Added the functions gnutls_x509_crt_get_pk_rsa_raw() and

gnutls_x509_crt_get_pk_dsa_raw() to retrieve parameters from certificates.

7 files changed, 175 insertions, 6 deletions

diff --git a/NEWS b/NEWS
index f11247dcf3..a427ace3f9 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,8 @@ Version 1.0.14
 - Corrected a serious bug in the included libtasn1 library.
 - Corrected session resuming in SRP ciphersuites.
 - Updated to conform to the latest srp draft (draft-ietf-tls-srp-07)
+- Added the functions gnutls_x509_crt_get_pk_rsa_raw() and
+  gnutls_x509_crt_get_pk_dsa_raw() to retrieve parameters from certificates.
 
 Version 1.0.13 (29/04/2004)
 - Some complilation fixes.
diff --git a/doc/tex/cover.tex.in b/doc/tex/cover.tex.in
index 48207ae20b..300ea355e5 100644
--- a/doc/tex/cover.tex.in
+++ b/doc/tex/cover.tex.in
@@ -53,7 +53,7 @@ Applies to GnuTLS @VERSION@
 
 \begin{center}
 \par
-Copyright \copyright\ 2001,2002,2003 Nikos Mavroyanopoulos\\
+Copyright \copyright\ 2001,2002,2003,2004 Nikos Mavroyanopoulos\\
 \setlength{\parskip}{4mm}
 \par
 Permission is granted to copy, distribute and/or modify this document
diff --git a/includes/gnutls/x509.h b/includes/gnutls/x509.h
index c97832508a..0d8cfbd5c5 100644
--- a/includes/gnutls/x509.h
+++ b/includes/gnutls/x509.h
@@ -132,6 +132,12 @@ time_t gnutls_x509_crt_get_expiration_time(gnutls_x509_crt cert);
 int gnutls_x509_crt_get_serial(gnutls_x509_crt cert, void* result, size_t* result_size);
 
 int gnutls_x509_crt_get_pk_algorithm( gnutls_x509_crt cert, unsigned int* bits);
+int gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt crt,
+	gnutls_datum * m, gnutls_datum *e);
+int gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt crt,
+	gnutls_datum * p, gnutls_datum *q,
+	gnutls_datum *g, gnutls_datum *y);
+
 int gnutls_x509_crt_get_subject_alt_name(gnutls_x509_crt cert, 
 	unsigned int seq, void *ret, size_t *ret_size, unsigned int* critical);
 int gnutls_x509_crt_get_ca_status(gnutls_x509_crt cert, unsigned int* critical);
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 3646f5b555..f14d7e5ced 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -102,6 +102,11 @@ typedef void * gnutls_transport_ptr;
 typedef unsigned char opaque;
 typedef struct { opaque pint[3]; } uint24;
 
+typedef struct {
+	opaque * data;
+	unsigned int size;
+} gnutls_datum;
+
 #include <gnutls_mpi.h>
 
 typedef enum ChangeCipherSpecType { GNUTLS_TYPE_CHANGE_CIPHER_SPEC=1 } ChangeCipherSpecType;
@@ -141,11 +146,6 @@ typedef enum HandshakeType { GNUTLS_HELLO_REQUEST, GNUTLS_CLIENT_HELLO, GNUTLS_S
 
 typedef HandshakeType gnutls_handshake_description;
 
-typedef struct {
-	opaque * data;
-	unsigned int size;
-} gnutls_datum;
-
 #include <gnutls_buffer.h>
 
 /* This is the maximum number of algorithms (ciphers or macs etc).
diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c
index 31d3173744..3deb33e1c7 100644
--- a/lib/gnutls_mpi.c
+++ b/lib/gnutls_mpi.c
@@ -97,6 +97,32 @@ int ret;
 	return GNUTLS_E_MPI_PRINT_FAILED;
 }
 
+/* Always has the first bit zero */
+int _gnutls_mpi_dprint_lz( gnutls_datum* dest, const GNUTLS_MPI a ) 
+{
+int ret;
+opaque* buf = NULL;
+size_t bytes = 0;
+
+	if (dest == NULL || a == NULL) return GNUTLS_E_INVALID_REQUEST;
+
+	gcry_mpi_print( GCRYMPI_FMT_STD, NULL, 0, &bytes, a);
+	
+	if (bytes != 0)
+		buf = gnutls_malloc( bytes);
+	if (buf == NULL)
+		return GNUTLS_E_MEMORY_ERROR;
+
+	ret = gcry_mpi_print( GCRYMPI_FMT_STD, buf, bytes, &bytes, a);
+	if (!ret) {
+		dest->data = buf;
+		dest->size = bytes;
+		return 0;
+	}
+	
+	gnutls_free(buf);
+	return GNUTLS_E_MPI_PRINT_FAILED;
+}
 
 /* this function reads an integer
  * from asn1 structs. Combines the read and mpi_scan
diff --git a/lib/gnutls_mpi.h b/lib/gnutls_mpi.h
index 48bb78b7b4..80857fb4b7 100644
--- a/lib/gnutls_mpi.h
+++ b/lib/gnutls_mpi.h
@@ -3,6 +3,7 @@
 
 # include <gcrypt.h>
 # include <libtasn1.h>
+# include <gnutls_int.h>
 
 #define GNUTLS_MPI gcry_mpi_t
 
@@ -40,5 +41,7 @@ int _gnutls_mpi_scan_pgp( GNUTLS_MPI *ret_mpi, const opaque *buffer, size_t *nby
 int _gnutls_mpi_print( void *buffer, size_t *nbytes, const GNUTLS_MPI a );
 int _gnutls_mpi_print_lz( void *buffer, size_t *nbytes, const GNUTLS_MPI a );
 
+int _gnutls_mpi_dprint_lz( gnutls_datum* dest, const GNUTLS_MPI a );
+#define _gnutls_mpi_dprint _gnutls_mpi_dprint_lz
 
 #endif
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index 097f5e38f5..ed3d0945e9 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -1682,4 +1682,136 @@ int gnutls_x509_crt_get_key_purpose_oid(gnutls_x509_crt cert,
 
 }
 
+/**
+  * gnutls_x509_crt_get_pk_rsa_raw - This function will export the RSA public key
+  * @crt: Holds the certificate
+  * @m: will hold the modulus
+  * @e: will hold the public exponent
+  *
+  * This function will export the RSA private key's parameters found in the given
+  * structure. The new parameters will be allocated using
+  * gnutls_malloc() and will be stored in the appropriate datum.
+  * 
+  **/
+int gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt crt,
+	gnutls_datum * m, gnutls_datum *e)
+{
+int ret;
+GNUTLS_MPI params[MAX_PUBLIC_PARAMS_SIZE];
+int params_size = MAX_PUBLIC_PARAMS_SIZE;
+int i;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_crt_get_mpis( crt, params, &params_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+	ret = _gnutls_mpi_dprint(m, params[0]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	ret = _gnutls_mpi_dprint(e, params[1]);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(m);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+cleanup:
+	for (i = 0; i < params_size; i++) {
+		_gnutls_mpi_release( &params[i]);
+	}
+	return ret;
+}
+
+/**
+  * gnutls_x509_crt_get_pk_dsa_raw - This function will export the DSA private key
+  * @crt: Holds the certificate
+  * @p: will hold the p
+  * @q: will hold the q
+  * @g: will hold the g
+  * @y: will hold the y
+  *
+  * This function will export the DSA private key's parameters found in the given
+  * certificate. The new parameters will be allocated using
+  * gnutls_malloc() and will be stored in the appropriate datum.
+  * 
+  **/
+int gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt crt,
+	gnutls_datum * p, gnutls_datum *q,
+	gnutls_datum *g, gnutls_datum *y) 
+{
+int ret;
+GNUTLS_MPI params[MAX_PUBLIC_PARAMS_SIZE];
+int params_size = MAX_PUBLIC_PARAMS_SIZE;
+int i;
+
+	if (crt == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = _gnutls_x509_crt_get_mpis( crt, params, &params_size);
+	if (ret < 0) {
+		gnutls_assert();
+		return ret;
+	}
+
+
+	/* P */
+	ret = _gnutls_mpi_dprint(p, params[0]);
+	if (ret < 0) {
+		gnutls_assert();
+		goto cleanup;
+	}
+
+	/* Q */
+	ret = _gnutls_mpi_dprint(q, params[1]);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(p);
+		goto cleanup;
+	}
+
+
+	/* G */
+	ret = _gnutls_mpi_dprint(g, params[2]);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(p);
+		_gnutls_free_datum(q);
+		goto cleanup;
+	}
+
+
+	/* Y */
+	ret = _gnutls_mpi_dprint(y, params[3]);
+	if (ret < 0) {
+		gnutls_assert();
+		_gnutls_free_datum(p);
+		_gnutls_free_datum(g);
+		_gnutls_free_datum(q);
+		goto cleanup;
+	}
+
+	ret = 0;
+
+cleanup:
+	for (i = 0; i < params_size; i++) {
+		_gnutls_mpi_release( &params[i]);
+	}
+	return ret;
+
+}
+
 #endif