# include <config.h>
#endif
-#ifdef HAVE_GNUTLS
-# include <gnutls/gnutls.h>
-# include <gnutls/x509.h>
-#else
-#ifdef HAVE_OPENSSL
-# include <openssl/evp.h>
-# include <openssl/x509.h>
-# include <openssl/pem.h>
-#endif
-#endif
-
typedef struct _Eet_String Eet_String;
struct _Eet_String
const char *end;
};
-struct _Eet_Key
-{
- int references;
-#ifdef HAVE_SIGNATURE
-# ifdef HAVE_GNUTLS
- gnutls_x509_crt_t certificate;
- gnutls_x509_privkey_t private_key;
-# else
- X509 *certificate;
- EVP_PKEY *private_key;
-# endif
-#endif
-};
-
Eet_Dictionary *eet_dictionary_add(void);
void eet_dictionary_free(Eet_Dictionary *ed);
int eet_dictionary_string_add(Eet_Dictionary *ed, const char *string);
#ifdef HAVE_SIGNATURE
# ifdef HAVE_GNUTLS
# include <gnutls/gnutls.h>
+# include <gnutls/x509.h>
# else
# include <openssl/rsa.h>
# include <openssl/objects.h>
# include <openssl/ssl.h>
# include <openssl/dh.h>
# include <openssl/dsa.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
# endif
#endif
static Eet_Error eet_pbkdf2_sha1(const char *key, int key_len, const unsigned char *salt, unsigned int salt_len, int iter, unsigned char *res, int res_len);
#endif
+struct _Eet_Key
+{
+ int references;
+#ifdef HAVE_SIGNATURE
+# ifdef HAVE_GNUTLS
+ gnutls_x509_crt_t certificate;
+ gnutls_x509_privkey_t private_key;
+# else
+ X509 *certificate;
+ EVP_PKEY *private_key;
+# endif
+#endif
+};
+
EAPI Eet_Key*
eet_identity_open(const char *certificate_file, const char *private_key_file, Eet_Key_Password_Callback cb)
{
void *data = NULL;
gnutls_datum_t load_file = { NULL, 0 };
int res;
+ char pass[1024];
/* Init */
if (!(key = malloc(sizeof(Eet_Key)))) goto on_error;
/* Import the private key in Eet_Key structure */
load_file.data = data;
load_file.size = st.st_size;
+ /* Try to directly import the PEM encoded private key */
if ((res = gnutls_x509_privkey_import(key->private_key, &load_file, GNUTLS_X509_FMT_PEM)) < 0)
- goto on_error;
+ {
+ /* Else ask for the private key pass */
+ if (cb && cb(pass, 1024, 0, NULL))
+ {
+ /* If pass then try to decode the pkcs 8 private key */
+ if ((res = gnutls_x509_privkey_import_pkcs8(key->private_key, &load_file, GNUTLS_X509_FMT_PEM, pass, 0)))
+ goto on_error;
+ }
+ else
+ {
+ /* Else try to import the pkcs 8 private key without pass */
+ if ((res = gnutls_x509_privkey_import_pkcs8(key->private_key, &load_file, GNUTLS_X509_FMT_PEM, NULL, 1)))
+ goto on_error;
+ }
+ }
if (munmap(data, st.st_size)) goto on_error;
fclose(fp);
}
if (err) goto on_error;
- fprintf(out, "%s:\n", names[i]);
+ fprintf(out, "\t%s:\n", names[i]);
for (j = 0; strlen(res) > j; j += 32)
{
snprintf(buf, 32, "%s", res + j);
- fprintf(out, "\t%s\n", buf);
+ fprintf(out, "\t\t%s\n", buf);
}
}
free(res);
+ res = NULL;
}
if (key->certificate)
if (gnutls_x509_crt_print(key->certificate, GNUTLS_X509_CRT_FULL, &data)) goto on_error;
fprintf(out, "%s", data.data);
gnutls_free(data.data);
+ data.data = NULL;
}
+
on_error:
if (res) free(res);
if (data.data) gnutls_free(data.data);
#ifdef HAVE_OPENSSL
# include <openssl/err.h>
+# include <openssl/evp.h>
#endif
#include <Eina.h>
#endif
#ifdef HAVE_OPENSSL
ERR_load_crypto_strings();
+ OpenSSL_add_all_algorithms();
#endif
eina_init();
gnutls_global_deinit();
#endif
#ifdef HAVE_OPENSSL
+ EVP_cleanup();
ERR_free_strings();
#endif
}
END_TEST
+START_TEST(eet_identity_open_simple)
+{
+ Eet_Key *k = NULL;
+
+ eet_init();
+
+ chdir("src/tests");
+
+ k = eet_identity_open("cert.pem", "key.pem", NULL);
+ fail_if(!k);
+
+ if (k) eet_identity_close(k);
+
+ eet_shutdown();
+}
+END_TEST
+
+START_TEST(eet_identity_open_pkcs8)
+{
+ Eet_Key *k = NULL;
+
+ eet_init();
+
+ chdir("src/tests");
+
+ k = eet_identity_open("cert.pem", "key_enc_none.pem", NULL);
+ fail_if(!k);
+
+ if (k) eet_identity_close(k);
+
+ eet_shutdown();
+}
+END_TEST
+
+static int pass_get(char *pass, int size, __UNUSED__ int rwflags, __UNUSED__ void *u)
+{
+ memset(pass, 0, size);
+
+ if (strlen("password") > size)
+ return 0;
+ snprintf(pass, size, "%s", "password");
+ return strlen(pass);
+}
+
+static int badpass_get(char *pass, int size, __UNUSED__ int rwflags, __UNUSED__ void *u)
+{
+ memset(pass, 0, size);
+
+ if (strlen("bad password") > size)
+ return 0;
+ snprintf(pass, size, "%s", "bad password");
+ return strlen(pass);
+}
+
+
+START_TEST(eet_identity_open_pkcs8_enc)
+{
+ Eet_Key *k = NULL;
+
+ eet_init();
+
+ chdir("src/tests");
+
+ k = eet_identity_open("cert.pem", "key_enc.pem", NULL);
+ fail_if(k);
+
+ if (k) eet_identity_close(k);
+
+ k = eet_identity_open("cert.pem", "key_enc.pem", &badpass_get);
+ fail_if(k);
+
+ if (k) eet_identity_close(k);
+
+ k = eet_identity_open("cert.pem", "key_enc.pem", &pass_get);
+ fail_if(!k);
+
+ if (k) eet_identity_close(k);
+
+ eet_shutdown();
+}
+END_TEST
+
START_TEST(eet_cipher_decipher_simple)
{
const char *buffer = "Here is a string of data to save !";
#ifdef HAVE_SIGNATURE
tc = tcase_create("Eet Identity");
tcase_add_test(tc, eet_identity_simple);
+ tcase_add_test(tc, eet_identity_open_simple);
+ tcase_add_test(tc, eet_identity_open_pkcs8);
+ tcase_add_test(tc, eet_identity_open_pkcs8_enc);
suite_add_tcase(s, tc);
#endif
--- /dev/null
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQILLqDZE1i0Y8CAggA
+MBQGCCqGSIb3DQMHBAjwbnSdTCCDOASCAoB0rMuSIXrzqFQnCexMkC9A5jyd+HvC
+2UV6EWIfFU4yBvp+2dfHg6RKUoZ0wGk8FxAkaAj+boVwf16PPXXQ70AQBb0iGeb4
+YLdjDF2zSoIK3SbsWrhAfJhSMbcMftEZnLTYxLSkTv5R8jb0IPybVNTqFf+KmGav
+DwyRVQrdAxIYdJSPwd61Fhs1VqzptmQ8DLKHy35X1fIro3py4jncBhsuqf6H3yj1
+ZFuzCPnwB8unASgbTPD43yObrjyWTjbTtp59WavVdnNS+m7QNW+OfxznHUUJXtMz
+/EniglUhR1Uf75wpMpQIPfC77Cary0Y4iLGQZiF1C0WjQzMBufckJFJVRFGfkkMl
+ijlaijLUYMqENJ6wsyK5lihsoBCzIDoqI375s9pdeln8sd33Yu+L/Gu4Xo8Bh5cM
+6mlo9WUgw5KibmlZHGEAGdKxcvL0ywswuwQ6yhwcdvCAt6MfrWJNpksa9JmpXJi8
+c21lHwnoyG1DgSqY5VhRyitfnuY3Jegj+7njhooiAJM9w7fxpafN9oxiaJBvPFqd
+lfJ42Pj5rkjjVqXOJX7Cf7sF85tW7ygwdGWyXvHn2fhQ+vjaDtZalry//Xytet4r
+lvTerO6M6WVMk2yM7vdeBU7c74LVIJmwGR6d837OPax1V+Z9yq6zDuJAQ3l9mtmu
+gowV3xInTFRsnSOQcYW5y8dNnugR9FBh8f1NI7SPyW0reeVbPXXhRxg+TyogIXhh
+yAfWJ6dDLZ31EVCdqRKxK7b9u2r3dsuaiwT1jFg59Eu2AifFi0j7aDA1lGIKoj3C
+cPDwJd8weC+UoWpWX/O4KOpaU62Rwt5wRoOxELG6lHy7cOjZgLmwjg1G
+-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMiE486eROKePG0/
+639D4XTTDR9XSRWp1xqZzq7P+jjWRFbZ/MWVIVzkc4MRm83UOolbPj76LjM10cse
+aVAhK7G9CHp2dur4alWvdCXPH5Q+LPOFS9gMx0Jz9EZeHHOHZKLyJdKSmot+zluw
+JTLe081RRUwzNKct6JrVVG/7SmITAgMBAAECgYB8ssfI0nwcQjNp7XpSZrBqqmVa
+vDljE4AFtujlpckCV52gNWgQp7Fbx2ZeeDDgS78rdGa9W3AnwKx7GKp9fmNgxT5g
+pFvDDpWqv+m6chSGIQdVqscwUob3KjXipJrPbE+Be8Lmnv9GFyL6sBSnfpLmQgdy
+HmwuEQRwlrLKbLMPIQJBAP/kHcl2lyi+tIj6fJnwi5vb4jd/e6jHqbUMrEd5p3bo
+gKgivtUKc9XknWAsgHYyh9UJsqGbLg82LlrRB29rMl8CQQDImr1j71JDiwI5UOsW
+SUnGFe5kThZudHfZewF2dD11q6jQTa8NWS/qYefMxauhOMu/iEfme58Tk28yjw80
+YHTNAkAU4qR/vfsmazJG/9LNqbFrXi3/g5svMmSqj0c8ajR94wolLvjOYJUFvywN
+HnS5sPQfMjRvNkAzI6Py656kvGYXAkAf5FHluF94s3nYCOBG+8HJxyTON4fjaYrA
+PYj+/v3iXjcJXsBMu/gdKBGFAYwGppPl0FG198NThmXwQMQnDIqlAkEAnY01pxRF
+PJq9Tr31Ak4h0YCwDgpeJyLwfc+65Yy0ctFEp08V5oJGf72ntOCV/Ssf2FQY6lRc
+dgPf4QK3qCdUNw==
+-----END PRIVATE KEY-----