Add x509 v1

audit/fips.c

@@ -343,7 +343,47 @@ static int check_exponent(const BIGNUM *e, char *buf, unsigned long *exponent){
  * This function load X509 certificate for OpenSSL v1
  */
 static int fips_x509_v1(struct audit_fips *st_audit_fips, struct keyinfo *st_keyinfo, const char *pkey, const int to_stdout){
+    struct rsa *rsa = (struct rsa*)malloc(sizeof(struct rsa*));
 
+    if (rsa == NULL){
+        if (DEBUG)
+            printf("Cannot malloc the structure\n");
+        return COMMON_ERR_MALLOC;
+    }
+    memset(rsa, 0, sizeof(struct rsa*));
+
+    rsa->bio = BIO_new(BIO_s_file());
+    if (BIO_read_filename(rsa->bio, pkey) == 0){
+        printf("Failed to read BIO\n");
+        return FIPS_ERR_READ_BIO;
+    }
+
+    X509 *x = PEM_read_bio_X509(rsa->bio, NULL, 0, NULL);
+    if (x == NULL){
+        printf("Failed to read the X509 certificate\n");
+        clean_rsa_st(rsa);
+        return FIPS_ERR_LOAD_X509;
+    }
+
+    EVP_PKEY *evp = X509_get_pubkey(x);
+    if (evp == NULL){
+        printf("Failed to get public certificate\n");
+        X509_free(x);
+        return FIPS_ERR_LOAD_RSA_KEY;
+    }
+    rsa->rsa = EVP_PKEY_get1_RSA(evp);
+    if (rsa->rsa == NULL){
+        X509_free(x);
+        EVP_PKEY_free(evp);
+        return FIPS_ERR_LOAD_RSA_KEY;
+    }
+
+    // We have the RSA key, we can audit it
+    audit_rsa_keys(rsa, st_audit_fips, st_keyinfo, pkey);
+
+    X509_free(x);
+    EVP_PKEY_free(evp);
+    clean_rsa_st(rsa);
     return 0;
 }
 /*