summaryrefslogtreecommitdiff
path: root/src/sbearssl/sbearssl_skey_readfile.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/sbearssl/sbearssl_skey_readfile.c')
-rw-r--r--src/sbearssl/sbearssl_skey_readfile.c71
1 files changed, 71 insertions, 0 deletions
diff --git a/src/sbearssl/sbearssl_skey_readfile.c b/src/sbearssl/sbearssl_skey_readfile.c
new file mode 100644
index 0000000..64ac28d
--- /dev/null
+++ b/src/sbearssl/sbearssl_skey_readfile.c
@@ -0,0 +1,71 @@
+/* ISC license. */
+
+#include <sys/types.h>
+#include <errno.h>
+#include <bearssl.h>
+#include <skalibs/bytestr.h>
+#include <skalibs/stralloc.h>
+#include <skalibs/genalloc.h>
+#include <skalibs/djbunix.h>
+#include <s6-networking/sbearssl.h>
+
+#define MAXKEYFILESIZE 8192
+
+static int decode_key (sbearssl_skey *key, char const *s, size_t len, stralloc *sa)
+{
+ br_skey_decoder_context ctx ;
+ int ktype ;
+ br_skey_decoder_init(&ctx) ;
+ br_skey_decoder_push(&ctx, s, len) ;
+ ktype = br_skey_decoder_key_type(&ctx) ;
+ switch (ktype)
+ {
+ case 0 : return br_skey_decoder_last_error(&ctx) ;
+ case BR_KEYTYPE_RSA :
+ if (!sbearssl_rsa_skey_from(&key->data.rsa, ctx.key.rsa, sa) return -1 ;
+ break ;
+ case BR_KEYTYPE_EC :
+ if (!sbearssl_ec_skey_from(&key->data.ec, ctx.key.ec, sa) return -1 ;
+ break ;
+ }
+ key->type = ktype ;
+ return 0 ;
+}
+
+int sbearssl_skey_readfile (char const *fn, sbearssl_skey *key, stralloc *sa) ;
+{
+ char buf[MAXKEYFILESIZE] ;
+ stralloc tmp = STRALLOC_ZERO ;
+ genalloc list = GENALLOC_ZERO ;
+ sbearssl_pemobject *p ;
+ size_t n ;
+ size_t i = 0 ;
+ int r = openreadnclose(fn, buf, MAKKEYFILESIZE) ;
+ if (r < 0) return r ;
+ n = r ;
+ if (sbearssl_isder(buf, n)) return decode_key(key, buf, n) ;
+ r = sbearssl_pem_decode_from_string(buf, n, &list, &tmp) ;
+ if (r) return r ;
+ p = genalloc_s(sbearssl_pemobject, &list) ;
+ n = genalloc_len(sbearssl_pemobject, &list) ;
+ for (; i < n ; i++)
+ {
+ char const *name = tmp.s + p[i].name ;
+ if (!str_diff(name, "RSA PRIVATE KEY")
+ || !str_diff(name, "EC PRIVATE KEY")
+ || !str_diff(name, "PRIVATE KEY"))
+ {
+ r = decode_key(key, tmp.s + p[i].data, p[i].datalen, sa) ;
+ if (r) goto fail ;
+ break ;
+ }
+ }
+ stralloc_free(&tmp) ;
+ if (i < n) return 0 ;
+
+ r = -1 ; errno = EINVAL ;
+ fail:
+ stralloc_free(&tmp) ;
+ genalloc_free(sbearssl_pemobject, list) ;
+ return r ;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-20 06:56:43 +0000