/** * gnutls_x509_crq_get_pk_algorithm - This function returns the certificate request's PublicKey algorithm * @crq: should contain a gnutls_x509_crq_t structure * @bits: if bits is non null it will hold the size of the parameters' in bits * * This function will return the public key algorithm of a PKCS \#10 * certificate request. * * If bits is non null, it should have enough size to hold the parameters * size in bits. For RSA the bits returned is the modulus. * For DSA the bits returned are of the public * exponent. * * Returns a member of the gnutls_pk_algorithm_t enumeration on success, * or a negative value on error. * **/ int gnutls_x509_crq_get_pk_algorithm (gnutls_x509_crq_t crq, unsigned int *bits) { int result; if (crq == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } result = _gnutls_x509_get_pk_algorithm (crq->crq, "certificationRequestInfo.subjectPKInfo", bits); if (result < 0) { gnutls_assert (); } return result; }
/* Extracts DSA and RSA parameters from a certificate. */ int _gnutls_get_asn_mpis (ASN1_TYPE asn, const char *root, bigint_t * params, int *params_size) { int result; char name[256]; gnutls_datum_t tmp = { NULL, 0 }; gnutls_pk_algorithm_t pk_algorithm; result = _gnutls_x509_get_pk_algorithm (asn, root, NULL); if (result < 0) { gnutls_assert (); return result; } pk_algorithm = result; /* Read the algorithm's parameters */ _asnstr_append_name (name, sizeof (name), root, ".subjectPublicKey"); result = _gnutls_x509_read_value (asn, name, &tmp, 2); if (result < 0) { gnutls_assert (); return result; } switch (pk_algorithm) { case GNUTLS_PK_RSA: /* params[0] is the modulus, * params[1] is the exponent */ if (*params_size < RSA_PUBLIC_PARAMS) { gnutls_assert (); /* internal error. Increase the bigint_ts in params */ result = GNUTLS_E_INTERNAL_ERROR; goto error; } if ((result = _gnutls_x509_read_rsa_params (tmp.data, tmp.size, params)) < 0) { gnutls_assert (); goto error; } *params_size = RSA_PUBLIC_PARAMS; break; case GNUTLS_PK_DSA: /* params[0] is p, * params[1] is q, * params[2] is q, * params[3] is pub. */ if (*params_size < DSA_PUBLIC_PARAMS) { gnutls_assert (); /* internal error. Increase the bigint_ts in params */ result = GNUTLS_E_INTERNAL_ERROR; goto error; } if ((result = _gnutls_x509_read_dsa_pubkey (tmp.data, tmp.size, params)) < 0) { gnutls_assert (); goto error; } /* Now read the parameters */ _gnutls_free_datum (&tmp); _asnstr_append_name (name, sizeof (name), root, ".algorithm.parameters"); result = _gnutls_x509_read_value (asn, name, &tmp, 0); /* FIXME: If the parameters are not included in the certificate * then the issuer's parameters should be used. This is not * done yet. */ if (result < 0) { gnutls_assert (); goto error; } if ((result = _gnutls_x509_read_dsa_params (tmp.data, tmp.size, params)) < 0) { gnutls_assert (); goto error; } *params_size = DSA_PUBLIC_PARAMS; break; default: /* other types like DH * currently not supported */ gnutls_assert (); result = GNUTLS_E_X509_CERTIFICATE_ERROR; goto error; } result = 0; error: _gnutls_free_datum (&tmp); return result; }