commit 74f711083dc88c7344f33f1bca7019da4e376758
author David Benjamin <davidben@chromium.org> Sat Jun 27 14:56:25 2015 -0400
committer Adam Langley <agl@google.com> Tue Jul 07 22:50:53 2015 +0000
tree 6c690df3028dcfccbd65b448393d9a8732c2c98a
parent c0e245a546b15c6b4219d2f3d5455e417cddc782

Parse RSAPrivateKey with CBS.

This removes the version field from RSA and instead handles versioning
as part of parsing. (As a bonus, we now correctly limit multi-prime RSA
to version 1 keys.)

Most consumers are also converted. old_rsa_priv_{de,en}code are left
alone for now. Those hooks are passed in parameters which match the old
d2i/i2d pattern (they're only used in d2i_PrivateKey and
i2d_PrivateKey).

Include a test which, among other things, checks that public keys being
serialized as private keys are handled properly.

BUG=499653

Change-Id: Icdd5f0382c4a84f9c8867024f29756e1a306ba08
Reviewed-on: https://boringssl-review.googlesource.com/5273
Reviewed-by: Adam Langley <agl@google.com>

include/openssl/ssl.h

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 5852689..72d268a 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -649,9 +649,10 @@
                                            const uint8_t *d, long len);
 
 OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx,
-                                                  const uint8_t *d,
-                                                  long len);
-OPENSSL_EXPORT int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, uint8_t *d, long len);
+                                                  const uint8_t *der,
+                                                  size_t der_len);
+OPENSSL_EXPORT int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const uint8_t *der,
+                                              size_t der_len);
 
 /* The following functions configure certificates or private keys but take as
  * input files to read from. They return one on success and zero on failure. The