yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-25 22:55:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

x509write_csr() now fully using PK internally

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-09-11 22:28:30 +02:00 committed by Paul Bakker
parent d4eb5b5196
commit 8053da4057
3 changed files with 42 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
include/polarssl/pk.h
View File

@ -365,6 +365,15 @@ int pk_debug( const pk_context *ctx, pk_debug_item *items );
*/ */
const char * pk_get_name( const pk_context *ctx ); const char * pk_get_name( const pk_context *ctx );
/**
* \brief Get the key typee
*
* \param ctx Context to use
*
* \return Type on success, or POLARSSL_PK_NONE
*/
pk_type_t pk_get_type( const pk_context *ctx );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

11
library/pk.c
View File

@ -273,4 +273,15 @@ const char * pk_get_name( const pk_context *ctx )
return( ctx->pk_info->name ); return( ctx->pk_info->name );
} }
/*
* Access the PK type
*/
pk_type_t pk_get_type( const pk_context *ctx )
{
if( ctx == NULL || ctx->pk_info == NULL )
return( POLARSSL_PK_NONE );
return( ctx->pk_info->type );
}
#endif /* POLARSSL_PK_C */ #endif /* POLARSSL_PK_C */

38
library/x509write.c
View File

@ -707,9 +707,12 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size )
unsigned char hash[64]; unsigned char hash[64];
unsigned char sig[POLARSSL_MPI_MAX_SIZE]; unsigned char sig[POLARSSL_MPI_MAX_SIZE];
unsigned char tmp_buf[2048]; unsigned char tmp_buf[2048];
size_t pub_len = 0, sig_len = 0; size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
size_t len = 0; size_t len = 0;
/*
* Prepare data to be signed in tmp_buf
*/
c = tmp_buf + sizeof( tmp_buf ); c = tmp_buf + sizeof( tmp_buf );
ASN1_CHK_ADD( len, x509_write_extensions( &c, tmp_buf, ctx->extensions ) ); ASN1_CHK_ADD( len, x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
@ -732,6 +735,8 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size )
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) ); ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) );
if( !pk_can_do( ctx->key, POLARSSL_PK_RSA ) )
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
ASN1_CHK_ADD( pub_len, x509write_pubkey_der( pk_rsa( *ctx->key ), ASN1_CHK_ADD( pub_len, x509write_pubkey_der( pk_rsa( *ctx->key ),
tmp_buf, c - tmp_buf ) ); tmp_buf, c - tmp_buf ) );
c -= pub_len; c -= pub_len;
@ -750,29 +755,30 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size )
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
/*
* Prepare signature
*/
md( md_info_from_type( ctx->md_alg ), c, len, hash ); md( md_info_from_type( ctx->md_alg ), c, len, hash );
if( !pk_can_do( ctx->key, POLARSSL_PK_RSA ) ) if( ( ret = pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE ); NULL, NULL ) ) != 0 ||
( ret = oid_get_oid_by_sig_alg( pk_get_type( ctx->key ), ctx->md_alg,
&sig_oid, &sig_oid_len ) ) != 0 )
{
return( ret );
}
// TODO: use pk_sign() /*
rsa_pkcs1_sign( pk_rsa( *ctx->key ), NULL, NULL, RSA_PRIVATE, ctx->md_alg, 0, hash, sig ); * Write data to output buffer
*/
// Generate correct OID
//
// TODO: use pk_info->type
ret = oid_get_oid_by_sig_alg( POLARSSL_PK_RSA, ctx->md_alg, &sig_oid,
&sig_oid_len );
// TODO: use pk_get_len()
c2 = buf + size; c2 = buf + size;
ASN1_CHK_ADD( sig_len, x509_write_sig( &c2, buf, sig_oid, sig_oid_len, ASN1_CHK_ADD( sig_and_oid_len, x509_write_sig( &c2, buf,
sig, pk_rsa( *ctx->key )->len ) ); sig_oid, sig_oid_len, sig, sig_len ) );
c2 -= len; c2 -= len;
memcpy( c2, c, len ); memcpy( c2, c, len );
len += sig_len; len += sig_and_oid_len;
ASN1_CHK_ADD( len, asn1_write_len( &c2, buf, len ) ); ASN1_CHK_ADD( len, asn1_write_len( &c2, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c2, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); ASN1_CHK_ADD( len, asn1_write_tag( &c2, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );