RSA PEM export

diff --git a/pdns/opensslsigners.cc b/pdns/opensslsigners.cc
index 0123d29fc37f8fcf193da86bd1f7116668b30713..967c25f0f8916f0546aaadbc278b9907e9981bd9 100644 (file)
--- a/pdns/opensslsigners.cc
+++ b/pdns/opensslsigners.cc
@@ -189,6 +189,19 @@ public:
   int getBits() const override { return RSA_size(d_key.get()) << 3; }
 
   void create(unsigned int bits) override;
+
+  /**
+   * \brief Writes this key's contents to a file.
+   *
+   * Receives an open file handle and writes this key's contents to the
+   * file.
+   *
+   * \param[in] fp An open file handle for writing.
+   *
+   * \exception std::runtime_error In case of OpenSSL errors.
+   */
+  void convertToPEM(std::FILE& fp) const override;
+
   storvector_t convertToISCVector() const override;
   std::string hash(const std::string& hash) const override;
   std::string sign(const std::string& hash) const override;
@@ -253,6 +266,12 @@ void OpenSSLRSADNSCryptoKeyEngine::create(unsigned int bits)
   d_key = std::move(key);
 }
 
+void OpenSSLRSADNSCryptoKeyEngine::convertToPEM(std::FILE& fp) const {
+  auto ret = PEM_write_RSAPrivateKey(&fp, d_key.get(), nullptr, nullptr, 0, nullptr, nullptr);
+  if (ret == 0) {
+    throw runtime_error(getName() + ": Could not convert private key to PEM");
+  }
+}
 
 DNSCryptoKeyEngine::storvector_t OpenSSLRSADNSCryptoKeyEngine::convertToISCVector() const
 {