diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-02-12 12:48:42 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-02-12 12:48:42 +0000 |
| commit | 11e64289384aefeaba2a530eec23dd87dfe8fcc4 (patch) | |
| tree | e5302f871800c43550164fd386fb1f26caa2272c | |
| parent | c11c3a0085629e06a93a152c4e8ab5dd5e33ee70 (diff) | |
| download | gnutls-11e64289384aefeaba2a530eec23dd87dfe8fcc4.tar.gz | |
Added some private key handling functions. They are primitive enough for now.
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | includes/gnutls/compat8.h | 4 | ||||
| -rw-r--r-- | includes/gnutls/x509.h | 18 | ||||
| -rw-r--r-- | lib/gnutls.h.in.in | 16 | ||||
| -rw-r--r-- | lib/gnutls_dh_primes.c | 4 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 4 | ||||
| -rw-r--r-- | lib/gnutls_privkey.c | 33 | ||||
| -rw-r--r-- | lib/gnutls_ui.h | 4 | ||||
| -rw-r--r-- | lib/gnutls_x509.c | 22 | ||||
| -rw-r--r-- | lib/x509/Makefile.am | 2 | ||||
| -rw-r--r-- | lib/x509/compat.c | 35 | ||||
| -rw-r--r-- | lib/x509/crl.c | 2 | ||||
| -rw-r--r-- | lib/x509/pkcs7.c | 2 | ||||
| -rw-r--r-- | lib/x509/pkcs7.h | 2 | ||||
| -rw-r--r-- | lib/x509/privkey.c | 168 | ||||
| -rw-r--r-- | lib/x509/x509.c | 2 | ||||
| -rw-r--r-- | lib/x509/x509.h | 15 |
17 files changed, 266 insertions, 71 deletions
@@ -12,8 +12,8 @@ Version 0.9.0 - Several changes in the temporary (DH/RSA) parameter codebase. No DH parameters are now included in the library. Also the credentials structure can now hold only one temporary parameter of a kind. -- Added a new Certificate and PKCS7 structures handling API, defined - in gnutls/x509.h +- Added a new Certificate, CRL, Private key and PKCS7 structures handling + API, defined in gnutls/x509.h - Added support for Certificate Revocation lists. Functions defined in gnutls/x509.h - The only functions were removed are: diff --git a/includes/gnutls/compat8.h b/includes/gnutls/compat8.h index 8ed390a32b..3ee9945364 100644 --- a/includes/gnutls/compat8.h +++ b/includes/gnutls/compat8.h @@ -48,6 +48,8 @@ int gnutls_x509_check_certificates_hostname(const gnutls_datum * cert, const char *hostname); #define gnutls_x509_fingerprint gnutls_fingerprint -#define gnutls_x509_certificate_format gnutls_x509_crt_format +#define gnutls_x509_certificate_format gnutls_x509_crt_fmt + +int gnutls_x509_extract_key_pk_algorithm( const gnutls_datum * key); #endif diff --git a/includes/gnutls/x509.h b/includes/gnutls/x509.h index 0812b09c97..65e40467ea 100644 --- a/includes/gnutls/x509.h +++ b/includes/gnutls/x509.h @@ -52,7 +52,7 @@ typedef struct gnutls_x509_crt_int* gnutls_x509_crt; int gnutls_x509_crt_init(gnutls_x509_crt * cert); void gnutls_x509_crt_deinit(gnutls_x509_crt cert); int gnutls_x509_crt_import(gnutls_x509_crt cert, const gnutls_datum * data, - gnutls_x509_crt_format format); + gnutls_x509_crt_fmt format); int gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt cert, char *buf, int *sizeof_buf); int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt cert, @@ -116,7 +116,7 @@ int gnutls_x509_crl_init(gnutls_x509_crl * crl); void gnutls_x509_crl_deinit(gnutls_x509_crl crl); int gnutls_x509_crl_import(gnutls_x509_crl crl, const gnutls_datum * data, - gnutls_x509_crt_format format); + gnutls_x509_crt_fmt format); int gnutls_x509_crl_get_issuer_dn(const gnutls_x509_crl crl, char *buf, int *sizeof_buf); @@ -154,7 +154,7 @@ void gnutls_pkcs7_deinit(gnutls_pkcs7 pkcs7); int gnutls_pkcs7_get_certificate_count( gnutls_pkcs7 pkcs7); int gnutls_pkcs7_import(gnutls_pkcs7 pkcs7, const gnutls_datum * data, - gnutls_x509_crt_format format); + gnutls_x509_crt_fmt format); int gnutls_pkcs7_get_certificate(gnutls_pkcs7 pkcs7, int indx, char* certificate, int* certificate_size); @@ -191,6 +191,18 @@ int gnutls_x509_crt_get_fingerprint(gnutls_x509_crt cert, gnutls_digest_algorithm algo, char *buf, int *sizeof_buf); +/* Private key handling + */ +struct gnutls_x509_privkey_int; +typedef struct gnutls_x509_privkey_int* gnutls_x509_privkey; + +int gnutls_x509_privkey_init(gnutls_x509_privkey * key); +void gnutls_x509_privkey_deinit(gnutls_x509_privkey key); +int gnutls_x509_privkey_import(gnutls_x509_privkey key, const gnutls_datum * data, + gnutls_x509_crt_fmt format); +int gnutls_x509_privkey_get_pk_algorithm( gnutls_x509_privkey key); + + #ifdef __cplusplus } #endif diff --git a/lib/gnutls.h.in.in b/lib/gnutls.h.in.in index 166ead13c9..6ec7b25a65 100644 --- a/lib/gnutls.h.in.in +++ b/lib/gnutls.h.in.in @@ -116,8 +116,8 @@ typedef enum gnutls_protocol_version { GNUTLS_SSL3=1, GNUTLS_TLS1 } gnutls_proto typedef enum gnutls_certificate_type { GNUTLS_CRT_X509=1, GNUTLS_CRT_OPENPGP } gnutls_certificate_type; -typedef enum gnutls_x509_crt_format { GNUTLS_X509_FMT_DER, - GNUTLS_X509_FMT_PEM } gnutls_x509_crt_format; +typedef enum gnutls_x509_crt_fmt { GNUTLS_X509_FMT_DER, + GNUTLS_X509_FMT_PEM } gnutls_x509_crt_fmt; typedef enum gnutls_pk_algorithm { GNUTLS_PK_RSA = 1, GNUTLS_PK_DSA, GNUTLS_PK_UNKNOWN = 0xff @@ -310,20 +310,20 @@ int gnutls_certificate_set_dh_params(gnutls_certificate_credentials res, gnutls_ int gnutls_certificate_set_rsa_params(gnutls_certificate_credentials res, gnutls_rsa_params rsa_params); int gnutls_certificate_set_x509_trust_file( gnutls_certificate_credentials res, const char* CAFILE, - gnutls_x509_crt_format); + gnutls_x509_crt_fmt); int gnutls_certificate_set_x509_trust_mem(gnutls_certificate_credentials res, - const gnutls_datum *CA, gnutls_x509_crt_format); + const gnutls_datum *CA, gnutls_x509_crt_fmt); int gnutls_certificate_set_x509_crl_file(gnutls_certificate_credentials res, - const char *crlfile, gnutls_x509_crt_format type); + const char *crlfile, gnutls_x509_crt_fmt type); int gnutls_certificate_set_x509_crl_mem(gnutls_certificate_credentials res, - const gnutls_datum *CRL, gnutls_x509_crt_format type); + const gnutls_datum *CRL, gnutls_x509_crt_fmt type); int gnutls_certificate_set_x509_key_file( gnutls_certificate_credentials res, - const char *CERTFILE, const char* KEYFILE, gnutls_x509_crt_format); + const char *CERTFILE, const char* KEYFILE, gnutls_x509_crt_fmt); int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials res, const gnutls_datum* CERT, const gnutls_datum* KEY, - gnutls_x509_crt_format); + gnutls_x509_crt_fmt); /* global state functions */ diff --git a/lib/gnutls_dh_primes.c b/lib/gnutls_dh_primes.c index bc92277b3c..8b2d1c41c9 100644 --- a/lib/gnutls_dh_primes.c +++ b/lib/gnutls_dh_primes.c @@ -310,7 +310,7 @@ int gnutls_dh_params_generate(gnutls_datum * prime, * **/ int gnutls_pkcs3_extract_dh_params(const gnutls_datum * params, - gnutls_x509_crt_format format, + gnutls_x509_crt_fmt format, gnutls_datum * prime, gnutls_datum * generator, int *bits) { @@ -431,7 +431,7 @@ int gnutls_pkcs3_extract_dh_params(const gnutls_datum * params, **/ int gnutls_pkcs3_export_dh_params( const gnutls_datum * prime, const gnutls_datum * generator, - gnutls_x509_crt_format format, + gnutls_x509_crt_fmt format, unsigned char* params_data, int* params_data_size) { ASN1_TYPE c2; diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index d00c56fc28..a5ac45c5cd 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -194,8 +194,8 @@ typedef enum ContentType { GNUTLS_CHANGE_CIPHER_SPEC=20, GNUTLS_ALERT, GNUTLS_HANDSHAKE, GNUTLS_APPLICATION_DATA } ContentType; -typedef enum gnutls_x509_crt_format { GNUTLS_X509_FMT_DER, - GNUTLS_X509_FMT_PEM } gnutls_x509_crt_format; +typedef enum gnutls_x509_crt_fmt { GNUTLS_X509_FMT_DER, + GNUTLS_X509_FMT_PEM } gnutls_x509_crt_fmt; typedef enum gnutls_pk_algorithm { GNUTLS_PK_RSA = 1, GNUTLS_PK_DSA, GNUTLS_PK_UNKNOWN = 0xff diff --git a/lib/gnutls_privkey.c b/lib/gnutls_privkey.c index 37b14e797c..e37de43520 100644 --- a/lib/gnutls_privkey.c +++ b/lib/gnutls_privkey.c @@ -253,36 +253,3 @@ void _gnutls_free_private_key(gnutls_private_key pkey) return; } -/** - * gnutls_x509_extract_key_pk_algorithm - This function returns the keys's PublicKey algorithm - * @cert: is a DER encoded private key - * - * This function will return the public key algorithm of a DER encoded private - * key. - * - * Returns a member of the gnutls_pk_algorithm enumeration on success, - * or GNUTLS_E_UNKNOWN_PK_ALGORITHM on error. - * - **/ -int gnutls_x509_extract_key_pk_algorithm( const gnutls_datum * key) -{ -int cv, pk; - - pk = GNUTLS_E_UNKNOWN_PK_ALGORITHM; - - /* The only way to distinguish the keys - * is to count the sequence of integers. - */ - cv = _gnutls_der_check_if_rsa_key( key); - if (cv==0) - pk = GNUTLS_PK_RSA; - else { - cv = _gnutls_der_check_if_dsa_key( key); - if (cv==0) - pk = GNUTLS_PK_DSA; - } - - return pk; - -} - diff --git a/lib/gnutls_ui.h b/lib/gnutls_ui.h index b14aaa2f4d..38c14bd001 100644 --- a/lib/gnutls_ui.h +++ b/lib/gnutls_ui.h @@ -41,10 +41,10 @@ void gnutls_certificate_server_set_request( gnutls_session, gnutls_certificate_r */ int gnutls_pkcs3_extract_dh_params(const gnutls_datum * params, - gnutls_x509_crt_format format, gnutls_datum * prime, + gnutls_x509_crt_fmt format, gnutls_datum * prime, gnutls_datum * generator, int* prime_bits); int gnutls_pkcs3_export_dh_params( const gnutls_datum * prime, - const gnutls_datum * generator, gnutls_x509_crt_format format, + const gnutls_datum * generator, gnutls_x509_crt_fmt format, unsigned char* params_data, int* params_data_size); /* get data from the session diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index 7d4a0e62af..6cb8aee7f5 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -390,7 +390,7 @@ static int parse_pem_cert_mem( gnutls_cert** cert_list, int* ncerts, */ static int read_cert_mem(gnutls_certificate_credentials res, const char *cert, int cert_size, - gnutls_x509_crt_format type) + gnutls_x509_crt_fmt type) { int ret; @@ -506,7 +506,7 @@ int _gnutls_der_check_if_dsa_key(const gnutls_datum * key_struct) * type indicates the certificate format. */ static int read_key_mem(gnutls_certificate_credentials res, const char *key, int key_size, - gnutls_x509_crt_format type) + gnutls_x509_crt_fmt type) { int ret; opaque *b64 = NULL; @@ -612,7 +612,7 @@ static int read_key_mem(gnutls_certificate_credentials res, const char *key, int /* Reads a certificate file */ static int read_cert_file(gnutls_certificate_credentials res, const char *certfile, - gnutls_x509_crt_format type) + gnutls_x509_crt_fmt type) { int siz; char x[MAX_FILE_SIZE]; @@ -637,7 +637,7 @@ static int read_cert_file(gnutls_certificate_credentials res, const char *certfi * stores it). */ static int read_key_file(gnutls_certificate_credentials res, const char *keyfile, - gnutls_x509_crt_format type) + gnutls_x509_crt_fmt type) { int siz; char x[MAX_FILE_SIZE]; @@ -682,7 +682,7 @@ static int read_key_file(gnutls_certificate_credentials res, const char *keyfile * **/ int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials res, const gnutls_datum* CERT, - const gnutls_datum* KEY, gnutls_x509_crt_format type) + const gnutls_datum* KEY, gnutls_x509_crt_fmt type) { int ret; @@ -720,7 +720,7 @@ int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials res, cons * **/ int gnutls_certificate_set_x509_key_file(gnutls_certificate_credentials res, const char *CERTFILE, - const char *KEYFILE, gnutls_x509_crt_format type) + const char *KEYFILE, gnutls_x509_crt_fmt type) { int ret; @@ -982,7 +982,7 @@ static int parse_der_ca_mem( gnutls_x509_crt** cert_list, int* ncerts, * **/ int gnutls_certificate_set_x509_trust_mem(gnutls_certificate_credentials res, - const gnutls_datum *CA, gnutls_x509_crt_format type) + const gnutls_datum *CA, gnutls_x509_crt_fmt type) { int ret, ret2; @@ -1012,7 +1012,7 @@ int gnutls_certificate_set_x509_trust_mem(gnutls_certificate_credentials res, * **/ int gnutls_certificate_set_x509_trust_file(gnutls_certificate_credentials res, - const char *CAFILE, gnutls_x509_crt_format type) + const char *CAFILE, gnutls_x509_crt_fmt type) { int ret, ret2; int siz; @@ -1168,7 +1168,7 @@ static int parse_der_crl_mem( gnutls_x509_crl** crl_list, int* ncrls, */ static int read_crl_mem(gnutls_certificate_credentials res, const char *crl, int crl_size, - gnutls_x509_crt_format type) + gnutls_x509_crt_fmt type) { int ret; @@ -1207,7 +1207,7 @@ int read_crl_mem(gnutls_certificate_credentials res, const char *crl, int crl_si * **/ int gnutls_certificate_set_x509_crl_mem(gnutls_certificate_credentials res, - const gnutls_datum *CRL, gnutls_x509_crt_format type) + const gnutls_datum *CRL, gnutls_x509_crt_fmt type) { int ret; @@ -1230,7 +1230,7 @@ int gnutls_certificate_set_x509_crl_mem(gnutls_certificate_credentials res, * **/ int gnutls_certificate_set_x509_crl_file(gnutls_certificate_credentials res, - const char *crlfile, gnutls_x509_crt_format type) + const char *crlfile, gnutls_x509_crt_fmt type) { int ret; int siz; diff --git a/lib/x509/Makefile.am b/lib/x509/Makefile.am index cedcc7fcb8..5f7305a57e 100644 --- a/lib/x509/Makefile.am +++ b/lib/x509/Makefile.am @@ -5,7 +5,7 @@ EXTRA_DIST = dn.h common.h x509.h extensions.h pkcs7.h \ noinst_LTLIBRARIES = libx509.la COBJECTS = crl.c dn.c common.c x509.c extensions.c \ - pkcs7.c xml.c rfc2818_hostname.c verify.c mpi.c + pkcs7.c xml.c rfc2818_hostname.c verify.c mpi.c privkey.c COMPAT_OBJECTS = compat.c diff --git a/lib/x509/compat.c b/lib/x509/compat.c index e8e3385bd2..0f8e457a4d 100644 --- a/lib/x509/compat.c +++ b/lib/x509/compat.c @@ -746,3 +746,38 @@ int gnutls_x509_verify_certificate( const gnutls_datum* cert_list, int cert_list return ret; } + +/** + * gnutls_x509_extract_key_pk_algorithm - This function returns the keys's PublicKey algorithm + * @cert: is a DER encoded private key + * + * This function will return the public key algorithm of a DER encoded private + * key. + * + * Returns a member of the gnutls_pk_algorithm enumeration on success, + * or GNUTLS_E_UNKNOWN_PK_ALGORITHM on error. + * + **/ +int gnutls_x509_extract_key_pk_algorithm( const gnutls_datum * key) +{ + gnutls_x509_privkey pkey; + int ret, pk; + + ret = gnutls_x509_privkey_init( &pkey); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + ret = gnutls_x509_privkey_import( pkey, key, GNUTLS_X509_FMT_DER); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + pk = gnutls_x509_privkey_get_pk_algorithm( pkey); + + gnutls_x509_privkey_deinit( pkey); + return pk; +} + diff --git a/lib/x509/crl.c b/lib/x509/crl.c index fbba7e4f95..fc1d33769b 100644 --- a/lib/x509/crl.c +++ b/lib/x509/crl.c @@ -83,7 +83,7 @@ void gnutls_x509_crl_deinit(gnutls_x509_crl crl) * **/ int gnutls_x509_crl_import(gnutls_x509_crl crl, const gnutls_datum * data, - gnutls_x509_crt_format format) + gnutls_x509_crt_fmt format) { int result = 0, need_free = 0; int start, end; diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c index 175192b237..b82b6ec706 100644 --- a/lib/x509/pkcs7.c +++ b/lib/x509/pkcs7.c @@ -81,7 +81,7 @@ void gnutls_pkcs7_deinit(gnutls_pkcs7 pkcs7) * **/ int gnutls_pkcs7_import(gnutls_pkcs7 pkcs7, const gnutls_datum * data, - gnutls_x509_crt_format format) + gnutls_x509_crt_fmt format) { int result = 0, need_free = 0; gnutls_datum _data = { data->data, data->size }; diff --git a/lib/x509/pkcs7.h b/lib/x509/pkcs7.h index cf5ca7ae6b..e3ad0b817f 100644 --- a/lib/x509/pkcs7.h +++ b/lib/x509/pkcs7.h @@ -8,7 +8,7 @@ typedef struct gnutls_pkcs7_int *gnutls_pkcs7; int gnutls_pkcs7_init(gnutls_pkcs7 * pkcs7); void gnutls_pkcs7_deinit(gnutls_pkcs7 pkcs7); int gnutls_pkcs7_import(gnutls_pkcs7 pkcs7, const gnutls_datum * data, - gnutls_x509_crt_format format); + gnutls_x509_crt_fmt format); int gnutls_pkcs7_get_certificate(gnutls_pkcs7 pkcs7, int indx, char* certificate, int* certificate_size); int gnutls_pkcs7_get_certificate_count(gnutls_pkcs7 pkcs7); diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c new file mode 100644 index 0000000000..2e5f0a6ad9 --- /dev/null +++ b/lib/x509/privkey.c @@ -0,0 +1,168 @@ +/* + * Copyright (C) 2003 Nikos Mavroyanopoulos + * + * This file is part of GNUTLS. + * + * The GNUTLS library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +#include <gnutls_int.h> +#include <gnutls_datum.h> +#include <gnutls_global.h> +#include <gnutls_errors.h> +#include <common.h> +#include <gnutls_x509.h> +#include <x509_b64.h> +#include <x509.h> +#include <dn.h> +#include <extensions.h> +#include <gnutls_privkey.h> + +/** + * gnutls_x509_privkey_init - This function initializes a gnutls_crl structure + * @key: The structure to be initialized + * + * This function will initialize an private key structure. + * + * Returns 0 on success. + * + **/ +int gnutls_x509_privkey_init(gnutls_x509_privkey * key) +{ + *key = gnutls_calloc( 1, sizeof(gnutls_x509_privkey_int)); + + if (*key) { + return 0; /* success */ + } + return GNUTLS_E_MEMORY_ERROR; +} + +/** + * gnutls_x509_privkey_deinit - This function deinitializes memory used by a gnutls_x509_privkey structure + * @key: The structure to be initialized + * + * This function will deinitialize a CRL structure. + * + **/ +void gnutls_x509_privkey_deinit(gnutls_x509_privkey key) +{ + _gnutls_free_datum(&key->raw); + + gnutls_free(key); +} + +#define PEM_KEY_DSA "DSA PRIVATE" +#define PEM_KEY_RSA "RSA PRIVATE" + +/** + * gnutls_x509_privkey_import - This function will import a DER or PEM encoded Certificate + * @key: The structure to store the parsed key + * @data: The DER or PEM encoded certificate. + * @format: One of DER or PEM + * + * This function will convert the given DER or PEM encoded Certificate + * to the native gnutls_x509_privkey format. The output will be stored in 'key'. + * + * If the Certificate is PEM encoded it should have a header of "X509 CERTIFICATE", or + * "CERTIFICATE" and must be a null terminated string. + * + * Returns 0 on success. + * + **/ +int gnutls_x509_privkey_import(gnutls_x509_privkey key, const gnutls_datum * data, + gnutls_x509_crt_fmt format) +{ + int result = 0, need_free = 0; + gnutls_datum _data = { data->data, data->size }; + + /* If the Certificate is in PEM format then decode it + */ + if (format == GNUTLS_X509_FMT_PEM) { + opaque *out; + + /* Try the first header */ + result = _gnutls_fbase64_decode(PEM_KEY_RSA, data->data, data->size, + &out); + + if (result <= 0) { + /* try for the second header */ + result = _gnutls_fbase64_decode(PEM_KEY_DSA, data->data, data->size, + &out); + + if (result <= 0) { + if (result==0) result = GNUTLS_E_INTERNAL_ERROR; + gnutls_assert(); + return result; + } + } + + _data.data = out; + _data.size = result; + + need_free = 1; + } + + result = + _gnutls_set_datum(&key->raw, _data.data, _data.size); + if (result < 0) { + gnutls_assert(); + goto cleanup; + } + + if (need_free) _gnutls_free_datum( &_data); + + return 0; + + cleanup: + _gnutls_free_datum(&key->raw); + if (need_free) _gnutls_free_datum( &_data); + return result; +} + + + +/** + * gnutls_x509_privkey_get_pk_algorithm - This function returns the key's PublicKey algorithm + * @cert: should contain a gnutls_x509_privkey structure + * + * This function will return the public key algorithm of a private + * key. + * + * Returns a member of the gnutls_pk_algorithm enumeration on success, + * or a negative value on error. + * + **/ +int gnutls_x509_privkey_get_pk_algorithm( gnutls_x509_privkey key) +{ +int cv, pk; + + pk = GNUTLS_PK_UNKNOWN; + + /* The only way to distinguish the keys + * is to count the sequence of integers. + */ + cv = _gnutls_der_check_if_rsa_key( &key->raw); + if (cv==0) + pk = GNUTLS_PK_RSA; + else { + cv = _gnutls_der_check_if_dsa_key( &key->raw); + if (cv==0) + pk = GNUTLS_PK_DSA; + } + + return pk; + +} diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 0d397ae8b6..c44b2c72e1 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -85,7 +85,7 @@ void gnutls_x509_crt_deinit(gnutls_x509_crt cert) * **/ int gnutls_x509_crt_import(gnutls_x509_crt cert, const gnutls_datum * data, - gnutls_x509_crt_format format) + gnutls_x509_crt_fmt format) { int result = 0, need_free = 0; int start, end; diff --git a/lib/x509/x509.h b/lib/x509/x509.h index 315fa7d0a7..f096dcc06f 100644 --- a/lib/x509/x509.h +++ b/lib/x509/x509.h @@ -17,8 +17,13 @@ typedef struct gnutls_x509_crt_int { gnutls_pk_algorithm signature_algorithm; } gnutls_x509_crt_int; +typedef struct gnutls_x509_privkey_int { + gnutls_datum raw; /* we only keep raw data for the moment */ +} gnutls_x509_privkey_int; + typedef struct gnutls_x509_crt_int *gnutls_x509_crt; typedef struct gnutls_x509_crl_int *gnutls_x509_crl; +typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey; int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt cert, const char* oid, int indx, char *buf, int *sizeof_buf); @@ -52,15 +57,21 @@ int gnutls_x509_crl_get_certificate(gnutls_x509_crl crl, int index, void gnutls_x509_crl_deinit(gnutls_x509_crl crl); int gnutls_x509_crl_init(gnutls_x509_crl * crl); int gnutls_x509_crl_import(gnutls_x509_crl crl, const gnutls_datum * data, - gnutls_x509_crt_format format); + gnutls_x509_crt_fmt format); int gnutls_x509_crt_init(gnutls_x509_crt * cert); void gnutls_x509_crt_deinit(gnutls_x509_crt cert); int gnutls_x509_crt_import(gnutls_x509_crt cert, const gnutls_datum * data, - gnutls_x509_crt_format format); + gnutls_x509_crt_fmt format); int gnutls_x509_crt_get_key_usage(gnutls_x509_crt cert, unsigned int *key_usage, int *critical); int gnutls_x509_crt_get_version(gnutls_x509_crt cert); +int gnutls_x509_privkey_init(gnutls_x509_privkey * key); +void gnutls_x509_privkey_deinit(gnutls_x509_privkey key); +int gnutls_x509_privkey_import(gnutls_x509_privkey key, const gnutls_datum * data, + gnutls_x509_crt_fmt format); +int gnutls_x509_privkey_get_pk_algorithm( gnutls_x509_privkey key); + #endif |