Ejemplo n.º 1
0
static cdk_packet_t
find_key_packet( cdk_kbnode_t knode, int * r_is_sk )
{
    cdk_packet_t pkt;

    pkt = cdk_kbnode_find_packet( knode, CDK_PKT_PUBLIC_KEY );
    if( !pkt ) {
        pkt = cdk_kbnode_find_packet( knode, CDK_PKT_SECRET_KEY );
        if( r_is_sk )
            *r_is_sk = pkt? 1 : 0;
    }
    return pkt;
}
Ejemplo n.º 2
0
/**
 * gnutls_openpgp_key_get_id - Gets the keyID
 * @key: the structure that contains the OpenPGP public key.
 * @keyid: the buffer to save the keyid.
 *
 * Returns the 64-bit keyID of the OpenPGP key.
 **/
int
gnutls_openpgp_key_get_id (gnutls_openpgp_key_t key, unsigned char keyid[8])
{
  cdk_packet_t pkt;
  cdk_pkt_pubkey_t pk = NULL;
  uint32_t kid[2];

  if (!key || !keyid)
    {
      gnutls_assert ();
      return GNUTLS_E_INVALID_REQUEST;
    }

  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_PUBLIC_KEY);
  if (!pkt)
    return GNUTLS_E_OPENPGP_GETKEY_FAILED;

  pk = pkt->pkt.public_key;
  cdk_pk_get_keyid (pk, kid);
  keyid[0] = kid[0] >> 24;
  keyid[1] = kid[0] >> 16;
  keyid[2] = kid[0] >> 8;
  keyid[3] = kid[0];
  keyid[4] = kid[1] >> 24;
  keyid[5] = kid[1] >> 16;
  keyid[6] = kid[1] >> 8;
  keyid[7] = kid[1];

  return 0;
}
Ejemplo n.º 3
0
/**
  * gnutls_openpgp_key_get_pk_algorithm - This function returns the key's PublicKey algorithm
  * @key: is an OpenPGP key
  * @bits: if bits is non null it will hold the size of the parameters' in bits
  *
  * This function will return the public key algorithm of an OpenPGP
  * certificate.
  *
  * If bits is non null, it should have enough size to hold the parameters
  * size in bits. For RSA the bits returned is the modulus. 
  * For DSA the bits returned are of the public exponent.
  *
  * Returns a member of the GNUTLS_PKAlgorithm enumeration on success,
  * or a negative value on error.
  *
  **/
int
gnutls_openpgp_key_get_pk_algorithm (gnutls_openpgp_key_t key,
				     unsigned int *bits)
{
  cdk_packet_t pkt;
  int algo = 0;

  if (!key)
    return GNUTLS_E_INVALID_REQUEST;

  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_PUBLIC_KEY);
  if (pkt && pkt->pkttype == CDK_PKT_PUBLIC_KEY)
    {
      if (bits)
	*bits = cdk_pk_get_nbits (pkt->pkt.public_key);
      algo = pkt->pkt.public_key->pubkey_algo;
      if (is_RSA (algo))
	algo = GNUTLS_PK_RSA;
      else if (is_DSA (algo))
	algo = GNUTLS_PK_DSA;
      else
	algo = GNUTLS_E_UNKNOWN_PK_ALGORITHM;
    }

  return algo;
}
Ejemplo n.º 4
0
/**
 * gnutls_openpgp_privkey_get_fingerprint:
 * @key: the raw data that contains the OpenPGP secret key.
 * @fpr: the buffer to save the fingerprint, must hold at least 20 bytes.
 * @fprlen: the integer to save the length of the fingerprint.
 *
 * Get the fingerprint of the OpenPGP key. Depends on the
 * algorithm, the fingerprint can be 16 or 20 bytes.
 *
 * Returns: On success, 0 is returned, or an error code.
 *
 * Since: 2.4.0
 **/
int
gnutls_openpgp_privkey_get_fingerprint(gnutls_openpgp_privkey_t key,
				       void *fpr, size_t * fprlen)
{
	cdk_packet_t pkt;
	cdk_pkt_pubkey_t pk = NULL;

	if (!fpr || !fprlen) {
		gnutls_assert();
		return GNUTLS_E_INVALID_REQUEST;
	}

	*fprlen = 0;

	pkt = cdk_kbnode_find_packet(key->knode, CDK_PKT_SECRET_KEY);
	if (!pkt) {
		gnutls_assert();
		return GNUTLS_E_OPENPGP_GETKEY_FAILED;
	}

	pk = pkt->pkt.secret_key->pk;
	*fprlen = 20;

	if (is_RSA(pk->pubkey_algo) && pk->version < 4)
		*fprlen = 16;

	cdk_pk_get_fingerprint(pk, fpr);

	return 0;
}
Ejemplo n.º 5
0
/**
  * gnutls_openpgp_key_get_key_usage - This function returns the key's usage
  * @key: should contain a gnutls_openpgp_key_t structure
  * @key_usage: where the key usage bits will be stored
  *
  * This function will return certificate's key usage, by checking the
  * key algorithm. The key usage value will ORed values of the:
  * GNUTLS_KEY_DIGITAL_SIGNATURE, GNUTLS_KEY_KEY_ENCIPHERMENT.
  *
  * A negative value may be returned in case of parsing error.
  *
  **/
int
gnutls_openpgp_key_get_key_usage (gnutls_openpgp_key_t key,
				  unsigned int *key_usage)
{
  cdk_packet_t pkt;
  int algo = 0;

  if (!key)
    return GNUTLS_E_INVALID_REQUEST;

  *key_usage = 0;

  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_PUBLIC_KEY);
  if (pkt && pkt->pkttype == CDK_PKT_PUBLIC_KEY)
    {
      algo = pkt->pkt.public_key->pubkey_algo;

      if (is_DSA (algo) || algo == GCRY_PK_RSA_S)
	*key_usage |= KEY_DIGITAL_SIGNATURE;
      else if (algo == GCRY_PK_RSA_E)
	*key_usage |= KEY_KEY_ENCIPHERMENT;
      else if (algo == GCRY_PK_RSA)
	*key_usage |= KEY_DIGITAL_SIGNATURE | KEY_KEY_ENCIPHERMENT;
    }

  return 0;
}
Ejemplo n.º 6
0
Archivo: pgp.c Proyecto: intgr/gnutls
/**
 * gnutls_openpgp_crt_import:
 * @key: The structure to store the parsed key.
 * @data: The RAW or BASE64 encoded key.
 * @format: One of gnutls_openpgp_crt_fmt_t elements.
 *
 * This function will convert the given RAW or Base64 encoded key to
 * the native #gnutls_openpgp_crt_t format. The output will be stored
 * in 'key'.
 *
 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
 **/
int
gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key,
                           const gnutls_datum_t * data,
                           gnutls_openpgp_crt_fmt_t format)
{
  cdk_packet_t pkt;
  int rc, armor;

  if (data->data == NULL || data->size == 0)
    {
      gnutls_assert ();
      return GNUTLS_E_OPENPGP_GETKEY_FAILED;
    }

  if (format == GNUTLS_OPENPGP_FMT_RAW) armor = 0;
  else armor = 1;

  rc = cdk_kbnode_read_from_mem (&key->knode, armor, data->data, data->size);
  if (rc)
    {
      rc = _gnutls_map_cdk_rc (rc);
      gnutls_assert ();
      return rc;
    }

  /* Test if the import was successful. */
  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_PUBLIC_KEY);
  if (pkt == NULL)
    {
      gnutls_assert ();
      return GNUTLS_E_OPENPGP_GETKEY_FAILED;
    }

  return 0;
}
Ejemplo n.º 7
0
/**
 * gnutls_openpgp_key_get_expiration_time - Extract the expire date
 * @key: the structure that contains the OpenPGP public key.
 *
 * Returns the time when the OpenPGP key expires. A value of '0' means
 * that the key doesn't expire at all.
 **/
time_t
gnutls_openpgp_key_get_expiration_time (gnutls_openpgp_key_t key)
{
  cdk_packet_t pkt;
  time_t expiredate = 0;

  if (!key)
    return (time_t) - 1;

  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_PUBLIC_KEY);
  if (pkt)
    expiredate = pkt->pkt.public_key->expiredate;

  return expiredate;
}
Ejemplo n.º 8
0
/**
 * gnutls_openpgp_key_get_creation_time - Extract the timestamp
 * @key: the structure that contains the OpenPGP public key.
 *
 * Returns the timestamp when the OpenPGP key was created.
 **/
time_t
gnutls_openpgp_key_get_creation_time (gnutls_openpgp_key_t key)
{
  cdk_packet_t pkt;
  time_t timestamp = 0;

  if (!key)
    return (time_t) - 1;

  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_PUBLIC_KEY);
  if (pkt)
    timestamp = pkt->pkt.public_key->timestamp;

  return timestamp;
}
Ejemplo n.º 9
0
/**
 * gnutls_openpgp_key_get_version - Extracts the version of the key.
 * @key: the structure that contains the OpenPGP public key.
 *
 * Extract the version of the OpenPGP key.
 **/
int
gnutls_openpgp_key_get_version (gnutls_openpgp_key_t key)
{
  cdk_packet_t pkt;
  int version = 0;

  if (!key)
    return -1;

  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_PUBLIC_KEY);
  if (pkt)
    version = pkt->pkt.public_key->version;

  return version;
}
Ejemplo n.º 10
0
Archivo: kbnode.c Proyecto: ares89/vlc
/**
 * cdk_kbnode_hash:
 * @node: the key node
 * @hashctx: opaque pointer to the hash context
 * @is_v4: OpenPGP signature (yes=1, no=0)
 * @pkttype: packet type to hash (if zero use the packet type from the node)
 * @flags: flags which depend on the operation
 *
 * Hashes the key node contents. Two modes are supported. If the packet
 * type is used (!= 0) then the function searches the first node with
 * this type. Otherwise the node is seen as a single node and the type
 * is extracted from it.
 **/
cdk_error_t
cdk_kbnode_hash (cdk_kbnode_t node, digest_hd_st * md, int is_v4,
                 cdk_packet_type_t pkttype, int flags)
{
  cdk_packet_t pkt;

  if (!node || !md)
    {
      gnutls_assert ();
      return CDK_Inv_Value;
    }
  if (!pkttype)
    {
      pkt = cdk_kbnode_get_packet (node);
      pkttype = pkt->pkttype;
    }
  else
    {
      pkt = cdk_kbnode_find_packet (node, pkttype);
      if (!pkt)
        {
          gnutls_assert ();
          return CDK_Inv_Packet;
        }
    }

  switch (pkttype)
    {
    case CDK_PKT_PUBLIC_KEY:
    case CDK_PKT_PUBLIC_SUBKEY:
      _cdk_hash_pubkey (pkt->pkt.public_key, md, flags & 1);
      break;

    case CDK_PKT_USER_ID:
      _cdk_hash_userid (pkt->pkt.user_id, is_v4, md);
      break;

    case CDK_PKT_SIGNATURE:
      _cdk_hash_sig_data (pkt->pkt.signature, md);
      break;

    default:
      gnutls_assert ();
      return CDK_Inv_Mode;
    }
  return 0;
}
Ejemplo n.º 11
0
/**
 * gnutls_openpgp_privkey_get_revoked_status:
 * @key: the structure that contains the OpenPGP private key.
 *
 * Get revocation status of key.
 *
 * Returns: true (1) if the key has been revoked, or false (0) if it
 *   has not, or a negative error code indicates an error.
 *
 * Since: 2.4.0
 **/
int gnutls_openpgp_privkey_get_revoked_status(gnutls_openpgp_privkey_t key)
{
	cdk_packet_t pkt;

	if (!key) {
		gnutls_assert();
		return GNUTLS_E_INVALID_REQUEST;
	}

	pkt = cdk_kbnode_find_packet(key->knode, CDK_PKT_SECRET_KEY);
	if (!pkt)
		return GNUTLS_E_OPENPGP_GETKEY_FAILED;

	if (pkt->pkt.secret_key->is_revoked != 0)
		return 1;
	return 0;
}
Ejemplo n.º 12
0
/**
 * gnutls_openpgp_privkey_get_key_id:
 * @key: the structure that contains the OpenPGP secret key.
 * @keyid: the buffer to save the keyid.
 *
 * Get key-id.
 *
 * Returns: the 64-bit keyID of the OpenPGP key.
 *
 * Since: 2.4.0
 **/
int
gnutls_openpgp_privkey_get_key_id(gnutls_openpgp_privkey_t key,
				  gnutls_openpgp_keyid_t keyid)
{
	cdk_packet_t pkt;
	uint32_t kid[2];

	if (!key || !keyid) {
		gnutls_assert();
		return GNUTLS_E_INVALID_REQUEST;
	}

	pkt = cdk_kbnode_find_packet(key->knode, CDK_PKT_SECRET_KEY);
	if (!pkt)
		return GNUTLS_E_OPENPGP_GETKEY_FAILED;

	cdk_sk_get_keyid(pkt->pkt.secret_key, kid);
	_gnutls_write_uint32(kid[0], keyid);
	_gnutls_write_uint32(kid[1], keyid + 4);

	return 0;
}
Ejemplo n.º 13
0
/**
 * gnutls_openpgp_privkey_get_subkey_expiration_time:
 * @key: the structure that contains the OpenPGP private key.
 * @idx: the subkey index
 *
 * Get subkey expiration time.  A value of '0' means that the key
 * doesn't expire at all.
 *
 * Returns: the time when the OpenPGP key expires.
 *
 * Since: 2.4.0
 **/
time_t
gnutls_openpgp_privkey_get_subkey_expiration_time (gnutls_openpgp_privkey_t
                                                   key, unsigned int idx)
{
  cdk_packet_t pkt;
  time_t timestamp;

  if (!key)
    return (time_t) - 1;

  if (idx == GNUTLS_OPENPGP_MASTER_KEYID_IDX)
    pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY);
  else 
    pkt = _get_secret_subkey (key, idx);

  if (pkt)
    timestamp = pkt->pkt.secret_key->pk->expiredate;
  else
    timestamp = 0;

  return timestamp;
}
Ejemplo n.º 14
0
/**
 * gnutls_openpgp_privkey_get_pk_algorithm:
 * @key: is an OpenPGP key
 * @bits: if bits is non null it will hold the size of the parameters' in bits
 *
 * This function will return the public key algorithm of an OpenPGP
 * certificate.
 *
 * If bits is non null, it should have enough size to hold the parameters
 * size in bits. For RSA the bits returned is the modulus.
 * For DSA the bits returned are of the public exponent.
 *
 * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
 *   success, or a negative error code on error.
 *
 * Since: 2.4.0
 **/
gnutls_pk_algorithm_t
gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key,
                                         unsigned int *bits)
{
  cdk_packet_t pkt;
  int algo = 0, ret;
  uint8_t keyid[GNUTLS_OPENPGP_KEYID_SIZE];

  if (!key)
    {
      gnutls_assert ();
      return GNUTLS_PK_UNKNOWN;
    }

  ret = gnutls_openpgp_privkey_get_preferred_key_id (key, keyid);
  if (ret == 0)
    {
      int idx;

      idx = gnutls_openpgp_privkey_get_subkey_idx (key, keyid);
      if (idx != GNUTLS_OPENPGP_MASTER_KEYID_IDX)
        {
          algo =
            gnutls_openpgp_privkey_get_subkey_pk_algorithm (key, idx, bits);
          return algo;
        }
    }

  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY);
  if (pkt)
    {
      if (bits)
        *bits = cdk_pk_get_nbits (pkt->pkt.secret_key->pk);
      algo = _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo);
    }

  return algo;
}
Ejemplo n.º 15
0
/**
 * gnutls_openpgp_privkey_get_pk_algorithm:
 * @key: is an OpenPGP key
 * @bits: if bits is non null it will hold the size of the parameters' in bits
 *
 * This function will return the public key algorithm of an OpenPGP
 * certificate.
 *
 * If bits is non null, it should have enough size to hold the parameters
 * size in bits. For RSA the bits returned is the modulus.
 * For DSA the bits returned are of the public exponent.
 *
 * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
 *   success, or a negative value on error.
 *
 * Since: 2.4.0
 **/
gnutls_pk_algorithm_t
gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key,
					 unsigned int *bits)
{
  cdk_packet_t pkt;
  int algo;

  if (!key)
    {
      gnutls_assert ();
      return GNUTLS_PK_UNKNOWN;
    }

  algo = 0;
  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY);
  if (pkt)
    {
      if (bits)
	*bits = cdk_pk_get_nbits (pkt->pkt.secret_key->pk);
      algo = _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo);
    }

  return algo;
}
Ejemplo n.º 16
0
/* Extracts DSA and RSA parameters from a certificate.
 */
int
_gnutls_openpgp_privkey_get_mpis(gnutls_openpgp_privkey_t pkey,
				 uint32_t * keyid /*[2] */ ,
				 gnutls_pk_params_st * params)
{
	int result;
	unsigned int i, pk_algorithm;
	cdk_packet_t pkt;
	unsigned total;

	gnutls_pk_params_init(params);

	if (keyid == NULL)
		pkt =
		    cdk_kbnode_find_packet(pkey->knode,
					   CDK_PKT_SECRET_KEY);
	else
		pkt = _gnutls_openpgp_find_key(pkey->knode, keyid, 1);

	if (pkt == NULL) {
		gnutls_assert();
		return GNUTLS_E_OPENPGP_GETKEY_FAILED;
	}

	pk_algorithm =
	    _gnutls_openpgp_get_algo(pkt->pkt.secret_key->pk->pubkey_algo);

	switch (pk_algorithm) {
	case GNUTLS_PK_RSA:
		/* openpgp does not hold all parameters as in PKCS #1
		 */
		total = RSA_PRIVATE_PARAMS - 2;
		break;
	case GNUTLS_PK_DSA:
		total = DSA_PRIVATE_PARAMS;
		break;
	default:
		gnutls_assert();
		return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
	}

	for (i = 0; i < total; i++) {
		result =
		    _gnutls_read_pgp_mpi(pkt, 1, i, &params->params[i]);
		if (result < 0) {
			gnutls_assert();
			goto error;
		}
		params->params_nr++;
	}

	/* fixup will generate exp1 and exp2 that are not
	 * available here.
	 */
	result = _gnutls_pk_fixup(pk_algorithm, GNUTLS_IMPORT, params);
	if (result < 0) {
		gnutls_assert();
		goto error;
	}

	return 0;

      error:
	gnutls_pk_params_clear(params);
	gnutls_pk_params_release(params);

	return result;
}
Ejemplo n.º 17
0
/* Extracts DSA and RSA parameters from a certificate.
 */
int
_gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey,
                                  uint32_t * keyid /*[2] */ ,
                                  bigint_t * params, int *params_size)
{
  int result, i;
  int pk_algorithm;
  gnutls_pk_params_st pk_params;
  cdk_packet_t pkt;

  memset (&pk_params, 0, sizeof (pk_params));

  if (keyid == NULL)
    pkt = cdk_kbnode_find_packet (pkey->knode, CDK_PKT_SECRET_KEY);
  else
    pkt = _gnutls_openpgp_find_key (pkey->knode, keyid, 1);

  if (pkt == NULL)
    {
      gnutls_assert ();
      return GNUTLS_E_OPENPGP_GETKEY_FAILED;
    }

  pk_algorithm =
    _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo);

  switch (pk_algorithm)
    {
    case GNUTLS_PK_RSA:
      /* openpgp does not hold all parameters as in PKCS #1
       */
      pk_params.params_nr = RSA_PRIVATE_PARAMS - 2;
      break;
    case GNUTLS_PK_DSA:
      pk_params.params_nr = DSA_PRIVATE_PARAMS;
      break;
    default:
      gnutls_assert ();
      return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
    }

  for (i = 0; i < pk_params.params_nr; i++)
    {
      result = _gnutls_read_pgp_mpi (pkt, 1, i, &pk_params.params[i]);
      if (result < 0)
        {
          gnutls_assert ();
          goto error;
        }
    }
  
  /* fixup will generate exp1 and exp2 that are not
   * available here.
   */
  result = _gnutls_pk_fixup (pk_algorithm, GNUTLS_IMPORT, &pk_params);
  if (result < 0)
    {
      gnutls_assert ();
      goto error;
    }

  if (*params_size < pk_params.params_nr)
    {
      gnutls_assert ();
      return GNUTLS_E_INTERNAL_ERROR;
    }

  *params_size = pk_params.params_nr;
  for (i = 0; i < pk_params.params_nr; i++)
    params[i] = pk_params.params[i];

  return 0;

error:
  {
    int j;
    for (j = 0; j < i; j++)
      _gnutls_mpi_release (&pk_params.params[j]);
  }

  return result;
}
Ejemplo n.º 18
0
/**
 * gnutls_openpgp_privkey_import:
 * @key: The structure to store the parsed key.
 * @data: The RAW or BASE64 encoded key.
 * @format: One of #gnutls_openpgp_crt_fmt_t elements.
 * @password: not used for now
 * @flags: should be zero
 *
 * This function will convert the given RAW or Base64 encoded key to
 * the native gnutls_openpgp_privkey_t format.  The output will be
 * stored in 'key'.
 *
 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
 **/
int
gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key,
			       const gnutls_datum_t * data,
			       gnutls_openpgp_crt_fmt_t format,
			       const char *password, unsigned int flags)
{
  cdk_stream_t inp;
  cdk_packet_t pkt;
  int rc;

  if (data->data == NULL || data->size == 0)
    {
      gnutls_assert ();
      return GNUTLS_E_OPENPGP_GETKEY_FAILED;
    }

  if (format == GNUTLS_OPENPGP_FMT_RAW)
    {
      rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size);
      if (rc != 0)
	{
	  rc = _gnutls_map_cdk_rc (rc);
	  gnutls_assert ();
	  return rc;
	}
    }
  else
    {
      rc = cdk_stream_tmp_from_mem (data->data, data->size, &inp);
      if (rc != 0)
	{
	  rc = _gnutls_map_cdk_rc (rc);
	  gnutls_assert ();
	  return rc;
	}

      if (cdk_armor_filter_use (inp))
	{
	  rc = cdk_stream_set_armor_flag (inp, 0);
	  if (rc != 0)
	    {
	      rc = _gnutls_map_cdk_rc (rc);
	      cdk_stream_close (inp);
	      gnutls_assert ();
	      return rc;
	    }
	}

      rc = cdk_keydb_get_keyblock (inp, &key->knode);
      cdk_stream_close (inp);

      if (rc != 0)
	{
	  rc = _gnutls_map_cdk_rc (rc);
	  gnutls_assert ();
	  return rc;
	}
    }

  /* Test if the import was successful. */
  pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY);
  if (pkt == NULL)
    {
      gnutls_assert ();
      return GNUTLS_E_OPENPGP_GETKEY_FAILED;
    }

  return 0;
}
Ejemplo n.º 19
0
/* Extracts DSA and RSA parameters from a certificate.
 */
int
_gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey,
				  uint32_t * keyid /*[2] */ ,
				  bigint_t * params, int *params_size)
{
  int result, i;
  int pk_algorithm, local_params;
  cdk_packet_t pkt;

  if (keyid == NULL)
    pkt = cdk_kbnode_find_packet (pkey->knode, CDK_PKT_SECRET_KEY);
  else
    pkt = _gnutls_openpgp_find_key (pkey->knode, keyid, 1);

  if (pkt == NULL)
    {
      gnutls_assert ();
      return GNUTLS_E_OPENPGP_GETKEY_FAILED;
    }

  pk_algorithm =
    _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo);

  switch (pk_algorithm)
    {
    case GNUTLS_PK_RSA:
      local_params = RSA_PRIVATE_PARAMS;
      break;
    case GNUTLS_PK_DSA:
      local_params = DSA_PRIVATE_PARAMS;
      break;
    default:
      gnutls_assert ();
      return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
    }

  if (*params_size < local_params)
    {
      gnutls_assert ();
      return GNUTLS_E_INTERNAL_ERROR;
    }

  *params_size = local_params;


  for (i = 0; i < local_params; i++)
    {
      result = _gnutls_read_pgp_mpi (pkt, 1, i, &params[i]);
      if (result < 0)
	{
	  gnutls_assert ();
	  goto error;
	}
    }

  return 0;

error:
  {
    int j;
    for (j = 0; j < i; j++)
      _gnutls_mpi_release (&params[j]);
  }

  return result;
}
Ejemplo n.º 20
0
/**
 * gnutls_openpgp_key_get_name - Extracts the userID
 * @key: the structure that contains the OpenPGP public key.
 * @idx: the index of the ID to extract
 * @buf: a pointer to a structure to hold the name
 * @sizeof_buf: holds the size of 'buf'
 *
 * Extracts the userID from the parsed OpenPGP key.
 *
 * Returns 0 on success, and GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
 * if the index of the ID does not exist.
 *
 **/
int
gnutls_openpgp_key_get_name (gnutls_openpgp_key_t key,
			     int idx, char *buf, size_t * sizeof_buf)
{
  cdk_kbnode_t ctx = NULL, p;
  cdk_packet_t pkt = NULL;
  cdk_pkt_userid_t uid = NULL;
  int pos = 0;
  size_t size = 0;
  int rc = 0;

  if (!key || !buf)
    {
      gnutls_assert ();
      return GNUTLS_E_INVALID_REQUEST;
    }

  if (idx < 0 || idx > _gnutls_openpgp_count_key_names (key))
    {
      return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
    }

  if (!idx)
    pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_USER_ID);
  else
    {
      pos = 0;
      while ((p = cdk_kbnode_walk (key->knode, &ctx, 0)))
	{
	  pkt = cdk_kbnode_get_packet (p);
	  if (pkt->pkttype == CDK_PKT_USER_ID && ++pos == idx)
	    break;
	}
    }

  if (!pkt)
    {
      rc = GNUTLS_E_INTERNAL_ERROR;
      goto leave;
    }

  uid = pkt->pkt.user_id;

  if (uid->len >= *sizeof_buf)
    {
      gnutls_assert ();
      *sizeof_buf = uid->len + 1;
      rc = GNUTLS_E_SHORT_MEMORY_BUFFER;
      goto leave;
    }

  size = uid->len < *sizeof_buf ? uid->len : *sizeof_buf - 1;
  memcpy (buf, uid->name, size);

  buf[size] = '\0';		/* make sure it's a string */

  if (uid->is_revoked)
    {
      rc = GNUTLS_E_OPENPGP_UID_REVOKED;
      goto leave;
    }

leave:
  return rc;
}