add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file()

and SSL_use_PrivateKey_file()

PR: 1035
Submitted by: Walter Goulet
Reviewed by:  Nils Larsch

diff --git a/CHANGES b/CHANGES
index 1c5baf2e5751b151c9bcd67669e091d46e5ab02e..458843b1aad3102fa8ac2a4210e9ecd9b81e54fe 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 0.9.7f and 0.9.8  [xx XXX xxxx]
 
+  *) Add support for DER encoded private keys (SSL_FILETYPE_ASN1)
+     to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file()
+     [Walter Goulet]
+
   *) Remove buggy and incompletet DH cert support from
      ssl/ssl_rsa.c and ssl/s3_both.c
      [Nils Larsch]

diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index f639d9a08fde9855c99fefba5fd5956e39a69366..fc42dfa1ec6643fe0e73a1440b8b92c994c84bc0 100644 (file)
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -335,6 +335,11 @@ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
                pkey=PEM_read_bio_PrivateKey(in,NULL,
                        ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata);
                }
+       else if (type == SSL_FILETYPE_ASN1)
+               {
+               j = ERR_R_ASN1_LIB;
+               pkey = d2i_PrivateKey_bio(in,NULL);
+               }
        else
                {
                SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
@@ -649,6 +654,11 @@ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
                pkey=PEM_read_bio_PrivateKey(in,NULL,
                        ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
                }
+       else if (type == SSL_FILETYPE_ASN1)
+               {
+               j = ERR_R_ASN1_LIB;
+               pkey = d2i_PrivateKey_bio(in,NULL);
+               }
        else
                {
                SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);