Crypt-OpenSSL-PKCS10
view release on metacpan or search on metacpan
croak ("%s: EVP_PKEY_keygen_int failed", classname);
if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkctx, keylen) <= 0)
croak ("%s: EVP_PKEY_CTX_set_rsa_keygen_bits failed for keylen: %i", classname, keylen);
} else {
int nid = get_ec_curve_by_name(curve);
pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
if (pkctx == NULL)
croak("%s: EVP_PKEY_CTX_new_id failed", classname);
if (EVP_PKEY_keygen_init(pkctx) <= 0)
croak("%s: EVP_PKEY_keygen_init failed", classname);
if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pkctx, nid) <= 0)
croak("%s: EVP_PKEY_CTX_set_ec_paramgen_curve_nid failed", classname);
if (EVP_PKEY_CTX_set_ec_param_enc(pkctx, OPENSSL_EC_NAMED_CURVE) <= 0)
croak("%s: EVP_PKEY_CTX_set_ec_param_enc failed", classname);
}
if (EVP_PKEY_keygen(pkctx, &pk) <= 0)
croak ("%s: Unable to generate a %s key for %s", classname,
type, ((strncmp(type, "rsa", strlen("rsa")) == 0) ? hash : curve) );
#endif
if(!X509_REQ_set_version(x,0L))
croak("%s: X509_REQ_set_version failed", classname);
if (!X509_REQ_set_pubkey(x,pk))
croak("%s: X509_REQ_set_pubkey failed", classname);
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
EVP_MD_CTX *mctx = EVP_MD_CTX_new();
char def_md[80];
if (mctx == NULL)
croak ("%s - EVP_MD_CTX_new failed", classname);
if (EVP_PKEY_get_default_digest_name(pk, def_md, sizeof(def_md)) == 2
&& strcmp(def_md, "UNDEF") == 0) {
/* The signing algorithm requires there to be no digest */
md = NULL;
}
EVP_DigestSignInit_ex(mctx, &pkctx, hash, NULL,
NULL, pk, NULL);
//&& do_pkey_ctx_init(pkctx, sigopts);
if(!X509_REQ_sign_ctx(x, mctx))
croak ("%s - X509_REQ_sign_ctx failed", classname);
EVP_MD_CTX_free(mctx);
#else
if (!X509_REQ_sign(x, pk, md))
croak ("%s - X509_REQ_sign failed", classname);
#endif
RETVAL = make_pkcs10_obj(class, x, pk, NULL, NULL);
OUTPUT:
RETVAL
void
DESTROY(pkcs10)
pkcs10Data *pkcs10;
PREINIT:
//BIO *bio_err;
PPCODE:
//bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
if (pkcs10->pk) EVP_PKEY_free(pkcs10->pk); pkcs10->pk = 0;
if (pkcs10->rsa) *pkcs10->rsa = 0;
if (pkcs10->req) X509_REQ_free(pkcs10->req); pkcs10->req = 0;
Safefree(pkcs10);
CRYPTO_cleanup_all_ex_data();
/*CRYPTO_mem_leaks(bio_err);
BIO_free(bio_err);*/
SV*
_new_from_rsa(class, p_rsa, priv, options)
SV *class
SV *p_rsa
SV *priv
HV *options
PREINIT:
Crypt__OpenSSL__RSA *rsa;
char *keyString;
STRLEN keylen;
BIO *bio;
X509_REQ *x;
EVP_PKEY *pk;
char *classname = SvPVutf8_nolen(class);
const EVP_MD *md;
SV **svp;
char *hash;
CODE:
if (options && hv_exists(options, "hash", strlen("hash"))) {
svp = hv_fetch(options, "hash", strlen("hash"), 0);
hash = SvPV_nolen(*svp);
} else {
hash = "SHA256";
}
md = fetch_digest(hash);
if (md == NULL)
croak("%s->sign: fetch_digest() for %s failed", classname, hash);
// Get the private key and save it in memory
keyString = SvPV(priv, keylen);
bio = BIO_new_mem_buf(keyString, keylen);
if (bio == NULL) {
croak ("Bio is null **** \n");
}
// Create the PrivateKey as EVP_PKEY
pk = PEM_read_bio_PrivateKey(bio, NULL, 0, NULL);
if (pk == NULL) {
croak("Failed operation error code %d\n", errno);
}
if ((x=X509_REQ_new()) == NULL)
croak ("%s - can't create req", classname);
rsa = (Crypt__OpenSSL__RSA *) SvIV(SvRV(p_rsa));
X509_REQ_set_pubkey(x,pk);
X509_REQ_set_version(x,0L);
( run in 0.828 second using v1.01-cache-2.11-cpan-71847e10f99 )