From: Nikos Mavrogiannopoulos Date: Mon, 27 Jan 2014 12:37:17 +0000 (+0100) Subject: Added functions to directly import parameters into a gnutls_privkey_t X-Git-Tag: gnutls_3_3_0pre0~253 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=560e84276ec9ffd72042731b154b428d60656709;p=thirdparty%2Fgnutls.git Added functions to directly import parameters into a gnutls_privkey_t Added gnutls_privkey_import_ecc_raw, gnutls_privkey_import_dsa_raw, gnutls_privkey_import_rsa_raw --- diff --git a/NEWS b/NEWS index 1f9a58030b..5900830a10 100644 --- a/NEWS +++ b/NEWS @@ -74,6 +74,9 @@ gnutls_sec_param_to_symmetric_bits: Added gnutls_privkey_get_pk_ecc_raw: Added gnutls_privkey_get_pk_dsa_raw: Added gnutls_privkey_get_pk_rsa_raw: Added +gnutls_privkey_import_ecc_raw: Added +gnutls_privkey_import_dsa_raw: Added +gnutls_privkey_import_rsa_raw: Added gnutls_digest_self_test: Added (conditionally) gnutls_mac_self_test: Added (conditionally) gnutls_pk_self_test: Added (conditionally) diff --git a/lib/gnutls_privkey.c b/lib/gnutls_privkey.c index 8a847cd64e..f91ea04123 100644 --- a/lib/gnutls_privkey.c +++ b/lib/gnutls_privkey.c @@ -1128,142 +1128,3 @@ int gnutls_privkey_status(gnutls_privkey_t key) return 1; } } - -/** - * gnutls_privkey_get_pk_rsa_raw: - * @key: Holds the certificate - * @m: will hold the modulus - * @e: will hold the public exponent - * @d: will hold the private exponent - * @p: will hold the first prime (p) - * @q: will hold the second prime (q) - * @u: will hold the coefficient - * @e1: will hold e1 = d mod (p-1) - * @e2: will hold e2 = d mod (q-1) - * - * This function will export the RSA private key's parameters found - * in the given structure. The new parameters will be allocated using - * gnutls_malloc() and will be stored in the appropriate datum. - * - * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. - * - * Since: 3.3.0 - **/ -int -gnutls_privkey_get_pk_rsa_raw(gnutls_privkey_t key, - gnutls_datum_t * m, gnutls_datum_t * e, - gnutls_datum_t * d, gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * u, - gnutls_datum_t * e1, - gnutls_datum_t * e2) -{ -gnutls_pk_params_st params; -int ret; - - if (key == NULL) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - - gnutls_pk_params_init(¶ms); - - ret = _gnutls_privkey_get_mpis(key, ¶ms); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_params_get_rsa_raw(¶ms, m, e, d, p, q, u, e1, e2); - - gnutls_pk_params_release(¶ms); - - return ret; -} - -/** - * gnutls_privkey_get_pk_dsa_raw: - * @key: Holds the public key - * @p: will hold the p - * @q: will hold the q - * @g: will hold the g - * @y: will hold the y - * @x: will hold the x - * - * This function will export the DSA private key's parameters found - * in the given structure. The new parameters will be allocated using - * gnutls_malloc() and will be stored in the appropriate datum. - * - * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. - * - * Since: 3.3.0 - **/ -int -gnutls_privkey_get_pk_dsa_raw(gnutls_privkey_t key, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y, - gnutls_datum_t * x) -{ -gnutls_pk_params_st params; -int ret; - - if (key == NULL) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - - gnutls_pk_params_init(¶ms); - - ret = _gnutls_privkey_get_mpis(key, ¶ms); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_params_get_dsa_raw(¶ms, p, q, g, y, x); - - gnutls_pk_params_release(¶ms); - - return ret; -} - - -/** - * gnutls_privkey_get_pk_ecc_raw: - * @key: Holds the public key - * @curve: will hold the curve - * @x: will hold the x coordinate - * @y: will hold the y coordinate - * @k: will hold the private key - * - * This function will export the ECC private key's parameters found - * in the given structure. The new parameters will be allocated using - * gnutls_malloc() and will be stored in the appropriate datum. - * - * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. - * - * Since: 3.3.0 - **/ -int -gnutls_privkey_get_pk_ecc_raw(gnutls_privkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_datum_t * x, - gnutls_datum_t * y, - gnutls_datum_t * k) -{ -gnutls_pk_params_st params; -int ret; - - if (key == NULL) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - - gnutls_pk_params_init(¶ms); - - ret = _gnutls_privkey_get_mpis(key, ¶ms); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_params_get_ecc_raw(¶ms, curve, x, y, k); - - gnutls_pk_params_release(¶ms); - - return ret; -} - diff --git a/lib/gnutls_privkey_raw.c b/lib/gnutls_privkey_raw.c new file mode 100644 index 0000000000..62816caa28 --- /dev/null +++ b/lib/gnutls_privkey_raw.c @@ -0,0 +1,330 @@ +/* + * Copyright (C) 2010-2014 Free Software Foundation, Inc. + * + * Author: Nikos Mavrogiannopoulos + * + * The GnuTLS is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * as published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/** + * gnutls_privkey_get_pk_rsa_raw: + * @key: Holds the certificate + * @m: will hold the modulus + * @e: will hold the public exponent + * @d: will hold the private exponent + * @p: will hold the first prime (p) + * @q: will hold the second prime (q) + * @u: will hold the coefficient + * @e1: will hold e1 = d mod (p-1) + * @e2: will hold e2 = d mod (q-1) + * + * This function will export the RSA private key's parameters found + * in the given structure. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. + * + * Since: 3.3.0 + **/ +int +gnutls_privkey_get_pk_rsa_raw(gnutls_privkey_t key, + gnutls_datum_t * m, gnutls_datum_t * e, + gnutls_datum_t * d, gnutls_datum_t * p, + gnutls_datum_t * q, gnutls_datum_t * u, + gnutls_datum_t * e1, + gnutls_datum_t * e2) +{ +gnutls_pk_params_st params; +int ret; + + if (key == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + + gnutls_pk_params_init(¶ms); + + ret = _gnutls_privkey_get_mpis(key, ¶ms); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_params_get_rsa_raw(¶ms, m, e, d, p, q, u, e1, e2); + + gnutls_pk_params_release(¶ms); + + return ret; +} + +/** + * gnutls_privkey_get_pk_dsa_raw: + * @key: Holds the public key + * @p: will hold the p + * @q: will hold the q + * @g: will hold the g + * @y: will hold the y + * @x: will hold the x + * + * This function will export the DSA private key's parameters found + * in the given structure. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. + * + * Since: 3.3.0 + **/ +int +gnutls_privkey_get_pk_dsa_raw(gnutls_privkey_t key, + gnutls_datum_t * p, gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y, + gnutls_datum_t * x) +{ +gnutls_pk_params_st params; +int ret; + + if (key == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + + gnutls_pk_params_init(¶ms); + + ret = _gnutls_privkey_get_mpis(key, ¶ms); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_params_get_dsa_raw(¶ms, p, q, g, y, x); + + gnutls_pk_params_release(¶ms); + + return ret; +} + + +/** + * gnutls_privkey_get_pk_ecc_raw: + * @key: Holds the public key + * @curve: will hold the curve + * @x: will hold the x coordinate + * @y: will hold the y coordinate + * @k: will hold the private key + * + * This function will export the ECC private key's parameters found + * in the given structure. The new parameters will be allocated using + * gnutls_malloc() and will be stored in the appropriate datum. + * + * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. + * + * Since: 3.3.0 + **/ +int +gnutls_privkey_get_pk_ecc_raw(gnutls_privkey_t key, + gnutls_ecc_curve_t * curve, + gnutls_datum_t * x, + gnutls_datum_t * y, + gnutls_datum_t * k) +{ +gnutls_pk_params_st params; +int ret; + + if (key == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + + gnutls_pk_params_init(¶ms); + + ret = _gnutls_privkey_get_mpis(key, ¶ms); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_params_get_ecc_raw(¶ms, curve, x, y, k); + + gnutls_pk_params_release(¶ms); + + return ret; +} + +/** + * gnutls_privkey_import_rsa_raw: + * @key: The structure to store the parsed key + * @m: holds the modulus + * @e: holds the public exponent + * @d: holds the private exponent + * @p: holds the first prime (p) + * @q: holds the second prime (q) + * @u: holds the coefficient + * @e1: holds e1 = d mod (p-1), may be null + * @e2: holds e2 = d mod (q-1), may be null + * + * This function will convert the given RSA raw parameters to the + * native #gnutls_privkey_t format. The output will be stored in + * @key. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * negative error value. + **/ +int +gnutls_privkey_import_rsa_raw(gnutls_privkey_t key, + const gnutls_datum_t * m, + const gnutls_datum_t * e, + const gnutls_datum_t * d, + const gnutls_datum_t * p, + const gnutls_datum_t * q, + const gnutls_datum_t * u, + const gnutls_datum_t * e1, + const gnutls_datum_t * e2) +{ +int ret; +gnutls_x509_privkey_t xkey; + + ret = gnutls_x509_privkey_init(&xkey); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = gnutls_x509_privkey_import_rsa_raw2(xkey, m, e, d, p, q, u, e1, e1); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + ret = gnutls_privkey_import_x509(key, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + return 0; + +error: + gnutls_x509_privkey_deinit(&xkey); + return ret; +} + +/** + * gnutls_privkey_import_dsa_raw: + * @key: The structure to store the parsed key + * @p: holds the p + * @q: holds the q + * @g: holds the g + * @y: holds the y + * @x: holds the x + * + * This function will convert the given DSA raw parameters to the + * native #gnutls_privkey_t format. The output will be stored + * in @key. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * negative error value. + **/ +int +gnutls_privkey_import_dsa_raw(gnutls_privkey_t key, + const gnutls_datum_t * p, + const gnutls_datum_t * q, + const gnutls_datum_t * g, + const gnutls_datum_t * y, + const gnutls_datum_t * x) +{ +int ret; +gnutls_x509_privkey_t xkey; + + ret = gnutls_x509_privkey_init(&xkey); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = gnutls_x509_privkey_import_dsa_raw(xkey, p, q, g, y, x); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + ret = gnutls_privkey_import_x509(key, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + return 0; + +error: + gnutls_x509_privkey_deinit(&xkey); + return ret; +} + +/** + * gnutls_privkey_import_ecc_raw: + * @key: The structure to store the parsed key + * @curve: holds the curve + * @x: holds the x + * @y: holds the y + * @k: holds the k + * + * This function will convert the given elliptic curve parameters to the + * native #gnutls_privkey_t format. The output will be stored + * in @key. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * negative error value. + * + * Since: 3.0 + **/ +int +gnutls_privkey_import_ecc_raw(gnutls_privkey_t key, + gnutls_ecc_curve_t curve, + const gnutls_datum_t * x, + const gnutls_datum_t * y, + const gnutls_datum_t * k) +{ +int ret; +gnutls_x509_privkey_t xkey; + + ret = gnutls_x509_privkey_init(&xkey); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = gnutls_x509_privkey_import_ecc_raw(xkey, curve, y, x, k); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + ret = gnutls_privkey_import_x509(key, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + return 0; + +error: + gnutls_x509_privkey_deinit(&xkey); + return ret; +} + diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h index 0a17d8bddd..51ed11a3f4 100644 --- a/lib/includes/gnutls/abstract.h +++ b/lib/includes/gnutls/abstract.h @@ -325,6 +325,29 @@ gnutls_privkey_import_ext2(gnutls_privkey_t pkey, gnutls_privkey_deinit_func deinit_func, unsigned int flags); +int gnutls_privkey_import_dsa_raw(gnutls_privkey_t key, + const gnutls_datum_t * p, + const gnutls_datum_t * q, + const gnutls_datum_t * g, + const gnutls_datum_t * y, + const gnutls_datum_t * x); + +int gnutls_privkey_import_rsa_raw(gnutls_privkey_t key, + const gnutls_datum_t * m, + const gnutls_datum_t * e, + const gnutls_datum_t * d, + const gnutls_datum_t * p, + const gnutls_datum_t * q, + const gnutls_datum_t * u, + const gnutls_datum_t * e1, + const gnutls_datum_t * e2); +int gnutls_privkey_import_ecc_raw(gnutls_privkey_t key, + gnutls_ecc_curve_t curve, + const gnutls_datum_t * x, + const gnutls_datum_t * y, + const gnutls_datum_t * k); + + int gnutls_privkey_sign_data(gnutls_privkey_t signer, gnutls_digest_algorithm_t hash, unsigned int flags, diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 01a6739b0a..19bc0fe9ab 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -933,6 +933,9 @@ GNUTLS_3_1_0 { gnutls_privkey_get_pk_ecc_raw; gnutls_privkey_get_pk_dsa_raw; gnutls_privkey_get_pk_rsa_raw; + gnutls_privkey_import_rsa_raw; + gnutls_privkey_import_dsa_raw; + gnutls_privkey_import_ecc_raw; } GNUTLS_3_0_0; GNUTLS_PRIVATE {