File Coverage

lib/Crypt/Perl/RSA/Parse.pm

Criterion	Covered	Total	%
statement	101	101	100.0
branch	6	6	100.0
condition			n/a
subroutine	32	32	100.0
pod	0	5	0.0
total	139	144	96.5

line	stmt	bran	sub	pod	time	code
1						package Crypt::Perl::RSA::Parse;
2
3						=encoding utf-8
4
5						=head1 NAME
6
7						Crypt::Perl::RSA::Parse - RSA key parsing
8
9						=head1 SYNOPSIS
10
11						use Crypt::Perl::RSA::Parse ();
12
13						# These accept either DER or PEM, native format or PKCS8/SPKI.
14						my $prkey = Crypt::Perl::RSA::Parse::private($buffer);
15						my $pbkey = Crypt::Perl::RSA::Parse::public($buffer);
16
17						# Note that this accepts a structure, not raw JSON.
18						my $key = Crypt::Perl::RSA::Parse::jwk($jwk_hr);
19
20						=head1 DISCUSSION
21
22						See L and L
23						for descriptions of the interfaces that this module returns.
24
25						=cut
26
27	7		7		122010	use strict;
	7				24
	7				222
28	7		7		127	use warnings;
	7				25
	7				221
29
30	7		7		66	use Try::Tiny;
	7				14
	7				428
31
32	7		7		1222	use Crypt::Format ();
	7				1571
	7				135
33
34	7		7		948	use Crypt::Perl::ASN1 ();
	7				17
	7				186
35	7		7		2783	use Crypt::Perl::RSA::Template ();
	7				16
	7				124
36	7		7		70	use Crypt::Perl::X ();
	7				15
	7				8186
37
38						sub _asn1 {
39	333		333		2193	return Crypt::Perl::ASN1->new()->prepare(
40						Crypt::Perl::RSA::Template::get_template('INTEGER'),
41						);
42						}
43
44						sub private {
45	286		286	0	144520	my ( $pem_or_der) = @_;
46
47	286				1373	_ensure_der($pem_or_der);
48
49	286				596	my $key_obj;
50
51						try {
52	286		286		24977	my $parsed = _decode_rsa($pem_or_der);
53	273				22009420	$key_obj = _new_private($parsed);
54						}
55						catch {
56	13		13		233	my $rsa_err = $_;
57
58						try {
59	13				999	$key_obj = private_pkcs8($pem_or_der);
60						}
61						catch {
62	11				304	die Crypt::Perl::X::create('Generic', "Failed to parse as either RSA ($rsa_err) or PKCS8 ($_)");
63	13				138	};
64	286				3948	};
65
66	275				7354	return $key_obj;
67						}
68
69						#Like private(), but only does PKCS8.
70						sub private_pkcs8 {
71	15		15	0	43	my ($pem_or_der) = @_;
72
73	15				52	_ensure_der($pem_or_der);
74
75	15				92	my $pkcs8 = _decode_pkcs8($pem_or_der);
76
77	6				1836	my $parsed = _decode_rsa_within_pkcs8_or_die($pkcs8);
78
79	4				20	return _new_private($parsed);
80						}
81
82						#Checks for RSA format first, then falls back to PKCS8.
83						sub public {
84	13		13	0	1759	my ($pem_or_der) = @_;
85
86	13				52	_ensure_der($pem_or_der);
87
88	13				27	my $key_obj;
89
90						try {
91	13		13		860	my $parsed = _decode_rsa_public($pem_or_der);
92	2				39757	$key_obj = _new_public($parsed);
93						}
94						catch {
95	11		11		160	my $rsa_err = $_;
96
97						try {
98	11				903	$key_obj = public_SPKI($pem_or_der);
99						}
100						catch {
101	10				210	die Crypt::Perl::X::create('Generic', "Failed to parse as either RSA ($rsa_err) or SubjectPublicKeyInfo ($_)");
102	11				121	};
103	13				163	};
104
105	3				67	return $key_obj;
106						}
107
108						#Like public(), but only does SubjectPublicKeyInfo.
109						sub public_SPKI {
110	11		11	0	34	my ($pem_or_der) = @_;
111
112	11				36	_ensure_der($pem_or_der);
113
114	11				42	my $spki = _decode_spki($pem_or_der);
115
116	2				582	my $parsed = _decode_rsa_public_within_spki_or_die($spki);
117
118	1				4	return _new_public($parsed);
119						}
120
121						my %JTK_TO_NEW = qw(
122						n modulus
123						e publicExponent
124						d privateExponent
125						p prime1
126						q prime2
127						dp exponent1
128						dq exponent2
129						qi coefficient
130						);
131
132						sub jwk {
133	4		4	0	5540	my ($hr) = @_;
134
135	4				9	my %constr_args;
136
137	4				332	require Crypt::Perl::JWK;
138
139	4				18	for my $k (keys %$hr) {
140	24	100			25209	next if !$JTK_TO_NEW{$k};
141	20				54	$constr_args{ $JTK_TO_NEW{$k} } = Crypt::Perl::JWK::jwk_num_to_bigint($hr->{$k});
142						}
143
144	4	100			11599	if ($hr->{'d'}) {
145	2				7	$constr_args{'version'} = 0;
146	2				987	require Crypt::Perl::RSA::PrivateKey;
147	2				18	return Crypt::Perl::RSA::PrivateKey->new( \%constr_args );
148						}
149
150	2				1076	require Crypt::Perl::RSA::PublicKey;
151	2				16	return Crypt::Perl::RSA::PublicKey->new( \%constr_args );
152						}
153
154						#----------------------------------------------------------------------
155
156						sub _decode_macro {
157	333		333		1098	my ( $der_r, $macro ) = ( \$_[0], $_[1] );
158
159	333				998	my $parser = _asn1()->find($macro);
160
161	333				6976	return $parser->decode($$der_r);
162						}
163
164						#Checks for RSA format first, then falls back to PKCS8.
165						sub _decode_rsa {
166	292		292		779	my ($der_r) = (\$_[0]);
167
168	292				1136	return _decode_macro( $$der_r, 'RSAPrivateKey' );
169						}
170
171						sub _decode_rsa_public {
172	15		15		43	my ($der_r) = (\$_[0]);
173
174	15				52	return _decode_macro( $$der_r, 'RSAPublicKey' );
175						}
176
177						sub _decode_rsa_within_pkcs8_or_die {
178	6		6		18	my ($pkcs8_hr) = @_;
179
180	6				12	my $dec;
181						try {
182	6		6		451	$dec = _decode_rsa( $pkcs8_hr->{'privateKey'} );
183						}
184						catch {
185	2		2		62	die Crypt::Perl::X::create('Generic', "Failed to parse RSA within PKCS8: $_");
186	6				48	};
187
188	4				354899	return $dec;
189						}
190
191						sub _decode_rsa_public_within_spki_or_die {
192	2		2		5	my ($spki_hr) = @_;
193
194	2				6	my $dec;
195						try {
196	2		2		138	$dec = _decode_rsa_public( $spki_hr->{'subjectPublicKey'}[0] );
197						}
198						catch {
199	1		1		17	die Crypt::Perl::X::create('Generic', "Failed to parse RSA within SubjectPublicKeyInfo: $_");
200	2				26	};
201
202	1				13182	return $dec;
203						}
204
205						sub _decode_pkcs8 {
206	15		15		39	my ($der_r) = (\$_[0]);
207
208	15				51	return _decode_macro( $$der_r, 'PrivateKeyInfo' );
209						}
210
211						sub _decode_spki {
212	11		11		27	my ($der_r) = (\$_[0]);
213
214	11				57	return _decode_macro( $$der_r, 'SubjectPublicKeyInfo' );
215						}
216
217						sub _new_public {
218	3		3		11	my ($parsed_hr) = @_;
219
220	3				24	require Crypt::Perl::RSA::PublicKey;
221	3				25	return Crypt::Perl::RSA::PublicKey->new($parsed_hr);
222						}
223
224						sub _new_private {
225	277		277		970	my ($parsed_hr) = @_;
226
227	277				3483	require Crypt::Perl::RSA::PrivateKey;
228	277				2242	return Crypt::Perl::RSA::PrivateKey->new($parsed_hr);
229						}
230
231						#Modifies in-place.
232						sub _pem_to_der {
233	299		299		1734	$_[0] = Crypt::Format::pem2der(@_);
234
235	299				22137	return;
236						}
237
238						sub _ensure_der {
239	325		325		1120	my ($pem_or_der_r) = \$_[0];
240
241	325	100			2093	if ( $$pem_or_der_r =~ m<\A-> ) {
242	299				1081	_pem_to_der($$pem_or_der_r);
243						}
244
245	325				909	return;
246						}
247
248						1;