|
|
@ -442,7 +442,7 @@ static EVP_PKEY *extract_pkey_from_x509(const char *x509_str) { |
|
|
|
|
|
|
|
|
|
|
|
end: |
|
|
|
end: |
|
|
|
BIO_free(bio); |
|
|
|
BIO_free(bio); |
|
|
|
if (x509 != NULL) X509_free(x509); |
|
|
|
X509_free(x509); |
|
|
|
return result; |
|
|
|
return result; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
@ -496,6 +496,8 @@ static EVP_PKEY *pkey_from_jwk(grpc_exec_ctx *exec_ctx, const grpc_json *json, |
|
|
|
const grpc_json *key_prop; |
|
|
|
const grpc_json *key_prop; |
|
|
|
RSA *rsa = NULL; |
|
|
|
RSA *rsa = NULL; |
|
|
|
EVP_PKEY *result = NULL; |
|
|
|
EVP_PKEY *result = NULL; |
|
|
|
|
|
|
|
BIGNUM *tmp_n = NULL; |
|
|
|
|
|
|
|
BIGNUM *tmp_e = NULL; |
|
|
|
|
|
|
|
|
|
|
|
GPR_ASSERT(kty != NULL && json != NULL); |
|
|
|
GPR_ASSERT(kty != NULL && json != NULL); |
|
|
|
if (strcmp(kty, "RSA") != 0) { |
|
|
|
if (strcmp(kty, "RSA") != 0) { |
|
|
@ -507,8 +509,6 @@ static EVP_PKEY *pkey_from_jwk(grpc_exec_ctx *exec_ctx, const grpc_json *json, |
|
|
|
gpr_log(GPR_ERROR, "Could not create rsa key."); |
|
|
|
gpr_log(GPR_ERROR, "Could not create rsa key."); |
|
|
|
goto end; |
|
|
|
goto end; |
|
|
|
} |
|
|
|
} |
|
|
|
BIGNUM *tmp_n = NULL; |
|
|
|
|
|
|
|
BIGNUM *tmp_e = NULL; |
|
|
|
|
|
|
|
for (key_prop = json->child; key_prop != NULL; key_prop = key_prop->next) { |
|
|
|
for (key_prop = json->child; key_prop != NULL; key_prop = key_prop->next) { |
|
|
|
if (strcmp(key_prop->key, "n") == 0) { |
|
|
|
if (strcmp(key_prop->key, "n") == 0) { |
|
|
|
tmp_n = |
|
|
|
tmp_n = |
|
|
@ -528,11 +528,16 @@ static EVP_PKEY *pkey_from_jwk(grpc_exec_ctx *exec_ctx, const grpc_json *json, |
|
|
|
gpr_log(GPR_ERROR, "Cannot set RSA key from inputs."); |
|
|
|
gpr_log(GPR_ERROR, "Cannot set RSA key from inputs."); |
|
|
|
goto end; |
|
|
|
goto end; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
/* RSA_set0_key takes ownership on success. */ |
|
|
|
|
|
|
|
tmp_n = NULL; |
|
|
|
|
|
|
|
tmp_e = NULL; |
|
|
|
result = EVP_PKEY_new(); |
|
|
|
result = EVP_PKEY_new(); |
|
|
|
EVP_PKEY_set1_RSA(result, rsa); /* uprefs rsa. */ |
|
|
|
EVP_PKEY_set1_RSA(result, rsa); /* uprefs rsa. */ |
|
|
|
|
|
|
|
|
|
|
|
end: |
|
|
|
end: |
|
|
|
if (rsa != NULL) RSA_free(rsa); |
|
|
|
RSA_free(rsa); |
|
|
|
|
|
|
|
BN_free(tmp_n); |
|
|
|
|
|
|
|
BN_free(tmp_e); |
|
|
|
return result; |
|
|
|
return result; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
@ -618,7 +623,7 @@ static int verify_jwt_signature(EVP_PKEY *key, const char *alg, |
|
|
|
result = 1; |
|
|
|
result = 1; |
|
|
|
|
|
|
|
|
|
|
|
end: |
|
|
|
end: |
|
|
|
if (md_ctx != NULL) EVP_MD_CTX_destroy(md_ctx); |
|
|
|
EVP_MD_CTX_destroy(md_ctx); |
|
|
|
return result; |
|
|
|
return result; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
@ -658,7 +663,7 @@ static void on_keys_retrieved(grpc_exec_ctx *exec_ctx, void *user_data, |
|
|
|
|
|
|
|
|
|
|
|
end: |
|
|
|
end: |
|
|
|
if (json != NULL) grpc_json_destroy(json); |
|
|
|
if (json != NULL) grpc_json_destroy(json); |
|
|
|
if (verification_key != NULL) EVP_PKEY_free(verification_key); |
|
|
|
EVP_PKEY_free(verification_key); |
|
|
|
ctx->user_cb(exec_ctx, ctx->user_data, status, claims); |
|
|
|
ctx->user_cb(exec_ctx, ctx->user_data, status, claims); |
|
|
|
verifier_cb_ctx_destroy(exec_ctx, ctx); |
|
|
|
verifier_cb_ctx_destroy(exec_ctx, ctx); |
|
|
|
} |
|
|
|
} |
|
|
|