Rewrote x509 certificate request writing to use structure for storing
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index cbd6252..b2797c0 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -65,8 +65,7 @@
}
}
-void write_certificate_request( rsa_context *rsa, x509_req_name *req_name,
- char *output_file )
+int write_certificate_request( x509_cert_req *req, char *output_file )
{
FILE *f;
unsigned char output_buf[4096];
@@ -76,19 +75,22 @@
size_t len = 0, olen = 4096;
memset(output_buf, 0, 4096);
- ret = x509_write_cert_req( output_buf, 4096, rsa, req_name, POLARSSL_MD_SHA1 );
+ ret = x509_write_cert_req( req, output_buf, 4096 );
if( ret < 0 )
- return;
+ return( ret );
len = ret;
c = output_buf + 4095 - len;
- base64_encode( base_buf, &olen, c, len );
+ if( ( ret = base64_encode( base_buf, &olen, c, len ) ) != 0 )
+ return( ret );
c = base_buf;
- f = fopen( output_file, "w" );
+ if( ( f = fopen( output_file, "w" ) ) == NULL )
+ return( -1 );
+
fprintf(f, "-----BEGIN CERTIFICATE REQUEST-----\n");
while (olen)
{
@@ -101,6 +103,8 @@
}
fprintf(f, "-----END CERTIFICATE REQUEST-----\n");
fclose(f);
+
+ return( 0 );
}
#define USAGE \
@@ -131,15 +135,13 @@
char buf[1024];
int i, j, n;
char *p, *q;
- char *s, *c, *end;
- int in_tag;
- char *oid = NULL;
- x509_req_name *req_name = NULL;
- x509_req_name *cur = req_name;
+ x509_cert_req req;
/*
* Set to sane values
*/
+ x509cert_req_init( &req );
+ x509cert_req_set_md_alg( &req, POLARSSL_MD_SHA1 );
memset( &rsa, 0, sizeof( rsa_context ) );
memset( buf, 0, 1024 );
@@ -191,74 +193,13 @@
/*
* 1.0. Check the subject name for validity
*/
- s = opt.subject_name;
- end = s + strlen( s );
-
- c = s;
-
- in_tag = 1;
- while( c <= end )
+ if( ( ret = x509cert_req_set_subject_name( &req, opt.subject_name ) ) != 0 )
{
- if( in_tag && *c == '=' )
- {
- if( memcmp( s, "CN", 2 ) == 0 && c - s == 2 )
- oid = OID_AT_CN;
- else if( memcmp( s, "C", 1 ) == 0 && c - s == 1 )
- oid = OID_AT_COUNTRY;
- else if( memcmp( s, "O", 1 ) == 0 && c - s == 1 )
- oid = OID_AT_ORGANIZATION;
- else if( memcmp( s, "L", 1 ) == 0 && c - s == 1 )
- oid = OID_AT_LOCALITY;
- else if( memcmp( s, "R", 1 ) == 0 && c - s == 1 )
- oid = OID_PKCS9_EMAIL;
- else if( memcmp( s, "OU", 2 ) == 0 && c - s == 2 )
- oid = OID_AT_ORG_UNIT;
- else if( memcmp( s, "ST", 2 ) == 0 && c - s == 2 )
- oid = OID_AT_STATE;
- else
- {
- printf("Failed to parse subject name.\n");
- goto exit;
- }
-
- s = c + 1;
- in_tag = 0;
- }
-
- if( !in_tag && ( *c == ',' || c == end ) )
- {
- if( c - s > 127 )
- {
- printf("Name too large for buffer.\n");
- goto exit;
- }
-
- if( cur == NULL )
- {
- req_name = malloc( sizeof(x509_req_name) );
- cur = req_name;
- }
- else
- {
- cur->next = malloc( sizeof(x509_req_name) );
- cur = cur->next;
- }
-
- if( cur == NULL )
- {
- printf( "Failed to allocate memory.\n" );
- goto exit;
- }
-
- memset( cur, 0, sizeof(x509_req_name) );
-
- strncpy( cur->oid, oid, strlen( oid ) );
- strncpy( cur->name, s, c - s );
-
- s = c + 1;
- in_tag = 1;
- }
- c++;
+#ifdef POLARSSL_ERROR_C
+ error_strerror( ret, buf, 1024 );
+#endif
+ printf( " failed\n ! x509cert_req_set_subject_name returned %d - %s\n\n", ret, buf );
+ goto exit;
}
/*
@@ -275,16 +216,32 @@
error_strerror( ret, buf, 1024 );
#endif
printf( " failed\n ! x509parse_key_rsa returned %d - %s\n\n", ret, buf );
- rsa_free( &rsa );
+ goto exit;
+ }
+
+ x509cert_req_set_rsa_key( &req, &rsa );
+
+ printf( " ok\n" );
+
+ /*
+ * 1.2. Writing the request
+ */
+ printf( " . Writing the certificate request ..." );
+ fflush( stdout );
+
+ if( ( ret = write_certificate_request( &req, opt.output_file ) ) != 0 )
+ {
+#ifdef POLARSSL_ERROR_C
+ error_strerror( ret, buf, 1024 );
+#endif
+ printf( " failed\n ! write_certifcate_request %d - %s\n\n", ret, buf );
goto exit;
}
printf( " ok\n" );
- write_certificate_request( &rsa, req_name, opt.output_file );
-
exit:
-
+ x509cert_req_free( &req );
rsa_free( &rsa );
#if defined(_WIN32)