33 #if defined(POLARSSL_X509_CSR_WRITE_C)
39 #if defined(POLARSSL_PEM_WRITE_C)
70 const char *subject_name )
76 const char *oid,
size_t oid_len,
77 const unsigned char *val,
size_t val_len )
104 unsigned char ns_cert_type )
106 unsigned char buf[4];
125 int (*f_rng)(
void *,
unsigned char *,
size_t),
130 size_t sig_oid_len = 0;
131 unsigned char *c, *c2;
132 unsigned char hash[64];
134 unsigned char tmp_buf[2048];
135 size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
142 c = tmp_buf +
sizeof( tmp_buf );
165 tmp_buf, c - tmp_buf ) );
192 f_rng, p_rng ) ) != 0 ||
194 &sig_oid, &sig_oid_len ) ) != 0 )
204 sig_oid, sig_oid_len, sig, sig_len ) );
207 memcpy( c2, c, len );
209 len += sig_and_oid_len;
216 #define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"
217 #define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"
219 #if defined(POLARSSL_PEM_WRITE_C)
221 int (*f_rng)(
void *,
unsigned char *,
size_t),
225 unsigned char output_buf[4096];
229 f_rng, p_rng ) ) < 0 )
234 if( ( ret = pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR,
235 output_buf +
sizeof(output_buf) - ret,
236 ret, buf, size, &olen ) ) != 0 )
int md(const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output)
Output = message_digest( input buffer )
void x509write_csr_free(x509write_csr *ctx)
Free the contents of a CSR context.
int x509_set_extension(asn1_named_data **head, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len)
int x509_string_to_names(asn1_named_data **head, const char *name)
#define POLARSSL_MPI_MAX_SIZE
Maximum number of bytes for usable MPIs.
int x509write_csr_der(x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the ...
int x509write_csr_set_extension(x509write_csr *ctx, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len)
Generic function to add to or replace an extension in the CSR.
void x509write_csr_set_md_alg(x509write_csr *ctx, md_type_t md_alg)
Set the MD algorithm to use for the signature (e.g.
int x509write_csr_set_ns_cert_type(x509write_csr *ctx, unsigned char ns_cert_type)
Set the Netscape Cert Type flags (e.g.
Configuration options (set of defines)
int x509write_csr_pem(x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Write a CSR (Certificate Signing Request) to a PEM string.
pk_type_t pk_get_type(const pk_context *ctx)
Get the key type.
#define OID_PKCS9_CSR_EXT_REQ
extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14}
int x509write_csr_set_key_usage(x509write_csr *ctx, unsigned char key_usage)
Set the Key Usage Extension flags (e.g.
Object Identifier (OID) database.
#define OID_SIZE(x)
Returns the size of the binary string, without the trailing \0.
int asn1_write_len(unsigned char **p, unsigned char *start, size_t len)
Write a length field in ASN.1 format Note: function works backwards in data buffer.
int x509_write_names(unsigned char **p, unsigned char *start, asn1_named_data *first)
const md_info_t * md_info_from_type(md_type_t md_type)
Returns the message digest information associated with the given digest type.
Privacy Enhanced Mail (PEM) decoding.
asn1_named_data * subject
X.509 certificate signing request parsing and writing.
int x509_write_extensions(unsigned char **p, unsigned char *start, asn1_named_data *first)
void x509write_csr_init(x509write_csr *ctx)
Initialize a CSR context.
pk_type_t
Public key types.
int pk_write_pubkey_der(pk_context *key, unsigned char *buf, size_t size)
Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the bu...
#define ASN1_CONTEXT_SPECIFIC
void x509write_csr_set_key(x509write_csr *ctx, pk_context *key)
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it)...
asn1_named_data * extensions
int asn1_write_bitstring(unsigned char **p, unsigned char *start, const unsigned char *buf, size_t bits)
Write a bitstring tag (ASN1_BIT_STRING) and value in ASN.1 format Note: function works backwards in d...
int asn1_write_int(unsigned char **p, unsigned char *start, int val)
Write an int tag (ASN1_INTEGER) and value in ASN.1 format Note: function works backwards in data buff...
void asn1_free_named_data_list(asn1_named_data **head)
Free all entries in a asn1_named_data list Head will be set to NULL.
#define ASN1_CHK_ADD(g, f)
int pk_sign(pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Make signature.
int x509write_csr_set_subject_name(x509write_csr *ctx, const char *subject_name)
Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and v...
int x509_write_sig(unsigned char **p, unsigned char *start, const char *oid, size_t oid_len, unsigned char *sig, size_t size)
ASN.1 buffer writing functionality.
int asn1_write_oid(unsigned char **p, unsigned char *start, const char *oid, size_t oid_len)
Write an OID tag (ASN1_OID) and data in ASN.1 format Note: function works backwards in data buffer...
int asn1_write_tag(unsigned char **p, unsigned char *start, unsigned char tag)
Write a ASN.1 tag in ASN.1 format Note: function works backwards in data buffer.
Container for writing a CSR.
int oid_get_oid_by_sig_alg(pk_type_t pk_alg, md_type_t md_alg, const char **oid, size_t *olen)
Translate md_type and pk_type into SignatureAlgorithm OID.
#define OID_KEY_USAGE
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }