Hannes Tschofenig
Example program to test AES-GCM functionality. Used for a workshop
SSL/library/x509_create.c@0:796d0f61a05b, 2018-09-27 (annotated)
- Committer:
- HannesTschofenig
- Date:
- Thu Sep 27 06:34:22 2018 +0000
- Revision:
- 0:796d0f61a05b
Example AES-GCM test program
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| HannesTschofenig | 0:796d0f61a05b | 1 | /* |
| HannesTschofenig | 0:796d0f61a05b | 2 | * X.509 base functions for creating certificates / CSRs |
| HannesTschofenig | 0:796d0f61a05b | 3 | * |
| HannesTschofenig | 0:796d0f61a05b | 4 | * Copyright (C) 2006-2013, Brainspark B.V. |
| HannesTschofenig | 0:796d0f61a05b | 5 | * |
| HannesTschofenig | 0:796d0f61a05b | 6 | * This file is part of PolarSSL (http://www.polarssl.org) |
| HannesTschofenig | 0:796d0f61a05b | 7 | * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> |
| HannesTschofenig | 0:796d0f61a05b | 8 | * |
| HannesTschofenig | 0:796d0f61a05b | 9 | * All rights reserved. |
| HannesTschofenig | 0:796d0f61a05b | 10 | * |
| HannesTschofenig | 0:796d0f61a05b | 11 | * This program is free software; you can redistribute it and/or modify |
| HannesTschofenig | 0:796d0f61a05b | 12 | * it under the terms of the GNU General Public License as published by |
| HannesTschofenig | 0:796d0f61a05b | 13 | * the Free Software Foundation; either version 2 of the License, or |
| HannesTschofenig | 0:796d0f61a05b | 14 | * (at your option) any later version. |
| HannesTschofenig | 0:796d0f61a05b | 15 | * |
| HannesTschofenig | 0:796d0f61a05b | 16 | * This program is distributed in the hope that it will be useful, |
| HannesTschofenig | 0:796d0f61a05b | 17 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| HannesTschofenig | 0:796d0f61a05b | 18 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| HannesTschofenig | 0:796d0f61a05b | 19 | * GNU General Public License for more details. |
| HannesTschofenig | 0:796d0f61a05b | 20 | * |
| HannesTschofenig | 0:796d0f61a05b | 21 | * You should have received a copy of the GNU General Public License along |
| HannesTschofenig | 0:796d0f61a05b | 22 | * with this program; if not, write to the Free Software Foundation, Inc., |
| HannesTschofenig | 0:796d0f61a05b | 23 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
| HannesTschofenig | 0:796d0f61a05b | 24 | */ |
| HannesTschofenig | 0:796d0f61a05b | 25 | |
| HannesTschofenig | 0:796d0f61a05b | 26 | #if !defined(POLARSSL_CONFIG_FILE) |
| HannesTschofenig | 0:796d0f61a05b | 27 | #include "polarssl/config.h" |
| HannesTschofenig | 0:796d0f61a05b | 28 | #else |
| HannesTschofenig | 0:796d0f61a05b | 29 | #include POLARSSL_CONFIG_FILE |
| HannesTschofenig | 0:796d0f61a05b | 30 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 31 | |
| HannesTschofenig | 0:796d0f61a05b | 32 | #if defined(POLARSSL_X509_CREATE_C) |
| HannesTschofenig | 0:796d0f61a05b | 33 | |
| HannesTschofenig | 0:796d0f61a05b | 34 | #include "polarssl/x509.h" |
| HannesTschofenig | 0:796d0f61a05b | 35 | #include "polarssl/asn1write.h" |
| HannesTschofenig | 0:796d0f61a05b | 36 | #include "polarssl/oid.h" |
| HannesTschofenig | 0:796d0f61a05b | 37 | |
| HannesTschofenig | 0:796d0f61a05b | 38 | #if defined(_MSC_VER) && !defined strncasecmp && !defined(EFIX64) && \ |
| HannesTschofenig | 0:796d0f61a05b | 39 | !defined(EFI32) |
| HannesTschofenig | 0:796d0f61a05b | 40 | #define strncasecmp _strnicmp |
| HannesTschofenig | 0:796d0f61a05b | 41 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 42 | |
| HannesTschofenig | 0:796d0f61a05b | 43 | int x509_string_to_names( asn1_named_data **head, const char *name ) |
| HannesTschofenig | 0:796d0f61a05b | 44 | { |
| HannesTschofenig | 0:796d0f61a05b | 45 | int ret = 0; |
| HannesTschofenig | 0:796d0f61a05b | 46 | const char *s = name, *c = s; |
| HannesTschofenig | 0:796d0f61a05b | 47 | const char *end = s + strlen( s ); |
| HannesTschofenig | 0:796d0f61a05b | 48 | const char *oid = NULL; |
| HannesTschofenig | 0:796d0f61a05b | 49 | int in_tag = 1; |
| HannesTschofenig | 0:796d0f61a05b | 50 | |
| HannesTschofenig | 0:796d0f61a05b | 51 | /* Clear existing chain if present */ |
| HannesTschofenig | 0:796d0f61a05b | 52 | asn1_free_named_data_list( head ); |
| HannesTschofenig | 0:796d0f61a05b | 53 | |
| HannesTschofenig | 0:796d0f61a05b | 54 | while( c <= end ) |
| HannesTschofenig | 0:796d0f61a05b | 55 | { |
| HannesTschofenig | 0:796d0f61a05b | 56 | if( in_tag && *c == '=' ) |
| HannesTschofenig | 0:796d0f61a05b | 57 | { |
| HannesTschofenig | 0:796d0f61a05b | 58 | if( c - s == 2 && strncasecmp( s, "CN", 2 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 59 | oid = OID_AT_CN; |
| HannesTschofenig | 0:796d0f61a05b | 60 | else if( c - s == 10 && strncasecmp( s, "commonName", 10 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 61 | oid = OID_AT_CN; |
| HannesTschofenig | 0:796d0f61a05b | 62 | else if( c - s == 1 && strncasecmp( s, "C", 1 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 63 | oid = OID_AT_COUNTRY; |
| HannesTschofenig | 0:796d0f61a05b | 64 | else if( c - s == 11 && strncasecmp( s, "countryName", 11 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 65 | oid = OID_AT_COUNTRY; |
| HannesTschofenig | 0:796d0f61a05b | 66 | else if( c - s == 1 && strncasecmp( s, "O", 1 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 67 | oid = OID_AT_ORGANIZATION; |
| HannesTschofenig | 0:796d0f61a05b | 68 | else if( c - s == 16 && |
| HannesTschofenig | 0:796d0f61a05b | 69 | strncasecmp( s, "organizationName", 16 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 70 | oid = OID_AT_ORGANIZATION; |
| HannesTschofenig | 0:796d0f61a05b | 71 | else if( c - s == 1 && strncasecmp( s, "L", 1 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 72 | oid = OID_AT_LOCALITY; |
| HannesTschofenig | 0:796d0f61a05b | 73 | else if( c - s == 8 && strncasecmp( s, "locality", 8 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 74 | oid = OID_AT_LOCALITY; |
| HannesTschofenig | 0:796d0f61a05b | 75 | else if( c - s == 1 && strncasecmp( s, "R", 1 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 76 | oid = OID_PKCS9_EMAIL; |
| HannesTschofenig | 0:796d0f61a05b | 77 | else if( c - s == 2 && strncasecmp( s, "OU", 2 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 78 | oid = OID_AT_ORG_UNIT; |
| HannesTschofenig | 0:796d0f61a05b | 79 | else if( c - s == 22 && |
| HannesTschofenig | 0:796d0f61a05b | 80 | strncasecmp( s, "organizationalUnitName", 22 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 81 | oid = OID_AT_ORG_UNIT; |
| HannesTschofenig | 0:796d0f61a05b | 82 | else if( c - s == 2 && strncasecmp( s, "ST", 2 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 83 | oid = OID_AT_STATE; |
| HannesTschofenig | 0:796d0f61a05b | 84 | else if( c - s == 19 && |
| HannesTschofenig | 0:796d0f61a05b | 85 | strncasecmp( s, "stateOrProvinceName", 19 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 86 | oid = OID_AT_STATE; |
| HannesTschofenig | 0:796d0f61a05b | 87 | else if( c - s == 12 && strncasecmp( s, "emailAddress", 12 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 88 | oid = OID_PKCS9_EMAIL; |
| HannesTschofenig | 0:796d0f61a05b | 89 | else if( c - s == 12 && strncasecmp( s, "serialNumber", 12 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 90 | oid = OID_AT_SERIAL_NUMBER; |
| HannesTschofenig | 0:796d0f61a05b | 91 | else if( c - s == 13 && strncasecmp( s, "postalAddress", 13 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 92 | oid = OID_AT_POSTAL_ADDRESS; |
| HannesTschofenig | 0:796d0f61a05b | 93 | else if( c - s == 10 && strncasecmp( s, "postalCode", 10 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 94 | oid = OID_AT_POSTAL_CODE; |
| HannesTschofenig | 0:796d0f61a05b | 95 | else if( c - s == 11 && strncasecmp( s, "dnQualifier", 11 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 96 | oid = OID_AT_DN_QUALIFIER; |
| HannesTschofenig | 0:796d0f61a05b | 97 | else if( c - s == 5 && strncasecmp( s, "title", 5 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 98 | oid = OID_AT_TITLE; |
| HannesTschofenig | 0:796d0f61a05b | 99 | else if( c - s == 7 && strncasecmp( s, "surName", 7 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 100 | oid = OID_AT_SUR_NAME; |
| HannesTschofenig | 0:796d0f61a05b | 101 | else if( c - s == 2 && strncasecmp( s, "SN", 2 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 102 | oid = OID_AT_SUR_NAME; |
| HannesTschofenig | 0:796d0f61a05b | 103 | else if( c - s == 9 && strncasecmp( s, "givenName", 9 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 104 | oid = OID_AT_GIVEN_NAME; |
| HannesTschofenig | 0:796d0f61a05b | 105 | else if( c - s == 2 && strncasecmp( s, "GN", 2 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 106 | oid = OID_AT_GIVEN_NAME; |
| HannesTschofenig | 0:796d0f61a05b | 107 | else if( c - s == 8 && strncasecmp( s, "initials", 8 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 108 | oid = OID_AT_INITIALS; |
| HannesTschofenig | 0:796d0f61a05b | 109 | else if( c - s == 9 && strncasecmp( s, "pseudonym", 9 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 110 | oid = OID_AT_PSEUDONYM; |
| HannesTschofenig | 0:796d0f61a05b | 111 | else if( c - s == 19 && |
| HannesTschofenig | 0:796d0f61a05b | 112 | strncasecmp( s, "generationQualifier", 19 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 113 | oid = OID_AT_GENERATION_QUALIFIER; |
| HannesTschofenig | 0:796d0f61a05b | 114 | else if( c - s == 15 && |
| HannesTschofenig | 0:796d0f61a05b | 115 | strncasecmp( s, "domainComponent", 15 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 116 | oid = OID_DOMAIN_COMPONENT; |
| HannesTschofenig | 0:796d0f61a05b | 117 | else if( c - s == 2 && strncasecmp( s, "DC", 2 ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 118 | oid = OID_DOMAIN_COMPONENT; |
| HannesTschofenig | 0:796d0f61a05b | 119 | else |
| HannesTschofenig | 0:796d0f61a05b | 120 | { |
| HannesTschofenig | 0:796d0f61a05b | 121 | ret = POLARSSL_ERR_X509_UNKNOWN_OID; |
| HannesTschofenig | 0:796d0f61a05b | 122 | goto exit; |
| HannesTschofenig | 0:796d0f61a05b | 123 | } |
| HannesTschofenig | 0:796d0f61a05b | 124 | |
| HannesTschofenig | 0:796d0f61a05b | 125 | s = c + 1; |
| HannesTschofenig | 0:796d0f61a05b | 126 | in_tag = 0; |
| HannesTschofenig | 0:796d0f61a05b | 127 | } |
| HannesTschofenig | 0:796d0f61a05b | 128 | |
| HannesTschofenig | 0:796d0f61a05b | 129 | if( !in_tag && ( *c == ',' || c == end ) ) |
| HannesTschofenig | 0:796d0f61a05b | 130 | { |
| HannesTschofenig | 0:796d0f61a05b | 131 | if( asn1_store_named_data( head, oid, strlen( oid ), |
| HannesTschofenig | 0:796d0f61a05b | 132 | (unsigned char *) s, |
| HannesTschofenig | 0:796d0f61a05b | 133 | c - s ) == NULL ) |
| HannesTschofenig | 0:796d0f61a05b | 134 | { |
| HannesTschofenig | 0:796d0f61a05b | 135 | return( POLARSSL_ERR_X509_MALLOC_FAILED ); |
| HannesTschofenig | 0:796d0f61a05b | 136 | } |
| HannesTschofenig | 0:796d0f61a05b | 137 | |
| HannesTschofenig | 0:796d0f61a05b | 138 | while( c < end && *(c + 1) == ' ' ) |
| HannesTschofenig | 0:796d0f61a05b | 139 | c++; |
| HannesTschofenig | 0:796d0f61a05b | 140 | |
| HannesTschofenig | 0:796d0f61a05b | 141 | s = c + 1; |
| HannesTschofenig | 0:796d0f61a05b | 142 | in_tag = 1; |
| HannesTschofenig | 0:796d0f61a05b | 143 | } |
| HannesTschofenig | 0:796d0f61a05b | 144 | c++; |
| HannesTschofenig | 0:796d0f61a05b | 145 | } |
| HannesTschofenig | 0:796d0f61a05b | 146 | |
| HannesTschofenig | 0:796d0f61a05b | 147 | exit: |
| HannesTschofenig | 0:796d0f61a05b | 148 | |
| HannesTschofenig | 0:796d0f61a05b | 149 | return( ret ); |
| HannesTschofenig | 0:796d0f61a05b | 150 | } |
| HannesTschofenig | 0:796d0f61a05b | 151 | |
| HannesTschofenig | 0:796d0f61a05b | 152 | /* The first byte of the value in the asn1_named_data structure is reserved |
| HannesTschofenig | 0:796d0f61a05b | 153 | * to store the critical boolean for us |
| HannesTschofenig | 0:796d0f61a05b | 154 | */ |
| HannesTschofenig | 0:796d0f61a05b | 155 | int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, |
| HannesTschofenig | 0:796d0f61a05b | 156 | int critical, const unsigned char *val, size_t val_len ) |
| HannesTschofenig | 0:796d0f61a05b | 157 | { |
| HannesTschofenig | 0:796d0f61a05b | 158 | asn1_named_data *cur; |
| HannesTschofenig | 0:796d0f61a05b | 159 | |
| HannesTschofenig | 0:796d0f61a05b | 160 | if( ( cur = asn1_store_named_data( head, oid, oid_len, |
| HannesTschofenig | 0:796d0f61a05b | 161 | NULL, val_len + 1 ) ) == NULL ) |
| HannesTschofenig | 0:796d0f61a05b | 162 | { |
| HannesTschofenig | 0:796d0f61a05b | 163 | return( POLARSSL_ERR_X509_MALLOC_FAILED ); |
| HannesTschofenig | 0:796d0f61a05b | 164 | } |
| HannesTschofenig | 0:796d0f61a05b | 165 | |
| HannesTschofenig | 0:796d0f61a05b | 166 | cur->val.p[0] = critical; |
| HannesTschofenig | 0:796d0f61a05b | 167 | memcpy( cur->val.p + 1, val, val_len ); |
| HannesTschofenig | 0:796d0f61a05b | 168 | |
| HannesTschofenig | 0:796d0f61a05b | 169 | return( 0 ); |
| HannesTschofenig | 0:796d0f61a05b | 170 | } |
| HannesTschofenig | 0:796d0f61a05b | 171 | |
| HannesTschofenig | 0:796d0f61a05b | 172 | /* |
| HannesTschofenig | 0:796d0f61a05b | 173 | * RelativeDistinguishedName ::= |
| HannesTschofenig | 0:796d0f61a05b | 174 | * SET OF AttributeTypeAndValue |
| HannesTschofenig | 0:796d0f61a05b | 175 | * |
| HannesTschofenig | 0:796d0f61a05b | 176 | * AttributeTypeAndValue ::= SEQUENCE { |
| HannesTschofenig | 0:796d0f61a05b | 177 | * type AttributeType, |
| HannesTschofenig | 0:796d0f61a05b | 178 | * value AttributeValue } |
| HannesTschofenig | 0:796d0f61a05b | 179 | * |
| HannesTschofenig | 0:796d0f61a05b | 180 | * AttributeType ::= OBJECT IDENTIFIER |
| HannesTschofenig | 0:796d0f61a05b | 181 | * |
| HannesTschofenig | 0:796d0f61a05b | 182 | * AttributeValue ::= ANY DEFINED BY AttributeType |
| HannesTschofenig | 0:796d0f61a05b | 183 | */ |
| HannesTschofenig | 0:796d0f61a05b | 184 | static int x509_write_name( unsigned char **p, unsigned char *start, |
| HannesTschofenig | 0:796d0f61a05b | 185 | const char *oid, size_t oid_len, |
| HannesTschofenig | 0:796d0f61a05b | 186 | const unsigned char *name, size_t name_len ) |
| HannesTschofenig | 0:796d0f61a05b | 187 | { |
| HannesTschofenig | 0:796d0f61a05b | 188 | int ret; |
| HannesTschofenig | 0:796d0f61a05b | 189 | size_t len = 0; |
| HannesTschofenig | 0:796d0f61a05b | 190 | |
| HannesTschofenig | 0:796d0f61a05b | 191 | // Write PrintableString for all except OID_PKCS9_EMAIL |
| HannesTschofenig | 0:796d0f61a05b | 192 | // |
| HannesTschofenig | 0:796d0f61a05b | 193 | if( OID_SIZE( OID_PKCS9_EMAIL ) == oid_len && |
| HannesTschofenig | 0:796d0f61a05b | 194 | memcmp( oid, OID_PKCS9_EMAIL, oid_len ) == 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 195 | { |
| HannesTschofenig | 0:796d0f61a05b | 196 | ASN1_CHK_ADD( len, asn1_write_ia5_string( p, start, |
| HannesTschofenig | 0:796d0f61a05b | 197 | (const char *) name, |
| HannesTschofenig | 0:796d0f61a05b | 198 | name_len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 199 | } |
| HannesTschofenig | 0:796d0f61a05b | 200 | else |
| HannesTschofenig | 0:796d0f61a05b | 201 | { |
| HannesTschofenig | 0:796d0f61a05b | 202 | ASN1_CHK_ADD( len, asn1_write_printable_string( p, start, |
| HannesTschofenig | 0:796d0f61a05b | 203 | (const char *) name, |
| HannesTschofenig | 0:796d0f61a05b | 204 | name_len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 205 | } |
| HannesTschofenig | 0:796d0f61a05b | 206 | |
| HannesTschofenig | 0:796d0f61a05b | 207 | // Write OID |
| HannesTschofenig | 0:796d0f61a05b | 208 | // |
| HannesTschofenig | 0:796d0f61a05b | 209 | ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 210 | |
| HannesTschofenig | 0:796d0f61a05b | 211 | ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 212 | ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | |
| HannesTschofenig | 0:796d0f61a05b | 213 | ASN1_SEQUENCE ) ); |
| HannesTschofenig | 0:796d0f61a05b | 214 | |
| HannesTschofenig | 0:796d0f61a05b | 215 | ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 216 | ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | |
| HannesTschofenig | 0:796d0f61a05b | 217 | ASN1_SET ) ); |
| HannesTschofenig | 0:796d0f61a05b | 218 | |
| HannesTschofenig | 0:796d0f61a05b | 219 | return( (int) len ); |
| HannesTschofenig | 0:796d0f61a05b | 220 | } |
| HannesTschofenig | 0:796d0f61a05b | 221 | |
| HannesTschofenig | 0:796d0f61a05b | 222 | int x509_write_names( unsigned char **p, unsigned char *start, |
| HannesTschofenig | 0:796d0f61a05b | 223 | asn1_named_data *first ) |
| HannesTschofenig | 0:796d0f61a05b | 224 | { |
| HannesTschofenig | 0:796d0f61a05b | 225 | int ret; |
| HannesTschofenig | 0:796d0f61a05b | 226 | size_t len = 0; |
| HannesTschofenig | 0:796d0f61a05b | 227 | asn1_named_data *cur = first; |
| HannesTschofenig | 0:796d0f61a05b | 228 | |
| HannesTschofenig | 0:796d0f61a05b | 229 | while( cur != NULL ) |
| HannesTschofenig | 0:796d0f61a05b | 230 | { |
| HannesTschofenig | 0:796d0f61a05b | 231 | ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p, |
| HannesTschofenig | 0:796d0f61a05b | 232 | cur->oid.len, |
| HannesTschofenig | 0:796d0f61a05b | 233 | cur->val.p, cur->val.len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 234 | cur = cur->next; |
| HannesTschofenig | 0:796d0f61a05b | 235 | } |
| HannesTschofenig | 0:796d0f61a05b | 236 | |
| HannesTschofenig | 0:796d0f61a05b | 237 | ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 238 | ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | |
| HannesTschofenig | 0:796d0f61a05b | 239 | ASN1_SEQUENCE ) ); |
| HannesTschofenig | 0:796d0f61a05b | 240 | |
| HannesTschofenig | 0:796d0f61a05b | 241 | return( (int) len ); |
| HannesTschofenig | 0:796d0f61a05b | 242 | } |
| HannesTschofenig | 0:796d0f61a05b | 243 | |
| HannesTschofenig | 0:796d0f61a05b | 244 | int x509_write_sig( unsigned char **p, unsigned char *start, |
| HannesTschofenig | 0:796d0f61a05b | 245 | const char *oid, size_t oid_len, |
| HannesTschofenig | 0:796d0f61a05b | 246 | unsigned char *sig, size_t size ) |
| HannesTschofenig | 0:796d0f61a05b | 247 | { |
| HannesTschofenig | 0:796d0f61a05b | 248 | int ret; |
| HannesTschofenig | 0:796d0f61a05b | 249 | size_t len = 0; |
| HannesTschofenig | 0:796d0f61a05b | 250 | |
| HannesTschofenig | 0:796d0f61a05b | 251 | if( *p - start < (int) size + 1 ) |
| HannesTschofenig | 0:796d0f61a05b | 252 | return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); |
| HannesTschofenig | 0:796d0f61a05b | 253 | |
| HannesTschofenig | 0:796d0f61a05b | 254 | len = size; |
| HannesTschofenig | 0:796d0f61a05b | 255 | (*p) -= len; |
| HannesTschofenig | 0:796d0f61a05b | 256 | memcpy( *p, sig, len ); |
| HannesTschofenig | 0:796d0f61a05b | 257 | |
| HannesTschofenig | 0:796d0f61a05b | 258 | *--(*p) = 0; |
| HannesTschofenig | 0:796d0f61a05b | 259 | len += 1; |
| HannesTschofenig | 0:796d0f61a05b | 260 | |
| HannesTschofenig | 0:796d0f61a05b | 261 | ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 262 | ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) ); |
| HannesTschofenig | 0:796d0f61a05b | 263 | |
| HannesTschofenig | 0:796d0f61a05b | 264 | // Write OID |
| HannesTschofenig | 0:796d0f61a05b | 265 | // |
| HannesTschofenig | 0:796d0f61a05b | 266 | ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( p, start, oid, |
| HannesTschofenig | 0:796d0f61a05b | 267 | oid_len, 0 ) ); |
| HannesTschofenig | 0:796d0f61a05b | 268 | |
| HannesTschofenig | 0:796d0f61a05b | 269 | return( (int) len ); |
| HannesTschofenig | 0:796d0f61a05b | 270 | } |
| HannesTschofenig | 0:796d0f61a05b | 271 | |
| HannesTschofenig | 0:796d0f61a05b | 272 | static int x509_write_extension( unsigned char **p, unsigned char *start, |
| HannesTschofenig | 0:796d0f61a05b | 273 | asn1_named_data *ext ) |
| HannesTschofenig | 0:796d0f61a05b | 274 | { |
| HannesTschofenig | 0:796d0f61a05b | 275 | int ret; |
| HannesTschofenig | 0:796d0f61a05b | 276 | size_t len = 0; |
| HannesTschofenig | 0:796d0f61a05b | 277 | |
| HannesTschofenig | 0:796d0f61a05b | 278 | ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, ext->val.p + 1, |
| HannesTschofenig | 0:796d0f61a05b | 279 | ext->val.len - 1 ) ); |
| HannesTschofenig | 0:796d0f61a05b | 280 | ASN1_CHK_ADD( len, asn1_write_len( p, start, ext->val.len - 1 ) ); |
| HannesTschofenig | 0:796d0f61a05b | 281 | ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OCTET_STRING ) ); |
| HannesTschofenig | 0:796d0f61a05b | 282 | |
| HannesTschofenig | 0:796d0f61a05b | 283 | if( ext->val.p[0] != 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 284 | { |
| HannesTschofenig | 0:796d0f61a05b | 285 | ASN1_CHK_ADD( len, asn1_write_bool( p, start, 1 ) ); |
| HannesTschofenig | 0:796d0f61a05b | 286 | } |
| HannesTschofenig | 0:796d0f61a05b | 287 | |
| HannesTschofenig | 0:796d0f61a05b | 288 | ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, ext->oid.p, |
| HannesTschofenig | 0:796d0f61a05b | 289 | ext->oid.len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 290 | ASN1_CHK_ADD( len, asn1_write_len( p, start, ext->oid.len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 291 | ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OID ) ); |
| HannesTschofenig | 0:796d0f61a05b | 292 | |
| HannesTschofenig | 0:796d0f61a05b | 293 | ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); |
| HannesTschofenig | 0:796d0f61a05b | 294 | ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | |
| HannesTschofenig | 0:796d0f61a05b | 295 | ASN1_SEQUENCE ) ); |
| HannesTschofenig | 0:796d0f61a05b | 296 | |
| HannesTschofenig | 0:796d0f61a05b | 297 | return( (int) len ); |
| HannesTschofenig | 0:796d0f61a05b | 298 | } |
| HannesTschofenig | 0:796d0f61a05b | 299 | |
| HannesTschofenig | 0:796d0f61a05b | 300 | /* |
| HannesTschofenig | 0:796d0f61a05b | 301 | * Extension ::= SEQUENCE { |
| HannesTschofenig | 0:796d0f61a05b | 302 | * extnID OBJECT IDENTIFIER, |
| HannesTschofenig | 0:796d0f61a05b | 303 | * critical BOOLEAN DEFAULT FALSE, |
| HannesTschofenig | 0:796d0f61a05b | 304 | * extnValue OCTET STRING |
| HannesTschofenig | 0:796d0f61a05b | 305 | * -- contains the DER encoding of an ASN.1 value |
| HannesTschofenig | 0:796d0f61a05b | 306 | * -- corresponding to the extension type identified |
| HannesTschofenig | 0:796d0f61a05b | 307 | * -- by extnID |
| HannesTschofenig | 0:796d0f61a05b | 308 | * } |
| HannesTschofenig | 0:796d0f61a05b | 309 | */ |
| HannesTschofenig | 0:796d0f61a05b | 310 | int x509_write_extensions( unsigned char **p, unsigned char *start, |
| HannesTschofenig | 0:796d0f61a05b | 311 | asn1_named_data *first ) |
| HannesTschofenig | 0:796d0f61a05b | 312 | { |
| HannesTschofenig | 0:796d0f61a05b | 313 | int ret; |
| HannesTschofenig | 0:796d0f61a05b | 314 | size_t len = 0; |
| HannesTschofenig | 0:796d0f61a05b | 315 | asn1_named_data *cur_ext = first; |
| HannesTschofenig | 0:796d0f61a05b | 316 | |
| HannesTschofenig | 0:796d0f61a05b | 317 | while( cur_ext != NULL ) |
| HannesTschofenig | 0:796d0f61a05b | 318 | { |
| HannesTschofenig | 0:796d0f61a05b | 319 | ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) ); |
| HannesTschofenig | 0:796d0f61a05b | 320 | cur_ext = cur_ext->next; |
| HannesTschofenig | 0:796d0f61a05b | 321 | } |
| HannesTschofenig | 0:796d0f61a05b | 322 | |
| HannesTschofenig | 0:796d0f61a05b | 323 | return( (int) len ); |
| HannesTschofenig | 0:796d0f61a05b | 324 | } |
| HannesTschofenig | 0:796d0f61a05b | 325 | |
| HannesTschofenig | 0:796d0f61a05b | 326 | #endif /* POLARSSL_X509_CREATE_C */ |
| HannesTschofenig | 0:796d0f61a05b | 327 | |
| HannesTschofenig | 0:796d0f61a05b | 328 |