int
pgp_put_public_rsa_key(struct nettle_buffer *buffer,
const struct rsa_public_key *pub,
time_t timestamp)
{
/* Public key packet, version 4 */
unsigned start;
unsigned length;
/* Size of packet is 16 + the size of e and n */
length = (4 * 4
+ nettle_mpz_sizeinbase_256_u(pub->n)
+ nettle_mpz_sizeinbase_256_u(pub->e));
if (!pgp_put_header(buffer, PGP_TAG_PUBLIC_KEY, length))
return 0;
start = buffer->size;
if (! (pgp_put_header(buffer, PGP_TAG_PUBLIC_KEY,
/* Assume that we need two octets */
PGP_LENGTH_TWO_OCTETS)
&& pgp_put_uint32(buffer, 4) /* Version */
&& pgp_put_uint32(buffer, timestamp)/* Time stamp */
&& pgp_put_uint32(buffer, PGP_RSA) /* Algorithm */
&& pgp_put_mpi(buffer, pub->n)
&& pgp_put_mpi(buffer, pub->e)) )
return 0;
assert(buffer->size == start + length);
return 1;
}
void
nettle_mpz_get_str_256(size_t length, uint8_t *s, const mpz_t x)
{
if (!length)
{
/* x must be zero */
assert(!mpz_sgn(x));
return;
}
if (mpz_sgn(x) >= 0)
{
assert(nettle_mpz_sizeinbase_256_u(x) <= length);
nettle_mpz_to_octets(length, s, x, 0);
}
else
{
mpz_t c;
mpz_init(c);
mpz_com(c, x);
assert(nettle_mpz_sizeinbase_256_u(c) <= length);
nettle_mpz_to_octets(length, s, c, 0xff);
mpz_clear(c);
}
}
static void
_rsa_params_to_pubkey (const gnutls_pk_params_st * pk_params,
struct rsa_public_key *pub)
{
memcpy (&pub->n, pk_params->params[RSA_MODULUS], sizeof (mpz_t));
memcpy (&pub->e, pk_params->params[RSA_PUB], sizeof (mpz_t));
pub->size = nettle_mpz_sizeinbase_256_u(pub->n);
}
static void
_rsa_params_to_privkey (const gnutls_pk_params_st * pk_params,
struct rsa_private_key *priv)
{
memcpy (&priv->d, pk_params->params[2], sizeof (mpz_t));
memcpy (&priv->p, pk_params->params[3], sizeof (mpz_t));
memcpy (&priv->q, pk_params->params[4], sizeof (mpz_t));
memcpy (&priv->c, pk_params->params[5], sizeof (mpz_t));
memcpy (&priv->a, pk_params->params[6], sizeof (mpz_t));
memcpy (&priv->b, pk_params->params[7], sizeof (mpz_t));
priv->size = nettle_mpz_sizeinbase_256_u(TOMPZ(pk_params->params[RSA_MODULUS]));
}
static int
write_bignum(FILE *f, mpz_t x)
{
unsigned size = nettle_mpz_sizeinbase_256_u(x);
uint8_t *p;
int res;
if (!write_uint32(f, size))
return 0;
p = xalloc(size);
nettle_mpz_get_str_256(size, p, x);
res = write_string(f, size, p);
free(p);
return res;
}
static int
wrap_nettle_mpi_print(const bigint_t a, void *buffer, size_t * nbytes,
gnutls_bigint_format_t format)
{
unsigned int size;
mpz_t *p = (void *) a;
if (format == GNUTLS_MPI_FORMAT_USG) {
size = nettle_mpz_sizeinbase_256_u(*p);
} else if (format == GNUTLS_MPI_FORMAT_STD) {
size = nettle_mpz_sizeinbase_256_s(*p);
#if ENABLE_GOST
} else if (format == GNUTLS_MPI_FORMAT_ULE) {
size = nettle_mpz_sizeinbase_256_u_le(*p);
#endif
} else {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
if (buffer == NULL || size > *nbytes) {
*nbytes = size;
gnutls_assert();
return GNUTLS_E_SHORT_MEMORY_BUFFER;
}
#if ENABLE_GOST
if (format == GNUTLS_MPI_FORMAT_ULE)
nettle_mpz_get_str_256_u_le(size, buffer, *p);
else
#endif
nettle_mpz_get_str_256(size, buffer, *p);
*nbytes = size;
return 0;
}
int
ecc_make_key_ex (void *random_ctx, nettle_random_func random, ecc_key * key,
mpz_t prime, mpz_t order, mpz_t A, mpz_t B, mpz_t Gx, mpz_t Gy,
int timing_res)
{
int err;
ecc_point *base;
unsigned char *buf;
int keysize;
if (key == NULL || random == NULL)
return -1;
keysize = nettle_mpz_sizeinbase_256_u (order);
/* allocate ram */
base = NULL;
buf = malloc (keysize);
if (buf == NULL)
return -1;
/* make up random string */
random (random_ctx, keysize, buf);
/* setup the key variables */
if ((err =
mp_init_multi (&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k,
&key->prime, &key->order, &key->A, &key->B, &key->Gx, &key->Gy,
NULL)) != 0)
{
goto ERR_BUF;
}
base = ecc_new_point ();
if (base == NULL)
{
err = -1;
goto errkey;
}
/* read in the specs for this key */
mpz_set (key->prime, prime);
mpz_set (key->order, order);
mpz_set (key->Gx, Gx);
mpz_set (key->Gy, Gy);
mpz_set (key->A, A);
mpz_set (key->B, B);
mpz_set (base->x, key->Gx);
mpz_set (base->y, key->Gy);
mpz_set_ui (base->z, 1);
nettle_mpz_set_str_256_u (key->k, keysize, buf);
/* the key should be smaller than the order of base point */
if (mpz_cmp (key->k, key->order) >= 0)
{
mpz_mod (key->k, key->k, key->order);
}
/* make the public key */
if (timing_res)
err = ecc_mulmod_timing (key->k, base, &key->pubkey, key->A, key->prime, 1);
else
err = ecc_mulmod (key->k, base, &key->pubkey, key->A, key->prime, 1);
if (err != 0)
goto errkey;
key->type = PK_PRIVATE;
/* free up ram */
err = 0;
goto cleanup;
errkey:
mp_clear_multi (&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k,
&key->order, &key->prime, &key->Gx, &key->Gy, &key->A, &key->B,
NULL);
cleanup:
ecc_del_point (base);
ERR_BUF:
free (buf);
return err;
}
