diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-05-22 22:15:42 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-05-22 22:15:42 +0200 |
commit | a98376b6f135026e8dbf8d55c49d098738680221 (patch) | |
tree | bec23c241d18b8fcf1fb1082344b63093bf5fc98 | |
parent | 4a03cf1e69fb80859705a3652ddfe9646f00a58f (diff) | |
download | gnutls-a98376b6f135026e8dbf8d55c49d098738680221.tar.gz |
Added gnutls_x509_privkey_import_ecc_raw() and gnutls_x509_privkey_export_ecc_raw().
-rw-r--r-- | lib/algorithms/ecc.c | 8 | ||||
-rw-r--r-- | lib/gnutls_ecc.c | 1 | ||||
-rw-r--r-- | lib/includes/gnutls/abstract.h | 7 | ||||
-rw-r--r-- | lib/includes/gnutls/x509.h | 11 | ||||
-rw-r--r-- | lib/libgnutls.map | 2 | ||||
-rw-r--r-- | lib/x509/privkey.c | 132 |
6 files changed, 156 insertions, 5 deletions
diff --git a/lib/algorithms/ecc.c b/lib/algorithms/ecc.c index 50772f9993..53a89209f3 100644 --- a/lib/algorithms/ecc.c +++ b/lib/algorithms/ecc.c @@ -189,9 +189,11 @@ _gnutls_ecc_bits_to_curve (int bits) gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_SECP224R1; GNUTLS_ECC_CURVE_LOOP ( - if (8*p->size > bits) - break; - ret = p->id; + if (8*p->size >= bits) + { + ret = p->id; + break; + } ); return ret; diff --git a/lib/gnutls_ecc.c b/lib/gnutls_ecc.c index 60f1c8eae4..b5d7138af5 100644 --- a/lib/gnutls_ecc.c +++ b/lib/gnutls_ecc.c @@ -196,7 +196,6 @@ int ret; } params->params_nr++; - return 0; cleanup: diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h index ba097b0b69..eec013cffc 100644 --- a/lib/includes/gnutls/abstract.h +++ b/lib/includes/gnutls/abstract.h @@ -102,6 +102,13 @@ int gnutls_privkey_init (gnutls_privkey_t * key); void gnutls_privkey_deinit (gnutls_privkey_t key); int gnutls_privkey_get_pk_algorithm (gnutls_privkey_t key, unsigned int *bits); +int gnutls_privkey_get_dsa_raw (gnutls_x509_privkey_t key, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, + gnutls_datum_t * y, + gnutls_datum_t * x); + int gnutls_privkey_get_preferred_hash_algorithm (gnutls_privkey_t key, diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 6ddd85c836..0ee291811c 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -662,6 +662,12 @@ extern "C" const gnutls_datum_t * u, const gnutls_datum_t * e1, const gnutls_datum_t * e2); + int gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key, + gnutls_ecc_curve_t curve, + const gnutls_datum_t * x, + const gnutls_datum_t * y, + const gnutls_datum_t * k); + int gnutls_x509_privkey_fix (gnutls_x509_privkey_t key); int gnutls_x509_privkey_export_dsa_raw (gnutls_x509_privkey_t key, @@ -713,7 +719,10 @@ extern "C" gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u); - + int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key, + gnutls_ecc_curve_t *curve, + gnutls_datum_t * x, gnutls_datum_t * y, + gnutls_datum_t* k); /* Certificate request stuff. */ diff --git a/lib/libgnutls.map b/lib/libgnutls.map index a26bb5b73f..96c2e93c4e 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -716,6 +716,8 @@ GNUTLS_3_0_0 { gnutls_ecc_curve_get_name; gnutls_ecc_curve_get_size; gnutls_pubkey_get_pk_ecc_raw; + gnutls_x509_privkey_export_ecc_raw; + gnutls_x509_privkey_import_ecc_raw; } GNUTLS_2_12; GNUTLS_PRIVATE { diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index d4cccdd34c..08d89b5621 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -836,6 +836,76 @@ cleanup: } +/** + * gnutls_x509_privkey_import_ecc_raw: + * @key: The structure to store the parsed key + * @curve: holds the curve + * @x: holds the x + * @y: holds the y + * @k: holds the k + * + * This function will convert the given DSA raw parameters to the + * native #gnutls_x509_privkey_t format. The output will be stored + * in @key. + * + * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a + * negative error value. + **/ +int +gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key, + gnutls_ecc_curve_t curve, + const gnutls_datum_t * x, + const gnutls_datum_t * y, + const gnutls_datum_t * k) +{ + int ret; + + if (key == NULL) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + + key->params.flags = curve; + + ret = _gnutls_ecc_curve_fill_params(curve, &key->params); + if (ret < 0) + return gnutls_assert_val(ret); + + if (_gnutls_mpi_scan_nz (&key->params.params[5], x->data, x->size)) + { + gnutls_assert (); + ret = GNUTLS_E_MPI_SCAN_FAILED; + goto cleanup; + } + key->params.params_nr++; + + if (_gnutls_mpi_scan_nz (&key->params.params[6], y->data, y->size)) + { + gnutls_assert (); + ret = GNUTLS_E_MPI_SCAN_FAILED; + goto cleanup; + } + key->params.params_nr++; + + if (_gnutls_mpi_scan_nz (&key->params.params[7], k->data, k->size)) + { + gnutls_assert (); + ret = GNUTLS_E_MPI_SCAN_FAILED; + goto cleanup; + } + key->params.params_nr++; + + key->pk_algorithm = GNUTLS_PK_ECC; + + return 0; + +cleanup: + gnutls_pk_params_release(&key->params); + return ret; + +} + /** * gnutls_x509_privkey_get_pk_algorithm: @@ -941,6 +1011,68 @@ gnutls_x509_privkey_sec_param (gnutls_x509_privkey_t key) } /** + * gnutls_x509_privkey_export_ecc_raw: + * @key: a structure that holds the rsa parameters + * @curve: will hold the curve + * @x: will hold the x coordinate + * @y: will hold the y coordinate + * @k: will hold the private key + * + * This function will export the ECC private key's parameters found + * in the given structure. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a + * negative error value. + **/ +int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key, + gnutls_ecc_curve_t *curve, + gnutls_datum_t * x, gnutls_datum_t * y, + gnutls_datum_t* k) +{ + int ret; + + if (key == NULL) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + + *curve = key->params.flags; + + /* X */ + ret = _gnutls_mpi_dprint_lz (key->params.params[5], x); + if (ret < 0) + { + gnutls_assert (); + return ret; + } + + /* Y */ + ret = _gnutls_mpi_dprint_lz (key->params.params[6], y); + if (ret < 0) + { + gnutls_assert (); + _gnutls_free_datum (x); + return ret; + } + + + /* K */ + ret = _gnutls_mpi_dprint_lz (key->params.params[7], k); + if (ret < 0) + { + gnutls_assert (); + _gnutls_free_datum (x); + _gnutls_free_datum (y); + return ret; + } + + return 0; + +} + +/** * gnutls_x509_privkey_export_rsa_raw: * @key: a structure that holds the rsa parameters * @m: will hold the modulus |