Attachment #183629 for bug #220136

View | Details | Raw Unified | Return to bug 220136
Collapse All | Expand All





bootstrap Crypt::OpenSSL::RSA $VERSION;

sub new_private_key {

    my ($self, $keystring, $passin) = @_;

    if (length ($passin) > 0 ) {
        return $self->_new_enc_private_key($keystring, $passin);
    }
    return $self->_new_private_key($keystring);
}

sub get_private_key_string {

    my ($self, $passout, $cipher) = @_;

    if (length ($passout) > 0 && length ($cipher) > 0) {
        return $self->_get_enc_private_key_string($passout, $cipher);
    } elsif (length $passout > 0) { 
        return $self->_get_enc_private_key_string($passout, "aes-256-cbc");
    }
    return $self->_get_private_key_string();
}

BEGIN { eval { require Crypt::OpenSSL::Bignum; }; }


1;

__END__

    }
}

=item new_private_key(privkey_string)
=cut
=item new_private_key(privkey_string, password)

Create a new Crypt::OpenSSL::RSA object by loading a private key in
from an string containing the Base64/DER encoding of the PKCS1

and is the format that is produced by running C<openssl rsa -pubout>.

=item get_private_key_string
=cut
=item get_enc_private_key_string(password)
=cut
=item get_enc_private_key_string(password, cipher)

Return the unencripted or encripted DER-encoded PKCS1 representation
of the private key. For stoping of potential leak unencrypted private key
if cipher name is unknown will use DES3 (DES-EDE3) cipher.

=item encrypt





    return rsa;
}


RSA* _load_enc_rsa_key(SV* p_keyStringSv,
                   RSA*(*p_loader)(BIO*, RSA**, pem_password_cb*, void*), char* password)
{
    STRLEN keyStringLength;
    char* keyString;

    RSA* rsa;
    BIO* stringBIO;

    keyString = SvPV(p_keyStringSv, keyStringLength);

    CHECK_OPEN_SSL(stringBIO = BIO_new_mem_buf(keyString, keyStringLength));

    rsa = p_loader(stringBIO, NULL, NULL, password);

    CHECK_OPEN_SSL(BIO_set_close(stringBIO, BIO_CLOSE) == 1);
    BIO_free(stringBIO);

    CHECK_OPEN_SSL(rsa);
    return rsa;
}


SV* rsa_crypt(rsaData* p_rsa, SV* p_from,
              int (*p_crypt)(int, const unsigned char*, unsigned char*, RSA*, int))
{

    ERR_load_crypto_strings();

SV*
_new_private_key(proto, key_string_SV)
    SV* proto;
    SV* key_string_SV;
  CODE:

  OUTPUT:
    RETVAL


SV*
_new_enc_private_key(proto, key_string_SV, password_SV)
    SV* proto;
    SV* key_string_SV;
    SV* password_SV;
  PREINIT:
    char* password;
  CODE:
    password = SvPV_nolen(password_SV);

    RETVAL = make_rsa_obj(
        proto, _load_enc_rsa_key(key_string_SV, PEM_read_bio_RSAPrivateKey, password));
  OUTPUT:
    RETVAL


SV*
_new_public_key_pkcs1(proto, key_string_SV)
    SV* proto;

    Safefree(p_rsa);

SV*
_get_private_key_string(p_rsa)
    rsaData* p_rsa;
  PREINIT:
    BIO* stringBIO;

  OUTPUT:
    RETVAL


SV*
_get_enc_private_key_string(p_rsa, passout_SV, cipher_SV)
    rsaData* p_rsa;
    SV* passout_SV;
    SV* cipher_SV;
  PREINIT:
    char* passout;
    char* cipher;

    BIO* stringBIO;
    const EVP_CIPHER *enc;
  CODE:
    passout = SvPV_nolen(passout_SV);
    cipher = SvPV_nolen(cipher_SV);

    CHECK_OPEN_SSL(stringBIO = BIO_new(BIO_s_mem()));
    enc = EVP_get_cipherbyname(cipher);
    if (enc == NULL) { enc = EVP_get_cipherbyname("DES3"); }
    PEM_write_bio_RSAPrivateKey(
        stringBIO, p_rsa->rsa, enc, NULL, 0, NULL, passout);
    RETVAL = extractBioString(stringBIO);

  OUTPUT:
    RETVAL

SV*
get_public_key_string(p_rsa)
    rsaData* p_rsa;




use Crypt::OpenSSL::Random;
use Crypt::OpenSSL::RSA;

BEGIN { plan tests => 46 + (UNIVERSAL::can("Crypt::OpenSSL::RSA", "use_sha512_hash") ? 4*5 : 0) }

sub _Test_Encrypt_And_Decrypt
{


ok($private_key_string and $public_key_string);

my $enc_private_key_string_default = $rsa->get_private_key_string('12345');
ok($enc_private_key_string_default);

my $enc_private_key_string_des3 = $rsa->get_private_key_string('12345', 'des3-cbc');
ok($enc_private_key_string_des3);

my $enc_private_key_string_idea = $rsa->get_private_key_string('12345', 'IDEA');
ok($enc_private_key_string_idea);

my $plaintext = "The quick brown fox jumped over the lazy dog";
my $rsa_priv = Crypt::OpenSSL::RSA->new_private_key($private_key_string);
ok($plaintext eq $rsa_priv->decrypt($rsa_priv->encrypt($plaintext)));

Return to bug 220136

Lines 14-21 Link Here

(-)./RSA.pm (-2 / +33 lines)
14		14
15	bootstrap Crypt::OpenSSL::RSA $VERSION;	15	bootstrap Crypt::OpenSSL::RSA $VERSION;
16		16
		17	sub new_private_key {
		18
		19	my ($self, $keystring, $passin) = @_;
		20
		21	if (length ($passin) > 0 ) {
		22	return $self->_new_enc_private_key($keystring, $passin);
		23	}
		24	return $self->_new_private_key($keystring);
		25	}
		26
		27	sub get_private_key_string {
		28
		29	my ($self, $passout, $cipher) = @_;
		30
		31	if (length ($passout) > 0 && length ($cipher) > 0) {
		32	return $self->_get_enc_private_key_string($passout, $cipher);
		33	} elsif (length $passout > 0) {
		34	return $self->_get_enc_private_key_string($passout, "aes-256-cbc");
		35	}
		36	return $self->_get_private_key_string();
		37	}
		38
17	BEGIN { eval { require Crypt::OpenSSL::Bignum; }; }	39	BEGIN { eval { require Crypt::OpenSSL::Bignum; }; }
18		40
		41
19	1;	42	1;
20		43
21	__END__	44	__END__
Lines 96-102 Link Here
96	}	119	}
97	}	120	}
98		121
99	=item new_private_key	122	=item new_private_key(privkey_string)
		123	=cut
		124	=item new_private_key(privkey_string, password)
100		125
101	Create a new Crypt::OpenSSL::RSA object by loading a private key in	126	Create a new Crypt::OpenSSL::RSA object by loading a private key in
102	from an string containing the Base64/DER encoding of the PKCS1	127	from an string containing the Base64/DER encoding of the PKCS1
Lines 179-186 Link Here
179	and is the format that is produced by running C<openssl rsa -pubout>.	204	and is the format that is produced by running C<openssl rsa -pubout>.
180		205
181	=item get_private_key_string	206	=item get_private_key_string
		207	=cut
		208	=item get_enc_private_key_string(password)
		209	=cut
		210	=item get_enc_private_key_string(password, cipher)
182		211
183	Return the DER-encoded PKCS1 representation of the private key.	212	Return the unencripted or encripted DER-encoded PKCS1 representation
		213	of the private key. For stoping of potential leak unencrypted private key
		214	if cipher name is unknown will use DES3 (DES-EDE3) cipher.
184		215
185	=item encrypt	216	=item encrypt
186		217

Lines 179-184 Link Here

(-)./RSA.xs (-2 / +69 lines)
179	return rsa;	179	return rsa;
180	}	180	}
181		181
		182
		183	RSA* _load_enc_rsa_key(SV* p_keyStringSv,
		184	RSA(p_loader)(BIO, RSA, pem_password_cb, void), char password)
		185	{
		186	STRLEN keyStringLength;
		187	char* keyString;
		188
		189	RSA* rsa;
		190	BIO* stringBIO;
		191
		192	keyString = SvPV(p_keyStringSv, keyStringLength);
		193
		194	CHECK_OPEN_SSL(stringBIO = BIO_new_mem_buf(keyString, keyStringLength));
		195
		196	rsa = p_loader(stringBIO, NULL, NULL, password);
		197
		198	CHECK_OPEN_SSL(BIO_set_close(stringBIO, BIO_CLOSE) == 1);
		199	BIO_free(stringBIO);
		200
		201	CHECK_OPEN_SSL(rsa);
		202	return rsa;
		203	}
		204
		205
182	SV* rsa_crypt(rsaData* p_rsa, SV* p_from,	206	SV* rsa_crypt(rsaData* p_rsa, SV* p_from,
183	int (p_crypt)(int, const unsigned char, unsigned char, RSA, int))	207	int (p_crypt)(int, const unsigned char, unsigned char, RSA, int))
184	{	208	{
Lines 214-220 Link Here
214	ERR_load_crypto_strings();	238	ERR_load_crypto_strings();
215		239
216	SV*	240	SV*
217	new_private_key(proto, key_string_SV)	241	_new_private_key(proto, key_string_SV)
218	SV* proto;	242	SV* proto;
219	SV* key_string_SV;	243	SV* key_string_SV;
220	CODE:	244	CODE:
Lines 223-228 Link Here
223	OUTPUT:	247	OUTPUT:
224	RETVAL	248	RETVAL
225		249
		250
		251	SV*
		252	_new_enc_private_key(proto, key_string_SV, password_SV)
		253	SV* proto;
		254	SV* key_string_SV;
		255	SV* password_SV;
		256	PREINIT:
		257	char* password;
		258	CODE:
		259	password = SvPV_nolen(password_SV);
		260
		261	RETVAL = make_rsa_obj(
		262	proto, _load_enc_rsa_key(key_string_SV, PEM_read_bio_RSAPrivateKey, password));
		263	OUTPUT:
		264	RETVAL
		265
		266
226	SV*	267	SV*
227	_new_public_key_pkcs1(proto, key_string_SV)	268	_new_public_key_pkcs1(proto, key_string_SV)
228	SV* proto;	269	SV* proto;
Lines 251-257 Link Here
251	Safefree(p_rsa);	292	Safefree(p_rsa);
252		293
253	SV*	294	SV*
254	get_private_key_string(p_rsa)	295	_get_private_key_string(p_rsa)
255	rsaData* p_rsa;	296	rsaData* p_rsa;
256	PREINIT:	297	PREINIT:
257	BIO* stringBIO;	298	BIO* stringBIO;
Lines 264-269 Link Here
264	OUTPUT:	305	OUTPUT:
265	RETVAL	306	RETVAL
266		307
		308
		309	SV*
		310	_get_enc_private_key_string(p_rsa, passout_SV, cipher_SV)
		311	rsaData* p_rsa;
		312	SV* passout_SV;
		313	SV* cipher_SV;
		314	PREINIT:
		315	char* passout;
		316	char* cipher;
		317
		318	BIO* stringBIO;
		319	const EVP_CIPHER *enc;
		320	CODE:
		321	passout = SvPV_nolen(passout_SV);
		322	cipher = SvPV_nolen(cipher_SV);
		323
		324	CHECK_OPEN_SSL(stringBIO = BIO_new(BIO_s_mem()));
		325	enc = EVP_get_cipherbyname(cipher);
		326	if (enc == NULL) { enc = EVP_get_cipherbyname("DES3"); }
		327	PEM_write_bio_RSAPrivateKey(
		328	stringBIO, p_rsa->rsa, enc, NULL, 0, NULL, passout);
		329	RETVAL = extractBioString(stringBIO);
		330
		331	OUTPUT:
		332	RETVAL
		333
267	SV*	334	SV*
268	get_public_key_string(p_rsa)	335	get_public_key_string(p_rsa)
269	rsaData* p_rsa;	336	rsaData* p_rsa;

Lines 4-10 Link Here

(-)./t/rsa.t (-1 / +10 lines)
4	use Crypt::OpenSSL::Random;	4	use Crypt::OpenSSL::Random;
5	use Crypt::OpenSSL::RSA;	5	use Crypt::OpenSSL::RSA;
6		6
7	BEGIN { plan tests => 43 + (UNIVERSAL::can("Crypt::OpenSSL::RSA", "use_sha512_hash") ? 4*5 : 0) }	7	BEGIN { plan tests => 46 + (UNIVERSAL::can("Crypt::OpenSSL::RSA", "use_sha512_hash") ? 4*5 : 0) }
8		8
9	sub _Test_Encrypt_And_Decrypt	9	sub _Test_Encrypt_And_Decrypt
10	{	10	{
Lines 84-89 Link Here
84		84
85	ok($private_key_string and $public_key_string);	85	ok($private_key_string and $public_key_string);
86		86
		87	my $enc_private_key_string_default = $rsa->get_private_key_string('12345');
		88	ok($enc_private_key_string_default);
		89
		90	my $enc_private_key_string_des3 = $rsa->get_private_key_string('12345', 'des3-cbc');
		91	ok($enc_private_key_string_des3);
		92
		93	my $enc_private_key_string_idea = $rsa->get_private_key_string('12345', 'IDEA');
		94	ok($enc_private_key_string_idea);
		95
87	my $plaintext = "The quick brown fox jumped over the lazy dog";	96	my $plaintext = "The quick brown fox jumped over the lazy dog";
88	my $rsa_priv = Crypt::OpenSSL::RSA->new_private_key($private_key_string);	97	my $rsa_priv = Crypt::OpenSSL::RSA->new_private_key($private_key_string);
89	ok($plaintext eq $rsa_priv->decrypt($rsa_priv->encrypt($plaintext)));	98	ok($plaintext eq $rsa_priv->decrypt($rsa_priv->encrypt($plaintext)));