int
rsa_keypair_to_sexp(struct nettle_buffer *buffer,
const char *algorithm_name,
const struct rsa_public_key *pub,
const struct rsa_private_key *priv)
{
if (!algorithm_name)
algorithm_name = "rsa-pkcs1";
if (priv)
return sexp_format(buffer,
"(private-key(%0s(n%b)(e%b)"
"(d%b)(p%b)(q%b)(a%b)(b%b)(c%b)))",
algorithm_name, pub->n, pub->e,
priv->d, priv->p, priv->q,
priv->a, priv->b, priv->c);
else
return sexp_format(buffer, "(public-key(%0s(n%b)(e%b)))",
algorithm_name, pub->n, pub->e);
}
static struct lsh_string *
do_rsa_sign(struct signer *s,
int algorithm,
UINT32 msg_length,
const UINT8 *msg)
{
CAST(rsa_signer, self, s);
struct lsh_string *res;
mpz_t m;
trace("do_rsa_sign: Signing according to %a\n", algorithm);
mpz_init(m);
pkcs1_encode(m, self->verifier->params, self->verifier->size - 1,
msg_length, msg);
rsa_compute_root(self, m, m);
switch (algorithm)
{
case ATOM_SSH_RSA:
/* Uses the encoding:
*
* string ssh-rsa
* string signature-blob
*/
res = ssh_format("%a%un", ATOM_SSH_RSA, m);
break;
#if 0
case ATOM_RSA_PKCS1_SHA1:
case ATOM_RSA_PKCS1_SHA1_LOCAL:
/* Uses the encoding:
*
* string rsa-pkcs1
* string signature-blob
*/
res = ssh_format("%a%un", ATOM_RSA_PKCS1_SHA1, m);
break;
#endif
/* It doesn't matter here which flavour of SPKI is used. */
case ATOM_SPKI_SIGN_RSA:
case ATOM_SPKI_SIGN_DSS:
res = sexp_format(encode_rsa_sig_val(m), SEXP_CANONICAL, 0);
break;
default:
fatal("do_rsa_sign: Internal error!\n");
}
mpz_clear(m);
return res;
}
static int
subject_match_hash(struct spki_subject *self,
int method,
const struct lsh_string *h1)
{
struct lsh_string *h2;
switch (method)
{
case ATOM_SHA1:
if (self->sha1)
h2 = self->sha1;
#if 0
else if (self->key)
h2 = self->sha1
= hash_string(&sha1_algorithm,
sexp_format(self->key, SEXP_CANONICAL, 0), 1);
#endif
else
return 0;
break;
case ATOM_MD5:
if (self->md5)
h2 = self->md5;
#if 0
else if (self->key)
h2 = self->md5
= hash_string(&md5_algorithm,
sexp_format(self->key, SEXP_CANONICAL, 0), 1);
#endif
else
return 0;
break;
default:
return 0;
}
return lsh_string_eq(h1, h2);
}
