}
#endif
+/** print one b64 encoded bignum to a line in the keybuffer */
+static int
+ldns_print_bignum_b64_line(ldns_buffer* output, const char* label, const BIGNUM* num)
+{
+ unsigned char *bignumbuf = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN);
+ if(!bignumbuf) return 0;
+
+ ldns_buffer_printf(output, "%s: ", label);
+ if(num) {
+ ldns_rdf *b64_bignum = NULL;
+ int i = BN_bn2bin(num, bignumbuf);
+ if (i > LDNS_MAX_KEYLEN) {
+ LDNS_FREE(bignumbuf);
+ return 0;
+ }
+ b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignumbuf);
+ if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
+ ldns_rdf_deep_free(b64_bignum);
+ LDNS_FREE(bignumbuf);
+ return 0;
+ }
+ ldns_rdf_deep_free(b64_bignum);
+ ldns_buffer_printf(output, "\n");
+ } else {
+ ldns_buffer_printf(output, "(Not available)\n");
+ }
+ LDNS_FREE(bignumbuf);
+ return 1;
+}
+
ldns_status
ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
{
ldns_status status = LDNS_STATUS_OK;
unsigned char *bignum;
#ifdef HAVE_SSL
-# ifndef S_SPLINT_S
- uint16_t i;
-# endif
- /* not used when ssl is not defined */
- /*@unused@*/
- ldns_rdf *b64_bignum = NULL;
-
RSA *rsa;
DSA *dsa;
#endif /* HAVE_SSL */
/* print to buf, convert to bin, convert to b64,
* print to buf */
- ldns_buffer_printf(output, "Modulus: ");
-#ifndef S_SPLINT_S
- i = (uint16_t)BN_bn2bin(rsa->n, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- ldns_buffer_printf(output, "PublicExponent: ");
- i = (uint16_t)BN_bn2bin(rsa->e, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- ldns_buffer_printf(output, "PrivateExponent: ");
- if (rsa->d) {
- i = (uint16_t)BN_bn2bin(rsa->d, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Prime1: ");
- if (rsa->p) {
- i = (uint16_t)BN_bn2bin(rsa->p, bignum);
- if (i > LDNS_MAX_KEYLEN) {
+#ifndef S_SPLINT_S
+ if(1) {
+ const BIGNUM *n=NULL, *e=NULL, *d=NULL,
+ *p=NULL, *q=NULL, *dmp1=NULL,
+ *dmq1=NULL, *iqmp=NULL;
+#if OPENSSL_VERSION_NUMBER < 0x10100000
+ n = rsa->n;
+ e = rsa->e;
+ d = rsa->d;
+ p = rsa->p;
+ q = rsa->q;
+ dmp1 = rsa->dmp1;
+ dmq1 = rsa->dmq1;
+ iqmp = rsa->iqmp;
+#else
+ RSA_get0_key(rsa, &n, &e, &d);
+ RSA_get0_factors(rsa, &p, &q);
+ RSA_get0_crt_params(rsa, &dmp1,
+ &dmq1, &iqmp);
+#endif
+ if(!ldns_print_bignum_b64_line(output, "Modulus", n))
goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
+ if(!ldns_print_bignum_b64_line(output, "PublicExponent", e))
goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Prime2: ");
- if (rsa->q) {
- i = (uint16_t)BN_bn2bin(rsa->q, bignum);
- if (i > LDNS_MAX_KEYLEN) {
+ if(!ldns_print_bignum_b64_line(output, "PrivateExponent", d))
goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
+ if(!ldns_print_bignum_b64_line(output, "Prime1", p))
goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Exponent1: ");
- if (rsa->dmp1) {
- i = (uint16_t)BN_bn2bin(rsa->dmp1, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Exponent2: ");
- if (rsa->dmq1) {
- i = (uint16_t)BN_bn2bin(rsa->dmq1, bignum);
- if (i > LDNS_MAX_KEYLEN) {
+ if(!ldns_print_bignum_b64_line(output, "Prime2", q))
goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
+ if(!ldns_print_bignum_b64_line(output, "Exponent1", dmp1))
goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Coefficient: ");
- if (rsa->iqmp) {
- i = (uint16_t)BN_bn2bin(rsa->iqmp, bignum);
- if (i > LDNS_MAX_KEYLEN) {
+ if(!ldns_print_bignum_b64_line(output, "Exponent2", dmq1))
goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
+ if(!ldns_print_bignum_b64_line(output, "Coefficient", iqmp))
goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
}
#endif /* splint */
/* print to buf, convert to bin, convert to b64,
* print to buf */
- ldns_buffer_printf(output, "Prime(p): ");
+ if(1) {
+ const BIGNUM *p=NULL, *q=NULL, *g=NULL,
+ *priv_key=NULL, *pub_key=NULL;
+#if OPENSSL_VERSION_NUMBER < 0x10100000
#ifndef S_SPLINT_S
- if (dsa->p) {
- i = (uint16_t)BN_bn2bin(dsa->p, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Subprime(q): ");
- if (dsa->q) {
- i = (uint16_t)BN_bn2bin(dsa->q, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Base(g): ");
- if (dsa->g) {
- i = (uint16_t)BN_bn2bin(dsa->g, bignum);
- if (i > LDNS_MAX_KEYLEN) {
+ p = dsa->p;
+ q = dsa->q;
+ g = dsa->g;
+ priv_key = dsa->priv_key;
+ pub_key = dsa->pub_key;
+#endif /* splint */
+#else
+ DSA_get0_pqg(dsa, &p, &q, &g);
+ DSA_get0_key(dsa, &pub_key, &priv_key);
+#endif
+ if(!ldns_print_bignum_b64_line(output, "Prime(p)", p))
goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
+ if(!ldns_print_bignum_b64_line(output, "Subprime(q)", q))
goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Private_value(x): ");
- if (dsa->priv_key) {
- i = (uint16_t)BN_bn2bin(dsa->priv_key, bignum);
- if (i > LDNS_MAX_KEYLEN) {
+ if(!ldns_print_bignum_b64_line(output, "Base(g)", g))
goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
+ if(!ldns_print_bignum_b64_line(output, "Private_value(x)", priv_key))
goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Public_value(y): ");
- if (dsa->pub_key) {
- i = (uint16_t)BN_bn2bin(dsa->pub_key, bignum);
- if (i > LDNS_MAX_KEYLEN) {
+ if(!ldns_print_bignum_b64_line(output, "Public_value(y)", pub_key))
goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
}
-#endif /* splint */
break;
case LDNS_SIGN_ECC_GOST:
/* no format defined, use blob */
if(k->_key.key) {
EC_KEY* ec = EVP_PKEY_get1_EC_KEY(k->_key.key);
const BIGNUM* b = EC_KEY_get0_private_key(ec);
- ldns_buffer_printf(output, "PrivateKey: ");
- i = (uint16_t)BN_bn2bin(b, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
+ if(!ldns_print_bignum_b64_line(output, "PrivateKey", b))
+ goto error;
/* down reference count in EC_KEY
* its still assigned to the PKEY */
EC_KEY_free(ec);
ldns_buffer_printf(output, "Algorithm: %d (", ldns_key_algorithm(k));
status=ldns_algorithm2buffer_str(output, (ldns_algorithm)ldns_key_algorithm(k));
ldns_buffer_printf(output, ")\n");
- ldns_buffer_printf(output, "PrivateKey: ");
if(k->_key.key) {
EC_KEY* ec = EVP_PKEY_get1_EC_KEY(k->_key.key);
const BIGNUM* b = EC_KEY_get0_private_key(ec);
- i = (uint16_t)BN_bn2bin(b, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
+ if(!ldns_print_bignum_b64_line(output, "PrivateKey", b))
+ goto error;
/* down reference count in EC_KEY
* its still assigned to the PKEY */
EC_KEY_free(ec);
ldns_buffer_printf(output, "Algorithm: %d (", ldns_key_algorithm(k));
status=ldns_algorithm2buffer_str(output, (ldns_algorithm)ldns_key_algorithm(k));
ldns_buffer_printf(output, ")\n");
- ldns_buffer_printf(output, "PrivateKey: ");
if(k->_key.key) {
EC_KEY* ec = EVP_PKEY_get1_EC_KEY(k->_key.key);
const BIGNUM* b = EC_KEY_get0_private_key(ec);
- i = (uint16_t)BN_bn2bin(b, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(b64_bignum);
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
+ if(!ldns_print_bignum_b64_line(output, "PrivateKey", b))
+ goto error;
/* down reference count in EC_KEY
* its still assigned to the PKEY */
EC_KEY_free(ec);
* // ...
*
*/
- char *d;
+ char *b;
RSA *rsa;
uint8_t *buf;
int i;
+ BIGNUM *n=NULL, *e=NULL, *d=NULL, *p=NULL, *q=NULL,
+ *dmp1=NULL, *dmq1=NULL, *iqmp=NULL;
- d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
+ b = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
buf = LDNS_XMALLOC(uint8_t, LDNS_MAX_LINELEN);
rsa = RSA_new();
- if (!d || !rsa || !buf) {
+ if (!b || !rsa || !buf) {
goto error;
}
*/
/* Modules, rsa->n */
- if (ldns_fget_keyword_data_l(f, "Modulus", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
+ if (ldns_fget_keyword_data_l(f, "Modulus", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
goto error;
}
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
+ i = ldns_b64_pton((const char*)b, buf, ldns_b64_ntop_calculate_size(strlen(b)));
#ifndef S_SPLINT_S
- rsa->n = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->n) {
+ n = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!n) {
goto error;
}
/* PublicExponent, rsa->e */
- if (ldns_fget_keyword_data_l(f, "PublicExponent", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
+ if (ldns_fget_keyword_data_l(f, "PublicExponent", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
goto error;
}
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->e = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->e) {
+ i = ldns_b64_pton((const char*)b, buf, ldns_b64_ntop_calculate_size(strlen(b)));
+ e = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!e) {
goto error;
}
/* PrivateExponent, rsa->d */
- if (ldns_fget_keyword_data_l(f, "PrivateExponent", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
+ if (ldns_fget_keyword_data_l(f, "PrivateExponent", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
goto error;
}
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->d = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->d) {
+ i = ldns_b64_pton((const char*)b, buf, ldns_b64_ntop_calculate_size(strlen(b)));
+ d = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!d) {
goto error;
}
/* Prime1, rsa->p */
- if (ldns_fget_keyword_data_l(f, "Prime1", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
+ if (ldns_fget_keyword_data_l(f, "Prime1", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
goto error;
}
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->p = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->p) {
+ i = ldns_b64_pton((const char*)b, buf, ldns_b64_ntop_calculate_size(strlen(b)));
+ p = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!p) {
goto error;
}
/* Prime2, rsa->q */
- if (ldns_fget_keyword_data_l(f, "Prime2", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
+ if (ldns_fget_keyword_data_l(f, "Prime2", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
goto error;
}
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->q = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->q) {
+ i = ldns_b64_pton((const char*)b, buf, ldns_b64_ntop_calculate_size(strlen(b)));
+ q = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!q) {
goto error;
}
/* Exponent1, rsa->dmp1 */
- if (ldns_fget_keyword_data_l(f, "Exponent1", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
+ if (ldns_fget_keyword_data_l(f, "Exponent1", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
goto error;
}
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->dmp1 = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->dmp1) {
+ i = ldns_b64_pton((const char*)b, buf, ldns_b64_ntop_calculate_size(strlen(b)));
+ dmp1 = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!dmp1) {
goto error;
}
/* Exponent2, rsa->dmq1 */
- if (ldns_fget_keyword_data_l(f, "Exponent2", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
+ if (ldns_fget_keyword_data_l(f, "Exponent2", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
goto error;
}
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->dmq1 = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->dmq1) {
+ i = ldns_b64_pton((const char*)b, buf, ldns_b64_ntop_calculate_size(strlen(b)));
+ dmq1 = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!dmq1) {
goto error;
}
/* Coefficient, rsa->iqmp */
- if (ldns_fget_keyword_data_l(f, "Coefficient", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
+ if (ldns_fget_keyword_data_l(f, "Coefficient", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
goto error;
}
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->iqmp = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->iqmp) {
+ i = ldns_b64_pton((const char*)b, buf, ldns_b64_ntop_calculate_size(strlen(b)));
+ iqmp = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!iqmp) {
goto error;
}
#endif /* splint */
+#if OPENSSL_VERSION_NUMBER < 0x10100000
+ rsa->n = n;
+ rsa->e = e;
+ rsa->d = d;
+ rsa->p = p;
+ rsa->q = q;
+ rsa->dmp1 = dmp1;
+ rsa->dmq1 = dmq1;
+ rsa->iqmp = iqmp;
+#else
+ if(!RSA_set0_key(rsa, n, e, d))
+ goto error;
+ if(!RSA_set0_factors(rsa, p, q))
+ goto error;
+ if(!RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp))
+ goto error;
+#endif
+
LDNS_FREE(buf);
- LDNS_FREE(d);
+ LDNS_FREE(b);
return rsa;
error:
RSA_free(rsa);
- LDNS_FREE(d);
+ LDNS_FREE(b);
LDNS_FREE(buf);
+ BN_free(n);
+ BN_free(e);
+ BN_free(d);
+ BN_free(p);
+ BN_free(q);
+ BN_free(dmp1);
+ BN_free(dmq1);
+ BN_free(iqmp);
return NULL;
}
char *d;
DSA *dsa;
uint8_t *buf;
+ BIGNUM *p=NULL, *q=NULL, *g=NULL, *priv_key=NULL, *pub_key=NULL;
d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
buf = LDNS_XMALLOC(uint8_t, LDNS_MAX_LINELEN);
}
i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
#ifndef S_SPLINT_S
- dsa->p = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->p) {
+ p = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!p) {
goto error;
}
goto error;
}
i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- dsa->q = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->q) {
+ q = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!q) {
goto error;
}
goto error;
}
i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- dsa->g = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->g) {
+ g = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!g) {
goto error;
}
goto error;
}
i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- dsa->priv_key = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->priv_key) {
+ priv_key = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!priv_key) {
goto error;
}
goto error;
}
i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- dsa->pub_key = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->pub_key) {
+ pub_key = BN_bin2bn((const char unsigned*)buf, i, NULL);
+ if (!pub_key) {
goto error;
}
#endif /* splint */
+#if OPENSSL_VERSION_NUMBER < 0x10100000
+ dsa->p = p;
+ dsa->q = q;
+ dsa->g = g;
+ dsa->priv_key = priv_key;
+ dsa->pub_key = pub_key;
+#else
+ if(!DSA_set0_pqg(dsa, p, q, g))
+ goto error;
+ if(!DSA_set0_key(dsa, pub_key, priv_key))
+ goto error;
+#endif
+
LDNS_FREE(buf);
LDNS_FREE(d);
LDNS_FREE(d);
LDNS_FREE(buf);
DSA_free(dsa);
+ BN_free(p);
+ BN_free(q);
+ BN_free(g);
+ BN_free(priv_key);
+ BN_free(pub_key);
return NULL;
}
ldns_key_rsa2bin(unsigned char *data, RSA *k, uint16_t *size)
{
int i,j;
+ const BIGNUM *n=NULL, *e=NULL;
if (!k) {
return false;
}
+#if OPENSSL_VERSION_NUMBER < 0x10100000
+ n = k->n;
+ e = k->e;
+#else
+ RSA_get0_key(k, &n, &e, NULL);
+#endif
- if (BN_num_bytes(k->e) <= 256) {
+ if (BN_num_bytes(e) <= 256) {
/* normally only this path is executed (small factors are
* more common
*/
- data[0] = (unsigned char) BN_num_bytes(k->e);
- i = BN_bn2bin(k->e, data + 1);
- j = BN_bn2bin(k->n, data + i + 1);
+ data[0] = (unsigned char) BN_num_bytes(e);
+ i = BN_bn2bin(e, data + 1);
+ j = BN_bn2bin(n, data + i + 1);
*size = (uint16_t) i + j;
- } else if (BN_num_bytes(k->e) <= 65536) {
+ } else if (BN_num_bytes(e) <= 65536) {
data[0] = 0;
/* BN_bn2bin does bigendian, _uint16 also */
- ldns_write_uint16(data + 1, (uint16_t) BN_num_bytes(k->e));
+ ldns_write_uint16(data + 1, (uint16_t) BN_num_bytes(e));
- BN_bn2bin(k->e, data + 3);
- BN_bn2bin(k->n, data + 4 + BN_num_bytes(k->e));
- *size = (uint16_t) BN_num_bytes(k->n) + 6;
+ BN_bn2bin(e, data + 3);
+ BN_bn2bin(n, data + 4 + BN_num_bytes(e));
+ *size = (uint16_t) BN_num_bytes(n) + 6;
} else {
return false;
}
projects / thirdparty / ldns.git / commitdiff
