TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / HEAD / . / programs / util / pem2der.c
blob: 177365b87c5edf0a055c412c024cfc80a3521559 [file] [log] [blame]
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]1/*
2 * Convert PEM to DER
3 *
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]4 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame]5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]6 */
7
Bence Szépkútic662b362021-05-27 11:25:03 +0200[diff] [blame]8#include "mbedtls/build_info.h"
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]9
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]10#include "mbedtls/platform.h"
Rich Evansf90016a2015-01-19 14:26:37 +0000[diff] [blame]11
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]12#if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_FS_IO)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]13#include "mbedtls/error.h"
14#include "mbedtls/base64.h"
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]15
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame]16#include <stdio.h>
17#include <stdlib.h>
18#include <string.h>
19#endif
20
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]21#define DFL_FILENAME "file.pem"
22#define DFL_OUTPUT_FILENAME "file.der"
23
Rich Evans18b78c72015-02-11 14:06:19 +0000[diff] [blame]24#define USAGE \
25 "\n usage: pem2der param=<>...\n" \
26 "\n acceptable parameters:\n" \
27 " filename=%%s default: file.pem\n" \
28 " output_file=%%s default: file.der\n" \
29 "\n"
30
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]31#if !defined(MBEDTLS_BASE64_C) || !defined(MBEDTLS_FS_IO)
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]32int main(void)
Manuel Pégourié-Gonnard7831b0c2013-09-20 12:29:56 +0200[diff] [blame]33{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]34 mbedtls_printf("MBEDTLS_BASE64_C and/or MBEDTLS_FS_IO not defined.\n");
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]35 mbedtls_exit(0);
Manuel Pégourié-Gonnard7831b0c2013-09-20 12:29:56 +0200[diff] [blame]36}
37#else
Manuel Pégourié-Gonnard3ef6a6d2018-12-10 14:31:45 +0100[diff] [blame]38
Manuel Pégourié-Gonnard3ef6a6d2018-12-10 14:31:45 +0100[diff] [blame]39
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]40/*
41 * global options
42 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]43struct options {
Paul Bakker8fc30b12013-11-25 13:29:43 +0100[diff] [blame]44 const char *filename; /* filename of the input file */
45 const char *output_file; /* where to store the output */
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]46} opt;
47
Michael Schuster6fa32fd2024-06-01 21:15:02 +0200[diff] [blame]48static int convert_pem_to_der(const unsigned char *input, size_t ilen,
Michael Schuster82984bc2024-06-12 00:05:25 +0200[diff] [blame]49 unsigned char *output, size_t *olen)
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]50{
51 int ret;
52 const unsigned char *s1, *s2, *end = input + ilen;
53 size_t len = 0;
54
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]55 s1 = (unsigned char *) strstr((const char *) input, "-----BEGIN");
56 if (s1 == NULL) {
57 return -1;
58 }
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]59
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]60 s2 = (unsigned char *) strstr((const char *) input, "-----END");
61 if (s2 == NULL) {
62 return -1;
63 }
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]64
65 s1 += 10;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]66 while (s1 < end && *s1 != '-') {
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]67 s1++;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]68 }
69 while (s1 < end && *s1 == '-') {
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]70 s1++;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]71 }
72 if (*s1 == '\r') {
73 s1++;
74 }
75 if (*s1 == '\n') {
76 s1++;
77 }
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]78
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]79 if (s2 <= s1 || s2 > end) {
80 return -1;
81 }
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]82
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]83 ret = mbedtls_base64_decode(NULL, 0, &len, (const unsigned char *) s1, s2 - s1);
84 if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) {
85 return ret;
86 }
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]87
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]88 if (len > *olen) {
89 return -1;
90 }
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]91
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]92 if ((ret = mbedtls_base64_decode(output, len, &len, (const unsigned char *) s1,
93 s2 - s1)) != 0) {
94 return ret;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]95 }
96
97 *olen = len;
98
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]99 return 0;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]100}
101
102/*
103 * Load all data from a file into a given buffer.
104 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]105static int load_file(const char *path, unsigned char **buf, size_t *n)
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]106{
107 FILE *f;
108 long size;
109
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]110 if ((f = fopen(path, "rb")) == NULL) {
111 return -1;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]112 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]113
114 fseek(f, 0, SEEK_END);
115 if ((size = ftell(f)) == -1) {
116 fclose(f);
117 return -1;
118 }
119 fseek(f, 0, SEEK_SET);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]120
121 *n = (size_t) size;
122
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]123 if (*n + 1 == 0 ||
124 (*buf = mbedtls_calloc(1, *n + 1)) == NULL) {
125 fclose(f);
126 return -1;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]127 }
128
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]129 if (fread(*buf, 1, *n, f) != *n) {
130 fclose(f);
131 free(*buf);
Alfred Klomp1d42b3e2014-07-14 22:09:21 +0200[diff] [blame]132 *buf = NULL;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]133 return -1;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]134 }
135
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]136 fclose(f);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]137
138 (*buf)[*n] = '\0';
139
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]140 return 0;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]141}
142
143/*
144 * Write buffer to a file
145 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]146static int write_file(const char *path, unsigned char *buf, size_t n)
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]147{
148 FILE *f;
149
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]150 if ((f = fopen(path, "wb")) == NULL) {
151 return -1;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]152 }
153
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]154 if (fwrite(buf, 1, n, f) != n) {
155 fclose(f);
156 return -1;
157 }
158
159 fclose(f);
160 return 0;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]161}
162
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]163int main(int argc, char *argv[])
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]164{
Andres Amaya Garcia78dabe02018-04-29 22:08:41 +0100[diff] [blame]165 int ret = 1;
166 int exit_code = MBEDTLS_EXIT_FAILURE;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]167 unsigned char *pem_buffer = NULL;
168 unsigned char der_buffer[4096];
169 char buf[1024];
170 size_t pem_size, der_size = sizeof(der_buffer);
Paul Bakkerc97f9f62013-11-30 15:13:02 +0100[diff] [blame]171 int i;
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]172 char *p, *q;
173
174 /*
175 * Set to sane values
176 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]177 memset(buf, 0, sizeof(buf));
178 memset(der_buffer, 0, sizeof(der_buffer));
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]179
Aditya Deshpande644a5c02023-01-30 15:58:50 +0000[diff] [blame]180 if (argc < 2) {
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]181usage:
182 mbedtls_printf(USAGE);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]183 goto exit;
184 }
185
186 opt.filename = DFL_FILENAME;
187 opt.output_file = DFL_OUTPUT_FILENAME;
188
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]189 for (i = 1; i < argc; i++) {
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]190
191 p = argv[i];
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]192 if ((q = strchr(p, '=')) == NULL) {
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]193 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]194 }
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]195 *q++ = '\0';
196
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]197 if (strcmp(p, "filename") == 0) {
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]198 opt.filename = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]199 } else if (strcmp(p, "output_file") == 0) {
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]200 opt.output_file = q;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]201 } else {
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]202 goto usage;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]203 }
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]204 }
205
206 /*
207 * 1.1. Load the PEM file
208 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]209 mbedtls_printf("\n . Loading the PEM file ...");
210 fflush(stdout);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]211
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]212 ret = load_file(opt.filename, &pem_buffer, &pem_size);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]213
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]214 if (ret != 0) {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]215#ifdef MBEDTLS_ERROR_C
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]216 mbedtls_strerror(ret, buf, 1024);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]217#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]218 mbedtls_printf(" failed\n ! load_file returned %d - %s\n\n", ret, buf);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]219 goto exit;
220 }
221
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]222 mbedtls_printf(" ok\n");
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]223
224 /*
225 * 1.2. Convert from PEM to DER
226 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]227 mbedtls_printf(" . Converting from PEM to DER ...");
228 fflush(stdout);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]229
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]230 if ((ret = convert_pem_to_der(pem_buffer, pem_size, der_buffer, &der_size)) != 0) {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]231#ifdef MBEDTLS_ERROR_C
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]232 mbedtls_strerror(ret, buf, 1024);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]233#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]234 mbedtls_printf(" failed\n ! convert_pem_to_der %d - %s\n\n", ret, buf);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]235 goto exit;
236 }
237
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]238 mbedtls_printf(" ok\n");
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]239
240 /*
241 * 1.3. Write the DER file
242 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]243 mbedtls_printf(" . Writing the DER file ...");
244 fflush(stdout);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]245
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]246 ret = write_file(opt.output_file, der_buffer, der_size);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]247
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]248 if (ret != 0) {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]249#ifdef MBEDTLS_ERROR_C
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]250 mbedtls_strerror(ret, buf, 1024);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]251#endif
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]252 mbedtls_printf(" failed\n ! write_file returned %d - %s\n\n", ret, buf);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]253 goto exit;
254 }
255
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]256 mbedtls_printf(" ok\n");
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]257
Andres Amaya Garcia78dabe02018-04-29 22:08:41 +0100[diff] [blame]258 exit_code = MBEDTLS_EXIT_SUCCESS;
259
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]260exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]261 free(pem_buffer);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]262
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]263 mbedtls_exit(exit_code);
Paul Bakker8adf13b2013-08-25 14:50:09 +0200[diff] [blame]264}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]265#endif /* MBEDTLS_BASE64_C && MBEDTLS_FS_IO */