Ticket #24 (assigned defect)

Opened 9 months ago

Last modified 1 week ago

gnutls doesn't seem to have a way to initialize an OpenPGP private key directly from MPI components

Reported by: Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Assigned to: anonymous (accepted)
Priority: trivial Milestone: gnutls-2.6
Component: libgnutls Version: 1.0
Keywords: None Cc: None

Description

GnuTLS has a nice function, gnutls_x509_privkey_import_rsa_raw(), which allows for the creation of new X.509 private keys, based on multi-precision integers that the user asserts are correct.

There should be an analogous function for the openpgp side of things, called something like gnutls_openpgp_privkey_import_rsa_raw()`. This function doesn't seem to currently exist, unfortunately.

I've tried (looked within) with GnuTLS 2.3.4. As far as i can tell, no such function has ever been available, so this is not a regression, and it shouldn't hold up a new stable release. If an equivalent function is actually present and i've missed it, I'd love to know how i should invoke it.

Thanks as always for a useful toolkit.

Attachments

Change History

04/12/08 01:26:55 changed by nmav@gnutls.org

  • owner changed from all to anonymous.
  • priority changed from major to minor.
  • type changed from defect to enhancement.
  • status changed from new to assigned.
  • milestone set to gnutls-2.6.

This is a nice feature I was also planning to include but due to time limitations I've never got into it, and most probably I'll not get anytime soon.

04/12/08 22:36:29 changed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>

Could you sketch an outline of what you imagine it looking like? (e.g. a chunk of a hypothetical .h file?)

I'd be interested in taking a crack at this if you want me to, but i wouldn't want to implement it in a way that would conflict with your plans.

04/18/08 20:10:33 changed by nmav@gnutls.org

The way it was done in x509.h was to add a _set_ function for every _get_ one. To implement the openpgp functionality, where possible, I followed the x509.h API. In your case creating the _set_ equivalent of every _get_ function would be enough to create a key.

04/18/08 21:50:26 changed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>

Thanks for the feedback, Nikos.

It looks like the underlying _get_ functions rely on cdk_pk_get_mpi, but there don't appear to be any analogous cdk_pk_set_mpi functions. Should i start there, and add those functions to opencdk? If so, should i be tracking opencdk in the gnutls git repo, or some other version of opencdk?

04/21/08 21:00:25 changed by nmav@gnutls.org

It could be that opencdk might not have all the required functions for setting information (I've never checked it). If you want to modify the opencdk code, use the included in gnutls.

12/27/08 09:26:28 changed by cheapest cialis tadalafil

  • cc set to None.
  • keywords set to None.
  • version set to 1.0.
  • type changed from enhancement to defect.
  • priority changed from minor to trivial.

<a href= http://www.justin.tv/buy_cheap_cialis/profile >cheapest cialis tadalafil</a>

Add/Change #24 (gnutls doesn't seem to have a way to initialize an OpenPGP private key directly from MPI components)




Change Properties
Action