search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
documented updates
[gnutls.git] / lib / gnutls_pubkey.c
blobc492445e9477f251cf8e90005ef9ed73e1379bf3
1 /*
2 * GnuTLS public key support
3 * Copyright (C) 2010-2012 Free Software Foundation, Inc.
4 *
5 * Author: Nikos Mavrogiannopoulos
6 *
7 * The GnuTLS is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public License
9 * as published by the Free Software Foundation; either version 3 of
10 * the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>
19 */
20
21 #include <gnutls_int.h>
22 #include <gnutls/pkcs11.h>
23 #include <stdio.h>
24 #include <string.h>
25 #include <gnutls_errors.h>
26 #include <gnutls_datum.h>
27 #include <pkcs11_int.h>
28 #include <gnutls/abstract.h>
29 #include <gnutls_sig.h>
30 #include <gnutls_pk.h>
31 #include <x509_int.h>
32 #include <openpgp/openpgp_int.h>
33 #include <gnutls_num.h>
34 #include <x509/common.h>
35 #include <x509_b64.h>
36 #include <abstract_int.h>
37 #include <gnutls_ecc.h>
38
39 #define PK_PEM_HEADER "PUBLIC KEY"
40
41 #define OPENPGP_KEY_PRIMARY 2
42 #define OPENPGP_KEY_SUBKEY 1
43
44
45 int pubkey_to_bits(gnutls_pk_algorithm_t pk, gnutls_pk_params_st* params)
46 {
47 switch(pk)
48 {
49 case GNUTLS_PK_RSA:
50 return _gnutls_mpi_get_nbits(params->params[0]);
51 case GNUTLS_PK_DSA:
52 return _gnutls_mpi_get_nbits(params->params[3]);
53 case GNUTLS_PK_EC:
54 return gnutls_ecc_curve_get_size(params->flags)*8;
55 default:
56 return 0;
57 }
58 }
59
60 /**
61 * gnutls_pubkey_get_pk_algorithm:
62 * @key: should contain a #gnutls_pubkey_t structure
63 * @bits: If set will return the number of bits of the parameters (may be NULL)
64 *
65 * This function will return the public key algorithm of a public
66 * key and if possible will return a number of bits that indicates
67 * the security parameter of the key.
68 *
69 * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
70 * success, or a negative error code on error.
71 *
72 * Since: 2.12.0
73 **/
74 int
75 gnutls_pubkey_get_pk_algorithm (gnutls_pubkey_t key, unsigned int *bits)
76 {
77 if (bits)
78 *bits = key->bits;
79
80 return key->pk_algorithm;
81 }
82
83 /**
84 * gnutls_pubkey_get_key_usage:
85 * @key: should contain a #gnutls_pubkey_t structure
86 * @usage: If set will return the number of bits of the parameters (may be NULL)
87 *
88 * This function will return the key usage of the public key.
89 *
90 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
91 * negative error value.
92 *
93 * Since: 2.12.0
94 **/
95 int
96 gnutls_pubkey_get_key_usage (gnutls_pubkey_t key, unsigned int *usage)
97 {
98 if (usage)
99 *usage = key->key_usage;
100
101 return 0;
102 }
103
104 /**
105 * gnutls_pubkey_init:
106 * @key: The structure to be initialized
107 *
108 * This function will initialize an public key structure.
109 *
110 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
111 * negative error value.
112 *
113 * Since: 2.12.0
114 **/
115 int
116 gnutls_pubkey_init (gnutls_pubkey_t * key)
117 {
118 *key = gnutls_calloc (1, sizeof (struct gnutls_pubkey_st));
119 if (*key == NULL)
120 {
121 gnutls_assert ();
122 return GNUTLS_E_MEMORY_ERROR;
123 }
124
125 return 0;
126 }
127
128 /**
129 * gnutls_pubkey_deinit:
130 * @key: The structure to be deinitialized
131 *
132 * This function will deinitialize a public key structure.
133 *
134 * Since: 2.12.0
135 **/
136 void
137 gnutls_pubkey_deinit (gnutls_pubkey_t key)
138 {
139 if (!key)
140 return;
141 gnutls_pk_params_release (&key->params);
142 gnutls_free (key);
143 }
144
145 /**
146 * gnutls_pubkey_import_x509:
147 * @key: The public key
148 * @crt: The certificate to be imported
149 * @flags: should be zero
150 *
151 * This function will import the given public key to the abstract
152 * #gnutls_pubkey_t structure.
153 *
154 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
155 * negative error value.
156 *
157 * Since: 2.12.0
158 **/
159 int
160 gnutls_pubkey_import_x509 (gnutls_pubkey_t key, gnutls_x509_crt_t crt,
161 unsigned int flags)
162 {
163 int ret;
164
165 key->pk_algorithm = gnutls_x509_crt_get_pk_algorithm (crt, &key->bits);
166
167 ret = gnutls_x509_crt_get_key_usage (crt, &key->key_usage, NULL);
168 if (ret < 0)
169 key->key_usage = 0;
170
171 ret = _gnutls_x509_crt_get_mpis (crt, &key->params);
172 if (ret < 0)
173 {
174 gnutls_assert ();
175 return ret;
176 }
177
178 return 0;
179 }
180
181 /**
182 * gnutls_pubkey_import_privkey:
183 * @key: The public key
184 * @pkey: The private key
185 * @usage: GNUTLS_KEY_* key usage flags.
186 * @flags: should be zero
187 *
188 * Imports the public key from a private. This function will import
189 * the given public key to the abstract #gnutls_pubkey_t structure.
190 *
191 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
192 * negative error value.
193 *
194 * Since: 2.12.0
195 **/
196 int
197 gnutls_pubkey_import_privkey (gnutls_pubkey_t key, gnutls_privkey_t pkey,
198 unsigned int usage, unsigned int flags)
199 {
200 key->pk_algorithm = gnutls_privkey_get_pk_algorithm (pkey, &key->bits);
201
202 key->key_usage = usage;
203
204 return _gnutls_privkey_get_public_mpis (pkey, &key->params);
205 }
206
207 /**
208 * gnutls_pubkey_get_preferred_hash_algorithm:
209 * @key: Holds the certificate
210 * @hash: The result of the call with the hash algorithm used for signature
211 * @mand: If non zero it means that the algorithm MUST use this hash. May be NULL.
212 *
213 * This function will read the certifcate and return the appropriate digest
214 * algorithm to use for signing with this certificate. Some certificates (i.e.
215 * DSA might not be able to sign without the preferred algorithm).
216 *
217 * Returns: the 0 if the hash algorithm is found. A negative error code is
218 * returned on error.
219 *
220 * Since: 2.12.0
221 **/
222 int
223 gnutls_pubkey_get_preferred_hash_algorithm (gnutls_pubkey_t key,
224 gnutls_digest_algorithm_t *
225 hash, unsigned int *mand)
226 {
227 int ret;
228
229 if (key == NULL)
230 {
231 gnutls_assert ();
232 return GNUTLS_E_INVALID_REQUEST;
233 }
234
235 ret = _gnutls_pk_get_hash_algorithm (key->pk_algorithm,
236 &key->params,
237 hash, mand);
238
239 return ret;
240 }
241
242 #ifdef ENABLE_PKCS11
243
244 /**
245 * gnutls_pubkey_import_pkcs11:
246 * @key: The public key
247 * @obj: The parameters to be imported
248 * @flags: should be zero
249 *
250 * Imports a public key from a pkcs11 key. This function will import
251 * the given public key to the abstract #gnutls_pubkey_t structure.
252 *
253 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
254 * negative error value.
255 *
256 * Since: 2.12.0
257 **/
258 int
259 gnutls_pubkey_import_pkcs11 (gnutls_pubkey_t key,
260 gnutls_pkcs11_obj_t obj, unsigned int flags)
261 {
262 int ret, type;
263
264 type = gnutls_pkcs11_obj_get_type (obj);
265 if (type != GNUTLS_PKCS11_OBJ_PUBKEY && type != GNUTLS_PKCS11_OBJ_X509_CRT)
266 {
267 gnutls_assert ();
268 return GNUTLS_E_INVALID_REQUEST;
269 }
270
271 if (type == GNUTLS_PKCS11_OBJ_X509_CRT)
272 {
273 gnutls_x509_crt_t xcrt;
274
275 ret = gnutls_x509_crt_init (&xcrt);
276 if (ret < 0)
277 {
278 gnutls_assert()
279 return ret;
280 }
281
282 ret = gnutls_x509_crt_import_pkcs11 (xcrt, obj);
283 if (ret < 0)
284 {
285 gnutls_assert();
286 goto cleanup_crt;
287 }
288
289 ret = gnutls_pubkey_import_x509 (key, xcrt, 0);
290 if (ret < 0)
291 {
292 gnutls_assert();
293 goto cleanup_crt;
294 }
295
296 gnutls_x509_crt_get_key_usage(xcrt, &key->key_usage, NULL);
297
298 ret = 0;
299 cleanup_crt:
300 gnutls_x509_crt_deinit(xcrt);
301 return ret;
302 }
303
304 key->key_usage = obj->key_usage;
305
306 switch (obj->pk_algorithm)
307 {
308 case GNUTLS_PK_RSA:
309 ret = gnutls_pubkey_import_rsa_raw (key, &obj->pubkey[0],
310 &obj->pubkey[1]);
311 break;
312 case GNUTLS_PK_DSA:
313 ret = gnutls_pubkey_import_dsa_raw (key, &obj->pubkey[0],
314 &obj->pubkey[1],
315 &obj->pubkey[2], &obj->pubkey[3]);
316 break;
317 case GNUTLS_PK_EC:
318 ret = gnutls_pubkey_import_ecc_x962 (key, &obj->pubkey[0],
319 &obj->pubkey[1]);
320 break;
321 default:
322 gnutls_assert ();
323 return GNUTLS_E_UNIMPLEMENTED_FEATURE;
324 }
325
326 if (ret < 0)
327 {
328 gnutls_assert ();
329 return ret;
330 }
331
332 return 0;
333 }
334
335 #endif /* ENABLE_PKCS11 */
336
337 #ifdef ENABLE_OPENPGP
338
339 /**
340 * gnutls_pubkey_import_openpgp:
341 * @key: The public key
342 * @crt: The certificate to be imported
343 * @flags: should be zero
344 *
345 * Imports a public key from an openpgp key. This function will import
346 * the given public key to the abstract #gnutls_pubkey_t
347 * structure. The subkey set as preferred will be imported or the
348 * master key otherwise.
349 *
350 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
351 * negative error value.
352 *
353 * Since: 2.12.0
354 **/
355 int
356 gnutls_pubkey_import_openpgp (gnutls_pubkey_t key,
357 gnutls_openpgp_crt_t crt,
358 unsigned int flags)
359 {
360 int ret, idx;
361 uint32_t kid32[2];
362 uint32_t *k;
363 uint8_t keyid[GNUTLS_OPENPGP_KEYID_SIZE];
364
365 ret = gnutls_openpgp_crt_get_preferred_key_id (crt, keyid);
366 if (ret == GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR)
367 {
368 key->pk_algorithm = gnutls_openpgp_crt_get_pk_algorithm (crt, &key->bits);
369 key->openpgp_key_id_set = OPENPGP_KEY_PRIMARY;
370
371 ret = gnutls_openpgp_crt_get_key_id(crt, key->openpgp_key_id);
372 if (ret < 0)
373 return gnutls_assert_val(ret);
374
375 ret = gnutls_openpgp_crt_get_key_usage (crt, &key->key_usage);
376 if (ret < 0)
377 key->key_usage = 0;
378
379 k = NULL;
380 }
381 else
382 {
383 if (ret < 0)
384 {
385 gnutls_assert ();
386 return ret;
387 }
388 key->openpgp_key_id_set = OPENPGP_KEY_SUBKEY;
389
390 KEYID_IMPORT (kid32, keyid);
391 k = kid32;
392
393 idx = gnutls_openpgp_crt_get_subkey_idx (crt, keyid);
394
395 ret = gnutls_openpgp_crt_get_subkey_id(crt, idx, key->openpgp_key_id);
396 if (ret < 0)
397 return gnutls_assert_val(ret);
398
399 ret = gnutls_openpgp_crt_get_subkey_usage (crt, idx, &key->key_usage);
400 if (ret < 0)
401 key->key_usage = 0;
402
403 key->pk_algorithm = gnutls_openpgp_crt_get_subkey_pk_algorithm (crt, idx, NULL);
404 }
405
406 ret =
407 _gnutls_openpgp_crt_get_mpis (crt, k, &key->params);
408 if (ret < 0)
409 return gnutls_assert_val(ret);
410
411 return 0;
412 }
413
414 /**
415 * gnutls_pubkey_get_openpgp_key_id:
416 * @key: Holds the public key
417 * @flags: should be 0 for now
418 * @output_data: will contain the key ID
419 * @output_data_size: holds the size of output_data (and will be
420 * replaced by the actual size of parameters)
421 * @subkey: Will be non zero if the key ID corresponds to a subkey
422 *
423 * This function will return a unique ID the depends on the public
424 * key parameters. This ID can be used in checking whether a
425 * certificate corresponds to the given public key.
426 *
427 * If the buffer provided is not long enough to hold the output, then
428 * *output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will
429 * be returned. The output will normally be a SHA-1 hash output,
430 * which is 20 bytes.
431 *
432 * Returns: In case of failure a negative error code will be
433 * returned, and 0 on success.
434 *
435 * Since: 3.0
436 **/
437 int
438 gnutls_pubkey_get_openpgp_key_id (gnutls_pubkey_t key, unsigned int flags,
439 unsigned char *output_data,
440 size_t * output_data_size,
441 unsigned int *subkey)
442 {
443 if (key == NULL)
444 {
445 gnutls_assert ();
446 return GNUTLS_E_INVALID_REQUEST;
447 }
448
449 if (*output_data_size < sizeof(key->openpgp_key_id))
450 {
451 *output_data_size = sizeof(key->openpgp_key_id);
452 return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
453 }
454
455 if (key->openpgp_key_id_set == 0)
456 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
457
458 if (key->openpgp_key_id_set == OPENPGP_KEY_SUBKEY)
459 if (subkey) *subkey = 1;
460
461 if (output_data)
462 {
463 memcpy(output_data, key->openpgp_key_id, sizeof(key->openpgp_key_id));
464 }
465 *output_data_size = sizeof(key->openpgp_key_id);
466
467 return 0;
468 }
469
470 /**
471 * gnutls_pubkey_import_openpgp_raw:
472 * @pkey: The public key
473 * @data: The public key data to be imported
474 * @format: The format of the public key
475 * @keyid: The key id to use (optional)
476 * @flags: Should be zero
477 *
478 * This function will import the given public key to the abstract
479 * #gnutls_pubkey_t structure.
480 *
481 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
482 * negative error value.
483 *
484 * Since: 3.1.3
485 **/
486 int gnutls_pubkey_import_openpgp_raw (gnutls_pubkey_t pkey,
487 const gnutls_datum_t * data,
488 gnutls_openpgp_crt_fmt_t format,
489 const gnutls_openpgp_keyid_t keyid,
490 unsigned int flags)
491 {
492 gnutls_openpgp_crt_t xpriv;
493 int ret;
494
495 ret = gnutls_openpgp_crt_init(&xpriv);
496 if (ret < 0)
497 return gnutls_assert_val(ret);
498
499 ret = gnutls_openpgp_crt_import(xpriv, data, format);
500 if (ret < 0)
501 {
502 gnutls_assert();
503 goto cleanup;
504 }
505
506 if(keyid)
507 {
508 ret = gnutls_openpgp_crt_set_preferred_key_id(xpriv, keyid);
509 if (ret < 0)
510 {
511 gnutls_assert();
512 goto cleanup;
513 }
514 }
515
516 ret = gnutls_pubkey_import_openpgp(pkey, xpriv, flags);
517 if (ret < 0)
518 {
519 gnutls_assert();
520 goto cleanup;
521 }
522
523 ret = 0;
524
525 cleanup:
526 gnutls_openpgp_crt_deinit(xpriv);
527
528 return ret;
529 }
530
531 #endif
532
533 /**
534 * gnutls_pubkey_export:
535 * @key: Holds the certificate
536 * @format: the format of output params. One of PEM or DER.
537 * @output_data: will contain a certificate PEM or DER encoded
538 * @output_data_size: holds the size of output_data (and will be
539 * replaced by the actual size of parameters)
540 *
541 * This function will export the public key to DER or PEM format.
542 * The contents of the exported data is the SubjectPublicKeyInfo
543 * X.509 structure.
544 *
545 * If the buffer provided is not long enough to hold the output, then
546 * *output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will
547 * be returned.
548 *
549 * If the structure is PEM encoded, it will have a header
550 * of "BEGIN CERTIFICATE".
551 *
552 * Returns: In case of failure a negative error code will be
553 * returned, and 0 on success.
554 *
555 * Since: 2.12.0
556 **/
557 int
558 gnutls_pubkey_export (gnutls_pubkey_t key,
559 gnutls_x509_crt_fmt_t format, void *output_data,
560 size_t * output_data_size)
561 {
562 int result;
563 ASN1_TYPE spk = ASN1_TYPE_EMPTY;
564
565 if (key == NULL)
566 {
567 gnutls_assert ();
568 return GNUTLS_E_INVALID_REQUEST;
569 }
570
571 if ((result = asn1_create_element
572 (_gnutls_get_pkix (), "PKIX1.SubjectPublicKeyInfo", &spk))
573 != ASN1_SUCCESS)
574 {
575 gnutls_assert ();
576 return _gnutls_asn2err (result);
577 }
578
579 result =
580 _gnutls_x509_encode_and_copy_PKI_params (spk, "",
581 key->pk_algorithm,
582 &key->params);
583 if (result < 0)
584 {
585 gnutls_assert ();
586 goto cleanup;
587 }
588
589 result = _gnutls_x509_export_int_named (spk, "",
590 format, PK_PEM_HEADER,
591 output_data, output_data_size);
592 if (result < 0)
593 {
594 gnutls_assert ();
595 goto cleanup;
596 }
597
598 result = 0;
599
600 cleanup:
601 asn1_delete_structure (&spk);
602
603 return result;
604 }
605
606 /**
607 * gnutls_pubkey_export2:
608 * @key: Holds the certificate
609 * @format: the format of output params. One of PEM or DER.
610 * @out: will contain a certificate PEM or DER encoded
611 *
612 * This function will export the public key to DER or PEM format.
613 * The contents of the exported data is the SubjectPublicKeyInfo
614 * X.509 structure.
615 *
616 * The output buffer will be allocated using gnutls_malloc().
617 *
618 * If the structure is PEM encoded, it will have a header
619 * of "BEGIN CERTIFICATE".
620 *
621 * Returns: In case of failure a negative error code will be
622 * returned, and 0 on success.
623 *
624 * Since: 3.1.3
625 **/
626 int
627 gnutls_pubkey_export2 (gnutls_pubkey_t key,
628 gnutls_x509_crt_fmt_t format,
629 gnutls_datum_t * out)
630 {
631 int result;
632 ASN1_TYPE spk = ASN1_TYPE_EMPTY;
633
634 if (key == NULL)
635 {
636 gnutls_assert ();
637 return GNUTLS_E_INVALID_REQUEST;
638 }
639
640 if ((result = asn1_create_element
641 (_gnutls_get_pkix (), "PKIX1.SubjectPublicKeyInfo", &spk))
642 != ASN1_SUCCESS)
643 {
644 gnutls_assert ();
645 return _gnutls_asn2err (result);
646 }
647
648 result =
649 _gnutls_x509_encode_and_copy_PKI_params (spk, "",
650 key->pk_algorithm,
651 &key->params);
652 if (result < 0)
653 {
654 gnutls_assert ();
655 goto cleanup;
656 }
657
658 result = _gnutls_x509_export_int_named2 (spk, "",
659 format, PK_PEM_HEADER, out);
660 if (result < 0)
661 {
662 gnutls_assert ();
663 goto cleanup;
664 }
665
666 result = 0;
667
668 cleanup:
669 asn1_delete_structure (&spk);
670
671 return result;
672 }
673
674 /**
675 * gnutls_pubkey_get_key_id:
676 * @key: Holds the public key
677 * @flags: should be 0 for now
678 * @output_data: will contain the key ID
679 * @output_data_size: holds the size of output_data (and will be
680 * replaced by the actual size of parameters)
681 *
682 * This function will return a unique ID the depends on the public
683 * key parameters. This ID can be used in checking whether a
684 * certificate corresponds to the given public key.
685 *
686 * If the buffer provided is not long enough to hold the output, then
687 * *output_data_size is updated and %GNUTLS_E_SHORT_MEMORY_BUFFER will
688 * be returned. The output will normally be a SHA-1 hash output,
689 * which is 20 bytes.
690 *
691 * Returns: In case of failure a negative error code will be
692 * returned, and 0 on success.
693 *
694 * Since: 2.12.0
695 **/
696 int
697 gnutls_pubkey_get_key_id (gnutls_pubkey_t key, unsigned int flags,
698 unsigned char *output_data,
699 size_t * output_data_size)
700 {
701 int ret = 0;
702
703 if (key == NULL)
704 {
705 gnutls_assert ();
706 return GNUTLS_E_INVALID_REQUEST;
707 }
708
709 ret =
710 _gnutls_get_key_id (key->pk_algorithm, &key->params,
711 output_data, output_data_size);
712 if (ret < 0)
713 {
714 gnutls_assert ();
715 return ret;
716 }
717
718 return 0;
719 }
720
721 /**
722 * gnutls_pubkey_get_pk_rsa_raw:
723 * @key: Holds the certificate
724 * @m: will hold the modulus
725 * @e: will hold the public exponent
726 *
727 * This function will export the RSA public key's parameters found in
728 * the given structure. The new parameters will be allocated using
729 * gnutls_malloc() and will be stored in the appropriate datum.
730 *
731 * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
732 *
733 * Since: 2.12.0
734 **/
735 int
736 gnutls_pubkey_get_pk_rsa_raw (gnutls_pubkey_t key,
737 gnutls_datum_t * m, gnutls_datum_t * e)
738 {
739 int ret;
740
741 if (key == NULL)
742 {
743 gnutls_assert ();
744 return GNUTLS_E_INVALID_REQUEST;
745 }
746
747 if (key->pk_algorithm != GNUTLS_PK_RSA)
748 {
749 gnutls_assert ();
750 return GNUTLS_E_INVALID_REQUEST;
751 }
752
753 ret = _gnutls_mpi_dprint_lz (key->params.params[0], m);
754 if (ret < 0)
755 {
756 gnutls_assert ();
757 return ret;
758 }
759
760 ret = _gnutls_mpi_dprint_lz (key->params.params[1], e);
761 if (ret < 0)
762 {
763 gnutls_assert ();
764 _gnutls_free_datum (m);
765 return ret;
766 }
767
768 return 0;
769 }
770
771 /**
772 * gnutls_pubkey_get_pk_dsa_raw:
773 * @key: Holds the public key
774 * @p: will hold the p
775 * @q: will hold the q
776 * @g: will hold the g
777 * @y: will hold the y
778 *
779 * This function will export the DSA public key's parameters found in
780 * the given certificate. The new parameters will be allocated using
781 * gnutls_malloc() and will be stored in the appropriate datum.
782 *
783 * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
784 *
785 * Since: 2.12.0
786 **/
787 int
788 gnutls_pubkey_get_pk_dsa_raw (gnutls_pubkey_t key,
789 gnutls_datum_t * p, gnutls_datum_t * q,
790 gnutls_datum_t * g, gnutls_datum_t * y)
791 {
792 int ret;
793
794 if (key == NULL)
795 {
796 gnutls_assert ();
797 return GNUTLS_E_INVALID_REQUEST;
798 }
799
800 if (key->pk_algorithm != GNUTLS_PK_DSA)
801 {
802 gnutls_assert ();
803 return GNUTLS_E_INVALID_REQUEST;
804 }
805
806 /* P */
807 ret = _gnutls_mpi_dprint_lz (key->params.params[0], p);
808 if (ret < 0)
809 {
810 gnutls_assert ();
811 return ret;
812 }
813
814 /* Q */
815 ret = _gnutls_mpi_dprint_lz (key->params.params[1], q);
816 if (ret < 0)
817 {
818 gnutls_assert ();
819 _gnutls_free_datum (p);
820 return ret;
821 }
822
823
824 /* G */
825 ret = _gnutls_mpi_dprint_lz (key->params.params[2], g);
826 if (ret < 0)
827 {
828 gnutls_assert ();
829 _gnutls_free_datum (p);
830 _gnutls_free_datum (q);
831 return ret;
832 }
833
834
835 /* Y */
836 ret = _gnutls_mpi_dprint_lz (key->params.params[3], y);
837 if (ret < 0)
838 {
839 gnutls_assert ();
840 _gnutls_free_datum (p);
841 _gnutls_free_datum (g);
842 _gnutls_free_datum (q);
843 return ret;
844 }
845
846 return 0;
847 }
848
849 /**
850 * gnutls_pubkey_get_pk_ecc_raw:
851 * @key: Holds the public key
852 * @curve: will hold the curve
853 * @x: will hold x
854 * @y: will hold y
855 *
856 * This function will export the ECC public key's parameters found in
857 * the given certificate. The new parameters will be allocated using
858 * gnutls_malloc() and will be stored in the appropriate datum.
859 *
860 * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
861 *
862 * Since: 3.0
863 **/
864 int
865 gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t *curve,
866 gnutls_datum_t * x, gnutls_datum_t * y)
867 {
868 int ret;
869
870 if (key == NULL)
871 {
872 gnutls_assert ();
873 return GNUTLS_E_INVALID_REQUEST;
874 }
875
876 if (key->pk_algorithm != GNUTLS_PK_EC)
877 {
878 gnutls_assert ();
879 return GNUTLS_E_INVALID_REQUEST;
880 }
881
882 *curve = key->params.flags;
883
884 /* X */
885 ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_X], x);
886 if (ret < 0)
887 {
888 gnutls_assert ();
889 return ret;
890 }
891
892 /* Y */
893 ret = _gnutls_mpi_dprint_lz (key->params.params[ECC_Y], y);
894 if (ret < 0)
895 {
896 gnutls_assert ();
897 _gnutls_free_datum (x);
898 return ret;
899 }
900
901 return 0;
902 }
903
904 /**
905 * gnutls_pubkey_get_pk_ecc_x962:
906 * @key: Holds the public key
907 * @parameters: DER encoding of an ANSI X9.62 parameters
908 * @ecpoint: DER encoding of ANSI X9.62 ECPoint
909 *
910 * This function will export the ECC public key's parameters found in
911 * the given certificate. The new parameters will be allocated using
912 * gnutls_malloc() and will be stored in the appropriate datum.
913 *
914 * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code.
915 *
916 * Since: 3.0
917 **/
918 int gnutls_pubkey_get_pk_ecc_x962 (gnutls_pubkey_t key, gnutls_datum_t* parameters,
919 gnutls_datum_t * ecpoint)
920 {
921 int ret;
922
923 if (key == NULL || key->pk_algorithm != GNUTLS_PK_EC)
924 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
925
926 ret = _gnutls_x509_write_ecc_pubkey(&key->params, ecpoint);
927 if (ret < 0)
928 return gnutls_assert_val(ret);
929
930 ret = _gnutls_x509_write_ecc_params(&key->params, parameters);
931 if (ret < 0)
932 {
933 _gnutls_free_datum(ecpoint);
934 return gnutls_assert_val(ret);
935 }
936
937 return 0;
938 }
939
940 /**
941 * gnutls_pubkey_import:
942 * @key: The structure to store the parsed public key.
943 * @data: The DER or PEM encoded certificate.
944 * @format: One of DER or PEM
945 *
946 * This function will import the provided public key in
947 * a SubjectPublicKeyInfo X.509 structure to a native
948 * %gnutls_pubkey_t structure. The output will be stored
949 * in @key. If the public key is PEM encoded it should have a header
950 * of "PUBLIC KEY".
951 *
952 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
953 * negative error value.
954 *
955 * Since: 2.12.0
956 **/
957 int
958 gnutls_pubkey_import (gnutls_pubkey_t key,
959 const gnutls_datum_t * data,
960 gnutls_x509_crt_fmt_t format)
961 {
962 int result = 0, need_free = 0;
963 gnutls_datum_t _data;
964 ASN1_TYPE spk;
965
966 if (key == NULL)
967 {
968 gnutls_assert ();
969 return GNUTLS_E_INVALID_REQUEST;
970 }
971
972 _data.data = data->data;
973 _data.size = data->size;
974
975 /* If the Certificate is in PEM format then decode it
976 */
977 if (format == GNUTLS_X509_FMT_PEM)
978 {
979 /* Try the first header */
980 result =
981 _gnutls_fbase64_decode (PK_PEM_HEADER, data->data, data->size, &_data);
982
983 if (result < 0)
984 {
985 gnutls_assert ();
986 return result;
987 }
988
989 need_free = 1;
990 }
991
992 if ((result = asn1_create_element
993 (_gnutls_get_pkix (), "PKIX1.SubjectPublicKeyInfo", &spk))
994 != ASN1_SUCCESS)
995 {
996 gnutls_assert ();
997 result = _gnutls_asn2err (result);
998 goto cleanup;
999 }
1000
1001 result = asn1_der_decoding (&spk, _data.data, _data.size, NULL);
1002 if (result != ASN1_SUCCESS)
1003 {
1004 gnutls_assert ();
1005 result = _gnutls_asn2err (result);
1006 goto cleanup;
1007 }
1008
1009 result = _gnutls_get_asn_mpis (spk, "", &key->params);
1010 if (result < 0)
1011 {
1012 gnutls_assert ();
1013 goto cleanup;
1014 }
1015
1016 /* this has already been called by get_asn_mpis() thus it cannot
1017 * fail.
1018 */
1019 key->pk_algorithm = _gnutls_x509_get_pk_algorithm (spk, "", NULL);
1020 key->bits = pubkey_to_bits(key->pk_algorithm, &key->params);
1021
1022 result = 0;
1023
1024 cleanup:
1025 asn1_delete_structure (&spk);
1026
1027 if (need_free)
1028 _gnutls_free_datum (&_data);
1029 return result;
1030 }
1031
1032 /**
1033 * gnutls_x509_crt_set_pubkey:
1034 * @crt: should contain a #gnutls_x509_crt_t structure
1035 * @key: holds a public key
1036 *
1037 * This function will set the public parameters from the given public
1038 * key to the request.
1039 *
1040 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1041 * negative error value.
1042 *
1043 * Since: 2.12.0
1044 **/
1045 int
1046 gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key)
1047 {
1048 int result;
1049
1050 if (crt == NULL)
1051 {
1052 gnutls_assert ();
1053 return GNUTLS_E_INVALID_REQUEST;
1054 }
1055
1056 result = _gnutls_x509_encode_and_copy_PKI_params (crt->cert,
1057 "tbsCertificate.subjectPublicKeyInfo",
1058 key->pk_algorithm,
1059 &key->params);
1060
1061 if (result < 0)
1062 {
1063 gnutls_assert ();
1064 return result;
1065 }
1066
1067 if (key->key_usage)
1068 gnutls_x509_crt_set_key_usage (crt, key->key_usage);
1069
1070 return 0;
1071 }
1072
1073 /**
1074 * gnutls_x509_crq_set_pubkey:
1075 * @crq: should contain a #gnutls_x509_crq_t structure
1076 * @key: holds a public key
1077 *
1078 * This function will set the public parameters from the given public
1079 * key to the request.
1080 *
1081 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1082 * negative error value.
1083 *
1084 * Since: 2.12.0
1085 **/
1086 int
1087 gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key)
1088 {
1089 int result;
1090
1091 if (crq == NULL)
1092 {
1093 gnutls_assert ();
1094 return GNUTLS_E_INVALID_REQUEST;
1095 }
1096
1097 result = _gnutls_x509_encode_and_copy_PKI_params
1098 (crq->crq,
1099 "certificationRequestInfo.subjectPKInfo",
1100 key->pk_algorithm, &key->params);
1101
1102 if (result < 0)
1103 {
1104 gnutls_assert ();
1105 return result;
1106 }
1107
1108 if (key->key_usage)
1109 gnutls_x509_crq_set_key_usage (crq, key->key_usage);
1110
1111 return 0;
1112 }
1113
1114 /**
1115 * gnutls_pubkey_set_key_usage:
1116 * @key: a certificate of type #gnutls_x509_crt_t
1117 * @usage: an ORed sequence of the GNUTLS_KEY_* elements.
1118 *
1119 * This function will set the key usage flags of the public key. This
1120 * is only useful if the key is to be exported to a certificate or
1121 * certificate request.
1122 *
1123 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1124 * negative error value.
1125 *
1126 * Since: 2.12.0
1127 **/
1128 int
1129 gnutls_pubkey_set_key_usage (gnutls_pubkey_t key, unsigned int usage)
1130 {
1131 key->key_usage = usage;
1132
1133 return 0;
1134 }
1135
1136 #ifdef ENABLE_PKCS11
1137
1138 /**
1139 * gnutls_pubkey_import_pkcs11_url:
1140 * @key: A key of type #gnutls_pubkey_t
1141 * @url: A PKCS 11 url
1142 * @flags: One of GNUTLS_PKCS11_OBJ_* flags
1143 *
1144 * This function will import a PKCS 11 certificate to a #gnutls_pubkey_t
1145 * structure.
1146 *
1147 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1148 * negative error value.
1149 *
1150 * Since: 2.12.0
1151 **/
1152 int
1153 gnutls_pubkey_import_pkcs11_url (gnutls_pubkey_t key, const char *url,
1154 unsigned int flags)
1155 {
1156 gnutls_pkcs11_obj_t pcrt;
1157 int ret;
1158
1159 ret = gnutls_pkcs11_obj_init (&pcrt);
1160 if (ret < 0)
1161 {
1162 gnutls_assert ();
1163 return ret;
1164 }
1165
1166 if (key->pin.cb)
1167 gnutls_pkcs11_obj_set_pin_function(pcrt, key->pin.cb, key->pin.data);
1168
1169 ret = gnutls_pkcs11_obj_import_url (pcrt, url, flags);
1170 if (ret < 0)
1171 {
1172 gnutls_assert ();
1173 goto cleanup;
1174 }
1175
1176 ret = gnutls_pubkey_import_pkcs11 (key, pcrt, 0);
1177 if (ret < 0)
1178 {
1179 gnutls_assert ();
1180 goto cleanup;
1181 }
1182
1183 ret = 0;
1184 cleanup:
1185
1186 gnutls_pkcs11_obj_deinit (pcrt);
1187
1188 return ret;
1189 }
1190
1191 #endif /* ENABLE_PKCS11 */
1192
1193 /**
1194 * gnutls_pubkey_import_url:
1195 * @key: A key of type #gnutls_pubkey_t
1196 * @url: A PKCS 11 url
1197 * @flags: One of GNUTLS_PKCS11_OBJ_* flags
1198 *
1199 * This function will import a PKCS11 certificate or a TPM key
1200 * as a public key.
1201 *
1202 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1203 * negative error value.
1204 *
1205 * Since: 3.1.0
1206 **/
1207 int
1208 gnutls_pubkey_import_url (gnutls_pubkey_t key, const char *url,
1209 unsigned int flags)
1210 {
1211 #ifdef ENABLE_PKCS11
1212 if (strstr(url, "pkcs11:") != NULL)
1213 return gnutls_pubkey_import_pkcs11_url(key, url, flags);
1214 #endif
1215 #ifdef HAVE_TROUSERS
1216 if (strstr(url, "tpmkey:") != NULL)
1217 return gnutls_pubkey_import_tpm_url(key, url, NULL, 0);
1218 #endif
1219 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
1220 }
1221
1222 /**
1223 * gnutls_pubkey_import_rsa_raw:
1224 * @key: Is a structure will hold the parameters
1225 * @m: holds the modulus
1226 * @e: holds the public exponent
1227 *
1228 * This function will replace the parameters in the given structure.
1229 * The new parameters should be stored in the appropriate
1230 * gnutls_datum.
1231 *
1232 * Returns: %GNUTLS_E_SUCCESS on success, or an negative error code.
1233 *
1234 * Since: 2.12.0
1235 **/
1236 int
1237 gnutls_pubkey_import_rsa_raw (gnutls_pubkey_t key,
1238 const gnutls_datum_t * m,
1239 const gnutls_datum_t * e)
1240 {
1241 size_t siz = 0;
1242
1243 if (key == NULL)
1244 {
1245 gnutls_assert ();
1246 return GNUTLS_E_INVALID_REQUEST;
1247 }
1248
1249 gnutls_pk_params_init(&key->params);
1250
1251 siz = m->size;
1252 if (_gnutls_mpi_scan_nz (&key->params.params[0], m->data, siz))
1253 {
1254 gnutls_assert ();
1255 return GNUTLS_E_MPI_SCAN_FAILED;
1256 }
1257
1258 siz = e->size;
1259 if (_gnutls_mpi_scan_nz (&key->params.params[1], e->data, siz))
1260 {
1261 gnutls_assert ();
1262 _gnutls_mpi_release (&key->params.params[0]);
1263 return GNUTLS_E_MPI_SCAN_FAILED;
1264 }
1265
1266 key->params.params_nr = RSA_PUBLIC_PARAMS;
1267 key->pk_algorithm = GNUTLS_PK_RSA;
1268 key->bits = pubkey_to_bits(GNUTLS_PK_RSA, &key->params);
1269
1270 return 0;
1271 }
1272
1273 /**
1274 * gnutls_pubkey_import_ecc_raw:
1275 * @key: The structure to store the parsed key
1276 * @curve: holds the curve
1277 * @x: holds the x
1278 * @y: holds the y
1279 *
1280 * This function will convert the given elliptic curve parameters to a
1281 * #gnutls_pubkey_t. The output will be stored in @key.
1282 *
1283 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1284 * negative error value.
1285 *
1286 * Since: 3.0
1287 **/
1288 int
1289 gnutls_pubkey_import_ecc_raw (gnutls_pubkey_t key,
1290 gnutls_ecc_curve_t curve,
1291 const gnutls_datum_t * x,
1292 const gnutls_datum_t * y)
1293 {
1294 int ret;
1295
1296 if (key == NULL)
1297 {
1298 gnutls_assert ();
1299 return GNUTLS_E_INVALID_REQUEST;
1300 }
1301
1302 key->params.flags = curve;
1303
1304 ret = _gnutls_ecc_curve_fill_params(curve, &key->params);
1305 if (ret < 0)
1306 return gnutls_assert_val(ret);
1307
1308 if (_gnutls_mpi_scan_nz (&key->params.params[ECC_X], x->data, x->size))
1309 {
1310 gnutls_assert ();
1311 ret = GNUTLS_E_MPI_SCAN_FAILED;
1312 goto cleanup;
1313 }
1314 key->params.params_nr++;
1315
1316 if (_gnutls_mpi_scan_nz (&key->params.params[ECC_Y], y->data, y->size))
1317 {
1318 gnutls_assert ();
1319 ret = GNUTLS_E_MPI_SCAN_FAILED;
1320 goto cleanup;
1321 }
1322 key->params.params_nr++;
1323 key->pk_algorithm = GNUTLS_PK_EC;
1324
1325 return 0;
1326
1327 cleanup:
1328 gnutls_pk_params_release(&key->params);
1329 return ret;
1330 }
1331
1332 /**
1333 * gnutls_pubkey_import_ecc_x962:
1334 * @key: The structure to store the parsed key
1335 * @parameters: DER encoding of an ANSI X9.62 parameters
1336 * @ecpoint: DER encoding of ANSI X9.62 ECPoint
1337 *
1338 * This function will convert the given elliptic curve parameters to a
1339 * #gnutls_pubkey_t. The output will be stored in @key.
1340 *
1341 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1342 * negative error value.
1343 *
1344 * Since: 3.0
1345 **/
1346 int
1347 gnutls_pubkey_import_ecc_x962 (gnutls_pubkey_t key,
1348 const gnutls_datum_t * parameters,
1349 const gnutls_datum_t * ecpoint)
1350 {
1351 int ret;
1352
1353 if (key == NULL)
1354 {
1355 gnutls_assert ();
1356 return GNUTLS_E_INVALID_REQUEST;
1357 }
1358
1359 key->params.params_nr = 0;
1360
1361 ret = _gnutls_x509_read_ecc_params(parameters->data, parameters->size,
1362 &key->params);
1363 if (ret < 0)
1364 {
1365 gnutls_assert ();
1366 goto cleanup;
1367 }
1368
1369 ret = _gnutls_ecc_ansi_x963_import(ecpoint->data, ecpoint->size,
1370 &key->params.params[ECC_X], &key->params.params[ECC_Y]);
1371 if (ret < 0)
1372 {
1373 gnutls_assert ();
1374 goto cleanup;
1375 }
1376 key->params.params_nr+=2;
1377 key->pk_algorithm = GNUTLS_PK_EC;
1378
1379 return 0;
1380
1381 cleanup:
1382 gnutls_pk_params_release(&key->params);
1383 return ret;
1384 }
1385
1386 /**
1387 * gnutls_pubkey_import_dsa_raw:
1388 * @key: The structure to store the parsed key
1389 * @p: holds the p
1390 * @q: holds the q
1391 * @g: holds the g
1392 * @y: holds the y
1393 *
1394 * This function will convert the given DSA raw parameters to the
1395 * native #gnutls_pubkey_t format. The output will be stored
1396 * in @key.
1397 *
1398 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1399 * negative error value.
1400 *
1401 * Since: 2.12.0
1402 **/
1403 int
1404 gnutls_pubkey_import_dsa_raw (gnutls_pubkey_t key,
1405 const gnutls_datum_t * p,
1406 const gnutls_datum_t * q,
1407 const gnutls_datum_t * g,
1408 const gnutls_datum_t * y)
1409 {
1410 size_t siz = 0;
1411
1412 if (key == NULL)
1413 {
1414 gnutls_assert ();
1415 return GNUTLS_E_INVALID_REQUEST;
1416 }
1417
1418 gnutls_pk_params_init(&key->params);
1419
1420 siz = p->size;
1421 if (_gnutls_mpi_scan_nz (&key->params.params[0], p->data, siz))
1422 {
1423 gnutls_assert ();
1424 return GNUTLS_E_MPI_SCAN_FAILED;
1425 }
1426
1427 siz = q->size;
1428 if (_gnutls_mpi_scan_nz (&key->params.params[1], q->data, siz))
1429 {
1430 gnutls_assert ();
1431 _gnutls_mpi_release (&key->params.params[0]);
1432 return GNUTLS_E_MPI_SCAN_FAILED;
1433 }
1434
1435 siz = g->size;
1436 if (_gnutls_mpi_scan_nz (&key->params.params[2], g->data, siz))
1437 {
1438 gnutls_assert ();
1439 _gnutls_mpi_release (&key->params.params[1]);
1440 _gnutls_mpi_release (&key->params.params[0]);
1441 return GNUTLS_E_MPI_SCAN_FAILED;
1442 }
1443
1444 siz = y->size;
1445 if (_gnutls_mpi_scan_nz (&key->params.params[3], y->data, siz))
1446 {
1447 gnutls_assert ();
1448 _gnutls_mpi_release (&key->params.params[2]);
1449 _gnutls_mpi_release (&key->params.params[1]);
1450 _gnutls_mpi_release (&key->params.params[0]);
1451 return GNUTLS_E_MPI_SCAN_FAILED;
1452 }
1453
1454 key->params.params_nr = DSA_PUBLIC_PARAMS;
1455 key->pk_algorithm = GNUTLS_PK_DSA;
1456 key->bits = pubkey_to_bits(GNUTLS_PK_DSA, &key->params);
1457
1458 return 0;
1459
1460 }
1461
1462 /**
1463 * gnutls_pubkey_verify_data:
1464 * @pubkey: Holds the public key
1465 * @flags: should be 0 for now
1466 * @data: holds the signed data
1467 * @signature: contains the signature
1468 *
1469 * This function will verify the given signed data, using the
1470 * parameters from the certificate.
1471 *
1472 * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED
1473 * is returned, and zero or positive code on success.
1474 *
1475 * Deprecated. Use gnutls_pubkey_verify_data2() instead of this function.
1476 *
1477 * Since: 2.12.0
1478 **/
1479 int
1480 gnutls_pubkey_verify_data (gnutls_pubkey_t pubkey, unsigned int flags,
1481 const gnutls_datum_t * data,
1482 const gnutls_datum_t * signature)
1483 {
1484 int ret;
1485
1486 if (pubkey == NULL)
1487 {
1488 gnutls_assert ();
1489 return GNUTLS_E_INVALID_REQUEST;
1490 }
1491
1492 ret = pubkey_verify_data( pubkey->pk_algorithm, GNUTLS_DIG_UNKNOWN, data, signature,
1493 &pubkey->params);
1494 if (ret < 0)
1495 {
1496 gnutls_assert();
1497 }
1498
1499 return ret;
1500 }
1501
1502 /**
1503 * gnutls_pubkey_verify_data2:
1504 * @pubkey: Holds the public key
1505 * @algo: The signature algorithm used
1506 * @flags: should be 0 for now
1507 * @data: holds the signed data
1508 * @signature: contains the signature
1509 *
1510 * This function will verify the given signed data, using the
1511 * parameters from the certificate.
1512 *
1513 * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED
1514 * is returned, and zero or positive code on success.
1515 *
1516 * Since: 3.0
1517 **/
1518 int
1519 gnutls_pubkey_verify_data2 (gnutls_pubkey_t pubkey,
1520 gnutls_sign_algorithm_t algo,
1521 unsigned int flags,
1522 const gnutls_datum_t * data,
1523 const gnutls_datum_t * signature)
1524 {
1525 int ret;
1526
1527 if (pubkey == NULL)
1528 {
1529 gnutls_assert ();
1530 return GNUTLS_E_INVALID_REQUEST;
1531 }
1532
1533 ret = pubkey_verify_data( pubkey->pk_algorithm, gnutls_sign_get_hash_algorithm(algo),
1534 data, signature, &pubkey->params);
1535 if (ret < 0)
1536 {
1537 gnutls_assert();
1538 }
1539
1540 return ret;
1541 }
1542
1543
1544 /**
1545 * gnutls_pubkey_verify_hash:
1546 * @key: Holds the public key
1547 * @flags: should be 0 for now
1548 * @hash: holds the hash digest to be verified
1549 * @signature: contains the signature
1550 *
1551 * This function will verify the given signed digest, using the
1552 * parameters from the public key.
1553 *
1554 * Deprecated. Use gnutls_pubkey_verify_hash2() instead of this function.
1555 *
1556 * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED
1557 * is returned, and zero or positive code on success.
1558 *
1559 * Since: 2.12.0
1560 **/
1561 int
1562 gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags,
1563 const gnutls_datum_t * hash,
1564 const gnutls_datum_t * signature)
1565 {
1566 gnutls_digest_algorithm_t algo;
1567 int ret;
1568
1569 ret = gnutls_pubkey_get_verify_algorithm (key, signature, &algo);
1570 if (ret < 0)
1571 return gnutls_assert_val(ret);
1572
1573 return gnutls_pubkey_verify_hash2(key, gnutls_pk_to_sign(key->pk_algorithm, algo),
1574 flags, hash, signature);
1575 }
1576
1577 /**
1578 * gnutls_pubkey_verify_hash2:
1579 * @key: Holds the public key
1580 * @algo: The signature algorithm used
1581 * @flags: should be 0 for now
1582 * @hash: holds the hash digest to be verified
1583 * @signature: contains the signature
1584 *
1585 * This function will verify the given signed digest, using the
1586 * parameters from the public key.
1587 *
1588 * Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED
1589 * is returned, and zero or positive code on success.
1590 *
1591 * Since: 3.0
1592 **/
1593 int
1594 gnutls_pubkey_verify_hash2 (gnutls_pubkey_t key,
1595 gnutls_sign_algorithm_t algo,
1596 unsigned int flags,
1597 const gnutls_datum_t * hash,
1598 const gnutls_datum_t * signature)
1599 {
1600 if (key == NULL)
1601 {
1602 gnutls_assert ();
1603 return GNUTLS_E_INVALID_REQUEST;
1604 }
1605
1606 if (flags & GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA)
1607 return _gnutls_pk_verify (GNUTLS_PK_RSA, hash, signature, &key->params);
1608 else
1609 {
1610 return pubkey_verify_hashed_data (key->pk_algorithm, gnutls_sign_get_hash_algorithm(algo),
1611 hash, signature, &key->params);
1612 }
1613 }
1614
1615 /**
1616 * gnutls_pubkey_encrypt_data:
1617 * @key: Holds the public key
1618 * @flags: should be 0 for now
1619 * @plaintext: The data to be encrypted
1620 * @ciphertext: contains the encrypted data
1621 *
1622 * This function will encrypt the given data, using the public
1623 * key.
1624 *
1625 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1626 * negative error value.
1627 *
1628 * Since: 3.0
1629 **/
1630 int
1631 gnutls_pubkey_encrypt_data (gnutls_pubkey_t key, unsigned int flags,
1632 const gnutls_datum_t * plaintext,
1633 gnutls_datum_t * ciphertext)
1634 {
1635 if (key == NULL)
1636 {
1637 gnutls_assert ();
1638 return GNUTLS_E_INVALID_REQUEST;
1639 }
1640
1641 return _gnutls_pk_encrypt (key->pk_algorithm, ciphertext,
1642 plaintext, &key->params);
1643 }
1644
1645 /**
1646 * gnutls_pubkey_get_verify_algorithm:
1647 * @key: Holds the certificate
1648 * @signature: contains the signature
1649 * @hash: The result of the call with the hash algorithm used for signature
1650 *
1651 * This function will read the certifcate and the signed data to
1652 * determine the hash algorithm used to generate the signature.
1653 *
1654 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
1655 * negative error value.
1656 *
1657 * Since: 2.12.0
1658 **/
1659 int
1660 gnutls_pubkey_get_verify_algorithm (gnutls_pubkey_t key,
1661 const gnutls_datum_t * signature,
1662 gnutls_digest_algorithm_t * hash)
1663 {
1664 if (key == NULL)
1665 {
1666 gnutls_assert ();
1667 return GNUTLS_E_INVALID_REQUEST;
1668 }
1669
1670 return _gnutls_x509_verify_algorithm (hash, signature,
1671 key->pk_algorithm,
1672 &key->params);
1673
1674 }
1675
1676 /* Checks whether the public key given is compatible with the
1677 * signature algorithm used. The session is only used for audit logging, and
1678 * it may be null.
1679 */
1680 int _gnutls_pubkey_compatible_with_sig(gnutls_session_t session,
1681 gnutls_pubkey_t pubkey,
1682 gnutls_protocol_t ver,
1683 gnutls_sign_algorithm_t sign)
1684 {
1685 unsigned int hash_size;
1686 unsigned int hash_algo;
1687 unsigned int sig_hash_size;
1688
1689 if (pubkey->pk_algorithm == GNUTLS_PK_DSA)
1690 {
1691 hash_algo = _gnutls_dsa_q_to_hash (pubkey->pk_algorithm, &pubkey->params, &hash_size);
1692
1693 /* DSA keys over 1024 bits cannot be used with TLS 1.x, x<2 */
1694 if (!_gnutls_version_has_selectable_sighash (ver))
1695 {
1696 if (hash_algo != GNUTLS_DIG_SHA1)
1697 return gnutls_assert_val(GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL);
1698 }
1699 else if (sign != GNUTLS_SIGN_UNKNOWN)
1700 {
1701 sig_hash_size = _gnutls_hash_get_algo_len(gnutls_sign_get_hash_algorithm(sign));
1702 if (sig_hash_size < hash_size)
1703 _gnutls_audit_log(session, "The hash size used in signature (%u) is less than the expected (%u)\n", sig_hash_size, hash_size);
1704 }
1705
1706 }
1707 else if (pubkey->pk_algorithm == GNUTLS_PK_EC)
1708 {
1709 if (_gnutls_version_has_selectable_sighash (ver) && sign != GNUTLS_SIGN_UNKNOWN)
1710 {
1711 _gnutls_dsa_q_to_hash (pubkey->pk_algorithm, &pubkey->params, &hash_size);
1712 sig_hash_size = _gnutls_hash_get_algo_len(gnutls_sign_get_hash_algorithm(sign));
1713
1714 if (sig_hash_size < hash_size)
1715 _gnutls_audit_log(session, "The hash size used in signature (%u) is less than the expected (%u)\n", sig_hash_size, hash_size);
1716 }
1717
1718 }
1719
1720 return 0;
1721 }
1722
1723 /* Returns zero if the public key has more than 512 bits */
1724 int _gnutls_pubkey_is_over_rsa_512(gnutls_pubkey_t pubkey)
1725 {
1726 if (pubkey->pk_algorithm == GNUTLS_PK_RSA && _gnutls_mpi_get_nbits (pubkey->params.params[0]) > 512)
1727 return 0;
1728 else
1729 return GNUTLS_E_INVALID_REQUEST; /* doesn't matter */
1730
1731 }
1732
1733 /* Returns the public key.
1734 */
1735 int
1736 _gnutls_pubkey_get_mpis (gnutls_pubkey_t key,
1737 gnutls_pk_params_st * params)
1738 {
1739 return _gnutls_pk_params_copy(params, &key->params);
1740 }
1741
1742 /* if hash==MD5 then we do RSA-MD5
1743 * if hash==SHA then we do RSA-SHA
1744 * params[0] is modulus
1745 * params[1] is public key
1746 */
1747 static int
1748 _pkcs1_rsa_verify_sig (gnutls_digest_algorithm_t hash,
1749 const gnutls_datum_t * text,
1750 const gnutls_datum_t * prehash,
1751 const gnutls_datum_t * signature,
1752 gnutls_pk_params_st * params)
1753 {
1754 int ret;
1755 uint8_t md[MAX_HASH_SIZE], *cmp;
1756 unsigned int digest_size;
1757 gnutls_datum_t d, di;
1758 digest_hd_st hd;
1759
1760 digest_size = _gnutls_hash_get_algo_len (hash);
1761 if (prehash)
1762 {
1763 if (prehash->data == NULL || prehash->size != digest_size)
1764 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
1765
1766 cmp = prehash->data;
1767 }
1768 else
1769 {
1770 if (!text)
1771 {
1772 gnutls_assert ();
1773 return GNUTLS_E_INVALID_REQUEST;
1774 }
1775
1776 ret = _gnutls_hash_init (&hd, hash);
1777 if (ret < 0)
1778 {
1779 gnutls_assert ();
1780 return ret;
1781 }
1782
1783 _gnutls_hash (&hd, text->data, text->size);
1784 _gnutls_hash_deinit (&hd, md);
1785
1786 cmp = md;
1787 }
1788
1789 d.data = cmp;
1790 d.size = digest_size;
1791
1792 /* decrypted is a BER encoded data of type DigestInfo
1793 */
1794
1795 ret = encode_ber_digest_info (hash, &d, &di);
1796 if (ret < 0)
1797 return gnutls_assert_val(ret);
1798
1799 ret = _gnutls_pk_verify (GNUTLS_PK_RSA, &di, signature, params);
1800
1801 _gnutls_free_datum (&di);
1802
1803 return ret;
1804 }
1805
1806 /* Hashes input data and verifies a signature.
1807 */
1808 static int
1809 dsa_verify_hashed_data (gnutls_pk_algorithm_t pk,
1810 gnutls_digest_algorithm_t algo,
1811 const gnutls_datum_t * hash,
1812 const gnutls_datum_t * signature,
1813 gnutls_pk_params_st* params)
1814 {
1815 gnutls_datum_t digest;
1816 unsigned int hash_len;
1817
1818 if (algo == GNUTLS_DIG_UNKNOWN)
1819 algo = _gnutls_dsa_q_to_hash (pk, params, &hash_len);
1820 else hash_len = _gnutls_hash_get_algo_len(algo);
1821
1822 /* SHA1 or better allowed */
1823 if (!hash->data || hash->size < hash_len)
1824 {
1825 gnutls_assert();
1826 _gnutls_debug_log("Hash size (%d) does not correspond to hash %s(%d) or better.\n", (int)hash->size, gnutls_mac_get_name(algo), hash_len);
1827
1828 if (hash->size != 20) /* SHA1 is allowed */
1829 return gnutls_assert_val(GNUTLS_E_PK_SIG_VERIFY_FAILED);
1830 }
1831
1832 digest.data = hash->data;
1833 digest.size = hash->size;
1834
1835 return _gnutls_pk_verify (pk, &digest, signature, params);
1836 }
1837
1838 static int
1839 dsa_verify_data (gnutls_pk_algorithm_t pk,
1840 gnutls_digest_algorithm_t algo,
1841 const gnutls_datum_t * data,
1842 const gnutls_datum_t * signature,
1843 gnutls_pk_params_st* params)
1844 {
1845 int ret;
1846 uint8_t _digest[MAX_HASH_SIZE];
1847 gnutls_datum_t digest;
1848 digest_hd_st hd;
1849
1850 if (algo == GNUTLS_DIG_UNKNOWN)
1851 algo = _gnutls_dsa_q_to_hash (pk, params, NULL);
1852
1853 ret = _gnutls_hash_init (&hd, algo);
1854 if (ret < 0)
1855 return gnutls_assert_val(ret);
1856
1857 _gnutls_hash (&hd, data->data, data->size);
1858 _gnutls_hash_deinit (&hd, _digest);
1859
1860 digest.data = _digest;
1861 digest.size = _gnutls_hash_get_algo_len(algo);
1862
1863 return _gnutls_pk_verify (pk, &digest, signature, params);
1864 }
1865
1866 /* Verifies the signature data, and returns GNUTLS_E_PK_SIG_VERIFY_FAILED if
1867 * not verified, or 1 otherwise.
1868 */
1869 int
1870 pubkey_verify_hashed_data (gnutls_pk_algorithm_t pk,
1871 gnutls_digest_algorithm_t hash_algo,
1872 const gnutls_datum_t * hash,
1873 const gnutls_datum_t * signature,
1874 gnutls_pk_params_st * issuer_params)
1875 {
1876
1877 switch (pk)
1878 {
1879 case GNUTLS_PK_RSA:
1880
1881 if (_pkcs1_rsa_verify_sig
1882 (hash_algo, NULL, hash, signature, issuer_params) != 0)
1883 {
1884 gnutls_assert ();
1885 return GNUTLS_E_PK_SIG_VERIFY_FAILED;
1886 }
1887
1888 return 1;
1889 break;
1890
1891 case GNUTLS_PK_EC:
1892 case GNUTLS_PK_DSA:
1893 if (dsa_verify_hashed_data(pk, hash_algo, hash, signature, issuer_params) != 0)
1894 {
1895 gnutls_assert ();
1896 return GNUTLS_E_PK_SIG_VERIFY_FAILED;
1897 }
1898
1899 return 1;
1900 break;
1901 default:
1902 gnutls_assert ();
1903 return GNUTLS_E_INTERNAL_ERROR;
1904
1905 }
1906 }
1907
1908 /* Verifies the signature data, and returns GNUTLS_E_PK_SIG_VERIFY_FAILED if
1909 * not verified, or 1 otherwise.
1910 */
1911 int
1912 pubkey_verify_data (gnutls_pk_algorithm_t pk,
1913 gnutls_digest_algorithm_t hash_algo,
1914 const gnutls_datum_t * data,
1915 const gnutls_datum_t * signature,
1916 gnutls_pk_params_st * issuer_params)
1917 {
1918
1919 switch (pk)
1920 {
1921 case GNUTLS_PK_RSA:
1922
1923 if (_pkcs1_rsa_verify_sig
1924 (hash_algo, data, NULL, signature, issuer_params) != 0)
1925 {
1926 gnutls_assert ();
1927 return GNUTLS_E_PK_SIG_VERIFY_FAILED;
1928 }
1929
1930 return 1;
1931 break;
1932
1933 case GNUTLS_PK_EC:
1934 case GNUTLS_PK_DSA:
1935 if (dsa_verify_data(pk, hash_algo, data, signature, issuer_params) != 0)
1936 {
1937 gnutls_assert ();
1938 return GNUTLS_E_PK_SIG_VERIFY_FAILED;
1939 }
1940
1941 return 1;
1942 break;
1943 default:
1944 gnutls_assert ();
1945 return GNUTLS_E_INTERNAL_ERROR;
1946
1947 }
1948 }
1949
1950 gnutls_digest_algorithm_t
1951 _gnutls_dsa_q_to_hash (gnutls_pk_algorithm_t algo, const gnutls_pk_params_st* params,
1952 unsigned int* hash_len)
1953 {
1954 int bits = 0;
1955
1956 if (algo == GNUTLS_PK_DSA)
1957 bits = _gnutls_mpi_get_nbits (params->params[1]);
1958 else if (algo == GNUTLS_PK_EC)
1959 bits = gnutls_ecc_curve_get_size(params->flags)*8;
1960
1961 if (bits <= 160)
1962 {
1963 if (hash_len) *hash_len = 20;
1964 return GNUTLS_DIG_SHA1;
1965 }
1966 else if (bits <= 192)
1967 {
1968 if (hash_len) *hash_len = 24;
1969 return GNUTLS_DIG_SHA256;
1970 }
1971 else if (bits <= 224)
1972 {
1973 if (hash_len) *hash_len = 28;
1974 return GNUTLS_DIG_SHA256;
1975 }
1976 else if (bits <= 256)
1977 {
1978 if (hash_len) *hash_len = 32;
1979 return GNUTLS_DIG_SHA256;
1980 }
1981 else if (bits <= 384)
1982 {
1983 if (hash_len) *hash_len = 48;
1984 return GNUTLS_DIG_SHA384;
1985 }
1986 else
1987 {
1988 if (hash_len) *hash_len = 64;
1989 return GNUTLS_DIG_SHA512;
1990 }
1991 }
1992
1993 /**
1994 * gnutls_pubkey_set_pin_function:
1995 * @key: A key of type #gnutls_pubkey_t
1996 * @fn: the callback
1997 * @userdata: data associated with the callback
1998 *
1999 * This function will set a callback function to be used when
2000 * required to access the object. This function overrides any other
2001 * global PIN functions.
2002 *
2003 * Note that this function must be called right after initialization
2004 * to have effect.
2005 *
2006 * Since: 3.1.0
2007 *
2008 **/
2009 void gnutls_pubkey_set_pin_function (gnutls_pubkey_t key,
2010 gnutls_pin_callback_t fn, void *userdata)
2011 {
2012 key->pin.cb = fn;
2013 key->pin.data = userdata;
2014 }
2015
2016 /**
2017 * gnutls_pubkey_import_x509_raw:
2018 * @pkey: The public key
2019 * @data: The public key data to be imported
2020 * @format: The format of the public key
2021 * @flags: should be zero
2022 *
2023 * This function will import the given public key to the abstract
2024 * #gnutls_pubkey_t structure.
2025 *
2026 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
2027 * negative error value.
2028 *
2029 * Since: 3.1.3
2030 **/
2031 int gnutls_pubkey_import_x509_raw (gnutls_pubkey_t pkey,
2032 const gnutls_datum_t * data,
2033 gnutls_x509_crt_fmt_t format,
2034 unsigned int flags)
2035 {
2036 gnutls_x509_crt_t xpriv;
2037 int ret;
2038
2039 ret = gnutls_x509_crt_init(&xpriv);
2040 if (ret < 0)
2041 return gnutls_assert_val(ret);
2042
2043 ret = gnutls_x509_crt_import(xpriv, data, format);
2044 if (ret < 0)
2045 {
2046 gnutls_assert();
2047 goto cleanup;
2048 }
2049
2050 ret = gnutls_pubkey_import_x509(pkey, xpriv, flags);
2051 if (ret < 0)
2052 {
2053 gnutls_assert();
2054 goto cleanup;
2055 }
2056
2057 return 0;
2058
2059 cleanup:
2060 gnutls_x509_crt_deinit(xpriv);
2061
2062 return ret;
2063 }
2064
Implementation of the SSL/TLS protocol