Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / 7f8099773edc34ac29e01ee0da6960526f41bcb2 / . / library / pkwrite.c
blob: 2c08b921951e0b3e8fea28c6b9f6a6e00660b376 [file] [log] [blame]
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]1/*
2 * Public Key layer for writing key files and structures
3 *
Manuel Pégourié-Gonnarda658a402015-01-23 09:45:19 +0000[diff] [blame]4 * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]5 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]6 * This file is part of mbed TLS (https://tls.mbed.org)
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]7 *
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 */
22
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]23#if !defined(POLARSSL_CONFIG_FILE)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame^]24#include "mbedtls/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]25#else
26#include POLARSSL_CONFIG_FILE
27#endif
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]28
Paul Bakker4606c732013-09-15 17:04:23 +0200[diff] [blame]29#if defined(POLARSSL_PK_WRITE_C)
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]30
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame^]31#include "mbedtls/pk.h"
32#include "mbedtls/asn1write.h"
33#include "mbedtls/oid.h"
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]34
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]35#include <string.h>
36
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]37#if defined(POLARSSL_RSA_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame^]38#include "mbedtls/rsa.h"
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]39#endif
40#if defined(POLARSSL_ECP_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame^]41#include "mbedtls/ecp.h"
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]42#endif
43#if defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame^]44#include "mbedtls/ecdsa.h"
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]45#endif
Paul Bakkercff68422013-09-15 20:43:33 +0200[diff] [blame]46#if defined(POLARSSL_PEM_WRITE_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame^]47#include "mbedtls/pem.h"
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]48#endif
49
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]50#if defined(POLARSSL_PLATFORM_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame^]51#include "mbedtls/platform.h"
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]52#else
53#include <stdlib.h>
54#define polarssl_malloc malloc
55#define polarssl_free free
56#endif
57
58#if defined(POLARSSL_RSA_C)
59/*
60 * RSAPublicKey ::= SEQUENCE {
61 * modulus INTEGER, -- n
62 * publicExponent INTEGER -- e
63 * }
64 */
65static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
66 rsa_context *rsa )
67{
68 int ret;
69 size_t len = 0;
70
71 ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->E ) );
72 ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->N ) );
73
74 ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]75 ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED |
76 ASN1_SEQUENCE ) );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]77
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]78 return( (int) len );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]79}
80#endif /* POLARSSL_RSA_C */
81
82#if defined(POLARSSL_ECP_C)
83/*
84 * EC public key is an EC point
85 */
86static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start,
87 ecp_keypair *ec )
88{
89 int ret;
90 size_t len = 0;
91 unsigned char buf[POLARSSL_ECP_MAX_PT_LEN];
92
93 if( ( ret = ecp_point_write_binary( &ec->grp, &ec->Q,
94 POLARSSL_ECP_PF_UNCOMPRESSED,
95 &len, buf, sizeof( buf ) ) ) != 0 )
96 {
97 return( ret );
98 }
99
100 if( *p - start < (int) len )
101 return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
102
103 *p -= len;
104 memcpy( *p, buf, len );
105
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]106 return( (int) len );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]107}
108
109/*
110 * ECParameters ::= CHOICE {
111 * namedCurve OBJECT IDENTIFIER
112 * }
113 */
114static int pk_write_ec_param( unsigned char **p, unsigned char *start,
115 ecp_keypair *ec )
116{
117 int ret;
118 size_t len = 0;
119 const char *oid;
120 size_t oid_len;
121
122 if( ( ret = oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
123 return( ret );
124
125 ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
126
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]127 return( (int) len );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]128}
129#endif /* POLARSSL_ECP_C */
130
131int pk_write_pubkey( unsigned char **p, unsigned char *start,
132 const pk_context *key )
133{
134 int ret;
135 size_t len = 0;
136
137#if defined(POLARSSL_RSA_C)
138 if( pk_get_type( key ) == POLARSSL_PK_RSA )
139 ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, pk_rsa( *key ) ) );
140 else
141#endif
142#if defined(POLARSSL_ECP_C)
143 if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
144 ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, pk_ec( *key ) ) );
145 else
146#endif
147 return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
148
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]149 return( (int) len );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]150}
151
152int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
153{
154 int ret;
155 unsigned char *c;
156 size_t len = 0, par_len = 0, oid_len;
157 const char *oid;
158
159 c = buf + size;
160
161 ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, key ) );
162
163 if( c - buf < 1 )
164 return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
165
166 /*
167 * SubjectPublicKeyInfo ::= SEQUENCE {
168 * algorithm AlgorithmIdentifier,
169 * subjectPublicKey BIT STRING }
170 */
171 *--c = 0;
172 len += 1;
173
174 ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
175 ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
176
177 if( ( ret = oid_get_oid_by_pk_alg( pk_get_type( key ),
178 &oid, &oid_len ) ) != 0 )
179 {
180 return( ret );
181 }
182
183#if defined(POLARSSL_ECP_C)
184 if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
185 {
186 ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, pk_ec( *key ) ) );
187 }
188#endif
189
190 ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
191 par_len ) );
192
193 ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]194 ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
195 ASN1_SEQUENCE ) );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]196
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]197 return( (int) len );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]198}
199
200int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
201{
202 int ret;
203 unsigned char *c = buf + size;
204 size_t len = 0;
205
206#if defined(POLARSSL_RSA_C)
207 if( pk_get_type( key ) == POLARSSL_PK_RSA )
208 {
209 rsa_context *rsa = pk_rsa( *key );
210
211 ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) );
212 ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) );
213 ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DP ) );
214 ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->Q ) );
215 ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->P ) );
216 ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->D ) );
217 ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) );
218 ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) );
219 ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 0 ) );
220
221 ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]222 ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
223 ASN1_SEQUENCE ) );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]224 }
225 else
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]226#endif /* POLARSSL_RSA_C */
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]227#if defined(POLARSSL_ECP_C)
228 if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
229 {
230 ecp_keypair *ec = pk_ec( *key );
231 size_t pub_len = 0, par_len = 0;
232
233 /*
234 * RFC 5915, or SEC1 Appendix C.4
235 *
236 * ECPrivateKey ::= SEQUENCE {
237 * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
238 * privateKey OCTET STRING,
239 * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
240 * publicKey [1] BIT STRING OPTIONAL
241 * }
242 */
243
244 /* publicKey */
245 ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) );
246
247 if( c - buf < 1 )
248 return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
249 *--c = 0;
250 pub_len += 1;
251
252 ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
253 ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
254
255 ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
256 ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf,
257 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) );
258 len += pub_len;
259
260 /* parameters */
261 ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) );
262
263 ASN1_CHK_ADD( par_len, asn1_write_len( &c, buf, par_len ) );
264 ASN1_CHK_ADD( par_len, asn1_write_tag( &c, buf,
265 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) );
266 len += par_len;
267
268 /* privateKey: write as MPI then fix tag */
269 ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &ec->d ) );
270 *c = ASN1_OCTET_STRING;
271
272 /* version */
273 ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 1 ) );
274
275 ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]276 ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
277 ASN1_SEQUENCE ) );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]278 }
279 else
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]280#endif /* POLARSSL_ECP_C */
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]281 return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
282
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]283 return( (int) len );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]284}
285
Paul Bakkercff68422013-09-15 20:43:33 +0200[diff] [blame]286#if defined(POLARSSL_PEM_WRITE_C)
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]287
288#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
289#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
290
291#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n"
292#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n"
293#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n"
294#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n"
295
Manuel Pégourié-Gonnard192253a2014-07-21 16:37:15 +0200[diff] [blame]296/*
297 * Max sizes of key per types. Shown as tag + len (+ content).
298 */
299
300#if defined(POLARSSL_RSA_C)
301/*
302 * RSA public keys:
303 * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 3
304 * algorithm AlgorithmIdentifier, 1 + 1 (sequence)
305 * + 1 + 1 + 9 (rsa oid)
306 * + 1 + 1 (params null)
307 * subjectPublicKey BIT STRING } 1 + 3 + (1 + below)
308 * RSAPublicKey ::= SEQUENCE { 1 + 3
309 * modulus INTEGER, -- n 1 + 3 + MPI_MAX + 1
310 * publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1
311 * }
312 */
313#define RSA_PUB_DER_MAX_BYTES 38 + 2 * POLARSSL_MPI_MAX_SIZE
314
315/*
316 * RSA private keys:
317 * RSAPrivateKey ::= SEQUENCE { 1 + 3
318 * version Version, 1 + 1 + 1
319 * modulus INTEGER, 1 + 3 + MPI_MAX + 1
320 * publicExponent INTEGER, 1 + 3 + MPI_MAX + 1
321 * privateExponent INTEGER, 1 + 3 + MPI_MAX + 1
322 * prime1 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
323 * prime2 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
324 * exponent1 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
325 * exponent2 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
326 * coefficient INTEGER, 1 + 3 + MPI_MAX / 2 + 1
327 * otherPrimeInfos OtherPrimeInfos OPTIONAL 0 (not supported)
328 * }
329 */
330#define MPI_MAX_SIZE_2 POLARSSL_MPI_MAX_SIZE / 2 + \
331 POLARSSL_MPI_MAX_SIZE % 2
332#define RSA_PRV_DER_MAX_BYTES 47 + 3 * POLARSSL_MPI_MAX_SIZE \
333 + 5 * MPI_MAX_SIZE_2
334
335#else /* POLARSSL_RSA_C */
336
337#define RSA_PUB_DER_MAX_BYTES 0
338#define RSA_PRV_DER_MAX_BYTES 0
339
340#endif /* POLARSSL_RSA_C */
341
342#if defined(POLARSSL_ECP_C)
343/*
344 * EC public keys:
345 * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2
346 * algorithm AlgorithmIdentifier, 1 + 1 (sequence)
347 * + 1 + 1 + 7 (ec oid)
348 * + 1 + 1 + 9 (namedCurve oid)
349 * subjectPublicKey BIT STRING 1 + 2 + 1 [1]
350 * + 1 (point format) [1]
351 * + 2 * ECP_MAX (coords) [1]
352 * }
353 */
354#define ECP_PUB_DER_MAX_BYTES 30 + 2 * POLARSSL_ECP_MAX_BYTES
355
356/*
357 * EC private keys:
358 * ECPrivateKey ::= SEQUENCE { 1 + 2
359 * version INTEGER , 1 + 1 + 1
360 * privateKey OCTET STRING, 1 + 1 + ECP_MAX
361 * parameters [0] ECParameters OPTIONAL, 1 + 1 + (1 + 1 + 9)
362 * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above
363 * }
364 */
365#define ECP_PRV_DER_MAX_BYTES 29 + 3 * POLARSSL_ECP_MAX_BYTES
366
367#else /* POLARSSL_ECP_C */
368
369#define ECP_PUB_DER_MAX_BYTES 0
370#define ECP_PRV_DER_MAX_BYTES 0
371
372#endif /* POLARSSL_ECP_C */
373
374#define PUB_DER_MAX_BYTES RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
375 RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES
376#define PRV_DER_MAX_BYTES RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \
377 RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES
378
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]379int pk_write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size )
380{
381 int ret;
Manuel Pégourié-Gonnard192253a2014-07-21 16:37:15 +0200[diff] [blame]382 unsigned char output_buf[PUB_DER_MAX_BYTES];
Paul Bakker77e23fb2013-09-15 20:03:26 +0200[diff] [blame]383 size_t olen = 0;
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]384
385 if( ( ret = pk_write_pubkey_der( key, output_buf,
Paul Bakker77e23fb2013-09-15 20:03:26 +0200[diff] [blame]386 sizeof(output_buf) ) ) < 0 )
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]387 {
388 return( ret );
389 }
390
Paul Bakker77e23fb2013-09-15 20:03:26 +0200[diff] [blame]391 if( ( ret = pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]392 output_buf + sizeof(output_buf) - ret,
Paul Bakker77e23fb2013-09-15 20:03:26 +0200[diff] [blame]393 ret, buf, size, &olen ) ) != 0 )
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]394 {
395 return( ret );
396 }
397
398 return( 0 );
399}
400
401int pk_write_key_pem( pk_context *key, unsigned char *buf, size_t size )
402{
403 int ret;
Manuel Pégourié-Gonnard192253a2014-07-21 16:37:15 +0200[diff] [blame]404 unsigned char output_buf[PRV_DER_MAX_BYTES];
Paul Bakkerfcc17212013-10-11 09:36:52 +0200[diff] [blame]405 const char *begin, *end;
Paul Bakker77e23fb2013-09-15 20:03:26 +0200[diff] [blame]406 size_t olen = 0;
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]407
Paul Bakker77e23fb2013-09-15 20:03:26 +0200[diff] [blame]408 if( ( ret = pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 )
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]409 return( ret );
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]410
411#if defined(POLARSSL_RSA_C)
412 if( pk_get_type( key ) == POLARSSL_PK_RSA )
413 {
414 begin = PEM_BEGIN_PRIVATE_KEY_RSA;
415 end = PEM_END_PRIVATE_KEY_RSA;
416 }
417 else
418#endif
419#if defined(POLARSSL_ECP_C)
420 if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
421 {
422 begin = PEM_BEGIN_PRIVATE_KEY_EC;
423 end = PEM_END_PRIVATE_KEY_EC;
424 }
425 else
426#endif
427 return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
428
Paul Bakker77e23fb2013-09-15 20:03:26 +0200[diff] [blame]429 if( ( ret = pem_write_buffer( begin, end,
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]430 output_buf + sizeof(output_buf) - ret,
Paul Bakker77e23fb2013-09-15 20:03:26 +0200[diff] [blame]431 ret, buf, size, &olen ) ) != 0 )
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]432 {
433 return( ret );
434 }
435
436 return( 0 );
437}
Paul Bakkercff68422013-09-15 20:43:33 +0200[diff] [blame]438#endif /* POLARSSL_PEM_WRITE_C */
Paul Bakkerc7bb02b2013-09-15 14:54:56 +0200[diff] [blame]439
Paul Bakker4606c732013-09-15 17:04:23 +0200[diff] [blame]440#endif /* POLARSSL_PK_WRITE_C */