/*************************************************************************
*
* This is the api to init the KeyGenParams from the given certificate
* and private key info
*
*************************************************************************/
ANSC_STATUS
PKIUtilityInitKeyGenParams
(
ANSC_HANDLE hSSLCrypto,
PANSC_ASN1_CERTIFICATE pCert,
PANSC_ASN1_PRIVATEKEYINFO pKeyInfo,
ANSC_HANDLE hKeyGenParams
)
{
PANSC_CRYPTO_PUB_KEY_GEN_PARAMS pKeyGenParams = (PANSC_CRYPTO_PUB_KEY_GEN_PARAMS)hKeyGenParams;
PANSC_CRYPTO_PUB_SSLEAY_OBJECT pSSLCrypto = (PANSC_CRYPTO_PUB_SSLEAY_OBJECT)hSSLCrypto;
BOOLEAN bKeyPair = TRUE;
PKI_KEY_TYPE keyType;
if( pCert == NULL || pKeyInfo == NULL || hKeyGenParams == NULL)
{
return ANSC_STATUS_FAILURE;
}
keyType = pCert->GetKeyType(pCert);
if( keyType != PKI_RSA_KEY && keyType != PKI_DSA_KEY)
{
return ANSC_STATUS_FAILURE;
}
if( keyType != pKeyInfo->GetKeyType(pKeyInfo))
{
AnscTrace("The key pair is not in the same key type.\n");
return ANSC_STATUS_FAILURE;
}
/* init the public key */
if( ANSC_STATUS_SUCCESS !=
pCert->ExportPublicKey
(
pCert,
hKeyGenParams
))
{
return ANSC_STATUS_FAILURE;
}
/* init the private key */
if( ANSC_STATUS_SUCCESS !=
pKeyInfo->ExportKey
(
pKeyInfo,
hKeyGenParams
))
{
return ANSC_STATUS_FAILURE;
}
/* verify the key pair */
if( pSSLCrypto != NULL)
{
if( keyType == PKI_RSA_KEY)
{
bKeyPair =
pSSLCrypto->KeyPairMatch
(
pSSLCrypto,
ANSC_CRYPTO_PUB_KEY_RSA,
&pKeyGenParams->PublicKey.RSA,
&pKeyGenParams->PrivateKey.RSA
);
}
else
{
bKeyPair =
pSSLCrypto->KeyPairMatch
(
pSSLCrypto,
ANSC_CRYPTO_PUB_KEY_DSA,
&pKeyGenParams->PublicKey.DSA,
&pKeyGenParams->PrivateKey.DSA
);
}
}
if( bKeyPair)
{
return ANSC_STATUS_SUCCESS;
}
else
{
return ANSC_STATUS_FAILURE;
}
}
ANSC_X509_KEY*
AnscX509CertGetPublicKey
(
void* raw_cert_data,
ULONG raw_cert_size
)
{
PANSC_ASN1_CERTIFICATE pAsnCert = NULL;
ANSC_X509_KEY* pX509Key = NULL;
PANSC_CRYPTO_PUB_KEY_GEN_PARAMS pGenParams;
/* decode the asn.1 certificate handle */
pAsnCert = (PANSC_ASN1_CERTIFICATE)
anscGetCertHandle
(
raw_cert_data,
raw_cert_size
);
if( pAsnCert == NULL)
{
goto EXIT;
}
/* export the public key */
pGenParams = (PANSC_CRYPTO_PUB_KEY_GEN_PARAMS)
AnscAllocateMemory(sizeof(ANSC_CRYPTO_PUB_KEY_GEN_PARAMS));
if( pGenParams == NULL)
{
goto EXIT;
}
if( ANSC_STATUS_SUCCESS !=
pAsnCert->ExportPublicKey(pAsnCert, pGenParams))
{
AnscFreeMemory(pGenParams);
goto EXIT;
}
/* create the X509_KEY */
pX509Key = (PANSC_X509_KEY)AnscAllocateMemory(sizeof(ANSC_X509_KEY));
if( pX509Key == NULL)
{
AnscFreeMemory(pGenParams);
goto EXIT;
}
pX509Key->KeySize = sizeof(ANSC_CRYPTO_PUB_KEY_GEN_PARAMS);
pX509Key->KeyData = (void*)pGenParams;
if( pAsnCert->GetKeyType(pAsnCert) == PKI_RSA_KEY)
{
pX509Key->KeyType = ANSC_CERT_keyType_rsa;
}
else if( pAsnCert->GetKeyType(pAsnCert) == PKI_DSA_KEY)
{
pX509Key->KeyType = ANSC_CERT_keyType_dsa;
}
pX509Key->KeyBits = pAsnCert->GetKeyBits(pAsnCert);
EXIT:
anscFreeCertHandle((ANSC_HANDLE)pAsnCert);
return pX509Key;
}
