.
src/vmod_crypto.c
View file @
86c5efcf
...
@@ -292,6 +292,50 @@ pubkey_pem(VRT_CTX, VCL_STRING pem)
...
@@ -292,6 +292,50 @@ pubkey_pem(VRT_CTX, VCL_STRING pem)
return
(
NULL
);
return
(
NULL
);
}
}
static
int
literal_pw_cb
(
char
*
buf
,
int
size
,
int
rwflag
,
void
*
u
)
{
size_t
len
;
(
void
)
rwflag
;
if
(
u
==
NULL
)
return
(
0
);
len
=
strlen
(
u
);
if
(
len
>
size
)
len
=
size
;
memcpy
(
buf
,
u
,
len
);
return
(
len
);
}
/* to be freed by caller */
static
EVP_PKEY
*
privkey_pem
(
VRT_CTX
,
VCL_STRING
pem
,
VCL_STRING
password
)
{
EVP_PKEY
*
pkey
;
BIO
*
bio
;
ERR_clear_error
();
bio
=
BIO_new_mem_buf
(
pem
,
-
1
);
if
(
bio
==
NULL
)
{
VRT_fail
(
ctx
,
"key bio failed"
);
return
(
NULL
);
}
pkey
=
PEM_read_bio_PrivateKey
(
bio
,
NULL
,
literal_pw_cb
,
TRUST_ME
(
password
));
BIO_free_all
(
bio
);
if
(
pkey
!=
NULL
)
return
(
pkey
);
VRT_fail
(
ctx
,
"read public key failed, error 0x%lx"
,
ERR_get_error
());
return
(
NULL
);
}
static
struct
VPFX
(
crypto_key
)
*
static
struct
VPFX
(
crypto_key
)
*
crypto_key_ok
(
VRT_CTX
,
VCL_STRING
name
,
struct
VPFX
(
crypto_key
)
*
k
)
crypto_key_ok
(
VRT_CTX
,
VCL_STRING
name
,
struct
VPFX
(
crypto_key
)
*
k
)
{
{
...
@@ -319,6 +363,18 @@ vmod_key_pem_pubkey(VRT_CTX, struct VPFX(crypto_key) *k,
...
@@ -319,6 +363,18 @@ vmod_key_pem_pubkey(VRT_CTX, struct VPFX(crypto_key) *k,
k
->
pkey
=
pubkey_pem
(
ctx
,
pem
);
k
->
pkey
=
pubkey_pem
(
ctx
,
pem
);
}
}
VCL_VOID
vmod_key_pem_privkey
(
VRT_CTX
,
struct
VPFX
(
crypto_key
)
*
k
,
VCL_STRING
pem
,
VCL_STRING
password
)
{
k
=
crypto_key_ok
(
ctx
,
"pem_privkey"
,
k
);
if
(
k
==
NULL
)
return
;
k
->
pkey
=
privkey_pem
(
ctx
,
pem
,
password
);
}
VCL_VOID
VCL_VOID
vmod_key_rsa
(
VRT_CTX
,
struct
VPFX
(
crypto_key
)
*
k
,
struct
VARGS
(
key_rsa
)
*
args
)
{
vmod_key_rsa
(
VRT_CTX
,
struct
VPFX
(
crypto_key
)
*
k
,
struct
VARGS
(
key_rsa
)
*
args
)
{
BIGNUM
*
n
=
NULL
,
*
e
=
NULL
,
*
d
=
NULL
;
BIGNUM
*
n
=
NULL
,
*
e
=
NULL
,
*
d
=
NULL
;
...
...
src/vmod_crypto.rst
View file @
86c5efcf
...
@@ -26,6 +26,8 @@ SYNOPSIS
...
@@ -26,6 +26,8 @@ SYNOPSIS
:ref:`xkey.pem_pubkey()`
:ref:`xkey.pem_pubkey()`
:ref:`xkey.pem_privkey()`
:ref:`xkey.rsa()`
:ref:`xkey.rsa()`
:ref:`crypto.verifier()`
:ref:`crypto.verifier()`
...
@@ -96,6 +98,20 @@ comprise RSA and DSA.
...
@@ -96,6 +98,20 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
Any error is fatal to vcl initialization.
.. _xkey.pem_privkey():
VOID xkey.pem_privkey(STRING, STRING password=0)
------------------------------------------------
Create a key from the PEM-encoded private key, optionally decrypting
it using `password`.
The cryptographic method to be used and the key length are
automatically determined from _pem_. Typically supported methods
comprise RSA and DSA.
Any error is fatal to vcl initialization.
.. _xkey.rsa():
.. _xkey.rsa():
VOID xkey.rsa(BLOB n, BLOB e, [BLOB d])
VOID xkey.rsa(BLOB n, BLOB e, [BLOB d])
...
...
src/vmod_crypto.vcc
View file @
86c5efcf
...
@@ -58,6 +58,17 @@ comprise RSA and DSA.
...
@@ -58,6 +58,17 @@ comprise RSA and DSA.
Any error is fatal to vcl initialization.
Any error is fatal to vcl initialization.
$Method VOID .pem_privkey(STRING, STRING password=0)
Create a key from the PEM-encoded private key, optionally decrypting
it using `password`.
The cryptographic method to be used and the key length are
automatically determined from _pem_. Typically supported methods
comprise RSA and DSA.
Any error is fatal to vcl initialization.
$Method VOID .rsa(BLOB n, BLOB e, [BLOB d])
$Method VOID .rsa(BLOB n, BLOB e, [BLOB d])
Create an RSA key from the parameters n, e, and optionally d.
Create an RSA key from the parameters n, e, and optionally d.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment