diff options
author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2016-10-21 18:01:20 +0300 |
---|---|---|
committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2018-06-23 12:20:16 +0300 |
commit | 81e41559827570d2646e45f599fbb77a1310683c (patch) | |
tree | 292f88b2a44cd11719a42a8e81d8f427aa4a5369 | |
parent | 6e8b1a1d3be198f436234c76d65ecc82e06aeb3d (diff) | |
download | gnutls-81e41559827570d2646e45f599fbb77a1310683c.tar.gz |
certtool: support dumping GOST private key information
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
-rw-r--r-- | src/certtool-common.c | 81 | ||||
-rw-r--r-- | src/certtool-common.h | 5 |
2 files changed, 86 insertions, 0 deletions
diff --git a/src/certtool-common.c b/src/certtool-common.c index c020e97e3e..99b0e52a44 100644 --- a/src/certtool-common.c +++ b/src/certtool-common.c @@ -907,6 +907,61 @@ print_ecc_pkey(FILE * outfile, gnutls_ecc_curve_t curve, } } +static const char * +gost_param_name(int param) +{ + switch(param) { + case 0: + return "TC26-Z"; + case 1: + return "CryptoPro-A"; + case 2: + return "CryptoPro-B"; + case 3: + return "CryptoPro-C"; + case 4: + return "CryptoPro-D"; + default: + return "unknown"; + } +} + +void +print_gost_pkey(FILE * outfile, gnutls_ecc_curve_t curve, + gnutls_digest_algorithm_t digest, gnutls_gost_paramset_t paramset, + gnutls_datum_t * k, gnutls_datum_t * x, gnutls_datum_t * y, + int cprint) +{ + if (cprint != 0) + fprintf(outfile, "/* curve: %s */\n", + gnutls_ecc_curve_get_name(curve)); + else + fprintf(outfile, "curve:\t%s\n", + gnutls_ecc_curve_get_name(curve)); + + if (cprint != 0) + fprintf(outfile, "/* digest: %s */\n", + gnutls_digest_get_name(digest)); + else + fprintf(outfile, "digest:\t%s\n", + gnutls_digest_get_name(digest)); + + if (cprint != 0) + fprintf(outfile, "/* paramset: %s */\n", + gost_param_name(paramset)); + else + fprintf(outfile, "paramset:\t%s\n", + gost_param_name(paramset)); + + if (k) { + print_head(outfile, "private key", k->size, cprint); + print_hex_datum(outfile, k, cprint); + } + print_head(outfile, "x", x->size, cprint); + print_hex_datum(outfile, x, cprint); + print_head(outfile, "y", y->size, cprint); + print_hex_datum(outfile, y, cprint); +} void print_rsa_pkey(FILE * outfile, gnutls_datum_t * m, gnutls_datum_t * e, @@ -1233,6 +1288,32 @@ static void privkey_info_int(FILE *outfile, common_info_st * cinfo, gnutls_free(y.data); gnutls_free(k.data); } + } else if (key_type == GNUTLS_PK_GOST_01 || + key_type == GNUTLS_PK_GOST_12_256 || + key_type == GNUTLS_PK_GOST_12_512) { + gnutls_datum_t y, x, k; + gnutls_ecc_curve_t curve; + gnutls_digest_algorithm_t digest; + gnutls_gost_paramset_t paramset; + + ret = + gnutls_x509_privkey_export_gost_raw(key, &curve, + &digest, + ¶mset, + &x, &y, &k); + if (ret < 0) + fprintf(stderr, + "Error in key GOST data export: %s\n", + gnutls_strerror(ret)); + else { + print_gost_pkey(outfile, curve, digest, paramset, + &k, &x, &y, + cinfo->cprint); + + gnutls_free(x.data); + gnutls_free(y.data); + gnutls_free(k.data); + } } size = lbuffer_size; diff --git a/src/certtool-common.h b/src/certtool-common.h index c40708af14..3dac2ae3c1 100644 --- a/src/certtool-common.h +++ b/src/certtool-common.h @@ -155,6 +155,11 @@ void _pubkey_info(FILE * outfile, gnutls_certificate_print_formats_t, void print_ecc_pkey(FILE * outfile, gnutls_ecc_curve_t curve, gnutls_datum_t * k, gnutls_datum_t * x, gnutls_datum_t * y, int cprint); +void print_gost_pkey(FILE * outfile, gnutls_ecc_curve_t curve, + gnutls_digest_algorithm_t digest, + gnutls_gost_paramset_t paramset, + gnutls_datum_t * k, gnutls_datum_t * x, + gnutls_datum_t * y, int cprint); void print_rsa_pkey(FILE * outfile, gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u, |