"Dave Thompson" <[email protected]> said:
> privatekeys - man PEM -- but the PEM_read routines can handle
This is how I do it...
#define PEM_CERT_START "-----BEGIN CERTIFICATE-----"
#define PEM_CERT_END "-----END CERTIFICATE-----"
#define PEM_RSA_PRIV_KEY_START "-----BEGIN RSA PRIVATE KEY-----"
#define PEM_RSA_PRIV_KEY_END "-----END RSA PRIVATE KEY-----"
#define PEM_DSA_PRIV_KEY_START "-----BEGIN DSA PRIVATE KEY-----"
#define PEM_DSA_PRIV_KEY_END "-----END DSA PRIVATE KEY-----"
#define PEM_PRIV_KEY_START "-----BEGIN PRIVATE KEY-----"
EVP_PKEY* zxid_extract_private_key(char* buf)
{
char* p;
char* e;
int typ;
EVP_PKEY* pk = 0; /* Forces d2i_PrivateKey() to alloc the memory. */
OpenSSL_add_all_algorithms();
if (p = strstr(buf, PEM_RSA_PRIV_KEY_START)) {
typ = EVP_PKEY_RSA;
e = PEM_RSA_PRIV_KEY_END;
p += sizeof(PEM_RSA_PRIV_KEY_START) - 1;
} else if (p = strstr(buf, PEM_DSA_PRIV_KEY_START)) {
typ = EVP_PKEY_DSA;
e = PEM_DSA_PRIV_KEY_END;
p += sizeof(PEM_DSA_PRIV_KEY_START) - 1;
} else if (p = strstr(buf, PEM_PRIV_KEY_START)) { /* Not official format,
but sometimes seen. */
typ = EVP_PKEY_RSA;
e = PEM_PRIV_KEY_END;
p += sizeof(PEM_PRIV_KEY_START) - 1;
} else {
ERR("No private key found in buf. Looking for separator (%s) or (%s).\npem
data(%s)", PEM_RSA_PRIV_KEY_START, PEM_DSA_PRIV_KEY_START, buf);
return 0;
}
if (*p == 0xd) ++p;
if (*p != 0xa) {
ERR("Bad privkey missing newline ch(0x%x) at %ld (%.*s) of buf(%s)", *p,
(long)(p-buf), 5, p-2, buf);
return 0;
}
++p;
e = strstr(buf, e);
if (!e) {
ERR("End marker not found, typ=%d", typ);
return 0;
}
p = unbase64_raw(p, e, buf, zx_std_index_64);
if (!d2i_PrivateKey(typ, &pk, (const unsigned char**)&buf, p-buf) || !pk) {
zx_report_openssl_err("extract_private_key");
ERR("DER decoding of private key failed.\n%d", 0);
return 0;
}
zx_report_openssl_err("extract_private_key2");
return pk; /* RSA* rsa = EVP_PKEY_get1_RSA(pk); */
}
Cheers,
--Sampo
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
