Moved PK key writing from X509 module to PK module
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index fcd601c..e839bea 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -42,6 +42,7 @@
pk.c
pk_wrap.c
pkparse.c
+ pkwrite.c
rsa.c
sha1.c
sha256.c
diff --git a/library/Makefile b/library/Makefile
index 1316155..f70ef56 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -50,6 +50,7 @@
padlock.o pbkdf2.o pem.o \
pkcs5.o pkcs11.o pkcs12.o \
pk.o pk_wrap.o pkparse.o \
+ pkwrite.o \
rsa.o sha1.o sha256.o \
sha512.o ssl_cache.o ssl_cli.o \
ssl_srv.o ssl_ciphersuites.o \
diff --git a/library/pkwrite.c b/library/pkwrite.c
new file mode 100644
index 0000000..741df08
--- /dev/null
+++ b/library/pkwrite.c
@@ -0,0 +1,389 @@
+/*
+ * Public Key layer for writing key files and structures
+ *
+ * Copyright (C) 2006-2013, Brainspark B.V.
+ *
+ * This file is part of PolarSSL (http://www.polarssl.org)
+ * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
+ *
+ * All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include "polarssl/config.h"
+
+#if defined(POLARSSL_PK_C)
+
+#include "polarssl/pk.h"
+#include "polarssl/asn1write.h"
+#include "polarssl/oid.h"
+
+#if defined(POLARSSL_RSA_C)
+#include "polarssl/rsa.h"
+#endif
+#if defined(POLARSSL_ECP_C)
+#include "polarssl/ecp.h"
+#endif
+#if defined(POLARSSL_ECDSA_C)
+#include "polarssl/ecdsa.h"
+#endif
+#if defined(POLARSSL_BASE64_C)
+#include "polarssl/base64.h"
+#endif
+
+#if defined(POLARSSL_MEMORY_C)
+#include "polarssl/memory.h"
+#else
+#include <stdlib.h>
+#define polarssl_malloc malloc
+#define polarssl_free free
+#endif
+
+#if defined(POLARSSL_RSA_C)
+/*
+ * RSAPublicKey ::= SEQUENCE {
+ * modulus INTEGER, -- n
+ * publicExponent INTEGER -- e
+ * }
+ */
+static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
+ rsa_context *rsa )
+{
+ int ret;
+ size_t len = 0;
+
+ ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->E ) );
+ ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->N ) );
+
+ ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
+ ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
+
+ return( len );
+}
+#endif /* POLARSSL_RSA_C */
+
+#if defined(POLARSSL_ECP_C)
+/*
+ * EC public key is an EC point
+ */
+static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start,
+ ecp_keypair *ec )
+{
+ int ret;
+ size_t len = 0;
+ unsigned char buf[POLARSSL_ECP_MAX_PT_LEN];
+
+ if( ( ret = ecp_point_write_binary( &ec->grp, &ec->Q,
+ POLARSSL_ECP_PF_UNCOMPRESSED,
+ &len, buf, sizeof( buf ) ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ if( *p - start < (int) len )
+ return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
+
+ *p -= len;
+ memcpy( *p, buf, len );
+
+ return( len );
+}
+
+/*
+ * ECParameters ::= CHOICE {
+ * namedCurve OBJECT IDENTIFIER
+ * }
+ */
+static int pk_write_ec_param( unsigned char **p, unsigned char *start,
+ ecp_keypair *ec )
+{
+ int ret;
+ size_t len = 0;
+ const char *oid;
+ size_t oid_len;
+
+ if( ( ret = oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
+ return( ret );
+
+ ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
+
+ return( len );
+}
+#endif /* POLARSSL_ECP_C */
+
+int pk_write_pubkey( unsigned char **p, unsigned char *start,
+ const pk_context *key )
+{
+ int ret;
+ size_t len = 0;
+
+#if defined(POLARSSL_RSA_C)
+ if( pk_get_type( key ) == POLARSSL_PK_RSA )
+ ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, pk_rsa( *key ) ) );
+ else
+#endif
+#if defined(POLARSSL_ECP_C)
+ if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
+ ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, pk_ec( *key ) ) );
+ else
+#endif
+ return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
+
+ return( len );
+}
+
+int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
+{
+ int ret;
+ unsigned char *c;
+ size_t len = 0, par_len = 0, oid_len;
+ const char *oid;
+
+ c = buf + size;
+
+ ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, key ) );
+
+ if( c - buf < 1 )
+ return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
+
+ /*
+ * SubjectPublicKeyInfo ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier,
+ * subjectPublicKey BIT STRING }
+ */
+ *--c = 0;
+ len += 1;
+
+ ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
+ ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
+
+ if( ( ret = oid_get_oid_by_pk_alg( pk_get_type( key ),
+ &oid, &oid_len ) ) != 0 )
+ {
+ return( ret );
+ }
+
+#if defined(POLARSSL_ECP_C)
+ if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
+ {
+ ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, pk_ec( *key ) ) );
+ }
+#endif
+
+ ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
+ par_len ) );
+
+ ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
+ ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
+
+ return( len );
+}
+
+int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
+{
+ int ret;
+ unsigned char *c = buf + size;
+ size_t len = 0;
+
+#if defined(POLARSSL_RSA_C)
+ if( pk_get_type( key ) == POLARSSL_PK_RSA )
+ {
+ rsa_context *rsa = pk_rsa( *key );
+
+ ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) );
+ ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) );
+ ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DP ) );
+ ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->Q ) );
+ ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->P ) );
+ ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->D ) );
+ ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) );
+ ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) );
+ ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 0 ) );
+
+ ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
+ ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
+ }
+ else
+#endif
+#if defined(POLARSSL_ECP_C)
+ if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
+ {
+ ecp_keypair *ec = pk_ec( *key );
+ size_t pub_len = 0, par_len = 0;
+
+ /*
+ * RFC 5915, or SEC1 Appendix C.4
+ *
+ * ECPrivateKey ::= SEQUENCE {
+ * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+ * privateKey OCTET STRING,
+ * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
+ * publicKey [1] BIT STRING OPTIONAL
+ * }
+ */
+
+ /* publicKey */
+ ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) );
+
+ if( c - buf < 1 )
+ return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
+ *--c = 0;
+ pub_len += 1;
+
+ ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
+ ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
+
+ ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
+ ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf,
+ ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) );
+ len += pub_len;
+
+ /* parameters */
+ ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) );
+
+ ASN1_CHK_ADD( par_len, asn1_write_len( &c, buf, par_len ) );
+ ASN1_CHK_ADD( par_len, asn1_write_tag( &c, buf,
+ ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) );
+ len += par_len;
+
+ /* privateKey: write as MPI then fix tag */
+ ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &ec->d ) );
+ *c = ASN1_OCTET_STRING;
+
+ /* version */
+ ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 1 ) );
+
+ ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
+ ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
+ }
+ else
+#endif
+ return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
+
+ return( len );
+}
+
+#if defined(POLARSSL_BASE64_C)
+static int pk_write_pemify( const char *begin_str, const char *end_str,
+ const unsigned char *der_data, size_t der_len,
+ unsigned char *buf, size_t size )
+{
+ int ret;
+ unsigned char base_buf[4096];
+ unsigned char *c = base_buf, *p = buf;
+ size_t len = 0, olen = sizeof(base_buf);
+
+ if( ( ret = base64_encode( base_buf, &olen, der_data, der_len ) ) != 0 )
+ return( ret );
+
+ if( olen + strlen( begin_str ) + strlen( end_str ) +
+ olen / 64 > size )
+ {
+ return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
+ }
+
+ memcpy( p, begin_str, strlen( begin_str ) );
+ p += strlen( begin_str );
+
+ while( olen )
+ {
+ len = ( olen > 64 ) ? 64 : olen;
+ memcpy( p, c, len );
+ olen -= len;
+ p += len;
+ c += len;
+ *p++ = '\n';
+ }
+
+ memcpy( p, end_str, strlen( end_str ) );
+ p += strlen( end_str );
+
+ *p = '\0';
+
+ return( 0 );
+}
+
+#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
+#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
+
+#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n"
+#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n"
+#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n"
+#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n"
+
+int pk_write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size )
+{
+ int ret;
+ unsigned char output_buf[4096];
+
+ if( ( ret = pk_write_pubkey_der( key, output_buf,
+ sizeof(output_buf) ) ) < 0 )
+ {
+ return( ret );
+ }
+
+ if( ( ret = pk_write_pemify( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
+ output_buf + sizeof(output_buf) - ret,
+ ret, buf, size ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ return( 0 );
+}
+
+int pk_write_key_pem( pk_context *key, unsigned char *buf, size_t size )
+{
+ int ret;
+ unsigned char output_buf[4096];
+ char *begin, *end;
+
+ if( ( ret = pk_write_key_der( key, output_buf,
+ sizeof(output_buf) ) ) < 0 )
+ {
+ return( ret );
+ }
+
+#if defined(POLARSSL_RSA_C)
+ if( pk_get_type( key ) == POLARSSL_PK_RSA )
+ {
+ begin = PEM_BEGIN_PRIVATE_KEY_RSA;
+ end = PEM_END_PRIVATE_KEY_RSA;
+ }
+ else
+#endif
+#if defined(POLARSSL_ECP_C)
+ if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
+ {
+ begin = PEM_BEGIN_PRIVATE_KEY_EC;
+ end = PEM_END_PRIVATE_KEY_EC;
+ }
+ else
+#endif
+ return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
+
+ if( ( ret = pk_write_pemify( begin, end,
+ output_buf + sizeof(output_buf) - ret,
+ ret, buf, size ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ return( 0 );
+}
+#endif /* POLARSSL_BASE64_C */
+
+#endif /* POLARSSL_PK_C */
diff --git a/library/x509write.c b/library/x509write.c
index d4861d7..2231206 100644
--- a/library/x509write.c
+++ b/library/x509write.c
@@ -117,99 +117,6 @@
return( ret );
}
-#if defined(POLARSSL_RSA_C)
-/*
- * RSAPublicKey ::= SEQUENCE {
- * modulus INTEGER, -- n
- * publicExponent INTEGER -- e
- * }
- */
-static int x509_write_rsa_pubkey( unsigned char **p, unsigned char *start,
- rsa_context *rsa )
-{
- int ret;
- size_t len = 0;
-
- ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->E ) );
- ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->N ) );
-
- ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
- ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
-
- return( len );
-}
-#endif /* POLARSSL_RSA_C */
-
-#if defined(POLARSSL_ECP_C)
-/*
- * EC public key is an EC point
- */
-static int x509_write_ec_pubkey( unsigned char **p, unsigned char *start,
- ecp_keypair *ec )
-{
- int ret;
- size_t len = 0;
- unsigned char buf[POLARSSL_ECP_MAX_PT_LEN];
-
- if( ( ret = ecp_point_write_binary( &ec->grp, &ec->Q,
- POLARSSL_ECP_PF_UNCOMPRESSED,
- &len, buf, sizeof( buf ) ) ) != 0 )
- {
- return( ret );
- }
-
- if( *p - start < (int) len )
- return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
-
- *p -= len;
- memcpy( *p, buf, len );
-
- return( len );
-}
-
-/*
- * ECParameters ::= CHOICE {
- * namedCurve OBJECT IDENTIFIER
- * }
- */
-static int x509_write_ec_param( unsigned char **p, unsigned char *start,
- ecp_keypair *ec )
-{
- int ret;
- size_t len = 0;
- const char *oid;
- size_t oid_len;
-
- if( ( ret = oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
- return( ret );
-
- ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
-
- return( len );
-}
-#endif /* POLARSSL_ECP_C */
-
-static int x509_write_pubkey( unsigned char **p, unsigned char *start,
- const pk_context *key )
-{
- int ret;
- size_t len = 0;
-
-#if defined(POLARSSL_RSA_C)
- if( pk_get_type( key ) == POLARSSL_PK_RSA )
- ASN1_CHK_ADD( len, x509_write_rsa_pubkey( p, start, pk_rsa( *key ) ) );
- else
-#endif
-#if defined(POLARSSL_ECP_C)
- if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
- ASN1_CHK_ADD( len, x509_write_ec_pubkey( p, start, pk_ec( *key ) ) );
- else
-#endif
- return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
-
- return( len );
-}
-
void x509write_csr_init( x509write_csr *ctx )
{
memset( ctx, 0, sizeof(x509write_csr) );
@@ -426,7 +333,7 @@
size_t len = 0;
memset( buf, 0, sizeof(buf));
- ASN1_CHK_ADD( len, x509_write_pubkey( &c, buf, ctx->subject_key ) );
+ ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, ctx->subject_key ) );
sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 );
c = buf + sizeof(buf) - 20;
@@ -448,7 +355,7 @@
size_t len = 0;
memset( buf, 0, sizeof(buf));
- ASN1_CHK_ADD( len, x509_write_pubkey( &c, buf, ctx->issuer_key ) );
+ ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, ctx->issuer_key ) );
sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 );
c = buf + sizeof(buf) - 20;
@@ -506,137 +413,6 @@
return( 0 );
}
-int x509write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
-{
- int ret;
- unsigned char *c;
- size_t len = 0, par_len = 0, oid_len;
- const char *oid;
-
- c = buf + size;
-
- ASN1_CHK_ADD( len, x509_write_pubkey( &c, buf, key ) );
-
- if( c - buf < 1 )
- return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
-
- /*
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- */
- *--c = 0;
- len += 1;
-
- ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
- ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
-
- if( ( ret = oid_get_oid_by_pk_alg( pk_get_type( key ),
- &oid, &oid_len ) ) != 0 )
- {
- return( ret );
- }
-
-#if defined(POLARSSL_ECP_C)
- if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
- {
- ASN1_CHK_ADD( par_len, x509_write_ec_param( &c, buf, pk_ec( *key ) ) );
- }
-#endif
-
- ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
- par_len ) );
-
- ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
- ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
-
- return( len );
-}
-
-int x509write_key_der( pk_context *key, unsigned char *buf, size_t size )
-{
- int ret;
- unsigned char *c = buf + size;
- size_t len = 0;
-
-#if defined(POLARSSL_RSA_C)
- if( pk_get_type( key ) == POLARSSL_PK_RSA )
- {
- rsa_context *rsa = pk_rsa( *key );
-
- ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) );
- ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) );
- ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DP ) );
- ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->Q ) );
- ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->P ) );
- ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->D ) );
- ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) );
- ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) );
- ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 0 ) );
-
- ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
- ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
- }
- else
-#endif
-#if defined(POLARSSL_ECP_C)
- if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
- {
- ecp_keypair *ec = pk_ec( *key );
- size_t pub_len = 0, par_len = 0;
-
- /*
- * RFC 5915, or SEC1 Appendix C.4
- *
- * ECPrivateKey ::= SEQUENCE {
- * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
- * privateKey OCTET STRING,
- * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
- * publicKey [1] BIT STRING OPTIONAL
- * }
- */
-
- /* publicKey */
- ASN1_CHK_ADD( pub_len, x509_write_ec_pubkey( &c, buf, ec ) );
-
- if( c - buf < 1 )
- return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
- *--c = 0;
- pub_len += 1;
-
- ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
- ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
-
- ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
- ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf,
- ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) );
- len += pub_len;
-
- /* parameters */
- ASN1_CHK_ADD( par_len, x509_write_ec_param( &c, buf, ec ) );
-
- ASN1_CHK_ADD( par_len, asn1_write_len( &c, buf, par_len ) );
- ASN1_CHK_ADD( par_len, asn1_write_tag( &c, buf,
- ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) );
- len += par_len;
-
- /* privateKey: write as MPI then fix tag */
- ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &ec->d ) );
- *c = ASN1_OCTET_STRING;
-
- /* version */
- ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 1 ) );
-
- ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
- ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
- }
- else
-#endif
- return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
-
- return( len );
-}
-
/*
* RelativeDistinguishedName ::=
* SET OF AttributeTypeAndValue
@@ -856,8 +632,8 @@
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) );
- ASN1_CHK_ADD( pub_len, x509write_pubkey_der( ctx->key,
- tmp_buf, c - tmp_buf ) );
+ ASN1_CHK_ADD( pub_len, pk_write_pubkey_der( ctx->key,
+ tmp_buf, c - tmp_buf ) );
c -= pub_len;
len += pub_len;
@@ -951,8 +727,8 @@
/*
* SubjectPublicKeyInfo
*/
- ASN1_CHK_ADD( pub_len, x509write_pubkey_der( ctx->subject_key,
- tmp_buf, c - tmp_buf ) );
+ ASN1_CHK_ADD( pub_len, pk_write_pubkey_der( ctx->subject_key,
+ tmp_buf, c - tmp_buf ) );
c -= pub_len;
len += pub_len;
@@ -1040,14 +816,6 @@
#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"
#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"
-#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
-#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
-
-#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n"
-#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n"
-#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n"
-#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n"
-
#if defined(POLARSSL_BASE64_C)
static int x509write_pemify( const char *begin_str, const char *end_str,
const unsigned char *der_data, size_t der_len,
@@ -1111,67 +879,6 @@
return( 0 );
}
-int x509write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size )
-{
- int ret;
- unsigned char output_buf[4096];
-
- if( ( ret = x509write_pubkey_der( key, output_buf,
- sizeof(output_buf) ) ) < 0 )
- {
- return( ret );
- }
-
- if( ( ret = x509write_pemify( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
- output_buf + sizeof(output_buf) - ret,
- ret, buf, size ) ) != 0 )
- {
- return( ret );
- }
-
- return( 0 );
-}
-
-int x509write_key_pem( pk_context *key, unsigned char *buf, size_t size )
-{
- int ret;
- unsigned char output_buf[4096];
- char *begin, *end;
-
- if( ( ret = x509write_key_der( key, output_buf,
- sizeof(output_buf) ) ) < 0 )
- {
- return( ret );
- }
-
-#if defined(POLARSSL_RSA_C)
- if( pk_get_type( key ) == POLARSSL_PK_RSA )
- {
- begin = PEM_BEGIN_PRIVATE_KEY_RSA;
- end = PEM_END_PRIVATE_KEY_RSA;
- }
- else
-#endif
-#if defined(POLARSSL_ECP_C)
- if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
- {
- begin = PEM_BEGIN_PRIVATE_KEY_EC;
- end = PEM_END_PRIVATE_KEY_EC;
- }
- else
-#endif
- return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
-
- if( ( ret = x509write_pemify( begin, end,
- output_buf + sizeof(output_buf) - ret,
- ret, buf, size ) ) != 0 )
- {
- return( ret );
- }
-
- return( 0 );
-}
-
int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )