aboutsummaryrefslogtreecommitdiffstats
path: root/Source/charon/transforms/rsa
diff options
context:
space:
mode:
Diffstat (limited to 'Source/charon/transforms/rsa')
-rw-r--r--Source/charon/transforms/rsa/rsa_private_key.c227
-rw-r--r--Source/charon/transforms/rsa/rsa_private_key.h85
-rw-r--r--Source/charon/transforms/rsa/rsa_public_key.c182
-rw-r--r--Source/charon/transforms/rsa/rsa_public_key.h72
4 files changed, 334 insertions, 232 deletions
diff --git a/Source/charon/transforms/rsa/rsa_private_key.c b/Source/charon/transforms/rsa/rsa_private_key.c
index 22315e90e..4da3baf7c 100644
--- a/Source/charon/transforms/rsa/rsa_private_key.c
+++ b/Source/charon/transforms/rsa/rsa_private_key.c
@@ -21,6 +21,8 @@
*/
#include <gmp.h>
+#include <sys/stat.h>
+#include <unistd.h>
#include "rsa_private_key.h"
@@ -64,11 +66,6 @@ struct private_rsa_private_key_t {
u_int version;
/**
- * Is the key already set ?
- */
- bool is_key_set;
-
- /**
* Public modulus.
*/
mpz_t n;
@@ -317,37 +314,11 @@ static status_t build_emsa_pkcs1_signature(private_rsa_private_key_t *this, hash
return SUCCESS;
}
-
-/**
- * Implementation of rsa_private_key.set_key.
- */
-static status_t set_key(private_rsa_private_key_t *this, chunk_t key)
-{
- der_decoder_t *dd;
- status_t status;
-
- dd = der_decoder_create(rsa_private_key_rules);
-
- status = dd->decode(dd, key, this);
- if (status == SUCCESS)
- {
- this->is_key_set = TRUE;
- this->k = mpz_sizeinbase(this->n, 2) / 8;
- }
- dd->destroy(dd);
- return status;
-}
-
/**
* Implementation of rsa_private_key.get_key.
*/
static status_t get_key(private_rsa_private_key_t *this, chunk_t *key)
-{
- if (!this->is_key_set)
- {
- return INVALID_STATE;
- }
-
+{
chunk_t n, e, p, q, d, exp1, exp2, coeff;
n.len = this->k;
@@ -389,36 +360,41 @@ static status_t get_key(private_rsa_private_key_t *this, chunk_t *key)
return SUCCESS;
}
-
+
/**
- * Implementation of rsa_private_key.load_key.
+ * Implementation of rsa_private_key.save_key.
*/
-static status_t load_key(private_rsa_private_key_t *this, char *file)
+static status_t save_key(private_rsa_private_key_t *this, char *file)
{
return NOT_SUPPORTED;
}
/**
- * Implementation of rsa_private_key.save_key.
+ * Implementation of rsa_private_key.get_public_key.
*/
-static status_t save_key(private_rsa_private_key_t *this, char *file)
+rsa_public_key_t *get_public_key(private_rsa_private_key_t *this)
{
- return NOT_SUPPORTED;
+ return NULL;
}
/**
- * Implementation of rsa_private_key.generate_key.
+ * Implementation of rsa_private_key.belongs_to.
*/
-static status_t generate_key(private_rsa_private_key_t *this, size_t key_size)
+bool belongs_to(private_rsa_private_key_t *this, rsa_public_key_t *public)
{
- mpz_t p, q, n, e, d, exp1, exp2, coeff;
- mpz_t m, q1, t;
-
- if (key_size < 0)
+ if (mpz_cmp(this->n, *public->get_modulus(public)) == 0)
{
- return INVALID_ARG;
+ return TRUE;
}
-
+ return FALSE;
+}
+
+
+/**
+ * Implementation of rsa_private_key.destroy.
+ */
+static void destroy(private_rsa_private_key_t *this)
+{
mpz_clear(this->n);
mpz_clear(this->e);
mpz_clear(this->p);
@@ -427,6 +403,42 @@ static status_t generate_key(private_rsa_private_key_t *this, size_t key_size)
mpz_clear(this->exp1);
mpz_clear(this->exp2);
mpz_clear(this->coeff);
+ allocator_free(this);
+}
+
+/**
+ * Internal generic constructor
+ */
+static private_rsa_private_key_t *rsa_private_key_create_empty()
+{
+ private_rsa_private_key_t *this = allocator_alloc_thing(private_rsa_private_key_t);
+
+ /* public functions */
+ this->public.build_emsa_pkcs1_signature = (status_t (*) (rsa_private_key_t*,hash_algorithm_t,chunk_t,chunk_t*))build_emsa_pkcs1_signature;
+ this->public.get_key = (status_t (*) (rsa_private_key_t*,chunk_t*))get_key;
+ this->public.save_key = (status_t (*) (rsa_private_key_t*,char*))save_key;
+ this->public.get_public_key = (rsa_public_key_t *(*) (rsa_private_key_t*))get_public_key;
+ this->public.belongs_to = (bool (*) (rsa_private_key_t*,rsa_public_key_t*))belongs_to;
+ this->public.destroy = (void (*) (rsa_private_key_t*))destroy;
+
+ /* private functions */
+ this->rsadp = rsadp;
+ this->rsasp1 = rsadp; /* same algorithm */
+ this->compute_prime = compute_prime;
+
+ return this;
+}
+
+/*
+ * See header
+ */
+rsa_private_key_t *rsa_private_key_create(size_t key_size)
+{
+ mpz_t p, q, n, e, d, exp1, exp2, coeff;
+ mpz_t m, q1, t;
+ private_rsa_private_key_t *this;
+
+ this = rsa_private_key_create_empty();
key_size = key_size / 8;
@@ -491,96 +503,73 @@ static status_t generate_key(private_rsa_private_key_t *this, size_t key_size)
*(this->coeff) = *coeff;
/* set key size in bytes */
-
- this->is_key_set = TRUE;
this->k = key_size;
- return SUCCESS;
+ return &this->public;
}
-/**
- * Implementation of rsa_private_key.get_public_key.
+/*
+ * see header
*/
-rsa_public_key_t *get_public_key(private_rsa_private_key_t *this)
+rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t chunk)
{
- rsa_public_key_t *public_key;
- //chunk_t key;
+ private_rsa_private_key_t *this;
+ der_decoder_t *dd;
+ status_t status;
- public_key = rsa_public_key_create();
+ this = rsa_private_key_create_empty();
- if (this->is_key_set)
- {
+ mpz_init(this->n);
+ mpz_init(this->e);
+ mpz_init(this->p);
+ mpz_init(this->q);
+ mpz_init(this->d);
+ mpz_init(this->exp1);
+ mpz_init(this->exp2);
+ mpz_init(this->coeff);
- chunk_t n, e, key;
-
- n.len = this->k;
- n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, this->n);
- e.len = this->k;
- e.ptr = mpz_export(NULL, NULL, 1, e.len, 1, 0, this->e);
-
- key.len = this->k * 2;
- key.ptr = allocator_alloc(key.len);
- memcpy(key.ptr, n.ptr, n.len);
- memcpy(key.ptr + n.len, e.ptr, e.len);
- allocator_free(n.ptr);
- allocator_free(e.ptr);
-
- public_key->set_key(public_key, key);
- allocator_free(key.ptr);
-
+ dd = der_decoder_create(rsa_private_key_rules);
+ status = dd->decode(dd, chunk, this);
+ dd->destroy(dd);
+ if (status != SUCCESS)
+ {
+ destroy(this);
+ return NULL;
}
-
- return public_key;
-}
-
-
-/**
- * Implementation of rsa_private_key.destroy.
- */
-static void destroy(private_rsa_private_key_t *this)
-{
- mpz_clear(this->n);
- mpz_clear(this->e);
- mpz_clear(this->p);
- mpz_clear(this->q);
- mpz_clear(this->d);
- mpz_clear(this->exp1);
- mpz_clear(this->exp2);
- mpz_clear(this->coeff);
- allocator_free(this);
+ this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8;
+ return &this->public;
}
/*
- * Described in header.
+ * see header
*/
-rsa_private_key_t *rsa_private_key_create(hash_algorithm_t hash_algoritm)
+rsa_private_key_t *rsa_private_key_create_from_file(char *filename, char *passphrase)
{
- private_rsa_private_key_t *this = allocator_alloc_thing(private_rsa_private_key_t);
+ chunk_t chunk;
+ struct stat stb;
+ FILE *file;
+ char *buffer;
- /* public functions */
- this->public.build_emsa_pkcs1_signature = (status_t (*) (rsa_private_key_t*,hash_algorithm_t,chunk_t,chunk_t*))build_emsa_pkcs1_signature;
- this->public.set_key = (status_t (*) (rsa_private_key_t*,chunk_t))set_key;
- this->public.get_key = (status_t (*) (rsa_private_key_t*,chunk_t*))get_key;
- this->public.load_key = (status_t (*) (rsa_private_key_t*,char*))load_key;
- this->public.save_key = (status_t (*) (rsa_private_key_t*,char*))save_key;
- this->public.generate_key = (status_t (*) (rsa_private_key_t*,size_t))generate_key;
- this->public.get_public_key = (rsa_public_key_t *(*) (rsa_private_key_t*))get_public_key;
- this->public.destroy = (void (*) (rsa_private_key_t*))destroy;
+ if (stat(filename, &stb) == -1)
+ {
+ return NULL;
+ }
- /* private functions */
- this->rsadp = rsadp;
- this->rsasp1 = rsadp; /* same algorithm */
- this->compute_prime = compute_prime;
+ buffer = alloca(stb.st_size);
- mpz_init(this->n);
- mpz_init(this->e);
- mpz_init(this->p);
- mpz_init(this->q);
- mpz_init(this->d);
- mpz_init(this->exp1);
- mpz_init(this->exp2);
- mpz_init(this->coeff);
- this->is_key_set = FALSE;
+ file = fopen(filename, "r");
+ if (file == NULL)
+ {
+ return NULL;
+ }
+
+ if (fread(buffer, stb.st_size, 1, file) != 1)
+ {
+ return NULL;
+ }
+
+ chunk.ptr = buffer;
+ chunk.len = stb.st_size;
- return &(this->public);
+ return rsa_private_key_create_from_chunk(chunk);
}
diff --git a/Source/charon/transforms/rsa/rsa_private_key.h b/Source/charon/transforms/rsa/rsa_private_key.h
index 094c3e249..ffbe419f5 100644
--- a/Source/charon/transforms/rsa/rsa_private_key.h
+++ b/Source/charon/transforms/rsa/rsa_private_key.h
@@ -38,10 +38,12 @@ typedef struct rsa_private_key_t rsa_private_key_t;
*
* @b Constructors:
* - rsa_private_key_create()
+ * - rsa_private_key_create_from_chunk()
+ * - rsa_private_key_create_from_file()
*
* @see rsa_public_key_t
*
- * @todo Implement proper key set/get load/save methods using ASN1.
+ * @todo Implement get_key(), save_key(), get_public_key()
*
* @ingroup rsa
*/
@@ -66,26 +68,9 @@ struct rsa_private_key_t {
status_t (*build_emsa_pkcs1_signature) (rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature);
/**
- * @brief Set the key.
- *
- * Currently uses a proprietary format which is only inteded
- * for testing. This should be replaced with a proper
- * ASN1 encoded key format, when charon gets the ASN1
- * capabilities.
- *
- * @param this calling object
- * @param key key (in a propriarity format)
- * @return currently SUCCESS in any case
- */
- status_t (*set_key) (rsa_private_key_t *this, chunk_t key);
-
- /**
* @brief Gets the key.
*
- * Currently uses a proprietary format which is only inteded
- * for testing. This should be replaced with a proper
- * ASN1 encoded key format, when charon gets the ASN1
- * capabilities.
+ * UNIMPLEMENTED!
*
* @param this calling object
* @param key key (in a propriarity format)
@@ -96,17 +81,6 @@ struct rsa_private_key_t {
status_t (*get_key) (rsa_private_key_t *this, chunk_t *key);
/**
- * @brief Loads a key from a file.
- *
- * Not implemented!
- *
- * @param this calling object
- * @param file file from which key should be read
- * @return NOT_SUPPORTED
- */
- status_t (*load_key) (rsa_private_key_t *this, char *file);
-
- /**
* @brief Saves a key to a file.
*
* Not implemented!
@@ -140,6 +114,18 @@ struct rsa_private_key_t {
rsa_public_key_t *(*get_public_key) (rsa_private_key_t *this);
/**
+ * @brief Check if a private key belongs to a public key.
+ *
+ * Compares the public part of the private key with the
+ * public key, return TRUE if it equals.
+ *
+ * @param this private key
+ * @param public public key
+ * @return TRUE, if keys belong together
+ */
+ bool (*belongs_to) (rsa_private_key_t *this, rsa_public_key_t *public);
+
+ /**
* @brief Destroys the private key.
*
* @param this private key to destroy
@@ -148,13 +134,44 @@ struct rsa_private_key_t {
};
/**
- * @brief Create a new rsa_private_key without
- * any key inside.
+ * @brief Generate a new RSA key with specified key lenght.
+ *
+ * @param key_size size of the key in bits
+ * @return generated rsa_private_key_t.
+ *
+ * @ingroup rsa
+ */
+rsa_private_key_t *rsa_private_key_create(size_t key_size);
+
+/**
+ * @brief Load an RSA private key from a chunk.
+ *
+ * Load a key from a chunk, encoded as described in PKCS#1
+ * (ASN1 DER encoded).
+ *
+ * @param chunk chunk containing the DER encoded key
+ * @return loaded rsa_private_key_t, or NULL
+ *
+ * @ingroup rsa
+ */
+rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t chunk);
+
+/**
+ * @brief Load an RSA private key from a file.
+ *
+ * Load a key from a file, which is either in a unencrypted binary
+ * format (DER), or in a (encrypted) PEM format. The supplied
+ * passphrase is used to decrypt an ecrypted key.
+ *
+ * @param filename filename which holds the key
+ * @param passphrase optional passphase for decryption
+ * @return loaded rsa_private_key_t, or NULL
*
- * @return created rsa_private_key_t.
+ * @todo Implement PEM file loading
+ * @todo Implement key decryption
*
* @ingroup rsa
*/
-rsa_private_key_t *rsa_private_key_create();
+rsa_private_key_t *rsa_private_key_create_from_file(char *filename, char *passphrase);
#endif /*RSA_PRIVATE_KEY_H_*/
diff --git a/Source/charon/transforms/rsa/rsa_public_key.c b/Source/charon/transforms/rsa/rsa_public_key.c
index fb3fe3c67..5a3df1f10 100644
--- a/Source/charon/transforms/rsa/rsa_public_key.c
+++ b/Source/charon/transforms/rsa/rsa_public_key.c
@@ -21,6 +21,8 @@
*/
#include <gmp.h>
+#include <sys/stat.h>
+#include <unistd.h>
#include "rsa_public_key.h"
@@ -85,11 +87,6 @@ struct private_rsa_public_key_t {
rsa_public_key_t public;
/**
- * Is the key already set ?
- */
- bool is_key_set;
-
- /**
* Public modulus.
*/
mpz_t n;
@@ -123,6 +120,24 @@ struct private_rsa_public_key_t {
chunk_t (*rsavp1) (private_rsa_public_key_t *this, chunk_t data);
};
+
+typedef struct rsa_public_key_info_t rsa_public_key_info_t;
+
+/**
+ * KeyInfo, as it appears in a public key file
+ */
+struct rsa_public_key_info_t {
+ /**
+ * Algorithm for this key
+ */
+ chunk_t algorithm_oid;
+
+ /**
+ * Public key, parseable with rsa_public_key_rules
+ */
+ chunk_t public_key;
+};
+
/**
* Rules for de-/encoding of a public key from/in ASN1
*/
@@ -134,6 +149,21 @@ static asn1_rule_t rsa_public_key_rules[] = {
};
/**
+ * Rules for de-/encoding of a PublicKeyInfo from/in ASN1
+ */
+static asn1_rule_t rsa_public_key_info_rules[] = {
+ {ASN1_SEQUENCE, 0, 0, 0},
+ { ASN1_SEQUENCE, 0, 0, 0},
+ { ASN1_OID, 0, offsetof(rsa_public_key_info_t, algorithm_oid), 0},
+ { ASN1_NULL, 0, 0, 0},
+ { ASN1_END, 0, 0, 0},
+ { ASN1_BITSTRING, 0, offsetof(rsa_public_key_info_t, public_key), 0},
+ {ASN1_END, 0, 0, 0},
+};
+
+private_rsa_public_key_t *rsa_public_key_create_empty();
+
+/**
* Implementation of private_rsa_public_key_t.rsaep and private_rsa_public_key_t.rsavp1
*/
static chunk_t rsaep(private_rsa_public_key_t *this, chunk_t data)
@@ -167,11 +197,6 @@ static status_t verify_emsa_pkcs1_signature(private_rsa_public_key_t *this, chun
chunk_t em;
u_int8_t *pos;
- if(!this->is_key_set)
- {
- return INVALID_STATE;
- }
-
if (signature.len > this->k)
{
return INVALID_ARG;
@@ -286,36 +311,10 @@ static status_t verify_emsa_pkcs1_signature(private_rsa_public_key_t *this, chun
}
/**
- * Implementation of rsa_public_key.set_key.
- */
-static status_t set_key(private_rsa_public_key_t *this, chunk_t key)
-{
- der_decoder_t *dd;
- status_t status;
-
- dd = der_decoder_create(rsa_public_key_rules);
-
- status = dd->decode(dd, key, this);
- if (status == SUCCESS)
- {
- this->is_key_set = TRUE;
- this->k = mpz_sizeinbase(this->n, 2) / 8;
- }
- dd->destroy(dd);
- return status;
-}
-
-
-/**
* Implementation of rsa_public_key.get_key.
*/
static status_t get_key(private_rsa_public_key_t *this, chunk_t *key)
-{
- if (!this->is_key_set)
- {
- return INVALID_STATE;
- }
-
+{
chunk_t n, e;
n.len = this->k;
@@ -332,21 +331,35 @@ static status_t get_key(private_rsa_public_key_t *this, chunk_t *key)
return SUCCESS;
}
-
+
/**
- * Implementation of rsa_public_key.load_key.
+ * Implementation of rsa_public_key.save_key.
*/
-static status_t load_key(private_rsa_public_key_t *this, char *file)
+static status_t save_key(private_rsa_public_key_t *this, char *file)
{
return NOT_SUPPORTED;
}
/**
- * Implementation of rsa_public_key.save_key.
+ * Implementation of rsa_public_key.get_modulus.
*/
-static status_t save_key(private_rsa_public_key_t *this, char *file)
+static mpz_t *get_modulus(private_rsa_public_key_t *this)
{
- return NOT_SUPPORTED;
+ return &this->n;
+}
+
+/**
+ * Implementation of rsa_public_key.clone.
+ */
+static rsa_public_key_t* _clone(private_rsa_public_key_t *this)
+{
+ private_rsa_public_key_t *clone = rsa_public_key_create_empty();
+
+ mpz_init_set(clone->n, this->n);
+ mpz_init_set(clone->e, this->e);
+ clone->k = this->k;
+
+ return &clone->public;
}
/**
@@ -359,28 +372,97 @@ static void destroy(private_rsa_public_key_t *this)
allocator_free(this);
}
-/*
- * Described in header.
+/**
+ * Generic private constructor
*/
-rsa_public_key_t *rsa_public_key_create()
+private_rsa_public_key_t *rsa_public_key_create_empty()
{
private_rsa_public_key_t *this = allocator_alloc_thing(private_rsa_public_key_t);
/* public functions */
this->public.verify_emsa_pkcs1_signature = (status_t (*) (rsa_public_key_t*,chunk_t,chunk_t))verify_emsa_pkcs1_signature;
- this->public.set_key = (status_t (*) (rsa_public_key_t*,chunk_t))set_key;
this->public.get_key = (status_t (*) (rsa_public_key_t*,chunk_t*))get_key;
- this->public.load_key = (status_t (*) (rsa_public_key_t*,char*))load_key;
this->public.save_key = (status_t (*) (rsa_public_key_t*,char*))save_key;
+ this->public.get_modulus = (mpz_t *(*) (rsa_public_key_t*))get_modulus;
+ this->public.clone = (rsa_public_key_t* (*) (rsa_public_key_t*))_clone;
this->public.destroy = (void (*) (rsa_public_key_t*))destroy;
/* private functions */
this->rsaep = rsaep;
this->rsavp1 = rsaep; /* same algorithm */
+ return this;
+}
+
+/*
+ * See header
+ */
+rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t chunk)
+{
+ der_decoder_t *dd;
+ status_t status;
+ private_rsa_public_key_t *this;
+
+ this = rsa_public_key_create_empty();
mpz_init(this->n);
mpz_init(this->e);
- this->is_key_set = FALSE;
- return &(this->public);
+ dd = der_decoder_create(rsa_public_key_rules);
+ status = dd->decode(dd, chunk, this);
+ dd->destroy(dd);
+ if (status != SUCCESS)
+ {
+ destroy(this);
+ return NULL;
+ }
+ this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8;
+ return &this->public;
+}
+
+/*
+ * See header
+ */
+rsa_public_key_t *rsa_public_key_create_from_file(char *filename)
+{
+ struct stat stb;
+ FILE *file;
+ char *buffer;
+ chunk_t chunk;
+ rsa_public_key_info_t key_info = {CHUNK_INITIALIZER, CHUNK_INITIALIZER};
+ der_decoder_t *dd;
+ status_t status;
+ rsa_public_key_t *public_key = NULL;
+
+ if (stat(filename, &stb) == -1)
+ {
+ return NULL;
+ }
+
+ buffer = alloca(stb.st_size);
+
+ file = fopen(filename, "r");
+ if (file == NULL)
+ {
+ return NULL;
+ }
+
+ if (fread(buffer, stb.st_size, 1, file) != 1)
+ {
+ return NULL;
+ }
+
+ chunk.ptr = buffer;
+ chunk.len = stb.st_size;
+
+ /* parse public key info first */
+ dd = der_decoder_create(rsa_public_key_info_rules);
+ status = dd->decode(dd, chunk, &key_info);
+ dd->destroy(dd);
+ allocator_free_chunk(&key_info.algorithm_oid);
+ if (status == SUCCESS)
+ {
+ public_key = rsa_public_key_create_from_chunk(chunk);
+ }
+ allocator_free_chunk(&key_info.public_key);
+ return public_key;
}
diff --git a/Source/charon/transforms/rsa/rsa_public_key.h b/Source/charon/transforms/rsa/rsa_public_key.h
index a4671b148..ef79153d6 100644
--- a/Source/charon/transforms/rsa/rsa_public_key.h
+++ b/Source/charon/transforms/rsa/rsa_public_key.h
@@ -38,11 +38,13 @@ typedef struct rsa_public_key_t rsa_public_key_t;
* the EMSA encoding (see PKCS1)
*
* @b Constructors:
- * - rsa_public_key_create()
+ * - rsa_public_key_create_from_chunk()
+ * - rsa_public_key_create_from_file()
+ * - rsa_private_key_t.get_public_key()
*
* @see rsa_private_key_t
*
- * @todo Implement proper key set/get load/save methods using ASN1.
+ * @todo Implement getkey() and savekey()
*
* @ingroup rsa
*/
@@ -55,7 +57,7 @@ struct rsa_public_key_t {
* selects the hash algorithm form the resultign ASN1-OID and
* verifies the hash against the supplied data.
*
- * @param this rsa_private_key to use
+ * @param this rsa_public_key to use
* @param data data to sign
* @param signature signature to verify
* @return
@@ -68,20 +70,6 @@ struct rsa_public_key_t {
status_t (*verify_emsa_pkcs1_signature) (rsa_public_key_t *this, chunk_t data, chunk_t signature);
/**
- * @brief Set the key.
- *
- * Currently uses a proprietary format which is only inteded
- * for testing. This should be replaced with a proper
- * ASN1 encoded key format, when charon gets the ASN1
- * capabilities.
- *
- * @param this calling object
- * @param key key (in a propriarity format)
- * @return currently SUCCESS in any case
- */
- status_t (*set_key) (rsa_public_key_t *this, chunk_t key);
-
- /**
* @brief Gets the key.
*
* Currently uses a proprietary format which is only inteded
@@ -98,26 +86,31 @@ struct rsa_public_key_t {
status_t (*get_key) (rsa_public_key_t *this, chunk_t *key);
/**
- * @brief Loads a key from a file.
+ * @brief Saves a key to a file.
*
* Not implemented!
*
* @param this calling object
- * @param file file from which key should be read
+ * @param file file to which the key should be written.
* @return NOT_SUPPORTED
*/
- status_t (*load_key) (rsa_public_key_t *this, char *file);
+ status_t (*save_key) (rsa_public_key_t *this, char *file);
/**
- * @brief Saves a key to a file.
- *
- * Not implemented!
+ * @brief Get the modulus of the key.
*
* @param this calling object
- * @param file file to which the key should be written.
- * @return NOT_SUPPORTED
+ * @return modulus (n) of the key
*/
- status_t (*save_key) (rsa_public_key_t *this, char *file);
+ mpz_t *(*get_modulus) (rsa_public_key_t *this);
+
+ /**
+ * @brief Clone the public key.
+ *
+ * @param this public key to clone
+ * @return clone of this
+ */
+ rsa_public_key_t *(*clone) (rsa_public_key_t *this);
/**
* @brief Destroys the public key.
@@ -128,12 +121,33 @@ struct rsa_public_key_t {
};
/**
- * @brief Create a public key without any key inside.
+ * @brief Load an RSA public key from a chunk.
+ *
+ * Load a key from a chunk, encoded in the more frequently
+ * used PublicKeyInfo struct (ASN1 DER encoded).
+ *
+ * @param chunk chunk containing the DER encoded key
+ * @return loaded rsa_public_key_t, or NULL
+ *
+ * @todo Check OID in PublicKeyInfo
+ *
+ * @ingroup rsa
+ */
+rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t chunk);
+
+/**
+ * @brief Load an RSA public key from a file.
+ *
+ * Load a key from a file, which is either in binary
+ * format (DER), or in PEM format.
+ *
+ * @param filename filename which holds the key
+ * @return loaded rsa_public_key_t, or NULL
*
- * @return created rsa_public_key_t.
+ * @todo Implement PEM file loading
*
* @ingroup rsa
*/
-rsa_public_key_t *rsa_public_key_create();
+rsa_public_key_t *rsa_public_key_create_from_file(char *filename);
#endif /*RSA_PUBLIC_KEY_H_*/
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-19 23:31:59 +0000