/************************************************************************* * * This is the api to init the KeyGenParams from the given certificate * and private key info * *************************************************************************/ ANSC_STATUS PKIUtilityInitKeyGenParams ( ANSC_HANDLE hSSLCrypto, PANSC_ASN1_CERTIFICATE pCert, PANSC_ASN1_PRIVATEKEYINFO pKeyInfo, ANSC_HANDLE hKeyGenParams ) { PANSC_CRYPTO_PUB_KEY_GEN_PARAMS pKeyGenParams = (PANSC_CRYPTO_PUB_KEY_GEN_PARAMS)hKeyGenParams; PANSC_CRYPTO_PUB_SSLEAY_OBJECT pSSLCrypto = (PANSC_CRYPTO_PUB_SSLEAY_OBJECT)hSSLCrypto; BOOLEAN bKeyPair = TRUE; PKI_KEY_TYPE keyType; if( pCert == NULL || pKeyInfo == NULL || hKeyGenParams == NULL) { return ANSC_STATUS_FAILURE; } keyType = pCert->GetKeyType(pCert); if( keyType != PKI_RSA_KEY && keyType != PKI_DSA_KEY) { return ANSC_STATUS_FAILURE; } if( keyType != pKeyInfo->GetKeyType(pKeyInfo)) { AnscTrace("The key pair is not in the same key type.\n"); return ANSC_STATUS_FAILURE; } /* init the public key */ if( ANSC_STATUS_SUCCESS != pCert->ExportPublicKey ( pCert, hKeyGenParams )) { return ANSC_STATUS_FAILURE; } /* init the private key */ if( ANSC_STATUS_SUCCESS != pKeyInfo->ExportKey ( pKeyInfo, hKeyGenParams )) { return ANSC_STATUS_FAILURE; } /* verify the key pair */ if( pSSLCrypto != NULL) { if( keyType == PKI_RSA_KEY) { bKeyPair = pSSLCrypto->KeyPairMatch ( pSSLCrypto, ANSC_CRYPTO_PUB_KEY_RSA, &pKeyGenParams->PublicKey.RSA, &pKeyGenParams->PrivateKey.RSA ); } else { bKeyPair = pSSLCrypto->KeyPairMatch ( pSSLCrypto, ANSC_CRYPTO_PUB_KEY_DSA, &pKeyGenParams->PublicKey.DSA, &pKeyGenParams->PrivateKey.DSA ); } } if( bKeyPair) { return ANSC_STATUS_SUCCESS; } else { return ANSC_STATUS_FAILURE; } }
ANSC_X509_KEY* AnscX509CertGetPublicKey ( void* raw_cert_data, ULONG raw_cert_size ) { PANSC_ASN1_CERTIFICATE pAsnCert = NULL; ANSC_X509_KEY* pX509Key = NULL; PANSC_CRYPTO_PUB_KEY_GEN_PARAMS pGenParams; /* decode the asn.1 certificate handle */ pAsnCert = (PANSC_ASN1_CERTIFICATE) anscGetCertHandle ( raw_cert_data, raw_cert_size ); if( pAsnCert == NULL) { goto EXIT; } /* export the public key */ pGenParams = (PANSC_CRYPTO_PUB_KEY_GEN_PARAMS) AnscAllocateMemory(sizeof(ANSC_CRYPTO_PUB_KEY_GEN_PARAMS)); if( pGenParams == NULL) { goto EXIT; } if( ANSC_STATUS_SUCCESS != pAsnCert->ExportPublicKey(pAsnCert, pGenParams)) { AnscFreeMemory(pGenParams); goto EXIT; } /* create the X509_KEY */ pX509Key = (PANSC_X509_KEY)AnscAllocateMemory(sizeof(ANSC_X509_KEY)); if( pX509Key == NULL) { AnscFreeMemory(pGenParams); goto EXIT; } pX509Key->KeySize = sizeof(ANSC_CRYPTO_PUB_KEY_GEN_PARAMS); pX509Key->KeyData = (void*)pGenParams; if( pAsnCert->GetKeyType(pAsnCert) == PKI_RSA_KEY) { pX509Key->KeyType = ANSC_CERT_keyType_rsa; } else if( pAsnCert->GetKeyType(pAsnCert) == PKI_DSA_KEY) { pX509Key->KeyType = ANSC_CERT_keyType_dsa; } pX509Key->KeyBits = pAsnCert->GetKeyBits(pAsnCert); EXIT: anscFreeCertHandle((ANSC_HANDLE)pAsnCert); return pX509Key; }