static int ecdsa_params_to_pem(dnssec_key_t *dnskey, const legacy_privkey_t *params, dnssec_binary_t *pem) { _cleanup_x509_privkey_ gnutls_x509_privkey_t key = NULL; int result = gnutls_x509_privkey_init(&key); if (result != GNUTLS_E_SUCCESS) { return DNSSEC_ENOMEM; } gnutls_ecc_curve_t curve = 0; gnutls_datum_t x = { 0 }; gnutls_datum_t y = { 0 }; ecdsa_extract_public_params(dnskey, &curve, &x, &y); gnutls_datum_t k = binary_to_datum(¶ms->private_key); result = gnutls_x509_privkey_import_ecc_raw(key, curve, &x, &y, &k); if (result != DNSSEC_EOK) { return DNSSEC_KEY_IMPORT_ERROR; } gnutls_x509_privkey_fix(key); return pem_from_x509(key, pem); }
/** * gnutls_privkey_import_ecc_raw: * @key: The key * @curve: holds the curve * @x: holds the x * @y: holds the y * @k: holds the k * * This function will convert the given elliptic curve parameters to the * native #gnutls_privkey_t format. The output will be stored * in @key. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 3.0 **/ int gnutls_privkey_import_ecc_raw(gnutls_privkey_t key, gnutls_ecc_curve_t curve, const gnutls_datum_t * x, const gnutls_datum_t * y, const gnutls_datum_t * k) { int ret; gnutls_x509_privkey_t xkey; ret = gnutls_x509_privkey_init(&xkey); if (ret < 0) return gnutls_assert_val(ret); ret = gnutls_x509_privkey_import_ecc_raw(xkey, curve, x, y, k); if (ret < 0) { gnutls_assert(); goto error; } ret = gnutls_privkey_import_x509(key, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); if (ret < 0) { gnutls_assert(); goto error; } return 0; error: gnutls_x509_privkey_deinit(xkey); return ret; }