ReactOS 0.4.15-dev-7934-g1dc8d80
pkwrite.c
Go to the documentation of this file.
1/*
2 * Public Key layer for writing key files and structures
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6 *
7 * This file is provided under the Apache License 2.0, or the
8 * GNU General Public License v2.0 or later.
9 *
10 * **********
11 * Apache License 2.0:
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
14 * not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 *
25 * **********
26 *
27 * **********
28 * GNU General Public License v2.0 or later:
29 *
30 * This program is free software; you can redistribute it and/or modify
31 * it under the terms of the GNU General Public License as published by
32 * the Free Software Foundation; either version 2 of the License, or
33 * (at your option) any later version.
34 *
35 * This program is distributed in the hope that it will be useful,
36 * but WITHOUT ANY WARRANTY; without even the implied warranty of
37 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
38 * GNU General Public License for more details.
39 *
40 * You should have received a copy of the GNU General Public License along
41 * with this program; if not, write to the Free Software Foundation, Inc.,
42 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
43 *
44 * **********
45 */
46
47#if !defined(MBEDTLS_CONFIG_FILE)
48#include "mbedtls/config.h"
49#else
50#include MBEDTLS_CONFIG_FILE
51#endif
52
53#if defined(MBEDTLS_PK_WRITE_C)
54
55#include "mbedtls/pk.h"
56#include "mbedtls/asn1write.h"
57#include "mbedtls/oid.h"
58#include "mbedtls/platform_util.h"
59
60#include <string.h>
61
62#if defined(MBEDTLS_RSA_C)
63#include "mbedtls/rsa.h"
64#endif
65#if defined(MBEDTLS_ECP_C)
66#include "mbedtls/bignum.h"
67#include "mbedtls/ecp.h"
68#include "mbedtls/platform_util.h"
69#endif
70#if defined(MBEDTLS_ECDSA_C)
71#include "mbedtls/ecdsa.h"
72#endif
73#if defined(MBEDTLS_PEM_WRITE_C)
74#include "mbedtls/pem.h"
75#endif
76
77#if defined(MBEDTLS_PLATFORM_C)
78#include "mbedtls/platform.h"
79#else
80#include <stdlib.h>
81#define mbedtls_calloc calloc
82#define mbedtls_free free
83#endif
84
85/* Parameter validation macros based on platform_util.h */
86#define PK_VALIDATE_RET( cond ) \
87 MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA )
88#define PK_VALIDATE( cond ) \
89 MBEDTLS_INTERNAL_VALIDATE( cond )
90
91#if defined(MBEDTLS_RSA_C)
92/*
93 * RSAPublicKey ::= SEQUENCE {
94 * modulus INTEGER, -- n
95 * publicExponent INTEGER -- e
96 * }
97 */
98static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
99 mbedtls_rsa_context *rsa )
100{
101 int ret;
102 size_t len = 0;
103 mbedtls_mpi T;
104
105 mbedtls_mpi_init( &T );
106
107 /* Export E */
108 if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &T ) ) != 0 ||
109 ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
110 goto end_of_export;
111 len += ret;
112
113 /* Export N */
114 if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL, NULL, NULL, NULL ) ) != 0 ||
115 ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
116 goto end_of_export;
117 len += ret;
118
119end_of_export:
120
121 mbedtls_mpi_free( &T );
122 if( ret < 0 )
123 return( ret );
124
125 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
126 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
127 MBEDTLS_ASN1_SEQUENCE ) );
128
129 return( (int) len );
130}
131#endif /* MBEDTLS_RSA_C */
132
133#if defined(MBEDTLS_ECP_C)
134/*
135 * EC public key is an EC point
136 */
137static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start,
138 mbedtls_ecp_keypair *ec )
139{
140 int ret;
141 size_t len = 0;
142 unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN];
143
144 if( ( ret = mbedtls_ecp_point_write_binary( &ec->grp, &ec->Q,
145 MBEDTLS_ECP_PF_UNCOMPRESSED,
146 &len, buf, sizeof( buf ) ) ) != 0 )
147 {
148 return( ret );
149 }
150
151 if( *p < start || (size_t)( *p - start ) < len )
152 return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
153
154 *p -= len;
155 memcpy( *p, buf, len );
156
157 return( (int) len );
158}
159
160/*
161 * ECParameters ::= CHOICE {
162 * namedCurve OBJECT IDENTIFIER
163 * }
164 */
165static int pk_write_ec_param( unsigned char **p, unsigned char *start,
166 mbedtls_ecp_keypair *ec )
167{
168 int ret;
169 size_t len = 0;
170 const char *oid;
171 size_t oid_len;
172
173 if( ( ret = mbedtls_oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
174 return( ret );
175
176 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
177
178 return( (int) len );
179}
180
181/*
182 * privateKey OCTET STRING -- always of length ceil(log2(n)/8)
183 */
184static int pk_write_ec_private( unsigned char **p, unsigned char *start,
185 mbedtls_ecp_keypair *ec )
186{
187 int ret;
188 size_t byte_length = ( ec->grp.pbits + 7 ) / 8;
189 unsigned char tmp[MBEDTLS_ECP_MAX_BYTES];
190
191 ret = mbedtls_mpi_write_binary( &ec->d, tmp, byte_length );
192 if( ret != 0 )
193 goto exit;
194 ret = mbedtls_asn1_write_octet_string( p, start, tmp, byte_length );
195
196exit:
197 mbedtls_platform_zeroize( tmp, byte_length );
198 return( ret );
199}
200#endif /* MBEDTLS_ECP_C */
201
202int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
203 const mbedtls_pk_context *key )
204{
205 int ret;
206 size_t len = 0;
207
208 PK_VALIDATE_RET( p != NULL );
209 PK_VALIDATE_RET( *p != NULL );
210 PK_VALIDATE_RET( start != NULL );
211 PK_VALIDATE_RET( key != NULL );
212
213#if defined(MBEDTLS_RSA_C)
214 if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
215 MBEDTLS_ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, mbedtls_pk_rsa( *key ) ) );
216 else
217#endif
218#if defined(MBEDTLS_ECP_C)
219 if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
220 MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) );
221 else
222#endif
223 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
224
225 return( (int) len );
226}
227
228int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, size_t size )
229{
230 int ret;
231 unsigned char *c;
232 size_t len = 0, par_len = 0, oid_len;
233 const char *oid;
234
235 PK_VALIDATE_RET( key != NULL );
236 if( size == 0 )
237 return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
238 PK_VALIDATE_RET( buf != NULL );
239
240 c = buf + size;
241
242 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) );
243
244 if( c - buf < 1 )
245 return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
246
247 /*
248 * SubjectPublicKeyInfo ::= SEQUENCE {
249 * algorithm AlgorithmIdentifier,
250 * subjectPublicKey BIT STRING }
251 */
252 *--c = 0;
253 len += 1;
254
255 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
256 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) );
257
258 if( ( ret = mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_get_type( key ),
259 &oid, &oid_len ) ) != 0 )
260 {
261 return( ret );
262 }
263
264#if defined(MBEDTLS_ECP_C)
265 if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
266 {
267 MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, mbedtls_pk_ec( *key ) ) );
268 }
269#endif
270
271 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
272 par_len ) );
273
274 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
275 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
276 MBEDTLS_ASN1_SEQUENCE ) );
277
278 return( (int) len );
279}
280
281int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size )
282{
283 int ret;
284 unsigned char *c;
285 size_t len = 0;
286
287 PK_VALIDATE_RET( key != NULL );
288 if( size == 0 )
289 return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
290 PK_VALIDATE_RET( buf != NULL );
291
292 c = buf + size;
293
294#if defined(MBEDTLS_RSA_C)
295 if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
296 {
297 mbedtls_mpi T; /* Temporary holding the exported parameters */
298 mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *key );
299
300 /*
301 * Export the parameters one after another to avoid simultaneous copies.
302 */
303
304 mbedtls_mpi_init( &T );
305
306 /* Export QP */
307 if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, NULL, &T ) ) != 0 ||
308 ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
309 goto end_of_export;
310 len += ret;
311
312 /* Export DQ */
313 if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, &T, NULL ) ) != 0 ||
314 ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
315 goto end_of_export;
316 len += ret;
317
318 /* Export DP */
319 if( ( ret = mbedtls_rsa_export_crt( rsa, &T, NULL, NULL ) ) != 0 ||
320 ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
321 goto end_of_export;
322 len += ret;
323
324 /* Export Q */
325 if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL,
326 &T, NULL, NULL ) ) != 0 ||
327 ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
328 goto end_of_export;
329 len += ret;
330
331 /* Export P */
332 if ( ( ret = mbedtls_rsa_export( rsa, NULL, &T,
333 NULL, NULL, NULL ) ) != 0 ||
334 ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
335 goto end_of_export;
336 len += ret;
337
338 /* Export D */
339 if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL,
340 NULL, &T, NULL ) ) != 0 ||
341 ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
342 goto end_of_export;
343 len += ret;
344
345 /* Export E */
346 if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL,
347 NULL, NULL, &T ) ) != 0 ||
348 ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
349 goto end_of_export;
350 len += ret;
351
352 /* Export N */
353 if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL,
354 NULL, NULL, NULL ) ) != 0 ||
355 ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
356 goto end_of_export;
357 len += ret;
358
359 end_of_export:
360
361 mbedtls_mpi_free( &T );
362 if( ret < 0 )
363 return( ret );
364
365 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
366 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
367 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c,
368 buf, MBEDTLS_ASN1_CONSTRUCTED |
369 MBEDTLS_ASN1_SEQUENCE ) );
370 }
371 else
372#endif /* MBEDTLS_RSA_C */
373#if defined(MBEDTLS_ECP_C)
374 if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
375 {
376 mbedtls_ecp_keypair *ec = mbedtls_pk_ec( *key );
377 size_t pub_len = 0, par_len = 0;
378
379 /*
380 * RFC 5915, or SEC1 Appendix C.4
381 *
382 * ECPrivateKey ::= SEQUENCE {
383 * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
384 * privateKey OCTET STRING,
385 * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
386 * publicKey [1] BIT STRING OPTIONAL
387 * }
388 */
389
390 /* publicKey */
391 MBEDTLS_ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) );
392
393 if( c - buf < 1 )
394 return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
395 *--c = 0;
396 pub_len += 1;
397
398 MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) );
399 MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) );
400
401 MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) );
402 MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf,
403 MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) );
404 len += pub_len;
405
406 /* parameters */
407 MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) );
408
409 MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_len( &c, buf, par_len ) );
410 MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_tag( &c, buf,
411 MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
412 len += par_len;
413
414 /* privateKey */
415 MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_private( &c, buf, ec ) );
416
417 /* version */
418 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) );
419
420 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
421 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
422 MBEDTLS_ASN1_SEQUENCE ) );
423 }
424 else
425#endif /* MBEDTLS_ECP_C */
426 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
427
428 return( (int) len );
429}
430
431#if defined(MBEDTLS_PEM_WRITE_C)
432
433#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
434#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
435
436#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n"
437#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n"
438#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n"
439#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n"
440
441/*
442 * Max sizes of key per types. Shown as tag + len (+ content).
443 */
444
445#if defined(MBEDTLS_RSA_C)
446/*
447 * RSA public keys:
448 * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 3
449 * algorithm AlgorithmIdentifier, 1 + 1 (sequence)
450 * + 1 + 1 + 9 (rsa oid)
451 * + 1 + 1 (params null)
452 * subjectPublicKey BIT STRING } 1 + 3 + (1 + below)
453 * RSAPublicKey ::= SEQUENCE { 1 + 3
454 * modulus INTEGER, -- n 1 + 3 + MPI_MAX + 1
455 * publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1
456 * }
457 */
458#define RSA_PUB_DER_MAX_BYTES ( 38 + 2 * MBEDTLS_MPI_MAX_SIZE )
459
460/*
461 * RSA private keys:
462 * RSAPrivateKey ::= SEQUENCE { 1 + 3
463 * version Version, 1 + 1 + 1
464 * modulus INTEGER, 1 + 3 + MPI_MAX + 1
465 * publicExponent INTEGER, 1 + 3 + MPI_MAX + 1
466 * privateExponent INTEGER, 1 + 3 + MPI_MAX + 1
467 * prime1 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
468 * prime2 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
469 * exponent1 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
470 * exponent2 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
471 * coefficient INTEGER, 1 + 3 + MPI_MAX / 2 + 1
472 * otherPrimeInfos OtherPrimeInfos OPTIONAL 0 (not supported)
473 * }
474 */
475#define MPI_MAX_SIZE_2 ( MBEDTLS_MPI_MAX_SIZE / 2 + \
476 MBEDTLS_MPI_MAX_SIZE % 2 )
477#define RSA_PRV_DER_MAX_BYTES ( 47 + 3 * MBEDTLS_MPI_MAX_SIZE \
478 + 5 * MPI_MAX_SIZE_2 )
479
480#else /* MBEDTLS_RSA_C */
481
482#define RSA_PUB_DER_MAX_BYTES 0
483#define RSA_PRV_DER_MAX_BYTES 0
484
485#endif /* MBEDTLS_RSA_C */
486
487#if defined(MBEDTLS_ECP_C)
488/*
489 * EC public keys:
490 * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2
491 * algorithm AlgorithmIdentifier, 1 + 1 (sequence)
492 * + 1 + 1 + 7 (ec oid)
493 * + 1 + 1 + 9 (namedCurve oid)
494 * subjectPublicKey BIT STRING 1 + 2 + 1 [1]
495 * + 1 (point format) [1]
496 * + 2 * ECP_MAX (coords) [1]
497 * }
498 */
499#define ECP_PUB_DER_MAX_BYTES ( 30 + 2 * MBEDTLS_ECP_MAX_BYTES )
500
501/*
502 * EC private keys:
503 * ECPrivateKey ::= SEQUENCE { 1 + 2
504 * version INTEGER , 1 + 1 + 1
505 * privateKey OCTET STRING, 1 + 1 + ECP_MAX
506 * parameters [0] ECParameters OPTIONAL, 1 + 1 + (1 + 1 + 9)
507 * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above
508 * }
509 */
510#define ECP_PRV_DER_MAX_BYTES ( 29 + 3 * MBEDTLS_ECP_MAX_BYTES )
511
512#else /* MBEDTLS_ECP_C */
513
514#define ECP_PUB_DER_MAX_BYTES 0
515#define ECP_PRV_DER_MAX_BYTES 0
516
517#endif /* MBEDTLS_ECP_C */
518
519#define PUB_DER_MAX_BYTES ( RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
520 RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES )
521#define PRV_DER_MAX_BYTES ( RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \
522 RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES )
523
524int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size )
525{
526 int ret;
527 unsigned char output_buf[PUB_DER_MAX_BYTES];
528 size_t olen = 0;
529
530 PK_VALIDATE_RET( key != NULL );
531 PK_VALIDATE_RET( buf != NULL || size == 0 );
532
533 if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf,
534 sizeof(output_buf) ) ) < 0 )
535 {
536 return( ret );
537 }
538
539 if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
540 output_buf + sizeof(output_buf) - ret,
541 ret, buf, size, &olen ) ) != 0 )
542 {
543 return( ret );
544 }
545
546 return( 0 );
547}
548
549int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size )
550{
551 int ret;
552 unsigned char output_buf[PRV_DER_MAX_BYTES];
553 const char *begin, *end;
554 size_t olen = 0;
555
556 PK_VALIDATE_RET( key != NULL );
557 PK_VALIDATE_RET( buf != NULL || size == 0 );
558
559 if( ( ret = mbedtls_pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 )
560 return( ret );
561
562#if defined(MBEDTLS_RSA_C)
563 if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
564 {
565 begin = PEM_BEGIN_PRIVATE_KEY_RSA;
566 end = PEM_END_PRIVATE_KEY_RSA;
567 }
568 else
569#endif
570#if defined(MBEDTLS_ECP_C)
571 if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
572 {
573 begin = PEM_BEGIN_PRIVATE_KEY_EC;
574 end = PEM_END_PRIVATE_KEY_EC;
575 }
576 else
577#endif
578 return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
579
580 if( ( ret = mbedtls_pem_write_buffer( begin, end,
581 output_buf + sizeof(output_buf) - ret,
582 ret, buf, size, &olen ) ) != 0 )
583 {
584 return( ret );
585 }
586
587 return( 0 );
588}
589#endif /* MBEDTLS_PEM_WRITE_C */
590
591#endif /* MBEDTLS_PK_WRITE_C */
asn1write.h
ASN.1 buffer writing functionality.
mbedtls_asn1_write_tag
int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start, unsigned char tag)
Write an ASN.1 tag in ASN.1 format.
MBEDTLS_ASN1_CHK_ADD
#define MBEDTLS_ASN1_CHK_ADD(g, f)
Definition: asn1write.h:60
mbedtls_asn1_write_octet_string
int mbedtls_asn1_write_octet_string(unsigned char **p, unsigned char *start, const unsigned char *buf, size_t size)
Write an octet string tag (MBEDTLS_ASN1_OCTET_STRING) and value in ASN.1 format.
mbedtls_asn1_write_int
int mbedtls_asn1_write_int(unsigned char **p, unsigned char *start, int val)
Write an int tag (MBEDTLS_ASN1_INTEGER) and value in ASN.1 format.
mbedtls_asn1_write_len
int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start, size_t len)
Write a length field in ASN.1 format.
mbedtls_asn1_write_algorithm_identifier
int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, unsigned char *start, const char *oid, size_t oid_len, size_t par_len)
Write an AlgorithmIdentifier sequence in ASN.1 format.
mbedtls_asn1_write_oid
int mbedtls_asn1_write_oid(unsigned char **p, unsigned char *start, const char *oid, size_t oid_len)
Write an OID tag (MBEDTLS_ASN1_OID) and data in ASN.1 format.
mbedtls_asn1_write_mpi
int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start, const mbedtls_mpi *X)
Write a arbitrary-precision number (MBEDTLS_ASN1_INTEGER) in ASN.1 format.
bignum.h
Multi-precision integer library.
mbedtls_mpi_init
void mbedtls_mpi_init(mbedtls_mpi *X)
Initialize an MPI context.
mbedtls_mpi_free
void mbedtls_mpi_free(mbedtls_mpi *X)
This function frees the components of an MPI context.
mbedtls_mpi_write_binary
int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf, size_t buflen)
Export an MPI into unsigned big endian binary data of fixed size.
NULL
#define NULL
Definition: types.h:112
ecdsa.h
This file contains ECDSA definitions and functions.
ecp.h
This file provides an API for Elliptic Curves over GF(P) (ECP).
MBEDTLS_ECP_PF_UNCOMPRESSED
#define MBEDTLS_ECP_PF_UNCOMPRESSED
Definition: ecp.h:408
MBEDTLS_ECP_MAX_PT_LEN
#define MBEDTLS_ECP_MAX_PT_LEN
Definition: ecp.h:279
MBEDTLS_ECP_MAX_BYTES
#define MBEDTLS_ECP_MAX_BYTES
Definition: ecp.h:278
mbedtls_ecp_point_write_binary
int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen)
This function exports a point into unsigned binary data.
start
GLuint start
Definition: gl.h:1545
end
GLuint GLuint end
Definition: gl.h:1545
size
GLsizeiptr size
Definition: glext.h:5919
c
const GLubyte * c
Definition: glext.h:8905
buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
p
GLfloat GLfloat p
Definition: glext.h:8902
len
GLenum GLsizei len
Definition: glext.h:6722
MBEDTLS_ASN1_SEQUENCE
#define MBEDTLS_ASN1_SEQUENCE
Definition: asn1.h:104
MBEDTLS_ASN1_CONTEXT_SPECIFIC
#define MBEDTLS_ASN1_CONTEXT_SPECIFIC
Definition: asn1.h:115
MBEDTLS_ASN1_CONSTRUCTED
#define MBEDTLS_ASN1_CONSTRUCTED
Definition: asn1.h:114
MBEDTLS_ERR_ASN1_BUF_TOO_SMALL
#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL
Definition: asn1.h:82
MBEDTLS_ASN1_BIT_STRING
#define MBEDTLS_ASN1_BIT_STRING
Definition: asn1.h:99
output_buf
jpeg_component_info JCOEFPTR JSAMPARRAY output_buf
Definition: jdct.h:239
c
#define c
Definition: ke_i.h:80
T
#define T
Definition: mbstring.h:31
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
oid.h
Object Identifier (OID) database.
mbedtls_oid_get_oid_by_ec_grp
int mbedtls_oid_get_oid_by_ec_grp(mbedtls_ecp_group_id grp_id, const char **oid, size_t *olen)
Translate EC group identifier into NamedCurve OID.
mbedtls_oid_get_oid_by_pk_alg
int mbedtls_oid_get_oid_by_pk_alg(mbedtls_pk_type_t pk_alg, const char **oid, size_t *olen)
Translate pk_type into PublicKeyAlgorithm OID.
pem.h
Privacy Enhanced Mail (PEM) decoding.
pk.h
Public Key abstraction layer.
MBEDTLS_PK_RSA
@ MBEDTLS_PK_RSA
Definition: pk.h:105
MBEDTLS_PK_ECKEY
@ MBEDTLS_PK_ECKEY
Definition: pk.h:106
mbedtls_pk_rsa
static mbedtls_rsa_context * mbedtls_pk_rsa(const mbedtls_pk_context pk)
Definition: pk.h:182
mbedtls_pk_ec
static mbedtls_ecp_keypair * mbedtls_pk_ec(const mbedtls_pk_context pk)
Definition: pk.h:195
mbedtls_pk_get_type
mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx)
Get the key type.
MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
Definition: pk.h:90
mbedtls_platform_zeroize
void mbedtls_platform_zeroize(void *buf, size_t len)
Securely zeroize a buffer.
Definition: platform_util.c:98
platform_util.h
Common and shared functions used by multiple modules in the Mbed TLS library.
rsa.h
This file provides an API for the RSA public-key cryptosystem.
mbedtls_rsa_export
int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *D, mbedtls_mpi *E)
This function exports the core parameters of an RSA key.
mbedtls_rsa_export_crt
int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP)
This function exports CRT parameters of a private RSA key.
config.h
Configuration options (set of defines)
platform.h
This file contains the definitions and functions of the Mbed TLS platform abstraction layer.
exit
#define exit(n)
Definition: config.h:202
key
Definition: copy.c:22
mbedtls_ecp_group::pbits
size_t pbits
Definition: ecp.h:242
mbedtls_ecp_group::id
mbedtls_ecp_group_id id
Definition: ecp.h:234
mbedtls_ecp_keypair
The ECP key-pair structure.
Definition: ecp.h:398
mbedtls_ecp_keypair::Q
mbedtls_ecp_point Q
Definition: ecp.h:401
mbedtls_ecp_keypair::d
mbedtls_mpi d
Definition: ecp.h:400
mbedtls_ecp_keypair::grp
mbedtls_ecp_group grp
Definition: ecp.h:399
mbedtls_mpi
MPI structure.
Definition: bignum.h:211
mbedtls_pk_context
Public key container.
Definition: pk.h:156
mbedtls_rsa_context
The RSA context structure.
Definition: rsa.h:126
ret
int ret
Definition: wcstombs-tests.c:31
begin
static clock_t begin
Definition: xmllint.c:458