/* reads DSA's Y
* from the certificate
* only sets params[3]
*/
int
_gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, gnutls_pk_params_st * params)
{
/* do not set a number */
params->params_nr = 0;
return _gnutls_x509_read_der_int (der, dersize, ¶ms->params[3]);
}
/* reads DSA's Y
* from the certificate
* only sets params[3]
*/
int
_gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, bigint_t * params)
{
return _gnutls_x509_read_der_int (der, dersize, ¶ms[3]);
}
/* Decodes an DSA privateKey and params from a PKCS8 structure.
*/
static int
_decode_pkcs8_dsa_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey)
{
int ret;
gnutls_datum_t tmp = {NULL, 0};
gnutls_pk_params_init(&pkey->params);
ret = _gnutls_x509_read_value(pkcs8_asn, "privateKey", &tmp);
if (ret < 0) {
gnutls_assert();
goto error;
}
ret =
_gnutls_x509_read_der_int(tmp.data, tmp.size,
&pkey->params.params[4]);
_gnutls_free_key_datum(&tmp);
if (ret < 0) {
gnutls_assert();
goto error;
}
ret =
_gnutls_x509_read_value(pkcs8_asn,
"privateKeyAlgorithm.parameters",
&tmp);
if (ret < 0) {
gnutls_assert();
goto error;
}
ret =
_gnutls_x509_read_pubkey_params(GNUTLS_PK_DSA, tmp.data,
tmp.size, &pkey->params);
_gnutls_free_datum(&tmp);
if (ret < 0) {
gnutls_assert();
goto error;
}
if (_gnutls_mpi_cmp_ui(pkey->params.params[0], 0) == 0) {
gnutls_assert();
ret = GNUTLS_E_ILLEGAL_PARAMETER;
goto error;
}
/* the public key can be generated as g^x mod p */
ret = _gnutls_mpi_init(&pkey->params.params[3]);
if (ret < 0) {
gnutls_assert();
goto error;
}
ret = _gnutls_mpi_powm(pkey->params.params[3], pkey->params.params[2],
pkey->params.params[4], pkey->params.params[0]);
if (ret < 0) {
gnutls_assert();
goto error;
}
pkey->params.algo = GNUTLS_PK_DSA;
pkey->params.params_nr = DSA_PRIVATE_PARAMS;
ret =
_gnutls_asn1_encode_privkey(&pkey->key,
&pkey->params);
if (ret < 0) {
gnutls_assert();
goto error;
}
return 0;
error:
if (pkey->params.params_nr != DSA_PRIVATE_PARAMS)
_gnutls_mpi_release(&pkey->params.params[4]);
return ret;
}
