/**
* Try to decrypt the given blob with multiple passwords using the given
* pkcs5 object.
*/
static private_key_t *decrypt_private_key(pkcs5_t *pkcs5, chunk_t blob)
{
enumerator_t *enumerator;
shared_key_t *shared;
private_key_t *private_key = NULL;
enumerator = lib->credmgr->create_shared_enumerator(lib->credmgr,
SHARED_PRIVATE_KEY_PASS, NULL, NULL);
while (enumerator->enumerate(enumerator, &shared, NULL, NULL))
{
chunk_t decrypted;
if (!pkcs5->decrypt(pkcs5, shared->get_key(shared), blob, &decrypted))
{
continue;
}
private_key = parse_private_key(decrypted);
if (private_key)
{
chunk_clear(&decrypted);
break;
}
chunk_free(&decrypted);
}
enumerator->destroy(enumerator);
return private_key;
}
/**
* See header.
*/
private_key_t *pkcs8_private_key_load(key_type_t type, va_list args)
{
chunk_t blob = chunk_empty;
private_key_t *key;
while (TRUE)
{
switch (va_arg(args, builder_part_t))
{
case BUILD_BLOB_ASN1_DER:
blob = va_arg(args, chunk_t);
continue;
case BUILD_END:
break;
default:
return NULL;
}
break;
}
/* we don't know whether it is encrypted or not, try both ways */
key = parse_encrypted_private_key(blob);
if (!key)
{
key = parse_private_key(blob);
}
return key;
}
static GTlsCertificate *
tls_certificate_new_from_pem (const gchar *data,
gssize length,
GError **error)
{
GError *child_error = NULL;
gchar *key_pem;
GTlsCertificate *cert;
g_return_val_if_fail (data != NULL, NULL);
g_return_val_if_fail (error == NULL || *error == NULL, NULL);
if (length == -1)
length = strlen (data);
key_pem = parse_private_key (data, length, FALSE, &child_error);
if (child_error != NULL)
{
g_propagate_error (error, child_error);
return NULL;
}
cert = parse_and_create_certificate (data, length, key_pem, error);
g_free (key_pem);
return cert;
}
int main( int argc, char *argv[ ] )
{
rsa_key privkey;
unsigned char *buffer;
int buffer_length;
if ( argc < 3 )
{
fprintf( stderr, "Usage: %s [-pem|-der] <rsa private key file> [password]\n", argv[ 0 ] );
exit( 0 );
}
if ( !( buffer = load_file_into_memory( argv[ 2 ], &buffer_length ) ) )
{
perror( "Unable to load file" );
exit( 1 );
}
if ( !strcmp( argv[ 1 ], "-pem" ) )
{
// XXX this overallocates a bit, since it sets aside space for markers, etc.
unsigned char *pem_buffer = buffer;
buffer = (unsigned char * ) malloc( buffer_length );
buffer_length = pem_decode( pem_buffer, buffer );
free( pem_buffer );
}
if ( argc == 3 )
{
parse_private_key( &privkey, buffer, buffer_length );
}
else
{
parse_pkcs8_private_key( &privkey, buffer, buffer_length, argv[ 3] );
}
printf( "Modulus:" );
show_hex( privkey.modulus->rep, privkey.modulus->size );
printf( "Private Exponent:" );
show_hex( privkey.exponent->rep, privkey.exponent->size );
free( buffer );
return 0;
}
