예제 #1
0
파일: key.c 프로젝트: idtek/knot
static int ecdsa_params_to_pem(dnssec_key_t *dnskey, const legacy_privkey_t *params,
			       dnssec_binary_t *pem)
{
	_cleanup_x509_privkey_ gnutls_x509_privkey_t key = NULL;
	int result = gnutls_x509_privkey_init(&key);
	if (result != GNUTLS_E_SUCCESS) {
		return DNSSEC_ENOMEM;
	}

	gnutls_ecc_curve_t curve = 0;
	gnutls_datum_t x = { 0 };
	gnutls_datum_t y = { 0 };
	ecdsa_extract_public_params(dnskey, &curve, &x, &y);

	gnutls_datum_t k = binary_to_datum(&params->private_key);

	result = gnutls_x509_privkey_import_ecc_raw(key, curve, &x, &y, &k);
	if (result != DNSSEC_EOK) {
		return DNSSEC_KEY_IMPORT_ERROR;
	}

	gnutls_x509_privkey_fix(key);

	return pem_from_x509(key, pem);
}
예제 #2
0
static int _gnutls_privkey_export2_pkcs8(gnutls_privkey_t key, gnutls_x509_crt_fmt_t f,
					 const char *password, unsigned flags, gnutls_datum_t *out)
{
	gnutls_x509_privkey_t xkey;
	int ret;

	ret = gnutls_privkey_export_x509(key, &xkey);
	if (ret < 0)
		fail("error in gnutls_privkey_export_x509\n");

	assert(gnutls_x509_privkey_fix(xkey)>=0);

	ret = gnutls_x509_privkey_export2_pkcs8(xkey, f, password, 0, out);
	gnutls_x509_privkey_deinit(xkey);

	return ret;
}