Move PEM conversion of DER data to x509write module

This commit is contained in:
Paul Bakker 2013-08-26 16:54:13 +02:00
parent 57be6e22cf
commit 135f1e9c70
3 changed files with 79 additions and 26 deletions

View file

@ -215,6 +215,20 @@ int x509write_key_der( rsa_context *rsa, unsigned char *buf, size_t size );
*/
int x509write_csr_der( x509_csr *ctx, unsigned char *buf, size_t size );
#if defined(POLARSSL_BASE64_C)
/**
* \brief Write a CSR (Certificate Signing Request) to a
* PEM string
*
* \param rsa CSR to write away
* \param buf buffer to write to
* \param size size of the buffer
*
* \return 0 successful, or a specific error code
*/
int x509write_csr_pem( x509_csr *ctx, unsigned char *buf, size_t size );
#endif /* POLARSSL_BASE64_C */
#ifdef __cplusplus
}
#endif

View file

@ -33,6 +33,10 @@
#include "polarssl/md.h"
#include "polarssl/oid.h"
#if defined(POLARSSL_BASE64_C)
#include "polarssl/base64.h"
#endif
#if defined(POLARSSL_MEMORY_C)
#include "polarssl/memory.h"
#else
@ -518,4 +522,57 @@ int x509write_csr_der( x509_csr *ctx, unsigned char *buf, size_t size )
return( len );
}
#define CSR_PEM_BEGIN "-----BEGIN CERTIFICATE REQUEST-----\n"
#define CSR_PEM_END "-----END CERTIFICATE REQUEST-----\n"
#if defined(POLARSSL_BASE64_C)
int x509write_csr_pem( x509_csr *ctx, unsigned char *buf, size_t size )
{
int ret;
unsigned char output_buf[4096];
unsigned char base_buf[4096];
unsigned char *c, *p = buf;
size_t len = 0, olen = 4096;
memset( output_buf, 0, 4096 );
if( ( ret = x509write_csr_der( ctx, output_buf, 4096 ) ) < 0 )
return( ret );
len = ret;
c = output_buf + 4095 - len;
if( ( ret = base64_encode( base_buf, &olen, c, len ) ) != 0 )
return( ret );
c = base_buf;
if( olen + strlen( CSR_PEM_BEGIN ) + strlen( CSR_PEM_END ) +
olen / 64 > size )
{
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
}
memcpy( p, CSR_PEM_BEGIN, strlen( CSR_PEM_BEGIN ) );
p += strlen( CSR_PEM_BEGIN );
while( olen )
{
len = ( olen > 64 ) ? 64 : olen;
memcpy( p, c, len );
olen -= len;
p += len;
c += len;
*p++ = '\n';
}
memcpy( p, CSR_PEM_END, strlen( CSR_PEM_END ) );
p += strlen( CSR_PEM_END );
*p = '\0';
return( 0 );
}
#endif /* POLARSSL_BASE64_C */
#endif

View file

@ -62,41 +62,23 @@ struct options
int write_certificate_request( x509_csr *req, char *output_file )
{
int ret;
FILE *f;
unsigned char output_buf[4096];
unsigned char base_buf[4096];
unsigned char *c;
int ret;
size_t len = 0, olen = 4096;
size_t len = 0;
memset(output_buf, 0, 4096);
ret = x509write_csr_der( req, output_buf, 4096 );
if( ret < 0 )
memset( output_buf, 0, 4096 );
if( ( ret = x509write_csr_pem( req, output_buf, 4096 ) ) < 0 )
return( ret );
len = ret;
c = output_buf + 4095 - len;
if( ( ret = base64_encode( base_buf, &olen, c, len ) ) != 0 )
return( ret );
c = base_buf;
len = strlen( (char *) output_buf );
if( ( f = fopen( output_file, "w" ) ) == NULL )
return( -1 );
fprintf(f, "-----BEGIN CERTIFICATE REQUEST-----\n");
while (olen)
{
int use_len = olen;
if (use_len > 64) use_len = 64;
fwrite( c, 1, use_len, f );
olen -= use_len;
c += use_len;
fprintf(f, "\n");
}
fprintf(f, "-----END CERTIFICATE REQUEST-----\n");
if( fwrite( output_buf, 1, len, f ) != len )
return( -1 );
fclose(f);
return( 0 );