Blame - library/pem.c - third_party/github/ARMmbed/mbedtls

blob: 2775ef90fe0c7de99d4970ba9545faadc2f4e1a1 [file] [log] [blame]

Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	1	/*
				2	* Privacy Enhanced Mail (PEM) decoding
				3	*
Paul Bakker	7dc4c44	2014-02-01 22:50:26 +0100	[diff] [blame]	4	* Copyright (C) 2006-2014, Brainspark B.V.
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	5	*
				6	* This file is part of PolarSSL (http://www.polarssl.org)
				7	* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
				8	*
				9	* All rights reserved.
				10	*
				11	* This program is free software; you can redistribute it and/or modify
				12	* it under the terms of the GNU General Public License as published by
				13	* the Free Software Foundation; either version 2 of the License, or
				14	* (at your option) any later version.
				15	*
				16	* This program is distributed in the hope that it will be useful,
				17	* but WITHOUT ANY WARRANTY; without even the implied warranty of
				18	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				19	* GNU General Public License for more details.
				20	*
				21	* You should have received a copy of the GNU General Public License along
				22	* with this program; if not, write to the Free Software Foundation, Inc.,
				23	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
				24	*/
				25
Manuel Pégourié-Gonnard	cef4ad2	2014-04-29 12:39:06 +0200	[diff] [blame]	26	#if !defined(POLARSSL_CONFIG_FILE)
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	27	#include "polarssl/config.h"
Manuel Pégourié-Gonnard	cef4ad2	2014-04-29 12:39:06 +0200	[diff] [blame]	28	#else
				29	#include POLARSSL_CONFIG_FILE
				30	#endif
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	31
Paul Bakker	cff6842	2013-09-15 20:43:33 +0200	[diff] [blame]	32	#if defined(POLARSSL_PEM_PARSE_C) \|\| defined(POLARSSL_PEM_WRITE_C)
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	33	#include "polarssl/pem.h"
				34	#include "polarssl/base64.h"
				35	#include "polarssl/des.h"
				36	#include "polarssl/aes.h"
				37	#include "polarssl/md5.h"
				38	#include "polarssl/cipher.h"
				39
Paul Bakker	7dc4c44	2014-02-01 22:50:26 +0100	[diff] [blame]	40	#if defined(POLARSSL_PLATFORM_C)
				41	#include "polarssl/platform.h"
Paul Bakker	6e339b5	2013-07-03 13:37:05 +0200	[diff] [blame]	42	#else
				43	#define polarssl_malloc malloc
				44	#define polarssl_free free
				45	#endif
				46
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	47	#include <stdlib.h>
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	48
Paul Bakker	cff6842	2013-09-15 20:43:33 +0200	[diff] [blame]	49	#if defined(POLARSSL_PEM_PARSE_C)
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	50	void pem_init( pem_context *ctx )
				51	{
				52	memset( ctx, 0, sizeof( pem_context ) );
				53	}
				54
Manuel Pégourié-Gonnard	92cb1d3	2013-09-13 16:24:20 +0200	[diff] [blame]	55	#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
				56	( defined(POLARSSL_DES_C) \|\| defined(POLARSSL_AES_C) )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	57	/*
				58	* Read a 16-byte hex string and convert it to binary
				59	*/
Paul Bakker	b9e4e2c	2014-05-01 14:18:25 +0200	[diff] [blame]	60	static int pem_get_iv( const unsigned char s, unsigned char iv,
				61	size_t iv_len )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	62	{
Paul Bakker	23986e5	2011-04-24 08:57:21 +0000	[diff] [blame]	63	size_t i, j, k;
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	64
				65	memset( iv, 0, iv_len );
				66
				67	for( i = 0; i < iv_len * 2; i++, s++ )
				68	{
				69	if( s >= '0' && s <= '9' ) j = *s - '0'; else
				70	if( s >= 'A' && s <= 'F' ) j = *s - '7'; else
				71	if( s >= 'a' && s <= 'f' ) j = *s - 'W'; else
				72	return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
				73
				74	k = ( ( i & 1 ) != 0 ) ? j : j << 4;
				75
				76	iv[i >> 1] = (unsigned char)( iv[i >> 1] \| k );
				77	}
				78
				79	return( 0 );
				80	}
				81
Paul Bakker	23986e5	2011-04-24 08:57:21 +0000	[diff] [blame]	82	static void pem_pbkdf1( unsigned char *key, size_t keylen,
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	83	unsigned char *iv,
Paul Bakker	23986e5	2011-04-24 08:57:21 +0000	[diff] [blame]	84	const unsigned char *pwd, size_t pwdlen )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	85	{
				86	md5_context md5_ctx;
				87	unsigned char md5sum[16];
Paul Bakker	23986e5	2011-04-24 08:57:21 +0000	[diff] [blame]	88	size_t use_len;
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	89
				90	/*
				91	* key[ 0..15] = MD5(pwd \|\| IV)
				92	*/
				93	md5_starts( &md5_ctx );
				94	md5_update( &md5_ctx, pwd, pwdlen );
				95	md5_update( &md5_ctx, iv, 8 );
				96	md5_finish( &md5_ctx, md5sum );
				97
				98	if( keylen <= 16 )
				99	{
				100	memcpy( key, md5sum, keylen );
				101
				102	memset( &md5_ctx, 0, sizeof( md5_ctx ) );
				103	memset( md5sum, 0, 16 );
				104	return;
				105	}
				106
				107	memcpy( key, md5sum, 16 );
				108
				109	/*
				110	* key[16..23] = MD5(key[ 0..15] \|\| pwd \|\| IV])
				111	*/
				112	md5_starts( &md5_ctx );
				113	md5_update( &md5_ctx, md5sum, 16 );
				114	md5_update( &md5_ctx, pwd, pwdlen );
				115	md5_update( &md5_ctx, iv, 8 );
				116	md5_finish( &md5_ctx, md5sum );
				117
				118	use_len = 16;
				119	if( keylen < 32 )
				120	use_len = keylen - 16;
				121
				122	memcpy( key + 16, md5sum, use_len );
				123
				124	memset( &md5_ctx, 0, sizeof( md5_ctx ) );
				125	memset( md5sum, 0, 16 );
				126	}
				127
				128	#if defined(POLARSSL_DES_C)
				129	/*
				130	* Decrypt with DES-CBC, using PBKDF1 for key derivation
				131	*/
				132	static void pem_des_decrypt( unsigned char des_iv[8],
Paul Bakker	23986e5	2011-04-24 08:57:21 +0000	[diff] [blame]	133	unsigned char *buf, size_t buflen,
				134	const unsigned char *pwd, size_t pwdlen )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	135	{
				136	des_context des_ctx;
				137	unsigned char des_key[8];
				138
				139	pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen );
				140
				141	des_setkey_dec( &des_ctx, des_key );
				142	des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen,
				143	des_iv, buf, buf );
				144
				145	memset( &des_ctx, 0, sizeof( des_ctx ) );
				146	memset( des_key, 0, 8 );
				147	}
				148
				149	/*
				150	* Decrypt with 3DES-CBC, using PBKDF1 for key derivation
				151	*/
				152	static void pem_des3_decrypt( unsigned char des3_iv[8],
Paul Bakker	23986e5	2011-04-24 08:57:21 +0000	[diff] [blame]	153	unsigned char *buf, size_t buflen,
				154	const unsigned char *pwd, size_t pwdlen )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	155	{
				156	des3_context des3_ctx;
				157	unsigned char des3_key[24];
				158
				159	pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen );
				160
				161	des3_set3key_dec( &des3_ctx, des3_key );
				162	des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen,
				163	des3_iv, buf, buf );
				164
				165	memset( &des3_ctx, 0, sizeof( des3_ctx ) );
				166	memset( des3_key, 0, 24 );
				167	}
				168	#endif /* POLARSSL_DES_C */
				169
				170	#if defined(POLARSSL_AES_C)
				171	/*
				172	* Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
				173	*/
Paul Bakker	23986e5	2011-04-24 08:57:21 +0000	[diff] [blame]	174	static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
				175	unsigned char *buf, size_t buflen,
				176	const unsigned char *pwd, size_t pwdlen )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	177	{
				178	aes_context aes_ctx;
				179	unsigned char aes_key[32];
				180
				181	pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen );
				182
				183	aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 );
				184	aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen,
				185	aes_iv, buf, buf );
				186
				187	memset( &aes_ctx, 0, sizeof( aes_ctx ) );
				188	memset( aes_key, 0, keylen );
				189	}
				190	#endif /* POLARSSL_AES_C */
				191
Manuel Pégourié-Gonnard	92cb1d3	2013-09-13 16:24:20 +0200	[diff] [blame]	192	#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
				193	( POLARSSL_AES_C \|\| POLARSSL_DES_C ) */
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	194
Paul Bakker	b6c5d2e	2013-06-25 16:25:17 +0200	[diff] [blame]	195	int pem_read_buffer( pem_context ctx, const char header, const char *footer,
				196	const unsigned char data, const unsigned char pwd,
				197	size_t pwdlen, size_t *use_len )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	198	{
Paul Bakker	23986e5	2011-04-24 08:57:21 +0000	[diff] [blame]	199	int ret, enc;
				200	size_t len;
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	201	unsigned char *buf;
Paul Bakker	00b2860	2013-06-24 13:02:41 +0200	[diff] [blame]	202	const unsigned char s1, s2, *end;
Manuel Pégourié-Gonnard	92cb1d3	2013-09-13 16:24:20 +0200	[diff] [blame]	203	#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
				204	( defined(POLARSSL_DES_C) \|\| defined(POLARSSL_AES_C) )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	205	unsigned char pem_iv[16];
				206	cipher_type_t enc_alg = POLARSSL_CIPHER_NONE;
				207	#else
				208	((void) pwd);
				209	((void) pwdlen);
Manuel Pégourié-Gonnard	92cb1d3	2013-09-13 16:24:20 +0200	[diff] [blame]	210	#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
				211	( POLARSSL_AES_C \|\| POLARSSL_DES_C ) */
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	212
				213	if( ctx == NULL )
Paul Bakker	00b2860	2013-06-24 13:02:41 +0200	[diff] [blame]	214	return( POLARSSL_ERR_PEM_BAD_INPUT_DATA );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	215
Paul Bakker	3c2122f	2013-06-24 19:03:14 +0200	[diff] [blame]	216	s1 = (unsigned char ) strstr( (const char ) data, header );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	217
				218	if( s1 == NULL )
Paul Bakker	00b2860	2013-06-24 13:02:41 +0200	[diff] [blame]	219	return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	220
Paul Bakker	3c2122f	2013-06-24 19:03:14 +0200	[diff] [blame]	221	s2 = (unsigned char ) strstr( (const char ) data, footer );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	222
				223	if( s2 == NULL \|\| s2 <= s1 )
Paul Bakker	00b2860	2013-06-24 13:02:41 +0200	[diff] [blame]	224	return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	225
				226	s1 += strlen( header );
				227	if( *s1 == '\r' ) s1++;
				228	if( *s1 == '\n' ) s1++;
Paul Bakker	00b2860	2013-06-24 13:02:41 +0200	[diff] [blame]	229	else return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
				230
				231	end = s2;
				232	end += strlen( footer );
				233	if( *end == '\r' ) end++;
				234	if( *end == '\n' ) end++;
				235	*use_len = end - data;
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	236
				237	enc = 0;
				238
				239	if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
				240	{
Manuel Pégourié-Gonnard	92cb1d3	2013-09-13 16:24:20 +0200	[diff] [blame]	241	#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
				242	( defined(POLARSSL_DES_C) \|\| defined(POLARSSL_AES_C) )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	243	enc++;
				244
				245	s1 += 22;
				246	if( *s1 == '\r' ) s1++;
				247	if( *s1 == '\n' ) s1++;
				248	else return( POLARSSL_ERR_PEM_INVALID_DATA );
				249
				250
				251	#if defined(POLARSSL_DES_C)
				252	if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
				253	{
				254	enc_alg = POLARSSL_CIPHER_DES_EDE3_CBC;
				255
				256	s1 += 23;
				257	if( pem_get_iv( s1, pem_iv, 8 ) != 0 )
				258	return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
				259
				260	s1 += 16;
				261	}
				262	else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
				263	{
				264	enc_alg = POLARSSL_CIPHER_DES_CBC;
				265
				266	s1 += 18;
				267	if( pem_get_iv( s1, pem_iv, 8) != 0 )
				268	return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
				269
				270	s1 += 16;
				271	}
				272	#endif /* POLARSSL_DES_C */
				273
				274	#if defined(POLARSSL_AES_C)
				275	if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
				276	{
				277	if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
				278	enc_alg = POLARSSL_CIPHER_AES_128_CBC;
				279	else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 )
				280	enc_alg = POLARSSL_CIPHER_AES_192_CBC;
				281	else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 )
				282	enc_alg = POLARSSL_CIPHER_AES_256_CBC;
				283	else
				284	return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
				285
				286	s1 += 22;
				287	if( pem_get_iv( s1, pem_iv, 16 ) != 0 )
				288	return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
				289
				290	s1 += 32;
				291	}
				292	#endif /* POLARSSL_AES_C */
Paul Bakker	cff6842	2013-09-15 20:43:33 +0200	[diff] [blame]	293
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	294	if( enc_alg == POLARSSL_CIPHER_NONE )
				295	return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
				296
				297	if( *s1 == '\r' ) s1++;
				298	if( *s1 == '\n' ) s1++;
				299	else return( POLARSSL_ERR_PEM_INVALID_DATA );
				300	#else
				301	return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE );
Manuel Pégourié-Gonnard	92cb1d3	2013-09-13 16:24:20 +0200	[diff] [blame]	302	#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
				303	( POLARSSL_AES_C \|\| POLARSSL_DES_C ) */
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	304	}
				305
				306	len = 0;
				307	ret = base64_decode( NULL, &len, s1, s2 - s1 );
				308
				309	if( ret == POLARSSL_ERR_BASE64_INVALID_CHARACTER )
Paul Bakker	9d78140	2011-05-09 16:17:09 +0000	[diff] [blame]	310	return( POLARSSL_ERR_PEM_INVALID_DATA + ret );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	311
Paul Bakker	6e339b5	2013-07-03 13:37:05 +0200	[diff] [blame]	312	if( ( buf = (unsigned char *) polarssl_malloc( len ) ) == NULL )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	313	return( POLARSSL_ERR_PEM_MALLOC_FAILED );
				314
				315	if( ( ret = base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 )
				316	{
Paul Bakker	6e339b5	2013-07-03 13:37:05 +0200	[diff] [blame]	317	polarssl_free( buf );
Paul Bakker	9d78140	2011-05-09 16:17:09 +0000	[diff] [blame]	318	return( POLARSSL_ERR_PEM_INVALID_DATA + ret );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	319	}
Paul Bakker	cff6842	2013-09-15 20:43:33 +0200	[diff] [blame]	320
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	321	if( enc != 0 )
				322	{
Manuel Pégourié-Gonnard	92cb1d3	2013-09-13 16:24:20 +0200	[diff] [blame]	323	#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
				324	( defined(POLARSSL_DES_C) \|\| defined(POLARSSL_AES_C) )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	325	if( pwd == NULL )
				326	{
Paul Bakker	6e339b5	2013-07-03 13:37:05 +0200	[diff] [blame]	327	polarssl_free( buf );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	328	return( POLARSSL_ERR_PEM_PASSWORD_REQUIRED );
				329	}
				330
				331	#if defined(POLARSSL_DES_C)
				332	if( enc_alg == POLARSSL_CIPHER_DES_EDE3_CBC )
				333	pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen );
				334	else if( enc_alg == POLARSSL_CIPHER_DES_CBC )
				335	pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen );
				336	#endif /* POLARSSL_DES_C */
				337
				338	#if defined(POLARSSL_AES_C)
				339	if( enc_alg == POLARSSL_CIPHER_AES_128_CBC )
				340	pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen );
				341	else if( enc_alg == POLARSSL_CIPHER_AES_192_CBC )
				342	pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen );
				343	else if( enc_alg == POLARSSL_CIPHER_AES_256_CBC )
				344	pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
				345	#endif /* POLARSSL_AES_C */
				346
Manuel Pégourié-Gonnard	f8648d5	2013-07-03 21:01:35 +0200	[diff] [blame]	347	/*
Manuel Pégourié-Gonnard	7d4e5b7	2013-07-09 16:35:23 +0200	[diff] [blame]	348	* The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3
				349	* length bytes (allow 4 to be sure) in all known use cases.
				350	*
				351	* Use that as heurisitic to try detecting password mismatchs.
Manuel Pégourié-Gonnard	f8648d5	2013-07-03 21:01:35 +0200	[diff] [blame]	352	*/
Manuel Pégourié-Gonnard	7d4e5b7	2013-07-09 16:35:23 +0200	[diff] [blame]	353	if( len <= 2 \|\| buf[0] != 0x30 \|\| buf[1] > 0x83 )
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	354	{
Paul Bakker	6e339b5	2013-07-03 13:37:05 +0200	[diff] [blame]	355	polarssl_free( buf );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	356	return( POLARSSL_ERR_PEM_PASSWORD_MISMATCH );
				357	}
				358	#else
Paul Bakker	6e339b5	2013-07-03 13:37:05 +0200	[diff] [blame]	359	polarssl_free( buf );
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	360	return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE );
Manuel Pégourié-Gonnard	92cb1d3	2013-09-13 16:24:20 +0200	[diff] [blame]	361	#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
				362	( POLARSSL_AES_C \|\| POLARSSL_DES_C ) */
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	363	}
				364
				365	ctx->buf = buf;
				366	ctx->buflen = len;
Paul Bakker	96743fc	2011-02-12 14:30:57 +0000	[diff] [blame]	367
				368	return( 0 );
				369	}
				370
Paul Bakker	cff6842	2013-09-15 20:43:33 +0200	[diff] [blame]	371	void pem_free( pem_context *ctx )
				372	{
				373	if( ctx->buf )
				374	polarssl_free( ctx->buf );
				375
				376	if( ctx->info )
				377	polarssl_free( ctx->info );
				378
				379	memset( ctx, 0, sizeof( pem_context ) );
				380	}
				381	#endif /* POLARSSL_PEM_PARSE_C */
				382
				383	#if defined(POLARSSL_PEM_WRITE_C)
Paul Bakker	77e23fb	2013-09-15 20:03:26 +0200	[diff] [blame]	384	int pem_write_buffer( const char header, const char footer,
				385	const unsigned char *der_data, size_t der_len,
				386	unsigned char buf, size_t buf_len, size_t olen )
				387	{
				388	int ret;
				389	unsigned char encode_buf, c, *p = buf;
Paul Bakker	1630058	2014-04-11 13:28:43 +0200	[diff] [blame]	390	size_t len = 0, use_len = 0, add_len = 0;
Paul Bakker	77e23fb	2013-09-15 20:03:26 +0200	[diff] [blame]	391
				392	base64_encode( NULL, &use_len, der_data, der_len );
Paul Bakker	1630058	2014-04-11 13:28:43 +0200	[diff] [blame]	393	add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1;
				394
Paul Bakker	77e23fb	2013-09-15 20:03:26 +0200	[diff] [blame]	395	if( use_len + add_len > buf_len )
				396	{
				397	*olen = use_len + add_len;
				398	return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
				399	}
				400
				401	if( ( encode_buf = polarssl_malloc( use_len ) ) == NULL )
				402	return( POLARSSL_ERR_PEM_MALLOC_FAILED );
				403
				404	if( ( ret = base64_encode( encode_buf, &use_len, der_data,
				405	der_len ) ) != 0 )
				406	{
				407	polarssl_free( encode_buf );
				408	return( ret );
				409	}
				410
				411	memcpy( p, header, strlen( header ) );
				412	p += strlen( header );
				413	c = encode_buf;
				414
				415	while( use_len )
				416	{
				417	len = ( use_len > 64 ) ? 64 : use_len;
				418	memcpy( p, c, len );
				419	use_len -= len;
				420	p += len;
				421	c += len;
				422	*p++ = '\n';
				423	}
				424
				425	memcpy( p, footer, strlen( footer ) );
				426	p += strlen( footer );
				427
				428	*p++ = '\0';
				429	*olen = p - buf;
				430
				431	polarssl_free( encode_buf );
				432	return( 0 );
				433	}
Paul Bakker	cff6842	2013-09-15 20:43:33 +0200	[diff] [blame]	434	#endif /* POLARSSL_PEM_WRITE_C */
				435	#endif /* POLARSSL_PEM_PARSE_C \|\| POLARSSL_PEM_WRITE_C */