6 files changed, 232 insertions, 196 deletions
diff --git a/lib/auth_rsa_export.c b/lib/auth_rsa_export.c
index 3c49e72170..6445fd844f 100644
--- a/lib/auth_rsa_export.c
+++ b/lib/auth_rsa_export.c
@@ -102,7 +102,7 @@ static int gen_rsa_export_server_kx(gnutls_session session, opaque ** data)
 		return GNUTLS_E_INT_RET_0;
 	}
 
-	rsa_params = _gnutls_get_rsa_params( cred->rsa_params, 512);
+	rsa_params = _gnutls_get_rsa_params( cred->rsa_params);
 	if (rsa_params == NULL) {
 		gnutls_assert();
 		return GNUTLS_E_NO_TEMPORARY_RSA_PARAMS;
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 1d568dcd9b..b82ebd630d 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -620,13 +620,7 @@ typedef struct {
 
 #define gnutls_dh_params _gnutls_dh_params*
 
-
-typedef struct {
-	int bits;
-	MPI params[RSA_PRIVATE_PARAMS];
-} _gnutls_rsa_params;
-
-#define gnutls_rsa_params _gnutls_rsa_params*
+#define gnutls_rsa_params gnutls_x509_privkey
 
 
 /* functions */
diff --git a/lib/gnutls_rsa_export.c b/lib/gnutls_rsa_export.c
index ecf03e6c6e..a5226786d6 100644
--- a/lib/gnutls_rsa_export.c
+++ b/lib/gnutls_rsa_export.c
@@ -1,7 +1,7 @@
 /*
- * Copyright (C) 2002,2003 Nikos Mavroyanopoulos
+ *  Copyright (C) 2002,2003 Nikos Mavroyanopoulos
  *
- * This file is part of GNUTLS.
+ *  This file is part of GNUTLS.
  *
  *  The GNUTLS library is free software; you can redistribute it and/or
  *  modify it under the terms of the GNU Lesser General Public   
@@ -27,6 +27,7 @@
 #include <gnutls_errors.h>
 #include <gnutls_datum.h>
 #include <gnutls_rsa_export.h>
+#include "x509/x509.h"
 #include "debug.h"
 
 /* This function takes a number of bits and returns a supported
@@ -36,27 +37,16 @@
 
 #define MAX_SUPPORTED_BITS 512
 
-static int normalize_bits(int bits)
-{
-	if (bits >= MAX_SUPPORTED_BITS)
-		bits = MAX_SUPPORTED_BITS;
-
-	return bits;
-}
-
-
 /* returns e and m, depends on the requested bits.
  * We only support limited key sizes.
  */
-const GNUTLS_MPI* _gnutls_get_rsa_params(gnutls_rsa_params rsa_params, int bits)
+const GNUTLS_MPI* _gnutls_get_rsa_params(gnutls_rsa_params rsa_params)
 {
 	if (rsa_params == NULL) {
 		gnutls_assert();
 		return NULL;
 	}
 
-	bits = normalize_bits(bits);
-
 	return rsa_params->params;
 
 }
@@ -153,9 +143,6 @@ int _gnutls_rsa_generate_params(GNUTLS_MPI* resarr, int bits)
 
 }
 
-#define FREE_PRIVATE_PARAMS for (i=0;i<RSA_PRIVATE_PARAMS;i++) \
-		_gnutls_mpi_release(&rsa_params->params[i])
-
 
 /**
   * gnutls_rsa_params_import_raw - This function will replace the old RSA parameters
@@ -172,60 +159,12 @@ int _gnutls_rsa_generate_params(GNUTLS_MPI* resarr, int bits)
   * 
   **/
 int gnutls_rsa_params_import_raw(gnutls_rsa_params rsa_params, 
-	gnutls_datum m, gnutls_datum e,
-	gnutls_datum d, gnutls_datum p, gnutls_datum q, gnutls_datum u)
+	const gnutls_datum *m, const gnutls_datum *e,
+	const gnutls_datum *d, const gnutls_datum *p, 
+	const gnutls_datum *q, const gnutls_datum *u)
 {
-	int i = 0;
-	size_t siz = 0;
-
-	for (i=0;i<RSA_PRIVATE_PARAMS;i++) {
-		_gnutls_mpi_release(&rsa_params->params[i]);
-	}
-
-	siz = m.size;
-	if (_gnutls_mpi_scan(&rsa_params->params[0], m.data, &siz)) {
-		gnutls_assert();
-		FREE_PRIVATE_PARAMS;
-		return GNUTLS_E_MPI_SCAN_FAILED;
-	}
-
-	siz = e.size;
-	if (_gnutls_mpi_scan(&rsa_params->params[1], e.data, &siz)) {
-		gnutls_assert();
-		FREE_PRIVATE_PARAMS;
-		return GNUTLS_E_MPI_SCAN_FAILED;
-	}
-
-	siz = d.size;
-	if (_gnutls_mpi_scan(&rsa_params->params[2], d.data, &siz)) {
-		gnutls_assert();
-		FREE_PRIVATE_PARAMS;
-		return GNUTLS_E_MPI_SCAN_FAILED;
-	}
-
-	siz = p.size;
-	if (_gnutls_mpi_scan(&rsa_params->params[3], p.data, &siz)) {
-		gnutls_assert();
-		FREE_PRIVATE_PARAMS;
-		return GNUTLS_E_MPI_SCAN_FAILED;
-	}
-
-	siz = q.size;
-	if (_gnutls_mpi_scan(&rsa_params->params[4], q.data, &siz)) {
-		gnutls_assert();
-		FREE_PRIVATE_PARAMS;
-		return GNUTLS_E_MPI_SCAN_FAILED;
-	}
-
-	siz = u.size;
-	if (_gnutls_mpi_scan(&rsa_params->params[5], u.data, &siz)) {
-		gnutls_assert();
-		FREE_PRIVATE_PARAMS;
-		return GNUTLS_E_MPI_SCAN_FAILED;
-	}
-
-	return 0;
-
+	return gnutls_x509_privkey_import_rsa_raw( rsa_params,
+		m, e, d, p, q, u);
 }
 
 /**
@@ -238,14 +177,7 @@ int gnutls_rsa_params_import_raw(gnutls_rsa_params rsa_params,
 int gnutls_rsa_params_init(gnutls_rsa_params * rsa_params)
 {
 
-	*rsa_params = gnutls_calloc( 1, sizeof(_gnutls_rsa_params));
-	if (*rsa_params==NULL) {
-		gnutls_assert();
-		return GNUTLS_E_MEMORY_ERROR;
-	}
-
-	return 0;
-
+	return gnutls_x509_privkey_init( rsa_params);
 }
 
 /**
@@ -257,16 +189,7 @@ int gnutls_rsa_params_init(gnutls_rsa_params * rsa_params)
   **/
 void gnutls_rsa_params_deinit(gnutls_rsa_params rsa_params)
 {
-int i;
-
-	if (rsa_params == NULL)
-		return;
-
-	for (i=0; i< RSA_PRIVATE_PARAMS;i++)
-		_gnutls_mpi_release( &rsa_params->params[i]);
-
-	gnutls_free(rsa_params);
-
+	gnutls_x509_privkey_deinit(rsa_params);
 }
 
 /**
@@ -286,17 +209,7 @@ int i;
   **/
 int gnutls_rsa_params_generate2(gnutls_rsa_params params, int bits)
 {
-
-	int ret;
-
-	ret = _gnutls_rsa_generate_params( params->params, bits);
-	if (ret < 0) {
-		gnutls_assert();
-		return ret;
-	}
-
-	return 0;
-
+	return gnutls_x509_privkey_generate( params, GNUTLS_PK_RSA, bits, 0);
 }
 
 /**
@@ -320,94 +233,14 @@ int gnutls_rsa_params_export_raw(gnutls_rsa_params params,
 	gnutls_datum *d, gnutls_datum *p, gnutls_datum* q, 
 	gnutls_datum* u, int *bits)
 {
-	size_t siz;
-
-	siz = 0;
-	_gnutls_mpi_print(NULL, &siz, params->params[0]);
-
-	m->data = gnutls_malloc(siz);
-	if (m->data == NULL) {
-		return GNUTLS_E_MEMORY_ERROR;
-	}
-
-	m->size = siz;
-	_gnutls_mpi_print( m->data, &siz, params->params[0]);
+int ret;
 
-	/* E */
-	siz = 0;
-	_gnutls_mpi_print(NULL, &siz, params->params[1]);
-
-	e->data = gnutls_malloc(siz);
-	if (e->data == NULL) {
-		_gnutls_free_datum( m);
-		return GNUTLS_E_MEMORY_ERROR;
-	}
-
-	e->size = siz;
-	_gnutls_mpi_print( e->data, &siz, params->params[1]);
-
-	/* D */
-	siz = 0;
-	_gnutls_mpi_print(NULL, &siz, params->params[2]);
-
-	d->data = gnutls_malloc(siz);
-	if (d->data == NULL) {
-		_gnutls_free_datum( m);
-		_gnutls_free_datum( e);
-		return GNUTLS_E_MEMORY_ERROR;
-	}
-
-	d->size = siz;
-	_gnutls_mpi_print( d->data, &siz, params->params[2]);
-
-	/* P */
-	siz = 0;
-	_gnutls_mpi_print(NULL, &siz, params->params[3]);
-
-	p->data = gnutls_malloc(siz);
-	if (p->data == NULL) {
-		_gnutls_free_datum( m);
-		_gnutls_free_datum( e);
-		_gnutls_free_datum( d);
-		return GNUTLS_E_MEMORY_ERROR;
-	}
-
-	p->size = siz;
-	_gnutls_mpi_print(p->data, &siz, params->params[3]);
-
-	/* Q */
-	siz = 0;
-	_gnutls_mpi_print(NULL, &siz, params->params[4]);
-
-	q->data = gnutls_malloc(siz);
-	if (q->data == NULL) {
-		_gnutls_free_datum( m);
-		_gnutls_free_datum( e);
-		_gnutls_free_datum( d);
-		_gnutls_free_datum( p);
-		return GNUTLS_E_MEMORY_ERROR;
-	}
-
-	q->size = siz;
-	_gnutls_mpi_print(q->data, &siz, params->params[4]);
-
-	/* U */
-	siz = 0;
-	_gnutls_mpi_print(NULL, &siz, params->params[5]);
-
-	u->data = gnutls_malloc(siz);
-	if (u->data == NULL) {
-		_gnutls_free_datum( m);
-		_gnutls_free_datum( e);
-		_gnutls_free_datum( d);
-		_gnutls_free_datum( p);
-		_gnutls_free_datum( q);
-		return GNUTLS_E_MEMORY_ERROR;
+	ret = gnutls_x509_privkey_export_rsa_raw( params, m, e, d, p, q, u);
+	if ( ret < 0) {
+		gnutls_assert();
+		return ret;
 	}
 
-	u->size = siz;
-	_gnutls_mpi_print(u->data, &siz, params->params[5]);
-	
 	if (bits)
 		*bits = _gnutls_mpi_get_nbits(params->params[3]);
 
diff --git a/lib/gnutls_rsa_export.h b/lib/gnutls_rsa_export.h
index 71126d425d..49fec266b9 100644
--- a/lib/gnutls_rsa_export.h
+++ b/lib/gnutls_rsa_export.h
@@ -1,5 +1,5 @@
 /*
- *      Copyright (C) 2000,2002 Nikos Mavroyanopoulos
+ * Copyright (C) 2000,2002,2003 Nikos Mavroyanopoulos
  *
  * This file is part of GNUTLS.
  *
@@ -18,7 +18,7 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
-const GNUTLS_MPI* _gnutls_get_rsa_params(gnutls_rsa_params, int bits);
+const GNUTLS_MPI* _gnutls_get_rsa_params(gnutls_rsa_params);
 int _gnutls_peers_cert_less_512( gnutls_session session);
 int _gnutls_rsa_generate_params(GNUTLS_MPI* resarr, int bits);
 
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index b66d23d4c9..2e6f6880c1 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -31,6 +31,8 @@
 #include <dn.h>
 #include <extensions.h>
 
+static int _encode_rsa( ASN1_TYPE* c2, MPI* params);
+
 /**
   * gnutls_x509_privkey_init - This function initializes a gnutls_crl structure
   * @key: The structure to be initialized
@@ -262,7 +264,7 @@ static ASN1_TYPE decode_dsa_key( const gnutls_datum* raw_key,
   * @data: The DER or PEM encoded certificate.
   * @format: One of DER or PEM
   *
-  * This function will convert the given DER or PEM encoded Certificate
+  * This function will convert the given DER or PEM encoded key
   * to the native gnutls_x509_privkey format. The output will be stored in 'key'.
   *
   * If the Certificate is PEM encoded it should have a header of "X509 CERTIFICATE", or
@@ -353,6 +355,86 @@ int gnutls_x509_privkey_import(gnutls_x509_privkey key, const gnutls_datum * dat
 	return result;
 }
 
+#define FREE_PRIVATE_PARAMS for (i=0;i<RSA_PRIVATE_PARAMS;i++) \
+		_gnutls_mpi_release(&key->params[i])
+
+/**
+  * gnutls_x509_privkey_import_rsa_raw - This function will import a raw RSA key
+  * @key: The structure to store the parsed key
+  * @m: holds the modulus
+  * @e: holds the public exponent
+  * @d: holds the private exponent
+  * @p: holds the first prime (p)
+  * @q: holds the second prime (q)
+  * @u: holds the coefficient
+  *
+  * This function will convert the given RSA raw parameters
+  * to the native gnutls_x509_privkey format. The output will be stored in 'key'.
+  * 
+  **/
+int gnutls_x509_privkey_import_rsa_raw(gnutls_x509_privkey key, 
+	const gnutls_datum* m, const gnutls_datum* e,
+	const gnutls_datum* d, const gnutls_datum* p, 
+	const gnutls_datum* q, const gnutls_datum* u)
+{
+	int i = 0, ret;
+	size_t siz = 0;
+
+	siz = m->size;
+	if (_gnutls_mpi_scan(&key->params[0], m->data, &siz)) {
+		gnutls_assert();
+		FREE_PRIVATE_PARAMS;
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	siz = e->size;
+	if (_gnutls_mpi_scan(&key->params[1], e->data, &siz)) {
+		gnutls_assert();
+		FREE_PRIVATE_PARAMS;
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	siz = d->size;
+	if (_gnutls_mpi_scan(&key->params[2], d->data, &siz)) {
+		gnutls_assert();
+		FREE_PRIVATE_PARAMS;
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	siz = p->size;
+	if (_gnutls_mpi_scan(&key->params[3], p->data, &siz)) {
+		gnutls_assert();
+		FREE_PRIVATE_PARAMS;
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	siz = q->size;
+	if (_gnutls_mpi_scan(&key->params[4], q->data, &siz)) {
+		gnutls_assert();
+		FREE_PRIVATE_PARAMS;
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	siz = u->size;
+	if (_gnutls_mpi_scan(&key->params[5], u->data, &siz)) {
+		gnutls_assert();
+		FREE_PRIVATE_PARAMS;
+		return GNUTLS_E_MPI_SCAN_FAILED;
+	}
+
+	ret = _encode_rsa( &key->key, key->params);
+	if (ret < 0) {
+		gnutls_assert();
+		FREE_PRIVATE_PARAMS;
+		return ret;
+	}
+
+	key->params_size = RSA_PRIVATE_PARAMS;
+	key->pk_algorithm = GNUTLS_PK_RSA;
+
+	return 0;
+
+}
 
 
 /**
@@ -459,6 +541,120 @@ int gnutls_x509_privkey_export( gnutls_x509_privkey key,
 	return 0;
 }
 
+/**
+  * gnutls_x509_privkey_export_rsa_raw - This function will export the RSA private key
+  * @params: a structure that holds the rsa parameters
+  * @m: will hold the modulus
+  * @e: will hold the public exponent
+  * @d: will hold the private exponent
+  * @p: will hold the first prime (p)
+  * @q: will hold the second prime (q)
+  * @u: will hold the coefficient
+  *
+  * This function will export the RSA private key's parameters found in the given
+  * structure. The new parameters will be allocated using
+  * gnutls_malloc() and will be stored in the appropriate datum.
+  * 
+  **/
+int gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey key,
+	gnutls_datum * m, gnutls_datum *e,
+	gnutls_datum *d, gnutls_datum *p, gnutls_datum* q, 
+	gnutls_datum* u)
+{
+	size_t siz;
+
+	siz = 0;
+	_gnutls_mpi_print(NULL, &siz, key->params[0]);
+
+	m->data = gnutls_malloc(siz);
+	if (m->data == NULL) {
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	m->size = siz;
+	_gnutls_mpi_print( m->data, &siz, key->params[0]);
+
+	/* E */
+	siz = 0;
+	_gnutls_mpi_print(NULL, &siz, key->params[1]);
+
+	e->data = gnutls_malloc(siz);
+	if (e->data == NULL) {
+		_gnutls_free_datum( m);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	e->size = siz;
+	_gnutls_mpi_print( e->data, &siz, key->params[1]);
+
+	/* D */
+	siz = 0;
+	_gnutls_mpi_print(NULL, &siz, key->params[2]);
+
+	d->data = gnutls_malloc(siz);
+	if (d->data == NULL) {
+		_gnutls_free_datum( m);
+		_gnutls_free_datum( e);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	d->size = siz;
+	_gnutls_mpi_print( d->data, &siz, key->params[2]);
+
+	/* P */
+	siz = 0;
+	_gnutls_mpi_print(NULL, &siz, key->params[3]);
+
+	p->data = gnutls_malloc(siz);
+	if (p->data == NULL) {
+		_gnutls_free_datum( m);
+		_gnutls_free_datum( e);
+		_gnutls_free_datum( d);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	p->size = siz;
+	_gnutls_mpi_print(p->data, &siz, key->params[3]);
+
+	/* Q */
+	siz = 0;
+	_gnutls_mpi_print(NULL, &siz, key->params[4]);
+
+	q->data = gnutls_malloc(siz);
+	if (q->data == NULL) {
+		_gnutls_free_datum( m);
+		_gnutls_free_datum( e);
+		_gnutls_free_datum( d);
+		_gnutls_free_datum( p);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	q->size = siz;
+	_gnutls_mpi_print(q->data, &siz, key->params[4]);
+
+	/* U */
+	siz = 0;
+	_gnutls_mpi_print(NULL, &siz, key->params[5]);
+
+	u->data = gnutls_malloc(siz);
+	if (u->data == NULL) {
+		_gnutls_free_datum( m);
+		_gnutls_free_datum( e);
+		_gnutls_free_datum( d);
+		_gnutls_free_datum( p);
+		_gnutls_free_datum( q);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	u->size = siz;
+	_gnutls_mpi_print(u->data, &siz, key->params[5]);
+	
+	return 0;
+
+}
+
+/* Encodes the RSA parameters into an ASN.1 RSA private key structure.
+ */
 static int _encode_rsa( ASN1_TYPE* c2, MPI* params)
 {
 	int result, i;
@@ -660,7 +856,7 @@ static int _encode_rsa( ASN1_TYPE* c2, MPI* params)
   * @key: should contain a gnutls_x509_privkey structure
   * @algo: is one of RSA or DSA.
   * @bits: the size of the modulus
-  * @flags: unused for now
+  * @flags: unused for now. Must be 0.
   *
   * This function will generate a random private key. Note that
   * this function must be called on an empty private key.
diff --git a/lib/x509/x509.h b/lib/x509/x509.h
index 2aa3601355..4a2fc7818f 100644
--- a/lib/x509/x509.h
+++ b/lib/x509/x509.h
@@ -110,8 +110,21 @@ int gnutls_x509_crt_get_version(gnutls_x509_crt cert);
 
 int gnutls_x509_privkey_init(gnutls_x509_privkey * key);
 void gnutls_x509_privkey_deinit(gnutls_x509_privkey key);
+
+int gnutls_x509_privkey_generate( gnutls_x509_privkey key, gnutls_pk_algorithm algo,
+	int bits, unsigned int flags);
+
 int gnutls_x509_privkey_import(gnutls_x509_privkey key, const gnutls_datum * data,
 	gnutls_x509_crt_fmt format);
 int gnutls_x509_privkey_get_pk_algorithm( gnutls_x509_privkey key);
+int gnutls_x509_privkey_import_rsa_raw(gnutls_x509_privkey key, 
+	const gnutls_datum* m, const gnutls_datum* e,
+	const gnutls_datum* d, const gnutls_datum* p, 
+	const gnutls_datum* q, const gnutls_datum* u);
+int gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey key,
+	gnutls_datum * m, gnutls_datum *e,
+	gnutls_datum *d, gnutls_datum *p, gnutls_datum* q, 
+	gnutls_datum* u);
+
 
 #endif