Commit f38e71af authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard Committed by Paul Bakker
Browse files

Convert x509write_crt interface to PK

parent 6de63e48
......@@ -259,17 +259,17 @@ int x509write_crt_set_subject_name( x509write_cert *ctx, char *subject_name );
* \brief Set the subject public key for the certificate
*
* \param ctx CRT context to use
* \param rsa RSA public key to include
* \param key public key to include
*/
void x509write_crt_set_subject_key( x509write_cert *ctx, rsa_context *rsa );
void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key );
/**
* \brief Set the issuer key used for signing the certificate
*
* \param ctx CRT context to use
* \param rsa RSA key to sign with
* \param key private key to sign with
*/
void x509write_crt_set_issuer_key( x509write_cert *ctx, rsa_context *rsa );
void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key );
/**
* \brief Set the MD algorithm to use for the signature
......
......@@ -312,14 +312,14 @@ void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg )
ctx->md_alg = md_alg;
}
void x509write_crt_set_subject_key( x509write_cert *ctx, rsa_context *rsa )
void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key )
{
ctx->subject_key = rsa;
ctx->subject_key = pk_rsa( *key );
}
void x509write_crt_set_issuer_key( x509write_cert *ctx, rsa_context *rsa )
void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key )
{
ctx->issuer_key = rsa;
ctx->issuer_key = pk_rsa( *key );
}
int x509write_crt_set_subject_name( x509write_cert *ctx, char *subject_name )
......
......@@ -172,9 +172,9 @@ int main( int argc, char *argv[] )
{
int ret = 0;
x509_cert issuer_crt;
rsa_context loaded_issuer_rsa, loaded_subject_rsa;
rsa_context *issuer_rsa = &loaded_issuer_rsa,
*subject_rsa = &loaded_subject_rsa;
pk_context loaded_issuer_key, loaded_subject_key;
pk_context *issuer_key = &loaded_issuer_key,
*subject_key = &loaded_subject_key;
char buf[1024];
char issuer_name[128];
char subject_name[128];
......@@ -189,8 +189,8 @@ int main( int argc, char *argv[] )
*/
x509write_crt_init( &crt );
x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA1 );
rsa_init( &loaded_issuer_rsa, RSA_PKCS_V15, 0 );
rsa_init( &loaded_subject_rsa, RSA_PKCS_V15, 0 );
pk_init( &loaded_issuer_key );
pk_init( &loaded_subject_key );
mpi_init( &serial );
memset( &csr, 0, sizeof(x509_csr) );
memset( &issuer_crt, 0, sizeof(x509_cert) );
......@@ -417,7 +417,7 @@ int main( int argc, char *argv[] )
}
opt.subject_name = subject_name;
subject_rsa = pk_rsa( csr.pk );
subject_key = &csr.pk;
printf( " ok\n" );
}
......@@ -430,12 +430,12 @@ int main( int argc, char *argv[] )
printf( " . Loading the subject key ..." );
fflush( stdout );
ret = x509parse_keyfile_rsa( &loaded_subject_rsa, opt.subject_key,
opt.subject_pwd );
ret = x509parse_keyfile( &loaded_subject_key, opt.subject_key,
opt.subject_pwd );
if( ret != 0 )
{
error_strerror( ret, buf, 1024 );
printf( " failed\n ! x509parse_keyfile_rsa returned -0x%02x - %s\n\n", -ret, buf );
printf( " failed\n ! x509parse_keyfile returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
......@@ -445,12 +445,12 @@ int main( int argc, char *argv[] )
printf( " . Loading the issuer key ..." );
fflush( stdout );
ret = x509parse_keyfile_rsa( &loaded_issuer_rsa, opt.issuer_key,
ret = x509parse_keyfile( &loaded_issuer_key, opt.issuer_key,
opt.issuer_pwd );
if( ret != 0 )
{
error_strerror( ret, buf, 1024 );
printf( " failed\n ! x509parse_keyfile_rsa returned -x%02x - %s\n\n", -ret, buf );
printf( " failed\n ! x509parse_keyfile returned -x%02x - %s\n\n", -ret, buf );
goto exit;
}
......@@ -459,8 +459,10 @@ int main( int argc, char *argv[] )
if( strlen( opt.issuer_crt ) )
{
if( !pk_can_do( &issuer_crt.pk, POLARSSL_PK_RSA ) ||
mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->N, &issuer_rsa->N ) != 0 ||
mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->E, &issuer_rsa->E ) != 0 )
mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->N,
&pk_rsa( *issuer_key )->N ) != 0 ||
mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->E,
&pk_rsa( *issuer_key )->E ) != 0 )
{
printf( " failed\n ! issuer_key does not match issuer certificate\n\n" );
ret = -1;
......@@ -473,11 +475,11 @@ int main( int argc, char *argv[] )
if( opt.selfsign )
{
opt.issuer_name = opt.subject_name;
subject_rsa = issuer_rsa;
subject_key = issuer_key;
}
x509write_crt_set_subject_key( &crt, subject_rsa );
x509write_crt_set_issuer_key( &crt, issuer_rsa );
x509write_crt_set_subject_key( &crt, subject_key );
x509write_crt_set_issuer_key( &crt, issuer_key );
/*
* 1.0. Check the names for validity
......@@ -606,8 +608,8 @@ int main( int argc, char *argv[] )
exit:
x509write_crt_free( &crt );
rsa_free( &loaded_subject_rsa );
rsa_free( &loaded_issuer_rsa );
pk_free( &loaded_subject_key );
pk_free( &loaded_issuer_key );
mpi_free( &serial );
#if defined(_WIN32)
......
......@@ -66,7 +66,7 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
char *serial_str, char *not_before, char *not_after,
int md_type, char *cert_check_file )
{
rsa_context subject_rsa, issuer_rsa;
pk_context subject_key, issuer_key;
pem_context pem;
x509write_cert crt;
unsigned char *c;
......@@ -78,12 +78,12 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
FILE *f;
mpi_init( &serial );
rsa_init( &subject_rsa, RSA_PKCS_V15, 0 );
rsa_init( &issuer_rsa, RSA_PKCS_V15, 0 );
pk_init( &subject_key );
pk_init( &issuer_key );
TEST_ASSERT( x509parse_keyfile_rsa( &subject_rsa, subject_key_file,
TEST_ASSERT( x509parse_keyfile( &subject_key, subject_key_file,
subject_pwd ) == 0 );
TEST_ASSERT( x509parse_keyfile_rsa( &issuer_rsa, issuer_key_file,
TEST_ASSERT( x509parse_keyfile( &issuer_key, issuer_key_file,
issuer_pwd ) == 0 );
TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );
......@@ -94,8 +94,8 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
x509write_crt_set_md_alg( &crt, md_type );
TEST_ASSERT( x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
TEST_ASSERT( x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
x509write_crt_set_subject_key( &crt, &subject_rsa );
x509write_crt_set_issuer_key( &crt, &issuer_rsa );
x509write_crt_set_subject_key( &crt, &subject_key );
x509write_crt_set_issuer_key( &crt, &issuer_key );
TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
......@@ -118,8 +118,8 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 );
x509write_crt_free( &crt );
rsa_free( &issuer_rsa );
rsa_free( &subject_rsa );
pk_free( &issuer_key );
pk_free( &subject_key );
pem_free( &pem );
mpi_free( &serial );
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment