File Coverage

lib/Crypt/Perl/RSA/Parse.pm

Criterion	Covered	Total	%
statement	100	101	99.0
branch	6	6	100.0
condition			n/a
subroutine	31	32	96.8
pod	0	5	0.0
total	137	144	95.1

line	stmt	bran	sub	pod	time	code
1						package Crypt::Perl::RSA::Parse;
2
3						=encoding utf-8
4
5						=head1 NAME
6
7						Crypt::Perl::RSA::Parse - RSA key parsing
8
9						=head1 SYNOPSIS
10
11						use Crypt::Perl::RSA::Parse ();
12
13						# These accept either DER or PEM, native format or PKCS8/SPKI.
14						my $prkey = Crypt::Perl::RSA::Parse::private($buffer);
15						my $pbkey = Crypt::Perl::RSA::Parse::public($buffer);
16
17						# Note that this accepts a structure, not raw JSON.
18						my $key = Crypt::Perl::RSA::Parse::jwk($jwk_hr);
19
20						=head1 DISCUSSION
21
22						See L and L
23						for descriptions of the interfaces that this module returns.
24
25						=cut
26
27	6		6		108157	use strict;
	6				17
	6				179
28	6		6		119	use warnings;
	6				19
	6				211
29
30	6		6		27	use Try::Tiny;
	6				10
	6				391
31
32	6		6		751	use Crypt::Format ();
	6				807
	6				122
33
34	6		6		972	use Crypt::Perl::ASN1 ();
	6				16
	6				101
35	6		6		2038	use Crypt::Perl::RSA::Template ();
	6				19
	6				93
36	6		6		29	use Crypt::Perl::X ();
	6				8
	6				6035
37
38						sub _asn1 {
39	323		323		2155	return Crypt::Perl::ASN1->new()->prepare(
40						Crypt::Perl::RSA::Template::get_template('INTEGER'),
41						);
42						}
43
44						sub private {
45	284		284	0	132003	my ( $pem_or_der) = @_;
46
47	284				1413	_ensure_der($pem_or_der);
48
49	284				537	my $key_obj;
50
51						try {
52	284		284		23677	my $parsed = _decode_rsa($pem_or_der);
53	273				19057826	$key_obj = _new_private($parsed);
54						}
55						catch {
56	11		11		173	my $rsa_err = $_;
57
58						try {
59	11				726	$key_obj = private_pkcs8($pem_or_der);
60						}
61						catch {
62	9				230	die Crypt::Perl::X::create('Generic', "Failed to parse as either RSA ($rsa_err) or PKCS8 ($_)");
63	11				82	};
64	284				3505	};
65
66	275				6759	return $key_obj;
67						}
68
69						#Like private(), but only does PKCS8.
70						sub private_pkcs8 {
71	13		13	0	47	my ($pem_or_der) = @_;
72
73	13				38	_ensure_der($pem_or_der);
74
75	13				43	my $pkcs8 = _decode_pkcs8($pem_or_der);
76
77	4				1158	my $parsed = _decode_rsa_within_pkcs8_or_die($pkcs8);
78
79	4				20	return _new_private($parsed);
80						}
81
82						#Checks for RSA format first, then falls back to PKCS8.
83						sub public {
84	11		11	0	1863	my ($pem_or_der) = @_;
85
86	11				46	_ensure_der($pem_or_der);
87
88	11				31	my $key_obj;
89
90						try {
91	11		11		672	my $parsed = _decode_rsa_public($pem_or_der);
92	2				35731	$key_obj = _new_public($parsed);
93						}
94						catch {
95	9		9		126	my $rsa_err = $_;
96
97						try {
98	9				610	$key_obj = public_SPKI($pem_or_der);
99						}
100						catch {
101	8				133	die Crypt::Perl::X::create('Generic', "Failed to parse as either RSA ($rsa_err) or SubjectPublicKeyInfo ($_)");
102	9				120	};
103	11				145	};
104
105	3				49	return $key_obj;
106						}
107
108						#Like public(), but only does SubjectPublicKeyInfo.
109						sub public_SPKI {
110	9		9	0	29	my ($pem_or_der) = @_;
111
112	9				30	_ensure_der($pem_or_der);
113
114	9				51	my $spki = _decode_spki($pem_or_der);
115
116	2				517	my $parsed = _decode_rsa_public_within_spki_or_die($spki);
117
118	1				4	return _new_public($parsed);
119						}
120
121						my %JTK_TO_NEW = qw(
122						n modulus
123						e publicExponent
124						d privateExponent
125						p prime1
126						q prime2
127						dp exponent1
128						dq exponent2
129						qi coefficient
130						);
131
132						sub jwk {
133	4		4	0	4764	my ($hr) = @_;
134
135	4				6	my %constr_args;
136
137	4				319	require Crypt::Perl::JWK;
138
139	4				14	for my $k (keys %$hr) {
140	24	100			26042	next if !$JTK_TO_NEW{$k};
141	20				45	$constr_args{ $JTK_TO_NEW{$k} } = Crypt::Perl::JWK::jwk_num_to_bigint($hr->{$k});
142						}
143
144	4	100			4184	if ($hr->{'d'}) {
145	2				4	$constr_args{'version'} = 0;
146	2				767	require Crypt::Perl::RSA::PrivateKey;
147	2				15	return Crypt::Perl::RSA::PrivateKey->new( \%constr_args );
148						}
149
150	2				889	require Crypt::Perl::RSA::PublicKey;
151	2				14	return Crypt::Perl::RSA::PublicKey->new( \%constr_args );
152						}
153
154						#----------------------------------------------------------------------
155
156						sub _decode_macro {
157	323		323		1001	my ( $der_r, $macro ) = ( \$_[0], $_[1] );
158
159	323				1068	my $parser = _asn1()->find($macro);
160
161	323				6391	return $parser->decode($$der_r);
162						}
163
164						#Checks for RSA format first, then falls back to PKCS8.
165						sub _decode_rsa {
166	288		288		631	my ($der_r) = (\$_[0]);
167
168	288				1126	return _decode_macro( $$der_r, 'RSAPrivateKey' );
169						}
170
171						sub _decode_rsa_public {
172	13		13		41	my ($der_r) = (\$_[0]);
173
174	13				35	return _decode_macro( $$der_r, 'RSAPublicKey' );
175						}
176
177						sub _decode_rsa_within_pkcs8_or_die {
178	4		4		10	my ($pkcs8_hr) = @_;
179
180	4				8	my $dec;
181						try {
182	4		4		300	$dec = _decode_rsa( $pkcs8_hr->{'privateKey'} );
183						}
184						catch {
185	0		0		0	die Crypt::Perl::X::create('Generic', "Failed to parse RSA within PKCS8: $_");
186	4				38	};
187
188	4				299273	return $dec;
189						}
190
191						sub _decode_rsa_public_within_spki_or_die {
192	2		2		6	my ($spki_hr) = @_;
193
194	2				3	my $dec;
195						try {
196	2		2		105	$dec = _decode_rsa_public( $spki_hr->{'subjectPublicKey'}[0] );
197						}
198						catch {
199	1		1		24	die Crypt::Perl::X::create('Generic', "Failed to parse RSA within SubjectPublicKeyInfo: $_");
200	2				13	};
201
202	1				11015	return $dec;
203						}
204
205						sub _decode_pkcs8 {
206	13		13		33	my ($der_r) = (\$_[0]);
207
208	13				33	return _decode_macro( $$der_r, 'PrivateKeyInfo' );
209						}
210
211						sub _decode_spki {
212	9		9		25	my ($der_r) = (\$_[0]);
213
214	9				24	return _decode_macro( $$der_r, 'SubjectPublicKeyInfo' );
215						}
216
217						sub _new_public {
218	3		3		9	my ($parsed_hr) = @_;
219
220	3				16	require Crypt::Perl::RSA::PublicKey;
221	3				19	return Crypt::Perl::RSA::PublicKey->new($parsed_hr);
222						}
223
224						sub _new_private {
225	277		277		980	my ($parsed_hr) = @_;
226
227	277				3717	require Crypt::Perl::RSA::PrivateKey;
228	277				2064	return Crypt::Perl::RSA::PrivateKey->new($parsed_hr);
229						}
230
231						#Modifies in-place.
232						sub _pem_to_der {
233	295		295		1602	$_[0] = Crypt::Format::pem2der(@_);
234
235	295				19430	return;
236						}
237
238						sub _ensure_der {
239	317		317		787	my ($pem_or_der_r) = \$_[0];
240
241	317	100			1998	if ( $$pem_or_der_r =~ m<\A-> ) {
242	295				1050	_pem_to_der($$pem_or_der_r);
243						}
244
245	317				473	return;
246						}
247
248						1;