openssl: Add helper function to convert BIGNUMs to chunks

diff --git a/src/libstrongswan/plugins/openssl/openssl_util.c b/src/libstrongswan/plugins/openssl/openssl_util.c
index bc10dd28c764bb472c4c82da39c332501ae97b31..0e61086b1a71f1fadbee9c219a916157375033c0 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_util.c
+++ b/src/libstrongswan/plugins/openssl/openssl_util.c
@@ -123,6 +123,24 @@ bool openssl_bn_split(chunk_t chunk, BIGNUM *a, BIGNUM *b)
        return TRUE;
 }
 
+/**
+ * Described in header.
+ */
+bool openssl_bn2chunk(BIGNUM *bn, chunk_t *chunk)
+{
+       *chunk = chunk_alloc(BN_num_bytes(bn));
+       if (BN_bn2bin(bn, chunk->ptr) == chunk->len)
+       {
+               if (chunk->len && chunk->ptr[0] & 0x80)
+               {       /* if MSB is set, prepend a zero to make it non-negative */
+                       *chunk = chunk_cat("cm", chunk_from_chars(0x00), *chunk);
+               }
+               return TRUE;
+       }
+       chunk_free(chunk);
+       return FALSE;
+}
+
 /**
  * Described in header.
  */

diff --git a/src/libstrongswan/plugins/openssl/openssl_util.h b/src/libstrongswan/plugins/openssl/openssl_util.h
index 25c692a1ac144472c1f113566dc8a2c6118f8f4f..ce2a9e10912468f18b0c095e32c9935ee525ce68 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_util.h
+++ b/src/libstrongswan/plugins/openssl/openssl_util.h
@@ -66,6 +66,15 @@ bool openssl_bn_cat(int len, BIGNUM *a, BIGNUM *b, chunk_t *chunk);
  */
 bool openssl_bn_split(chunk_t chunk, BIGNUM *a, BIGNUM *b);
 
+/**
+ * Exports the given bignum (assumed to be a positive number) to a chunk in
+ * two's complement format (i.e. a zero byte is added if the MSB is set).
+ *
+ * @param bn           the BIGNUM to export
+ * @param chunk                the chunk (data gets allocated)
+ * @return                     TRUE on success, FALSE otherwise
+ */
+bool openssl_bn2chunk(BIGNUM *bn, chunk_t *chunk);
 
 /**
  * Allocate a chunk using the i2d function of a given object