diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-19 20:10:26 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-19 20:10:26 +0200 |
| commit | 56eb45f752baa978a9ea3573faee44857678597d (patch) | |
| tree | 3c7da78ba84669d0f988b98450e4e55779dfcb41 /libtomcrypt/pk/dsa | |
| parent | 035b7bf3544ab9927dc2d64cf1e3214237ff0f71 (diff) | |
| download | cryptodev-linux-56eb45f752baa978a9ea3573faee44857678597d.tar.gz cryptodev-linux-56eb45f752baa978a9ea3573faee44857678597d.tar.xz cryptodev-linux-56eb45f752baa978a9ea3573faee44857678597d.zip | |
Public Keys are being exported to SubjectPublicKeyInfo format, instead of custom formats. For RSA keys the PKCS #1 format can be used as well.
Diffstat (limited to 'libtomcrypt/pk/dsa')
| -rw-r--r-- | libtomcrypt/pk/dsa/dsa_export.c | 41 | ||||
| -rw-r--r-- | libtomcrypt/pk/dsa/dsa_import.c | 49 |
2 files changed, 61 insertions, 29 deletions
diff --git a/libtomcrypt/pk/dsa/dsa_export.c b/libtomcrypt/pk/dsa/dsa_export.c index 11b6638..1fef6c7 100644 --- a/libtomcrypt/pk/dsa/dsa_export.c +++ b/libtomcrypt/pk/dsa/dsa_export.c @@ -27,8 +27,8 @@ */ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key) { - unsigned char flags[1]; unsigned long zero=0; + int err; LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); @@ -43,8 +43,6 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key return CRYPT_INVALID_ARG; } - flags[0] = (type != PK_PUBLIC) ? 1 : 0; - /* This encoding is different from the one in original * libtomcrypt. It uses a compatible encoding with gnutls * and openssl @@ -59,13 +57,36 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key LTC_ASN1_INTEGER, 1UL, &key->x, LTC_ASN1_EOL, 0UL, NULL); } else { - return der_encode_sequence_multi(out, outlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_INTEGER, 1UL, &key->g, - LTC_ASN1_INTEGER, 1UL, &key->p, - LTC_ASN1_INTEGER, 1UL, &key->q, - LTC_ASN1_INTEGER, 1UL, &key->y, - LTC_ASN1_EOL, 0UL, NULL); + unsigned long tmplen = (mp_count_bits(&key->y)/8)+8; + unsigned char* tmp = XMALLOC(tmplen); + ltc_asn1_list int_list[3]; + + if (tmp == NULL) { + return CRYPT_MEM; + } + + err = der_encode_integer(&key->y, tmp, &tmplen); + if (err != CRYPT_OK) { + goto error; + } + + int_list[0].data = &key->p; + int_list[0].size = 1UL; + int_list[0].type = LTC_ASN1_INTEGER; + int_list[1].data = &key->q; + int_list[1].size = 1UL; + int_list[1].type = LTC_ASN1_INTEGER; + int_list[2].data = &key->g; + int_list[2].size = 1UL; + int_list[2].type = LTC_ASN1_INTEGER; + + err = der_encode_subject_public_key_info(out, outlen, + PKA_DSA, tmp, tmplen, + LTC_ASN1_SEQUENCE, int_list, sizeof(int_list)/sizeof(int_list[0])); + +error: + XFREE(tmp); + return err; } } diff --git a/libtomcrypt/pk/dsa/dsa_import.c b/libtomcrypt/pk/dsa/dsa_import.c index 88e74f5..c0680f5 100644 --- a/libtomcrypt/pk/dsa/dsa_import.c +++ b/libtomcrypt/pk/dsa/dsa_import.c @@ -26,9 +26,9 @@ */ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) { - unsigned char flags[1]; int err; unsigned long zero = 0; + unsigned char* tmpbuf = NULL; LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); @@ -40,44 +40,55 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) /* get key type */ if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - /* private key */ - if ((err = der_decode_sequence_multi(in, inlen, LTC_ASN1_SHORT_INTEGER, 1UL, &zero, LTC_ASN1_INTEGER, 1UL, &key->p, LTC_ASN1_INTEGER, 1UL, &key->q, LTC_ASN1_INTEGER, 1UL, &key->g, LTC_ASN1_INTEGER, 1UL, &key->y, LTC_ASN1_INTEGER, 1UL, &key->x, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto error; - } + LTC_ASN1_EOL, 0UL, NULL)) == CRYPT_OK) { key->type = PK_PRIVATE; - } else { /* public */ + ltc_asn1_list params[3]; + unsigned long tmpbuf_len = MAX_RSA_SIZE*8; + + LTC_SET_ASN1(params, 0, LTC_ASN1_INTEGER, &key->p, 1UL); + LTC_SET_ASN1(params, 1, LTC_ASN1_INTEGER, &key->q, 1UL); + LTC_SET_ASN1(params, 2, LTC_ASN1_INTEGER, &key->g, 1UL); + + tmpbuf = XCALLOC(1, tmpbuf_len); + if (tmpbuf == NULL) { + err = CRYPT_MEM; + goto LBL_ERR; + } - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_INTEGER, 1UL, &key->g, - LTC_ASN1_INTEGER, 1UL, &key->p, - LTC_ASN1_INTEGER, 1UL, &key->q, - LTC_ASN1_INTEGER, 1UL, &key->y, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto error; + err = der_decode_subject_public_key_info(in, inlen, + PKA_DSA, tmpbuf, &tmpbuf_len, + LTC_ASN1_SEQUENCE, params, 3); + if (err != CRYPT_OK) { + goto LBL_ERR; } + + if ((err=der_decode_integer(tmpbuf, tmpbuf_len, &key->y)) != CRYPT_OK) { + goto LBL_ERR; + } + + XFREE(tmpbuf); key->type = PK_PUBLIC; } + key->qord = mp_unsigned_bin_size(&key->q); if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 || (unsigned long)key->qord >= mp_unsigned_bin_size(&key->p) || (mp_unsigned_bin_size(&key->p) - key->qord) >= LTC_MDSA_DELTA) { err = CRYPT_INVALID_PACKET; - goto error; + goto LBL_ERR; } return CRYPT_OK; -error: + +LBL_ERR: + XFREE(tmpbuf); mp_clear_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL); return err; } |