search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
handle visiblestring.
[gnutls.git] / lib / x509 / privkey.c
blob5e95bb4734f729e31e8c18a322e780cffb157923
1 /*
2 * Copyright (C) 2003-2012 Free Software Foundation, Inc.
3 *
4 * Author: Nikos Mavrogiannopoulos
5 *
6 * This file is part of GnuTLS.
7 *
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
20 *
21 */
22
23 #include <gnutls_int.h>
24 #include <gnutls_datum.h>
25 #include <gnutls_global.h>
26 #include <gnutls_errors.h>
27 #include <gnutls_rsa_export.h>
28 #include <gnutls_sig.h>
29 #include <common.h>
30 #include <gnutls_x509.h>
31 #include <x509_b64.h>
32 #include <x509_int.h>
33 #include <gnutls_pk.h>
34 #include <gnutls_mpi.h>
35 #include <gnutls_ecc.h>
36
37 /**
38 * gnutls_x509_privkey_init:
39 * @key: The structure to be initialized
40 *
41 * This function will initialize an private key structure.
42 *
43 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
44 * negative error value.
45 **/
46 int
47 gnutls_x509_privkey_init (gnutls_x509_privkey_t * key)
48 {
49 *key = gnutls_calloc (1, sizeof (gnutls_x509_privkey_int));
50
51 if (*key)
52 {
53 (*key)->key = ASN1_TYPE_EMPTY;
54 (*key)->pk_algorithm = GNUTLS_PK_UNKNOWN;
55 return 0; /* success */
56 }
57
58 return GNUTLS_E_MEMORY_ERROR;
59 }
60
61 /**
62 * gnutls_x509_privkey_deinit:
63 * @key: The structure to be deinitialized
64 *
65 * This function will deinitialize a private key structure.
66 **/
67 void
68 gnutls_x509_privkey_deinit (gnutls_x509_privkey_t key)
69 {
70 if (!key)
71 return;
72
73 gnutls_pk_params_release(&key->params);
74 asn1_delete_structure (&key->key);
75 gnutls_free (key);
76 }
77
78 /**
79 * gnutls_x509_privkey_cpy:
80 * @dst: The destination key, which should be initialized.
81 * @src: The source key
82 *
83 * This function will copy a private key from source to destination
84 * key. Destination has to be initialized.
85 *
86 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
87 * negative error value.
88 **/
89 int
90 gnutls_x509_privkey_cpy (gnutls_x509_privkey_t dst, gnutls_x509_privkey_t src)
91 {
92 unsigned int i;
93 int ret;
94
95 if (!src || !dst)
96 return GNUTLS_E_INVALID_REQUEST;
97
98 for (i = 0; i < src->params.params_nr; i++)
99 {
100 dst->params.params[i] = _gnutls_mpi_copy (src->params.params[i]);
101 if (dst->params.params[i] == NULL)
102 return GNUTLS_E_MEMORY_ERROR;
103 }
104
105 dst->params.params_nr = src->params.params_nr;
106 dst->params.flags = src->params.flags;
107
108 dst->pk_algorithm = src->pk_algorithm;
109
110 ret = _gnutls_asn1_encode_privkey (dst->pk_algorithm, &dst->key, &dst->params);
111 if (ret < 0)
112 {
113 gnutls_assert ();
114 return ret;
115 }
116
117 return 0;
118 }
119
120 /* Converts an RSA PKCS#1 key to
121 * an internal structure (gnutls_private_key)
122 */
123 ASN1_TYPE
124 _gnutls_privkey_decode_pkcs1_rsa_key (const gnutls_datum_t * raw_key,
125 gnutls_x509_privkey_t pkey)
126 {
127 int result;
128 ASN1_TYPE pkey_asn;
129
130 gnutls_pk_params_init(&pkey->params);
131
132 if ((result =
133 asn1_create_element (_gnutls_get_gnutls_asn (),
134 "GNUTLS.RSAPrivateKey",
135 &pkey_asn)) != ASN1_SUCCESS)
136 {
137 gnutls_assert ();
138 return NULL;
139 }
140
141 result = asn1_der_decoding (&pkey_asn, raw_key->data, raw_key->size, NULL);
142 if (result != ASN1_SUCCESS)
143 {
144 gnutls_assert ();
145 goto error;
146 }
147
148 if ((result = _gnutls_x509_read_int (pkey_asn, "modulus",
149 &pkey->params.params[0])) < 0)
150 {
151 gnutls_assert ();
152 goto error;
153 }
154 pkey->params.params_nr++;
155
156 if ((result =
157 _gnutls_x509_read_int (pkey_asn, "publicExponent",
158 &pkey->params.params[1])) < 0)
159 {
160 gnutls_assert ();
161 goto error;
162 }
163 pkey->params.params_nr++;
164
165 if ((result =
166 _gnutls_x509_read_int (pkey_asn, "privateExponent",
167 &pkey->params.params[2])) < 0)
168 {
169 gnutls_assert ();
170 goto error;
171 }
172 pkey->params.params_nr++;
173
174 if ((result = _gnutls_x509_read_int (pkey_asn, "prime1",
175 &pkey->params.params[3])) < 0)
176 {
177 gnutls_assert ();
178 goto error;
179 }
180 pkey->params.params_nr++;
181
182 if ((result = _gnutls_x509_read_int (pkey_asn, "prime2",
183 &pkey->params.params[4])) < 0)
184 {
185 gnutls_assert ();
186 goto error;
187 }
188 pkey->params.params_nr++;
189
190 if ((result = _gnutls_x509_read_int (pkey_asn, "coefficient",
191 &pkey->params.params[5])) < 0)
192 {
193 gnutls_assert ();
194 goto error;
195 }
196 pkey->params.params_nr++;
197
198 if ((result = _gnutls_x509_read_int (pkey_asn, "exponent1",
199 &pkey->params.params[6])) < 0)
200 {
201 gnutls_assert ();
202 goto error;
203 }
204 pkey->params.params_nr++;
205
206 if ((result = _gnutls_x509_read_int (pkey_asn, "exponent2",
207 &pkey->params.params[7])) < 0)
208 {
209 gnutls_assert ();
210 goto error;
211 }
212 pkey->params.params_nr++;
213
214 result = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_IMPORT, &pkey->params);
215 if (result < 0)
216 {
217 gnutls_assert ();
218 goto error;
219 }
220
221 pkey->params.params_nr = RSA_PRIVATE_PARAMS;
222
223 return pkey_asn;
224
225 error:
226 asn1_delete_structure (&pkey_asn);
227 gnutls_pk_params_release (&pkey->params);
228 return NULL;
229
230 }
231
232 /* Converts an ECC key to
233 * an internal structure (gnutls_private_key)
234 */
235 ASN1_TYPE
236 _gnutls_privkey_decode_ecc_key (const gnutls_datum_t * raw_key,
237 gnutls_x509_privkey_t pkey)
238 {
239 int ret;
240 ASN1_TYPE pkey_asn;
241 unsigned int version;
242 char oid[MAX_OID_SIZE];
243 int oid_size;
244 gnutls_datum out;
245
246 gnutls_pk_params_init(&pkey->params);
247
248 if ((ret =
249 asn1_create_element (_gnutls_get_gnutls_asn (),
250 "GNUTLS.ECPrivateKey",
251 &pkey_asn)) != ASN1_SUCCESS)
252 {
253 gnutls_assert ();
254 return NULL;
255 }
256
257 ret = asn1_der_decoding (&pkey_asn, raw_key->data, raw_key->size, NULL);
258 if (ret != ASN1_SUCCESS)
259 {
260 gnutls_assert ();
261 goto error;
262 }
263
264 ret = _gnutls_x509_read_uint (pkey_asn, "Version", &version);
265 if (ret < 0)
266 {
267 gnutls_assert();
268 goto error;
269 }
270
271 if (version != 1)
272 {
273 _gnutls_debug_log("ECC private key version %u is not supported\n", version);
274 gnutls_assert();
275 goto error;
276 }
277
278 /* read the curve */
279 oid_size = sizeof(oid);
280 ret = asn1_read_value(pkey_asn, "parameters.namedCurve", oid, &oid_size);
281 if (ret != ASN1_SUCCESS)
282 {
283 gnutls_assert ();
284 goto error;
285 }
286
287 pkey->params.flags = _gnutls_oid_to_ecc_curve(oid);
288 if (pkey->params.flags == GNUTLS_ECC_CURVE_INVALID)
289 {
290 _gnutls_debug_log("Curve %s is not supported\n", oid);
291 gnutls_assert();
292 goto error;
293 }
294
295 ret = _gnutls_ecc_curve_fill_params(pkey->params.flags, &pkey->params);
296 if (ret < 0)
297 {
298 gnutls_assert();
299 goto error;
300 }
301
302 /* read the public key */
303 ret = _gnutls_x509_read_string(pkey_asn, "publicKey", &out, RV_BIT_STRING);
304 if (ret < 0)
305 {
306 gnutls_assert();
307 goto error;
308 }
309
310 ret = _gnutls_ecc_ansi_x963_import (out.data, out.size, &pkey->params.params[ECC_X],
311 &pkey->params.params[ECC_Y]);
312
313 _gnutls_free_datum(&out);
314 if (ret < 0)
315 {
316 gnutls_assert();
317 goto error;
318 }
319 pkey->params.params_nr += 2;
320
321 /* read the private key */
322 ret = _gnutls_x509_read_int (pkey_asn, "privateKey", &pkey->params.params[ECC_K]);
323 if (ret < 0)
324 {
325 gnutls_assert();
326 goto error;
327 }
328 pkey->params.params_nr ++;
329
330 return pkey_asn;
331
332 error:
333 asn1_delete_structure (&pkey_asn);
334 gnutls_pk_params_release (&pkey->params);
335 return NULL;
336
337 }
338
339
340 static ASN1_TYPE
341 decode_dsa_key (const gnutls_datum_t * raw_key, gnutls_x509_privkey_t pkey)
342 {
343 int result;
344 ASN1_TYPE dsa_asn;
345
346 if ((result =
347 asn1_create_element (_gnutls_get_gnutls_asn (),
348 "GNUTLS.DSAPrivateKey",
349 &dsa_asn)) != ASN1_SUCCESS)
350 {
351 gnutls_assert ();
352 return NULL;
353 }
354
355 pkey->params.params_nr = 0;
356
357 result = asn1_der_decoding (&dsa_asn, raw_key->data, raw_key->size, NULL);
358 if (result != ASN1_SUCCESS)
359 {
360 gnutls_assert ();
361 goto error;
362 }
363
364 if ((result = _gnutls_x509_read_int (dsa_asn, "p", &pkey->params.params[0])) < 0)
365 {
366 gnutls_assert ();
367 goto error;
368 }
369 pkey->params.params_nr++;
370
371 if ((result = _gnutls_x509_read_int (dsa_asn, "q", &pkey->params.params[1])) < 0)
372 {
373 gnutls_assert ();
374 goto error;
375 }
376 pkey->params.params_nr++;
377
378 if ((result = _gnutls_x509_read_int (dsa_asn, "g", &pkey->params.params[2])) < 0)
379 {
380 gnutls_assert ();
381 goto error;
382 }
383 pkey->params.params_nr++;
384
385 if ((result = _gnutls_x509_read_int (dsa_asn, "Y", &pkey->params.params[3])) < 0)
386 {
387 gnutls_assert ();
388 goto error;
389 }
390 pkey->params.params_nr++;
391
392 if ((result = _gnutls_x509_read_int (dsa_asn, "priv",
393 &pkey->params.params[4])) < 0)
394 {
395 gnutls_assert ();
396 goto error;
397 }
398 pkey->params.params_nr++;
399
400 return dsa_asn;
401
402 error:
403 asn1_delete_structure (&dsa_asn);
404 gnutls_pk_params_release(&pkey->params);
405 return NULL;
406
407 }
408
409
410 #define PEM_KEY_DSA "DSA PRIVATE KEY"
411 #define PEM_KEY_RSA "RSA PRIVATE KEY"
412 #define PEM_KEY_ECC "EC PRIVATE KEY"
413
414 /**
415 * gnutls_x509_privkey_import:
416 * @key: The structure to store the parsed key
417 * @data: The DER or PEM encoded certificate.
418 * @format: One of DER or PEM
419 *
420 * This function will convert the given DER or PEM encoded key to the
421 * native #gnutls_x509_privkey_t format. The output will be stored in
422 * @key .
423 *
424 * If the key is PEM encoded it should have a header that contains "PRIVATE
425 * KEY". Note that this function falls back to PKCS #8 decoding without
426 * password, if the default format fails to import.
427 *
428 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
429 * negative error value.
430 **/
431 int
432 gnutls_x509_privkey_import (gnutls_x509_privkey_t key,
433 const gnutls_datum_t * data,
434 gnutls_x509_crt_fmt_t format)
435 {
436 int result = 0, need_free = 0;
437 gnutls_datum_t _data;
438
439 if (key == NULL)
440 {
441 gnutls_assert ();
442 return GNUTLS_E_INVALID_REQUEST;
443 }
444
445 _data.data = data->data;
446 _data.size = data->size;
447
448 key->pk_algorithm = GNUTLS_PK_UNKNOWN;
449
450 /* If the Certificate is in PEM format then decode it
451 */
452 if (format == GNUTLS_X509_FMT_PEM)
453 {
454 /* Try the first header */
455 result =
456 _gnutls_fbase64_decode (PEM_KEY_RSA, data->data, data->size, &_data);
457
458 if (result >= 0)
459 key->pk_algorithm = GNUTLS_PK_RSA;
460
461 if (result == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
462 {
463 /* try for the second header */
464 result =
465 _gnutls_fbase64_decode (PEM_KEY_DSA, data->data, data->size,
466 &_data);
467
468 if (result >= 0)
469 key->pk_algorithm = GNUTLS_PK_DSA;
470
471 if (result == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
472 {
473 /* try for the second header */
474 result =
475 _gnutls_fbase64_decode (PEM_KEY_ECC, data->data, data->size,
476 &_data);
477 if (result >= 0)
478 key->pk_algorithm = GNUTLS_PK_EC;
479 }
480 }
481
482 if (result < 0)
483 {
484 gnutls_assert ();
485 goto failover;
486 }
487
488 need_free = 1;
489 }
490
491 if (key->pk_algorithm == GNUTLS_PK_RSA)
492 {
493 key->key = _gnutls_privkey_decode_pkcs1_rsa_key (&_data, key);
494 if (key->key == NULL)
495 gnutls_assert ();
496 }
497 else if (key->pk_algorithm == GNUTLS_PK_DSA)
498 {
499 key->key = decode_dsa_key (&_data, key);
500 if (key->key == NULL)
501 gnutls_assert ();
502 }
503 else if (key->pk_algorithm == GNUTLS_PK_EC)
504 {
505 key->key = _gnutls_privkey_decode_ecc_key (&_data, key);
506 if (key->key == NULL)
507 gnutls_assert ();
508 }
509 else
510 {
511 /* Try decoding with both, and accept the one that
512 * succeeds.
513 */
514 key->pk_algorithm = GNUTLS_PK_RSA;
515 key->key = _gnutls_privkey_decode_pkcs1_rsa_key (&_data, key);
516
517 if (key->key == NULL)
518 {
519 key->pk_algorithm = GNUTLS_PK_DSA;
520 key->key = decode_dsa_key (&_data, key);
521 if (key->key == NULL)
522 {
523 key->pk_algorithm = GNUTLS_PK_EC;
524 key->key = _gnutls_privkey_decode_ecc_key (&_data, key);
525 if (key->key == NULL)
526 gnutls_assert ();
527 }
528 }
529 }
530
531 if (key->key == NULL)
532 {
533 gnutls_assert ();
534 result = GNUTLS_E_ASN1_DER_ERROR;
535 goto failover;
536 }
537
538 if (need_free)
539 _gnutls_free_datum (&_data);
540
541 /* The key has now been decoded.
542 */
543
544 return 0;
545
546 failover:
547 /* Try PKCS #8 */
548 if (result == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
549 {
550 _gnutls_debug_log ("Falling back to PKCS #8 key decoding\n");
551 result = gnutls_x509_privkey_import_pkcs8 (key, data, format,
552 NULL, GNUTLS_PKCS_PLAIN);
553 }
554
555 if (need_free)
556 _gnutls_free_datum (&_data);
557
558 return result;
559 }
560
561 /**
562 * gnutls_x509_privkey_import2:
563 * @key: The structure to store the parsed key
564 * @data: The DER or PEM encoded key.
565 * @format: One of DER or PEM
566 * @password: A password (optional)
567 * @flags: an ORed sequence of gnutls_pkcs_encrypt_flags_t
568 *
569 * This function will import the given DER or PEM encoded key, to
570 * the native #gnutls_x509_privkey_t format, irrespective of the
571 * input format. The input format is auto-detected.
572 *
573 * The supported formats are typical X.509, PKCS #8 and the openssl
574 * format.
575 *
576 * If the provided key is encrypted but no password was given, then
577 * %GNUTLS_E_DECRYPTION_FAILED is returned.
578 *
579 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
580 * negative error value.
581 **/
582 int
583 gnutls_x509_privkey_import2 (gnutls_x509_privkey_t key,
584 const gnutls_datum_t * data,
585 gnutls_x509_crt_fmt_t format,
586 const char* password, unsigned int flags)
587 {
588 int ret = 0;
589
590 if (password == NULL && !(flags & GNUTLS_PKCS_NULL_PASSWORD))
591 {
592 ret = gnutls_x509_privkey_import(key, data, format);
593 if (ret < 0)
594 {
595 gnutls_assert();
596 }
597 }
598
599 if ((password != NULL || (flags & GNUTLS_PKCS_NULL_PASSWORD)) || ret < 0)
600 {
601 ret = gnutls_x509_privkey_import_pkcs8(key, data, format, password, flags);
602 if (ret < 0)
603 {
604 if (format == GNUTLS_X509_FMT_PEM)
605 {
606 int err;
607 err = gnutls_x509_privkey_import_openssl(key, data, password);
608 if (err < 0)
609 {
610 if (err == GNUTLS_E_DECRYPTION_FAILED) ret = err;
611 gnutls_assert();
612 goto cleanup;
613 }
614 }
615 else
616 {
617 gnutls_assert();
618 goto cleanup;
619 }
620 }
621 }
622
623 ret = 0;
624
625 cleanup:
626 return ret;
627 }
628
629
630 /**
631 * gnutls_x509_privkey_import_rsa_raw:
632 * @key: The structure to store the parsed key
633 * @m: holds the modulus
634 * @e: holds the public exponent
635 * @d: holds the private exponent
636 * @p: holds the first prime (p)
637 * @q: holds the second prime (q)
638 * @u: holds the coefficient
639 *
640 * This function will convert the given RSA raw parameters to the
641 * native #gnutls_x509_privkey_t format. The output will be stored in
642 * @key.
643 *
644 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
645 * negative error value.
646 **/
647 int
648 gnutls_x509_privkey_import_rsa_raw (gnutls_x509_privkey_t key,
649 const gnutls_datum_t * m,
650 const gnutls_datum_t * e,
651 const gnutls_datum_t * d,
652 const gnutls_datum_t * p,
653 const gnutls_datum_t * q,
654 const gnutls_datum_t * u)
655 {
656 return gnutls_x509_privkey_import_rsa_raw2 (key, m, e, d, p, q, u, NULL,
657 NULL);
658 }
659
660 /**
661 * gnutls_x509_privkey_import_rsa_raw2:
662 * @key: The structure to store the parsed key
663 * @m: holds the modulus
664 * @e: holds the public exponent
665 * @d: holds the private exponent
666 * @p: holds the first prime (p)
667 * @q: holds the second prime (q)
668 * @u: holds the coefficient
669 * @e1: holds e1 = d mod (p-1)
670 * @e2: holds e2 = d mod (q-1)
671 *
672 * This function will convert the given RSA raw parameters to the
673 * native #gnutls_x509_privkey_t format. The output will be stored in
674 * @key.
675 *
676 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
677 * negative error value.
678 **/
679 int
680 gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key,
681 const gnutls_datum_t * m,
682 const gnutls_datum_t * e,
683 const gnutls_datum_t * d,
684 const gnutls_datum_t * p,
685 const gnutls_datum_t * q,
686 const gnutls_datum_t * u,
687 const gnutls_datum_t * e1,
688 const gnutls_datum_t * e2)
689 {
690 int ret;
691 size_t siz = 0;
692
693 if (key == NULL)
694 {
695 gnutls_assert ();
696 return GNUTLS_E_INVALID_REQUEST;
697 }
698
699 gnutls_pk_params_init(&key->params);
700
701 siz = m->size;
702 if (_gnutls_mpi_scan_nz (&key->params.params[0], m->data, siz))
703 {
704 gnutls_assert ();
705 ret = GNUTLS_E_MPI_SCAN_FAILED;
706 goto cleanup;
707 }
708 key->params.params_nr++;
709
710 siz = e->size;
711 if (_gnutls_mpi_scan_nz (&key->params.params[1], e->data, siz))
712 {
713 gnutls_assert ();
714 ret = GNUTLS_E_MPI_SCAN_FAILED;
715 goto cleanup;
716 }
717 key->params.params_nr++;
718
719 siz = d->size;
720 if (_gnutls_mpi_scan_nz (&key->params.params[2], d->data, siz))
721 {
722 gnutls_assert ();
723 ret = GNUTLS_E_MPI_SCAN_FAILED;
724 goto cleanup;
725 }
726 key->params.params_nr++;
727
728 siz = p->size;
729 if (_gnutls_mpi_scan_nz (&key->params.params[3], p->data, siz))
730 {
731 gnutls_assert ();
732 ret = GNUTLS_E_MPI_SCAN_FAILED;
733 goto cleanup;
734 }
735 key->params.params_nr++;
736
737 siz = q->size;
738 if (_gnutls_mpi_scan_nz (&key->params.params[4], q->data, siz))
739 {
740 gnutls_assert ();
741 ret = GNUTLS_E_MPI_SCAN_FAILED;
742 goto cleanup;
743 }
744 key->params.params_nr++;
745
746 siz = u->size;
747 if (_gnutls_mpi_scan_nz (&key->params.params[5], u->data, siz))
748 {
749 gnutls_assert ();
750 ret = GNUTLS_E_MPI_SCAN_FAILED;
751 goto cleanup;
752 }
753 key->params.params_nr++;
754
755 if (e1 && e2)
756 {
757 siz = e1->size;
758 if (_gnutls_mpi_scan_nz (&key->params.params[6], e1->data, siz))
759 {
760 gnutls_assert ();
761 ret = GNUTLS_E_MPI_SCAN_FAILED;
762 goto cleanup;
763 }
764 key->params.params_nr++;
765
766 siz = e2->size;
767 if (_gnutls_mpi_scan_nz (&key->params.params[7], e2->data, siz))
768 {
769 gnutls_assert ();
770 ret = GNUTLS_E_MPI_SCAN_FAILED;
771 goto cleanup;
772 }
773 key->params.params_nr++;
774 }
775
776 ret = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_IMPORT, &key->params);
777 if (ret < 0)
778 {
779 gnutls_assert ();
780 goto cleanup;
781 }
782
783 ret = _gnutls_asn1_encode_privkey (GNUTLS_PK_RSA, &key->key, &key->params);
784 if (ret < 0)
785 {
786 gnutls_assert ();
787 goto cleanup;
788 }
789
790 key->params.params_nr = RSA_PRIVATE_PARAMS;
791 key->pk_algorithm = GNUTLS_PK_RSA;
792
793 return 0;
794
795 cleanup:
796 gnutls_pk_params_release(&key->params);
797 return ret;
798
799 }
800
801 /**
802 * gnutls_x509_privkey_import_dsa_raw:
803 * @key: The structure to store the parsed key
804 * @p: holds the p
805 * @q: holds the q
806 * @g: holds the g
807 * @y: holds the y
808 * @x: holds the x
809 *
810 * This function will convert the given DSA raw parameters to the
811 * native #gnutls_x509_privkey_t format. The output will be stored
812 * in @key.
813 *
814 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
815 * negative error value.
816 **/
817 int
818 gnutls_x509_privkey_import_dsa_raw (gnutls_x509_privkey_t key,
819 const gnutls_datum_t * p,
820 const gnutls_datum_t * q,
821 const gnutls_datum_t * g,
822 const gnutls_datum_t * y,
823 const gnutls_datum_t * x)
824 {
825 int ret;
826 size_t siz = 0;
827
828 if (key == NULL)
829 {
830 gnutls_assert ();
831 return GNUTLS_E_INVALID_REQUEST;
832 }
833
834 siz = p->size;
835 if (_gnutls_mpi_scan_nz (&key->params.params[0], p->data, siz))
836 {
837 gnutls_assert ();
838 ret = GNUTLS_E_MPI_SCAN_FAILED;
839 goto cleanup;
840 }
841
842 siz = q->size;
843 if (_gnutls_mpi_scan_nz (&key->params.params[1], q->data, siz))
844 {
845 gnutls_assert ();
846 ret = GNUTLS_E_MPI_SCAN_FAILED;
847 goto cleanup;
848 }
849
850 siz = g->size;
851 if (_gnutls_mpi_scan_nz (&key->params.params[2], g->data, siz))
852 {
853 gnutls_assert ();
854 ret = GNUTLS_E_MPI_SCAN_FAILED;
855 goto cleanup;
856 }
857
858 siz = y->size;
859 if (_gnutls_mpi_scan_nz (&key->params.params[3], y->data, siz))
860 {
861 gnutls_assert ();
862 ret = GNUTLS_E_MPI_SCAN_FAILED;
863 goto cleanup;
864 }
865
866 siz = x->size;
867 if (_gnutls_mpi_scan_nz (&key->params.params[4], x->data, siz))
868 {
869 gnutls_assert ();
870 ret = GNUTLS_E_MPI_SCAN_FAILED;
871 goto cleanup;
872 }
873
874 ret = _gnutls_asn1_encode_privkey (GNUTLS_PK_DSA, &key->key, &key->params);
875 if (ret < 0)
876 {
877 gnutls_assert ();
878 goto cleanup;
879 }
880
881 key->params.params_nr = DSA_PRIVATE_PARAMS;
882 key->pk_algorithm = GNUTLS_PK_DSA;
883
884 return 0;
885
886 cleanup:
887 gnutls_pk_params_release(&key->params);
888 return ret;
889
890 }
891
892 /**
893 * gnutls_x509_privkey_import_ecc_raw:
894 * @key: The structure to store the parsed key
895 * @curve: holds the curve
896 * @x: holds the x
897 * @y: holds the y
898 * @k: holds the k
899 *
900 * This function will convert the given elliptic curve parameters to the
901 * native #gnutls_x509_privkey_t format. The output will be stored
902 * in @key.
903 *
904 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
905 * negative error value.
906 *
907 * Since: 3.0
908 **/
909 int
910 gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key,
911 gnutls_ecc_curve_t curve,
912 const gnutls_datum_t * x,
913 const gnutls_datum_t * y,
914 const gnutls_datum_t * k)
915 {
916 int ret;
917
918 if (key == NULL)
919 {
920 gnutls_assert ();
921 return GNUTLS_E_INVALID_REQUEST;
922 }
923
924 key->params.flags = curve;
925
926 ret = _gnutls_ecc_curve_fill_params(curve, &key->params);
927 if (ret < 0)
928 return gnutls_assert_val(ret);
929
930 if (_gnutls_mpi_scan_nz (&key->params.params[ECC_X], x->data, x->size))
931 {
932 gnutls_assert ();
933 ret = GNUTLS_E_MPI_SCAN_FAILED;
934 goto cleanup;
935 }
936 key->params.params_nr++;
937
938 if (_gnutls_mpi_scan_nz (&key->params.params[ECC_Y], y->data, y->size))
939 {
940 gnutls_assert ();
941 ret = GNUTLS_E_MPI_SCAN_FAILED;
942 goto cleanup;
943 }
944 key->params.params_nr++;
945
946 if (_gnutls_mpi_scan_nz (&key->params.params[ECC_K], k->data, k->size))
947 {
948 gnutls_assert ();
949 ret = GNUTLS_E_MPI_SCAN_FAILED;
950 goto cleanup;
951 }
952 key->params.params_nr++;
953
954 key->pk_algorithm = GNUTLS_PK_EC;
955
956 return 0;
957
958 cleanup:
959 gnutls_pk_params_release(&key->params);
960 return ret;
961
962 }
963
964
965 /**
966 * gnutls_x509_privkey_get_pk_algorithm:
967 * @key: should contain a #gnutls_x509_privkey_t structure
968 *
969 * This function will return the public key algorithm of a private
970 * key.
971 *
972 * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
973 * success, or a negative error code on error.
974 **/
975 int
976 gnutls_x509_privkey_get_pk_algorithm (gnutls_x509_privkey_t key)
977 {
978 if (key == NULL)
979 {
980 gnutls_assert ();
981 return GNUTLS_E_INVALID_REQUEST;
982 }
983
984 return key->pk_algorithm;
985 }
986
987 /**
988 * gnutls_x509_privkey_get_pk_algorithm2:
989 * @key: should contain a #gnutls_x509_privkey_t structure
990 * @bits: The number of bits in the public key algorithm
991 *
992 * This function will return the public key algorithm of a private
993 * key.
994 *
995 * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
996 * success, or a negative error code on error.
997 **/
998 int
999 gnutls_x509_privkey_get_pk_algorithm2 (gnutls_x509_privkey_t key, unsigned int *bits)
1000 {
1001 int ret;
1002
1003 if (key == NULL)
1004 {
1005 gnutls_assert ();
1006 return GNUTLS_E_INVALID_REQUEST;
1007 }
1008
1009 if (bits)
1010 {
1011 ret = pubkey_to_bits(key->pk_algorithm, &key->params);
1012 if (ret < 0) ret = 0;
1013 *bits = ret;
1014 }
1015
1016 return key->pk_algorithm;
1017 }
1018
1019 static const char* set_msg(gnutls_x509_privkey_t key)
1020 {
1021 if (key->pk_algorithm == GNUTLS_PK_RSA)
1022 return PEM_KEY_RSA;
1023 else if (key->pk_algorithm == GNUTLS_PK_DSA)
1024 return PEM_KEY_DSA;
1025 else if (key->pk_algorithm == GNUTLS_PK_EC)
1026 return PEM_KEY_ECC;
1027 else
1028 return "UNKNOWN";
1029 }
1030
1031 /**
1032 * gnutls_x509_privkey_export:
1033 * @key: Holds the key
1034 * @format: the format of output params. One of PEM or DER.
1035 * @output_data: will contain a private key PEM or DER encoded
1036 * @output_data_size: holds the size of output_data (and will be
1037 * replaced by the actual size of parameters)
1038 *
1039 * This function will export the private key to a PKCS1 structure for
1040 * RSA keys, or an integer sequence for DSA keys. The DSA keys are in
1041 * the same format with the parameters used by openssl.
1042 *
1043 * If the buffer provided is not long enough to hold the output, then
1044 * *@output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER
1045 * will be returned.
1046 *
1047 * If the structure is PEM encoded, it will have a header
1048 * of "BEGIN RSA PRIVATE KEY".
1049 *
1050 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1051 * negative error value.
1052 **/
1053 int
1054 gnutls_x509_privkey_export (gnutls_x509_privkey_t key,
1055 gnutls_x509_crt_fmt_t format, void *output_data,
1056 size_t * output_data_size)
1057 {
1058 const char *msg;
1059
1060 if (key == NULL)
1061 {
1062 gnutls_assert ();
1063 return GNUTLS_E_INVALID_REQUEST;
1064 }
1065
1066 msg = set_msg(key);
1067
1068 return _gnutls_x509_export_int (key->key, format, msg,
1069 output_data, output_data_size);
1070 }
1071
1072 /**
1073 * gnutls_x509_privkey_export2:
1074 * @key: Holds the key
1075 * @format: the format of output params. One of PEM or DER.
1076 * @out: will contain a private key PEM or DER encoded
1077 *
1078 * This function will export the private key to a PKCS1 structure for
1079 * RSA keys, or an integer sequence for DSA keys. The DSA keys are in
1080 * the same format with the parameters used by openssl.
1081 *
1082 * The output buffer is allocated using gnutls_malloc().
1083 *
1084 * If the structure is PEM encoded, it will have a header
1085 * of "BEGIN RSA PRIVATE KEY".
1086 *
1087 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1088 * negative error value.
1089 *
1090 * Since 3.1.3
1091 **/
1092 int
1093 gnutls_x509_privkey_export2 (gnutls_x509_privkey_t key,
1094 gnutls_x509_crt_fmt_t format,
1095 gnutls_datum_t * out)
1096 {
1097 const char *msg;
1098
1099 if (key == NULL)
1100 {
1101 gnutls_assert ();
1102 return GNUTLS_E_INVALID_REQUEST;
1103 }
1104
1105 msg = set_msg(key);
1106
1107 return _gnutls_x509_export_int2 (key->key, format, msg, out);
1108 }
1109
1110 /**
1111 * gnutls_x509_privkey_sec_param:
1112 * @key: a key structure
1113 *
1114 * This function will return the security parameter appropriate with
1115 * this private key.
1116 *
1117 * Returns: On success, a valid security parameter is returned otherwise
1118 * %GNUTLS_SEC_PARAM_UNKNOWN is returned.
1119 *
1120 * Since: 2.12.0
1121 **/
1122 gnutls_sec_param_t
1123 gnutls_x509_privkey_sec_param (gnutls_x509_privkey_t key)
1124 {
1125 int bits;
1126
1127 bits = pubkey_to_bits(key->pk_algorithm, &key->params);
1128 if (bits <= 0)
1129 return GNUTLS_SEC_PARAM_UNKNOWN;
1130
1131 return gnutls_pk_bits_to_sec_param(key->pk_algorithm, bits);
1132 }
1133
1134 /**
1135 * gnutls_x509_privkey_export_ecc_raw:
1136 * @key: a structure that holds the rsa parameters
1137 * @curve: will hold the curve
1138 * @x: will hold the x coordinate
1139 * @y: will hold the y coordinate
1140 * @k: will hold the private key
1141 *
1142 * This function will export the ECC private key's parameters found
1143 * in the given structure. The new parameters will be allocated using
1144 * gnutls_malloc() and will be stored in the appropriate datum.
1145 *
1146 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1147 * negative error value.
1148 *
1149 * Since: 3.0
1150 **/
1151 int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key,
1152 gnutls_ecc_curve_t *curve,
1153 gnutls_datum_t * x, gnutls_datum_t * y,
1154 gnutls_datum_t* k)
1155 {
1156 int ret;
1157
1158 if (key == NULL)
1159 {
1160 gnutls_assert ();
1161 return GNUTLS_E_INVALID_REQUEST;
1162 }
1163
1164 *curve = key->params.flags;
1165
1166 /* X */
1167 ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_X], x);
1168 if (ret < 0)
1169 {
1170 gnutls_assert ();
1171 return ret;
1172 }
1173
1174 /* Y */
1175 ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_Y], y);
1176 if (ret < 0)
1177 {
1178 gnutls_assert ();
1179 _gnutls_free_datum (x);
1180 return ret;
1181 }
1182
1183
1184 /* K */
1185 ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_K], k);
1186 if (ret < 0)
1187 {
1188 gnutls_assert ();
1189 _gnutls_free_datum (x);
1190 _gnutls_free_datum (y);
1191 return ret;
1192 }
1193
1194 return 0;
1195
1196 }
1197
1198 /**
1199 * gnutls_x509_privkey_export_rsa_raw:
1200 * @key: a structure that holds the rsa parameters
1201 * @m: will hold the modulus
1202 * @e: will hold the public exponent
1203 * @d: will hold the private exponent
1204 * @p: will hold the first prime (p)
1205 * @q: will hold the second prime (q)
1206 * @u: will hold the coefficient
1207 *
1208 * This function will export the RSA private key's parameters found
1209 * in the given structure. The new parameters will be allocated using
1210 * gnutls_malloc() and will be stored in the appropriate datum.
1211 *
1212 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1213 * negative error value.
1214 **/
1215 int
1216 gnutls_x509_privkey_export_rsa_raw (gnutls_x509_privkey_t key,
1217 gnutls_datum_t * m, gnutls_datum_t * e,
1218 gnutls_datum_t * d, gnutls_datum_t * p,
1219 gnutls_datum_t * q, gnutls_datum_t * u)
1220 {
1221
1222 return gnutls_x509_privkey_export_rsa_raw2 (key, m, e, d, p, q, u, NULL,
1223 NULL);
1224 }
1225
1226 /**
1227 * gnutls_x509_privkey_export_rsa_raw2:
1228 * @key: a structure that holds the rsa parameters
1229 * @m: will hold the modulus
1230 * @e: will hold the public exponent
1231 * @d: will hold the private exponent
1232 * @p: will hold the first prime (p)
1233 * @q: will hold the second prime (q)
1234 * @u: will hold the coefficient
1235 * @e1: will hold e1 = d mod (p-1)
1236 * @e2: will hold e2 = d mod (q-1)
1237 *
1238 * This function will export the RSA private key's parameters found
1239 * in the given structure. The new parameters will be allocated using
1240 * gnutls_malloc() and will be stored in the appropriate datum.
1241 *
1242 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1243 * negative error value.
1244 *
1245 * Since: 2.12.0
1246 **/
1247 int
1248 gnutls_x509_privkey_export_rsa_raw2 (gnutls_x509_privkey_t key,
1249 gnutls_datum_t * m, gnutls_datum_t * e,
1250 gnutls_datum_t * d, gnutls_datum_t * p,
1251 gnutls_datum_t * q, gnutls_datum_t * u,
1252 gnutls_datum_t * e1, gnutls_datum_t * e2)
1253 {
1254 int ret;
1255 gnutls_pk_params_st pk_params;
1256
1257 gnutls_pk_params_init(&pk_params);
1258
1259 if (key == NULL)
1260 {
1261 gnutls_assert ();
1262 return GNUTLS_E_INVALID_REQUEST;
1263 }
1264
1265 m->data = e->data = d->data = p->data = q->data = u->data = NULL;
1266 m->size = e->size = d->size = p->size = q->size = u->size = 0;
1267
1268 ret = _gnutls_pk_params_copy (&pk_params, &key->params);
1269 if (ret < 0)
1270 {
1271 gnutls_assert ();
1272 return ret;
1273 }
1274
1275 ret = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_EXPORT, &pk_params);
1276 if (ret < 0)
1277 {
1278 gnutls_assert ();
1279 goto error;
1280 }
1281
1282 ret = _gnutls_mpi_dprint_lz (pk_params.params[0], m);
1283 if (ret < 0)
1284 {
1285 gnutls_assert ();
1286 goto error;
1287 }
1288
1289 /* E */
1290 ret = _gnutls_mpi_dprint_lz (pk_params.params[1], e);
1291 if (ret < 0)
1292 {
1293 gnutls_assert ();
1294 goto error;
1295 }
1296
1297 /* D */
1298 ret = _gnutls_mpi_dprint_lz (pk_params.params[2], d);
1299 if (ret < 0)
1300 {
1301 gnutls_assert ();
1302 goto error;
1303 }
1304
1305 /* P */
1306 ret = _gnutls_mpi_dprint_lz (pk_params.params[3], p);
1307 if (ret < 0)
1308 {
1309 gnutls_assert ();
1310 goto error;
1311 }
1312
1313 /* Q */
1314 ret = _gnutls_mpi_dprint_lz (pk_params.params[4], q);
1315 if (ret < 0)
1316 {
1317 gnutls_assert ();
1318 goto error;
1319 }
1320
1321 /* U */
1322 ret = _gnutls_mpi_dprint_lz (key->params.params[5], u);
1323 if (ret < 0)
1324 {
1325 gnutls_assert ();
1326 goto error;
1327 }
1328
1329 /* E1 */
1330 if (e1)
1331 {
1332 ret = _gnutls_mpi_dprint_lz (key->params.params[6], e1);
1333 if (ret < 0)
1334 {
1335 gnutls_assert ();
1336 goto error;
1337 }
1338 }
1339
1340 /* E2 */
1341 if (e2)
1342 {
1343 ret = _gnutls_mpi_dprint_lz (key->params.params[7], e2);
1344 if (ret < 0)
1345 {
1346 gnutls_assert ();
1347 goto error;
1348 }
1349 }
1350
1351 gnutls_pk_params_release (&pk_params);
1352
1353 return 0;
1354
1355 error:
1356 _gnutls_free_datum (m);
1357 _gnutls_free_datum (d);
1358 _gnutls_free_datum (e);
1359 _gnutls_free_datum (p);
1360 _gnutls_free_datum (q);
1361 gnutls_pk_params_release (&pk_params);
1362
1363 return ret;
1364 }
1365
1366 /**
1367 * gnutls_x509_privkey_export_dsa_raw:
1368 * @key: a structure that holds the DSA parameters
1369 * @p: will hold the p
1370 * @q: will hold the q
1371 * @g: will hold the g
1372 * @y: will hold the y
1373 * @x: will hold the x
1374 *
1375 * This function will export the DSA private key's parameters found
1376 * in the given structure. The new parameters will be allocated using
1377 * gnutls_malloc() and will be stored in the appropriate datum.
1378 *
1379 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1380 * negative error value.
1381 **/
1382 int
1383 gnutls_x509_privkey_export_dsa_raw (gnutls_x509_privkey_t key,
1384 gnutls_datum_t * p, gnutls_datum_t * q,
1385 gnutls_datum_t * g, gnutls_datum_t * y,
1386 gnutls_datum_t * x)
1387 {
1388 int ret;
1389
1390 if (key == NULL)
1391 {
1392 gnutls_assert ();
1393 return GNUTLS_E_INVALID_REQUEST;
1394 }
1395
1396 /* P */
1397 ret = _gnutls_mpi_dprint_lz (key->params.params[0], p);
1398 if (ret < 0)
1399 {
1400 gnutls_assert ();
1401 return ret;
1402 }
1403
1404 /* Q */
1405 ret = _gnutls_mpi_dprint_lz (key->params.params[1], q);
1406 if (ret < 0)
1407 {
1408 gnutls_assert ();
1409 _gnutls_free_datum (p);
1410 return ret;
1411 }
1412
1413
1414 /* G */
1415 ret = _gnutls_mpi_dprint_lz (key->params.params[2], g);
1416 if (ret < 0)
1417 {
1418 gnutls_assert ();
1419 _gnutls_free_datum (p);
1420 _gnutls_free_datum (q);
1421 return ret;
1422 }
1423
1424
1425 /* Y */
1426 ret = _gnutls_mpi_dprint_lz (key->params.params[3], y);
1427 if (ret < 0)
1428 {
1429 gnutls_assert ();
1430 _gnutls_free_datum (p);
1431 _gnutls_free_datum (g);
1432 _gnutls_free_datum (q);
1433 return ret;
1434 }
1435
1436 /* X */
1437 ret = _gnutls_mpi_dprint_lz (key->params.params[4], x);
1438 if (ret < 0)
1439 {
1440 gnutls_assert ();
1441 _gnutls_free_datum (y);
1442 _gnutls_free_datum (p);
1443 _gnutls_free_datum (g);
1444 _gnutls_free_datum (q);
1445 return ret;
1446 }
1447
1448 return 0;
1449 }
1450
1451 /**
1452 * gnutls_x509_privkey_generate:
1453 * @key: should contain a #gnutls_x509_privkey_t structure
1454 * @algo: is one of the algorithms in #gnutls_pk_algorithm_t.
1455 * @bits: the size of the modulus
1456 * @flags: unused for now. Must be 0.
1457 *
1458 * This function will generate a random private key. Note that this
1459 * function must be called on an empty private key.
1460 *
1461 * Do not set the number of bits directly, use gnutls_sec_param_to_pk_bits().
1462 *
1463 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1464 * negative error value.
1465 **/
1466 int
1467 gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
1468 gnutls_pk_algorithm_t algo, unsigned int bits,
1469 unsigned int flags)
1470 {
1471 int ret;
1472
1473 if (key == NULL)
1474 {
1475 gnutls_assert ();
1476 return GNUTLS_E_INVALID_REQUEST;
1477 }
1478
1479 gnutls_pk_params_init(&key->params);
1480
1481 if (algo == GNUTLS_PK_EC)
1482 bits = _gnutls_ecc_bits_to_curve(bits);
1483
1484 ret = _gnutls_pk_generate (algo, bits, &key->params);
1485 if (ret < 0)
1486 {
1487 gnutls_assert ();
1488 return ret;
1489 }
1490
1491 ret = _gnutls_asn1_encode_privkey (algo, &key->key, &key->params);
1492 if (ret < 0)
1493 {
1494 gnutls_assert ();
1495 goto cleanup;
1496 }
1497 key->pk_algorithm = algo;
1498
1499 return 0;
1500
1501 cleanup:
1502 key->pk_algorithm = GNUTLS_PK_UNKNOWN;
1503 gnutls_pk_params_release(&key->params);
1504
1505 return ret;
1506 }
1507
1508 /**
1509 * gnutls_x509_privkey_verify_params:
1510 * @key: should contain a #gnutls_x509_privkey_t structure
1511 *
1512 * This function will verify the private key parameters.
1513 *
1514 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1515 * negative error value.
1516 **/
1517 int
1518 gnutls_x509_privkey_verify_params (gnutls_x509_privkey_t key)
1519 {
1520 int ret;
1521
1522 ret = _gnutls_pk_verify_params (key->pk_algorithm, &key->params);
1523 if (ret < 0)
1524 {
1525 gnutls_assert ();
1526 return ret;
1527 }
1528
1529 return 0;
1530 }
1531
1532 /**
1533 * gnutls_x509_privkey_get_key_id:
1534 * @key: Holds the key
1535 * @flags: should be 0 for now
1536 * @output_data: will contain the key ID
1537 * @output_data_size: holds the size of output_data (and will be
1538 * replaced by the actual size of parameters)
1539 *
1540 * This function will return a unique ID that depends on the public key
1541 * parameters. This ID can be used in checking whether a certificate
1542 * corresponds to the given key.
1543 *
1544 * If the buffer provided is not long enough to hold the output, then
1545 * *@output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will
1546 * be returned. The output will normally be a SHA-1 hash output,
1547 * which is 20 bytes.
1548 *
1549 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1550 * negative error value.
1551 **/
1552 int
1553 gnutls_x509_privkey_get_key_id (gnutls_x509_privkey_t key,
1554 unsigned int flags,
1555 unsigned char *output_data,
1556 size_t * output_data_size)
1557 {
1558 int ret;
1559
1560 if (key == NULL)
1561 {
1562 gnutls_assert ();
1563 return GNUTLS_E_INVALID_REQUEST;
1564 }
1565
1566 ret = _gnutls_get_key_id(key->pk_algorithm, &key->params, output_data, output_data_size);
1567 if (ret < 0)
1568 {
1569 gnutls_assert ();
1570 }
1571
1572 return ret;
1573 }
1574
1575
1576 /*-
1577 * _gnutls_x509_privkey_sign_hash2:
1578 * @signer: Holds the signer's key
1579 * @hash_algo: The hash algorithm used
1580 * @hash_data: holds the data to be signed
1581 * @signature: will contain newly allocated signature
1582 * @flags: (0) for now
1583 *
1584 * This function will sign the given hashed data using a signature algorithm
1585 * supported by the private key. Signature algorithms are always used
1586 * together with a hash functions. Different hash functions may be
1587 * used for the RSA algorithm, but only SHA-1,SHA-224 and SHA-256
1588 * for the DSA keys, depending on their bit size.
1589 *
1590 * Use gnutls_x509_crt_get_preferred_hash_algorithm() to determine
1591 * the hash algorithm.
1592 *
1593 * The RSA algorithm is used in PKCS #1 v1.5 mode.
1594 *
1595 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1596 * negative error value.
1597 -*/
1598 static int
1599 _gnutls_x509_privkey_sign_hash2 (gnutls_x509_privkey_t signer,
1600 gnutls_digest_algorithm_t hash_algo,
1601 unsigned int flags,
1602 const gnutls_datum_t * hash_data,
1603 gnutls_datum_t * signature)
1604 {
1605 int ret;
1606 gnutls_datum_t digest;
1607
1608 digest.data = gnutls_malloc (hash_data->size);
1609 if (digest.data == NULL)
1610 {
1611 gnutls_assert ();
1612 return GNUTLS_E_MEMORY_ERROR;
1613 }
1614 digest.size = hash_data->size;
1615 memcpy (digest.data, hash_data->data, digest.size);
1616
1617 ret = pk_prepare_hash (signer->pk_algorithm, hash_algo, &digest);
1618 if (ret < 0)
1619 {
1620 gnutls_assert ();
1621 goto cleanup;
1622 }
1623
1624 ret = _gnutls_pk_sign (signer->pk_algorithm, signature, &digest, &signer->params);
1625
1626 if (ret < 0)
1627 {
1628 gnutls_assert ();
1629 goto cleanup;
1630 }
1631
1632 ret = 0;
1633
1634 cleanup:
1635 _gnutls_free_datum (&digest);
1636 return ret;
1637 }
1638
1639 /**
1640 * gnutls_x509_privkey_sign_hash:
1641 * @key: Holds the key
1642 * @hash: holds the data to be signed
1643 * @signature: will contain newly allocated signature
1644 *
1645 * This function will sign the given hash using the private key. Do not
1646 * use this function directly unless you know what it is. Typical signing
1647 * requires the data to be hashed and stored in special formats
1648 * (e.g. BER Digest-Info for RSA).
1649 *
1650 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1651 * negative error value.
1652 *
1653 * Deprecated in: 2.12.0
1654 */
1655 int
1656 gnutls_x509_privkey_sign_hash (gnutls_x509_privkey_t key,
1657 const gnutls_datum_t * hash,
1658 gnutls_datum_t * signature)
1659 {
1660 int result;
1661
1662 if (key == NULL)
1663 {
1664 gnutls_assert ();
1665 return GNUTLS_E_INVALID_REQUEST;
1666 }
1667
1668 result = _gnutls_pk_sign (key->pk_algorithm, signature, hash, &key->params);
1669
1670 if (result < 0)
1671 {
1672 gnutls_assert ();
1673 return result;
1674 }
1675
1676 return 0;
1677 }
1678
1679 /**
1680 * gnutls_x509_privkey_sign_data:
1681 * @key: Holds the key
1682 * @digest: should be MD5 or SHA1
1683 * @flags: should be 0 for now
1684 * @data: holds the data to be signed
1685 * @signature: will contain the signature
1686 * @signature_size: holds the size of signature (and will be replaced
1687 * by the new size)
1688 *
1689 * This function will sign the given data using a signature algorithm
1690 * supported by the private key. Signature algorithms are always used
1691 * together with a hash functions. Different hash functions may be
1692 * used for the RSA algorithm, but only SHA-1 for the DSA keys.
1693 *
1694 * If the buffer provided is not long enough to hold the output, then
1695 * *@signature_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will
1696 * be returned.
1697 *
1698 * Use gnutls_x509_crt_get_preferred_hash_algorithm() to determine
1699 * the hash algorithm.
1700 *
1701 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1702 * negative error value.
1703 *
1704 * Deprecated: Use gnutls_privkey_sign_data().
1705 */
1706 int
1707 gnutls_x509_privkey_sign_data (gnutls_x509_privkey_t key,
1708 gnutls_digest_algorithm_t digest,
1709 unsigned int flags,
1710 const gnutls_datum_t * data,
1711 void *signature, size_t * signature_size)
1712 {
1713 int result;
1714 gnutls_datum_t sig = { NULL, 0 };
1715 gnutls_datum_t hash;
1716
1717 if (key == NULL)
1718 {
1719 gnutls_assert ();
1720 return GNUTLS_E_INVALID_REQUEST;
1721 }
1722
1723 result =
1724 pk_hash_data (key->pk_algorithm, digest, &key->params, data, &hash);
1725 if (result < 0)
1726 {
1727 gnutls_assert ();
1728 return result;
1729 }
1730
1731 result =
1732 _gnutls_x509_privkey_sign_hash2 (key, digest, flags, &hash, &sig);
1733
1734 _gnutls_free_datum(&hash);
1735
1736 if (result < 0)
1737 {
1738 gnutls_assert ();
1739 return result;
1740 }
1741
1742 if (*signature_size < sig.size)
1743 {
1744 *signature_size = sig.size;
1745 _gnutls_free_datum (&sig);
1746 return GNUTLS_E_SHORT_MEMORY_BUFFER;
1747 }
1748
1749 *signature_size = sig.size;
1750 memcpy (signature, sig.data, sig.size);
1751
1752 _gnutls_free_datum (&sig);
1753
1754 return 0;
1755 }
1756
1757
1758 /**
1759 * gnutls_x509_privkey_fix:
1760 * @key: Holds the key
1761 *
1762 * This function will recalculate the secondary parameters in a key.
1763 * In RSA keys, this can be the coefficient and exponent1,2.
1764 *
1765 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1766 * negative error value.
1767 **/
1768 int
1769 gnutls_x509_privkey_fix (gnutls_x509_privkey_t key)
1770 {
1771 int ret;
1772
1773 if (key == NULL)
1774 {
1775 gnutls_assert ();
1776 return GNUTLS_E_INVALID_REQUEST;
1777 }
1778
1779 asn1_delete_structure (&key->key);
1780
1781 ret = _gnutls_asn1_encode_privkey (key->pk_algorithm, &key->key, &key->params);
1782 if (ret < 0)
1783 {
1784 gnutls_assert ();
1785 return ret;
1786 }
1787
1788 return 0;
1789 }
1790
Implementation of the SSL/TLS protocol