[crypto] Add support for PKCS#8 private key format

Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Michael Brown <mcb30@ipxe.org> 2023-06-02 13:49:27 +0100
committer: Michael Brown <mcb30@ipxe.org> 2023-06-02 13:54:42 +0100
commit: b0093571f8bc0207673bb6a6ad5081263e7863b6 (patch)
tree: 9328631ee9f4a70c18d339d0ce3d20a9ff49a0d1 /src/crypto/rsa.c
parent: 6a7f560e60837fc2ce82a7aa976035656f7d231e (diff)
download: ipxe-b0093571f8bc0207673bb6a6ad5081263e7863b6.tar.gz
1 files changed, 18 insertions, 1 deletions
diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c
index a38955744..16c67d822 100644
--- a/src/crypto/rsa.c
+++ b/src/crypto/rsa.c
@@ -164,7 +164,7 @@ static int rsa_parse_mod_exp ( struct asn1_cursor *modulus,
 	int is_private;
 	int rc;
 
-	/* Enter subjectPublicKeyInfo/RSAPrivateKey */
+	/* Enter subjectPublicKeyInfo/privateKeyInfo/RSAPrivateKey */
 	memcpy ( &cursor, raw, sizeof ( cursor ) );
 	asn1_enter ( &cursor, ASN1_SEQUENCE );
 
@@ -177,6 +177,23 @@ static int rsa_parse_mod_exp ( struct asn1_cursor *modulus,
 		/* Skip version */
 		asn1_skip_any ( &cursor );
 
+		/* Enter privateKey, if present */
+		if ( asn1_check_algorithm ( &cursor,
+					    &rsa_encryption_algorithm ) == 0 ) {
+
+			/* Skip privateKeyAlgorithm */
+			asn1_skip_any ( &cursor );
+
+			/* Enter privateKey */
+			asn1_enter ( &cursor, ASN1_OCTET_STRING );
+
+			/* Enter RSAPrivateKey */
+			asn1_enter ( &cursor, ASN1_SEQUENCE );
+
+			/* Skip version */
+			asn1_skip ( &cursor, ASN1_INTEGER );
+		}
+
 	} else {
 
 		/* Public key */
author	Michael Brown <mcb30@ipxe.org>	2023-06-02 13:49:27 +0100
committer	Michael Brown <mcb30@ipxe.org>	2023-06-02 13:54:42 +0100
commit	b0093571f8bc0207673bb6a6ad5081263e7863b6 (patch)
tree	9328631ee9f4a70c18d339d0ce3d20a9ff49a0d1 /src/crypto/rsa.c
parent	6a7f560e60837fc2ce82a7aa976035656f7d231e (diff)
download	ipxe-b0093571f8bc0207673bb6a6ad5081263e7863b6.tar.gz