32 #if !defined(POLARSSL_CONFIG_FILE)
35 #include POLARSSL_CONFIG_FILE
38 #if defined(POLARSSL_X509_CRT_WRITE_C)
45 #if defined(POLARSSL_PEM_WRITE_C)
50 static void polarssl_zeroize(
void *v,
size_t n ) {
51 volatile unsigned char *p = v;
while( n-- ) *p++ = 0;
94 const char *subject_name )
100 const char *issuer_name )
116 const char *not_after )
132 const char *oid,
size_t oid_len,
134 const unsigned char *val,
size_t val_len )
137 critical, val, val_len );
141 int is_ca,
int max_pathlen )
144 unsigned char buf[9];
145 unsigned char *c = buf +
sizeof(buf);
148 memset( buf, 0,
sizeof(buf) );
150 if( is_ca && max_pathlen > 127 )
155 if( max_pathlen >= 0 )
168 0, buf +
sizeof(buf) - len, len );
171 #if defined(POLARSSL_SHA1_C)
176 unsigned char *c = buf +
sizeof(buf);
179 memset( buf, 0,
sizeof(buf) );
182 sha1( buf +
sizeof(buf) - len, len, buf +
sizeof(buf) - 20 );
183 c = buf +
sizeof(buf) - 20;
191 0, buf +
sizeof(buf) - len, len );
198 unsigned char *c = buf +
sizeof(buf);
201 memset( buf, 0,
sizeof(buf) );
204 sha1( buf +
sizeof(buf) - len, len, buf +
sizeof(buf) - 20 );
205 c = buf +
sizeof(buf) - 20;
217 0, buf +
sizeof(buf) - len, len );
223 unsigned char buf[4];
242 unsigned char ns_cert_type )
244 unsigned char buf[4];
262 static int x509_write_time(
unsigned char **p,
unsigned char *start,
263 const char *time,
size_t size )
271 if( time[0] ==
'2' && time[1] ==
'0' && time [2] <
'5' )
274 (
const unsigned char *) time + 2,
282 (
const unsigned char *) time,
292 int (*f_rng)(
void *,
unsigned char *,
size_t),
297 size_t sig_oid_len = 0;
298 unsigned char *c, *c2;
299 unsigned char hash[64];
301 unsigned char tmp_buf[2048];
302 size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
309 c = tmp_buf +
sizeof( tmp_buf );
317 &sig_oid, &sig_oid_len ) ) != 0 )
337 tmp_buf, c - tmp_buf ) );
373 sig_oid, strlen( sig_oid ), 0 ) );
400 f_rng, p_rng ) ) != 0 )
410 sig_oid, sig_oid_len, sig, sig_len ) );
413 memcpy( c2, c, len );
415 len += sig_and_oid_len;
423 #define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n"
424 #define PEM_END_CRT "-----END CERTIFICATE-----\n"
426 #if defined(POLARSSL_PEM_WRITE_C)
428 int (*f_rng)(
void *,
unsigned char *,
size_t),
432 unsigned char output_buf[4096];
436 f_rng, p_rng ) ) < 0 )
441 if( ( ret = pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT,
442 output_buf +
sizeof(output_buf) - ret,
443 ret, buf, size, &olen ) ) != 0 )