diff --git a/src/pk/dsa/dsa_export.c b/src/pk/dsa/dsa_export.c index e4c4508..3306837 100644 --- a/src/pk/dsa/dsa_export.c +++ b/src/pk/dsa/dsa_export.c @@ -28,6 +28,7 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key) { unsigned char flags[1]; + unsigned long zero=0; LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); @@ -44,12 +45,17 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key flags[0] = (type != PK_PUBLIC) ? 1 : 0; + /* This encoding is different from the one in original + * libtomcrypt. It uses a compatible encoding with gnutls + * and openssl + */ + if (type == PK_PRIVATE) { return der_encode_sequence_multi(out, outlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_INTEGER, 1UL, key->g, + LTC_ASN1_SHORT_INTEGER, 1UL, &zero, LTC_ASN1_INTEGER, 1UL, key->p, LTC_ASN1_INTEGER, 1UL, key->q, + LTC_ASN1_INTEGER, 1UL, key->g, LTC_ASN1_INTEGER, 1UL, key->y, LTC_ASN1_INTEGER, 1UL, key->x, LTC_ASN1_EOL, 0UL, NULL); diff --git a/src/pk/dsa/dsa_import.c b/src/pk/dsa/dsa_import.c index 47a68ca..d3e672f 100644 --- a/src/pk/dsa/dsa_import.c +++ b/src/pk/dsa/dsa_import.c @@ -28,6 +28,7 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) { unsigned char flags[1]; int err; + unsigned long zero = 0; LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); @@ -42,22 +43,19 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) if ((err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto error; - } - - if (flags[0] == 1) { - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_INTEGER, 1UL, key->g, - LTC_ASN1_INTEGER, 1UL, key->p, - LTC_ASN1_INTEGER, 1UL, key->q, - LTC_ASN1_INTEGER, 1UL, key->y, - LTC_ASN1_INTEGER, 1UL, key->x, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto error; - } - key->type = PK_PRIVATE; - } else { + /* private key */ + if ((err = der_decode_sequence_multi(in, inlen, + LTC_ASN1_SHORT_INTEGER, 1UL, &zero, + LTC_ASN1_INTEGER, 1UL, key->p, + LTC_ASN1_INTEGER, 1UL, key->q, + LTC_ASN1_INTEGER, 1UL, key->g, + LTC_ASN1_INTEGER, 1UL, key->y, + LTC_ASN1_INTEGER, 1UL, key->x, + LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { + goto error; + } + key->type = PK_PRIVATE; + } else { /* public */ if ((err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_INTEGER, 1UL, key->g,