3 * Converting rsa keys to OpenPGP format.
6 /* nettle, low-level cryptographics library
8 * Copyright (C) 2001, 2002 Niels Möller
10 * The nettle library is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU Lesser General Public License as published by
12 * the Free Software Foundation; either version 2.1 of the License, or (at your
13 * option) any later version.
15 * The nettle library is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
18 * License for more details.
20 * You should have received a copy of the GNU Lesser General Public License
21 * along with the nettle library; see the file COPYING.LIB. If not, write to
22 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
39 /* According to RFC 2440, a public key consists of the following packets:
43 * Zero or more revocation signatures
45 * One or more User ID packets
47 * After each User ID packet, zero or more signature packets
49 * Zero or more Subkey packets
51 * After each Subkey packet, one signature packet, optionally a
54 * Currently, we generate a public key packet, a single user id, and a
58 rsa_keypair_to_openpgp(struct nettle_buffer *buffer,
59 const struct rsa_public_key *pub,
60 const struct rsa_private_key *priv,
61 /* A single user id. NUL-terminated utf8. */
64 time_t now = time(NULL);
68 unsigned userid_start;
70 struct sha1_ctx key_hash;
71 struct sha1_ctx signature_hash;
72 uint8_t fingerprint[SHA1_DIGEST_SIZE];
74 key_start = buffer->size;
76 if (!pgp_put_public_rsa_key(buffer, pub, now))
80 userid_start = buffer->size;
81 if (!pgp_put_userid(buffer, strlen(userid), userid))
84 /* FIXME: We hash the key first, and then the user id. Is this right? */
86 sha1_update(&key_hash,
87 userid_start - key_start,
88 buffer->contents + key_start);
90 signature_hash = key_hash;
91 sha1_digest(&key_hash, sizeof(fingerprint), fingerprint);
93 sha1_update(&signature_hash,
94 buffer->size - userid_start,
95 buffer->contents + userid_start);
97 return pgp_put_rsa_sha1_signature(buffer,
99 fingerprint + SHA1_DIGEST_SIZE - 8,
100 PGP_SIGN_CERTIFICATION,