/* Encodes the RSA parameters into an ASN.1 RSA private key structure.
*/
static int
_gnutls_asn1_encode_rsa(ASN1_TYPE * c2, gnutls_pk_params_st * params)
{
int result, ret;
uint8_t null = '\0';
gnutls_pk_params_st pk_params;
/* we do copy the parameters into a new structure to run _gnutls_pk_fixup,
* i.e., regenerate some parameters in case they were broken */
gnutls_pk_params_init(&pk_params);
ret = _gnutls_pk_params_copy(&pk_params, params);
if (ret < 0) {
gnutls_assert();
return ret;
}
ret =
_gnutls_pk_fixup(GNUTLS_PK_RSA, GNUTLS_EXPORT, &pk_params);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
/* Ok. Now we have the data. Create the asn1 structures
*/
/* first make sure that no previously allocated data are leaked */
if (*c2 != ASN1_TYPE_EMPTY) {
asn1_delete_structure(c2);
*c2 = ASN1_TYPE_EMPTY;
}
if ((result = asn1_create_element
(_gnutls_get_gnutls_asn(), "GNUTLS.RSAPrivateKey", c2))
!= ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(result);
goto cleanup;
}
/* Write PRIME
*/
ret =
_gnutls_x509_write_int(*c2, "modulus",
params->params[RSA_MODULUS], 1);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_x509_write_int(*c2, "publicExponent",
params->params[RSA_PUB], 1);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_x509_write_key_int(*c2, "privateExponent",
params->params[RSA_PRIV], 1);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_x509_write_key_int(*c2, "prime1",
params->params[RSA_PRIME1], 1);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_x509_write_key_int(*c2, "prime2",
params->params[RSA_PRIME2], 1);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_x509_write_key_int(*c2, "coefficient",
params->params[RSA_COEF], 1);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_x509_write_key_int(*c2, "exponent1",
params->params[RSA_E1], 1);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_x509_write_key_int(*c2, "exponent2",
params->params[RSA_E2], 1);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
if ((result = asn1_write_value(*c2, "otherPrimeInfos",
NULL, 0)) != ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(result);
goto cleanup;
}
if ((result =
asn1_write_value(*c2, "version", &null, 1)) != ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(result);
goto cleanup;
}
ret = 0;
cleanup:
if (ret < 0)
asn1_delete_structure2(c2, ASN1_DELETE_FLAG_ZEROIZE);
gnutls_pk_params_clear(&pk_params);
gnutls_pk_params_release(&pk_params);
return ret;
}
/* Encodes the RSA parameters into an ASN.1 RSA private key structure.
*/
static int
_gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t * params)
{
int result;
opaque null = '\0';
gnutls_pk_params_st pk_params;
gnutls_datum_t m, e, d, p, q, u, exp1, exp2;
memset (&pk_params, 0, sizeof (pk_params));
memset (&m, 0, sizeof (m));
memset (&p, 0, sizeof (e));
memset (&q, 0, sizeof (d));
memset (&p, 0, sizeof (p));
memset (&q, 0, sizeof (q));
memset (&u, 0, sizeof (u));
memset (&exp1, 0, sizeof (exp1));
memset (&exp2, 0, sizeof (exp2));
result = _gnutls_pk_params_copy (&pk_params, params, RSA_PRIVATE_PARAMS);
if (result < 0)
{
gnutls_assert ();
return result;
}
result = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_EXPORT, &pk_params);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
/* retrieve as data */
result = _gnutls_mpi_dprint_lz (pk_params.params[0], &m);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
result = _gnutls_mpi_dprint_lz (pk_params.params[1], &e);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
result = _gnutls_mpi_dprint_lz (pk_params.params[2], &d);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
result = _gnutls_mpi_dprint_lz (pk_params.params[3], &p);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
result = _gnutls_mpi_dprint_lz (pk_params.params[4], &q);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
result = _gnutls_mpi_dprint_lz (pk_params.params[5], &u);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
result = _gnutls_mpi_dprint_lz (pk_params.params[6], &exp1);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
result = _gnutls_mpi_dprint_lz (pk_params.params[7], &exp2);
if (result < 0)
{
gnutls_assert ();
goto cleanup;
}
/* Ok. Now we have the data. Create the asn1 structures
*/
/* first make sure that no previously allocated data are leaked */
if (*c2 != ASN1_TYPE_EMPTY)
{
asn1_delete_structure (c2);
*c2 = ASN1_TYPE_EMPTY;
}
if ((result = asn1_create_element
(_gnutls_get_gnutls_asn (), "GNUTLS.RSAPrivateKey", c2))
!= ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
/* Write PRIME
*/
if ((result = asn1_write_value (*c2, "modulus",
m.data, m.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
if ((result = asn1_write_value (*c2, "publicExponent",
e.data, e.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
if ((result = asn1_write_value (*c2, "privateExponent",
d.data, d.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
if ((result = asn1_write_value (*c2, "prime1",
p.data, p.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
if ((result = asn1_write_value (*c2, "prime2",
q.data, q.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
if ((result = asn1_write_value (*c2, "coefficient",
u.data, u.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
if ((result = asn1_write_value (*c2, "exponent1",
exp1.data, exp1.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
if ((result = asn1_write_value (*c2, "exponent2",
exp2.data, exp2.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
if ((result = asn1_write_value (*c2, "otherPrimeInfos",
NULL, 0)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
if ((result = asn1_write_value (*c2, "version", &null, 1)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
result = 0;
cleanup:
if (result != 0)
asn1_delete_structure (c2);
gnutls_pk_params_release (&pk_params);
_gnutls_free_datum (&m);
_gnutls_free_datum (&d);
_gnutls_free_datum (&e);
_gnutls_free_datum (&p);
_gnutls_free_datum (&q);
_gnutls_free_datum (&u);
_gnutls_free_datum (&exp1);
_gnutls_free_datum (&exp2);
return result;
}
/**
* gnutls_x509_privkey_export_rsa_raw2:
* @key: a structure that holds the rsa parameters
* @m: will hold the modulus
* @e: will hold the public exponent
* @d: will hold the private exponent
* @p: will hold the first prime (p)
* @q: will hold the second prime (q)
* @u: will hold the coefficient
* @e1: will hold e1 = d mod (p-1)
* @e2: will hold e2 = d mod (q-1)
*
* This function will export the RSA private key's parameters found
* in the given structure. The new parameters will be allocated using
* gnutls_malloc() and will be stored in the appropriate datum.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 2.12.0
**/
int
gnutls_x509_privkey_export_rsa_raw2 (gnutls_x509_privkey_t key,
gnutls_datum_t * m, gnutls_datum_t * e,
gnutls_datum_t * d, gnutls_datum_t * p,
gnutls_datum_t * q, gnutls_datum_t * u,
gnutls_datum_t * e1, gnutls_datum_t * e2)
{
int ret;
gnutls_pk_params_st pk_params;
gnutls_pk_params_init(&pk_params);
if (key == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
m->data = e->data = d->data = p->data = q->data = u->data = NULL;
m->size = e->size = d->size = p->size = q->size = u->size = 0;
ret = _gnutls_pk_params_copy (&pk_params, &key->params);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
ret = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_EXPORT, &pk_params);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
ret = _gnutls_mpi_dprint_lz (pk_params.params[0], m);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
/* E */
ret = _gnutls_mpi_dprint_lz (pk_params.params[1], e);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
/* D */
ret = _gnutls_mpi_dprint_lz (pk_params.params[2], d);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
/* P */
ret = _gnutls_mpi_dprint_lz (pk_params.params[3], p);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
/* Q */
ret = _gnutls_mpi_dprint_lz (pk_params.params[4], q);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
/* U */
ret = _gnutls_mpi_dprint_lz (key->params.params[5], u);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
/* E1 */
if (e1)
{
ret = _gnutls_mpi_dprint_lz (key->params.params[6], e1);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
}
/* E2 */
if (e2)
{
ret = _gnutls_mpi_dprint_lz (key->params.params[7], e2);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
}
gnutls_pk_params_release (&pk_params);
return 0;
error:
_gnutls_free_datum (m);
_gnutls_free_datum (d);
_gnutls_free_datum (e);
_gnutls_free_datum (p);
_gnutls_free_datum (q);
gnutls_pk_params_release (&pk_params);
return ret;
}
