/* Reads and returns the PK algorithm of the given certificate-like
* ASN.1 structure. src_name should be something like "tbsCertificate.subjectPublicKeyInfo".
*/
int
_gnutls_x509_get_pk_algorithm (ASN1_TYPE src, const char *src_name,
unsigned int *bits)
{
int result;
int algo;
char oid[64];
int len;
gnutls_pk_params_st params;
char name[128];
gnutls_pk_params_init(¶ms);
_asnstr_append_name (name, sizeof (name), src_name, ".algorithm.algorithm");
len = sizeof (oid);
result = asn1_read_value (src, name, oid, &len);
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
return _gnutls_asn2err (result);
}
algo = _gnutls_x509_oid2pk_algorithm (oid);
if (algo == GNUTLS_PK_UNKNOWN)
{
_gnutls_debug_log
("%s: unknown public key algorithm: %s\n", __func__, oid);
}
if (bits == NULL)
{
return algo;
}
/* Now read the parameters' bits
*/
result = _gnutls_get_asn_mpis(src, src_name, ¶ms);
if (result < 0)
return gnutls_assert_val(result);
bits[0] = pubkey_to_bits(algo, ¶ms);
gnutls_pk_params_release(¶ms);
return algo;
}
/* Reads and returns the PK algorithm of the given certificate-like
* ASN.1 structure. src_name should be something like "tbsCertificate.subjectPublicKeyInfo".
*/
int
_gnutls_x509_get_pk_algorithm (ASN1_TYPE src, const char *src_name,
unsigned int *bits)
{
int result;
opaque *str = NULL;
int algo;
char oid[64];
int len;
bigint_t params[MAX_PUBLIC_PARAMS_SIZE];
char name[128];
_asnstr_append_name (name, sizeof (name), src_name, ".algorithm.algorithm");
len = sizeof (oid);
result = asn1_read_value (src, name, oid, &len);
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
return _gnutls_asn2err (result);
}
algo = _gnutls_x509_oid2pk_algorithm (oid);
if (algo == GNUTLS_PK_UNKNOWN)
{
_gnutls_x509_log
("%s: unknown public key algorithm: %s\n", __func__, oid);
}
if (bits == NULL)
{
return algo;
}
/* Now read the parameters' bits
*/
_asnstr_append_name (name, sizeof (name), src_name, ".subjectPublicKey");
len = 0;
result = asn1_read_value (src, name, NULL, &len);
if (result != ASN1_MEM_ERROR)
{
gnutls_assert ();
return _gnutls_asn2err (result);
}
if (len % 8 != 0)
{
gnutls_assert ();
return GNUTLS_E_CERTIFICATE_ERROR;
}
len /= 8;
str = gnutls_malloc (len);
if (str == NULL)
{
gnutls_assert ();
return GNUTLS_E_MEMORY_ERROR;
}
_asnstr_append_name (name, sizeof (name), src_name, ".subjectPublicKey");
result = asn1_read_value (src, name, str, &len);
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
gnutls_free (str);
return _gnutls_asn2err (result);
}
len /= 8;
switch (algo)
{
case GNUTLS_PK_RSA:
{
if ((result = _gnutls_x509_read_rsa_params (str, len, params)) < 0)
{
gnutls_assert ();
return result;
}
bits[0] = _gnutls_mpi_get_nbits (params[0]);
_gnutls_mpi_release (¶ms[0]);
_gnutls_mpi_release (¶ms[1]);
}
break;
case GNUTLS_PK_DSA:
{
if ((result = _gnutls_x509_read_dsa_pubkey (str, len, params)) < 0)
{
gnutls_assert ();
return result;
}
bits[0] = _gnutls_mpi_get_nbits (params[3]);
_gnutls_mpi_release (¶ms[3]);
}
break;
}
gnutls_free (str);
return algo;
}
