mirror of
https://github.com/espressif/esp-idf
synced 2025-03-24 00:19:15 -04:00
2faa2376a0
1. add empty function to load private key into SSL context
2. add empty function to load certification into SSL context
3. add function to load RSA private key
199 lines
4.3 KiB
C
199 lines
4.3 KiB
C
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
#include "ssl_lib.h"
|
|
#include "ssl_pkey.h"
|
|
#include "ssl_methods.h"
|
|
#include "ssl_dbg.h"
|
|
#include "ssl_port.h"
|
|
|
|
/*
|
|
* EVP_PKEY_new - create a private key object
|
|
*
|
|
* @param none
|
|
*
|
|
* @return private key object point or NULL if failed
|
|
*/
|
|
EVP_PKEY* EVP_PKEY_new(void)
|
|
{
|
|
int ret;
|
|
EVP_PKEY *pkey;
|
|
|
|
pkey = ssl_malloc(sizeof(EVP_PKEY));
|
|
if (!pkey)
|
|
SSL_RET(failed1, "ssl_malloc\n");
|
|
|
|
pkey->method = EVP_PKEY_method();
|
|
|
|
ret = EVP_PKEY_METHOD_CALL(new, pkey);
|
|
if (ret)
|
|
SSL_RET(failed2, "pkey_new\n");
|
|
|
|
return pkey;
|
|
|
|
failed2:
|
|
ssl_free(pkey);
|
|
failed1:
|
|
return NULL;
|
|
}
|
|
|
|
/*
|
|
* EVP_PKEY_free - free a private key object
|
|
*
|
|
* @param pkey - private key object point
|
|
*
|
|
* @return none
|
|
*/
|
|
void EVP_PKEY_free(EVP_PKEY *pkey)
|
|
{
|
|
EVP_PKEY_METHOD_CALL(free, pkey);
|
|
|
|
ssl_free(pkey);
|
|
}
|
|
|
|
/*
|
|
* d2i_PrivateKey - load a character key context into system context. If '*a' is pointed to the
|
|
* private key, then load key into it. Or create a new private key object
|
|
*
|
|
* @param type - private key type
|
|
* @param a - a point pointed to a private key point
|
|
* @param pp - a point pointed to the key context memory point
|
|
* @param length - key bytes
|
|
*
|
|
* @return private key object point or NULL if failed
|
|
*/
|
|
EVP_PKEY *d2i_PrivateKey(int type,
|
|
EVP_PKEY **a,
|
|
const unsigned char **pp,
|
|
long length)
|
|
{
|
|
int m = 0;
|
|
int ret;
|
|
EVP_PKEY *pkey;
|
|
|
|
SSL_ASSERT(pp);
|
|
SSL_ASSERT(*pp);
|
|
SSL_ASSERT(length);
|
|
|
|
if (a && *a) {
|
|
pkey = *a;
|
|
} else {
|
|
pkey = EVP_PKEY_new();;
|
|
if (!pkey)
|
|
SSL_RET(failed1, "ssl_malloc\n");
|
|
m = 1;
|
|
}
|
|
|
|
ret = EVP_PKEY_METHOD_CALL(load, pkey, *pp, length);
|
|
if (ret)
|
|
SSL_RET(failed2, "pkey_pm_load_crt\n");
|
|
|
|
if (a)
|
|
*a = pkey;
|
|
|
|
return pkey;
|
|
|
|
failed2:
|
|
if (m)
|
|
EVP_PKEY_free(pkey);
|
|
failed1:
|
|
return NULL;
|
|
}
|
|
|
|
/*
|
|
* SSL_CTX_use_certificate - set the SSL context private key
|
|
*
|
|
* @param ctx - SSL context point
|
|
* @param x - private key point
|
|
*
|
|
* @return
|
|
* 1 : OK
|
|
* 0 : failed
|
|
*/
|
|
int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
|
|
{
|
|
SSL_ASSERT(ctx);
|
|
SSL_ASSERT(pkey);
|
|
|
|
ctx->cert->pkey = pkey;
|
|
|
|
return 1;
|
|
}
|
|
|
|
/*
|
|
* SSL_CTX_use_PrivateKey_ASN1 - load private key into the SSL context
|
|
*
|
|
* @param type - private key type
|
|
* @param ctx - SSL context point
|
|
* @param d - private key context point
|
|
* @param len - private key context bytes
|
|
*
|
|
* @return
|
|
* 1 : OK
|
|
* 0 : failed
|
|
*/
|
|
int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
|
|
const unsigned char *d, long len)
|
|
{
|
|
int ret;
|
|
EVP_PKEY *pkey;
|
|
|
|
pkey = d2i_PrivateKey(0, &ctx->cert->pkey, &d, len);
|
|
if (!pkey)
|
|
SSL_RET(failed1, "d2i_PrivateKey\n");
|
|
|
|
ret = SSL_CTX_use_PrivateKey(ctx, pkey);
|
|
if (!ret)
|
|
SSL_RET(failed2, "SSL_CTX_use_PrivateKey\n");
|
|
|
|
return 1;
|
|
|
|
failed2:
|
|
EVP_PKEY_free(pkey);
|
|
failed1:
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* SSL_CTX_use_certificate_file - load the private key file into SSL context
|
|
*
|
|
* @param ctx - SSL context point
|
|
* @param file - private key file name
|
|
* @param type - private key encoding type
|
|
*
|
|
* @return
|
|
* 1 : OK
|
|
* 0 : failed
|
|
*/
|
|
int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* SSL_CTX_use_certificate_ASN1 - load the RSA ASN1 private key into SSL context
|
|
*
|
|
* @param ctx - SSL context point
|
|
* @param d - data point
|
|
* @param len - RSA private key length
|
|
*
|
|
* @return
|
|
* 1 : OK
|
|
* 0 : failed
|
|
*/
|
|
int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
|
|
{
|
|
return SSL_CTX_use_PrivateKey_ASN1(0, ctx, d, len);
|
|
}
|