static int _get_sk_dsa_raw(gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, gnutls_datum_t * y, gnutls_datum_t * x) { int pk_algorithm, ret; cdk_packet_t pkt; uint32_t kid32[2]; gnutls_pk_params_st params; if (pkey == NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } KEYID_IMPORT(kid32, keyid); pkt = _gnutls_openpgp_find_key(pkey->knode, kid32, 1); if (pkt == NULL) { gnutls_assert(); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } pk_algorithm = _gnutls_openpgp_get_algo(pkt->pkt.secret_key->pk->pubkey_algo); if (pk_algorithm != GNUTLS_PK_DSA) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } ret = _gnutls_openpgp_privkey_get_mpis(pkey, kid32, ¶ms); if (ret < 0) { gnutls_assert(); return ret; } /* P */ ret = _gnutls_mpi_dprint(params.params[0], p); if (ret < 0) { gnutls_assert(); goto cleanup; } /* Q */ ret = _gnutls_mpi_dprint(params.params[1], q); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(p); goto cleanup; } /* G */ ret = _gnutls_mpi_dprint(params.params[2], g); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(p); _gnutls_free_datum(q); goto cleanup; } /* Y */ ret = _gnutls_mpi_dprint(params.params[3], y); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(p); _gnutls_free_datum(g); _gnutls_free_datum(q); goto cleanup; } ret = _gnutls_mpi_dprint(params.params[4], x); if (ret < 0) { gnutls_assert(); _gnutls_free_datum(y); _gnutls_free_datum(p); _gnutls_free_datum(g); _gnutls_free_datum(q); goto cleanup; } ret = 0; cleanup: gnutls_pk_params_clear(¶ms); gnutls_pk_params_release(¶ms); return ret; }
/* Extracts DSA and RSA parameters from a certificate. */ int _gnutls_openpgp_privkey_get_mpis(gnutls_openpgp_privkey_t pkey, uint32_t * keyid /*[2] */ , gnutls_pk_params_st * params) { int result; unsigned int i, pk_algorithm; cdk_packet_t pkt; unsigned total; gnutls_pk_params_init(params); if (keyid == NULL) pkt = cdk_kbnode_find_packet(pkey->knode, CDK_PKT_SECRET_KEY); else pkt = _gnutls_openpgp_find_key(pkey->knode, keyid, 1); if (pkt == NULL) { gnutls_assert(); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } pk_algorithm = _gnutls_openpgp_get_algo(pkt->pkt.secret_key->pk->pubkey_algo); switch (pk_algorithm) { case GNUTLS_PK_RSA: /* openpgp does not hold all parameters as in PKCS #1 */ total = RSA_PRIVATE_PARAMS - 2; break; case GNUTLS_PK_DSA: total = DSA_PRIVATE_PARAMS; break; default: gnutls_assert(); return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; } for (i = 0; i < total; i++) { result = _gnutls_read_pgp_mpi(pkt, 1, i, ¶ms->params[i]); if (result < 0) { gnutls_assert(); goto error; } params->params_nr++; } /* fixup will generate exp1 and exp2 that are not * available here. */ result = _gnutls_pk_fixup(pk_algorithm, GNUTLS_IMPORT, params); if (result < 0) { gnutls_assert(); goto error; } return 0; error: gnutls_pk_params_clear(params); gnutls_pk_params_release(params); return result; }
/* Extracts DSA and RSA parameters from a certificate. */ int _gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey, uint32_t * keyid /*[2] */ , bigint_t * params, int *params_size) { int result, i; int pk_algorithm, local_params; cdk_packet_t pkt; if (keyid == NULL) pkt = cdk_kbnode_find_packet (pkey->knode, CDK_PKT_SECRET_KEY); else pkt = _gnutls_openpgp_find_key (pkey->knode, keyid, 1); if (pkt == NULL) { gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } pk_algorithm = _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo); switch (pk_algorithm) { case GNUTLS_PK_RSA: local_params = RSA_PRIVATE_PARAMS; break; case GNUTLS_PK_DSA: local_params = DSA_PRIVATE_PARAMS; break; default: gnutls_assert (); return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; } if (*params_size < local_params) { gnutls_assert (); return GNUTLS_E_INTERNAL_ERROR; } *params_size = local_params; for (i = 0; i < local_params; i++) { result = _gnutls_read_pgp_mpi (pkt, 1, i, ¶ms[i]); if (result < 0) { gnutls_assert (); goto error; } } return 0; error: { int j; for (j = 0; j < i; j++) _gnutls_mpi_release (¶ms[j]); } return result; }
/* The internal version of export */ static int _get_sk_rsa_raw (gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid, gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u) { int pk_algorithm, ret, i; cdk_packet_t pkt; uint32_t kid32[2]; bigint_t params[MAX_PRIV_PARAMS_SIZE]; int params_size = MAX_PRIV_PARAMS_SIZE; if (pkey == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } KEYID_IMPORT (kid32, keyid); pkt = _gnutls_openpgp_find_key (pkey->knode, kid32, 1); if (pkt == NULL) { gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } pk_algorithm = _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo); if (pk_algorithm != GNUTLS_PK_RSA) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } ret = _gnutls_openpgp_privkey_get_mpis (pkey, kid32, params, ¶ms_size); if (ret < 0) { gnutls_assert (); return ret; } ret = _gnutls_mpi_dprint (params[0], m); if (ret < 0) { gnutls_assert (); goto cleanup; } ret = _gnutls_mpi_dprint (params[1], e); if (ret < 0) { gnutls_assert (); _gnutls_free_datum (m); goto cleanup; } ret = _gnutls_mpi_dprint (params[2], d); if (ret < 0) { gnutls_assert (); _gnutls_free_datum (m); _gnutls_free_datum (e); goto cleanup; } ret = _gnutls_mpi_dprint (params[3], p); if (ret < 0) { gnutls_assert (); _gnutls_free_datum (m); _gnutls_free_datum (e); _gnutls_free_datum (d); goto cleanup; } ret = _gnutls_mpi_dprint (params[4], q); if (ret < 0) { gnutls_assert (); _gnutls_free_datum (m); _gnutls_free_datum (e); _gnutls_free_datum (d); _gnutls_free_datum (p); goto cleanup; } ret = _gnutls_mpi_dprint (params[5], u); if (ret < 0) { gnutls_assert (); _gnutls_free_datum (q); _gnutls_free_datum (m); _gnutls_free_datum (e); _gnutls_free_datum (d); _gnutls_free_datum (p); goto cleanup; } ret = 0; cleanup: for (i = 0; i < params_size; i++) { _gnutls_mpi_release (¶ms[i]); } return ret; }
/* Extracts DSA and RSA parameters from a certificate. */ int _gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey, uint32_t * keyid /*[2] */ , bigint_t * params, int *params_size) { int result, i; int pk_algorithm; gnutls_pk_params_st pk_params; cdk_packet_t pkt; memset (&pk_params, 0, sizeof (pk_params)); if (keyid == NULL) pkt = cdk_kbnode_find_packet (pkey->knode, CDK_PKT_SECRET_KEY); else pkt = _gnutls_openpgp_find_key (pkey->knode, keyid, 1); if (pkt == NULL) { gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } pk_algorithm = _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo); switch (pk_algorithm) { case GNUTLS_PK_RSA: /* openpgp does not hold all parameters as in PKCS #1 */ pk_params.params_nr = RSA_PRIVATE_PARAMS - 2; break; case GNUTLS_PK_DSA: pk_params.params_nr = DSA_PRIVATE_PARAMS; break; default: gnutls_assert (); return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; } for (i = 0; i < pk_params.params_nr; i++) { result = _gnutls_read_pgp_mpi (pkt, 1, i, &pk_params.params[i]); if (result < 0) { gnutls_assert (); goto error; } } /* fixup will generate exp1 and exp2 that are not * available here. */ result = _gnutls_pk_fixup (pk_algorithm, GNUTLS_IMPORT, &pk_params); if (result < 0) { gnutls_assert (); goto error; } if (*params_size < pk_params.params_nr) { gnutls_assert (); return GNUTLS_E_INTERNAL_ERROR; } *params_size = pk_params.params_nr; for (i = 0; i < pk_params.params_nr; i++) params[i] = pk_params.params[i]; return 0; error: { int j; for (j = 0; j < i; j++) _gnutls_mpi_release (&pk_params.params[j]); } return result; }