diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-09 16:20:05 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-12 10:18:52 +0200 |
| commit | 02b17134d6dd93a6e4aa7d7b04bac1dc8cbe280e (patch) | |
| tree | d23c32ad36a1d90a6fcb5bfff8037a064e1e042f | |
| parent | 0081a51a3df7ec30da22402fe878be61790ab721 (diff) | |
| download | gnutls-02b17134d6dd93a6e4aa7d7b04bac1dc8cbe280e.tar.gz | |
Introduced functions to export integers with no leading zero
That is introduced the flag GNUTLS_EXPORT_FLAG_NO_LZ and:
* gnutls_pubkey_export_rsa_raw2
* gnutls_pubkey_export_dsa_raw2
* gnutls_pubkey_export_ecc_raw2
* gnutls_privkey_export_rsa_raw2
* gnutls_privkey_export_dsa_raw2
* gnutls_privkey_export_ecc_raw2
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/includes/gnutls/abstract.h | 46 | ||||
| -rw-r--r-- | lib/libgnutls.map | 6 | ||||
| -rw-r--r-- | lib/mpi.h | 2 | ||||
| -rw-r--r-- | lib/pk.c | 52 | ||||
| -rw-r--r-- | lib/pk.h | 8 | ||||
| -rw-r--r-- | lib/privkey_raw.c | 94 | ||||
| -rw-r--r-- | lib/pubkey.c | 116 | ||||
| -rw-r--r-- | lib/x509/privkey.c | 8 |
8 files changed, 291 insertions, 41 deletions
diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h index 94bb9b9042..1024252b21 100644 --- a/lib/includes/gnutls/abstract.h +++ b/lib/includes/gnutls/abstract.h @@ -52,6 +52,16 @@ typedef enum gnutls_pubkey_flags { GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1 << 3 } gnutls_pubkey_flags_t; +/** + * gnutls_abstract_export_flags: + * @GNUTLS_EXPORT_FLAG_NO_LZ: do not prepend a leading zero to exported values + * + * Enumeration of different certificate import flags. + */ +typedef enum gnutls_abstract_export_flags { + GNUTLS_EXPORT_FLAG_NO_LZ = 1 +} gnutls_abstract_export_flags_t; + #define GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA GNUTLS_VERIFY_USE_TLS1_RSA typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key, @@ -139,12 +149,27 @@ int gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key, int gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key, gnutls_datum_t * m, gnutls_datum_t * e); +int gnutls_pubkey_export_rsa_raw2(gnutls_pubkey_t key, + gnutls_datum_t * m, gnutls_datum_t * e, + unsigned flags); + #define gnutls_pubkey_get_pk_dsa_raw gnutls_pubkey_export_dsa_raw int gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, gnutls_datum_t * y); +int gnutls_pubkey_export_dsa_raw2(gnutls_pubkey_t key, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y, + unsigned flags); + +int gnutls_pubkey_export_ecc_raw2(gnutls_pubkey_t key, + gnutls_ecc_curve_t * curve, + gnutls_datum_t * x, gnutls_datum_t * y, + unsigned flags); + #define gnutls_pubkey_get_pk_ecc_raw gnutls_pubkey_export_ecc_raw int gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_curve_t * curve, @@ -441,18 +466,39 @@ gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, gnutls_datum_t * e2); int +gnutls_privkey_export_rsa_raw2(gnutls_privkey_t key, + gnutls_datum_t * m, gnutls_datum_t * e, + gnutls_datum_t * d, gnutls_datum_t * p, + gnutls_datum_t * q, gnutls_datum_t * u, + gnutls_datum_t * e1, + gnutls_datum_t * e2, unsigned flags); + +int gnutls_privkey_export_dsa_raw(gnutls_privkey_t key, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, gnutls_datum_t * y, gnutls_datum_t * x); int +gnutls_privkey_export_dsa_raw2(gnutls_privkey_t key, + gnutls_datum_t * p, gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y, + gnutls_datum_t * x, unsigned flags); + +int gnutls_privkey_export_ecc_raw(gnutls_privkey_t key, gnutls_ecc_curve_t * curve, gnutls_datum_t * x, gnutls_datum_t * y, gnutls_datum_t * k); +int +gnutls_privkey_export_ecc_raw2(gnutls_privkey_t key, + gnutls_ecc_curve_t * curve, + gnutls_datum_t * x, + gnutls_datum_t * y, + gnutls_datum_t * k, + unsigned flags); int gnutls_x509_crt_privkey_sign(gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, diff --git a/lib/libgnutls.map b/lib/libgnutls.map index d32f482e95..609410cf41 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -1133,6 +1133,12 @@ GNUTLS_3_4 gnutls_x509_crq_get_dn3; gnutls_utf8_password_normalize; gnutls_idna_map; + gnutls_pubkey_export_rsa_raw2; + gnutls_pubkey_export_dsa_raw2; + gnutls_pubkey_export_ecc_raw2; + gnutls_privkey_export_rsa_raw2; + gnutls_privkey_export_dsa_raw2; + gnutls_privkey_export_ecc_raw2; gnutls_idna_reverse_map; gnutls_x509_crt_set_flags; gnutls_x509_crt_check_ip; @@ -87,6 +87,8 @@ int _gnutls_mpi_dprint(const bigint_t a, gnutls_datum_t * dest); int _gnutls_mpi_dprint_size(const bigint_t a, gnutls_datum_t * dest, size_t size); +typedef int (*mpi_dprint_func)(const bigint_t a, gnutls_datum_t * dest); + #define _gnutls_mpi_generate_group( gg, bits) _gnutls_mpi_ops.bigint_generate_group( gg, bits) #endif @@ -607,9 +607,14 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, gnutls_datum_t * d, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u, gnutls_datum_t * e1, - gnutls_datum_t * e2) + gnutls_datum_t * e2, + unsigned int flags) { int ret; + mpi_dprint_func dprint = _gnutls_mpi_dprint_lz; + + if (flags & GNUTLS_EXPORT_FLAG_NO_LZ) + dprint = _gnutls_mpi_dprint; if (params == NULL) { gnutls_assert(); @@ -622,7 +627,7 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, } if (m) { - ret = _gnutls_mpi_dprint_lz(params->params[0], m); + ret = dprint(params->params[0], m); if (ret < 0) { gnutls_assert(); goto error; @@ -631,7 +636,7 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, /* E */ if (e) { - ret = _gnutls_mpi_dprint_lz(params->params[1], e); + ret = dprint(params->params[1], e); if (ret < 0) { gnutls_assert(); goto error; @@ -640,7 +645,7 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, /* D */ if (d && params->params[2]) { - ret = _gnutls_mpi_dprint_lz(params->params[2], d); + ret = dprint(params->params[2], d); if (ret < 0) { gnutls_assert(); goto error; @@ -652,7 +657,7 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, /* P */ if (p && params->params[3]) { - ret = _gnutls_mpi_dprint_lz(params->params[3], p); + ret = dprint(params->params[3], p); if (ret < 0) { gnutls_assert(); goto error; @@ -664,7 +669,7 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, /* Q */ if (q && params->params[4]) { - ret = _gnutls_mpi_dprint_lz(params->params[4], q); + ret = dprint(params->params[4], q); if (ret < 0) { gnutls_assert(); goto error; @@ -676,7 +681,7 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, /* U */ if (u && params->params[5]) { - ret = _gnutls_mpi_dprint_lz(params->params[5], u); + ret = dprint(params->params[5], u); if (ret < 0) { gnutls_assert(); goto error; @@ -688,7 +693,7 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, /* E1 */ if (e1 && params->params[6]) { - ret = _gnutls_mpi_dprint_lz(params->params[6], e1); + ret = dprint(params->params[6], e1); if (ret < 0) { gnutls_assert(); goto error; @@ -700,7 +705,7 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, /* E2 */ if (e2 && params->params[7]) { - ret = _gnutls_mpi_dprint_lz(params->params[7], e2); + ret = dprint(params->params[7], e2); if (ret < 0) { gnutls_assert(); goto error; @@ -728,9 +733,13 @@ int _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, gnutls_datum_t * y, - gnutls_datum_t * x) + gnutls_datum_t * x, unsigned int flags) { int ret; + mpi_dprint_func dprint = _gnutls_mpi_dprint_lz; + + if (flags & GNUTLS_EXPORT_FLAG_NO_LZ) + dprint = _gnutls_mpi_dprint; if (params == NULL) { gnutls_assert(); @@ -744,7 +753,7 @@ _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params, /* P */ if (p) { - ret = _gnutls_mpi_dprint_lz(params->params[0], p); + ret = dprint(params->params[0], p); if (ret < 0) { gnutls_assert(); return ret; @@ -753,7 +762,7 @@ _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params, /* Q */ if (q) { - ret = _gnutls_mpi_dprint_lz(params->params[1], q); + ret = dprint(params->params[1], q); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(p); @@ -764,7 +773,7 @@ _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params, /* G */ if (g) { - ret = _gnutls_mpi_dprint_lz(params->params[2], g); + ret = dprint(params->params[2], g); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(p); @@ -776,7 +785,7 @@ _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params, /* Y */ if (y) { - ret = _gnutls_mpi_dprint_lz(params->params[3], y); + ret = dprint(params->params[3], y); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(p); @@ -788,7 +797,7 @@ _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params, /* X */ if (x) { - ret = _gnutls_mpi_dprint_lz(params->params[4], x); + ret = dprint(params->params[4], x); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(y); @@ -806,9 +815,14 @@ int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params, gnutls_ecc_curve_t * curve, gnutls_datum_t * x, gnutls_datum_t * y, - gnutls_datum_t * k) + gnutls_datum_t * k, + unsigned int flags) { int ret; + mpi_dprint_func dprint = _gnutls_mpi_dprint_lz; + + if (flags & GNUTLS_EXPORT_FLAG_NO_LZ) + dprint = _gnutls_mpi_dprint; if (params == NULL) { gnutls_assert(); @@ -820,7 +834,7 @@ int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params, /* X */ if (x) { - ret = _gnutls_mpi_dprint_lz(params->params[ECC_X], x); + ret = dprint(params->params[ECC_X], x); if (ret < 0) { gnutls_assert(); return ret; @@ -829,7 +843,7 @@ int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params, /* Y */ if (y) { - ret = _gnutls_mpi_dprint_lz(params->params[ECC_Y], y); + ret = dprint(params->params[ECC_Y], y); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(x); @@ -840,7 +854,7 @@ int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params, /* K */ if (k) { - ret = _gnutls_mpi_dprint_lz(params->params[ECC_K], k); + ret = dprint(params->params[ECC_K], k); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(x); @@ -81,19 +81,21 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params, gnutls_datum_t * d, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u, gnutls_datum_t * e1, - gnutls_datum_t * e2); + gnutls_datum_t * e2, + unsigned int flags); int _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, gnutls_datum_t * y, - gnutls_datum_t * x); + gnutls_datum_t * x, unsigned int flags); int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params, gnutls_ecc_curve_t * curve, gnutls_datum_t * x, gnutls_datum_t * y, - gnutls_datum_t * k); + gnutls_datum_t * k, + unsigned int flags); int pk_prepare_hash(gnutls_pk_algorithm_t pk, const mac_entry_st * hash, gnutls_datum_t * output); diff --git a/lib/privkey_raw.c b/lib/privkey_raw.c index 49f2f3cf16..6c723ff8b5 100644 --- a/lib/privkey_raw.c +++ b/lib/privkey_raw.c @@ -62,6 +62,39 @@ gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, gnutls_datum_t * e1, gnutls_datum_t * e2) { + return gnutls_privkey_export_rsa_raw2(key, m, e, d, p, q, u, e1, e2, 0); +} + +/** + * gnutls_privkey_export_rsa_raw2: + * @key: Holds the certificate + * @m: will hold the modulus + * @e: will hold the public exponent + * @d: will hold the private exponent + * @p: will hold the first prime (p) + * @q: will hold the second prime (q) + * @u: will hold the coefficient + * @e1: will hold e1 = d mod (p-1) + * @e2: will hold e2 = d mod (q-1) + * @flags: flags from %gnutls_abstract_export_flags_t + * + * This function will export the RSA private key's parameters found + * in the given structure. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. + * + * Since: 3.6.0 + **/ +int +gnutls_privkey_export_rsa_raw2(gnutls_privkey_t key, + gnutls_datum_t * m, gnutls_datum_t * e, + gnutls_datum_t * d, gnutls_datum_t * p, + gnutls_datum_t * q, gnutls_datum_t * u, + gnutls_datum_t * e1, + gnutls_datum_t * e2, + unsigned int flags) +{ gnutls_pk_params_st params; int ret; @@ -76,7 +109,7 @@ int ret; if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_params_get_rsa_raw(¶ms, m, e, d, p, q, u, e1, e2); + ret = _gnutls_params_get_rsa_raw(¶ms, m, e, d, p, q, u, e1, e2, flags); gnutls_pk_params_release(¶ms); @@ -106,6 +139,33 @@ gnutls_privkey_export_dsa_raw(gnutls_privkey_t key, gnutls_datum_t * g, gnutls_datum_t * y, gnutls_datum_t * x) { + return gnutls_privkey_export_dsa_raw2(key, p, q, g, y, x, 0); +} + +/** + * gnutls_privkey_export_dsa_raw2: + * @key: Holds the public key + * @p: will hold the p + * @q: will hold the q + * @g: will hold the g + * @y: will hold the y + * @x: will hold the x + * @flags: flags from %gnutls_abstract_export_flags_t + * + * This function will export the DSA private key's parameters found + * in the given structure. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. + * + * Since: 3.6.0 + **/ +int +gnutls_privkey_export_dsa_raw2(gnutls_privkey_t key, + gnutls_datum_t * p, gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y, + gnutls_datum_t * x, unsigned int flags) +{ gnutls_pk_params_st params; int ret; @@ -120,7 +180,7 @@ int ret; if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_params_get_dsa_raw(¶ms, p, q, g, y, x); + ret = _gnutls_params_get_dsa_raw(¶ms, p, q, g, y, x, flags); gnutls_pk_params_release(¶ms); @@ -151,6 +211,34 @@ gnutls_privkey_export_ecc_raw(gnutls_privkey_t key, gnutls_datum_t * y, gnutls_datum_t * k) { + return gnutls_privkey_export_ecc_raw2(key, curve, x, y, k, 0); +} + +/** + * gnutls_privkey_export_ecc_raw2: + * @key: Holds the public key + * @curve: will hold the curve + * @x: will hold the x coordinate + * @y: will hold the y coordinate + * @k: will hold the private key + * @flags: flags from %gnutls_abstract_export_flags_t + * + * This function will export the ECC private key's parameters found + * in the given structure. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. + * + * Since: 3.6.0 + **/ +int +gnutls_privkey_export_ecc_raw2(gnutls_privkey_t key, + gnutls_ecc_curve_t * curve, + gnutls_datum_t * x, + gnutls_datum_t * y, + gnutls_datum_t * k, + unsigned int flags) +{ gnutls_pk_params_st params; int ret; @@ -165,7 +253,7 @@ int ret; if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_params_get_ecc_raw(¶ms, curve, x, y, k); + ret = _gnutls_params_get_ecc_raw(¶ms, curve, x, y, k, flags); gnutls_pk_params_release(¶ms); diff --git a/lib/pubkey.c b/lib/pubkey.c index ab211e4cb0..2f5ab5dc3a 100644 --- a/lib/pubkey.c +++ b/lib/pubkey.c @@ -815,10 +815,11 @@ gnutls_pubkey_get_key_id(gnutls_pubkey_t key, unsigned int flags, } /** - * gnutls_pubkey_export_rsa_raw: + * gnutls_pubkey_export_rsa_raw2: * @key: Holds the certificate * @m: will hold the modulus (may be %NULL) * @e: will hold the public exponent (may be %NULL) + * @flags: flags from %gnutls_abstract_export_flags_t * * This function will export the RSA public key's parameters found in * the given structure. The new parameters will be allocated using @@ -828,13 +829,18 @@ gnutls_pubkey_get_key_id(gnutls_pubkey_t key, unsigned int flags, * * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. * - * Since: 3.3.0 + * Since: 3.6.0 **/ int -gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key, - gnutls_datum_t * m, gnutls_datum_t * e) +gnutls_pubkey_export_rsa_raw2(gnutls_pubkey_t key, + gnutls_datum_t * m, gnutls_datum_t * e, + unsigned flags) { int ret; + mpi_dprint_func dprint = _gnutls_mpi_dprint_lz; + + if (flags & GNUTLS_EXPORT_FLAG_NO_LZ) + dprint = _gnutls_mpi_dprint; if (key == NULL) { gnutls_assert(); @@ -847,7 +853,7 @@ gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key, } if (m) { - ret = _gnutls_mpi_dprint_lz(key->params.params[0], m); + ret = dprint(key->params.params[0], m); if (ret < 0) { gnutls_assert(); return ret; @@ -855,7 +861,7 @@ gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key, } if (e) { - ret = _gnutls_mpi_dprint_lz(key->params.params[1], e); + ret = dprint(key->params.params[1], e); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(m); @@ -866,6 +872,29 @@ gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key, return 0; } +/** + * gnutls_pubkey_export_rsa_raw: + * @key: Holds the certificate + * @m: will hold the modulus (may be %NULL) + * @e: will hold the public exponent (may be %NULL) + * + * This function will export the RSA public key's parameters found in + * the given structure. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * This function allows for %NULL parameters since 3.4.1. + * + * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. + * + * Since: 3.3.0 + **/ +int +gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key, + gnutls_datum_t * m, gnutls_datum_t * e) +{ + return gnutls_pubkey_export_rsa_raw2(key, m, e, 0); +} + /** * gnutls_pubkey_export_dsa_raw: @@ -890,7 +919,39 @@ gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, gnutls_datum_t * y) { + return gnutls_pubkey_export_dsa_raw2(key, p, q, g, y, 0); +} + +/** + * gnutls_pubkey_export_dsa_raw2: + * @key: Holds the public key + * @p: will hold the p (may be %NULL) + * @q: will hold the q (may be %NULL) + * @g: will hold the g (may be %NULL) + * @y: will hold the y (may be %NULL) + * @flags: flags from %gnutls_abstract_export_flags_t + * + * This function will export the DSA public key's parameters found in + * the given certificate. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * This function allows for %NULL parameters since 3.4.1. + * + * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. + * + * Since: 3.6.0 + **/ +int +gnutls_pubkey_export_dsa_raw2(gnutls_pubkey_t key, + gnutls_datum_t * p, gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y, + unsigned flags) +{ int ret; + mpi_dprint_func dprint = _gnutls_mpi_dprint_lz; + + if (flags & GNUTLS_EXPORT_FLAG_NO_LZ) + dprint = _gnutls_mpi_dprint; if (key == NULL) { gnutls_assert(); @@ -904,7 +965,7 @@ gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key, /* P */ if (p) { - ret = _gnutls_mpi_dprint_lz(key->params.params[0], p); + ret = dprint(key->params.params[0], p); if (ret < 0) { gnutls_assert(); return ret; @@ -913,7 +974,7 @@ gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key, /* Q */ if (q) { - ret = _gnutls_mpi_dprint_lz(key->params.params[1], q); + ret = dprint(key->params.params[1], q); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(p); @@ -923,7 +984,7 @@ gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key, /* G */ if (g) { - ret = _gnutls_mpi_dprint_lz(key->params.params[2], g); + ret = dprint(key->params.params[2], g); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(p); @@ -934,7 +995,7 @@ gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key, /* Y */ if (y) { - ret = _gnutls_mpi_dprint_lz(key->params.params[3], y); + ret = dprint(key->params.params[3], y); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(p); @@ -969,7 +1030,38 @@ gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_curve_t * curve, gnutls_datum_t * x, gnutls_datum_t * y) { + return gnutls_pubkey_export_ecc_raw2(key, curve, x, y, 0); +} + +/** + * gnutls_pubkey_export_ecc_raw2: + * @key: Holds the public key + * @curve: will hold the curve (may be %NULL) + * @x: will hold x (may be %NULL) + * @y: will hold y (may be %NULL) + * @flags: flags from %gnutls_abstract_export_flags_t + * + * This function will export the ECC public key's parameters found in + * the given key. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * This function allows for %NULL parameters since 3.4.1. + * + * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. + * + * Since: 3.6.0 + **/ +int +gnutls_pubkey_export_ecc_raw2(gnutls_pubkey_t key, + gnutls_ecc_curve_t * curve, + gnutls_datum_t * x, gnutls_datum_t * y, + unsigned int flags) +{ int ret; + mpi_dprint_func dprint = _gnutls_mpi_dprint_lz; + + if (flags & GNUTLS_EXPORT_FLAG_NO_LZ) + dprint = _gnutls_mpi_dprint; if (key == NULL) { gnutls_assert(); @@ -986,7 +1078,7 @@ gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key, /* X */ if (x) { - ret = _gnutls_mpi_dprint_lz(key->params.params[ECC_X], x); + ret = dprint(key->params.params[ECC_X], x); if (ret < 0) { gnutls_assert(); return ret; @@ -995,7 +1087,7 @@ gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key, /* Y */ if (y) { - ret = _gnutls_mpi_dprint_lz(key->params.params[ECC_Y], y); + ret = dprint(key->params.params[ECC_Y], y); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(x); diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index 98c977e76c..4aeab9df62 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -1405,7 +1405,7 @@ int gnutls_x509_privkey_export_ecc_raw(gnutls_x509_privkey_t key, return GNUTLS_E_INVALID_REQUEST; } - return _gnutls_params_get_ecc_raw(&key->params, curve, x, y, k); + return _gnutls_params_get_ecc_raw(&key->params, curve, x, y, k, 0); } /** @@ -1431,7 +1431,7 @@ gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey_t key, gnutls_datum_t * d, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u) { - return _gnutls_params_get_rsa_raw(&key->params, m, e, d, p, q, u, NULL, NULL); + return _gnutls_params_get_rsa_raw(&key->params, m, e, d, p, q, u, NULL, NULL, 0); } /** @@ -1463,7 +1463,7 @@ gnutls_x509_privkey_export_rsa_raw2(gnutls_x509_privkey_t key, gnutls_datum_t * e1, gnutls_datum_t * e2) { - return _gnutls_params_get_rsa_raw(&key->params, m, e, d, p, q, u, e1, e2); + return _gnutls_params_get_rsa_raw(&key->params, m, e, d, p, q, u, e1, e2, 0); } /** @@ -1488,7 +1488,7 @@ gnutls_x509_privkey_export_dsa_raw(gnutls_x509_privkey_t key, gnutls_datum_t * g, gnutls_datum_t * y, gnutls_datum_t * x) { - return _gnutls_params_get_dsa_raw(&key->params, p, q, g, y, x); + return _gnutls_params_get_dsa_raw(&key->params, p, q, g, y, x, 0); } /** |