static const char *bits_to_sp(gnutls_pk_algorithm_t pk, unsigned int bits) { gnutls_sec_param_t s = gnutls_pk_bits_to_sec_param(pk, bits); if (s == GNUTLS_SEC_PARAM_UNKNOWN) { return gnutls_sec_param_get_name(GNUTLS_SEC_PARAM_MEDIUM); } return gnutls_sec_param_get_name(s); }
/** * gnutls_x509_privkey_sec_param: * @key: a key structure * * This function will return the security parameter appropriate with * this private key. * * Returns: On success, a valid security parameter is returned otherwise * %GNUTLS_SEC_PARAM_UNKNOWN is returned. * * Since: 2.12.0 **/ gnutls_sec_param_t gnutls_x509_privkey_sec_param(gnutls_x509_privkey_t key) { int bits; bits = pubkey_to_bits(key->pk_algorithm, &key->params); if (bits <= 0) return GNUTLS_SEC_PARAM_UNKNOWN; return gnutls_pk_bits_to_sec_param(key->pk_algorithm, bits); }
/** * gnutls_x509_privkey_sec_param: * @key: a key structure * * This function will return the security parameter appropriate with * this private key. * * Returns: On success, a valid security parameter is returned otherwise * %GNUTLS_SEC_PARAM_UNKNOWN is returned. **/ gnutls_sec_param_t gnutls_x509_privkey_sec_param (gnutls_x509_privkey_t key) { int ret; switch (key->pk_algorithm) { case GNUTLS_PK_RSA: ret = gnutls_pk_bits_to_sec_param (GNUTLS_PK_RSA, _gnutls_mpi_get_nbits (key->params[0] /*m */ )); break; case GNUTLS_PK_DSA: ret = gnutls_pk_bits_to_sec_param (GNUTLS_PK_DSA, _gnutls_mpi_get_nbits (key->params[0] /*p */ )); break; default: ret = GNUTLS_SEC_PARAM_UNKNOWN; } return ret; }
/** * gnutls_openpgp_privkey_sec_param: * @key: a key structure * * This function will return the security parameter appropriate with * this private key. * * Returns: On success, a valid security parameter is returned otherwise * %GNUTLS_SEC_PARAM_UNKNOWN is returned. * * Since: 2.12.0 **/ gnutls_sec_param_t gnutls_openpgp_privkey_sec_param(gnutls_openpgp_privkey_t key) { gnutls_pk_algorithm_t algo; unsigned int bits; algo = gnutls_openpgp_privkey_get_pk_algorithm(key, &bits); if (algo == GNUTLS_PK_UNKNOWN) { gnutls_assert(); return GNUTLS_SEC_PARAM_UNKNOWN; } return gnutls_pk_bits_to_sec_param(algo, bits); }
static void print_key_info(gnutls_buffer_st * str, gnutls_openpgp_crt_t cert, int idx) { int err; unsigned int bits; if (idx == -1) err = gnutls_openpgp_crt_get_pk_algorithm(cert, &bits); else err = gnutls_openpgp_crt_get_subkey_pk_algorithm(cert, idx, &bits); if (err < 0) addf(str, "error: get_pk_algorithm: %s\n", gnutls_strerror(err)); else { const char *name = gnutls_pk_algorithm_get_name(err); if (name == NULL) name = _("unknown"); addf(str, _("\tPublic Key Algorithm: %s\n"), name); addf(str, _("\tKey Security Level: %s\n"), gnutls_sec_param_get_name(gnutls_pk_bits_to_sec_param (err, bits))); switch (err) { case GNUTLS_PK_RSA: { gnutls_datum_t m, e; if (idx == -1) err = gnutls_openpgp_crt_get_pk_rsa_raw (cert, &m, &e); else err = gnutls_openpgp_crt_get_subkey_pk_rsa_raw (cert, idx, &m, &e); if (err < 0) addf(str, "error: get_pk_rsa_raw: %s\n", gnutls_strerror(err)); else { addf(str, _("\t\tModulus (bits %d):\n"), bits); _gnutls_buffer_hexdump(str, m.data, m.size, "\t\t\t"); adds(str, _("\t\tExponent:\n")); _gnutls_buffer_hexdump(str, e.data, e.size, "\t\t\t"); gnutls_free(m.data); gnutls_free(e.data); } } break; case GNUTLS_PK_DSA: { gnutls_datum_t p, q, g, y; if (idx == -1) err = gnutls_openpgp_crt_get_pk_dsa_raw (cert, &p, &q, &g, &y); else err = gnutls_openpgp_crt_get_subkey_pk_dsa_raw (cert, idx, &p, &q, &g, &y); if (err < 0) addf(str, "error: get_pk_dsa_raw: %s\n", gnutls_strerror(err)); else { addf(str, _ ("\t\tPublic key (bits %d):\n"), bits); _gnutls_buffer_hexdump(str, y.data, y.size, "\t\t\t"); adds(str, _("\t\tP:\n")); _gnutls_buffer_hexdump(str, p.data, p.size, "\t\t\t"); adds(str, _("\t\tQ:\n")); _gnutls_buffer_hexdump(str, q.data, q.size, "\t\t\t"); adds(str, _("\t\tG:\n")); _gnutls_buffer_hexdump(str, g.data, g.size, "\t\t\t"); gnutls_free(p.data); gnutls_free(q.data); gnutls_free(g.data); gnutls_free(y.data); } } break; default: break; } } }