int SSL_use_RSAPrivateKey_file (SSL * ssl, const char *file, int type)
{
int j, ret = 0;
BIO *in;
RSA *rsa = NULL;
in = BIO_new (BIO_s_file_internal ());
if (in == NULL)
{
SSLerr (SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
goto end;
}
if (BIO_read_filename (in, file) <= 0)
{
SSLerr (SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
goto end;
}
if (type == SSL_FILETYPE_ASN1)
{
j = ERR_R_ASN1_LIB;
rsa = d2i_RSAPrivateKey_bio (in, NULL);
}
else if (type == SSL_FILETYPE_PEM)
{
j = ERR_R_PEM_LIB;
rsa = PEM_read_bio_RSAPrivateKey (in, NULL,
ssl->ctx->default_passwd_callback,
ssl->ctx->default_passwd_callback_userdata);
}
else
{
SSLerr (SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
goto end;
}
if (rsa == NULL)
{
SSLerr (SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
goto end;
}
ret = SSL_use_RSAPrivateKey (ssl, rsa);
RSA_free (rsa);
end:
if (in != NULL)
BIO_free (in);
return (ret);
}
int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type) {
int reason_code, ret = 0;
BIO *in;
RSA *rsa = NULL;
in = BIO_new(BIO_s_file());
if (in == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB);
goto end;
}
if (BIO_read_filename(in, file) <= 0) {
OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB);
goto end;
}
if (type == SSL_FILETYPE_ASN1) {
reason_code = ERR_R_ASN1_LIB;
rsa = d2i_RSAPrivateKey_bio(in, NULL);
} else if (type == SSL_FILETYPE_PEM) {
reason_code = ERR_R_PEM_LIB;
rsa =
PEM_read_bio_RSAPrivateKey(in, NULL, ssl->ctx->default_passwd_callback,
ssl->ctx->default_passwd_callback_userdata);
} else {
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SSL_FILETYPE);
goto end;
}
if (rsa == NULL) {
OPENSSL_PUT_ERROR(SSL, reason_code);
goto end;
}
ret = SSL_use_RSAPrivateKey(ssl, rsa);
RSA_free(rsa);
end:
BIO_free(in);
return ret;
}
struct ibuf *
dsa_setkey(struct iked_dsa *dsa, void *key, size_t keylen, uint8_t type)
{
BIO *rawcert = NULL;
X509 *cert = NULL;
RSA *rsa = NULL;
EVP_PKEY *pkey = NULL;
ibuf_release(dsa->dsa_keydata);
if ((dsa->dsa_keydata = ibuf_new(key, keylen)) == NULL) {
log_debug("%s: alloc signature key", __func__);
return (NULL);
}
if ((rawcert = BIO_new_mem_buf(key, keylen)) == NULL)
goto err;
switch (type) {
case IKEV2_CERT_X509_CERT:
if ((cert = d2i_X509_bio(rawcert, NULL)) == NULL)
goto sslerr;
if ((pkey = X509_get_pubkey(cert)) == NULL)
goto sslerr;
dsa->dsa_cert = cert;
dsa->dsa_key = pkey;
break;
case IKEV2_CERT_RSA_KEY:
if (dsa->dsa_sign) {
if ((rsa = d2i_RSAPrivateKey_bio(rawcert,
NULL)) == NULL)
goto sslerr;
} else {
if ((rsa = d2i_RSAPublicKey_bio(rawcert,
NULL)) == NULL)
goto sslerr;
}
if ((pkey = EVP_PKEY_new()) == NULL)
goto sslerr;
if (!EVP_PKEY_set1_RSA(pkey, rsa))
goto sslerr;
RSA_free(rsa); /* pkey now has the reference */
dsa->dsa_cert = NULL;
dsa->dsa_key = pkey;
break;
default:
if (dsa->dsa_hmac)
break;
log_debug("%s: unsupported key type", __func__);
goto err;
}
return (dsa->dsa_keydata);
sslerr:
ca_sslerror(__func__);
err:
log_debug("%s: error", __func__);
if (rsa != NULL)
RSA_free(rsa);
if (pkey != NULL)
EVP_PKEY_free(pkey);
if (cert != NULL)
X509_free(cert);
if (rawcert != NULL)
BIO_free(rawcert);
ibuf_release(dsa->dsa_keydata);
return (NULL);
}
