SEXP PKI_load_private_RSA(SEXP what, SEXP sPassword) { EVP_PKEY *key = 0; BIO *bio_mem; if (TYPEOF(sPassword) != STRSXP || LENGTH(sPassword) != 1) Rf_error("Password must be a string"); PKI_init(); if (TYPEOF(what) == RAWSXP) { /* assuming binary DER format */ RSA *rsa = 0; const unsigned char *ptr; ptr = (const unsigned char *) RAW(what); rsa = d2i_RSAPrivateKey(&rsa, &ptr, LENGTH(what)); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); key = EVP_PKEY_new(); EVP_PKEY_assign_RSA(key, rsa); } else if (TYPEOF(what) == STRSXP && LENGTH(what)) { SEXP b64Key = STRING_ELT(what, 0); bio_mem = BIO_new_mem_buf((void *) CHAR(b64Key), -1); key = PEM_read_bio_PrivateKey(bio_mem, 0, 0, (void*) CHAR(STRING_ELT(sPassword, 0))); BIO_free(bio_mem); if (!key) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); } else Rf_error("Private key must be a character or raw vector"); return wrap_EVP_PKEY(key, PKI_KT_PRIVATE); }
SEXP PKI_cert_public_key(SEXP sCert) { X509 *cert; EVP_PKEY *key; PKI_init(); cert = retrieve_cert(sCert, ""); key = X509_get_pubkey(cert); if (!key) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); return wrap_EVP_PKEY(key, PKI_KT_PUBLIC); }
SEXP PKI_RSAkeygen(SEXP sBits) { EVP_PKEY *key; RSA *rsa; int bits = asInteger(sBits); if (bits < 512) Rf_error("invalid key size"); rsa = RSA_generate_key(bits, 65537, 0, 0); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); key = EVP_PKEY_new(); EVP_PKEY_assign_RSA(key, rsa); return wrap_EVP_PKEY(key, PKI_KT_PRIVATE | PKI_KT_PUBLIC); }
SEXP PKI_load_public_RSA(SEXP what) { EVP_PKEY *key; RSA *rsa = 0; const unsigned char *ptr; if (TYPEOF(what) != RAWSXP) Rf_error("key must be a raw vector"); ptr = (const unsigned char *) RAW(what); rsa = d2i_RSA_PUBKEY(&rsa, &ptr, LENGTH(what)); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); key = EVP_PKEY_new(); EVP_PKEY_assign_RSA(key, rsa); return wrap_EVP_PKEY(key, PKI_KT_PUBLIC); }
SEXP loadPrivateKey(SEXP privateKey) { EVP_PKEY *key; BIO *bio_mem; SEXP b64Key; if (TYPEOF(privateKey) != STRSXP || LENGTH(privateKey) == 0) Rf_error("PKCS8 private key must be a character vector of length 1"); b64Key = STRING_ELT(privateKey, 0); bio_mem = BIO_new_mem_buf((void *) CHAR(b64Key), LENGTH(b64Key)); key = PEM_read_bio_PrivateKey(bio_mem, &key, 0, "Can not ask password."); if (!key) { Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); } return wrap_EVP_PKEY(key); }
SEXP loadPKCS12(SEXP privateKey) { EVP_PKEY *key; BIO *bio_mem; PKCS12 *p12; X509 *cert; if (TYPEOF(privateKey) != RAWSXP) Rf_error("PKCS12 private key must be a raw vector"); bio_mem = BIO_new_mem_buf((void *) RAW(privateKey), LENGTH(privateKey)); p12 = d2i_PKCS12_bio(bio_mem, &p12); if (!p12 || !PKCS12_verify_mac(p12, pass, strlen(pass)) || !PKCS12_parse(p12, pass, &key, &cert, NULL) || !key) { Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); } return wrap_EVP_PKEY(key); }