From: Fred Morcos Date: Tue, 29 Mar 2022 09:24:30 +0000 (+0200) Subject: OpenSSL impl of EDDSA PEM export X-Git-Tag: auth-4.8.0-alpha0~124^2~13 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=77183aa719438aadd44be161e663bb815bdbd159;p=thirdparty%2Fpdns.git OpenSSL impl of EDDSA PEM export --- diff --git a/pdns/opensslsigners.cc b/pdns/opensslsigners.cc index bd01209cce..b12094d4eb 100644 --- a/pdns/opensslsigners.cc +++ b/pdns/opensslsigners.cc @@ -960,6 +960,19 @@ public: int getBits() const override { return d_len << 3; } void create(unsigned int bits) override; + + /** + * \brief Writes this key's contents to a file. + * + * Receives an open file handle and writes this key's contents to the + * file. + * + * \param[in] fp An open file handle for writing. + * + * \exception std::runtime_error In case of OpenSSL errors. + */ + void convertToPEM(std::FILE& fp) const override; + storvector_t convertToISCVector() const override; std::string sign(const std::string& msg) const override; bool verify(const std::string& msg, const std::string& signature) const override; @@ -1002,6 +1015,14 @@ void OpenSSLEDDSADNSCryptoKeyEngine::create(unsigned int bits) d_edkey = std::unique_ptr(newKey, EVP_PKEY_free); } +void OpenSSLEDDSADNSCryptoKeyEngine::convertToPEM(std::FILE& fp) const +{ + auto ret = PEM_write_PrivateKey(&fp, d_edkey.get(), nullptr, nullptr, 0, nullptr, nullptr); + if (ret == 0) { + throw runtime_error(getName() + ": Could not convert private key to PEM"); + } +} + DNSCryptoKeyEngine::storvector_t OpenSSLEDDSADNSCryptoKeyEngine::convertToISCVector() const { storvector_t storvect;