Пример #1
0
// LoadPublicKeyFromDER loads a public key from a DER-encoded block.
func LoadPublicKeyFromDER(der_block []byte) (PublicKey, error) {
	if len(der_block) == 0 {
		return nil, errors.New("empty der block")
	}
	bio := C.BIO_new_mem_buf(unsafe.Pointer(&der_block[0]),
		C.int(len(der_block)))
	if bio == nil {
		return nil, errors.New("failed creating bio")
	}
	defer C.BIO_free(bio)

	rsakey := C.d2i_RSA_PUBKEY_bio(bio, nil)
	if rsakey == nil {
		return nil, errors.New("failed reading rsa key")
	}
	defer C.RSA_free(rsakey)

	// convert to PKEY
	key := C.EVP_PKEY_new()
	if key == nil {
		return nil, errors.New("failed converting to evp_pkey")
	}
	if C.EVP_PKEY_set1_RSA(key, (*C.struct_rsa_st)(rsakey)) != 1 {
		C.EVP_PKEY_free(key)
		return nil, errors.New("failed converting to evp_pkey")
	}

	p := &pKey{key: key}
	runtime.SetFinalizer(p, func(p *pKey) {
		C.EVP_PKEY_free(p.key)
	})
	return p, nil
}
Пример #2
0
// LoadPrivateKeyFromPEM loads a private key from a PEM-encoded block.
func LoadPrivateKeyFromPEMWidthPassword(pem_block []byte, password string) (
	PrivateKey, error) {
	if len(pem_block) == 0 {
		return nil, errors.New("empty pem block")
	}
	bio := C.BIO_new_mem_buf(unsafe.Pointer(&pem_block[0]),
		C.int(len(pem_block)))
	if bio == nil {
		return nil, errors.New("failed creating bio")
	}
	defer C.BIO_free(bio)
	cs := C.CString(password)
	defer C.free(unsafe.Pointer(cs))
	rsakey := C.PEM_read_bio_RSAPrivateKey(bio, nil, nil, unsafe.Pointer(cs))
	if rsakey == nil {
		return nil, errors.New("failed reading rsa key")
	}
	defer C.RSA_free(rsakey)

	// convert to PKEY
	key := C.EVP_PKEY_new()
	if key == nil {
		return nil, errors.New("failed converting to evp_pkey")
	}
	if C.EVP_PKEY_set1_RSA(key, (*C.struct_rsa_st)(rsakey)) != 1 {
		C.EVP_PKEY_free(key)
		return nil, errors.New("failed converting to evp_pkey")
	}

	p := &pKey{key: key}
	runtime.SetFinalizer(p, func(p *pKey) {
		C.EVP_PKEY_free(p.key)
	})
	return p, nil
}
Пример #3
0
//Helper function that calls encoding/pem to convert DER to PEM
func ParseCertificatePEM(pemData []byte) (*Certificate, error) {
	length := C.int(len(pemData))
	buffer := unsafe.Pointer(&pemData[0])
	bio := C.BIO_new_mem_buf(buffer, length)
	cert := C.PEM_read_bio_X509(bio, nil, nil, nil)
	if cert == nil {
		return nil, errors.New("problem loading certificate" + sslerr.SSLErrorMessage().String())
	}
	return &Certificate{x509: cert}, nil

}
Пример #4
0
func LoadPrivateKeyDER(buf []byte) (*PKey, error) {
	bio := C.BIO_new_mem_buf(unsafe.Pointer(&buf[0]), C.int(len(buf)))
	if bio == nil {
		return nil, errors.New("problem converting der key to openssl key")
	}

	pkey := C.d2i_PrivateKey_bio(bio, nil)
	if pkey == nil {
		return nil, errors.New(sslerr.SSLErrorMessage())
	}
	return &PKey{PKey: pkey}, nil
}
Пример #5
0
//Helper function to load a private key from it's bytes
func LoadPrivateKeyPEM(buf []byte) (*PKey, error) {
	bio := C.BIO_new_mem_buf(unsafe.Pointer(&buf[0]), C.int(len(buf)))
	if bio == nil {
		return nil, errors.New("problem converting der key to openssl key")
	}

	pkey := C.PEM_read_bio_PrivateKey(bio, nil, nil, nil)
	if pkey == nil {
		return nil, errors.New("Problem reading key:" + sslerr.SSLErrorMessage().String())
	}
	return &PKey{PKey: pkey}, nil
}
Пример #6
0
// ParseDERCRL parses a DER encoded CRL from the given bytes.
func ParseDERCRL(derBytes []byte) (certList *pkix.CertificateList, err error) {
	var (
		crl  *C.X509_CRL
		buf  = unsafe.Pointer(&derBytes[0])
		blen = C.int(len(derBytes))
		bio  = C.BIO_new_mem_buf(buf, blen)
	)
	crl = C.d2i_X509_CRL_bio(bio, nil)
	if crl == nil {
		return nil, errors.New("error parsing der data: " + sslerr.SSLErrorMessage().String())
	}
	// use crl
	return &pkix.CertificateList{}, nil
}
Пример #7
0
//Import an OpenSSL X509 certificate from a DER buffer
func ParseCertificate(asn1Data []byte) (*Certificate, error) {
	//with credit to exarkun and pyopenssl's crypto.c
	//you're my inspiration!
	length := C.int(len(asn1Data))
	buffer := unsafe.Pointer(&asn1Data[0])
	bio := C.BIO_new_mem_buf(buffer, length)
	sslCert := C.d2i_X509_bio(bio, nil)
	if sslCert == nil {
		return nil, errors.New("problem loading cert" + sslerr.SSLErrorMessage().String())
	}
	cert := new(Certificate)
	cert.X509 = sslCert
	return cert, nil
}
Пример #8
0
// ParseCRL parses a CRL from the given bytes. It's often the case that PEM
// encoded CRLs will appear where they should be DER encoded, so this function
// will transparently handle PEM encoding as long as there isn't any leading
// garbage.
func ParseCRL(crlBytes []byte) (certList *pkix.CertificateList, err error) {
	if bytes.HasPrefix(crlBytes, pemCRLPrefix) {
		var (
			crl  *C.X509_CRL
			buf  = unsafe.Pointer(&crlBytes[0])
			blen = C.int(len(crlBytes))
			bio  = C.BIO_new_mem_buf(buf, blen)
		)
		crl = C.PEM_read_bio_X509_CRL(bio, nil, nil, nil)
		if crl != nil {
			// use crl
			return &pkix.CertificateList{}, nil
		}
	}
	return ParseDERCRL(crlBytes)
}
Пример #9
0
// LoadCertificateFromPEM loads an X509 certificate from a PEM-encoded block.
func LoadCertificateFromPEM(pem_block []byte) (*Certificate, error) {
	if len(pem_block) == 0 {
		return nil, errors.New("empty pem block")
	}
	runtime.LockOSThread()
	defer runtime.UnlockOSThread()
	bio := C.BIO_new_mem_buf(unsafe.Pointer(&pem_block[0]),
		C.int(len(pem_block)))
	cert := C.PEM_read_bio_X509(bio, nil, nil, nil)
	C.BIO_free(bio)
	if cert == nil {
		return nil, errorFromErrorQueue()
	}
	x := &Certificate{x: cert}
	runtime.SetFinalizer(x, func(x *Certificate) {
		C.X509_free(x.x)
	})
	return x, nil
}
Пример #10
0
// LoadDHParametersFromPEM loads the Diffie-Hellman parameters from
// a PEM-encoded block.
func LoadDHParametersFromPEM(pem_block []byte) (*DH, error) {
	if len(pem_block) == 0 {
		return nil, errors.New("empty pem block")
	}
	bio := C.BIO_new_mem_buf(unsafe.Pointer(&pem_block[0]),
		C.int(len(pem_block)))
	if bio == nil {
		return nil, errors.New("failed creating bio")
	}
	defer C.BIO_free(bio)

	params := C.PEM_read_bio_DHparams(bio, nil, nil, nil)
	if params == nil {
		return nil, errors.New("failed reading dh parameters")
	}
	dhparams := &DH{dh: params}
	runtime.SetFinalizer(dhparams, func(dhparams *DH) {
		C.DH_free(dhparams.dh)
	})
	return dhparams, nil
}
Пример #11
0
// LoadPrivateKeyFromPEM loads a private key from a PEM-encoded block.
func LoadPrivateKeyFromPEM(pem_block []byte) (PrivateKey, error) {
	//
	// Check and load the PEM data
	//
	if len(pem_block) == 0 {
		return nil, errors.New("empty pem block")
	}
	bio := C.BIO_new_mem_buf(unsafe.Pointer(&pem_block[0]),
		C.int(len(pem_block)))
	if bio == nil {
		return nil, errors.New("failed creating bio")
	}
	defer C.BIO_free(bio)

	rsakey := C.PEM_read_bio_RSAPrivateKey(bio, nil, nil, nil)
	if rsakey == nil {
		return nil, errors.New("failed reading rsa key")
	}
	defer C.RSA_free(rsakey)

	//
	// Create a private key
	//
	key := C.EVP_PKEY_new()
	if key == nil {
		return nil, errors.New("failed converting to evp_pkey")
	}
	if C.EVP_PKEY_set1_RSA(key, (*C.struct_rsa_st)(rsakey)) != 1 {
		C.EVP_PKEY_free(key)
		return nil, errors.New("failed converting to evp_pkey")
	}

	p := &pKey{key: key}
	runtime.SetFinalizer(p, func(p *pKey) {
		C.EVP_PKEY_free(p.key)
	})
	return p, nil
}