/**
* gnutls_openpgp_key_import - This function will import a RAW or BASE64 encoded key
* @key: The structure to store the parsed key.
* @data: The RAW or BASE64 encoded key.
* @format: One of gnutls_openpgp_key_fmt_t elements.
*
* This function will convert the given RAW or Base64 encoded key
* to the native gnutls_openpgp_key_t format. The output will be stored in 'key'.
*
* Returns 0 on success.
*
**/
int
gnutls_openpgp_key_import (gnutls_openpgp_key_t key,
const gnutls_datum_t * data,
gnutls_openpgp_key_fmt_t format)
{
int rc;
if (format == GNUTLS_OPENPGP_FMT_RAW)
{
rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size);
if (rc)
{
rc = _gnutls_map_cdk_rc (rc);
gnutls_assert ();
return rc;
}
}
else
{ /* base64 */
key->inp = cdk_stream_tmp_from_mem (data->data, data->size);
if (key->inp == NULL)
{
gnutls_assert ();
return GNUTLS_E_INTERNAL_ERROR;
}
rc = cdk_stream_set_armor_flag (key->inp, 0);
if (rc)
{
rc = _gnutls_map_cdk_rc (rc);
gnutls_assert ();
return rc;
}
rc = cdk_keydb_get_keyblock (key->inp, &key->knode);
if (rc)
{
rc = _gnutls_map_cdk_rc (rc);
gnutls_assert ();
return rc;
}
}
return 0;
}
/**
* cdk_keydb_new:
* @r_hd: handle to store the new keydb object
* @type: type of the keyring
* @data: data which depends on the keyring type
* @count: length of the data
*
* Create a new keydb object
**/
cdk_error_t
cdk_keydb_new( cdk_keydb_hd_t * r_hd, int type, void * data, size_t count )
{
cdk_keydb_hd_t hd;
if( !r_hd )
return CDK_Inv_Value;
hd = cdk_calloc( 1, sizeof *hd );
if( !hd )
return CDK_Out_Of_Core;
switch( type ) {
case CDK_DBTYPE_PK_KEYRING:
case CDK_DBTYPE_SK_KEYRING:
hd->name = cdk_strdup( data );
if( !hd->name ) {
cdk_free( hd );
return CDK_Out_Of_Core;
}
break;
case CDK_DBTYPE_DATA:
hd->buf = cdk_stream_tmp_from_mem( data, count );
if( !hd->buf ) {
cdk_free( hd );
return CDK_Out_Of_Core;
}
break;
default:
cdk_free( hd );
return CDK_Inv_Mode;
}
hd->type = type;
if( type == CDK_DBTYPE_SK_KEYRING )
hd->secret = 1;
*r_hd = hd;
return 0;
}
/**
* cdk_kbnode_read_from_mem:
* @ret_node: the new key node
* @buf: the buffer which stores the key sequence
* @buflen: the length of the buffer
*
* Tries to read a key node from the memory buffer @buf.
**/
cdk_error_t
cdk_kbnode_read_from_mem (cdk_kbnode_t * ret_node,
const byte * buf, size_t buflen)
{
cdk_stream_t inp;
cdk_error_t rc;
if (!ret_node || !buf)
return CDK_Inv_Value;
*ret_node = NULL;
if (!buflen)
return CDK_Too_Short;
rc = cdk_stream_tmp_from_mem (buf, buflen, &inp);
if (rc)
return rc;
rc = cdk_keydb_get_keyblock (inp, ret_node);
if (rc)
gnutls_assert ();
cdk_stream_close (inp);
return rc;
}
/**
* gnutls_openpgp_privkey_import:
* @key: The structure to store the parsed key.
* @data: The RAW or BASE64 encoded key.
* @format: One of #gnutls_openpgp_crt_fmt_t elements.
* @password: not used for now
* @flags: should be zero
*
* This function will convert the given RAW or Base64 encoded key to
* the native gnutls_openpgp_privkey_t format. The output will be
* stored in 'key'.
*
* Returns: %GNUTLS_E_SUCCESS on success, or an error code.
**/
int
gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key,
const gnutls_datum_t * data,
gnutls_openpgp_crt_fmt_t format,
const char *password, unsigned int flags)
{
cdk_stream_t inp;
cdk_packet_t pkt;
int rc;
if (data->data == NULL || data->size == 0)
{
gnutls_assert ();
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
if (format == GNUTLS_OPENPGP_FMT_RAW)
{
rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size);
if (rc != 0)
{
rc = _gnutls_map_cdk_rc (rc);
gnutls_assert ();
return rc;
}
}
else
{
rc = cdk_stream_tmp_from_mem (data->data, data->size, &inp);
if (rc != 0)
{
rc = _gnutls_map_cdk_rc (rc);
gnutls_assert ();
return rc;
}
if (cdk_armor_filter_use (inp))
{
rc = cdk_stream_set_armor_flag (inp, 0);
if (rc != 0)
{
rc = _gnutls_map_cdk_rc (rc);
cdk_stream_close (inp);
gnutls_assert ();
return rc;
}
}
rc = cdk_keydb_get_keyblock (inp, &key->knode);
cdk_stream_close (inp);
if (rc != 0)
{
rc = _gnutls_map_cdk_rc (rc);
gnutls_assert ();
return rc;
}
}
/* Test if the import was successful. */
pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY);
if (pkt == NULL)
{
gnutls_assert ();
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
return 0;
}
/**
* gnutls_openpgp_keyring_import:
* @keyring: The structure to store the parsed key.
* @data: The RAW or BASE64 encoded keyring.
* @format: One of #gnutls_openpgp_keyring_fmt elements.
*
* This function will convert the given RAW or Base64 encoded keyring
* to the native #gnutls_openpgp_keyring_t format. The output will be
* stored in 'keyring'.
*
* Returns: %GNUTLS_E_SUCCESS on success, or an error code.
**/
int
gnutls_openpgp_keyring_import(gnutls_openpgp_keyring_t keyring,
const gnutls_datum_t * data,
gnutls_openpgp_crt_fmt_t format)
{
cdk_error_t err;
cdk_stream_t input = NULL;
size_t raw_len = 0;
uint8_t *raw_data = NULL;
unsigned free_data = 0;
if (data->data == NULL || data->size == 0) {
gnutls_assert();
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
_gnutls_debug_log("PGP: keyring import format '%s'\n",
format ==
GNUTLS_OPENPGP_FMT_RAW ? "raw" : "base64");
/* Create a new stream from the given data, decode it, and import
* the raw database. This to avoid using opencdk streams which are
* not thread safe.
*/
if (format == GNUTLS_OPENPGP_FMT_BASE64) {
size_t seen = 0;
err =
cdk_stream_tmp_from_mem(data->data, data->size,
&input);
if (err == 0)
err = cdk_stream_set_armor_flag(input, 0);
if (err) {
gnutls_assert();
err = _gnutls_map_cdk_rc(err);
goto error;
}
raw_len = cdk_stream_get_length(input);
if (raw_len == 0) {
gnutls_assert();
err = GNUTLS_E_BASE64_DECODING_ERROR;
goto error;
}
raw_data = gnutls_malloc(raw_len);
if (raw_data == NULL) {
gnutls_assert();
err = GNUTLS_E_MEMORY_ERROR;
goto error;
}
do {
err =
cdk_stream_read(input, raw_data + seen,
raw_len - seen);
if (err > 0)
seen += err;
}
while (seen < raw_len && err != EOF && err > 0);
raw_len = seen;
if (raw_len == 0) {
gnutls_assert();
err = GNUTLS_E_BASE64_DECODING_ERROR;
goto error;
}
free_data = 1;
} else { /* RAW */
raw_len = data->size;
raw_data = data->data;
}
err =
cdk_keydb_new_from_mem(&keyring->db, 0, 0, raw_data, raw_len);
if (err)
gnutls_assert();
if (free_data) {
err = _gnutls_map_cdk_rc(err);
goto error;
}
return _gnutls_map_cdk_rc(err);
error:
gnutls_free(raw_data);
cdk_stream_close(input);
return err;
}
/**
* gnutls_openpgp_key_export - This function will export a RAW or BASE64 encoded key
* @key: Holds the key.
* @format: One of gnutls_openpgp_key_fmt_t elements.
* @output_data: will contain the key base64 encoded or raw
* @output_data_size: holds the size of output_data (and will be replaced by the actual size of parameters)
*
* This function will convert the given key to RAW or Base64 format.
* If the buffer provided is not long enough to hold the output, then
* GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
*
* Returns 0 on success.
*
**/
int
gnutls_openpgp_key_export (gnutls_openpgp_key_t key,
gnutls_openpgp_key_fmt_t format,
void *output_data, size_t * output_data_size)
{
int rc;
size_t input_data_size = *output_data_size;
rc = cdk_kbnode_write_to_mem (key->knode, output_data, output_data_size);
if (rc)
{
rc = _gnutls_map_cdk_rc (rc);
gnutls_assert ();
return rc;
}
if (format == GNUTLS_OPENPGP_FMT_BASE64)
{
cdk_stream_t s;
s = cdk_stream_tmp_from_mem (output_data, *output_data_size);
if (s == NULL)
{
gnutls_assert ();
return GNUTLS_E_MEMORY_ERROR;
}
cdk_stream_tmp_set_mode (s, 1);
rc = cdk_stream_set_armor_flag (s, CDK_ARMOR_PUBKEY);
if (rc)
{
rc = _gnutls_map_cdk_rc (rc);
gnutls_assert ();
cdk_stream_close (s);
return rc;
}
*output_data_size = input_data_size;
rc = cdk_stream_read (s, output_data, *output_data_size);
if (rc == EOF)
{
gnutls_assert ();
cdk_stream_close (s);
return GNUTLS_E_INTERNAL_ERROR;
}
*output_data_size = rc;
if (*output_data_size != cdk_stream_get_length (s))
{
*output_data_size = cdk_stream_get_length (s);
cdk_stream_close (s);
gnutls_assert ();
return GNUTLS_E_SHORT_MEMORY_BUFFER;
}
cdk_stream_close (s);
}
return 0;
}
