diff -Nurd gwenhywfar-4.3.2.orig/src/crypt3/cryptkeyrsa.c gwenhywfar-4.3.2/src/crypt3/cryptkeyrsa.c --- gwenhywfar-4.3.2.orig/src/crypt3/cryptkeyrsa.c 2010-08-28 09:00:08.000000000 -0400 +++ gwenhywfar-4.3.2/src/crypt3/cryptkeyrsa.c 2022-04-26 18:57:06.000000000 -0400 @@ -58,6 +58,208 @@ +int GWEN_Crypt_KeyRsa__getNamedElement(gcry_sexp_t pkey, const char *name, gcry_mpi_t *pMpi) { + gcry_sexp_t list; + gcry_mpi_t mpi; + + /* get public exponent */ + list=gcry_sexp_find_token(pkey, name, 0); + if (!list) { + DBG_ERROR(GWEN_LOGDOMAIN, "Missing element \"%s\" in sexp", name); + return GWEN_ERROR_GENERIC; + } + + mpi=gcry_sexp_nth_mpi(list, 1, GCRYMPI_FMT_USG); + if (!mpi) { + DBG_ERROR(GWEN_LOGDOMAIN, "Eror getting value for element \"%s\"", name); + gcry_sexp_release(list); + return GWEN_ERROR_GENERIC; + } + + *pMpi=mpi; + gcry_sexp_release(list); + + return 0; +} + + + +int GWEN_Crypt_KeyRsa_GeneratePair2(unsigned int nbits, int use65537e, + GWEN_CRYPT_KEY **pPubKey, + GWEN_CRYPT_KEY **pSecretKey) { + gcry_sexp_t keyparm, key; + int rc; + char buffer[256]; + char numbuf[32]; + gcry_sexp_t pkey; + int nbytes; + GWEN_CRYPT_KEY *pubKey=NULL; + GWEN_CRYPT_KEY *secretKey=NULL; + + nbytes=nbits/8; + if (nbits%8) + nbytes++; + snprintf(numbuf, sizeof(numbuf)-1, "%d", nbits); + if (use65537e) { + snprintf(buffer, sizeof(buffer)-1, + "(genkey\n" + " (rsa\n" + " (nbits %zd:%d)\n" + " (rsa-use-e 5:65537)\n" + " ))", + strlen(numbuf), + nbits); + } + else + snprintf(buffer, sizeof(buffer)-1, + "(genkey\n" + " (rsa\n" + " (nbits %zd:%d)\n" + " (rsa-use-e 1:0)\n" + " ))", + strlen(numbuf), + nbits); + buffer[sizeof(buffer)-1]=0; + + /*DBG_ERROR(0, "Genkey string: [%s]", buffer);*/ + + rc=gcry_sexp_new(&keyparm, buffer, 0, 1); + if (rc) { + DBG_ERROR(GWEN_LOGDOMAIN, + "Error creating S-expression: %s", gpg_strerror (rc)); + return GWEN_ERROR_GENERIC; + } + + rc=gcry_pk_genkey(&key, keyparm); + gcry_sexp_release(keyparm); + if (rc) { + DBG_ERROR(GWEN_LOGDOMAIN, "Error generating RSA key: %s", gpg_strerror (rc)); + return GWEN_ERROR_GENERIC; + } + + pkey=gcry_sexp_find_token(key, "public-key", 0); + if (!pkey) { + DBG_ERROR(GWEN_LOGDOMAIN, "Public part missing in return value"); + gcry_sexp_release(key); + return GWEN_ERROR_GENERIC; + } + else { + int rv; + gcry_mpi_t n=NULL; + gcry_mpi_t e=NULL; + GWEN_CRYPT_KEY *k; + GWEN_CRYPT_KEY_RSA *xk; + + /* get public exponent */ + rv=GWEN_Crypt_KeyRsa__getNamedElement(pkey, "n", &n); + if (rv<0) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); + gcry_sexp_release(key); + return GWEN_ERROR_GENERIC; + } + + rv=GWEN_Crypt_KeyRsa__getNamedElement(pkey, "e", &e); + if (rv<0) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); + gcry_mpi_release(n); + gcry_sexp_release(key); + return GWEN_ERROR_GENERIC; + } + + /* create public key */ + k=GWEN_Crypt_Key_new(GWEN_Crypt_CryptAlgoId_Rsa, nbits/8); + GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_RSA, xk); + GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k, xk, GWEN_Crypt_KeyRsa_freeData); + GWEN_Crypt_Key_SetSignFn(k, GWEN_Crypt_KeyRsa_Sign); + GWEN_Crypt_Key_SetVerifyFn(k, GWEN_Crypt_KeyRsa_Verify); + GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeyRsa_Encipher); + GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeyRsa_Decipher); + xk->modulus=gcry_mpi_copy(n); + xk->pubExponent=gcry_mpi_copy(e); + xk->pub=1; + pubKey=k; + + gcry_mpi_release(e); + gcry_mpi_release(n); + } + + + pkey=gcry_sexp_find_token(key, "private-key", 0); + if (!pkey) { + DBG_ERROR(GWEN_LOGDOMAIN, "Private part missing in return value"); + gcry_sexp_release(key); + return GWEN_ERROR_GENERIC; + } + else { + int rv; + gcry_mpi_t n=NULL; + gcry_mpi_t e=NULL; + gcry_mpi_t d=NULL; + GWEN_CRYPT_KEY *k; + GWEN_CRYPT_KEY_RSA *xk; + + /* get public exponent */ + rv=GWEN_Crypt_KeyRsa__getNamedElement(pkey, "n", &n); + if (rv<0) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); + gcry_sexp_release(key); + return GWEN_ERROR_GENERIC; + } + + rv=GWEN_Crypt_KeyRsa__getNamedElement(pkey, "e", &e); + if (rv<0) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); + gcry_mpi_release(n); + gcry_sexp_release(key); + return GWEN_ERROR_GENERIC; + } + + rv=GWEN_Crypt_KeyRsa__getNamedElement(pkey, "d", &d); + if (rv<0) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); + gcry_mpi_release(e); + gcry_mpi_release(n); + gcry_sexp_release(key); + return GWEN_ERROR_GENERIC; + } + + /* create private key */ + k=GWEN_Crypt_Key_new(GWEN_Crypt_CryptAlgoId_Rsa, nbits/8); + GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_RSA, xk); + GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k, xk, GWEN_Crypt_KeyRsa_freeData); + GWEN_Crypt_Key_SetSignFn(k, GWEN_Crypt_KeyRsa_Sign); + GWEN_Crypt_Key_SetVerifyFn(k, GWEN_Crypt_KeyRsa_Verify); + GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeyRsa_Encipher); + GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeyRsa_Decipher); + xk->modulus=gcry_mpi_copy(n); + xk->pubExponent=gcry_mpi_copy(e); + xk->privExponent=gcry_mpi_copy(d); + xk->pub=0; + secretKey=k; + + gcry_mpi_release(d); + gcry_mpi_release(e); + gcry_mpi_release(n); + } + + gcry_sexp_release(key); + + *pPubKey=pubKey; + *pSecretKey=secretKey; + + return 0; +} + + + +int GWEN_Crypt_KeyRsa_GeneratePair(unsigned int nbytes, int use65537e, + GWEN_CRYPT_KEY **pPubKey, + GWEN_CRYPT_KEY **pSecretKey) { + return GWEN_Crypt_KeyRsa_GeneratePair2(nbytes*8, use65537e, pPubKey, pSecretKey); +} + + + int GWEN_Crypt_KeyRsa_Sign(GWEN_CRYPT_KEY *k, const uint8_t *pInData, @@ -67,9 +269,6 @@ GWEN_CRYPT_KEY_RSA *xk; gcry_error_t err; size_t nscanned; - gcry_ac_data_t dsKey; - gcry_mpi_t mpi_d; - gcry_mpi_t mpi_n; gcry_mpi_t mpi_in; gcry_mpi_t mpi_sigout1; gcry_mpi_t mpi_sigout2=NULL; @@ -79,21 +278,13 @@ xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k); assert(xk); - dsKey=gcry_ac_key_data_get(xk->key); - - /* get modulus */ - err=gcry_ac_data_get_name(dsKey, 0, "n", &mpi_n); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_data_get_name(): %s", - gcry_strerror(err)); + if (xk->modulus==NULL) { + DBG_ERROR(GWEN_LOGDOMAIN, "No modulus in key data"); return GWEN_ERROR_BAD_DATA; } - /* get private exponent */ - err=gcry_ac_data_get_name(dsKey, 0, "d", &mpi_d); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_data_get_name(): %s", - gcry_strerror(err)); + if (xk->privExponent==NULL) { + DBG_ERROR(GWEN_LOGDOMAIN, "No secret exponent in key data"); return GWEN_ERROR_BAD_DATA; } @@ -108,12 +299,12 @@ /* create first signature */ mpi_sigout1=gcry_mpi_new(GWEN_Crypt_Key_GetKeySize(k)); - gcry_mpi_powm(mpi_sigout1, mpi_in, mpi_d, mpi_n); + gcry_mpi_powm(mpi_sigout1, mpi_in, xk->privExponent, xk->modulus); if (!(xk->flags & GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN)) { /* create second signature */ mpi_sigout2=gcry_mpi_new(GWEN_Crypt_Key_GetKeySize(k)); - gcry_mpi_sub(mpi_sigout2, mpi_n, mpi_sigout1); + gcry_mpi_sub(mpi_sigout2, xk->modulus, mpi_sigout1); if (gcry_mpi_cmp(mpi_sigout2, mpi_sigout1)<0) { DBG_DEBUG(GWEN_LOGDOMAIN, "Choosing 2nd variant"); @@ -149,9 +340,6 @@ GWEN_CRYPT_KEY_RSA *xk; gcry_error_t err; size_t nscanned; - gcry_ac_data_t dsKey; - gcry_mpi_t mpi_e; - gcry_mpi_t mpi_n; gcry_mpi_t mpi_in; gcry_mpi_t mpi_sigin1; gcry_mpi_t mpi_sigout; @@ -160,24 +348,17 @@ xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k); assert(xk); - dsKey=gcry_ac_key_data_get(xk->key); - - /* get modulus */ - err=gcry_ac_data_get_name(dsKey, 0, "n", &mpi_n); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_data_get_name(): %s", - gcry_strerror(err)); + if (xk->modulus==NULL) { + DBG_ERROR(GWEN_LOGDOMAIN, "No modulus in key data"); return GWEN_ERROR_BAD_DATA; } - /* get public exponent */ - err=gcry_ac_data_get_name(dsKey, 0, "e", &mpi_e); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_data_get_name(): %s", - gcry_strerror(err)); + if (xk->pubExponent==NULL) { + DBG_ERROR(GWEN_LOGDOMAIN, "No public exponent in key data"); return GWEN_ERROR_BAD_DATA; } + /* convert input to MPI */ mpi_in=gcry_mpi_new(GWEN_Crypt_Key_GetKeySize(k)); err=gcry_mpi_scan(&mpi_in, GCRYMPI_FMT_USG, pInData, inLen, &nscanned); @@ -201,7 +382,7 @@ /* create signature */ mpi_sigout=gcry_mpi_new(GWEN_Crypt_Key_GetKeySize(k)); - gcry_mpi_powm(mpi_sigout, mpi_sigin1, mpi_e, mpi_n); + gcry_mpi_powm(mpi_sigout, mpi_sigin1, xk->pubExponent, xk->modulus); /* compare */ if (gcry_mpi_cmp(mpi_sigout, mpi_in)) { gcry_mpi_t mpi_sigin2; @@ -209,8 +390,8 @@ mpi_sigin2=gcry_mpi_new(GWEN_Crypt_Key_GetKeySize(k)); DBG_DEBUG(GWEN_LOGDOMAIN, "Trying 2nd variant"); - gcry_mpi_sub(mpi_sigin2, mpi_n, mpi_sigin1); - gcry_mpi_powm(mpi_sigout, mpi_sigin2, mpi_e, mpi_n); + gcry_mpi_sub(mpi_sigin2, xk->modulus, mpi_sigin1); + gcry_mpi_powm(mpi_sigout, mpi_sigin2, xk->pubExponent, xk->modulus); if (gcry_mpi_cmp(mpi_sigout, mpi_in)) { DBG_ERROR(GWEN_LOGDOMAIN, "Bad signature"); gcry_mpi_release(mpi_sigin2); @@ -239,9 +420,6 @@ GWEN_CRYPT_KEY_RSA *xk; gcry_error_t err; size_t nscanned; - gcry_ac_data_t dsKey; - gcry_mpi_t mpi_e; - gcry_mpi_t mpi_n; gcry_mpi_t mpi_in; gcry_mpi_t mpi_out; size_t nwritten; @@ -250,24 +428,17 @@ xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k); assert(xk); - dsKey=gcry_ac_key_data_get(xk->key); - - /* get modulus */ - err=gcry_ac_data_get_name(dsKey, 0, "n", &mpi_n); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_data_get_name(): %s", - gcry_strerror(err)); + if (xk->modulus==NULL) { + DBG_ERROR(GWEN_LOGDOMAIN, "No modulus in key data"); return GWEN_ERROR_BAD_DATA; } - /* get private exponent */ - err=gcry_ac_data_get_name(dsKey, 0, "e", &mpi_e); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_data_get_name(): %s", - gcry_strerror(err)); + if (xk->pubExponent==NULL) { + DBG_ERROR(GWEN_LOGDOMAIN, "No public exponent in key data"); return GWEN_ERROR_BAD_DATA; } + /* convert input to MPI */ mpi_in=gcry_mpi_new(GWEN_Crypt_Key_GetKeySize(k)); err=gcry_mpi_scan(&mpi_in, GCRYMPI_FMT_USG, pInData, inLen, &nscanned); @@ -279,7 +450,7 @@ /* encrypt */ mpi_out=gcry_mpi_new(GWEN_Crypt_Key_GetKeySize(k)); - gcry_mpi_powm(mpi_out, mpi_in, mpi_e, mpi_n); + gcry_mpi_powm(mpi_out, mpi_in, xk->pubExponent, xk->modulus); /* release unneeded objects */ gcry_mpi_release(mpi_in); @@ -308,9 +479,6 @@ GWEN_CRYPT_KEY_RSA *xk; gcry_error_t err; size_t nscanned; - gcry_ac_data_t dsKey; - gcry_mpi_t mpi_d; - gcry_mpi_t mpi_n; gcry_mpi_t mpi_in; gcry_mpi_t mpi_out; size_t nwritten; @@ -319,24 +487,17 @@ xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k); assert(xk); - dsKey=gcry_ac_key_data_get(xk->key); - - /* get modulus */ - err=gcry_ac_data_get_name(dsKey, 0, "n", &mpi_n); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_data_get_name(): %s", - gcry_strerror(err)); + if (xk->modulus==NULL) { + DBG_ERROR(GWEN_LOGDOMAIN, "No modulus in key data"); return GWEN_ERROR_BAD_DATA; } - /* get private exponent */ - err=gcry_ac_data_get_name(dsKey, 0, "d", &mpi_d); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_data_get_name(): %s", - gcry_strerror(err)); + if (xk->privExponent==NULL) { + DBG_ERROR(GWEN_LOGDOMAIN, "No secret exponent in key data"); return GWEN_ERROR_BAD_DATA; } + /* convert input to MPI */ mpi_in=gcry_mpi_new(GWEN_Crypt_Key_GetKeySize(k)); err=gcry_mpi_scan(&mpi_in, GCRYMPI_FMT_USG, pInData, inLen, &nscanned); @@ -348,7 +509,7 @@ /* decrypt */ mpi_out=gcry_mpi_new(GWEN_Crypt_Key_GetKeySize(k)); - gcry_mpi_powm(mpi_out, mpi_in, mpi_d, mpi_n); + gcry_mpi_powm(mpi_out, mpi_in, xk->privExponent, xk->modulus); /* release unneeded objects */ gcry_mpi_release(mpi_in); @@ -369,15 +530,12 @@ -int GWEN_Crypt_KeyRsa__ReadMpi(GWEN_DB_NODE *db, - const char *dbName, - gcry_ac_data_t ds, - const char *dsName) { +int GWEN_Crypt_KeyRsa__ReadMpi(GWEN_DB_NODE *db, const char *dbName, gcry_mpi_t *pMpi) { gcry_error_t err; const void *p; unsigned int len; gcry_mpi_t mpi=NULL; - size_t nscanned; + size_t nscanned=0; /* read n */ p=GWEN_DB_GetBinValue(db, dbName, 0, NULL, 0, &len); @@ -394,20 +552,12 @@ return GWEN_ERROR_GENERIC; } if (nscanned<1) { - DBG_INFO(GWEN_LOGDOMAIN, "Empty %s (%d)", dbName, (int)nscanned); -#if 0 - if (mpi) - gcry_mpi_release(mpi); - return GWEN_ERROR_BAD_DATA; -#endif - } - err=gcry_ac_data_set(ds, GCRY_AC_FLAG_COPY, (char*)dsName, mpi); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_data_set(): %s", gcry_strerror(err)); - gcry_mpi_release(mpi); - return GWEN_ERROR_GENERIC; + if (mpi==NULL) { + DBG_INFO(GWEN_LOGDOMAIN, "Empty %s (%d)", dbName, (int)nscanned); + return GWEN_ERROR_BAD_DATA; + } } - gcry_mpi_release(mpi); + *pMpi=mpi; return 0; } @@ -415,30 +565,15 @@ -int GWEN_Crypt_KeyRsa__WriteMpi(GWEN_DB_NODE *db, - const char *dbName, - gcry_ac_data_t ds, - const char *dsName) { - gcry_mpi_t mpi; +int GWEN_Crypt_KeyRsa__WriteMpi(GWEN_DB_NODE *db, const char *dbName, const gcry_mpi_t mpi) { gcry_error_t err; unsigned char *buf; size_t nbytes; - /* read n (don't copy) */ - err=gcry_ac_data_get_name(ds, 0, dsName, &mpi); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_data_get_name(%s): %s", - dsName, gcry_strerror(err)); - if (err==GPG_ERR_INV_ARG) - return GWEN_ERROR_NO_DATA; - else - return GWEN_ERROR_GENERIC; - } - /* write mpi as bin into a buffer which will be allocates by this function */ err=gcry_mpi_aprint(GCRYMPI_FMT_USG, &buf, &nbytes, mpi); if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_mpi_aprint(%s): %s", dsName, gcry_strerror(err)); + DBG_INFO(GWEN_LOGDOMAIN, "gcry_mpi_aprint(%s): %s", dbName, gcry_strerror(err)); return GWEN_ERROR_GENERIC; } GWEN_DB_SetBinValue(db, GWEN_DB_FLAGS_OVERWRITE_VARS, @@ -451,61 +586,18 @@ -int GWEN_Crypt_KeyRsa__DataFromDb(GWEN_DB_NODE *db, gcry_ac_data_t *pData, - int pub, GWEN_UNUSED unsigned int nbits) { - gcry_ac_data_t ds; +int GWEN_Crypt_KeyRsa__MpiToBuffer(const gcry_mpi_t mpi, unsigned char *buf, size_t nbytes) { gcry_error_t err; - int rv; + size_t nwritten=0; - /* allocate key data */ - err=gcry_ac_data_new(&ds); + /* write mpi as bin into the given buffer */ + err=gcry_mpi_print(GCRYMPI_FMT_USG, buf, nbytes, &nwritten, mpi); if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_data_new(): %d", err); + DBG_INFO(GWEN_LOGDOMAIN, "gcry_mpi_print(): %s", gcry_strerror(err)); return GWEN_ERROR_GENERIC; } - /* read n */ - rv=GWEN_Crypt_KeyRsa__ReadMpi(db, "n", ds, "n"); - if (rv) { - gcry_ac_data_destroy(ds); - return rv; - } - - /* read e */ - rv=GWEN_Crypt_KeyRsa__ReadMpi(db, "e", ds, "e"); - if (rv) { - gcry_ac_data_destroy(ds); - return rv; - } - - if (!pub) { - /* read d */ - rv=GWEN_Crypt_KeyRsa__ReadMpi(db, "d", ds, "d"); - if (rv) { - gcry_ac_data_destroy(ds); - return rv; - } - - /* read p */ - if (GWEN_DB_VariableExists(db, "p") && - GWEN_DB_VariableExists(db, "q")) { - rv=GWEN_Crypt_KeyRsa__ReadMpi(db, "p", ds, "p"); - if (rv) { - gcry_ac_data_destroy(ds); - return rv; - } - - /* read q */ - rv=GWEN_Crypt_KeyRsa__ReadMpi(db, "q", ds, "q"); - if (rv) { - gcry_ac_data_destroy(ds); - return rv; - } - } - } - - *pData=ds; - return 0; + return nwritten; } @@ -515,23 +607,23 @@ GWEN_CRYPT_KEY_RSA *xk; xk=(GWEN_CRYPT_KEY_RSA*) p; - if (xk->keyValid) - gcry_ac_key_destroy(xk->key); - if (xk->algoValid) - gcry_ac_close(xk->algoHandle); + if (xk->modulus) + gcry_mpi_release(xk->modulus); + if (xk->pubExponent) + gcry_mpi_release(xk->pubExponent); + if (xk->privExponent) + gcry_mpi_release(xk->privExponent); + GWEN_FREE_OBJECT(xk); } GWEN_CRYPT_KEY *GWEN_Crypt_KeyRsa_fromDb(GWEN_DB_NODE *db) { - gcry_error_t err; - gcry_ac_data_t data; int rv; int isPublic; GWEN_CRYPT_KEY *k; GWEN_CRYPT_KEY_RSA *xk; - unsigned int nbits; GWEN_DB_NODE *dbR; dbR=GWEN_DB_GetGroup(db, GWEN_PATH_FLAGS_NAMEMUSTEXIST, "rsa"); @@ -549,7 +641,6 @@ GWEN_Crypt_Key_free(k); return NULL; } - nbits=GWEN_Crypt_Key_GetKeySize(k)*8; /* extend key */ GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_RSA, xk); @@ -565,40 +656,31 @@ xk->flags=GWEN_DB_GetIntValue(dbR, "flags", 0, 0); - /* prepare data */ - rv=GWEN_Crypt_KeyRsa__DataFromDb(dbR, &data, isPublic, nbits); - if (rv) { + /* read data */ + rv=GWEN_Crypt_KeyRsa__ReadMpi(dbR, "n", &(xk->modulus)); + if (rv<0) { DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); GWEN_Crypt_Key_free(k); return NULL; } - err=gcry_ac_open(&xk->algoHandle, GCRY_AC_RSA, 0); /* TODO: lookup flags to use */ - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_open(): %d", err); - gcry_ac_data_destroy(data); + rv=GWEN_Crypt_KeyRsa__ReadMpi(dbR, "e", &(xk->pubExponent)); + if (rv<0) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); GWEN_Crypt_Key_free(k); return NULL; } - xk->algoValid=1; - err=gcry_ac_key_init(&xk->key, xk->algoHandle, - isPublic?GCRY_AC_KEY_PUBLIC:GCRY_AC_KEY_SECRET, - data); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_key_init(): %d", err); - gcry_ac_data_destroy(data); - GWEN_Crypt_Key_free(k); - return NULL; + if (!isPublic) { + rv=GWEN_Crypt_KeyRsa__ReadMpi(dbR, "d", &(xk->privExponent)); + if (rv<0) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); + GWEN_Crypt_Key_free(k); + return NULL; + } } - xk->keyValid=1; -#if 0 - DBG_ERROR(0, "fromDb:"); - dumpKeyData(data); -#endif - gcry_ac_data_destroy(data); return k; } @@ -608,25 +690,16 @@ GWEN_CRYPT_KEY_RSA *xk; GWEN_DB_NODE *dbR; int rv; - gcry_ac_data_t ds; assert(k); xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k); assert(xk); - if (xk->algoValid==0 || xk->keyValid==0) { - /* should not happen */ - DBG_ERROR(GWEN_LOGDOMAIN, "Key is not open"); - return GWEN_ERROR_NOT_OPEN; - } - if (xk->pub && !pub) { DBG_ERROR(GWEN_LOGDOMAIN, "Can't write public key as secret key"); return GWEN_ERROR_INVALID; } - ds=gcry_ac_key_data_get(xk->key); - #if 0 DBG_ERROR(0, "toDb (%s):", pub?"public":"private"); dumpKeyData(ds); @@ -647,43 +720,27 @@ "flags", xk->flags); /* store n */ - rv=GWEN_Crypt_KeyRsa__WriteMpi(dbR, "n", ds, "n"); + rv=GWEN_Crypt_KeyRsa__WriteMpi(dbR, "n", xk->modulus); if (rv) { DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); return rv; } /* store e */ - rv=GWEN_Crypt_KeyRsa__WriteMpi(dbR, "e", ds, "e"); + rv=GWEN_Crypt_KeyRsa__WriteMpi(dbR, "e", xk->pubExponent); if (rv) { DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); return rv; } - if (!pub) { - gcry_mpi_t mpi; + + if (!pub) { /* store d */ - rv=GWEN_Crypt_KeyRsa__WriteMpi(dbR, "d", ds, "d"); + rv=GWEN_Crypt_KeyRsa__WriteMpi(dbR, "d", xk->privExponent); if (rv) { DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); return rv; } - - if (gcry_ac_data_get_name(ds, 0, "p", &mpi)==0 && - gcry_ac_data_get_name(ds, 0, "q", &mpi)==0) { - /* store p */ - rv=GWEN_Crypt_KeyRsa__WriteMpi(dbR, "p", ds, "p"); - if (rv) { - DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); - return rv; - } - /* store q */ - rv=GWEN_Crypt_KeyRsa__WriteMpi(dbR, "q", ds, "q"); - if (rv) { - DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); - return rv; - } - } } return 0; @@ -692,330 +749,72 @@ -int GWEN_Crypt_KeyRsa__sKeyElementToData(gcry_ac_data_t data, gcry_sexp_t sx, const char *name) { - int rc; - gcry_sexp_t list; - gcry_mpi_t mpi=NULL; +int GWEN_Crypt_KeyRsa_GetModulus(const GWEN_CRYPT_KEY *k, uint8_t *buffer, uint32_t *pBufLen) { + GWEN_CRYPT_KEY_RSA *xk; + int rv; - list=gcry_sexp_find_token(sx, name, 0); - if (!list || !(mpi=gcry_sexp_nth_mpi(list, 1, 0)) ) { - DBG_ERROR(GWEN_LOGDOMAIN, "Entry \"%s\" not found", name); - return GWEN_ERROR_GENERIC; - } + assert(k); + xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k); + assert(xk); - rc=gcry_ac_data_set(data, GCRY_AC_FLAG_COPY, (char*)name, mpi); - if (rc) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_data_set(): %s", gcry_strerror(rc)); - gcry_mpi_release(mpi); + rv=GWEN_Crypt_KeyRsa__MpiToBuffer(xk->modulus, buffer, *pBufLen); + if (rv<1) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); + if (rv<0) + return rv; return GWEN_ERROR_GENERIC; } - gcry_mpi_release(mpi); - gcry_sexp_release(list); - - return 0; -} - - - -int GWEN_Crypt_KeyRsa__sKeyToDataPubKey(gcry_ac_data_t data, gcry_sexp_t sx) { - int rv; - rv=GWEN_Crypt_KeyRsa__sKeyElementToData(data, sx, "n"); - if (rv) - return rv; - rv=GWEN_Crypt_KeyRsa__sKeyElementToData(data, sx, "e"); - if (rv) - return rv; + *pBufLen=rv; return 0; } -int GWEN_Crypt_KeyRsa__sKeyToDataPrivKey(gcry_ac_data_t data, gcry_sexp_t sx) { +int GWEN_Crypt_KeyRsa_GetExponent(const GWEN_CRYPT_KEY *k, uint8_t *buffer, uint32_t *pBufLen) { + GWEN_CRYPT_KEY_RSA *xk; int rv; - rv=GWEN_Crypt_KeyRsa__sKeyElementToData(data, sx, "n"); - if (rv) - return rv; - rv=GWEN_Crypt_KeyRsa__sKeyElementToData(data, sx, "e"); - if (rv) - return rv; - rv=GWEN_Crypt_KeyRsa__sKeyElementToData(data, sx, "d"); - if (rv) - return rv; - rv=GWEN_Crypt_KeyRsa__sKeyElementToData(data, sx, "p"); - if (rv) - return rv; - rv=GWEN_Crypt_KeyRsa__sKeyElementToData(data, sx, "q"); - if (rv) - return rv; - return 0; -} - - - -int GWEN_Crypt_KeyRsa_GeneratePair2(unsigned int nbits, int use65537e, - GWEN_CRYPT_KEY **pPubKey, - GWEN_CRYPT_KEY **pSecretKey) { - gcry_sexp_t keyparm, key; - int rc; - char buffer[256]; - char numbuf[32]; - gcry_sexp_t skey, pkey; - int nbytes; - - nbytes=nbits/8; - if (nbits%8) - nbytes++; - snprintf(numbuf, sizeof(numbuf)-1, "%d", nbits); - if (use65537e) { - snprintf(buffer, sizeof(buffer)-1, - "(genkey\n" - " (rsa\n" - " (nbits %zd:%d)\n" - " (rsa-use-e 5:65537)\n" - " ))", - strlen(numbuf), - nbits); - } - else - snprintf(buffer, sizeof(buffer)-1, - "(genkey\n" - " (rsa\n" - " (nbits %zd:%d)\n" - " (rsa-use-e 1:0)\n" - " ))", - strlen(numbuf), - nbits); - buffer[sizeof(buffer)-1]=0; - - /*DBG_ERROR(0, "Genkey string: [%s]", buffer);*/ - - rc=gcry_sexp_new(&keyparm, buffer, 0, 1); - if (rc) { - DBG_ERROR(GWEN_LOGDOMAIN, - "Error creating S-expression: %s", gpg_strerror (rc)); - return GWEN_ERROR_GENERIC; - } - - rc=gcry_pk_genkey(&key, keyparm); - gcry_sexp_release(keyparm); - if (rc) { - DBG_ERROR(GWEN_LOGDOMAIN, "Error generating RSA key: %s", gpg_strerror (rc)); - return GWEN_ERROR_GENERIC; - } - - pkey=gcry_sexp_find_token(key, "public-key", 0); - if (!pkey) { - DBG_ERROR(GWEN_LOGDOMAIN, "Public part missing in return value"); - gcry_sexp_release(key); - return GWEN_ERROR_GENERIC; - } - else { - gcry_ac_data_t data; - GWEN_CRYPT_KEY *k; - GWEN_CRYPT_KEY_RSA *xk; - - /* allocate key data */ - rc=gcry_ac_data_new(&data); - if (rc) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_data_new(): %s", gcry_strerror(rc)); - gcry_sexp_release(key); - return GWEN_ERROR_GENERIC; - } - - rc=GWEN_Crypt_KeyRsa__sKeyToDataPubKey(data, pkey); - if (rc) { - DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rc); - gcry_ac_data_destroy(data); - gcry_sexp_release(key); - return rc; - } - gcry_sexp_release(pkey); - - /* create public key */ - k=GWEN_Crypt_Key_new(GWEN_Crypt_CryptAlgoId_Rsa, nbytes); - assert(k); - GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_RSA, xk); - GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k, xk, - GWEN_Crypt_KeyRsa_freeData); - GWEN_Crypt_Key_SetSignFn(k, GWEN_Crypt_KeyRsa_Sign); - GWEN_Crypt_Key_SetVerifyFn(k, GWEN_Crypt_KeyRsa_Verify); - GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeyRsa_Encipher); - GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeyRsa_Decipher); - - /* open algo for key */ - rc=gcry_ac_open(&xk->algoHandle, GCRY_AC_RSA, 0); - if (rc) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_open(): %s", gcry_strerror(rc)); - GWEN_Crypt_Key_free(k); - gcry_ac_data_destroy(data); - gcry_sexp_release(key); - return GWEN_ERROR_GENERIC; - } - xk->algoValid=1; - /* copy key */ - rc=gcry_ac_key_init(&xk->key, xk->algoHandle, GCRY_AC_KEY_PUBLIC, data); - xk->pub=1; - if (rc) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_key_init(): %s", gcry_strerror(rc)); - GWEN_Crypt_Key_free(k); - gcry_ac_data_destroy(data); - gcry_sexp_release(key); - return GWEN_ERROR_GENERIC; - } - xk->keyValid=1; - *pPubKey=k; - gcry_ac_data_destroy(data); - } + assert(k); + xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k); + assert(xk); - skey=gcry_sexp_find_token(key, "private-key", 0); - if (!skey) { - DBG_ERROR(GWEN_LOGDOMAIN, "Private part missing in return value"); + rv=GWEN_Crypt_KeyRsa__MpiToBuffer(xk->pubExponent, buffer, *pBufLen); + if (rv<1) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); + if (rv<0) + return rv; return GWEN_ERROR_GENERIC; } - else { - gcry_ac_data_t data; - GWEN_CRYPT_KEY *k; - GWEN_CRYPT_KEY_RSA *xk; - - /* allocate key data */ - rc=gcry_ac_data_new(&data); - if (rc) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_data_new(): %s", gcry_strerror(rc)); - gcry_sexp_release(key); - return GWEN_ERROR_GENERIC; - } - rc=GWEN_Crypt_KeyRsa__sKeyToDataPrivKey(data, skey); - if (rc) { - DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rc); - gcry_ac_data_destroy(data); - gcry_sexp_release(key); - return rc; - } - gcry_sexp_release(skey); - - /* create public key */ - k=GWEN_Crypt_Key_new(GWEN_Crypt_CryptAlgoId_Rsa, nbytes); - assert(k); - GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_RSA, xk); - GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k, xk, - GWEN_Crypt_KeyRsa_freeData); - GWEN_Crypt_Key_SetSignFn(k, GWEN_Crypt_KeyRsa_Sign); - GWEN_Crypt_Key_SetVerifyFn(k, GWEN_Crypt_KeyRsa_Verify); - GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeyRsa_Encipher); - GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeyRsa_Decipher); - - /* open algo for key */ - rc=gcry_ac_open(&xk->algoHandle, GCRY_AC_RSA, 0); - if (rc) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_open(): %s", gcry_strerror(rc)); - GWEN_Crypt_Key_free(k); - gcry_ac_data_destroy(data); - gcry_sexp_release(key); - return GWEN_ERROR_GENERIC; - } - xk->algoValid=1; - /* copy key */ - rc=gcry_ac_key_init(&xk->key, xk->algoHandle, GCRY_AC_KEY_SECRET, data); - xk->pub=0; - if (rc) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_open(): %s", gcry_strerror(rc)); - GWEN_Crypt_Key_free(k); - gcry_ac_data_destroy(data); - gcry_sexp_release(key); - return GWEN_ERROR_GENERIC; - } - xk->keyValid=1; - *pSecretKey=k; - gcry_ac_data_destroy(data); - } - - gcry_sexp_release(key); + *pBufLen=rv; return 0; } -int GWEN_Crypt_KeyRsa_GeneratePair(unsigned int nbytes, int use65537e, - GWEN_CRYPT_KEY **pPubKey, - GWEN_CRYPT_KEY **pSecretKey) { - return GWEN_Crypt_KeyRsa_GeneratePair2(nbytes*8, use65537e, pPubKey, pSecretKey); -} - - -int GWEN_Crypt_KeyRsa__GetNamedElement(const GWEN_CRYPT_KEY *k, - const char *name, - uint8_t *buffer, - uint32_t *pBufLen) { - gcry_ac_data_t ds; +int GWEN_Crypt_KeyRsa_GetSecretExponent(const GWEN_CRYPT_KEY *k, uint8_t *buffer, uint32_t *pBufLen) { GWEN_CRYPT_KEY_RSA *xk; - gcry_mpi_t mpi; - gcry_error_t err; - unsigned char *buf; - size_t nbytes; + int rv; assert(k); xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_RSA, k); assert(xk); - if (xk->algoValid==0 || xk->keyValid==0) { - DBG_INFO(GWEN_LOGDOMAIN, "Invalid key data"); - return GWEN_ERROR_GENERIC; - } - - ds=gcry_ac_key_data_get(xk->key); - - /* read n (don't copy) */ - err=gcry_ac_data_get_name(ds, 0, name, &mpi); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_ac_data_get_name(): %d", err); - if (err==GPG_ERR_INV_ARG) - return GWEN_ERROR_NO_DATA; - else - return GWEN_ERROR_GENERIC; - } - - /* write mpi as bin into a buffer which will be allocated by this function */ - err=gcry_mpi_aprint(GCRYMPI_FMT_USG, &buf, &nbytes, mpi); - if (err) { - DBG_INFO(GWEN_LOGDOMAIN, "gcry_mpi_aprint(): %d", err); + rv=GWEN_Crypt_KeyRsa__MpiToBuffer(xk->privExponent, buffer, *pBufLen); + if (rv<1) { + DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv); + if (rv<0) + return rv; return GWEN_ERROR_GENERIC; } - if (nbytes>*pBufLen) { - DBG_INFO(GWEN_LOGDOMAIN, "Buffer too small"); - gcry_free(buf); - return GWEN_ERROR_BUFFER_OVERFLOW; - } - - memmove(buffer, buf, nbytes); - *pBufLen=nbytes; - gcry_free(buf); + *pBufLen=rv; return 0; } -int GWEN_Crypt_KeyRsa_GetModulus(const GWEN_CRYPT_KEY *k, uint8_t *buffer, uint32_t *pBufLen) { - return GWEN_Crypt_KeyRsa__GetNamedElement(k, "n", buffer, pBufLen); -} - - - -int GWEN_Crypt_KeyRsa_GetExponent(const GWEN_CRYPT_KEY *k, uint8_t *buffer, uint32_t *pBufLen) { - return GWEN_Crypt_KeyRsa__GetNamedElement(k, "e", buffer, pBufLen); -} - - - -int GWEN_Crypt_KeyRsa_GetSecretExponent(const GWEN_CRYPT_KEY *k, uint8_t *buffer, uint32_t *pBufLen) { - return GWEN_Crypt_KeyRsa__GetNamedElement(k, "d", buffer, pBufLen); -} - - - GWEN_CRYPT_KEY *GWEN_Crypt_KeyRsa_fromModExp(unsigned int nbytes, const uint8_t *pModulus, uint32_t lModulus, diff -Nurd gwenhywfar-4.3.2.orig/src/crypt3/cryptkeyrsa.h gwenhywfar-4.3.2/src/crypt3/cryptkeyrsa.h --- gwenhywfar-4.3.2.orig/src/crypt3/cryptkeyrsa.h 2011-02-27 13:20:27.000000000 -0500 +++ gwenhywfar-4.3.2/src/crypt3/cryptkeyrsa.h 2022-04-26 18:57:16.000000000 -0400 @@ -1,9 +1,6 @@ /*************************************************************************** - $RCSfile$ - ------------------- - cvs : $Id: crypttoken.h 1113 2007-01-10 09:14:16Z martin $ - begin : Wed Mar 16 2005 - copyright : (C) 2005 by Martin Preuss + begin : Mon May 07 2012 + copyright : (C) 2012 by Martin Preuss email : martin@libchipcard.de *************************************************************************** @@ -15,6 +12,7 @@ #define GWEN_CRYPT_KEY_RSA_H #include "cryptkey.h" +#include /** @@ -40,9 +38,9 @@ * library choose the exponent by its own */ GWENHYWFAR_API int GWEN_Crypt_KeyRsa_GeneratePair(unsigned int nbytes, - int use65537e, - GWEN_CRYPT_KEY **pPubKey, - GWEN_CRYPT_KEY **pSecretKey); + int use65537e, + GWEN_CRYPT_KEY **pPubKey, + GWEN_CRYPT_KEY **pSecretKey); /** @@ -55,8 +53,8 @@ * library choose the exponent by its own */ GWENHYWFAR_API int GWEN_Crypt_KeyRsa_GeneratePair2(unsigned int nbits, int use65537e, - GWEN_CRYPT_KEY **pPubKey, - GWEN_CRYPT_KEY **pSecretKey); + GWEN_CRYPT_KEY **pPubKey, + GWEN_CRYPT_KEY **pSecretKey); GWENHYWFAR_API GWEN_CRYPT_KEY *GWEN_Crypt_KeyRsa_dup(const GWEN_CRYPT_KEY *k); @@ -68,26 +66,23 @@ GWENHYWFAR_API int GWEN_Crypt_KeyRsa_GetSecretExponent(const GWEN_CRYPT_KEY *k, uint8_t *buffer, uint32_t *pBufLen); GWENHYWFAR_API GWEN_CRYPT_KEY *GWEN_Crypt_KeyRsa_fromModExp(unsigned int nbytes, - const uint8_t *pModulus, - uint32_t lModulus, - const uint8_t *pExponent, - uint32_t lExponent); + const uint8_t *pModulus, + uint32_t lModulus, + const uint8_t *pExponent, + uint32_t lExponent); GWENHYWFAR_API GWEN_CRYPT_KEY *GWEN_Crypt_KeyRsa_fromModPrivExp(unsigned int nbytes, - const uint8_t *pModulus, - uint32_t lModulus, - const uint8_t *pExponent, - uint32_t lExponent, - const uint8_t *pPrivExponent, - uint32_t lPrivExponent); + const uint8_t *pModulus, + uint32_t lModulus, + const uint8_t *pExponent, + uint32_t lExponent, + const uint8_t *pPrivExponent, + uint32_t lPrivExponent); GWENHYWFAR_API uint32_t GWEN_Crypt_KeyRsa_GetFlags(const GWEN_CRYPT_KEY *k); -GWENHYWFAR_API void GWEN_Crypt_KeyRsa_SetFlags(GWEN_CRYPT_KEY *k, - uint32_t fl); -GWENHYWFAR_API void GWEN_Crypt_KeyRsa_AddFlags(GWEN_CRYPT_KEY *k, - uint32_t fl); -GWENHYWFAR_API void GWEN_Crypt_KeyRsa_SubFlags(GWEN_CRYPT_KEY *k, - uint32_t fl); +GWENHYWFAR_API void GWEN_Crypt_KeyRsa_SetFlags(GWEN_CRYPT_KEY *k, uint32_t fl); +GWENHYWFAR_API void GWEN_Crypt_KeyRsa_AddFlags(GWEN_CRYPT_KEY *k, uint32_t fl); +GWENHYWFAR_API void GWEN_Crypt_KeyRsa_SubFlags(GWEN_CRYPT_KEY *k, uint32_t fl); #ifdef __cplusplus } diff -Nurd gwenhywfar-4.3.2.orig/src/crypt3/cryptkeyrsa_p.h gwenhywfar-4.3.2/src/crypt3/cryptkeyrsa_p.h --- gwenhywfar-4.3.2.orig/src/crypt3/cryptkeyrsa_p.h 2008-07-31 13:56:06.000000000 -0400 +++ gwenhywfar-4.3.2/src/crypt3/cryptkeyrsa_p.h 2022-04-26 18:57:43.000000000 -0400 @@ -1,9 +1,6 @@ /*************************************************************************** - $RCSfile$ - ------------------- - cvs : $Id: crypttoken.h 1113 2007-01-10 09:14:16Z martin $ - begin : Wed Mar 16 2005 - copyright : (C) 2005 by Martin Preuss + begin : Mon May 07 2012 + copyright : (C) 2012 by Martin Preuss email : martin@libchipcard.de *************************************************************************** @@ -23,42 +20,45 @@ typedef struct GWEN_CRYPT_KEY_RSA GWEN_CRYPT_KEY_RSA; struct GWEN_CRYPT_KEY_RSA { int pub; - int algoValid; - gcry_ac_handle_t algoHandle; - int keyValid; - gcry_ac_key_t key; + gcry_mpi_t modulus; + gcry_mpi_t pubExponent; + gcry_mpi_t privExponent; + uint32_t flags; }; static GWENHYWFAR_CB void GWEN_Crypt_KeyRsa_freeData(void *bp, void *p); -static int GWEN_Crypt_KeyRsa__ReadMpi(GWEN_DB_NODE *db, - const char *dbName, - gcry_ac_data_t ds, - const char *dsName); -static int GWEN_Crypt_KeyRsa__WriteMpi(GWEN_DB_NODE *db, - const char *dbName, - gcry_ac_data_t ds, - const char *dsName); -static int GWEN_Crypt_KeyRsa__DataFromDb(GWEN_DB_NODE *db, gcry_ac_data_t *pData, - int pub, unsigned int nbits); -static int GWEN_Crypt_KeyRsa__GetNamedElement(const GWEN_CRYPT_KEY *k, - const char *name, - uint8_t *buffer, - uint32_t *pBufLen); +static int GWEN_Crypt_KeyRsa__getNamedElement(gcry_sexp_t pkey, const char *name, gcry_mpi_t *pMpi); +static int GWEN_Crypt_KeyRsa__ReadMpi(GWEN_DB_NODE *db, const char *dbName, gcry_mpi_t *pMpi); +static int GWEN_Crypt_KeyRsa__WriteMpi(GWEN_DB_NODE *db, const char *dbName, const gcry_mpi_t mpi); +static int GWEN_Crypt_KeyRsa__MpiToBuffer(const gcry_mpi_t mpi, unsigned char *buf, size_t nbytes); +static GWENHYWFAR_CB int GWEN_Crypt_KeyRsa_Sign(GWEN_CRYPT_KEY *k, + const uint8_t *pInData, + uint32_t inLen, + uint8_t *pSignatureData, + uint32_t *pSignatureLen); -static int GWEN_Crypt_KeyRsa__sKeyElementToData(gcry_ac_data_t data, - gcry_sexp_t sx, - const char *name); +static GWENHYWFAR_CB int GWEN_Crypt_KeyRsa_Verify(GWEN_CRYPT_KEY *k, + const uint8_t *pInData, + uint32_t inLen, + const uint8_t *pSignatureData, + uint32_t signatureLen); -static int GWEN_Crypt_KeyRsa__sKeyToDataPubKey(gcry_ac_data_t data, - gcry_sexp_t sx); +static GWENHYWFAR_CB int GWEN_Crypt_KeyRsa_Encipher(GWEN_CRYPT_KEY *k, + const uint8_t *pInData, + uint32_t inLen, + uint8_t *pOutData, + uint32_t *pOutLen); +static GWENHYWFAR_CB int GWEN_Crypt_KeyRsa_Decipher(GWEN_CRYPT_KEY *k, + const uint8_t *pInData, + uint32_t inLen, + uint8_t *pOutData, + uint32_t *pOutLen); -static int GWEN_Crypt_KeyRsa__sKeyToDataPrivKey(gcry_ac_data_t data, - gcry_sexp_t sx); #endif