static int ecdsa_params_to_pem(dnssec_key_t *dnskey, const legacy_privkey_t *params,
dnssec_binary_t *pem)
{
_cleanup_x509_privkey_ gnutls_x509_privkey_t key = NULL;
int result = gnutls_x509_privkey_init(&key);
if (result != GNUTLS_E_SUCCESS) {
return DNSSEC_ENOMEM;
}
gnutls_ecc_curve_t curve = 0;
gnutls_datum_t x = { 0 };
gnutls_datum_t y = { 0 };
ecdsa_extract_public_params(dnskey, &curve, &x, &y);
gnutls_datum_t k = binary_to_datum(¶ms->private_key);
result = gnutls_x509_privkey_import_ecc_raw(key, curve, &x, &y, &k);
if (result != DNSSEC_EOK) {
return DNSSEC_KEY_IMPORT_ERROR;
}
gnutls_x509_privkey_fix(key);
return pem_from_x509(key, pem);
}
/**
* gnutls_privkey_import_ecc_raw:
* @key: The key
* @curve: holds the curve
* @x: holds the x
* @y: holds the y
* @k: holds the k
*
* This function will convert the given elliptic curve parameters to the
* native #gnutls_privkey_t format. The output will be stored
* in @key.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.0
**/
int
gnutls_privkey_import_ecc_raw(gnutls_privkey_t key,
gnutls_ecc_curve_t curve,
const gnutls_datum_t * x,
const gnutls_datum_t * y,
const gnutls_datum_t * k)
{
int ret;
gnutls_x509_privkey_t xkey;
ret = gnutls_x509_privkey_init(&xkey);
if (ret < 0)
return gnutls_assert_val(ret);
ret = gnutls_x509_privkey_import_ecc_raw(xkey, curve, x, y, k);
if (ret < 0) {
gnutls_assert();
goto error;
}
ret = gnutls_privkey_import_x509(key, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
if (ret < 0) {
gnutls_assert();
goto error;
}
return 0;
error:
gnutls_x509_privkey_deinit(xkey);
return ret;
}
