/**
* gnutls_x509_privkey_cpy:
* @dst: The destination key, which should be initialized.
* @src: The source key
*
* This function will copy a private key from source to destination
* key. Destination has to be initialized.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
**/
int
gnutls_x509_privkey_cpy (gnutls_x509_privkey_t dst, gnutls_x509_privkey_t src)
{
unsigned int i;
int ret;
if (!src || !dst)
return GNUTLS_E_INVALID_REQUEST;
for (i = 0; i < src->params.params_nr; i++)
{
dst->params.params[i] = _gnutls_mpi_copy (src->params.params[i]);
if (dst->params.params[i] == NULL)
return GNUTLS_E_MEMORY_ERROR;
}
dst->params.params_nr = src->params.params_nr;
dst->params.flags = src->params.flags;
dst->pk_algorithm = src->pk_algorithm;
ret = _gnutls_asn1_encode_privkey (dst->pk_algorithm, &dst->key, &dst->params);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
return 0;
}
/**
* gnutls_x509_privkey_generate:
* @key: should contain a #gnutls_x509_privkey_t structure
* @algo: is one of the algorithms in #gnutls_pk_algorithm_t.
* @bits: the size of the modulus
* @flags: unused for now. Must be 0.
*
* This function will generate a random private key. Note that this
* function must be called on an empty private key.
*
* Note that when generating an elliptic curve key, the curve
* can be substituted in the place of the bits parameter using the
* GNUTLS_CURVE_TO_BITS() macro.
*
* For DSA keys, if the subgroup size needs to be specified check
* the GNUTLS_SUBGROUP_TO_BITS() macro.
*
* Do not set the number of bits directly, use gnutls_sec_param_to_pk_bits().
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
**/
int
gnutls_x509_privkey_generate(gnutls_x509_privkey_t key,
gnutls_pk_algorithm_t algo, unsigned int bits,
unsigned int flags)
{
int ret;
if (key == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
gnutls_pk_params_init(&key->params);
if (algo == GNUTLS_PK_EC) {
if (GNUTLS_BITS_ARE_CURVE(bits))
bits = GNUTLS_BITS_TO_CURVE(bits);
else
bits = _gnutls_ecc_bits_to_curve(bits);
}
ret = _gnutls_pk_generate_params(algo, bits, &key->params);
if (ret < 0) {
gnutls_assert();
return ret;
}
ret = _gnutls_pk_generate_keys(algo, bits, &key->params);
if (ret < 0) {
gnutls_assert();
return ret;
}
#ifndef ENABLE_FIPS140
ret = _gnutls_pk_verify_priv_params(algo, &key->params);
#else
ret = pct_test(algo, &key->params);
#endif
if (ret < 0) {
gnutls_assert();
return ret;
}
ret = _gnutls_asn1_encode_privkey(algo, &key->key, &key->params);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
key->pk_algorithm = algo;
return 0;
cleanup:
key->pk_algorithm = GNUTLS_PK_UNKNOWN;
gnutls_pk_params_clear(&key->params);
gnutls_pk_params_release(&key->params);
return ret;
}
/**
* gnutls_x509_privkey_generate:
* @key: should contain a #gnutls_x509_privkey_t structure
* @algo: is one of the algorithms in #gnutls_pk_algorithm_t.
* @bits: the size of the modulus
* @flags: unused for now. Must be 0.
*
* This function will generate a random private key. Note that this
* function must be called on an empty private key.
*
* Do not set the number of bits directly, use gnutls_sec_param_to_pk_bits().
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
**/
int
gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
gnutls_pk_algorithm_t algo, unsigned int bits,
unsigned int flags)
{
int ret;
if (key == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
gnutls_pk_params_init(&key->params);
if (algo == GNUTLS_PK_EC)
bits = _gnutls_ecc_bits_to_curve(bits);
ret = _gnutls_pk_generate (algo, bits, &key->params);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
ret = _gnutls_asn1_encode_privkey (algo, &key->key, &key->params);
if (ret < 0)
{
gnutls_assert ();
goto cleanup;
}
key->pk_algorithm = algo;
return 0;
cleanup:
key->pk_algorithm = GNUTLS_PK_UNKNOWN;
gnutls_pk_params_release(&key->params);
return ret;
}
/**
* gnutls_x509_privkey_fix:
* @key: Holds the key
*
* This function will recalculate the secondary parameters in a key.
* In RSA keys, this can be the coefficient and exponent1,2.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
**/
int gnutls_x509_privkey_fix(gnutls_x509_privkey_t key)
{
int ret;
if (key == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
asn1_delete_structure2(&key->key, ASN1_DELETE_FLAG_ZEROIZE);
ret =
_gnutls_asn1_encode_privkey(key->pk_algorithm, &key->key,
&key->params);
if (ret < 0) {
gnutls_assert();
return ret;
}
return 0;
}
/**
* gnutls_x509_privkey_import_dsa_raw:
* @key: The structure to store the parsed key
* @p: holds the p
* @q: holds the q
* @g: holds the g
* @y: holds the y
* @x: holds the x
*
* This function will convert the given DSA raw parameters to the
* native #gnutls_x509_privkey_t format. The output will be stored
* in @key.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
**/
int
gnutls_x509_privkey_import_dsa_raw (gnutls_x509_privkey_t key,
const gnutls_datum_t * p,
const gnutls_datum_t * q,
const gnutls_datum_t * g,
const gnutls_datum_t * y,
const gnutls_datum_t * x)
{
int ret;
size_t siz = 0;
if (key == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
siz = p->size;
if (_gnutls_mpi_scan_nz (&key->params.params[0], p->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
siz = q->size;
if (_gnutls_mpi_scan_nz (&key->params.params[1], q->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
siz = g->size;
if (_gnutls_mpi_scan_nz (&key->params.params[2], g->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
siz = y->size;
if (_gnutls_mpi_scan_nz (&key->params.params[3], y->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
siz = x->size;
if (_gnutls_mpi_scan_nz (&key->params.params[4], x->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
ret = _gnutls_asn1_encode_privkey (GNUTLS_PK_DSA, &key->key, &key->params);
if (ret < 0)
{
gnutls_assert ();
goto cleanup;
}
key->params.params_nr = DSA_PRIVATE_PARAMS;
key->pk_algorithm = GNUTLS_PK_DSA;
return 0;
cleanup:
gnutls_pk_params_release(&key->params);
return ret;
}
/**
* gnutls_x509_privkey_import_rsa_raw2:
* @key: The structure to store the parsed key
* @m: holds the modulus
* @e: holds the public exponent
* @d: holds the private exponent
* @p: holds the first prime (p)
* @q: holds the second prime (q)
* @u: holds the coefficient
* @e1: holds e1 = d mod (p-1)
* @e2: holds e2 = d mod (q-1)
*
* This function will convert the given RSA raw parameters to the
* native #gnutls_x509_privkey_t format. The output will be stored in
* @key.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
**/
int
gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key,
const gnutls_datum_t * m,
const gnutls_datum_t * e,
const gnutls_datum_t * d,
const gnutls_datum_t * p,
const gnutls_datum_t * q,
const gnutls_datum_t * u,
const gnutls_datum_t * e1,
const gnutls_datum_t * e2)
{
int ret;
size_t siz = 0;
if (key == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
gnutls_pk_params_init(&key->params);
siz = m->size;
if (_gnutls_mpi_scan_nz (&key->params.params[0], m->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
key->params.params_nr++;
siz = e->size;
if (_gnutls_mpi_scan_nz (&key->params.params[1], e->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
key->params.params_nr++;
siz = d->size;
if (_gnutls_mpi_scan_nz (&key->params.params[2], d->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
key->params.params_nr++;
siz = p->size;
if (_gnutls_mpi_scan_nz (&key->params.params[3], p->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
key->params.params_nr++;
siz = q->size;
if (_gnutls_mpi_scan_nz (&key->params.params[4], q->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
key->params.params_nr++;
siz = u->size;
if (_gnutls_mpi_scan_nz (&key->params.params[5], u->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
key->params.params_nr++;
if (e1 && e2)
{
siz = e1->size;
if (_gnutls_mpi_scan_nz (&key->params.params[6], e1->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
key->params.params_nr++;
siz = e2->size;
if (_gnutls_mpi_scan_nz (&key->params.params[7], e2->data, siz))
{
gnutls_assert ();
ret = GNUTLS_E_MPI_SCAN_FAILED;
goto cleanup;
}
key->params.params_nr++;
}
ret = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_IMPORT, &key->params);
if (ret < 0)
{
gnutls_assert ();
goto cleanup;
}
ret = _gnutls_asn1_encode_privkey (GNUTLS_PK_RSA, &key->key, &key->params);
if (ret < 0)
{
gnutls_assert ();
goto cleanup;
}
key->params.params_nr = RSA_PRIVATE_PARAMS;
key->pk_algorithm = GNUTLS_PK_RSA;
return 0;
cleanup:
gnutls_pk_params_release(&key->params);
return ret;
}
/* Decodes an DSA privateKey and params from a PKCS8 structure.
*/
static int
_decode_pkcs8_dsa_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey)
{
int ret;
gnutls_datum_t tmp = {NULL, 0};
gnutls_pk_params_init(&pkey->params);
ret = _gnutls_x509_read_value(pkcs8_asn, "privateKey", &tmp);
if (ret < 0) {
gnutls_assert();
goto error;
}
ret =
_gnutls_x509_read_der_int(tmp.data, tmp.size,
&pkey->params.params[4]);
_gnutls_free_key_datum(&tmp);
if (ret < 0) {
gnutls_assert();
goto error;
}
ret =
_gnutls_x509_read_value(pkcs8_asn,
"privateKeyAlgorithm.parameters",
&tmp);
if (ret < 0) {
gnutls_assert();
goto error;
}
ret =
_gnutls_x509_read_pubkey_params(GNUTLS_PK_DSA, tmp.data,
tmp.size, &pkey->params);
_gnutls_free_datum(&tmp);
if (ret < 0) {
gnutls_assert();
goto error;
}
if (_gnutls_mpi_cmp_ui(pkey->params.params[0], 0) == 0) {
gnutls_assert();
ret = GNUTLS_E_ILLEGAL_PARAMETER;
goto error;
}
/* the public key can be generated as g^x mod p */
ret = _gnutls_mpi_init(&pkey->params.params[3]);
if (ret < 0) {
gnutls_assert();
goto error;
}
ret = _gnutls_mpi_powm(pkey->params.params[3], pkey->params.params[2],
pkey->params.params[4], pkey->params.params[0]);
if (ret < 0) {
gnutls_assert();
goto error;
}
pkey->params.algo = GNUTLS_PK_DSA;
pkey->params.params_nr = DSA_PRIVATE_PARAMS;
ret =
_gnutls_asn1_encode_privkey(&pkey->key,
&pkey->params);
if (ret < 0) {
gnutls_assert();
goto error;
}
return 0;
error:
if (pkey->params.params_nr != DSA_PRIVATE_PARAMS)
_gnutls_mpi_release(&pkey->params.params[4]);
return ret;
}
