git.tuebingen.mpg.de Git - paraslash.git/commit

author	Andre Noll <maan@tuebingen.mpg.de>
	Thu, 30 Aug 2018 13:32:34 +0000 (15:32 +0200)
committer	Andre Noll <maan@tuebingen.mpg.de>
	Tue, 25 Dec 2018 16:45:25 +0000 (17:45 +0100)
commit	09dbc597fa9661f8dfd96684430531fe6575d26c
tree	5ea746b11d8410efa1b7ad6dac19d8892433eb25	tree \| snapshot
parent	0b8b2469b5d2b81ff928bddd10d4ac3b819b75f8	commit \| diff

openssl: Add support for RFC4716 keys

The decode_private_key() helper of gcrypt.c base64-decodes the key
but does not read the RSA bignums. It is thus independent of gcrypt
and openssl. To add support for RFC4716 keys to the openssl backend,
we need to move it to crypt_common.c, making it a crypo backend
function. That is, non-static and declared in crypt_backend.h. The
patch also documents the function using doxgen comments.

With decode_private_key() and find_openssh_bignum_offset() to
our disposal, supporting RFC4716 keys is simple. We only need to
initialize the openssl-specific rsa structure with the six bignums
stored in a private RFC4716 key. This is implemented in the new
read_private_rsa_params() which calls the existing read_bignum()
six times.

The fields of the rsa structure are exposed to applications in
openssl-1.0, but the structure was made opaque in openssl-1.1. We
use the existing HAVE_RSA_SET0_KEY macro to decide whether or not
we must use the accessor functions of openssl-1.1 to initialize the
rsa structure.

crypt_backend.h		diff \| blob \| history
crypt_common.c		diff \| blob \| history
gcrypt.c		diff \| blob \| history
openssl.c		diff \| blob \| history