Support passing ssl library key handles to algorithms #369
Conversation
|
Adding support for this is fine from my side. We might wanna consider adding a few things though:
|
|
I added commit e37e259 for supporting public keys as well. If this is fine I can try to add it for RSA as well. |
|
Looks fine so far to me. |
e37e259 to
f2c1084
Compare
f2c1084 to
ef5df3b
Compare
|
@Thalhammer Do you know why the coverage check is failing? |
Seems to be having an issue with the gtest code gen from the macro 🤔 |
There was a problem hiding this comment.
Think out load... I am curious if this is more error prone? you can pass any key with any algorithm and name.
Bonus points, new PR with a negative test for the MD* being wrong to the size that would be interesting to see how it fails 🏗️
otherwise this matchs our exsting ctor with a little duplication 👍
|
I agree this is indeed a bit error prone. However this is already possible using the existing const auto bits = EVP_PKEY_bits(private_key.GetRaw());
const EVP_MD* (*md)();
std::size_t siglen;
std::string name;
switch (bits) {
case 384:
md = EVP_sha384;
siglen = 96;
name = "ES384";
break;
case 521: {
md = EVP_sha512;
siglen = 132;
name = "ES512";
break;
}
default:
throw std::invalid_argument{"unsupported key size: " + std::to_string(bits)};
}Would this be possible or are keys of the same lenght used for multiple algorithms? |
I have a use case where I already have the private key represented as an openssl EVP_PKEY instace. Currently an alogrithm constructor for passing such an object directly is missing.