Added gnutls_x509_privkey_import_ecc_raw() and gnutls_x509_privkey_export_ecc_raw().

6 files changed, 156 insertions, 5 deletions

diff --git a/lib/algorithms/ecc.c b/lib/algorithms/ecc.c
index 50772f9993..53a89209f3 100644
--- a/lib/algorithms/ecc.c
+++ b/lib/algorithms/ecc.c
@@ -189,9 +189,11 @@ _gnutls_ecc_bits_to_curve (int bits)
   gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_SECP224R1;
 
   GNUTLS_ECC_CURVE_LOOP (
-    if (8*p->size > bits)
-      break;
-    ret = p->id;
+    if (8*p->size >= bits)
+      {
+        ret = p->id;
+        break;
+      }
   );
 
   return ret;
diff --git a/lib/gnutls_ecc.c b/lib/gnutls_ecc.c
index 60f1c8eae4..b5d7138af5 100644
--- a/lib/gnutls_ecc.c
+++ b/lib/gnutls_ecc.c
@@ -196,7 +196,6 @@ int ret;
     }
   params->params_nr++;
   
-
   return 0;
 
 cleanup:
diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h
index ba097b0b69..eec013cffc 100644
--- a/lib/includes/gnutls/abstract.h
+++ b/lib/includes/gnutls/abstract.h
@@ -102,6 +102,13 @@ int gnutls_privkey_init (gnutls_privkey_t * key);
 void gnutls_privkey_deinit (gnutls_privkey_t key);
 int gnutls_privkey_get_pk_algorithm (gnutls_privkey_t key,
                                      unsigned int *bits);
+int gnutls_privkey_get_dsa_raw (gnutls_x509_privkey_t key,
+                                          gnutls_datum_t * p,
+                                          gnutls_datum_t * q,
+                                          gnutls_datum_t * g,
+                                          gnutls_datum_t * y,
+                                          gnutls_datum_t * x);
+
 
 int
 gnutls_privkey_get_preferred_hash_algorithm (gnutls_privkey_t key,
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h
index 6ddd85c836..0ee291811c 100644
--- a/lib/includes/gnutls/x509.h
+++ b/lib/includes/gnutls/x509.h
@@ -662,6 +662,12 @@ extern "C"
                                            const gnutls_datum_t * u,
                                            const gnutls_datum_t * e1,
                                            const gnutls_datum_t * e2);
+  int gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key,
+                                          gnutls_ecc_curve_t curve,
+                                          const gnutls_datum_t * x,
+                                          const gnutls_datum_t * y,
+                                          const gnutls_datum_t * k);
+
   int gnutls_x509_privkey_fix (gnutls_x509_privkey_t key);
 
   int gnutls_x509_privkey_export_dsa_raw (gnutls_x509_privkey_t key,
@@ -713,7 +719,10 @@ extern "C"
                                           gnutls_datum_t * p,
                                           gnutls_datum_t * q,
                                           gnutls_datum_t * u);
-
+  int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key, 
+                                          gnutls_ecc_curve_t *curve,  
+                                          gnutls_datum_t * x, gnutls_datum_t * y,
+                                          gnutls_datum_t* k);
 /* Certificate request stuff.
  */
 
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index a26bb5b73f..96c2e93c4e 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -716,6 +716,8 @@ GNUTLS_3_0_0 {
 	gnutls_ecc_curve_get_name;
 	gnutls_ecc_curve_get_size;
 	gnutls_pubkey_get_pk_ecc_raw;
+	gnutls_x509_privkey_export_ecc_raw;
+	gnutls_x509_privkey_import_ecc_raw;
 } GNUTLS_2_12;
 
 GNUTLS_PRIVATE {
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index d4cccdd34c..08d89b5621 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -836,6 +836,76 @@ cleanup:
 
 }
 
+/**
+ * gnutls_x509_privkey_import_ecc_raw:
+ * @key: The structure to store the parsed key
+ * @curve: holds the curve
+ * @x: holds the x
+ * @y: holds the y
+ * @k: holds the k
+ *
+ * This function will convert the given DSA raw parameters to the
+ * native #gnutls_x509_privkey_t format.  The output will be stored
+ * in @key.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
+ *   negative error value.
+ **/
+int
+gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key,
+                                    gnutls_ecc_curve_t curve,
+                                    const gnutls_datum_t * x,
+                                    const gnutls_datum_t * y,
+                                    const gnutls_datum_t * k)
+{
+  int ret;
+
+  if (key == NULL)
+    {
+      gnutls_assert ();
+      return GNUTLS_E_INVALID_REQUEST;
+    }
+
+  key->params.flags = curve;
+
+  ret = _gnutls_ecc_curve_fill_params(curve, &key->params);
+  if (ret < 0)
+    return gnutls_assert_val(ret);
+
+  if (_gnutls_mpi_scan_nz (&key->params.params[5], x->data, x->size))
+    {
+      gnutls_assert ();
+      ret = GNUTLS_E_MPI_SCAN_FAILED;
+      goto cleanup;
+    }
+  key->params.params_nr++;
+
+  if (_gnutls_mpi_scan_nz (&key->params.params[6], y->data, y->size))
+    {
+      gnutls_assert ();
+      ret = GNUTLS_E_MPI_SCAN_FAILED;
+      goto cleanup;
+    }
+  key->params.params_nr++;
+
+  if (_gnutls_mpi_scan_nz (&key->params.params[7], k->data, k->size))
+    {
+      gnutls_assert ();
+      ret = GNUTLS_E_MPI_SCAN_FAILED;
+      goto cleanup;
+    }
+  key->params.params_nr++;
+
+  key->pk_algorithm = GNUTLS_PK_ECC;
+
+  return 0;
+
+cleanup:
+  gnutls_pk_params_release(&key->params);
+  return ret;
+
+}
+
 
 /**
  * gnutls_x509_privkey_get_pk_algorithm:
@@ -941,6 +1011,68 @@ gnutls_x509_privkey_sec_param (gnutls_x509_privkey_t key)
 }
 
 /**
+ * gnutls_x509_privkey_export_ecc_raw:
+ * @key: a structure that holds the rsa parameters
+ * @curve: will hold the curve
+ * @x: will hold the x coordinate
+ * @y: will hold the y coordinate
+ * @k: will hold the private key
+ *
+ * This function will export the ECC private key's parameters found
+ * in the given structure. The new parameters will be allocated using
+ * gnutls_malloc() and will be stored in the appropriate datum.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
+ *   negative error value.
+ **/
+int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key, 
+                                        gnutls_ecc_curve_t *curve,  
+                                        gnutls_datum_t * x, gnutls_datum_t * y,
+                                        gnutls_datum_t* k)
+{
+  int ret;
+
+  if (key == NULL)
+    {
+      gnutls_assert ();
+      return GNUTLS_E_INVALID_REQUEST;
+    }
+
+  *curve = key->params.flags;
+
+  /* X */
+  ret = _gnutls_mpi_dprint_lz (key->params.params[5], x);
+  if (ret < 0)
+    {
+      gnutls_assert ();
+      return ret;
+    }
+
+  /* Y */
+  ret = _gnutls_mpi_dprint_lz (key->params.params[6], y);
+  if (ret < 0)
+    {
+      gnutls_assert ();
+      _gnutls_free_datum (x);
+      return ret;
+    }
+
+
+  /* K */
+  ret = _gnutls_mpi_dprint_lz (key->params.params[7], k);
+  if (ret < 0)
+    {
+      gnutls_assert ();
+      _gnutls_free_datum (x);
+      _gnutls_free_datum (y);
+      return ret;
+    }
+
+  return 0;
+
+}
+
+/**
  * gnutls_x509_privkey_export_rsa_raw:
  * @key: a structure that holds the rsa parameters
  * @m: will hold the modulus