static const char *bits_to_sp(gnutls_pk_algorithm_t pk, unsigned int bits)
{
gnutls_sec_param_t s = gnutls_pk_bits_to_sec_param(pk, bits);
if (s == GNUTLS_SEC_PARAM_UNKNOWN) {
return gnutls_sec_param_get_name(GNUTLS_SEC_PARAM_MEDIUM);
}
return gnutls_sec_param_get_name(s);
}
/**
* gnutls_x509_privkey_sec_param:
* @key: a key structure
*
* This function will return the security parameter appropriate with
* this private key.
*
* Returns: On success, a valid security parameter is returned otherwise
* %GNUTLS_SEC_PARAM_UNKNOWN is returned.
*
* Since: 2.12.0
**/
gnutls_sec_param_t gnutls_x509_privkey_sec_param(gnutls_x509_privkey_t key)
{
int bits;
bits = pubkey_to_bits(key->pk_algorithm, &key->params);
if (bits <= 0)
return GNUTLS_SEC_PARAM_UNKNOWN;
return gnutls_pk_bits_to_sec_param(key->pk_algorithm, bits);
}
/**
* gnutls_x509_privkey_sec_param:
* @key: a key structure
*
* This function will return the security parameter appropriate with
* this private key.
*
* Returns: On success, a valid security parameter is returned otherwise
* %GNUTLS_SEC_PARAM_UNKNOWN is returned.
**/
gnutls_sec_param_t
gnutls_x509_privkey_sec_param (gnutls_x509_privkey_t key)
{
int ret;
switch (key->pk_algorithm)
{
case GNUTLS_PK_RSA:
ret = gnutls_pk_bits_to_sec_param (GNUTLS_PK_RSA, _gnutls_mpi_get_nbits (key->params[0] /*m */
));
break;
case GNUTLS_PK_DSA:
ret = gnutls_pk_bits_to_sec_param (GNUTLS_PK_DSA, _gnutls_mpi_get_nbits (key->params[0] /*p */
));
break;
default:
ret = GNUTLS_SEC_PARAM_UNKNOWN;
}
return ret;
}
/**
* gnutls_openpgp_privkey_sec_param:
* @key: a key structure
*
* This function will return the security parameter appropriate with
* this private key.
*
* Returns: On success, a valid security parameter is returned otherwise
* %GNUTLS_SEC_PARAM_UNKNOWN is returned.
*
* Since: 2.12.0
**/
gnutls_sec_param_t
gnutls_openpgp_privkey_sec_param(gnutls_openpgp_privkey_t key)
{
gnutls_pk_algorithm_t algo;
unsigned int bits;
algo = gnutls_openpgp_privkey_get_pk_algorithm(key, &bits);
if (algo == GNUTLS_PK_UNKNOWN) {
gnutls_assert();
return GNUTLS_SEC_PARAM_UNKNOWN;
}
return gnutls_pk_bits_to_sec_param(algo, bits);
}
static void
print_key_info(gnutls_buffer_st * str, gnutls_openpgp_crt_t cert, int idx)
{
int err;
unsigned int bits;
if (idx == -1)
err = gnutls_openpgp_crt_get_pk_algorithm(cert, &bits);
else
err =
gnutls_openpgp_crt_get_subkey_pk_algorithm(cert, idx,
&bits);
if (err < 0)
addf(str, "error: get_pk_algorithm: %s\n",
gnutls_strerror(err));
else {
const char *name = gnutls_pk_algorithm_get_name(err);
if (name == NULL)
name = _("unknown");
addf(str, _("\tPublic Key Algorithm: %s\n"), name);
addf(str, _("\tKey Security Level: %s\n"),
gnutls_sec_param_get_name(gnutls_pk_bits_to_sec_param
(err, bits)));
switch (err) {
case GNUTLS_PK_RSA:
{
gnutls_datum_t m, e;
if (idx == -1)
err =
gnutls_openpgp_crt_get_pk_rsa_raw
(cert, &m, &e);
else
err =
gnutls_openpgp_crt_get_subkey_pk_rsa_raw
(cert, idx, &m, &e);
if (err < 0)
addf(str,
"error: get_pk_rsa_raw: %s\n",
gnutls_strerror(err));
else {
addf(str,
_("\t\tModulus (bits %d):\n"),
bits);
_gnutls_buffer_hexdump(str, m.data,
m.size,
"\t\t\t");
adds(str, _("\t\tExponent:\n"));
_gnutls_buffer_hexdump(str, e.data,
e.size,
"\t\t\t");
gnutls_free(m.data);
gnutls_free(e.data);
}
}
break;
case GNUTLS_PK_DSA:
{
gnutls_datum_t p, q, g, y;
if (idx == -1)
err =
gnutls_openpgp_crt_get_pk_dsa_raw
(cert, &p, &q, &g, &y);
else
err =
gnutls_openpgp_crt_get_subkey_pk_dsa_raw
(cert, idx, &p, &q, &g, &y);
if (err < 0)
addf(str,
"error: get_pk_dsa_raw: %s\n",
gnutls_strerror(err));
else {
addf(str,
_
("\t\tPublic key (bits %d):\n"),
bits);
_gnutls_buffer_hexdump(str, y.data,
y.size,
"\t\t\t");
adds(str, _("\t\tP:\n"));
_gnutls_buffer_hexdump(str, p.data,
p.size,
"\t\t\t");
adds(str, _("\t\tQ:\n"));
_gnutls_buffer_hexdump(str, q.data,
q.size,
"\t\t\t");
adds(str, _("\t\tG:\n"));
_gnutls_buffer_hexdump(str, g.data,
g.size,
"\t\t\t");
gnutls_free(p.data);
gnutls_free(q.data);
gnutls_free(g.data);
gnutls_free(y.data);
}
}
break;
default:
break;
}
}
}
