From 488a7957472fa83569418a9ad56fa92988730c66 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Fri, 16 Feb 2018 09:00:00 -0700
Subject: [PATCH] add wolfSSL_PEM_read_bio_RSAPrivateKey function

---
 src/ssl.c             | 37 +++++++++++++++++++++++++++++++++++++
 tests/api.c           | 29 +++++++++++++++++++++++++++++
 wolfssl/openssl/pem.h |  9 ++++++---
 3 files changed, 72 insertions(+), 3 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 5db1b307c..fb4bb034f 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -27586,6 +27586,43 @@ WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
 }
 
 
+#ifndef NO_RSA
+/* Uses the same format of input as wolfSSL_PEM_read_bio_PrivateKey but expects
+ * the results to be an RSA key.
+ *
+ * bio  structure to read RSA private key from
+ * rsa  if not null is then set to the result
+ * cb   password callback for reading PEM
+ * pass password string
+ *
+ * returns a pointer to a new WOLFSSL_RSA structure on success and NULL on fail
+ */
+WOLFSSL_RSA* wolfSSL_PEM_read_bio_RSAPrivateKey(WOLFSSL_BIO* bio,
+        WOLFSSL_RSA** rsa, pem_password_cb* cb, void* pass)
+{
+    WOLFSSL_EVP_PKEY* pkey;
+    WOLFSSL_RSA* local;
+
+    pkey = wolfSSL_PEM_read_bio_PrivateKey(bio, NULL, cb, pass);
+    if (pkey == NULL) {
+        return NULL;
+    }
+
+    /* Since the WOLFSSL_RSA structure is being taken from WOLFSSL_EVP_PEKY the
+     * flag indicating that the WOLFSSL_RSA structure is owned should be FALSE
+     * to avoid having it free'd */
+    pkey->ownRsa = 0;
+    local = pkey->rsa;
+    if (rsa != NULL) {
+        *rsa = local;
+    }
+
+    wolfSSL_EVP_PKEY_free(pkey);
+    return local;
+}
+#endif /* !NO_RSA */
+
+
 /* return of pkey->type which will be EVP_PKEY_RSA for example.
  *
  * type  type of EVP_PKEY
diff --git a/tests/api.c b/tests/api.c
index c0ddfb9dd..f0552b9f0 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -14109,6 +14109,34 @@ static void test_wolfSSL_PEM_PrivateKey(void)
 }
 
 
+static void test_wolfSSL_PEM_RSAPrivateKey(void)
+{
+    #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+       !defined(NO_FILESYSTEM) && !defined(NO_RSA)
+    RSA* rsa = NULL;
+    BIO* bio = NULL;
+
+    printf(testingFmt, "wolfSSL_PEM_RSAPrivateKey()");
+
+    AssertNotNull(bio = BIO_new_file(svrKeyFile, "rb"));
+    AssertNotNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL)));
+    AssertIntEQ(RSA_size(rsa), 256);
+
+    BIO_free(bio);
+    RSA_free(rsa);
+
+#ifdef HAVE_ECC
+    AssertNotNull(bio = BIO_new_file(eccKeyFile, "rb"));
+    AssertNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL)));
+
+    BIO_free(bio);
+#endif /* HAVE_ECC */
+
+    printf(resultFmt, passed);
+    #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
+}
+
+
 static void test_wolfSSL_tmp_dh(void)
 {
     #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
@@ -17225,6 +17253,7 @@ void ApiTest(void)
     test_wolfSSL_ASN1_TIME_print();
     test_wolfSSL_private_keys();
     test_wolfSSL_PEM_PrivateKey();
+    test_wolfSSL_PEM_RSAPrivateKey();
     test_wolfSSL_tmp_dh();
     test_wolfSSL_ctrl();
     test_wolfSSL_EVP_PKEY_new_mac_key();
diff --git a/wolfssl/openssl/pem.h b/wolfssl/openssl/pem.h
index f366f7e1e..8c859e0e3 100644
--- a/wolfssl/openssl/pem.h
+++ b/wolfssl/openssl/pem.h
@@ -34,9 +34,6 @@
     extern "C" {
 #endif
 
-#define PEM_write_bio_PrivateKey    wolfSSL_PEM_write_bio_PrivateKey
-#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
-
 /* RSA */
 WOLFSSL_API
 int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
@@ -44,6 +41,11 @@ int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
                                         unsigned char* passwd, int len,
                                         pem_password_cb* cb, void* arg);
 WOLFSSL_API
+WOLFSSL_RSA* wolfSSL_PEM_read_bio_RSAPrivateKey(WOLFSSL_BIO* bio,
+                                                  WOLFSSL_RSA**,
+                                                  pem_password_cb* cb,
+                                                  void* arg);
+WOLFSSL_API
 int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
                                         unsigned char* passwd, int len,
                                         unsigned char **pem, int *plen);
@@ -141,6 +143,7 @@ WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey(FILE *fp, WOLFSSL_EVP_PKEY **x,
 #define PEM_write_bio_PrivateKey    wolfSSL_PEM_write_bio_PrivateKey
 /* RSA */
 #define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
+#define PEM_read_bio_RSAPrivateKey  wolfSSL_PEM_read_bio_RSAPrivateKey
 #define PEM_write_RSAPrivateKey     wolfSSL_PEM_write_RSAPrivateKey
 #define PEM_write_RSA_PUBKEY        wolfSSL_PEM_write_RSA_PUBKEY
 #define PEM_write_RSAPublicKey      wolfSSL_PEM_write_RSAPublicKey