36 #if !defined(POLARSSL_CONFIG_FILE)
39 #include POLARSSL_CONFIG_FILE
42 #if defined(POLARSSL_X509_CSR_PARSE_C)
46 #if defined(POLARSSL_PEM_PARSE_C)
50 #if defined(POLARSSL_PLATFORM_C)
53 #define polarssl_malloc malloc
54 #define polarssl_free free
60 #if defined(POLARSSL_FS_IO) || defined(EFIX64) || defined(EFI32)
65 static void polarssl_zeroize(
void *v,
size_t n ) {
66 volatile unsigned char *p = v;
while( n-- ) *p++ = 0;
72 static int x509_csr_get_version(
unsigned char **p,
73 const unsigned char *end,
96 const unsigned char *buf,
size_t buflen )
100 unsigned char *p, *end;
103 memset( &sig_params, 0,
sizeof(
x509_buf ) );
108 if( csr == NULL || buf == NULL )
121 memcpy( p, buf, buflen );
141 if( len != (
size_t) ( end - p ) )
166 if( ( ret = x509_csr_get_version( &p, end, &csr->
version ) ) != 0 )
264 #if defined(POLARSSL_PEM_PARSE_C)
272 if( csr == NULL || buf == NULL )
275 #if defined(POLARSSL_PEM_PARSE_C)
277 ret = pem_read_buffer( &pem,
278 "-----BEGIN CERTIFICATE REQUEST-----",
279 "-----END CERTIFICATE REQUEST-----",
280 buf, NULL, 0, &use_len );
303 #if defined(POLARSSL_FS_IO)
318 polarssl_zeroize( buf, n + 1 );
325 #if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
329 #if !defined vsnprintf
330 #define vsnprintf _vsnprintf
340 static int compat_snprintf(
char *str,
size_t size,
const char *format, ... )
345 va_start( ap, format );
347 res = vsnprintf( str, size, format, ap );
353 return( (
int) size + 20 );
358 #define snprintf compat_snprintf
361 #define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
363 #define SAFE_SNPRINTF() \
368 if( (unsigned int) ret > n ) { \
370 return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); \
373 n -= (unsigned int) ret; \
374 p += (unsigned int) ret; \
377 #define BEFORE_COLON 14
382 int x509_csr_info(
char *buf,
size_t size,
const char *prefix,
388 char key_size_str[BEFORE_COLON];
393 ret = snprintf( p, n,
"%sCSR version : %d",
397 ret = snprintf( p, n,
"\n%ssubject name : ", prefix );
402 ret = snprintf( p, n,
"\n%ssigned using : ", prefix );
415 ret = snprintf( p, n,
"\n%s%-" BC
"s: %d bits\n", prefix, key_size_str,
419 return( (
int) ( size - n ) );
443 #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)
448 while( name_cur != NULL )
451 name_cur = name_cur->
next;
452 polarssl_zeroize( name_prv,
sizeof(
x509_name ) );
456 if( csr->
raw.
p != NULL )
462 polarssl_zeroize( csr,
sizeof(
x509_csr ) );
int x509_csr_parse_der(x509_csr *csr, const unsigned char *buf, size_t buflen)
Load a Certificate Signing Request (CSR) in DER format.
int x509_get_name(unsigned char **p, const unsigned char *end, x509_name *cur)
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH
Actual length differs from expected length.
size_t pk_get_size(const pk_context *ctx)
Get the size in bits of the underlying key.
int x509_get_sig_alg(const x509_buf *sig_oid, const x509_buf *sig_params, md_type_t *md_alg, pk_type_t *pk_alg, void **sig_opts)
#define POLARSSL_ERR_X509_INVALID_FORMAT
The CRT/CRL/CSR format is invalid, e.g.
int x509_key_size_helper(char *buf, size_t size, const char *name)
int asn1_get_int(unsigned char **p, const unsigned char *end, int *val)
Retrieve an integer ASN.1 tag and its value.
Configuration options (set of defines)
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
Signature algorithm (oid) is unsupported.
int x509_get_sig(unsigned char **p, const unsigned char *end, x509_buf *sig)
const char * pk_get_name(const pk_context *ctx)
Access the type name.
#define POLARSSL_ERR_X509_UNKNOWN_VERSION
CRT/CRL/CSR has an unsupported version number.
x509_name subject
The parsed subject data (named information object).
Object Identifier (OID) database.
void * sig_opts
Signature options to be passed to pk_verify_ext(), e.g.
int x509_get_alg(unsigned char **p, const unsigned char *end, x509_buf *alg, x509_buf *params)
x509_buf cri
The raw CertificateRequestInfo body (DER).
Privacy Enhanced Mail (PEM) decoding.
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
unsigned char * p
ASN1 data, e.g.
X.509 certificate signing request parsing and writing.
void x509_csr_free(x509_csr *csr)
Unallocate all CSR data.
int x509_sig_alg_gets(char *buf, size_t size, const x509_buf *sig_oid, pk_type_t pk_alg, md_type_t md_alg, const void *sig_opts)
int pk_parse_subpubkey(unsigned char **p, const unsigned char *end, pk_context *pk)
Parse a SubjectPublicKeyInfo DER structure.
int x509_load_file(const char *path, unsigned char **buf, size_t *n)
#define ASN1_CONTEXT_SPECIFIC
pk_type_t sig_pk
Internal representation of the Public Key algorithm of the signature algorithm, e.g.
pk_context pk
Container for the public key context.
int x509_csr_parse(x509_csr *csr, const unsigned char *buf, size_t buflen)
Load a Certificate Signing Request (CSR), DER or PEM format.
Container for a sequence or list of 'named' ASN.1 data items.
Type-length-value structure that allows for ASN1 using DER.
size_t len
ASN1 length, e.g.
x509_buf raw
The raw CSR data (DER).
void pk_free(pk_context *ctx)
Free a pk_context.
int asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag)
Get the tag and length of the tag.
#define POLARSSL_ERR_X509_INVALID_VERSION
The CRT/CRL/CSR version element is invalid.
int x509_csr_info(char *buf, size_t size, const char *prefix, const x509_csr *csr)
Returns an informational string about the CSR.
int version
CSR version (1=v1).
struct _asn1_named_data * next
The next entry in the sequence.
Certificate Signing Request (CSR) structure.
#define POLARSSL_ERR_X509_BAD_INPUT_DATA
Input invalid.
int x509_csr_parse_file(x509_csr *csr, const char *path)
Load a Certificate Signing Request (CSR)
#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
No PEM header or footer found.
md_type_t sig_md
Internal representation of the MD algorithm of the signature algorithm, e.g.
#define POLARSSL_ERR_X509_MALLOC_FAILED
Allocation of memory failed.
void x509_csr_init(x509_csr *csr)
Initialize a CSR.
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG
ASN1 tag was of an unexpected value.
x509_buf subject_raw
The raw subject data (DER).