Date: Mon, 19 Jun 2017 18:14:55 +0000 (UTC) From: Kurt Jaeger <pi@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r443905 - in head/security/p5-Crypt-OpenSSL-RSA: . files Message-ID: <201706191814.v5JIEtDc073010@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pi Date: Mon Jun 19 18:14:54 2017 New Revision: 443905 URL: https://svnweb.freebsd.org/changeset/ports/443905 Log: security/p5-Crypt-OpenSSL-RSA: add functions to work with private keys - new_private_key(privkey_string) Create encrypted private RSA key from privkey_string - new_private_key(privkey_string, password) parse existed encrypted private RSA key from privkey_string - get_enc_private_key_string(password) - get_enc_private_key_string(password, cipher) Encrypt and return encrypted PEM PKCS coded RSA private key PR: 220136 Submitted by: Borodin Oleg <onborodin@gmail.com> Added: head/security/p5-Crypt-OpenSSL-RSA/files/ head/security/p5-Crypt-OpenSSL-RSA/files/patch-RSA.pm (contents, props changed) head/security/p5-Crypt-OpenSSL-RSA/files/patch-RSA.xs (contents, props changed) head/security/p5-Crypt-OpenSSL-RSA/files/patch-t_rsa.t (contents, props changed) Modified: head/security/p5-Crypt-OpenSSL-RSA/Makefile Modified: head/security/p5-Crypt-OpenSSL-RSA/Makefile ============================================================================== --- head/security/p5-Crypt-OpenSSL-RSA/Makefile Mon Jun 19 18:05:26 2017 (r443904) +++ head/security/p5-Crypt-OpenSSL-RSA/Makefile Mon Jun 19 18:14:54 2017 (r443905) @@ -3,7 +3,7 @@ PORTNAME= Crypt-OpenSSL-RSA PORTVERSION= 0.28 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security perl5 MASTER_SITES= CPAN PKGNAMEPREFIX= p5- Added: head/security/p5-Crypt-OpenSSL-RSA/files/patch-RSA.pm ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/p5-Crypt-OpenSSL-RSA/files/patch-RSA.pm Mon Jun 19 18:14:54 2017 (r443905) @@ -0,0 +1,61 @@ +--- RSA.pm.orig 2017-06-19 18:08:26 UTC ++++ RSA.pm +@@ -14,8 +14,31 @@ $VERSION = '0.28'; + + bootstrap Crypt::OpenSSL::RSA $VERSION; + ++sub new_private_key { ++ ++ my ($self, $keystring, $passin) = @_; ++ ++ if (length ($passin) > 0 ) { ++ return $self->_new_enc_private_key($keystring, $passin); ++ } ++ return $self->_new_private_key($keystring); ++} ++ ++sub get_private_key_string { ++ ++ my ($self, $passout, $cipher) = @_; ++ ++ if (length ($passout) > 0 && length ($cipher) > 0) { ++ return $self->_get_enc_private_key_string($passout, $cipher); ++ } elsif (length $passout > 0) { ++ return $self->_get_enc_private_key_string($passout, "aes-256-cbc"); ++ } ++ return $self->_get_private_key_string(); ++} ++ + BEGIN { eval { require Crypt::OpenSSL::Bignum; }; } + ++ + 1; + + __END__ +@@ -96,7 +119,9 @@ sub new_public_key + } + } + +-=item new_private_key ++=item new_private_key(privkey_string) ++=cut ++=item new_private_key(privkey_string, password) + + Create a new Crypt::OpenSSL::RSA object by loading a private key in + from an string containing the Base64/DER encoding of the PKCS1 +@@ -179,8 +204,14 @@ header and footer lines: + and is the format that is produced by running C<openssl rsa -pubout>. + + =item get_private_key_string ++=cut ++=item get_enc_private_key_string(password) ++=cut ++=item get_enc_private_key_string(password, cipher) + +-Return the DER-encoded PKCS1 representation of the private key. ++Return the unencripted or encripted DER-encoded PKCS1 representation ++of the private key. For stoping of potential leak unencrypted private key ++if cipher name is unknown will use DES3 (DES-EDE3) cipher. + + =item encrypt + Added: head/security/p5-Crypt-OpenSSL-RSA/files/patch-RSA.xs ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/p5-Crypt-OpenSSL-RSA/files/patch-RSA.xs Mon Jun 19 18:14:54 2017 (r443905) @@ -0,0 +1,109 @@ +--- RSA.xs.orig 2017-06-19 18:08:26 UTC ++++ RSA.xs +@@ -179,6 +179,30 @@ RSA* _load_rsa_key(SV* p_keyStringSv, + return rsa; + } + ++ ++RSA* _load_enc_rsa_key(SV* p_keyStringSv, ++ RSA*(*p_loader)(BIO*, RSA**, pem_password_cb*, void*), char* password) ++{ ++ STRLEN keyStringLength; ++ char* keyString; ++ ++ RSA* rsa; ++ BIO* stringBIO; ++ ++ keyString = SvPV(p_keyStringSv, keyStringLength); ++ ++ CHECK_OPEN_SSL(stringBIO = BIO_new_mem_buf(keyString, keyStringLength)); ++ ++ rsa = p_loader(stringBIO, NULL, NULL, password); ++ ++ CHECK_OPEN_SSL(BIO_set_close(stringBIO, BIO_CLOSE) == 1); ++ BIO_free(stringBIO); ++ ++ CHECK_OPEN_SSL(rsa); ++ return rsa; ++} ++ ++ + SV* rsa_crypt(rsaData* p_rsa, SV* p_from, + int (*p_crypt)(int, const unsigned char*, unsigned char*, RSA*, int)) + { +@@ -214,7 +238,7 @@ BOOT: + ERR_load_crypto_strings(); + + SV* +-new_private_key(proto, key_string_SV) ++_new_private_key(proto, key_string_SV) + SV* proto; + SV* key_string_SV; + CODE: +@@ -223,7 +247,24 @@ new_private_key(proto, key_string_SV) + OUTPUT: + RETVAL + ++ + SV* ++_new_enc_private_key(proto, key_string_SV, password_SV) ++ SV* proto; ++ SV* key_string_SV; ++ SV* password_SV; ++ PREINIT: ++ char* password; ++ CODE: ++ password = SvPV_nolen(password_SV); ++ ++ RETVAL = make_rsa_obj( ++ proto, _load_enc_rsa_key(key_string_SV, PEM_read_bio_RSAPrivateKey, password)); ++ OUTPUT: ++ RETVAL ++ ++ ++SV* + _new_public_key_pkcs1(proto, key_string_SV) + SV* proto; + SV* key_string_SV; +@@ -251,7 +292,7 @@ DESTROY(p_rsa) + Safefree(p_rsa); + + SV* +-get_private_key_string(p_rsa) ++_get_private_key_string(p_rsa) + rsaData* p_rsa; + PREINIT: + BIO* stringBIO; +@@ -259,6 +300,32 @@ get_private_key_string(p_rsa) + CHECK_OPEN_SSL(stringBIO = BIO_new(BIO_s_mem())); + PEM_write_bio_RSAPrivateKey( + stringBIO, p_rsa->rsa, NULL, NULL, 0, NULL, NULL); ++ RETVAL = extractBioString(stringBIO); ++ ++ OUTPUT: ++ RETVAL ++ ++ ++SV* ++_get_enc_private_key_string(p_rsa, passout_SV, cipher_SV) ++ rsaData* p_rsa; ++ SV* passout_SV; ++ SV* cipher_SV; ++ PREINIT: ++ char* passout; ++ char* cipher; ++ ++ BIO* stringBIO; ++ const EVP_CIPHER *enc; ++ CODE: ++ passout = SvPV_nolen(passout_SV); ++ cipher = SvPV_nolen(cipher_SV); ++ ++ CHECK_OPEN_SSL(stringBIO = BIO_new(BIO_s_mem())); ++ enc = EVP_get_cipherbyname(cipher); ++ if (enc == NULL) { enc = EVP_get_cipherbyname("DES3"); } ++ PEM_write_bio_RSAPrivateKey( ++ stringBIO, p_rsa->rsa, enc, NULL, 0, NULL, passout); + RETVAL = extractBioString(stringBIO); + + OUTPUT: Added: head/security/p5-Crypt-OpenSSL-RSA/files/patch-t_rsa.t ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/p5-Crypt-OpenSSL-RSA/files/patch-t_rsa.t Mon Jun 19 18:14:54 2017 (r443905) @@ -0,0 +1,27 @@ +--- t/rsa.t.orig 2017-06-19 18:08:26 UTC ++++ t/rsa.t +@@ -4,7 +4,7 @@ use Test; + use Crypt::OpenSSL::Random; + use Crypt::OpenSSL::RSA; + +-BEGIN { plan tests => 43 + (UNIVERSAL::can("Crypt::OpenSSL::RSA", "use_sha512_hash") ? 4*5 : 0) } ++BEGIN { plan tests => 46 + (UNIVERSAL::can("Crypt::OpenSSL::RSA", "use_sha512_hash") ? 4*5 : 0) } + + sub _Test_Encrypt_And_Decrypt + { +@@ -83,6 +83,15 @@ my $private_key_string = $rsa->get_private_key_string( + my $public_key_string = $rsa->get_public_key_string(); + + ok($private_key_string and $public_key_string); ++ ++my $enc_private_key_string_default = $rsa->get_private_key_string('12345'); ++ok($enc_private_key_string_default); ++ ++my $enc_private_key_string_des3 = $rsa->get_private_key_string('12345', 'des3-cbc'); ++ok($enc_private_key_string_des3); ++ ++my $enc_private_key_string_idea = $rsa->get_private_key_string('12345', 'IDEA'); ++ok($enc_private_key_string_idea); + + my $plaintext = "The quick brown fox jumped over the lazy dog"; + my $rsa_priv = Crypt::OpenSSL::RSA->new_private_key($private_key_string);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201706191814.v5JIEtDc073010>