From ef95223d2679d68b36df77393bd334d4da02077f Mon Sep 17 00:00:00 2001
From: Benjamin Fry <benjaminfry@me.com>
Date: Wed, 17 Feb 2016 23:18:42 -0800
Subject: adding functionality to directly get and set RSA key material

---
 openssl/src/crypto/pkey.rs | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'openssl/src/crypto/pkey.rs')

diff --git a/openssl/src/crypto/pkey.rs b/openssl/src/crypto/pkey.rs
index e556730d..dc613bc7 100644
--- a/openssl/src/crypto/pkey.rs
+++ b/openssl/src/crypto/pkey.rs
@@ -205,6 +205,30 @@ impl PKey {
         }
     }
 
+    /// pass ownership of the RSA key to this
+    pub fn set_rsa(&mut self, rsa: RSA) {
+        unsafe {
+            // TODO: should we do something like panic if null? this will fail silently right now
+            let rsa_ptr = rsa.as_ptr();
+            if !rsa_ptr.is_null() {
+                if ffi::EVP_PKEY_set1_RSA(self.evp, rsa_ptr) == 1 {
+                    if rsa.has_e() && rsa.has_n() {
+                        self.parts = Parts::Public;
+                    }
+                }
+            }
+        }
+    }
+
+    /// get a reference to the interal RSA key for direct access to the key components
+    pub fn get_rsa(&self) -> RSA {
+        unsafe {
+            let evp_pkey: *mut ffi::EVP_PKEY = self.evp;
+            // this is safe as the ffi increments a reference counter to the internal key
+            RSA(ffi::EVP_PKEY_get1_RSA(evp_pkey))
+        }
+    }
+
     /**
      * Returns a DER serialized form of the public key, suitable for load_pub().
      */
-- 
cgit v1.2.3


From 6ebe581308af861b440557be5baba2edb354f7b8 Mon Sep 17 00:00:00 2001
From: Benjamin Fry <benjaminfry@me.com>
Date: Tue, 23 Feb 2016 20:49:21 -0800
Subject: review fixes, keep raw RSA initiallization private

---
 openssl/src/crypto/pkey.rs | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

(limited to 'openssl/src/crypto/pkey.rs')

diff --git a/openssl/src/crypto/pkey.rs b/openssl/src/crypto/pkey.rs
index dc613bc7..df4ac709 100644
--- a/openssl/src/crypto/pkey.rs
+++ b/openssl/src/crypto/pkey.rs
@@ -208,13 +208,10 @@ impl PKey {
     /// pass ownership of the RSA key to this
     pub fn set_rsa(&mut self, rsa: RSA) {
         unsafe {
-            // TODO: should we do something like panic if null? this will fail silently right now
             let rsa_ptr = rsa.as_ptr();
-            if !rsa_ptr.is_null() {
-                if ffi::EVP_PKEY_set1_RSA(self.evp, rsa_ptr) == 1 {
-                    if rsa.has_e() && rsa.has_n() {
-                        self.parts = Parts::Public;
-                    }
+            if ffi::EVP_PKEY_set1_RSA(self.evp, rsa_ptr) == 1 {
+                if rsa.has_e() && rsa.has_n() {
+                    self.parts = Parts::Public;
                 }
             }
         }
@@ -225,7 +222,7 @@ impl PKey {
         unsafe {
             let evp_pkey: *mut ffi::EVP_PKEY = self.evp;
             // this is safe as the ffi increments a reference counter to the internal key
-            RSA(ffi::EVP_PKEY_get1_RSA(evp_pkey))
+            RSA::with_raw(ffi::EVP_PKEY_get1_RSA(evp_pkey))
         }
     }
 
-- 
cgit v1.2.3


From 3fb2c48c9834acafe8a1dfe33a5500430f332ebc Mon Sep 17 00:00:00 2001
From: Benjamin Fry <benjaminfry@me.com>
Date: Sun, 28 Feb 2016 22:05:19 -0800
Subject: added public key material to the constructor

---
 openssl/src/crypto/pkey.rs | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

(limited to 'openssl/src/crypto/pkey.rs')

diff --git a/openssl/src/crypto/pkey.rs b/openssl/src/crypto/pkey.rs
index df4ac709..cafd50ad 100644
--- a/openssl/src/crypto/pkey.rs
+++ b/openssl/src/crypto/pkey.rs
@@ -205,9 +205,10 @@ impl PKey {
         }
     }
 
-    /// pass ownership of the RSA key to this
-    pub fn set_rsa(&mut self, rsa: RSA) {
+    /// assign RSA key to this pkey
+    pub fn set_rsa(&mut self, rsa: &RSA) {
         unsafe {
+            // this needs to be a reference as the set1_RSA ups the reference count
             let rsa_ptr = rsa.as_ptr();
             if ffi::EVP_PKEY_set1_RSA(self.evp, rsa_ptr) == 1 {
                 if rsa.has_e() && rsa.has_n() {
@@ -222,7 +223,7 @@ impl PKey {
         unsafe {
             let evp_pkey: *mut ffi::EVP_PKEY = self.evp;
             // this is safe as the ffi increments a reference counter to the internal key
-            RSA::with_raw(ffi::EVP_PKEY_get1_RSA(evp_pkey))
+            RSA::from_raw(ffi::EVP_PKEY_get1_RSA(evp_pkey))
         }
     }
 
@@ -625,6 +626,7 @@ mod tests {
     use std::path::Path;
     use std::fs::File;
     use crypto::hash::Type::{MD5, SHA1};
+    use crypto::rsa::RSA;
 
     #[test]
     fn test_gen_pub() {
@@ -811,6 +813,28 @@ mod tests {
         assert!(pub_key.windows(10).any(|s| s == b"PUBLIC KEY"));
     }
 
+    #[test]
+    fn test_public_key_from_raw() {
+        let mut k0 = super::PKey::new();
+        let mut k1 = super::PKey::new();
+        let msg = vec![0xdeu8, 0xadu8, 0xd0u8, 0x0du8];
+
+        k0.gen(512);
+        let sig = k0.sign(&msg);
+
+        let r0 = k0.get_rsa();
+        let r1 = RSA::from_public_components(r0.n().expect("n"), r0.e().expect("e")).expect("r1");
+        k1.set_rsa(&r1);
+
+        assert!(k1.can(super::Role::Encrypt));
+        assert!(!k1.can(super::Role::Decrypt));
+        assert!(k1.can(super::Role::Verify));
+        assert!(!k1.can(super::Role::Sign));
+
+        let rv = k1.verify(&msg, &sig);
+        assert!(rv == true);
+    }
+
     #[test]
     #[should_panic(expected = "Could not get RSA key for encryption")]
     fn test_nokey_encrypt() {
-- 
cgit v1.2.3