RSA PEM import

diff --git a/pdns/opensslsigners.cc b/pdns/opensslsigners.cc
index 967c25f0f8916f0546aaadbc278b9907e9981bd9..ad95a1d69665c9f7ebef74618a2f11a911bef565 100644 (file)
--- a/pdns/opensslsigners.cc
+++ b/pdns/opensslsigners.cc
@@ -190,6 +190,23 @@ public:
 
   void create(unsigned int bits) override;
 
+  /**
+   * \brief Creates an RSA key engine from a PEM file.
+   *
+   * Receives an open file handle with PEM contents and creates an RSA key
+   * engine.
+   *
+   * \param[in] drc Key record contents to be populated.
+   *
+   * \param[in] filename Only used for providing filename information in error
+   * messages.
+   *
+   * \param[in] fp An open file handle to a file containing RSA PEM contents.
+   *
+   * \return An RSA key engine populated with the contents of the PEM file.
+   */
+  void createFromPEMFile(DNSKEYRecordContent& drc, const std::string& filename, std::FILE& fp) override;
+
   /**
    * \brief Writes this key's contents to a file.
    *
@@ -266,6 +283,14 @@ void OpenSSLRSADNSCryptoKeyEngine::create(unsigned int bits)
   d_key = std::move(key);
 }
 
+void OpenSSLRSADNSCryptoKeyEngine::createFromPEMFile(DNSKEYRecordContent& drc, const std::string& filename, std::FILE& fp) {
+  drc.d_algorithm = d_algorithm;
+  d_key = std::unique_ptr<RSA, decltype(&RSA_free)>(PEM_read_RSAPrivateKey(&fp, nullptr, nullptr, nullptr), &RSA_free);
+  if (d_key == nullptr) {
+    throw runtime_error(getName() + ": Failed to read private key from PEM file `" + filename + "`");
+  }
+}
+
 void OpenSSLRSADNSCryptoKeyEngine::convertToPEM(std::FILE& fp) const {
   auto ret = PEM_write_RSAPrivateKey(&fp, d_key.get(), nullptr, nullptr, 0, nullptr, nullptr);
   if (ret == 0) {