DSA private keys are being exported to a compatible with OpenSSL and GnuTLS format.

2011-03-21 08:26:27 +01:00 · 2011-03-21 08:26:27 +01:00 · ed6897d90f
commit ed6897d90f
parent 2895c9d7fe
2 changed files with 22 additions and 18 deletions
--- a/src/pk/dsa/dsa_export.c
+++ b/src/pk/dsa/dsa_export.c
@ -28,6 +28,7 @@
 int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key)
 {
   unsigned char flags[1];
   unsigned long zero=0;
   LTC_ARGCHK(out    != NULL);
   LTC_ARGCHK(outlen != NULL);
@ -44,12 +45,17 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
   flags[0] = (type != PK_PUBLIC) ? 1 : 0;
   /* This encoding is different from the one in original
    * libtomcrypt. It uses a compatible encoding with gnutls
    * and openssl
    */
   if (type == PK_PRIVATE) {
      return der_encode_sequence_multi(out, outlen,
-                                 LTC_ASN1_BIT_STRING,   1UL, flags,
+                                 LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
                                 LTC_ASN1_INTEGER,      1UL, key->g,
                                 LTC_ASN1_INTEGER,      1UL, key->p,
                                 LTC_ASN1_INTEGER,      1UL, key->q,
                                 LTC_ASN1_INTEGER,      1UL, key->g,
                                 LTC_ASN1_INTEGER,      1UL, key->y,
                                 LTC_ASN1_INTEGER,      1UL, key->x,
                                 LTC_ASN1_EOL,          0UL, NULL);
--- a/src/pk/dsa/dsa_import.c
+++ b/src/pk/dsa/dsa_import.c
@ -28,6 +28,7 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
   unsigned char flags[1];
   int           err;
   unsigned long zero = 0;
   LTC_ARGCHK(in  != NULL);
   LTC_ARGCHK(key != NULL);
@ -42,22 +43,19 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
   if ((err = der_decode_sequence_multi(in, inlen,
                                  LTC_ASN1_BIT_STRING, 1UL, flags,
                                  LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
-      goto error;
+       /* private key */
-   }
+       if ((err = der_decode_sequence_multi(in, inlen,
-
+                          LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
-   if (flags[0] == 1) {
+                          LTC_ASN1_INTEGER,      1UL, key->p,
-      if ((err = der_decode_sequence_multi(in, inlen,
+                          LTC_ASN1_INTEGER,      1UL, key->q,
-                                 LTC_ASN1_BIT_STRING,   1UL, flags,
+                          LTC_ASN1_INTEGER,      1UL, key->g,
-                                 LTC_ASN1_INTEGER,      1UL, key->g,
+                          LTC_ASN1_INTEGER,      1UL, key->y,
-                                 LTC_ASN1_INTEGER,      1UL, key->p,
+                          LTC_ASN1_INTEGER,      1UL, key->x,
-                                 LTC_ASN1_INTEGER,      1UL, key->q,
+                          LTC_ASN1_EOL,          0UL, NULL)) != CRYPT_OK) {
-                                 LTC_ASN1_INTEGER,      1UL, key->y,
+          goto error;
-                                 LTC_ASN1_INTEGER,      1UL, key->x,
+       }
-                                 LTC_ASN1_EOL,          0UL, NULL)) != CRYPT_OK) {
+       key->type = PK_PRIVATE;
-         goto error;
+   } else { /* public */
      }
      key->type = PK_PRIVATE;
   } else {
      if ((err = der_decode_sequence_multi(in, inlen,
                                 LTC_ASN1_BIT_STRING,   1UL, flags,
                                 LTC_ASN1_INTEGER,      1UL, key->g,