shithub: riscv

Download patch

ref: 294e08fa1e2481a3b01b815c34f458999d2e782c
parent: 1628c97d1ee667908372a41be8e33720047723b5
author: cinap_lenrek <[email protected]>
date: Sat Apr 16 00:16:10 EDT 2016

libsec: recognize and decode PKCS#8 wrapped RSA private keys for auth/asn12rsa

example usage:

auth/pemdecode 'PRIVATE KEY' test.pem | auth/asn12rsa

--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -1960,16 +1960,19 @@
 	Elist *el;
 	RSApub* key;
 
-	key = rsapuballoc();
+	key = nil;
 	if(decode(a->data, a->len, &e) != ASN_OK)
 		goto errret;
 	if(!is_seq(&e, &el) || elistlen(el) != 2)
 		goto errret;
+
+	key = rsapuballoc();
 	if((key->n = asn1mpint(&el->hd)) == nil)
 		goto errret;
 	el = el->tl;
 	if((key->ek = asn1mpint(&el->hd)) == nil)
 		goto errret;
+
 	freevalfields(&e.val);
 	return key;
 errret:
@@ -1998,14 +2001,27 @@
 	Elist *el;
 	RSApriv* key;
 
-	key = rsaprivalloc();
+	key = nil;
 	if(decode(a->data, a->len, &e) != ASN_OK)
 		goto errret;
-	if(!is_seq(&e, &el) || elistlen(el) != 9)
+	if(!is_seq(&e, &el))
 		goto errret;
+
 	if(!is_int(&el->hd, &version) || version != 0)
 		goto errret;
 
+	if(elistlen(el) != 9){
+		if(elistlen(el) == 3
+		&& parse_alg(&el->tl->hd) == ALG_rsaEncryption
+		&& is_octetstring(&el->tl->tl->hd, &a)){
+			key = decode_rsaprivkey(a);
+			if(key != nil)
+				goto done;
+		}
+		goto errret;
+	}
+
+	key = rsaprivalloc();
 	el = el->tl;
 	if((key->pub.n = asn1mpint(&el->hd)) == nil)
 		goto errret;
@@ -2038,6 +2054,7 @@
 	if((key->c2 = asn1mpint(&el->hd)) == nil)
 		goto errret;
 
+done:
 	freevalfields(&e.val);
 	return key;
 errret:
@@ -2361,6 +2378,9 @@
 	Bytes *b;
 	CertX509 *c;
 	RSApub *pub;
+
+	if(name != nil)
+		memset(name, 0, nname);
 
 	b = makebytes(cert, ncert);
 	c = decode_cert(b);