/**
* gnutls_openpgp_privkey_get_pk_algorithm:
* @key: is an OpenPGP key
* @bits: if bits is non null it will hold the size of the parameters' in bits
*
* This function will return the public key algorithm of an OpenPGP
* certificate.
*
* If bits is non null, it should have enough size to hold the parameters
* size in bits. For RSA the bits returned is the modulus.
* For DSA the bits returned are of the public exponent.
*
* Returns: a member of the #gnutls_pk_algorithm_t enumeration on
* success, or a negative error code on error.
*
* Since: 2.4.0
**/
gnutls_pk_algorithm_t
gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key,
unsigned int *bits)
{
cdk_packet_t pkt;
int algo = 0, ret;
uint8_t keyid[GNUTLS_OPENPGP_KEYID_SIZE];
if (!key)
{
gnutls_assert ();
return GNUTLS_PK_UNKNOWN;
}
ret = gnutls_openpgp_privkey_get_preferred_key_id (key, keyid);
if (ret == 0)
{
int idx;
idx = gnutls_openpgp_privkey_get_subkey_idx (key, keyid);
if (idx != GNUTLS_OPENPGP_MASTER_KEYID_IDX)
{
algo =
gnutls_openpgp_privkey_get_subkey_pk_algorithm (key, idx, bits);
return algo;
}
}
pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY);
if (pkt)
{
if (bits)
*bits = cdk_pk_get_nbits (pkt->pkt.secret_key->pk);
algo = _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo);
}
return algo;
}
/**
* gnutls_openpgp_privkey_get_pk_algorithm:
* @key: is an OpenPGP key
* @bits: if bits is non null it will hold the size of the parameters' in bits
*
* This function will return the public key algorithm of an OpenPGP
* certificate.
*
* If bits is non null, it should have enough size to hold the parameters
* size in bits. For RSA the bits returned is the modulus.
* For DSA the bits returned are of the public exponent.
*
* Returns: a member of the #gnutls_pk_algorithm_t enumeration on
* success, or a negative value on error.
*
* Since: 2.4.0
**/
gnutls_pk_algorithm_t
gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key,
unsigned int *bits)
{
cdk_packet_t pkt;
int algo;
if (!key)
{
gnutls_assert ();
return GNUTLS_PK_UNKNOWN;
}
algo = 0;
pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY);
if (pkt)
{
if (bits)
*bits = cdk_pk_get_nbits (pkt->pkt.secret_key->pk);
algo = _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo);
}
return algo;
}
static int
_get_sk_dsa_raw(gnutls_openpgp_privkey_t pkey,
gnutls_openpgp_keyid_t keyid, gnutls_datum_t * p,
gnutls_datum_t * q, gnutls_datum_t * g, gnutls_datum_t * y,
gnutls_datum_t * x)
{
int pk_algorithm, ret;
cdk_packet_t pkt;
uint32_t kid32[2];
gnutls_pk_params_st params;
if (pkey == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
KEYID_IMPORT(kid32, keyid);
pkt = _gnutls_openpgp_find_key(pkey->knode, kid32, 1);
if (pkt == NULL) {
gnutls_assert();
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
pk_algorithm =
_gnutls_openpgp_get_algo(pkt->pkt.secret_key->pk->pubkey_algo);
if (pk_algorithm != GNUTLS_PK_DSA) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
ret = _gnutls_openpgp_privkey_get_mpis(pkey, kid32, ¶ms);
if (ret < 0) {
gnutls_assert();
return ret;
}
/* P */
ret = _gnutls_mpi_dprint(params.params[0], p);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
/* Q */
ret = _gnutls_mpi_dprint(params.params[1], q);
if (ret < 0) {
gnutls_assert();
_gnutls_free_datum(p);
goto cleanup;
}
/* G */
ret = _gnutls_mpi_dprint(params.params[2], g);
if (ret < 0) {
gnutls_assert();
_gnutls_free_datum(p);
_gnutls_free_datum(q);
goto cleanup;
}
/* Y */
ret = _gnutls_mpi_dprint(params.params[3], y);
if (ret < 0) {
gnutls_assert();
_gnutls_free_datum(p);
_gnutls_free_datum(g);
_gnutls_free_datum(q);
goto cleanup;
}
ret = _gnutls_mpi_dprint(params.params[4], x);
if (ret < 0) {
gnutls_assert();
_gnutls_free_datum(y);
_gnutls_free_datum(p);
_gnutls_free_datum(g);
_gnutls_free_datum(q);
goto cleanup;
}
ret = 0;
cleanup:
gnutls_pk_params_clear(¶ms);
gnutls_pk_params_release(¶ms);
return ret;
}
/* Extracts DSA and RSA parameters from a certificate.
*/
int
_gnutls_openpgp_privkey_get_mpis(gnutls_openpgp_privkey_t pkey,
uint32_t * keyid /*[2] */ ,
gnutls_pk_params_st * params)
{
int result;
unsigned int i, pk_algorithm;
cdk_packet_t pkt;
unsigned total;
gnutls_pk_params_init(params);
if (keyid == NULL)
pkt =
cdk_kbnode_find_packet(pkey->knode,
CDK_PKT_SECRET_KEY);
else
pkt = _gnutls_openpgp_find_key(pkey->knode, keyid, 1);
if (pkt == NULL) {
gnutls_assert();
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
pk_algorithm =
_gnutls_openpgp_get_algo(pkt->pkt.secret_key->pk->pubkey_algo);
switch (pk_algorithm) {
case GNUTLS_PK_RSA:
/* openpgp does not hold all parameters as in PKCS #1
*/
total = RSA_PRIVATE_PARAMS - 2;
break;
case GNUTLS_PK_DSA:
total = DSA_PRIVATE_PARAMS;
break;
default:
gnutls_assert();
return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
}
for (i = 0; i < total; i++) {
result =
_gnutls_read_pgp_mpi(pkt, 1, i, ¶ms->params[i]);
if (result < 0) {
gnutls_assert();
goto error;
}
params->params_nr++;
}
/* fixup will generate exp1 and exp2 that are not
* available here.
*/
result = _gnutls_pk_fixup(pk_algorithm, GNUTLS_IMPORT, params);
if (result < 0) {
gnutls_assert();
goto error;
}
return 0;
error:
gnutls_pk_params_clear(params);
gnutls_pk_params_release(params);
return result;
}
/* The internal version of export
*/
static int
_get_sk_rsa_raw (gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid,
gnutls_datum_t * m, gnutls_datum_t * e,
gnutls_datum_t * d, gnutls_datum_t * p,
gnutls_datum_t * q, gnutls_datum_t * u)
{
int pk_algorithm, ret, i;
cdk_packet_t pkt;
uint32_t kid32[2];
bigint_t params[MAX_PRIV_PARAMS_SIZE];
int params_size = MAX_PRIV_PARAMS_SIZE;
if (pkey == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
KEYID_IMPORT (kid32, keyid);
pkt = _gnutls_openpgp_find_key (pkey->knode, kid32, 1);
if (pkt == NULL)
{
gnutls_assert ();
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
pk_algorithm =
_gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo);
if (pk_algorithm != GNUTLS_PK_RSA)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
ret = _gnutls_openpgp_privkey_get_mpis (pkey, kid32, params, ¶ms_size);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
ret = _gnutls_mpi_dprint (params[0], m);
if (ret < 0)
{
gnutls_assert ();
goto cleanup;
}
ret = _gnutls_mpi_dprint (params[1], e);
if (ret < 0)
{
gnutls_assert ();
_gnutls_free_datum (m);
goto cleanup;
}
ret = _gnutls_mpi_dprint (params[2], d);
if (ret < 0)
{
gnutls_assert ();
_gnutls_free_datum (m);
_gnutls_free_datum (e);
goto cleanup;
}
ret = _gnutls_mpi_dprint (params[3], p);
if (ret < 0)
{
gnutls_assert ();
_gnutls_free_datum (m);
_gnutls_free_datum (e);
_gnutls_free_datum (d);
goto cleanup;
}
ret = _gnutls_mpi_dprint (params[4], q);
if (ret < 0)
{
gnutls_assert ();
_gnutls_free_datum (m);
_gnutls_free_datum (e);
_gnutls_free_datum (d);
_gnutls_free_datum (p);
goto cleanup;
}
ret = _gnutls_mpi_dprint (params[5], u);
if (ret < 0)
{
gnutls_assert ();
_gnutls_free_datum (q);
_gnutls_free_datum (m);
_gnutls_free_datum (e);
_gnutls_free_datum (d);
_gnutls_free_datum (p);
goto cleanup;
}
ret = 0;
cleanup:
for (i = 0; i < params_size; i++)
{
_gnutls_mpi_release (¶ms[i]);
}
return ret;
}
/* Extracts DSA and RSA parameters from a certificate.
*/
int
_gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey,
uint32_t * keyid /*[2] */ ,
bigint_t * params, int *params_size)
{
int result, i;
int pk_algorithm, local_params;
cdk_packet_t pkt;
if (keyid == NULL)
pkt = cdk_kbnode_find_packet (pkey->knode, CDK_PKT_SECRET_KEY);
else
pkt = _gnutls_openpgp_find_key (pkey->knode, keyid, 1);
if (pkt == NULL)
{
gnutls_assert ();
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
pk_algorithm =
_gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo);
switch (pk_algorithm)
{
case GNUTLS_PK_RSA:
local_params = RSA_PRIVATE_PARAMS;
break;
case GNUTLS_PK_DSA:
local_params = DSA_PRIVATE_PARAMS;
break;
default:
gnutls_assert ();
return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
}
if (*params_size < local_params)
{
gnutls_assert ();
return GNUTLS_E_INTERNAL_ERROR;
}
*params_size = local_params;
for (i = 0; i < local_params; i++)
{
result = _gnutls_read_pgp_mpi (pkt, 1, i, ¶ms[i]);
if (result < 0)
{
gnutls_assert ();
goto error;
}
}
return 0;
error:
{
int j;
for (j = 0; j < i; j++)
_gnutls_mpi_release (¶ms[j]);
}
return result;
}
/* Extracts DSA and RSA parameters from a certificate.
*/
int
_gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey,
uint32_t * keyid /*[2] */ ,
bigint_t * params, int *params_size)
{
int result, i;
int pk_algorithm;
gnutls_pk_params_st pk_params;
cdk_packet_t pkt;
memset (&pk_params, 0, sizeof (pk_params));
if (keyid == NULL)
pkt = cdk_kbnode_find_packet (pkey->knode, CDK_PKT_SECRET_KEY);
else
pkt = _gnutls_openpgp_find_key (pkey->knode, keyid, 1);
if (pkt == NULL)
{
gnutls_assert ();
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
pk_algorithm =
_gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo);
switch (pk_algorithm)
{
case GNUTLS_PK_RSA:
/* openpgp does not hold all parameters as in PKCS #1
*/
pk_params.params_nr = RSA_PRIVATE_PARAMS - 2;
break;
case GNUTLS_PK_DSA:
pk_params.params_nr = DSA_PRIVATE_PARAMS;
break;
default:
gnutls_assert ();
return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE;
}
for (i = 0; i < pk_params.params_nr; i++)
{
result = _gnutls_read_pgp_mpi (pkt, 1, i, &pk_params.params[i]);
if (result < 0)
{
gnutls_assert ();
goto error;
}
}
/* fixup will generate exp1 and exp2 that are not
* available here.
*/
result = _gnutls_pk_fixup (pk_algorithm, GNUTLS_IMPORT, &pk_params);
if (result < 0)
{
gnutls_assert ();
goto error;
}
if (*params_size < pk_params.params_nr)
{
gnutls_assert ();
return GNUTLS_E_INTERNAL_ERROR;
}
*params_size = pk_params.params_nr;
for (i = 0; i < pk_params.params_nr; i++)
params[i] = pk_params.params[i];
return 0;
error:
{
int j;
for (j = 0; j < i; j++)
_gnutls_mpi_release (&pk_params.params[j]);
}
return result;
}
