Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Merge pull request #5401 from boundlessgeo/pkcs8-to-pkcs1
[auth] Convert PKCS8 to PKCS1 private keys (for macOS)
- Loading branch information
Showing
with
632 additions
and 57 deletions.
- +5 −0 CMakeLists.txt
- +45 −0 cmake/FindLibtasn1.cmake
- +19 −0 python/core/auth/qgsauthcertutils.sip
- +6 −0 resources/CMakeLists.txt
- +63 −0 resources/pkcs8.asn
- +11 −0 src/auth/pkipkcs12/qgsauthpkcs12method.cpp
- +8 −1 src/core/CMakeLists.txt
- +237 −14 src/core/auth/qgsauthcertutils.cpp
- +33 −0 src/core/auth/qgsauthcertutils.h
- +4 −21 src/core/auth/qgsauthconfig.cpp
- +1 −21 src/gui/auth/qgsauthimportidentitydialog.cpp
- +1 −0 tests/src/core/CMakeLists.txt
- +135 −0 tests/src/core/testqgsauthcertutils.cpp
- BIN tests/testdata/auth_system/certs_keys/fra_key-pkcs8-rsa.der
- +16 −0 tests/testdata/auth_system/certs_keys/fra_key-pkcs8-rsa.pem
- BIN tests/testdata/auth_system/certs_keys/gerardus_key-pkcs8-rsa.der
- +16 −0 tests/testdata/auth_system/certs_keys/gerardus_key-pkcs8-rsa.pem
- BIN tests/testdata/auth_system/certs_keys/nicholas_key-pkcs8-rsa.der
- +16 −0 tests/testdata/auth_system/certs_keys/nicholas_key-pkcs8-rsa.pem
- BIN tests/testdata/auth_system/certs_keys/ptolemy_key-pkcs8-rsa.der
- +16 −0 tests/testdata/auth_system/certs_keys/ptolemy_key-pkcs8-rsa.pem
@@ -0,0 +1,45 @@ | ||
# Find Libtasn1 | ||
# ~~~~~~~~~~~~~~~ | ||
# CMake module to search for Libtasn1 ASN.1 library and header(s) from: | ||
# https://www.gnu.org/software/libtasn1/ | ||
# | ||
# If it's found it sets LIBTASN1_FOUND to TRUE | ||
# and following variables are set: | ||
# LIBTASN1_INCLUDE_DIR | ||
# LIBTASN1_LIBRARY | ||
# | ||
# Copyright (c) 2017, Boundless Spatial | ||
# Author: Larry Shaffer <lshaffer (at) boundlessgeo (dot) com> | ||
# | ||
# Redistribution and use is allowed according to the terms of the BSD license. | ||
# For details see the accompanying COPYING-CMAKE-SCRIPTS file. | ||
|
||
|
||
find_path(LIBTASN1_INCLUDE_DIR | ||
NAMES libtasn1.h | ||
PATHS | ||
${LIB_DIR}/include | ||
"$ENV{LIB_DIR}/include" | ||
$ENV{INCLUDE} | ||
/usr/local/include | ||
/usr/include | ||
) | ||
|
||
find_library(LIBTASN1_LIBRARY | ||
NAMES tasn1 | ||
PATHS | ||
${LIB_DIR} | ||
"$ENV{LIB_DIR}" | ||
$ENV{LIB} | ||
/usr/local/lib | ||
/usr/lib | ||
) | ||
|
||
include(FindPackageHandleStandardArgs) | ||
find_package_handle_standard_args( | ||
Libtasn1 | ||
REQUIRED_VARS LIBTASN1_INCLUDE_DIR LIBTASN1_LIBRARY | ||
FOUND_VAR LIBTASN1_FOUND | ||
) | ||
|
||
mark_as_advanced(LIBTASN1_INCLUDE_DIR LIBTASN1_LIBRARY) |
@@ -0,0 +1,63 @@ | ||
PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-8(8) | ||
modules(1) pkcs-8(1)} | ||
|
||
-- $Revision: 1.5 $ | ||
|
||
-- This module has been checked for conformance with the ASN.1 | ||
-- standard by the OSS ASN.1 Tools | ||
|
||
DEFINITIONS EXPLICIT TAGS ::= | ||
|
||
BEGIN | ||
|
||
-- EXPORTS All -- | ||
-- All types and values defined in this module is exported for use in | ||
-- other ASN.1 modules. | ||
|
||
-- attribute data types -- | ||
|
||
Attribute ::= SEQUENCE { | ||
type AttributeType, | ||
values SET OF AttributeValue | ||
-- at least one value is required -- | ||
} | ||
|
||
AttributeType ::= OBJECT IDENTIFIER | ||
|
||
AttributeValue ::= ANY DEFINED BY type | ||
|
||
AttributeTypeAndValue ::= SEQUENCE { | ||
type AttributeType, | ||
value AttributeValue } | ||
|
||
AlgorithmIdentifier ::= SEQUENCE { | ||
algorithm OBJECT IDENTIFIER, | ||
parameters ANY DEFINED BY algorithm OPTIONAL } | ||
-- contains a value of the type | ||
-- registered for use with the | ||
-- algorithm object identifier value | ||
|
||
-- Private-key information syntax | ||
|
||
PrivateKeyInfo ::= SEQUENCE { | ||
version Version, | ||
privateKeyAlgorithm AlgorithmIdentifier, | ||
privateKey PrivateKey, | ||
attributes [0] Attributes OPTIONAL } | ||
|
||
Version ::= INTEGER {v1(0)} | ||
|
||
PrivateKey ::= OCTET STRING | ||
|
||
Attributes ::= SET OF Attribute | ||
|
||
-- Encrypted private-key information syntax | ||
|
||
EncryptedPrivateKeyInfo ::= SEQUENCE { | ||
encryptionAlgorithm AlgorithmIdentifier, | ||
encryptedData EncryptedData | ||
} | ||
|
||
EncryptedData ::= OCTET STRING | ||
|
||
END |
Oops, something went wrong.