( Working with keys

Info Catalog ( Working with handles ( Public Key cryptography (II) ( Using cryptographic functions
 8.4 Working with keys
  -- Data type: gcry_ac_key_type_t
      Defined constants:
           Specifies a secret key.
           Specifies a public key.
  -- Data type: gcry_ac_key_t
      This type represents a single `key', either a secret one or a
      public one.
  -- Data type: gcry_ac_key_pair_t
      This type represents a `key pair' containing a secret and a public
    Key data structures can be created in two different ways; a new key
 pair can be generated, resulting in ready-to-use key.  Alternatively a
 key can be initialized from a given data set.
  -- Function: gcry_error_t gcry_ac_key_init (gcry_ac_key_t *KEY,
           gcry_ac_handle_t HANDLE, gcry_ac_key_type_t TYPE,
           gcry_ac_data_t DATA)
      Creates a new key of type TYPE, consisting of the MPI values
      contained in the data set DATA and stores it in KEY.
  -- Function: gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t
           HANDLE, unsigned int NBITS, void *KEY_SPEC,
           gcry_ac_key_pair_t *KEY_PAIR, gcry_mpi_t **MISC_DATA)
      Generates a new key pair via the handle HANDLE of NBITS bits and
      stores it in KEY_PAIR.
      In case non-standard settings are wanted, a pointer to a structure
      of type `gcry_ac_key_spec_<algorithm>_t', matching the selected
      algorithm, can be given as KEY_SPEC.  MISC_DATA is not used yet.
      Such a structure does only exist for RSA.  A descriptions of the
      members of the supported structures follows.
          `gcry_mpi_t e'
                Generate the key pair using a special `e'.  The value of
                `e' has the following meanings:
               `= 0'
                     Let Libgcrypt device what exponent should be used.
               `= 1'
                     Request the use of a "secure" exponent; this is
                     required by some specification to be 65537.
               `> 2'
                     Try starting at this value until a working exponent
                     is found.  Note, that the current implementation
                     leaks some information about the private key
                     because the incrementation used is not randomized.
                     Thus, this function will be changed in the future
                     to return a random exponent of the given size.
      Example code:
             gcry_ac_key_pair_t key_pair;
             gcry_ac_key_spec_rsa  rsa_spec;
             rsa_spec.e = gcry_mpi_new (0);
             gcry_mpi_set_ui (rsa_spec.e, 1)
             err = gcry_ac_open  (&handle, GCRY_AC_RSA, 0);
             assert (! err);
             err = gcry_ac_key_pair_generate (handle, &key_pair, 1024, (void *) &rsa_spec);
             assert (! err);
  -- Function: gcry_ac_key_t gcry_ac_key_pair_extract
           (gcry_ac_key_pair_t KEY_PAIR, gcry_ac_key_type_t WHICH)
      Returns the key of type WHICH out of the key pair KEY_PAIR.
  -- Function: void gcry_ac_key_destroy (gcry_ac_key_t KEY)
      Destroys the key KEY.
  -- Function: void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t
      Destroys the key pair KEY_PAIR.
  -- Function: gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t KEY)
      Returns the data set contained in the key KEY.
  -- Function: gcry_error_t gcry_ac_key_test (gcry_ac_handle_t HANDLE,
           gcry_ac_key_t KEY)
      Verifies that the private key KEY is sane via HANDLE.
  -- Function: gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t
           HANDLE, gcry_ac_key_t KEY, unsigned int *NBITS)
      Stores the number of bits of the key KEY in NBITS via HANDLE.
  -- Function: gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t
           HANDLE, gcry_ac_key_t KEY, unsigned char *KEY_GRIP)
      Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
Info Catalog ( Working with handles ( Public Key cryptography (II) ( Using cryptographic functions
automatically generated byinfo2html