/** * Try to decrypt the given blob with multiple passwords using the given * pkcs5 object. */ static private_key_t *decrypt_private_key(pkcs5_t *pkcs5, chunk_t blob) { enumerator_t *enumerator; shared_key_t *shared; private_key_t *private_key = NULL; enumerator = lib->credmgr->create_shared_enumerator(lib->credmgr, SHARED_PRIVATE_KEY_PASS, NULL, NULL); while (enumerator->enumerate(enumerator, &shared, NULL, NULL)) { chunk_t decrypted; if (!pkcs5->decrypt(pkcs5, shared->get_key(shared), blob, &decrypted)) { continue; } private_key = parse_private_key(decrypted); if (private_key) { chunk_clear(&decrypted); break; } chunk_free(&decrypted); } enumerator->destroy(enumerator); return private_key; }
/** * See header. */ private_key_t *pkcs8_private_key_load(key_type_t type, va_list args) { chunk_t blob = chunk_empty; private_key_t *key; while (TRUE) { switch (va_arg(args, builder_part_t)) { case BUILD_BLOB_ASN1_DER: blob = va_arg(args, chunk_t); continue; case BUILD_END: break; default: return NULL; } break; } /* we don't know whether it is encrypted or not, try both ways */ key = parse_encrypted_private_key(blob); if (!key) { key = parse_private_key(blob); } return key; }
static GTlsCertificate * tls_certificate_new_from_pem (const gchar *data, gssize length, GError **error) { GError *child_error = NULL; gchar *key_pem; GTlsCertificate *cert; g_return_val_if_fail (data != NULL, NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); if (length == -1) length = strlen (data); key_pem = parse_private_key (data, length, FALSE, &child_error); if (child_error != NULL) { g_propagate_error (error, child_error); return NULL; } cert = parse_and_create_certificate (data, length, key_pem, error); g_free (key_pem); return cert; }
int main( int argc, char *argv[ ] ) { rsa_key privkey; unsigned char *buffer; int buffer_length; if ( argc < 3 ) { fprintf( stderr, "Usage: %s [-pem|-der] <rsa private key file> [password]\n", argv[ 0 ] ); exit( 0 ); } if ( !( buffer = load_file_into_memory( argv[ 2 ], &buffer_length ) ) ) { perror( "Unable to load file" ); exit( 1 ); } if ( !strcmp( argv[ 1 ], "-pem" ) ) { // XXX this overallocates a bit, since it sets aside space for markers, etc. unsigned char *pem_buffer = buffer; buffer = (unsigned char * ) malloc( buffer_length ); buffer_length = pem_decode( pem_buffer, buffer ); free( pem_buffer ); } if ( argc == 3 ) { parse_private_key( &privkey, buffer, buffer_length ); } else { parse_pkcs8_private_key( &privkey, buffer, buffer_length, argv[ 3] ); } printf( "Modulus:" ); show_hex( privkey.modulus->rep, privkey.modulus->size ); printf( "Private Exponent:" ); show_hex( privkey.exponent->rep, privkey.exponent->size ); free( buffer ); return 0; }