2 * Copyright (C) 2013 Andreas Steffen
4 * Copyright (C) secunet Security Networks AG
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 #include "dnskey_encoder.h"
19 #include <utils/debug.h>
22 * Encode an RSA public key in DNSKEY format (RFC 3110)
24 static bool build_pub(chunk_t
*encoding
, va_list args
)
30 if (cred_encoding_args(args
, CRED_PART_RSA_MODULUS
, &n
,
31 CRED_PART_RSA_PUB_EXP
, &e
, CRED_PART_END
))
33 /* remove leading zeros in exponent and modulus */
45 /* exponent length fits into a single octet */
47 pubkey
= chunk_alloc(exp_len
+ e
.len
+ n
.len
);
48 pubkey
.ptr
[0] = (char)e
.len
;
50 else if (e
.len
< 65536)
52 /* exponent length fits into two octets preceded by zero octet */
54 pubkey
= chunk_alloc(exp_len
+ e
.len
+ n
.len
);
56 htoun16(pubkey
.ptr
+ 1, e
.len
);
60 /* exponent length is too large */
64 /* copy exponent and modulus and convert to base64 format */
65 pos
= pubkey
.ptr
+ exp_len
;
66 memcpy(pos
, e
.ptr
, e
.len
);
68 memcpy(pos
, n
.ptr
, n
.len
);
69 *encoding
= chunk_to_base64(pubkey
, NULL
);
80 bool dnskey_encoder_encode(cred_encoding_type_t type
, chunk_t
*encoding
,
86 return build_pub(encoding
, args
);