/** * ntfs_rsa_private_key_import_from_gnutls */ static ntfs_rsa_private_key ntfs_rsa_private_key_import_from_gnutls( gnutls_x509_privkey_t priv_key) { int i, j; size_t tmp_size; gnutls_datum_t rd[6]; gcry_mpi_t rm[6]; gcry_sexp_t rsa_key; /* Extract the RSA parameters from the GNU TLS private key. */ if (gnutls_x509_privkey_export_rsa_raw(priv_key, &rd[0], &rd[1], &rd[2], &rd[3], &rd[4], &rd[5])) { ntfs_log_error("Failed to export rsa parameters. (Is the " "key an RSA private key?)\n"); return NULL; } /* Convert each RSA parameter to mpi format. */ for (i = 0; i < 6; i++) { if (gcry_mpi_scan(&rm[i], GCRYMPI_FMT_USG, rd[i].data, rd[i].size, &tmp_size) != GPG_ERR_NO_ERROR) { ntfs_log_error("Failed to convert RSA parameter %i " "to mpi format (size %d)\n", i, rd[i].size); rsa_key = NULL; break; } } /* Release the no longer needed datum values. */ for (j = 0; j < 6; j++) { if (rd[j].data && rd[j].size) gnutls_free(rd[j].data); } /* * Build the gcrypt private key, note libgcrypt uses p and q inversed * to what gnutls uses. */ if (i == 6 && gcry_sexp_build(&rsa_key, NULL, "(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))", rm[0], rm[1], rm[2], rm[4], rm[3], rm[5]) != GPG_ERR_NO_ERROR) { ntfs_log_error("Failed to build RSA private key s-exp.\n"); rsa_key = NULL; } /* Release the no longer needed mpi values. */ for (j = 0; j < i; j++) gcry_mpi_release(rm[j]); return (ntfs_rsa_private_key)rsa_key; }
/** * gnutls_rsa_params_export_raw - This function will export the RSA parameters * @params: a structure that holds the rsa parameters * @m: will hold the modulus * @e: will hold the public exponent * @d: will hold the private exponent * @p: will hold the first prime (p) * @q: will hold the second prime (q) * @u: will hold the coefficient * @bits: if non null will hold the prime's number of bits * * This function will export the RSA parameters found in the given * structure. The new parameters will be allocated using * gnutls_malloc() and will be stored in the appropriate datum. * **/ int gnutls_rsa_params_export_raw (gnutls_rsa_params_t params, gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u, unsigned int *bits) { int ret; ret = gnutls_x509_privkey_export_rsa_raw (params, m, e, d, p, q, u); if (ret < 0) { gnutls_assert (); return ret; } if (bits) *bits = _gnutls_mpi_get_nbits (params->params[3]); return 0; }
EAPI void eet_identity_print(Eet_Key *key, FILE *out) { #ifdef HAVE_SIGNATURE # ifdef HAVE_GNUTLS const char *names[6] = { "Modulus", "Public exponent", "Private exponent", "First prime", "Second prime", "Coefficient" }; int err = 0; gnutls_datum_t data = { NULL, 0 }; gnutls_datum_t rsa_raw[6]; size_t size = 128; char *res = NULL; char buf[33]; unsigned int i, j; if (!key) return; if (!emile_cipher_init()) return ; if (key->private_key) { if (gnutls_x509_privkey_export_rsa_raw(key->private_key, rsa_raw + 0, /* Modulus */ rsa_raw + 1, /* Public exponent */ rsa_raw + 2, /* Private exponent */ rsa_raw + 3, /* First prime */ rsa_raw + 4, /* Second prime */ rsa_raw + 5)) /* Coefficient */ goto on_error; if (!(res = malloc(size))) goto on_error; fprintf(out, "Private Key:\n"); buf[32] = '\0'; for (i = 0; i < 6; i++) { while ((err = gnutls_hex_encode(rsa_raw + i, res, &size)) == GNUTLS_E_SHORT_MEMORY_BUFFER) { char *temp; size += 128; if (!(temp = realloc(res, size))) goto on_error; res = temp; } if (err) goto on_error; fprintf(out, "\t%s:\n", names[i]); for (j = 0; strlen(res) > j; j += 32) { snprintf(buf, 32, "%s", res + j); fprintf(out, "\t\t%s\n", buf); } } free(res); res = NULL; } if (key->certificate) { fprintf(out, "Public certificate:\n"); if (gnutls_x509_crt_print(key->certificate, GNUTLS_X509_CRT_FULL, &data)) goto on_error; fprintf(out, "%s\n", data.data); gnutls_free(data.data); data.data = NULL; } on_error: if (res) free(res); if (data.data) gnutls_free(data.data); return; # else /* ifdef HAVE_GNUTLS */ RSA *rsa; DSA *dsa; DH *dh; if (!key) return; if (!emile_cipher_init()) return ; rsa = EVP_PKEY_get1_RSA(key->private_key); if (rsa) { fprintf(out, "Private key (RSA):\n"); RSA_print_fp(out, rsa, 0); } dsa = EVP_PKEY_get1_DSA(key->private_key); if (dsa) { fprintf(out, "Private key (DSA):\n"); DSA_print_fp(out, dsa, 0); } dh = EVP_PKEY_get1_DH(key->private_key); if (dh) { fprintf(out, "Private key (DH):\n"); DHparams_print_fp(out, dh); } fprintf(out, "Public certificate:\n"); X509_print_fp(out, key->certificate); # endif /* ifdef HAVE_GNUTLS */ #else /* ifdef HAVE_SIGNATURE */ key = NULL; out = NULL; ERR("You need to compile signature support in EET."); #endif /* ifdef HAVE_SIGNATURE */ }