Skip to content

Commit

Permalink
feat: Add support for pkcs#8 private keys
Browse files Browse the repository at this point in the history
Use correct PEM header in getPemString
  • Loading branch information
Andrew-Lees11 authored and ianpartridge committed Jul 16, 2019
1 parent 9ead942 commit df78ced
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 14 deletions.
16 changes: 2 additions & 14 deletions Sources/CryptorRSA/CryptorRSAKey.swift
Original file line number Diff line number Diff line change
Expand Up @@ -739,20 +739,8 @@ extension CryptorRSA {
guard let derData = Data(base64Encoded: derString) else {
throw Error(code: ERR_INIT_PK, reason: "Couldn't read PEM String")
}
let pkcs1PEM: String
if keyType == .publicType {
let strippedDer = try CryptorRSA.stripX509CertificateHeader(for: derData)
pkcs1PEM = CryptorRSA.convertDerToPem(from: strippedDer, type: .publicType)
} else {
// If data is PKCS8 format strip the header
let strippedDer: Data
if derData[26] == 0x30 {
strippedDer = derData.advanced(by: 26)
} else {
strippedDer = derData
}
pkcs1PEM = CryptorRSA.convertDerToPem(from: strippedDer, type: .privateType)
}
let strippedDer = try CryptorRSA.stripX509CertificateHeader(for: derData)
let pkcs1PEM = CryptorRSA.convertDerToPem(from: strippedDer, type: keyType)
return pkcs1PEM
}
}
Expand Down
5 changes: 5 additions & 0 deletions Sources/CryptorRSA/CryptorRSAUtilities.swift
Original file line number Diff line number Diff line change
Expand Up @@ -224,6 +224,11 @@ public extension CryptorRSA {
///
static func stripX509CertificateHeader(for keyData: Data) throws -> Data {

// If private key in pkcs8 format, strip the header
if keyData[26] == 0x30 {
return(keyData.advanced(by: 26))
}

let count = keyData.count / MemoryLayout<CUnsignedChar>.size

guard count > 0 else {
Expand Down
11 changes: 11 additions & 0 deletions Tests/CryptorRSATests/CryptorRSATests.swift
Original file line number Diff line number Diff line change
Expand Up @@ -296,6 +296,17 @@ class CryptorRSATests: XCTestCase {
}
}

func test_private_initWithPKCS8() throws {

let path = URL(fileURLWithPath: #file).appendingPathComponent("../keys/pkcs8.pem").standardized
XCTAssertNotNil(path)

let str = try String(contentsOf: path, encoding: .utf8)
let privateKey = try? CryptorRSA.createPrivateKey(withPEM: str)
XCTAssertNotNil(privateKey)
XCTAssertTrue(privateKey?.type == .privateType)
}

func test_private_initWithPEMName() throws {

if CryptorRSATests.useBundles, let bundle = CryptorRSATests.bundle {
Expand Down
16 changes: 16 additions & 0 deletions Tests/CryptorRSATests/keys/pkcs8.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
-----BEGIN PRIVATE KEY-----
MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANBnRhWiUu09ddKj
BzoKikRfMYj9O+uLqFhPcpnjkb3sNCfyhzJ0FBdJl9FH3YymJkdCfXPJ2lUE4KPu
1SdKHVChI31ohIb624uCBhZ1q/peVbYkCV24eQxtvK6D1qhYjJpmNdfPJX7R7eGP
BCF9N5CP0Mu4ayxY1fdi5iB/97ktAgMBAAECgYEApAiloWGi5Bj8JE8t4QFq02Ya
Fzk7cKr8VoYyLe5xSIwigU7kG1JCfhHu7UsjlxEwD+bF192JfGHaby4NmF89sk1l
i0DoYsRPApNOR2Jx2SiwFaeRLeOlj0dl3eq6bGHddgkDaqPeMyuqTFP6uZfaQidv
unPr5HntcoV28j/FUAECQQDtOACJl6dk6LA3salNCIoUKbu0tv+PPCtpul+y91Zh
PSHxccoMq/M4XFFflOS766I0NQFEkMr/i/Lo6otWQ9AZAkEA4Oc8hWsbthlBE0xa
fr8X3DrqHnQ/Fwl9YM6rKQyf9axp+O1nxKd8TiWc5gegZRbChKa9QNgJLlJfYVIE
Dr9ENQJBAL9M4UoUjb7X03wmfuSLlWarPR+AUFm/aTcrQI+/3N4wAZaHcCyF4m+6
KzlMhqVxYe5+LFaR+dLZlnv04YcgyskCQQC6DnJiCabmMeRFG9BttJb/qXmPcinT
XBVuJesxTXFzo4wT1AsZhFlwqOsw3bRSjM6lQO+mGlMWEC057MjQjmjVAkBCvTXV
p6v/pd8oN/Sxbh8gbXE3asSB5x1U/O0p/KH53n0D8X+lPhvhoRTKBeeiSEzWScud
jeKMklgIkfia9ZGF
-----END PRIVATE KEY-----

0 comments on commit df78ced

Please sign in to comment.