From: Fred Morcos Date: Fri, 1 Apr 2022 08:21:09 +0000 (+0200) Subject: OpenSSL impl of EDDSA PEM import X-Git-Tag: auth-4.8.0-alpha0~124^2~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b14ffbb0af7d84e3b2c42c27690325fdafc904b0;p=thirdparty%2Fpdns.git OpenSSL impl of EDDSA PEM import --- diff --git a/pdns/opensslsigners.cc b/pdns/opensslsigners.cc index b12094d4eb..c521e1558f 100644 --- a/pdns/opensslsigners.cc +++ b/pdns/opensslsigners.cc @@ -961,6 +961,25 @@ public: void create(unsigned int bits) override; + /** + * \brief Creates an EDDSA key engine from a PEM file. + * + * Receives an open file handle with PEM contents and creates an EDDSA + * key engine. + * + * \param[in] drc Key record contents to be populated. + * + * \param[in] filename Only used for providing filename information in + * error messages. + * + * \param[in] fp An open file handle to a file containing EDDSA PEM + * contents. + * + * \return An EDDSA key engine populated with the contents of the PEM + * file. + */ + void createFromPEMFile(DNSKEYRecordContent& drc, const std::string& filename, std::FILE& fp) override; + /** * \brief Writes this key's contents to a file. * @@ -1015,6 +1034,15 @@ void OpenSSLEDDSADNSCryptoKeyEngine::create(unsigned int bits) d_edkey = std::unique_ptr(newKey, EVP_PKEY_free); } +void OpenSSLEDDSADNSCryptoKeyEngine::createFromPEMFile(DNSKEYRecordContent& drc, const string& filename, std::FILE& fp) +{ + drc.d_algorithm = d_algorithm; + d_edkey = std::unique_ptr(PEM_read_PrivateKey(&fp, nullptr, nullptr, nullptr), &EVP_PKEY_free); + if (d_edkey == nullptr) { + throw runtime_error(getName() + ": Failed to read private key from PEM file `" + filename + "`"); + } +} + void OpenSSLEDDSADNSCryptoKeyEngine::convertToPEM(std::FILE& fp) const { auto ret = PEM_write_PrivateKey(&fp, d_edkey.get(), nullptr, nullptr, 0, nullptr, nullptr);