mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 05:05:35 +00:00
Moved PK key writing from X509 module to PK module
This commit is contained in:
parent
1a7550ac67
commit
c7bb02be77
|
@ -405,21 +405,6 @@ int pk_parse_key( pk_context *ctx,
|
|||
const unsigned char *key, size_t keylen,
|
||||
const unsigned char *pwd, size_t pwdlen );
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load and parse a private key
|
||||
*
|
||||
* \param ctx key to be initialized
|
||||
* \param path filename to read the private key from
|
||||
* \param password password to decrypt the file (can be NULL)
|
||||
*
|
||||
* \return 0 if successful, or a specific PK or PEM error code
|
||||
*/
|
||||
int pk_parse_keyfile( pk_context *ctx,
|
||||
const char *path, const char *password );
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Parse a public key
|
||||
|
@ -434,6 +419,19 @@ int pk_parse_public_key( pk_context *ctx,
|
|||
const unsigned char *key, size_t keylen );
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load and parse a private key
|
||||
*
|
||||
* \param ctx key to be initialized
|
||||
* \param path filename to read the private key from
|
||||
* \param password password to decrypt the file (can be NULL)
|
||||
*
|
||||
* \return 0 if successful, or a specific PK or PEM error code
|
||||
*/
|
||||
int pk_parse_keyfile( pk_context *ctx,
|
||||
const char *path, const char *password );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load and parse a public key
|
||||
|
@ -446,6 +444,65 @@ int pk_parse_public_key( pk_context *ctx,
|
|||
int pk_parse_public_keyfile( pk_context *ctx, const char *path );
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
/**
|
||||
* \brief Write a private key to a PKCS#1 or SEC1 DER structure
|
||||
* Note: data is written at the end of the buffer! Use the
|
||||
* return value to determine where you should start
|
||||
* using the buffer
|
||||
*
|
||||
* \param key private to write away
|
||||
* \param buf buffer to write to
|
||||
* \param size size of the buffer
|
||||
*
|
||||
* \return length of data written if successful, or a specific
|
||||
* error code
|
||||
*/
|
||||
int pk_write_key_der( pk_context *pk, unsigned char *buf, size_t size );
|
||||
|
||||
/**
|
||||
* \brief Write a public key to a SubjectPublicKeyInfo DER structure
|
||||
* Note: data is written at the end of the buffer! Use the
|
||||
* return value to determine where you should start
|
||||
* using the buffer
|
||||
*
|
||||
* \param key public key to write away
|
||||
* \param buf buffer to write to
|
||||
* \param size size of the buffer
|
||||
*
|
||||
* \return length of data written if successful, or a specific
|
||||
* error code
|
||||
*/
|
||||
int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size );
|
||||
|
||||
#if defined(POLARSSL_BASE64_C)
|
||||
/**
|
||||
* \brief Write a public key to a PEM string
|
||||
*
|
||||
* \param key public key to write away
|
||||
* \param buf buffer to write to
|
||||
* \param size size of the buffer
|
||||
*
|
||||
* \return 0 successful, or a specific error code
|
||||
*/
|
||||
int pk_write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size );
|
||||
|
||||
/**
|
||||
* \brief Write a private key to a PKCS#1 or SEC1 PEM string
|
||||
*
|
||||
* \param key private to write away
|
||||
* \param buf buffer to write to
|
||||
* \param size size of the buffer
|
||||
*
|
||||
* \return 0 successful, or a specific error code
|
||||
*/
|
||||
int pk_write_key_pem( pk_context *key, unsigned char *buf, size_t size );
|
||||
#endif /* POLARSSL_BASE64_C */
|
||||
|
||||
/*
|
||||
* WARNING: Low-level functions. You probably do not want to use these unless
|
||||
* you are certain you do ;)
|
||||
*/
|
||||
|
||||
/**
|
||||
* \brief Parse a SubjectPublicKeyInfo DER structure
|
||||
*
|
||||
|
@ -458,6 +515,19 @@ int pk_parse_public_keyfile( pk_context *ctx, const char *path );
|
|||
int pk_parse_get_pubkey( unsigned char **p, const unsigned char *end,
|
||||
pk_context *pk );
|
||||
|
||||
/**
|
||||
* \brief Write a subjectPublicKey to ASN.1 data
|
||||
* Note: function works backwards in data buffer
|
||||
*
|
||||
* \param p reference to current position pointer
|
||||
* \param start start of the buffer (for bounds-checking)
|
||||
* \param key public key to write away
|
||||
*
|
||||
* \return the length written or a negative error code
|
||||
*/
|
||||
int pk_write_pubkey( unsigned char **p, unsigned char *start,
|
||||
const pk_context *key );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -389,36 +389,6 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
|
|||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Write a public key to a DER structure
|
||||
* Note: data is written at the end of the buffer! Use the
|
||||
* return value to determine where you should start
|
||||
* using the buffer
|
||||
*
|
||||
* \param key public key to write away
|
||||
* \param buf buffer to write to
|
||||
* \param size size of the buffer
|
||||
*
|
||||
* \return length of data written if successful, or a specific
|
||||
* error code
|
||||
*/
|
||||
int x509write_pubkey_der( pk_context *key, unsigned char *buf, size_t size );
|
||||
|
||||
/**
|
||||
* \brief Write a private key to a PKCS#1 or SEC1 DER structure
|
||||
* Note: data is written at the end of the buffer! Use the
|
||||
* return value to determine where you should start
|
||||
* using the buffer
|
||||
*
|
||||
* \param key private to write away
|
||||
* \param buf buffer to write to
|
||||
* \param size size of the buffer
|
||||
*
|
||||
* \return length of data written if successful, or a specific
|
||||
* error code
|
||||
*/
|
||||
int x509write_key_der( pk_context *pk, unsigned char *buf, size_t size );
|
||||
|
||||
/**
|
||||
* \brief Write a CSR (Certificate Signing Request) to a
|
||||
* DER structure
|
||||
|
@ -465,28 +435,6 @@ int x509write_crt_pem( x509write_cert *ctx, unsigned char *buf, size_t size,
|
|||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Write a public key to a PEM string
|
||||
*
|
||||
* \param key public key to write away
|
||||
* \param buf buffer to write to
|
||||
* \param size size of the buffer
|
||||
*
|
||||
* \return 0 successful, or a specific error code
|
||||
*/
|
||||
int x509write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size );
|
||||
|
||||
/**
|
||||
* \brief Write a private key to a PKCS#1 or SEC1 PEM string
|
||||
*
|
||||
* \param key private to write away
|
||||
* \param buf buffer to write to
|
||||
* \param size size of the buffer
|
||||
*
|
||||
* \return 0 successful, or a specific error code
|
||||
*/
|
||||
int x509write_key_pem( pk_context *key, unsigned char *buf, size_t size );
|
||||
|
||||
/**
|
||||
* \brief Write a CSR (Certificate Signing Request) to a
|
||||
* PEM string
|
||||
|
|
|
@ -42,6 +42,7 @@ set(src
|
|||
pk.c
|
||||
pk_wrap.c
|
||||
pkparse.c
|
||||
pkwrite.c
|
||||
rsa.c
|
||||
sha1.c
|
||||
sha256.c
|
||||
|
|
|
@ -50,6 +50,7 @@ OBJS= aes.o arc4.o asn1parse.o \
|
|||
padlock.o pbkdf2.o pem.o \
|
||||
pkcs5.o pkcs11.o pkcs12.o \
|
||||
pk.o pk_wrap.o pkparse.o \
|
||||
pkwrite.o \
|
||||
rsa.o sha1.o sha256.o \
|
||||
sha512.o ssl_cache.o ssl_cli.o \
|
||||
ssl_srv.o ssl_ciphersuites.o \
|
||||
|
|
389
library/pkwrite.c
Normal file
389
library/pkwrite.c
Normal file
|
@ -0,0 +1,389 @@
|
|||
/*
|
||||
* Public Key layer for writing key files and structures
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_PK_C)
|
||||
|
||||
#include "polarssl/pk.h"
|
||||
#include "polarssl/asn1write.h"
|
||||
#include "polarssl/oid.h"
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
#include "polarssl/rsa.h"
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
#include "polarssl/ecp.h"
|
||||
#endif
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
#include "polarssl/ecdsa.h"
|
||||
#endif
|
||||
#if defined(POLARSSL_BASE64_C)
|
||||
#include "polarssl/base64.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MEMORY_C)
|
||||
#include "polarssl/memory.h"
|
||||
#else
|
||||
#include <stdlib.h>
|
||||
#define polarssl_malloc malloc
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
/*
|
||||
* RSAPublicKey ::= SEQUENCE {
|
||||
* modulus INTEGER, -- n
|
||||
* publicExponent INTEGER -- e
|
||||
* }
|
||||
*/
|
||||
static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
|
||||
rsa_context *rsa )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->E ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->N ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
|
||||
return( len );
|
||||
}
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
/*
|
||||
* EC public key is an EC point
|
||||
*/
|
||||
static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start,
|
||||
ecp_keypair *ec )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
unsigned char buf[POLARSSL_ECP_MAX_PT_LEN];
|
||||
|
||||
if( ( ret = ecp_point_write_binary( &ec->grp, &ec->Q,
|
||||
POLARSSL_ECP_PF_UNCOMPRESSED,
|
||||
&len, buf, sizeof( buf ) ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( *p - start < (int) len )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
*p -= len;
|
||||
memcpy( *p, buf, len );
|
||||
|
||||
return( len );
|
||||
}
|
||||
|
||||
/*
|
||||
* ECParameters ::= CHOICE {
|
||||
* namedCurve OBJECT IDENTIFIER
|
||||
* }
|
||||
*/
|
||||
static int pk_write_ec_param( unsigned char **p, unsigned char *start,
|
||||
ecp_keypair *ec )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
const char *oid;
|
||||
size_t oid_len;
|
||||
|
||||
if( ( ret = oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
|
||||
|
||||
return( len );
|
||||
}
|
||||
#endif /* POLARSSL_ECP_C */
|
||||
|
||||
int pk_write_pubkey( unsigned char **p, unsigned char *start,
|
||||
const pk_context *key )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_RSA )
|
||||
ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, pk_rsa( *key ) ) );
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, pk_ec( *key ) ) );
|
||||
else
|
||||
#endif
|
||||
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
|
||||
|
||||
return( len );
|
||||
}
|
||||
|
||||
int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char *c;
|
||||
size_t len = 0, par_len = 0, oid_len;
|
||||
const char *oid;
|
||||
|
||||
c = buf + size;
|
||||
|
||||
ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, key ) );
|
||||
|
||||
if( c - buf < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
/*
|
||||
* SubjectPublicKeyInfo ::= SEQUENCE {
|
||||
* algorithm AlgorithmIdentifier,
|
||||
* subjectPublicKey BIT STRING }
|
||||
*/
|
||||
*--c = 0;
|
||||
len += 1;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
|
||||
|
||||
if( ( ret = oid_get_oid_by_pk_alg( pk_get_type( key ),
|
||||
&oid, &oid_len ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, pk_ec( *key ) ) );
|
||||
}
|
||||
#endif
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
|
||||
par_len ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
|
||||
return( len );
|
||||
}
|
||||
|
||||
int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char *c = buf + size;
|
||||
size_t len = 0;
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_RSA )
|
||||
{
|
||||
rsa_context *rsa = pk_rsa( *key );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DP ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->Q ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->P ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->D ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 0 ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
ecp_keypair *ec = pk_ec( *key );
|
||||
size_t pub_len = 0, par_len = 0;
|
||||
|
||||
/*
|
||||
* RFC 5915, or SEC1 Appendix C.4
|
||||
*
|
||||
* ECPrivateKey ::= SEQUENCE {
|
||||
* version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
|
||||
* privateKey OCTET STRING,
|
||||
* parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
|
||||
* publicKey [1] BIT STRING OPTIONAL
|
||||
* }
|
||||
*/
|
||||
|
||||
/* publicKey */
|
||||
ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) );
|
||||
|
||||
if( c - buf < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
*--c = 0;
|
||||
pub_len += 1;
|
||||
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
|
||||
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf,
|
||||
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) );
|
||||
len += pub_len;
|
||||
|
||||
/* parameters */
|
||||
ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) );
|
||||
|
||||
ASN1_CHK_ADD( par_len, asn1_write_len( &c, buf, par_len ) );
|
||||
ASN1_CHK_ADD( par_len, asn1_write_tag( &c, buf,
|
||||
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) );
|
||||
len += par_len;
|
||||
|
||||
/* privateKey: write as MPI then fix tag */
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &ec->d ) );
|
||||
*c = ASN1_OCTET_STRING;
|
||||
|
||||
/* version */
|
||||
ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 1 ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
|
||||
|
||||
return( len );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_BASE64_C)
|
||||
static int pk_write_pemify( const char *begin_str, const char *end_str,
|
||||
const unsigned char *der_data, size_t der_len,
|
||||
unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char base_buf[4096];
|
||||
unsigned char *c = base_buf, *p = buf;
|
||||
size_t len = 0, olen = sizeof(base_buf);
|
||||
|
||||
if( ( ret = base64_encode( base_buf, &olen, der_data, der_len ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( olen + strlen( begin_str ) + strlen( end_str ) +
|
||||
olen / 64 > size )
|
||||
{
|
||||
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
|
||||
}
|
||||
|
||||
memcpy( p, begin_str, strlen( begin_str ) );
|
||||
p += strlen( begin_str );
|
||||
|
||||
while( olen )
|
||||
{
|
||||
len = ( olen > 64 ) ? 64 : olen;
|
||||
memcpy( p, c, len );
|
||||
olen -= len;
|
||||
p += len;
|
||||
c += len;
|
||||
*p++ = '\n';
|
||||
}
|
||||
|
||||
memcpy( p, end_str, strlen( end_str ) );
|
||||
p += strlen( end_str );
|
||||
|
||||
*p = '\0';
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
|
||||
#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
|
||||
|
||||
#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n"
|
||||
#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n"
|
||||
#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n"
|
||||
#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n"
|
||||
|
||||
int pk_write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char output_buf[4096];
|
||||
|
||||
if( ( ret = pk_write_pubkey_der( key, output_buf,
|
||||
sizeof(output_buf) ) ) < 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( ( ret = pk_write_pemify( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
|
||||
output_buf + sizeof(output_buf) - ret,
|
||||
ret, buf, size ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
int pk_write_key_pem( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char output_buf[4096];
|
||||
char *begin, *end;
|
||||
|
||||
if( ( ret = pk_write_key_der( key, output_buf,
|
||||
sizeof(output_buf) ) ) < 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_RSA )
|
||||
{
|
||||
begin = PEM_BEGIN_PRIVATE_KEY_RSA;
|
||||
end = PEM_END_PRIVATE_KEY_RSA;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
begin = PEM_BEGIN_PRIVATE_KEY_EC;
|
||||
end = PEM_END_PRIVATE_KEY_EC;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
|
||||
|
||||
if( ( ret = pk_write_pemify( begin, end,
|
||||
output_buf + sizeof(output_buf) - ret,
|
||||
ret, buf, size ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_BASE64_C */
|
||||
|
||||
#endif /* POLARSSL_PK_C */
|
|
@ -117,99 +117,6 @@ exit:
|
|||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
/*
|
||||
* RSAPublicKey ::= SEQUENCE {
|
||||
* modulus INTEGER, -- n
|
||||
* publicExponent INTEGER -- e
|
||||
* }
|
||||
*/
|
||||
static int x509_write_rsa_pubkey( unsigned char **p, unsigned char *start,
|
||||
rsa_context *rsa )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->E ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->N ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
|
||||
return( len );
|
||||
}
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
/*
|
||||
* EC public key is an EC point
|
||||
*/
|
||||
static int x509_write_ec_pubkey( unsigned char **p, unsigned char *start,
|
||||
ecp_keypair *ec )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
unsigned char buf[POLARSSL_ECP_MAX_PT_LEN];
|
||||
|
||||
if( ( ret = ecp_point_write_binary( &ec->grp, &ec->Q,
|
||||
POLARSSL_ECP_PF_UNCOMPRESSED,
|
||||
&len, buf, sizeof( buf ) ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( *p - start < (int) len )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
*p -= len;
|
||||
memcpy( *p, buf, len );
|
||||
|
||||
return( len );
|
||||
}
|
||||
|
||||
/*
|
||||
* ECParameters ::= CHOICE {
|
||||
* namedCurve OBJECT IDENTIFIER
|
||||
* }
|
||||
*/
|
||||
static int x509_write_ec_param( unsigned char **p, unsigned char *start,
|
||||
ecp_keypair *ec )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
const char *oid;
|
||||
size_t oid_len;
|
||||
|
||||
if( ( ret = oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
|
||||
|
||||
return( len );
|
||||
}
|
||||
#endif /* POLARSSL_ECP_C */
|
||||
|
||||
static int x509_write_pubkey( unsigned char **p, unsigned char *start,
|
||||
const pk_context *key )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_RSA )
|
||||
ASN1_CHK_ADD( len, x509_write_rsa_pubkey( p, start, pk_rsa( *key ) ) );
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
ASN1_CHK_ADD( len, x509_write_ec_pubkey( p, start, pk_ec( *key ) ) );
|
||||
else
|
||||
#endif
|
||||
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
|
||||
|
||||
return( len );
|
||||
}
|
||||
|
||||
void x509write_csr_init( x509write_csr *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof(x509write_csr) );
|
||||
|
@ -426,7 +333,7 @@ int x509write_crt_set_subject_key_identifier( x509write_cert *ctx )
|
|||
size_t len = 0;
|
||||
|
||||
memset( buf, 0, sizeof(buf));
|
||||
ASN1_CHK_ADD( len, x509_write_pubkey( &c, buf, ctx->subject_key ) );
|
||||
ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, ctx->subject_key ) );
|
||||
|
||||
sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 );
|
||||
c = buf + sizeof(buf) - 20;
|
||||
|
@ -448,7 +355,7 @@ int x509write_crt_set_authority_key_identifier( x509write_cert *ctx )
|
|||
size_t len = 0;
|
||||
|
||||
memset( buf, 0, sizeof(buf));
|
||||
ASN1_CHK_ADD( len, x509_write_pubkey( &c, buf, ctx->issuer_key ) );
|
||||
ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, ctx->issuer_key ) );
|
||||
|
||||
sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 );
|
||||
c = buf + sizeof(buf) - 20;
|
||||
|
@ -506,137 +413,6 @@ int x509write_crt_set_ns_cert_type( x509write_cert *ctx,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
int x509write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char *c;
|
||||
size_t len = 0, par_len = 0, oid_len;
|
||||
const char *oid;
|
||||
|
||||
c = buf + size;
|
||||
|
||||
ASN1_CHK_ADD( len, x509_write_pubkey( &c, buf, key ) );
|
||||
|
||||
if( c - buf < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
/*
|
||||
* SubjectPublicKeyInfo ::= SEQUENCE {
|
||||
* algorithm AlgorithmIdentifier,
|
||||
* subjectPublicKey BIT STRING }
|
||||
*/
|
||||
*--c = 0;
|
||||
len += 1;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
|
||||
|
||||
if( ( ret = oid_get_oid_by_pk_alg( pk_get_type( key ),
|
||||
&oid, &oid_len ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
ASN1_CHK_ADD( par_len, x509_write_ec_param( &c, buf, pk_ec( *key ) ) );
|
||||
}
|
||||
#endif
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
|
||||
par_len ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
|
||||
return( len );
|
||||
}
|
||||
|
||||
int x509write_key_der( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char *c = buf + size;
|
||||
size_t len = 0;
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_RSA )
|
||||
{
|
||||
rsa_context *rsa = pk_rsa( *key );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DP ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->Q ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->P ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->D ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 0 ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
ecp_keypair *ec = pk_ec( *key );
|
||||
size_t pub_len = 0, par_len = 0;
|
||||
|
||||
/*
|
||||
* RFC 5915, or SEC1 Appendix C.4
|
||||
*
|
||||
* ECPrivateKey ::= SEQUENCE {
|
||||
* version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
|
||||
* privateKey OCTET STRING,
|
||||
* parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
|
||||
* publicKey [1] BIT STRING OPTIONAL
|
||||
* }
|
||||
*/
|
||||
|
||||
/* publicKey */
|
||||
ASN1_CHK_ADD( pub_len, x509_write_ec_pubkey( &c, buf, ec ) );
|
||||
|
||||
if( c - buf < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
*--c = 0;
|
||||
pub_len += 1;
|
||||
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
|
||||
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf,
|
||||
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) );
|
||||
len += pub_len;
|
||||
|
||||
/* parameters */
|
||||
ASN1_CHK_ADD( par_len, x509_write_ec_param( &c, buf, ec ) );
|
||||
|
||||
ASN1_CHK_ADD( par_len, asn1_write_len( &c, buf, par_len ) );
|
||||
ASN1_CHK_ADD( par_len, asn1_write_tag( &c, buf,
|
||||
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) );
|
||||
len += par_len;
|
||||
|
||||
/* privateKey: write as MPI then fix tag */
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &ec->d ) );
|
||||
*c = ASN1_OCTET_STRING;
|
||||
|
||||
/* version */
|
||||
ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 1 ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
}
|
||||
else
|
||||
#endif
|
||||
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
|
||||
|
||||
return( len );
|
||||
}
|
||||
|
||||
/*
|
||||
* RelativeDistinguishedName ::=
|
||||
* SET OF AttributeTypeAndValue
|
||||
|
@ -856,8 +632,8 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
|
|||
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) );
|
||||
|
||||
ASN1_CHK_ADD( pub_len, x509write_pubkey_der( ctx->key,
|
||||
tmp_buf, c - tmp_buf ) );
|
||||
ASN1_CHK_ADD( pub_len, pk_write_pubkey_der( ctx->key,
|
||||
tmp_buf, c - tmp_buf ) );
|
||||
c -= pub_len;
|
||||
len += pub_len;
|
||||
|
||||
|
@ -951,8 +727,8 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
|
|||
/*
|
||||
* SubjectPublicKeyInfo
|
||||
*/
|
||||
ASN1_CHK_ADD( pub_len, x509write_pubkey_der( ctx->subject_key,
|
||||
tmp_buf, c - tmp_buf ) );
|
||||
ASN1_CHK_ADD( pub_len, pk_write_pubkey_der( ctx->subject_key,
|
||||
tmp_buf, c - tmp_buf ) );
|
||||
c -= pub_len;
|
||||
len += pub_len;
|
||||
|
||||
|
@ -1040,14 +816,6 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
|
|||
#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"
|
||||
#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"
|
||||
|
||||
#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
|
||||
#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
|
||||
|
||||
#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n"
|
||||
#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n"
|
||||
#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n"
|
||||
#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n"
|
||||
|
||||
#if defined(POLARSSL_BASE64_C)
|
||||
static int x509write_pemify( const char *begin_str, const char *end_str,
|
||||
const unsigned char *der_data, size_t der_len,
|
||||
|
@ -1111,67 +879,6 @@ int x509write_crt_pem( x509write_cert *crt, unsigned char *buf, size_t size,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
int x509write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char output_buf[4096];
|
||||
|
||||
if( ( ret = x509write_pubkey_der( key, output_buf,
|
||||
sizeof(output_buf) ) ) < 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( ( ret = x509write_pemify( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
|
||||
output_buf + sizeof(output_buf) - ret,
|
||||
ret, buf, size ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
int x509write_key_pem( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char output_buf[4096];
|
||||
char *begin, *end;
|
||||
|
||||
if( ( ret = x509write_key_der( key, output_buf,
|
||||
sizeof(output_buf) ) ) < 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_RSA )
|
||||
{
|
||||
begin = PEM_BEGIN_PRIVATE_KEY_RSA;
|
||||
end = PEM_END_PRIVATE_KEY_RSA;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
begin = PEM_BEGIN_PRIVATE_KEY_EC;
|
||||
end = PEM_END_PRIVATE_KEY_EC;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
|
||||
|
||||
if( ( ret = x509write_pemify( begin, end,
|
||||
output_buf + sizeof(output_buf) - ret,
|
||||
ret, buf, size ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
|
|
|
@ -89,14 +89,14 @@ static int write_public_key( pk_context *key, const char *output_file )
|
|||
|
||||
if( opt.output_format == OUTPUT_FORMAT_PEM )
|
||||
{
|
||||
if( ( ret = x509write_pubkey_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
if( ( ret = pk_write_pubkey_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
len = strlen( (char *) output_buf );
|
||||
}
|
||||
else
|
||||
{
|
||||
if( ( ret = x509write_pubkey_der( key, output_buf, 16000 ) ) < 0 )
|
||||
if( ( ret = pk_write_pubkey_der( key, output_buf, 16000 ) ) < 0 )
|
||||
return( ret );
|
||||
|
||||
len = ret;
|
||||
|
@ -125,14 +125,14 @@ static int write_private_key( pk_context *key, const char *output_file )
|
|||
memset(output_buf, 0, 16000);
|
||||
if( opt.output_format == OUTPUT_FORMAT_PEM )
|
||||
{
|
||||
if( ( ret = x509write_key_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
if( ( ret = pk_write_key_pem( key, output_buf, 16000 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
len = strlen( (char *) output_buf );
|
||||
}
|
||||
else
|
||||
{
|
||||
if( ( ret = x509write_key_der( key, output_buf, 16000 ) ) < 0 )
|
||||
if( ( ret = pk_write_key_der( key, output_buf, 16000 ) ) < 0 )
|
||||
return( ret );
|
||||
|
||||
len = ret;
|
||||
|
|
|
@ -69,6 +69,7 @@ add_test_suite(pbkdf2)
|
|||
add_test_suite(pkcs1_v21)
|
||||
add_test_suite(pkcs5)
|
||||
add_test_suite(pkparse)
|
||||
add_test_suite(pkwrite)
|
||||
add_test_suite(shax)
|
||||
add_test_suite(rsa)
|
||||
add_test_suite(version)
|
||||
|
|
|
@ -47,7 +47,7 @@ APPS = test_suite_aes.ecb test_suite_aes.cbc \
|
|||
test_suite_md test_suite_mdx \
|
||||
test_suite_mpi test_suite_pbkdf2 \
|
||||
test_suite_pkcs1_v21 test_suite_pkcs5 \
|
||||
test_suite_pkparse \
|
||||
test_suite_pkparse test_suite_pkwrite \
|
||||
test_suite_rsa test_suite_shax \
|
||||
test_suite_x509parse test_suite_x509write \
|
||||
test_suite_xtea test_suite_version
|
||||
|
@ -280,6 +280,10 @@ test_suite_pkparse: test_suite_pkparse.c ../library/libpolarssl.a
|
|||
echo " CC $@.c"
|
||||
$(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
|
||||
|
||||
test_suite_pkwrite: test_suite_pkwrite.c ../library/libpolarssl.a
|
||||
echo " CC $@.c"
|
||||
$(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
|
||||
|
||||
test_suite_rsa: test_suite_rsa.c ../library/libpolarssl.a
|
||||
echo " CC $@.c"
|
||||
$(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
|
||||
|
|
15
tests/suites/test_suite_pkwrite.data
Normal file
15
tests/suites/test_suite_pkwrite.data
Normal file
|
@ -0,0 +1,15 @@
|
|||
Public key write check RSA
|
||||
depends_on:POLARSSL_RSA_C:POLARSSL_BASE64_C
|
||||
pk_write_pubkey_check:"data_files/server1.pubkey"
|
||||
|
||||
Public key write check EC
|
||||
depends_on:POLARSSL_ECP_C:POLARSSL_BASE64_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
|
||||
pk_write_pubkey_check:"data_files/ec_pub.pem"
|
||||
|
||||
Private key write check RSA
|
||||
depends_on:POLARSSL_RSA_C:POLARSSL_BASE64_C
|
||||
pk_write_key_check:"data_files/server1.key"
|
||||
|
||||
Private key write check EC
|
||||
depends_on:POLARSSL_ECP_C:POLARSSL_BASE64_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
|
||||
pk_write_key_check:"data_files/ec_prv.sec1.pem"
|
68
tests/suites/test_suite_pkwrite.function
Normal file
68
tests/suites/test_suite_pkwrite.function
Normal file
|
@ -0,0 +1,68 @@
|
|||
/* BEGIN_HEADER */
|
||||
#include <polarssl/pk.h>
|
||||
#include <polarssl/pem.h>
|
||||
#include <polarssl/oid.h>
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
* depends_on:POLARSSL_PK_C:POLARSSL_BIGNUM_C
|
||||
* END_DEPENDENCIES
|
||||
*/
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void pk_write_pubkey_check( char *key_file )
|
||||
{
|
||||
pk_context key;
|
||||
unsigned char buf[5000];
|
||||
unsigned char check_buf[5000];
|
||||
int ret;
|
||||
FILE *f;
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( check_buf, 0, sizeof( check_buf ) );
|
||||
|
||||
pk_init( &key );
|
||||
TEST_ASSERT( pk_parse_public_keyfile( &key, key_file ) == 0 );
|
||||
|
||||
ret = pk_write_pubkey_pem( &key, buf, sizeof( buf ) - 1);
|
||||
TEST_ASSERT( ret >= 0 );
|
||||
|
||||
f = fopen( key_file, "r" );
|
||||
TEST_ASSERT( f != NULL );
|
||||
fread( check_buf, 1, sizeof( check_buf ) - 1, f );
|
||||
fclose( f );
|
||||
|
||||
TEST_ASSERT( strncmp( (char *) buf, (char *) check_buf, sizeof( buf ) ) == 0 );
|
||||
|
||||
pk_free( &key );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void pk_write_key_check( char *key_file )
|
||||
{
|
||||
pk_context key;
|
||||
unsigned char buf[5000];
|
||||
unsigned char check_buf[5000];
|
||||
int ret;
|
||||
FILE *f;
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( check_buf, 0, sizeof( check_buf ) );
|
||||
|
||||
pk_init( &key );
|
||||
TEST_ASSERT( pk_parse_keyfile( &key, key_file, NULL ) == 0 );
|
||||
|
||||
ret = pk_write_key_pem( &key, buf, sizeof( buf ) - 1);
|
||||
TEST_ASSERT( ret >= 0 );
|
||||
|
||||
f = fopen( key_file, "r" );
|
||||
TEST_ASSERT( f != NULL );
|
||||
fread( check_buf, 1, sizeof( check_buf ) - 1, f );
|
||||
fclose( f );
|
||||
|
||||
TEST_ASSERT( strncmp( (char *) buf, (char *) check_buf, sizeof( buf ) ) == 0 );
|
||||
|
||||
pk_free( &key );
|
||||
}
|
||||
/* END_CASE */
|
|
@ -29,19 +29,3 @@ x509_csr_check:"data_files/server1.key":POLARSSL_MD_MD5:"data_files/server1.req.
|
|||
Certificate write check Server1 SHA1
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_DES_C:POLARSSL_CIPHER_MODE_CBC:POLARSSL_MD5_C
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:"data_files/server1.crt"
|
||||
|
||||
Public key write check RSA
|
||||
depends_on:POLARSSL_RSA_C:POLARSSL_BASE64_C
|
||||
x509_pubkey_check:"data_files/server1.pubkey"
|
||||
|
||||
Public key write check EC
|
||||
depends_on:POLARSSL_ECP_C:POLARSSL_BASE64_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
|
||||
x509_pubkey_check:"data_files/ec_pub.pem"
|
||||
|
||||
Private key write check RSA
|
||||
depends_on:POLARSSL_RSA_C:POLARSSL_BASE64_C
|
||||
x509_key_check:"data_files/server1.key"
|
||||
|
||||
Private key write check EC
|
||||
depends_on:POLARSSL_ECP_C:POLARSSL_BASE64_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
|
||||
x509_key_check:"data_files/ec_prv.sec1.pem"
|
||||
|
|
|
@ -127,61 +127,3 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
|
|||
mpi_free( &serial );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void x509_pubkey_check( char *key_file )
|
||||
{
|
||||
pk_context key;
|
||||
unsigned char buf[5000];
|
||||
unsigned char check_buf[5000];
|
||||
int ret;
|
||||
FILE *f;
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( check_buf, 0, sizeof( check_buf ) );
|
||||
|
||||
pk_init( &key );
|
||||
TEST_ASSERT( pk_parse_public_keyfile( &key, key_file ) == 0 );
|
||||
|
||||
ret = x509write_pubkey_pem( &key, buf, sizeof( buf ) - 1);
|
||||
TEST_ASSERT( ret >= 0 );
|
||||
|
||||
f = fopen( key_file, "r" );
|
||||
TEST_ASSERT( f != NULL );
|
||||
fread( check_buf, 1, sizeof( check_buf ) - 1, f );
|
||||
fclose( f );
|
||||
|
||||
TEST_ASSERT( strncmp( (char *) buf, (char *) check_buf, sizeof( buf ) ) == 0 );
|
||||
|
||||
pk_free( &key );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void x509_key_check( char *key_file )
|
||||
{
|
||||
pk_context key;
|
||||
unsigned char buf[5000];
|
||||
unsigned char check_buf[5000];
|
||||
int ret;
|
||||
FILE *f;
|
||||
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
memset( check_buf, 0, sizeof( check_buf ) );
|
||||
|
||||
pk_init( &key );
|
||||
TEST_ASSERT( pk_parse_keyfile( &key, key_file, NULL ) == 0 );
|
||||
|
||||
ret = x509write_key_pem( &key, buf, sizeof( buf ) - 1);
|
||||
TEST_ASSERT( ret >= 0 );
|
||||
|
||||
f = fopen( key_file, "r" );
|
||||
TEST_ASSERT( f != NULL );
|
||||
fread( check_buf, 1, sizeof( check_buf ) - 1, f );
|
||||
fclose( f );
|
||||
|
||||
TEST_ASSERT( strncmp( (char *) buf, (char *) check_buf, sizeof( buf ) ) == 0 );
|
||||
|
||||
pk_free( &key );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
|
Loading…
Reference in a new issue