/**
* gnutls_x509_crq_get_pk_algorithm - This function returns the certificate request's PublicKey algorithm
* @crq: should contain a gnutls_x509_crq_t structure
* @bits: if bits is non null it will hold the size of the parameters' in bits
*
* This function will return the public key algorithm of a PKCS \#10
* certificate request.
*
* If bits is non null, it should have enough size to hold the parameters
* size in bits. For RSA the bits returned is the modulus.
* For DSA the bits returned are of the public
* exponent.
*
* Returns a member of the gnutls_pk_algorithm_t enumeration on success,
* or a negative value on error.
*
**/
int
gnutls_x509_crq_get_pk_algorithm (gnutls_x509_crq_t crq, unsigned int *bits)
{
int result;
if (crq == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
result =
_gnutls_x509_get_pk_algorithm (crq->crq,
"certificationRequestInfo.subjectPKInfo",
bits);
if (result < 0)
{
gnutls_assert ();
}
return result;
}
/* Extracts DSA and RSA parameters from a certificate.
*/
int
_gnutls_get_asn_mpis (ASN1_TYPE asn, const char *root,
bigint_t * params, int *params_size)
{
int result;
char name[256];
gnutls_datum_t tmp = { NULL, 0 };
gnutls_pk_algorithm_t pk_algorithm;
result = _gnutls_x509_get_pk_algorithm (asn, root, NULL);
if (result < 0)
{
gnutls_assert ();
return result;
}
pk_algorithm = result;
/* Read the algorithm's parameters
*/
_asnstr_append_name (name, sizeof (name), root, ".subjectPublicKey");
result = _gnutls_x509_read_value (asn, name, &tmp, 2);
if (result < 0)
{
gnutls_assert ();
return result;
}
switch (pk_algorithm)
{
case GNUTLS_PK_RSA:
/* params[0] is the modulus,
* params[1] is the exponent
*/
if (*params_size < RSA_PUBLIC_PARAMS)
{
gnutls_assert ();
/* internal error. Increase the bigint_ts in params */
result = GNUTLS_E_INTERNAL_ERROR;
goto error;
}
if ((result =
_gnutls_x509_read_rsa_params (tmp.data, tmp.size, params)) < 0)
{
gnutls_assert ();
goto error;
}
*params_size = RSA_PUBLIC_PARAMS;
break;
case GNUTLS_PK_DSA:
/* params[0] is p,
* params[1] is q,
* params[2] is q,
* params[3] is pub.
*/
if (*params_size < DSA_PUBLIC_PARAMS)
{
gnutls_assert ();
/* internal error. Increase the bigint_ts in params */
result = GNUTLS_E_INTERNAL_ERROR;
goto error;
}
if ((result =
_gnutls_x509_read_dsa_pubkey (tmp.data, tmp.size, params)) < 0)
{
gnutls_assert ();
goto error;
}
/* Now read the parameters
*/
_gnutls_free_datum (&tmp);
_asnstr_append_name (name, sizeof (name), root,
".algorithm.parameters");
result = _gnutls_x509_read_value (asn, name, &tmp, 0);
/* FIXME: If the parameters are not included in the certificate
* then the issuer's parameters should be used. This is not
* done yet.
*/
if (result < 0)
{
gnutls_assert ();
goto error;
}
if ((result =
_gnutls_x509_read_dsa_params (tmp.data, tmp.size, params)) < 0)
{
gnutls_assert ();
goto error;
}
*params_size = DSA_PUBLIC_PARAMS;
break;
default:
/* other types like DH
* currently not supported
*/
gnutls_assert ();
result = GNUTLS_E_X509_CERTIFICATE_ERROR;
goto error;
}
result = 0;
error:
_gnutls_free_datum (&tmp);
return result;
}
