From: Fred Morcos <fred.morcos@open-xchange.com>
Date: Wed, 27 Apr 2022 09:43:42 +0000 (+0200)
Subject: RSA PEM import
X-Git-Tag: auth-4.8.0-alpha0~115^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b67ad172d89355f24011267ca469a002ed87d6d7;p=thirdparty%2Fpdns.git

RSA PEM import
---

diff --git a/pdns/opensslsigners.cc b/pdns/opensslsigners.cc
index 967c25f0f8..ad95a1d696 100644
--- a/pdns/opensslsigners.cc
+++ b/pdns/opensslsigners.cc
@@ -190,6 +190,23 @@ public:
 
   void create(unsigned int bits) override;
 
+  /**
+   * \brief Creates an RSA key engine from a PEM file.
+   *
+   * Receives an open file handle with PEM contents and creates an RSA key
+   * engine.
+   *
+   * \param[in] drc Key record contents to be populated.
+   *
+   * \param[in] filename Only used for providing filename information in error
+   * messages.
+   *
+   * \param[in] fp An open file handle to a file containing RSA PEM contents.
+   *
+   * \return An RSA key engine populated with the contents of the PEM file.
+   */
+  void createFromPEMFile(DNSKEYRecordContent& drc, const std::string& filename, std::FILE& fp) override;
+
   /**
    * \brief Writes this key's contents to a file.
    *
@@ -266,6 +283,14 @@ void OpenSSLRSADNSCryptoKeyEngine::create(unsigned int bits)
   d_key = std::move(key);
 }
 
+void OpenSSLRSADNSCryptoKeyEngine::createFromPEMFile(DNSKEYRecordContent& drc, const std::string& filename, std::FILE& fp) {
+  drc.d_algorithm = d_algorithm;
+  d_key = std::unique_ptr<RSA, decltype(&RSA_free)>(PEM_read_RSAPrivateKey(&fp, nullptr, nullptr, nullptr), &RSA_free);
+  if (d_key == nullptr) {
+    throw runtime_error(getName() + ": Failed to read private key from PEM file `" + filename + "`");
+  }
+}
+
 void OpenSSLRSADNSCryptoKeyEngine::convertToPEM(std::FILE& fp) const {
   auto ret = PEM_write_RSAPrivateKey(&fp, d_key.get(), nullptr, nullptr, 0, nullptr, nullptr);
   if (ret == 0) {