DSA private keys are being exported to a compatible with OpenSSL and GnuTLS format.

This commit is contained in:
Nikos Mavrogiannopoulos 2011-03-21 08:26:27 +01:00 committed by Steffen Jaeckel
parent 2895c9d7fe
commit ed6897d90f
2 changed files with 22 additions and 18 deletions

View File

@ -28,6 +28,7 @@
int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key) int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key)
{ {
unsigned char flags[1]; unsigned char flags[1];
unsigned long zero=0;
LTC_ARGCHK(out != NULL); LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL); LTC_ARGCHK(outlen != NULL);
@ -44,12 +45,17 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
flags[0] = (type != PK_PUBLIC) ? 1 : 0; flags[0] = (type != PK_PUBLIC) ? 1 : 0;
/* This encoding is different from the one in original
* libtomcrypt. It uses a compatible encoding with gnutls
* and openssl
*/
if (type == PK_PRIVATE) { if (type == PK_PRIVATE) {
return der_encode_sequence_multi(out, outlen, return der_encode_sequence_multi(out, outlen,
LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
LTC_ASN1_INTEGER, 1UL, key->g,
LTC_ASN1_INTEGER, 1UL, key->p, LTC_ASN1_INTEGER, 1UL, key->p,
LTC_ASN1_INTEGER, 1UL, key->q, LTC_ASN1_INTEGER, 1UL, key->q,
LTC_ASN1_INTEGER, 1UL, key->g,
LTC_ASN1_INTEGER, 1UL, key->y, LTC_ASN1_INTEGER, 1UL, key->y,
LTC_ASN1_INTEGER, 1UL, key->x, LTC_ASN1_INTEGER, 1UL, key->x,
LTC_ASN1_EOL, 0UL, NULL); LTC_ASN1_EOL, 0UL, NULL);

View File

@ -28,6 +28,7 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
{ {
unsigned char flags[1]; unsigned char flags[1];
int err; int err;
unsigned long zero = 0;
LTC_ARGCHK(in != NULL); LTC_ARGCHK(in != NULL);
LTC_ARGCHK(key != NULL); LTC_ARGCHK(key != NULL);
@ -42,22 +43,19 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
if ((err = der_decode_sequence_multi(in, inlen, if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_BIT_STRING, 1UL, flags,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto error; /* private key */
}
if (flags[0] == 1) {
if ((err = der_decode_sequence_multi(in, inlen, if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
LTC_ASN1_INTEGER, 1UL, key->g,
LTC_ASN1_INTEGER, 1UL, key->p, LTC_ASN1_INTEGER, 1UL, key->p,
LTC_ASN1_INTEGER, 1UL, key->q, LTC_ASN1_INTEGER, 1UL, key->q,
LTC_ASN1_INTEGER, 1UL, key->g,
LTC_ASN1_INTEGER, 1UL, key->y, LTC_ASN1_INTEGER, 1UL, key->y,
LTC_ASN1_INTEGER, 1UL, key->x, LTC_ASN1_INTEGER, 1UL, key->x,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto error; goto error;
} }
key->type = PK_PRIVATE; key->type = PK_PRIVATE;
} else { } else { /* public */
if ((err = der_decode_sequence_multi(in, inlen, if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_BIT_STRING, 1UL, flags,
LTC_ASN1_INTEGER, 1UL, key->g, LTC_ASN1_INTEGER, 1UL, key->g,