Пример #1
0
static
int dcrypt_gnutls_generate_keypair(struct dcrypt_keypair *pair_r, enum dcrypt_key_type kind, unsigned int bits, const char *curve, const char **error_r)
{
	gnutls_pk_algorithm_t pk_algo;
	gnutls_ecc_curve_t pk_curve;

        if (kind == DCRYPT_KEY_EC) {
		pk_curve = gnutls_ecc_curve_get_id(curve);
		if (pk_curve == GNUTLS_ECC_CURVE_INVALID) {
			*error_r = "Invalid curve";
			return -1;
		}
		bits = GNUTLS_CURVE_TO_BITS(pk_curve);
#if GNUTLS_VERSION_NUMBER >= 0x030500
		pk_algo = gnutls_curve_get_pk(pk_curve);
#else
		pk_algo = GNUTLS_PK_EC;
#endif 
        } else if (kind == DCRYPT_KEY_RSA) {
                pk_algo = gnutls_pk_get_id("RSA");
        } else {
		*error_r = "Unsupported key type";
		return -1;
	}

	int ec;
	gnutls_privkey_t priv;
	if ((ec = gnutls_privkey_init(&priv)) != GNUTLS_E_SUCCESS) return dcrypt_gnutls_error(ec, error_r);
#if GNUTLS_VERSION_NUMBER >= 0x030500
	gnutls_privkey_set_flags(priv, GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT);
#endif
	ec = gnutls_privkey_generate(priv, pk_algo, bits, 0);
	if (ec != GNUTLS_E_SUCCESS) {
		gnutls_privkey_deinit(priv);
		return dcrypt_gnutls_error(ec, error_r);
	}

	pair_r->priv = (struct dcrypt_private_key*)priv;

	return dcrypt_gnutls_private_to_public_key(pair_r->priv, &pair_r->pub, error_r);
}
Пример #2
0
void
doit (void)
{
    if (debug)
    {
        printf ("GnuTLS header version %s.\n", GNUTLS_VERSION);
        printf ("GnuTLS library version %s.\n", gnutls_check_version (NULL));
    }

    if (!gnutls_check_version (GNUTLS_VERSION))
        fail ("gnutls_check_version ERROR\n");

    {
        const gnutls_pk_algorithm_t *algs;
        size_t i;
        int pk;

        algs = gnutls_pk_list ();
        if (!algs)
            fail ("gnutls_pk_list return NULL\n");

        for (i = 0; algs[i]; i++)
        {
            if (debug)
                printf ("pk_list[%d] = %d = %s = %d\n", (int) i, algs[i],
                        gnutls_pk_algorithm_get_name (algs[i]),
                        gnutls_pk_get_id (gnutls_pk_algorithm_get_name (algs[i])));
            if (gnutls_pk_get_id (gnutls_pk_algorithm_get_name (algs[i]))
                    != algs[i])
                fail ("gnutls_pk id's doesn't match\n");
        }

        pk = gnutls_pk_get_id ("foo");
        if (pk != GNUTLS_PK_UNKNOWN)
            fail ("gnutls_pk unknown test failed (%d)\n", pk);

        if (debug)
            success ("gnutls_pk_list ok\n");
    }

    {
        const gnutls_sign_algorithm_t *algs;
        size_t i;
        int pk;

        algs = gnutls_sign_list ();
        if (!algs)
            fail ("gnutls_sign_list return NULL\n");

        for (i = 0; algs[i]; i++)
        {
            if (debug)
                printf ("sign_list[%d] = %d = %s = %d\n", (int) i, algs[i],
                        gnutls_sign_algorithm_get_name (algs[i]),
                        gnutls_sign_get_id (gnutls_sign_algorithm_get_name
                                            (algs[i])));
            if (gnutls_sign_get_id (gnutls_sign_algorithm_get_name (algs[i])) !=
                    algs[i])
                fail ("gnutls_sign id's doesn't match\n");
        }

        pk = gnutls_sign_get_id ("foo");
        if (pk != GNUTLS_PK_UNKNOWN)
            fail ("gnutls_sign unknown test failed (%d)\n", pk);

        if (debug)
            success ("gnutls_sign_list ok\n");
    }
}