Skip to content

Commit

Permalink
added TODOs to sketch out missing bits
Browse files Browse the repository at this point in the history
  • Loading branch information
@alex
alex committed Jan 19, 2025
1 parent c63ae42 commit 73d5f37
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions src/rust/src/backend/keys.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ fn load_der_private_key<'p>(
return private_key_from_pkey(py, &pkey, unsafe_skip_rsa_key_validation);
}

// TODO: parse as encrypted private key

let password = password.as_ref().map(CffiBuf::as_bytes);
let mut status = utils::PasswordCallbackStatus::Unused;
let pkey = openssl::pkey::PKey::private_key_from_pkcs8_callback(
Expand All @@ -72,11 +74,13 @@ fn load_pem_private_key<'p>(
|p| ["PRIVATE KEY", "ENCRYPTED PRIVATE KEY", "RSA PRIVATE KEY", "EC PRIVATE KEY", "DSA PRIVATE KEY"].contains(&p.tag()),
"Valid PEM but no BEGIN/END delimiters for a private key found. Are you sure this is a private key?"
)?;
// TODO: if proc-type is present, decrypt PEM layer.
if p.headers().get("Proc-Type").is_none() {
let pkey = match p.tag() {
"PRIVATE KEY" => Some(cryptography_key_parsing::pkcs8::parse_private_key(
p.contents(),
)?),
// TODO: Add ENCRYPTED PRIVATE KEY support
"ENCRYPTED PRIVATE KEY" => None,
"RSA PRIVATE KEY" => Some(cryptography_key_parsing::rsa::parse_pkcs1_private_key(
p.contents(),
Expand Down

0 comments on commit 73d5f37

Please sign in to comment.