File Coverage

lib/Crypt/Perl/RSA/Parse.pm

Criterion	Covered	Total	%
statement	101	101	100.0
branch	6	6	100.0
condition			n/a
subroutine	32	32	100.0
pod	0	5	0.0
total	139	144	96.5

line	stmt	bran	sub	pod	time	code
1						package Crypt::Perl::RSA::Parse;
2
3						=encoding utf-8
4
5						=head1 NAME
6
7						Crypt::Perl::RSA::Parse - RSA key parsing
8
9						=head1 SYNOPSIS
10
11						use Crypt::Perl::RSA::Parse ();
12
13						# These accept either DER or PEM, native format or PKCS8/SPKI.
14						my $prkey = Crypt::Perl::RSA::Parse::private($buffer);
15						my $pbkey = Crypt::Perl::RSA::Parse::public($buffer);
16
17						# Note that this accepts a structure, not raw JSON.
18						my $key = Crypt::Perl::RSA::Parse::jwk($jwk_hr);
19
20						=head1 DISCUSSION
21
22						See L and L
23						for descriptions of the interfaces that this module returns.
24
25						=cut
26
27	7		7		110775	use strict;
	7				23
	7				205
28	7		7		149	use warnings;
	7				18
	7				241
29
30	7		7		40	use Try::Tiny;
	7				16
	7				433
31
32	7		7		1118	use Crypt::Format ();
	7				1315
	7				120
33
34	7		7		981	use Crypt::Perl::ASN1 ();
	7				19
	7				112
35	7		7		2522	use Crypt::Perl::RSA::Template ();
	7				16
	7				112
36	7		7		38	use Crypt::Perl::X ();
	7				15
	7				7159
37
38						sub _asn1 {
39	328		328		2035	return Crypt::Perl::ASN1->new()->prepare(
40						Crypt::Perl::RSA::Template::get_template('INTEGER'),
41						);
42						}
43
44						sub private {
45	285		285	0	140707	my ( $pem_or_der) = @_;
46
47	285				1260	_ensure_der($pem_or_der);
48
49	285				547	my $key_obj;
50
51						try {
52	285		285		23744	my $parsed = _decode_rsa($pem_or_der);
53	273				19572558	$key_obj = _new_private($parsed);
54						}
55						catch {
56	12		12		204	my $rsa_err = $_;
57
58						try {
59	12				929	$key_obj = private_pkcs8($pem_or_der);
60						}
61						catch {
62	10				305	die Crypt::Perl::X::create('Generic', "Failed to parse as either RSA ($rsa_err) or PKCS8 ($_)");
63	12				117	};
64	285				3502	};
65
66	275				7421	return $key_obj;
67						}
68
69						#Like private(), but only does PKCS8.
70						sub private_pkcs8 {
71	14		14	0	42	my ($pem_or_der) = @_;
72
73	14				84	_ensure_der($pem_or_der);
74
75	14				51	my $pkcs8 = _decode_pkcs8($pem_or_der);
76
77	5				1463	my $parsed = _decode_rsa_within_pkcs8_or_die($pkcs8);
78
79	4				22	return _new_private($parsed);
80						}
81
82						#Checks for RSA format first, then falls back to PKCS8.
83						sub public {
84	12		12	0	1675	my ($pem_or_der) = @_;
85
86	12				52	_ensure_der($pem_or_der);
87
88	12				24	my $key_obj;
89
90						try {
91	12		12		724	my $parsed = _decode_rsa_public($pem_or_der);
92	2				38479	$key_obj = _new_public($parsed);
93						}
94						catch {
95	10		10		151	my $rsa_err = $_;
96
97						try {
98	10				876	$key_obj = public_SPKI($pem_or_der);
99						}
100						catch {
101	9				185	die Crypt::Perl::X::create('Generic', "Failed to parse as either RSA ($rsa_err) or SubjectPublicKeyInfo ($_)");
102	10				138	};
103	12				158	};
104
105	3				80	return $key_obj;
106						}
107
108						#Like public(), but only does SubjectPublicKeyInfo.
109						sub public_SPKI {
110	10		10	0	43	my ($pem_or_der) = @_;
111
112	10				39	_ensure_der($pem_or_der);
113
114	10				32	my $spki = _decode_spki($pem_or_der);
115
116	2				560	my $parsed = _decode_rsa_public_within_spki_or_die($spki);
117
118	1				6	return _new_public($parsed);
119						}
120
121						my %JTK_TO_NEW = qw(
122						n modulus
123						e publicExponent
124						d privateExponent
125						p prime1
126						q prime2
127						dp exponent1
128						dq exponent2
129						qi coefficient
130						);
131
132						sub jwk {
133	4		4	0	5253	my ($hr) = @_;
134
135	4				7	my %constr_args;
136
137	4				325	require Crypt::Perl::JWK;
138
139	4				18	for my $k (keys %$hr) {
140	24	100			34220	next if !$JTK_TO_NEW{$k};
141	20				60	$constr_args{ $JTK_TO_NEW{$k} } = Crypt::Perl::JWK::jwk_num_to_bigint($hr->{$k});
142						}
143
144	4	100			6492	if ($hr->{'d'}) {
145	2				10	$constr_args{'version'} = 0;
146	2				1491	require Crypt::Perl::RSA::PrivateKey;
147	2				24	return Crypt::Perl::RSA::PrivateKey->new( \%constr_args );
148						}
149
150	2				1095	require Crypt::Perl::RSA::PublicKey;
151	2				17	return Crypt::Perl::RSA::PublicKey->new( \%constr_args );
152						}
153
154						#----------------------------------------------------------------------
155
156						sub _decode_macro {
157	328		328		1030	my ( $der_r, $macro ) = ( \$_[0], $_[1] );
158
159	328				1101	my $parser = _asn1()->find($macro);
160
161	328				7272	return $parser->decode($$der_r);
162						}
163
164						#Checks for RSA format first, then falls back to PKCS8.
165						sub _decode_rsa {
166	290		290		822	my ($der_r) = (\$_[0]);
167
168	290				1057	return _decode_macro( $$der_r, 'RSAPrivateKey' );
169						}
170
171						sub _decode_rsa_public {
172	14		14		40	my ($der_r) = (\$_[0]);
173
174	14				49	return _decode_macro( $$der_r, 'RSAPublicKey' );
175						}
176
177						sub _decode_rsa_within_pkcs8_or_die {
178	5		5		15	my ($pkcs8_hr) = @_;
179
180	5				10	my $dec;
181						try {
182	5		5		390	$dec = _decode_rsa( $pkcs8_hr->{'privateKey'} );
183						}
184						catch {
185	1		1		48	die Crypt::Perl::X::create('Generic', "Failed to parse RSA within PKCS8: $_");
186	5				59	};
187
188	4				299972	return $dec;
189						}
190
191						sub _decode_rsa_public_within_spki_or_die {
192	2		2		7	my ($spki_hr) = @_;
193
194	2				3	my $dec;
195						try {
196	2		2		180	$dec = _decode_rsa_public( $spki_hr->{'subjectPublicKey'}[0] );
197						}
198						catch {
199	1		1		22	die Crypt::Perl::X::create('Generic', "Failed to parse RSA within SubjectPublicKeyInfo: $_");
200	2				22	};
201
202	1				11743	return $dec;
203						}
204
205						sub _decode_pkcs8 {
206	14		14		49	my ($der_r) = (\$_[0]);
207
208	14				56	return _decode_macro( $$der_r, 'PrivateKeyInfo' );
209						}
210
211						sub _decode_spki {
212	10		10		25	my ($der_r) = (\$_[0]);
213
214	10				44	return _decode_macro( $$der_r, 'SubjectPublicKeyInfo' );
215						}
216
217						sub _new_public {
218	3		3		9	my ($parsed_hr) = @_;
219
220	3				37	require Crypt::Perl::RSA::PublicKey;
221	3				30	return Crypt::Perl::RSA::PublicKey->new($parsed_hr);
222						}
223
224						sub _new_private {
225	277		277		974	my ($parsed_hr) = @_;
226
227	277				3604	require Crypt::Perl::RSA::PrivateKey;
228	277				2523	return Crypt::Perl::RSA::PrivateKey->new($parsed_hr);
229						}
230
231						#Modifies in-place.
232						sub _pem_to_der {
233	297		297		1626	$_[0] = Crypt::Format::pem2der(@_);
234
235	297				19946	return;
236						}
237
238						sub _ensure_der {
239	321		321		959	my ($pem_or_der_r) = \$_[0];
240
241	321	100			1943	if ( $$pem_or_der_r =~ m<\A-> ) {
242	297				1186	_pem_to_der($$pem_or_der_r);
243						}
244
245	321				628	return;
246						}
247
248						1;