2 * Copyright (C) 2002, 2003, 2004, 2005, 2008, 2009, 2010 Free Software
5 * Author: Nikos Mavrogiannopoulos
7 * This file is part of GnuTLS.
9 * The GnuTLS is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public License
11 * as published by the Free Software Foundation; either version 2.1 of
12 * the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
26 /* This file contains code for RSA temporary keys. These keys are
27 * only used in export cipher suites.
30 #include <gnutls_int.h>
31 #include <gnutls_errors.h>
32 #include <gnutls_datum.h>
33 #include <gnutls_rsa_export.h>
34 #include "x509/x509_int.h"
37 /* returns e and m, depends on the requested bits.
38 * We only support limited key sizes.
41 _gnutls_rsa_params_to_mpi (gnutls_rsa_params_t rsa_params)
43 if (rsa_params == NULL)
48 return rsa_params->params;
52 * gnutls_rsa_params_import_raw:
53 * @rsa_params: Is a structure will hold the parameters
54 * @m: holds the modulus
55 * @e: holds the public exponent
56 * @d: holds the private exponent
57 * @p: holds the first prime (p)
58 * @q: holds the second prime (q)
59 * @u: holds the coefficient
61 * This function will replace the parameters in the given structure.
62 * The new parameters should be stored in the appropriate
65 * Returns: %GNUTLS_E_SUCCESS on success, or an negative error code.
68 gnutls_rsa_params_import_raw (gnutls_rsa_params_t rsa_params,
69 const gnutls_datum_t * m,
70 const gnutls_datum_t * e,
71 const gnutls_datum_t * d,
72 const gnutls_datum_t * p,
73 const gnutls_datum_t * q,
74 const gnutls_datum_t * u)
76 return gnutls_x509_privkey_import_rsa_raw (rsa_params, m, e, d, p, q, u);
80 * gnutls_rsa_params_init:
81 * @rsa_params: Is a structure that will hold the parameters
83 * This function will initialize the temporary RSA parameters structure.
85 * Returns: %GNUTLS_E_SUCCESS on success, or an negative error code.
88 gnutls_rsa_params_init (gnutls_rsa_params_t * rsa_params)
92 ret = gnutls_x509_privkey_init (rsa_params);
103 * gnutls_rsa_params_deinit:
104 * @rsa_params: Is a structure that holds the parameters
106 * This function will deinitialize the RSA parameters structure.
109 gnutls_rsa_params_deinit (gnutls_rsa_params_t rsa_params)
111 gnutls_x509_privkey_deinit (rsa_params);
115 * gnutls_rsa_params_cpy:
116 * @dst: Is the destination structure, which should be initialized.
117 * @src: Is the source structure
119 * This function will copy the RSA parameters structure from source
122 * Returns: %GNUTLS_E_SUCCESS on success, or an negative error code.
125 gnutls_rsa_params_cpy (gnutls_rsa_params_t dst, gnutls_rsa_params_t src)
127 return gnutls_x509_privkey_cpy (dst, src);
131 * gnutls_rsa_params_generate2:
132 * @params: The structure where the parameters will be stored
133 * @bits: is the prime's number of bits
135 * This function will generate new temporary RSA parameters for use in
136 * RSA-EXPORT ciphersuites. This function is normally slow.
138 * Note that if the parameters are to be used in export cipher suites the
139 * bits value should be 512 or less.
140 * Also note that the generation of new RSA parameters is only useful
141 * to servers. Clients use the parameters sent by the server, thus it's
142 * no use calling this in client side.
144 * Returns: %GNUTLS_E_SUCCESS on success, or an negative error code.
147 gnutls_rsa_params_generate2 (gnutls_rsa_params_t params, unsigned int bits)
149 return gnutls_x509_privkey_generate (params, GNUTLS_PK_RSA, bits, 0);
153 * gnutls_rsa_params_import_pkcs1:
154 * @params: A structure where the parameters will be copied to
155 * @pkcs1_params: should contain a PKCS1 RSAPublicKey structure PEM or DER encoded
156 * @format: the format of params. PEM or DER.
158 * This function will extract the RSAPublicKey found in a PKCS1 formatted
161 * If the structure is PEM encoded, it should have a header
162 * of "BEGIN RSA PRIVATE KEY".
164 * Returns: %GNUTLS_E_SUCCESS on success, or an negative error code.
167 gnutls_rsa_params_import_pkcs1 (gnutls_rsa_params_t params,
168 const gnutls_datum_t * pkcs1_params,
169 gnutls_x509_crt_fmt_t format)
171 return gnutls_x509_privkey_import (params, pkcs1_params, format);
175 * gnutls_rsa_params_export_pkcs1:
176 * @params: Holds the RSA parameters
177 * @format: the format of output params. One of PEM or DER.
178 * @params_data: will contain a PKCS1 RSAPublicKey structure PEM or DER encoded
179 * @params_data_size: holds the size of params_data (and will be replaced by the actual size of parameters)
181 * This function will export the given RSA parameters to a PKCS1
182 * RSAPublicKey structure. If the buffer provided is not long enough to
183 * hold the output, then GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
185 * If the structure is PEM encoded, it will have a header
186 * of "BEGIN RSA PRIVATE KEY".
188 * Returns: %GNUTLS_E_SUCCESS on success, or an negative error code.
191 gnutls_rsa_params_export_pkcs1 (gnutls_rsa_params_t params,
192 gnutls_x509_crt_fmt_t format,
193 unsigned char *params_data,
194 size_t * params_data_size)
196 return gnutls_x509_privkey_export (params, format,
197 params_data, params_data_size);
201 * gnutls_rsa_params_export_raw:
202 * @params: a structure that holds the rsa parameters
203 * @m: will hold the modulus
204 * @e: will hold the public exponent
205 * @d: will hold the private exponent
206 * @p: will hold the first prime (p)
207 * @q: will hold the second prime (q)
208 * @u: will hold the coefficient
209 * @bits: if non null will hold the prime's number of bits
211 * This function will export the RSA parameters found in the given
212 * structure. The new parameters will be allocated using
213 * gnutls_malloc() and will be stored in the appropriate datum.
215 * Returns: %GNUTLS_E_SUCCESS on success, or an negative error code.
218 gnutls_rsa_params_export_raw (gnutls_rsa_params_t params,
219 gnutls_datum_t * m, gnutls_datum_t * e,
220 gnutls_datum_t * d, gnutls_datum_t * p,
221 gnutls_datum_t * q, gnutls_datum_t * u,
226 ret = gnutls_x509_privkey_export_rsa_raw (params, m, e, d, p, q, u);
234 *bits = _gnutls_mpi_get_nbits (params->params[3]);