commit ee73179b2f3bd61e1b8c18962badd9ad1e2d374e
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Sep 11 22:48:40 2013 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Thu Sep 12 11:57:00 2013 +0200
tree 7cc07ab55f2563b74c86157833945a0f01905f0f
parent 8053da40579c6ce3933bdfa6515d6ef4f98b6c7a

Adapt x509write_csr prototypes for PK

programs/x509/cert_req.c

diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 6cc05c8..b98f233 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -33,24 +33,22 @@
 
 #include "polarssl/config.h"
 
-#include "polarssl/error.h"
-#include "polarssl/rsa.h"
-#include "polarssl/x509.h"
-#include "polarssl/base64.h"
 #include "polarssl/x509write.h"
-#include "polarssl/oid.h"
+#include "polarssl/error.h"
+#include "polarssl/entropy.h"
+#include "polarssl/ctr_drbg.h"
 
-#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) ||         \
-    !defined(POLARSSL_X509_PARSE_C) || !defined(POLARSSL_FS_IO) ||     \
+#if !defined(POLARSSL_X509_PARSE_C) || !defined(POLARSSL_FS_IO) ||     \
+    !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
     !defined(POLARSSL_ERROR_C)
 int main( int argc, char *argv[] )
 {
     ((void) argc);
     ((void) argv);
 
-    printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
-           "POLARSSL_X509_PARSE_C and/or POLARSSL_FS_IO and/or "
-           "POLARSSL_ERROR_C not defined.\n");
+    printf( "POLARSSL_X509_PARSE_C and/or POLARSSL_FS_IO and/or "
+            "POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
+            "POLARSSL_ERROR_C not defined.\n");
     return( 0 );
 }
 #else
@@ -75,7 +73,9 @@
     unsigned char ns_cert_type; /* NS cert type                         */
 } opt;
 
-int write_certificate_request( x509write_csr *req, char *output_file )
+int write_certificate_request( x509write_csr *req, char *output_file,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng )
 {
     int ret;
     FILE *f;
@@ -83,7 +83,7 @@
     size_t len = 0;
 
     memset( output_buf, 0, 4096 );
-    if( ( ret = x509write_csr_pem( req, output_buf, 4096 ) ) < 0 )
+    if( ( ret = x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 )
         return( ret );
 
     len = strlen( (char *) output_buf );
@@ -129,18 +129,21 @@
 int main( int argc, char *argv[] )
 {
     int ret = 0;
-    rsa_context rsa;
+    pk_context key;
     char buf[1024];
     int i, j, n;
     char *p, *q, *r;
     x509write_csr req;
+    entropy_context entropy;
+    ctr_drbg_context ctr_drbg;
+    const char *pers = "csr example app";
 
     /*
      * Set to sane values
      */
     x509write_csr_init( &req );
     x509write_csr_set_md_alg( &req, POLARSSL_MD_SHA1 );
-    memset( &rsa, 0, sizeof( rsa_context ) );
+    pk_init( &key );
     memset( buf, 0, 1024 );
 
     if( argc == 0 )
@@ -252,8 +255,29 @@
         x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type );
 
     /*
+     * 0. Seed the PRNG
+     */
+    printf( "  . Seeding the random number generator..." );
+    fflush( stdout );
+
+    entropy_init( &entropy );
+    if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
+                               (const unsigned char *) pers,
+                               strlen( pers ) ) ) != 0 )
+    {
+        error_strerror( ret, buf, 1024 );
+        printf( " failed\n  !  ctr_drbg_init returned %d - %s\n", ret, buf );
+        goto exit;
+    }
+
+    printf( " ok\n" );
+
+    /*
      * 1.0. Check the subject name for validity
      */
+    printf( "  . Checking subjet name..." );
+    fflush( stdout );
+
     if( ( ret = x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 )
     {
         error_strerror( ret, buf, 1024 );
@@ -261,22 +285,24 @@
         goto exit;
     }
 
+    printf( " ok\n" );
+
     /*
      * 1.1. Load the key
      */
-    printf( "\n  . Loading the private key ..." );
+    printf( "  . Loading the private key ..." );
     fflush( stdout );
 
-    ret = x509parse_keyfile_rsa( &rsa, opt.filename, NULL );
+    ret = x509parse_keyfile( &key, opt.filename, NULL );
 
     if( ret != 0 )
     {
         error_strerror( ret, buf, 1024 );
-        printf( " failed\n  !  x509parse_key_rsa returned %d - %s\n\n", ret, buf );
+        printf( " failed\n  !  x509parse_keyfile returned %d - %s\n\n", ret, buf );
         goto exit;
     }
 
-    x509write_csr_set_rsa_key( &req, &rsa );
+    x509write_csr_set_key( &req, &key );
 
     printf( " ok\n" );
 
@@ -286,7 +312,8 @@
     printf( "  . Writing the certificate request ..." );
     fflush( stdout );
 
-    if( ( ret = write_certificate_request( &req, opt.output_file ) ) != 0 )
+    if( ( ret = write_certificate_request( &req, opt.output_file,
+                                           ctr_drbg_random, &ctr_drbg ) ) != 0 )
     {
         error_strerror( ret, buf, 1024 );
         printf( " failed\n  !  write_certifcate_request %d - %s\n\n", ret, buf );
@@ -297,7 +324,7 @@
 
 exit:
     x509write_csr_free( &req );
-    rsa_free( &rsa );
+    pk_free( &key );
 
 #if defined(_WIN32)
     printf( "  + Press Enter to exit this program.\n" );
@@ -306,5 +333,6 @@
 
     return( ret );
 }
-#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C &&
-          POLARSSL_X509_PARSE_C && POLARSSL_FS_IO */
+#endif /* POLARSSL_X509_PARSE_C && POLARSSL_FS_IO &&
+          POLARSSL_ENTROPY_C && POLARSSL_CTR_DRBG_C &&
+          POLARSSL_ERROR_C */