pem_import.c
Go to the documentation of this file.
1 /**
2  * @file pem_import.c
3  * @brief PEM file import functions
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2019 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCrypto Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 1.9.6
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "pkix/pem_import.h"
37 #include "pkix/pkcs8_key_parse.h"
38 #include "pkix/x509_key_parse.h"
39 #include "encoding/asn1.h"
40 #include "encoding/oid.h"
41 #include "encoding/base64.h"
42 #include "mpi/mpi.h"
43 #include "debug.h"
44 
45 //Check crypto library configuration
46 #if (PEM_SUPPORT == ENABLED)
47 
48 
49 /**
50  * @brief Decode a PEM file containing a certificate
51  * @param[in] input Pointer to the PEM encoding
52  * @param[in] inputLen Length of the PEM structure
53  * @param[out] output Pointer to the DER-encoded certificate
54  * @param[out] outputLen Length of the DER-encoded certificate, in bytes
55  * @param[out] consumed Total number of characters that have been consumed
56  * (optional parameter)
57  * @return Error code
58  **/
59 
60 error_t pemImportCertificate(const char_t *input, size_t inputLen,
61  uint8_t *output, size_t *outputLen, size_t *consumed)
62 {
63  error_t error;
64 
65  //Check parameters
66  if(input == NULL && inputLen != 0)
68  if(outputLen == NULL)
70 
71  //X.509 certificates are encoded using the "CERTIFICATE" label
72  error = pemDecodeFile(input, inputLen, "CERTIFICATE", output, outputLen,
73  consumed);
74 
75  //Return status code
76  return error;
77 }
78 
79 
80 /**
81  * @brief Decode a PEM file containing a certificate revocation list
82  * @param[in] input Pointer to the PEM encoding
83  * @param[in] inputLen Length of the PEM structure
84  * @param[out] output Pointer to the DER-encoded CRL
85  * @param[out] outputLen Length of the DER-encoded CRL, in bytes
86  * @param[out] consumed Total number of characters that have been consumed
87  * (optional parameter)
88  * @return Error code
89  **/
90 
91 error_t pemImportCrl(const char_t *input, size_t inputLen,
92  uint8_t *output, size_t *outputLen, size_t *consumed)
93 {
94  error_t error;
95 
96  //Check parameters
97  if(input == NULL && inputLen != 0)
99  if(outputLen == NULL)
101 
102  //CRLs are encoded using the "X509 CRL" label
103  error = pemDecodeFile(input, inputLen, "X509 CRL", output, outputLen,
104  consumed);
105 
106  //Return status code
107  return error;
108 }
109 
110 
111 /**
112  * @brief Decode a PEM file containing a certification signing request
113  * @param[in] input Pointer to the PEM encoding
114  * @param[in] inputLen Length of the PEM structure
115  * @param[out] output Pointer to the DER-encoded CSR
116  * @param[out] outputLen Length of the DER-encoded CSR, in bytes
117  * @return Error code
118  **/
119 
120 error_t pemImportCsr(const char_t *input, size_t inputLen,
121  uint8_t *output, size_t *outputLen)
122 {
123  error_t error;
124 
125  //Check parameters
126  if(input == NULL && inputLen != 0)
128  if(outputLen == NULL)
130 
131  //CSRs are encoded using the "CERTIFICATE REQUEST" label
132  error = pemDecodeFile(input, inputLen, "CERTIFICATE REQUEST", output,
133  outputLen, NULL);
134 
135  //Return status code
136  return error;
137 }
138 
139 
140 /**
141  * @brief Decode a PEM file containing Diffie-Hellman parameters
142  * @param[in] input Pointer to the PEM encoding
143  * @param[in] length Length of the PEM encoding
144  * @param[out] params Diffie-Hellman parameters resulting from the parsing process
145  * @return Error code
146  **/
147 
149  DhParameters *params)
150 {
151 #if (DH_SUPPORT == ENABLED)
152  error_t error;
153  size_t n;
154  uint8_t *buffer;
155  const uint8_t *p;
156  Asn1Tag tag;
157 
158  //Check parameters
159  if(input == NULL && length != 0)
161  if(params == NULL)
163 
164  //Initialize variables
165  p = NULL;
166  n = 0;
167 
168  //Diffie-Hellman parameters are encoded using the "DH PARAMETERS" label
169  error = pemDecodeFile(input, length, "DH PARAMETERS", NULL, &n, NULL);
170 
171  //Check status code
172  if(!error)
173  {
174  //Allocate a memory buffer to hold the ASN.1 data
175  buffer = cryptoAllocMem(n);
176 
177  //Successful memory allocation?
178  if(buffer != NULL)
179  {
180  //Decode the content of the PEM container
181  error = pemDecodeFile(input, length, "DH PARAMETERS", buffer, &n, NULL);
182 
183  //Check status code
184  if(!error)
185  {
186  //The Diffie-Hellman parameters are encapsulated within a sequence
187  error = asn1ReadSequence(buffer, n, &tag);
188  }
189 
190  //Check status code
191  if(!error)
192  {
193  //Point to the first field of the sequence
194  p = tag.value;
195  n = tag.length;
196 
197  //Read the prime modulus
198  error = asn1ReadMpi(p, n, &tag, &params->p);
199  }
200 
201  //Check status code
202  if(!error)
203  {
204  //Point to the next field
205  p += tag.totalLength;
206  n -= tag.totalLength;
207 
208  //Read the generator
209  error = asn1ReadMpi(p, n, &tag, &params->g);
210  }
211 
212  //Check status code
213  if(!error)
214  {
215  //Debug message
216  TRACE_DEBUG("Diffie-Hellman parameters:\r\n");
217  TRACE_DEBUG(" Prime modulus:\r\n");
218  TRACE_DEBUG_MPI(" ", &params->p);
219  TRACE_DEBUG(" Generator:\r\n");
220  TRACE_DEBUG_MPI(" ", &params->g);
221  }
222 
223  //Release previously allocated memory
224  cryptoFreeMem(buffer);
225  }
226  else
227  {
228  //Failed to allocate memory
229  error = ERROR_OUT_OF_MEMORY;
230  }
231  }
232 
233  //Any error to report?
234  if(error)
235  {
236  //Clean up side effects
237  mpiFree(&params->p);
238  mpiFree(&params->g);
239  }
240 
241  //Return status code
242  return error;
243 #else
244  //Not implemented
245  return ERROR_NOT_IMPLEMENTED;
246 #endif
247 }
248 
249 
250 /**
251  * @brief Decode a PEM file containing an RSA public key
252  * @param[in] input Pointer to the PEM encoding
253  * @param[in] length Length of the PEM encoding
254  * @param[out] publicKey RSA public key resulting from the parsing process
255  * @return Error code
256  **/
257 
259  RsaPublicKey *publicKey)
260 {
261 #if (RSA_SUPPORT == ENABLED)
262  error_t error;
263  size_t n;
264  uint8_t *buffer;
265  X509SubjectPublicKeyInfo publicKeyInfo;
266 
267  //Check parameters
268  if(input == NULL && length != 0)
270  if(publicKey == NULL)
272 
273  //Clear the SubjectPublicKeyInfo structure
274  cryptoMemset(&publicKeyInfo, 0, sizeof(X509SubjectPublicKeyInfo));
275 
276  //The type of data encoded is labeled depending on the type label in
277  //the "-----BEGIN " line (refer to RFC 7468, section 2)
278  if(pemDecodeFile(input, length, "RSA PUBLIC KEY", NULL, &n, NULL) == NO_ERROR)
279  {
280  //Allocate a memory buffer to hold the ASN.1 data
281  buffer = cryptoAllocMem(n);
282 
283  //Successful memory allocation?
284  if(buffer != NULL)
285  {
286  //Decode the content of the PEM container
287  error = pemDecodeFile(input, length, "RSA PUBLIC KEY", buffer, &n,
288  NULL);
289 
290  //Check status code
291  if(!error)
292  {
293  //Read RSAPublicKey structure
294  error = x509ParseRsaPublicKey(buffer, n, &publicKeyInfo.rsaPublicKey);
295  }
296 
297  //Check status code
298  if(!error)
299  {
300  //Set public key algorithm identifier
301  publicKeyInfo.oid = RSA_ENCRYPTION_OID;
302  publicKeyInfo.oidLen = sizeof(RSA_ENCRYPTION_OID);
303 
304  //Import the RSA public key
305  error = x509ImportRsaPublicKey(&publicKeyInfo, publicKey);
306  }
307 
308  //Release previously allocated memory
309  cryptoFreeMem(buffer);
310  }
311  else
312  {
313  //Failed to allocate memory
314  error = ERROR_OUT_OF_MEMORY;
315  }
316  }
317  else if(pemDecodeFile(input, length, "PUBLIC KEY", NULL, &n, NULL) == NO_ERROR)
318  {
319  //Allocate a memory buffer to hold the ASN.1 data
320  buffer = cryptoAllocMem(n);
321 
322  //Successful memory allocation?
323  if(buffer != NULL)
324  {
325  //Decode the content of the PEM container
326  error = pemDecodeFile(input, length, "PUBLIC KEY", buffer, &n, NULL);
327 
328  //Check status code
329  if(!error)
330  {
331  //The ASN.1 encoded data of the public key is the SubjectPublicKeyInfo
332  //structure (refer to RFC 7468, section 13)
333  error = x509ParseSubjectPublicKeyInfo(buffer, n, &n, &publicKeyInfo);
334  }
335 
336  //Check status code
337  if(!error)
338  {
339  //Import the RSA public key
340  error = x509ImportRsaPublicKey(&publicKeyInfo, publicKey);
341  }
342 
343  //Release previously allocated memory
344  cryptoFreeMem(buffer);
345  }
346  else
347  {
348  //Failed to allocate memory
349  error = ERROR_OUT_OF_MEMORY;
350  }
351  }
352  else
353  {
354  //The PEM file does not contain a valid RSA public key
355  error = ERROR_END_OF_FILE;
356  }
357 
358  //Any error to report?
359  if(error)
360  {
361  //Clean up side effects
362  rsaFreePublicKey(publicKey);
363  }
364 
365  //Return status code
366  return error;
367 #else
368  //Not implemented
369  return ERROR_NOT_IMPLEMENTED;
370 #endif
371 }
372 
373 
374 /**
375  * @brief Decode a PEM file containing an RSA private key
376  * @param[in] input Pointer to the PEM encoding
377  * @param[in] length Length of the PEM encoding
378  * @param[out] privateKey RSA private key resulting from the parsing process
379  * @return Error code
380  **/
381 
383  RsaPrivateKey *privateKey)
384 {
385 #if (RSA_SUPPORT == ENABLED)
386  error_t error;
387  size_t n;
388  uint8_t *buffer;
389  Pkcs8PrivateKeyInfo privateKeyInfo;
390 
391  //Check parameters
392  if(input == NULL && length != 0)
394  if(privateKey == NULL)
396 
397  //Clear the PrivateKeyInfo structure
398  cryptoMemset(&privateKeyInfo, 0, sizeof(Pkcs8PrivateKeyInfo));
399 
400  //The type of data encoded is labeled depending on the type label in
401  //the "-----BEGIN " line (refer to RFC 7468, section 2)
402  if(pemDecodeFile(input, length, "RSA PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
403  {
404  //Allocate a memory buffer to hold the ASN.1 data
405  buffer = cryptoAllocMem(n);
406 
407  //Successful memory allocation?
408  if(buffer != NULL)
409  {
410  //Decode the content of the PEM container
411  error = pemDecodeFile(input, length, "RSA PRIVATE KEY", buffer, &n,
412  NULL);
413 
414  //Check status code
415  if(!error)
416  {
417  //Read RSAPrivateKey structure
418  error = pkcs8ParseRsaPrivateKey(buffer, n,
419  &privateKeyInfo.rsaPrivateKey);
420  }
421 
422  //Check status code
423  if(!error)
424  {
425  //Set private key algorithm identifier
426  privateKeyInfo.oid = RSA_ENCRYPTION_OID;
427  privateKeyInfo.oidLen = sizeof(RSA_ENCRYPTION_OID);
428 
429  //Import the RSA private key
430  error = pkcs8ImportRsaPrivateKey(&privateKeyInfo, privateKey);
431  }
432 
433  //Release previously allocated memory
434  cryptoFreeMem(buffer);
435  }
436  else
437  {
438  //Failed to allocate memory
439  error = ERROR_OUT_OF_MEMORY;
440  }
441  }
442  else if(pemDecodeFile(input, length, "PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
443  {
444  //Allocate a memory buffer to hold the ASN.1 data
445  buffer = cryptoAllocMem(n);
446 
447  //Successful memory allocation?
448  if(buffer != NULL)
449  {
450  //Decode the content of the PEM container
451  error = pemDecodeFile(input, length, "PRIVATE KEY", buffer, &n, NULL);
452 
453  //Check status code
454  if(!error)
455  {
456  //Read the PrivateKeyInfo structure (refer to RFC 5208, section 5)
457  error = pkcs8ParsePrivateKeyInfo(buffer, n, &privateKeyInfo);
458  }
459 
460  //Check status code
461  if(!error)
462  {
463  //Import the RSA private key
464  error = pkcs8ImportRsaPrivateKey(&privateKeyInfo, privateKey);
465  }
466 
467  //Release previously allocated memory
468  cryptoFreeMem(buffer);
469  }
470  else
471  {
472  //Failed to allocate memory
473  error = ERROR_OUT_OF_MEMORY;
474  }
475  }
476  else
477  {
478  //The PEM file does not contain a valid RSA private key
479  error = ERROR_END_OF_FILE;
480  }
481 
482  //Any error to report?
483  if(error)
484  {
485  //Clean up side effects
486  rsaFreePrivateKey(privateKey);
487  }
488 
489  //Return status code
490  return error;
491 #else
492  //Not implemented
493  return ERROR_NOT_IMPLEMENTED;
494 #endif
495 }
496 
497 
498 /**
499  * @brief Decode a PEM file containing a DSA public key
500  * @param[in] input Pointer to the PEM encoding
501  * @param[in] length Length of the PEM encoding
502  * @param[out] publicKey DSA public key resulting from the parsing process
503  * @return Error code
504  **/
505 
507  DsaPublicKey *publicKey)
508 {
509 #if (DSA_SUPPORT == ENABLED)
510  error_t error;
511  size_t n;
512  uint8_t *buffer;
513  X509SubjectPublicKeyInfo publicKeyInfo;
514 
515  //Check parameters
516  if(input == NULL && length != 0)
518  if(publicKey == NULL)
520 
521  //Public keys are encoded using the "PUBLIC KEY" label
522  error = pemDecodeFile(input, length, "PUBLIC KEY", NULL, &n, NULL);
523 
524  //Check status code
525  if(!error)
526  {
527  //Allocate a memory buffer to hold the ASN.1 data
528  buffer = cryptoAllocMem(n);
529 
530  //Successful memory allocation?
531  if(buffer != NULL)
532  {
533  //Decode the content of the PEM container
534  error = pemDecodeFile(input, length, "PUBLIC KEY", buffer, &n, NULL);
535 
536  //Check status code
537  if(!error)
538  {
539  //The ASN.1 encoded data of the public key is the SubjectPublicKeyInfo
540  //structure (refer to RFC 7468, section 13)
541  error = x509ParseSubjectPublicKeyInfo(buffer, n, &n, &publicKeyInfo);
542  }
543 
544  //Check status code
545  if(!error)
546  {
547  //Import the DSA public key
548  error = x509ImportDsaPublicKey(&publicKeyInfo, publicKey);
549  }
550 
551  //Release previously allocated memory
552  cryptoFreeMem(buffer);
553  }
554  else
555  {
556  //Failed to allocate memory
557  error = ERROR_OUT_OF_MEMORY;
558  }
559  }
560 
561  //Any error to report?
562  if(error)
563  {
564  //Clean up side effects
565  dsaFreePublicKey(publicKey);
566  }
567 
568  //Return status code
569  return error;
570 #else
571  //Not implemented
572  return ERROR_NOT_IMPLEMENTED;
573 #endif
574 }
575 
576 
577 /**
578  * @brief Decode a PEM file containing a DSA private key
579  * @param[in] input Pointer to the PEM encoding
580  * @param[in] length Length of the PEM encoding
581  * @param[out] privateKey DSA private key resulting from the parsing process
582  * @return Error code
583  **/
584 
586  DsaPrivateKey *privateKey)
587 {
588 #if (DSA_SUPPORT == ENABLED)
589  error_t error;
590  size_t n;
591  uint8_t *buffer;
592  Pkcs8PrivateKeyInfo privateKeyInfo;
593 
594  //Check parameters
595  if(input == NULL && length != 0)
597  if(privateKey == NULL)
599 
600  //Clear the PrivateKeyInfo structure
601  cryptoMemset(&privateKeyInfo, 0, sizeof(Pkcs8PrivateKeyInfo));
602 
603  //The type of data encoded is labeled depending on the type label in
604  //the "-----BEGIN " line (refer to RFC 7468, section 2)
605  if(pemDecodeFile(input, length, "DSA PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
606  {
607  //Allocate a memory buffer to hold the ASN.1 data
608  buffer = cryptoAllocMem(n);
609 
610  //Successful memory allocation?
611  if(buffer != NULL)
612  {
613  //Decode the content of the PEM container
614  error = pemDecodeFile(input, length, "DSA PRIVATE KEY", buffer, &n,
615  NULL);
616 
617  //Check status code
618  if(!error)
619  {
620  //Read DSAPrivateKey structure
621  error = pkcs8ParseDsaPrivateKey(buffer, n, &privateKeyInfo.dsaParams,
622  &privateKeyInfo.dsaPrivateKey);
623  }
624 
625  //Check status code
626  if(!error)
627  {
628  //Set private key algorithm identifier
629  privateKeyInfo.oid = DSA_OID;
630  privateKeyInfo.oidLen = sizeof(DSA_OID);
631 
632  //Import the DSA private key
633  error = pkcs8ImportDsaPrivateKey(&privateKeyInfo, privateKey);
634  }
635 
636  //Release previously allocated memory
637  cryptoFreeMem(buffer);
638  }
639  else
640  {
641  //Failed to allocate memory
642  error = ERROR_OUT_OF_MEMORY;
643  }
644  }
645  else if(pemDecodeFile(input, length, "PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
646  {
647  //Allocate a memory buffer to hold the ASN.1 data
648  buffer = cryptoAllocMem(n);
649 
650  //Successful memory allocation?
651  if(buffer != NULL)
652  {
653  //Decode the content of the PEM container
654  error = pemDecodeFile(input, length, "PRIVATE KEY", buffer, &n, NULL);
655 
656  //Check status code
657  if(!error)
658  {
659  //Read the PrivateKeyInfo structure (refer to RFC 5208, section 5)
660  error = pkcs8ParsePrivateKeyInfo(buffer, n, &privateKeyInfo);
661  }
662 
663  //Check status code
664  if(!error)
665  {
666  //Import the DSA private key
667  error = pkcs8ImportDsaPrivateKey(&privateKeyInfo, privateKey);
668  }
669 
670  //Release previously allocated memory
671  cryptoFreeMem(buffer);
672  }
673  else
674  {
675  //Failed to allocate memory
676  error = ERROR_OUT_OF_MEMORY;
677  }
678  }
679  else
680  {
681  //The PEM file does not contain a valid RSA private key
682  error = ERROR_END_OF_FILE;
683  }
684 
685  //Any error to report?
686  if(error)
687  {
688  //Clean up side effects
689  dsaFreePrivateKey(privateKey);
690  }
691 
692  //Return status code
693  return error;
694 #else
695  //Not implemented
696  return ERROR_NOT_IMPLEMENTED;
697 #endif
698 }
699 
700 
701 /**
702  * @brief Decode a PEM file containing EC domain parameters
703  * @param[in] input Pointer to the PEM encoding
704  * @param[in] length Length of the PEM encoding
705  * @param[out] params EC domain parameters
706  * @return Error code
707  **/
708 
710  EcDomainParameters *params)
711 {
712 #if (EC_SUPPORT == ENABLED)
713  error_t error;
714  size_t n;
715  uint8_t *buffer;
716 
717  //Check parameters
718  if(input == NULL && length != 0)
720  if(params == NULL)
722 
723  //The type of data encoded is labeled depending on the type label in
724  //the "-----BEGIN " line (refer to RFC 7468, section 2)
725  if(pemDecodeFile(input, length, "EC PARAMETERS", NULL, &n, NULL) == NO_ERROR)
726  {
727  X509EcParameters ecParams;
728 
729  //Allocate a memory buffer to hold the ASN.1 data
730  buffer = cryptoAllocMem(n);
731 
732  //Successful memory allocation?
733  if(buffer != NULL)
734  {
735  //Decode the content of the PEM container
736  error = pemDecodeFile(input, length, "EC PARAMETERS", buffer, &n,
737  NULL);
738 
739  //Check status code
740  if(!error)
741  {
742  //Parse ECParameters structure
743  error = x509ParseEcParameters(buffer, n, &ecParams);
744  }
745 
746  //Check status code
747  if(!error)
748  {
749  //Import the EC domain parameters
750  error = x509ImportEcParameters(&ecParams, params);
751  }
752 
753  //Release previously allocated memory
754  cryptoFreeMem(buffer);
755  }
756  else
757  {
758  //Failed to allocate memory
759  error = ERROR_OUT_OF_MEMORY;
760  }
761  }
762  else if(pemDecodeFile(input, length, "EC PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
763  {
764  Pkcs8PrivateKeyInfo privateKeyInfo;
765 
766  //Allocate a memory buffer to hold the ASN.1 data
767  buffer = cryptoAllocMem(n);
768 
769  //Successful memory allocation?
770  if(buffer != NULL)
771  {
772  //Decode the content of the PEM container
773  error = pemDecodeFile(input, length, "EC PRIVATE KEY", buffer, &n,
774  NULL);
775 
776  //Check status code
777  if(!error)
778  {
779  //Read ECPrivateKey structure
780  error = pkcs8ParseEcPrivateKey(buffer, n, &privateKeyInfo.ecParams,
781  &privateKeyInfo.ecPrivateKey);
782  }
783 
784  //Check status code
785  if(!error)
786  {
787  //Import the EC domain parameters
788  error = x509ImportEcParameters(&privateKeyInfo.ecParams, params);
789  }
790 
791  //Release previously allocated memory
792  cryptoFreeMem(buffer);
793  }
794  else
795  {
796  //Failed to allocate memory
797  error = ERROR_OUT_OF_MEMORY;
798  }
799  }
800  else if(pemDecodeFile(input, length, "PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
801  {
802  Pkcs8PrivateKeyInfo privateKeyInfo;
803 
804  //Allocate a memory buffer to hold the ASN.1 data
805  buffer = cryptoAllocMem(n);
806 
807  //Successful memory allocation?
808  if(buffer != NULL)
809  {
810  //Decode the content of the PEM container
811  error = pemDecodeFile(input, length, "PRIVATE KEY", buffer, &n, NULL);
812 
813  //Check status code
814  if(!error)
815  {
816  //Read the PrivateKeyInfo structure (refer to RFC 5208, section 5)
817  error = pkcs8ParsePrivateKeyInfo(buffer, n, &privateKeyInfo);
818  }
819 
820  //Check status code
821  if(!error)
822  {
823  //Import the EC domain parameters
824  error = x509ImportEcParameters(&privateKeyInfo.ecParams, params);
825  }
826 
827  //Release previously allocated memory
828  cryptoFreeMem(buffer);
829  }
830  else
831  {
832  //Failed to allocate memory
833  error = ERROR_OUT_OF_MEMORY;
834  }
835  }
836  else if(pemDecodeFile(input, length, "PUBLIC KEY", NULL, &n, NULL) == NO_ERROR)
837  {
838  X509SubjectPublicKeyInfo publicKeyInfo;
839 
840  //Allocate a memory buffer to hold the ASN.1 data
841  buffer = cryptoAllocMem(n);
842 
843  //Successful memory allocation?
844  if(buffer != NULL)
845  {
846  //Decode the content of the PEM container
847  error = pemDecodeFile(input, length, "PUBLIC KEY", buffer, &n,
848  NULL);
849 
850  //Check status code
851  if(!error)
852  {
853  //The ASN.1 encoded data of the public key is the SubjectPublicKeyInfo
854  //structure (refer to RFC 7468, section 13)
855  error = x509ParseSubjectPublicKeyInfo(buffer, n, &n, &publicKeyInfo);
856  }
857 
858  //Check status code
859  if(!error)
860  {
861  //Import the EC domain parameters
862  error = x509ImportEcParameters(&publicKeyInfo.ecParams, params);
863  }
864 
865  //Release previously allocated memory
866  cryptoFreeMem(buffer);
867  }
868  else
869  {
870  //Failed to allocate memory
871  error = ERROR_OUT_OF_MEMORY;
872  }
873  }
874  else
875  {
876  //The PEM file does not contain a valid RSA private key
877  error = ERROR_END_OF_FILE;
878  }
879 
880  //Any error to report?
881  if(error)
882  {
883  //Clean up side effects
884  ecFreeDomainParameters(params);
885  }
886 
887  //Return status code
888  return error;
889 #else
890  //Not implemented
891  return ERROR_NOT_IMPLEMENTED;
892 #endif
893 }
894 
895 
896 /**
897  * @brief Decode a PEM file containing an EC public key
898  * @param[in] input Pointer to the PEM encoding
899  * @param[in] length Length of the PEM encoding
900  * @param[out] publicKey EC public key resulting from the parsing process
901  * @return Error code
902  **/
903 
905  EcPoint *publicKey)
906 {
907 #if (EC_SUPPORT == ENABLED)
908  error_t error;
909  size_t n;
910  uint8_t *buffer;
911  X509SubjectPublicKeyInfo publicKeyInfo;
912 
913  //Check parameters
914  if(input == NULL && length != 0)
916  if(publicKey == NULL)
918 
919  //Public keys are encoded using the "PUBLIC KEY" label
920  error = pemDecodeFile(input, length, "PUBLIC KEY", NULL, &n, NULL);
921 
922  //Check status code
923  if(!error)
924  {
925  //Allocate a memory buffer to hold the ASN.1 data
926  buffer = cryptoAllocMem(n);
927 
928  //Successful memory allocation?
929  if(buffer != NULL)
930  {
931  //Decode the content of the PEM container
932  error = pemDecodeFile(input, length, "PUBLIC KEY", buffer, &n, NULL);
933 
934  //Check status code
935  if(!error)
936  {
937  //The ASN.1 encoded data of the public key is the SubjectPublicKeyInfo
938  //structure (refer to RFC 7468, section 13)
939  error = x509ParseSubjectPublicKeyInfo(buffer, n, &n, &publicKeyInfo);
940  }
941 
942  //Check status code
943  if(!error)
944  {
945  //Import the EC public key
946  error = x509ImportEcPublicKey(&publicKeyInfo, publicKey);
947  }
948 
949  //Release previously allocated memory
950  cryptoFreeMem(buffer);
951  }
952  else
953  {
954  //Failed to allocate memory
955  error = ERROR_OUT_OF_MEMORY;
956  }
957  }
958 
959  //Any error to report?
960  if(error)
961  {
962  //Clean up side effects
963  ecFree(publicKey);
964  }
965 
966  //Return status code
967  return error;
968 #else
969  //Not implemented
970  return ERROR_NOT_IMPLEMENTED;
971 #endif
972 }
973 
974 
975 /**
976  * @brief Decode a PEM file containing an EC private key
977  * @param[in] input Pointer to the PEM encoding
978  * @param[in] length Length of the PEM encoding
979  * @param[out] privateKey EC private key resulting from the parsing process
980  * @return Error code
981  **/
982 
984  Mpi *privateKey)
985 {
986 #if (EC_SUPPORT == ENABLED)
987  error_t error;
988  size_t n;
989  uint8_t *buffer;
990  Pkcs8PrivateKeyInfo privateKeyInfo;
991 
992  //Check parameters
993  if(input == NULL && length != 0)
995  if(privateKey == NULL)
997 
998  //Clear the PrivateKeyInfo structure
999  cryptoMemset(&privateKeyInfo, 0, sizeof(Pkcs8PrivateKeyInfo));
1000 
1001  //The type of data encoded is labeled depending on the type label in
1002  //the "-----BEGIN " line (refer to RFC 7468, section 2)
1003  if(pemDecodeFile(input, length, "EC PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
1004  {
1005  //Allocate a memory buffer to hold the ASN.1 data
1006  buffer = cryptoAllocMem(n);
1007 
1008  //Successful memory allocation?
1009  if(buffer != NULL)
1010  {
1011  //Decode the content of the PEM container
1012  error = pemDecodeFile(input, length, "EC PRIVATE KEY", buffer, &n,
1013  NULL);
1014 
1015  //Check status code
1016  if(!error)
1017  {
1018  //Read ECPrivateKey structure
1019  error = pkcs8ParseEcPrivateKey(buffer, n, &privateKeyInfo.ecParams,
1020  &privateKeyInfo.ecPrivateKey);
1021  }
1022 
1023  //Check status code
1024  if(!error)
1025  {
1026  //Set public key algorithm identifier
1027  privateKeyInfo.oid = EC_PUBLIC_KEY_OID;
1028  privateKeyInfo.oidLen = sizeof(EC_PUBLIC_KEY_OID);
1029 
1030  //Import the EC private key
1031  error = pkcs8ImportEcPrivateKey(&privateKeyInfo, privateKey);
1032  }
1033 
1034  //Release previously allocated memory
1035  cryptoFreeMem(buffer);
1036  }
1037  else
1038  {
1039  //Failed to allocate memory
1040  error = ERROR_OUT_OF_MEMORY;
1041  }
1042  }
1043  else if(pemDecodeFile(input, length, "PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
1044  {
1045  //Allocate a memory buffer to hold the ASN.1 data
1046  buffer = cryptoAllocMem(n);
1047 
1048  //Successful memory allocation?
1049  if(buffer != NULL)
1050  {
1051  //Decode the content of the PEM container
1052  error = pemDecodeFile(input, length, "PRIVATE KEY", buffer, &n, NULL);
1053 
1054  //Check status code
1055  if(!error)
1056  {
1057  //Read the PrivateKeyInfo structure (refer to RFC 5208, section 5)
1058  error = pkcs8ParsePrivateKeyInfo(buffer, n, &privateKeyInfo);
1059  }
1060 
1061  //Check status code
1062  if(!error)
1063  {
1064  //Import the EC private key
1065  error = pkcs8ImportEcPrivateKey(&privateKeyInfo, privateKey);
1066  }
1067 
1068  //Release previously allocated memory
1069  cryptoFreeMem(buffer);
1070  }
1071  else
1072  {
1073  //Failed to allocate memory
1074  error = ERROR_OUT_OF_MEMORY;
1075  }
1076  }
1077  else
1078  {
1079  //The PEM file does not contain a valid RSA private key
1080  error = ERROR_END_OF_FILE;
1081  }
1082 
1083  //Any error to report?
1084  if(error)
1085  {
1086  //Clean up side effects
1087  mpiFree(privateKey);
1088  }
1089 
1090  //Return status code
1091  return error;
1092 #else
1093  //Not implemented
1094  return ERROR_NOT_IMPLEMENTED;
1095 #endif
1096 }
1097 
1098 
1099 /**
1100  * @brief Decode a PEM file containing a EdDSA public key
1101  * @param[in] input Pointer to the PEM encoding
1102  * @param[in] length Length of the PEM encoding
1103  * @param[out] publicKey EdDSA public key resulting from the parsing process
1104  * @return Error code
1105  **/
1106 
1108  EddsaPublicKey *publicKey)
1109 {
1110 #if (ED25519_SUPPORT == ENABLED || ED448_SUPPORT == ENABLED)
1111  error_t error;
1112  size_t n;
1113  uint8_t *buffer;
1114  X509SubjectPublicKeyInfo publicKeyInfo;
1115 
1116  //Check parameters
1117  if(input == NULL && length != 0)
1118  return ERROR_INVALID_PARAMETER;
1119  if(publicKey == NULL)
1120  return ERROR_INVALID_PARAMETER;
1121 
1122  //Public keys are encoded using the "PUBLIC KEY" label
1123  error = pemDecodeFile(input, length, "PUBLIC KEY", NULL, &n, NULL);
1124 
1125  //Check status code
1126  if(!error)
1127  {
1128  //Allocate a memory buffer to hold the ASN.1 data
1129  buffer = cryptoAllocMem(n);
1130 
1131  //Successful memory allocation?
1132  if(buffer != NULL)
1133  {
1134  //Decode the content of the PEM container
1135  error = pemDecodeFile(input, length, "PUBLIC KEY", buffer, &n, NULL);
1136 
1137  //Check status code
1138  if(!error)
1139  {
1140  //The ASN.1 encoded data of the public key is the SubjectPublicKeyInfo
1141  //structure (refer to RFC 7468, section 13)
1142  error = x509ParseSubjectPublicKeyInfo(buffer, n, &n, &publicKeyInfo);
1143  }
1144 
1145  //Check status code
1146  if(!error)
1147  {
1148  //Import the EdDSA public key
1149  error = x509ImportEddsaPublicKey(&publicKeyInfo, publicKey);
1150  }
1151 
1152  //Release previously allocated memory
1153  cryptoFreeMem(buffer);
1154  }
1155  else
1156  {
1157  //Failed to allocate memory
1158  error = ERROR_OUT_OF_MEMORY;
1159  }
1160  }
1161 
1162  //Any error to report?
1163  if(error)
1164  {
1165  //Clean up side effects
1166  eddsaFreePublicKey(publicKey);
1167  }
1168 
1169  //Return status code
1170  return error;
1171 #else
1172  //Not implemented
1173  return ERROR_NOT_IMPLEMENTED;
1174 #endif
1175 }
1176 
1177 
1178 /**
1179  * @brief Decode a PEM file containing a EdDSA private key
1180  * @param[in] input Pointer to the PEM encoding
1181  * @param[in] length Length of the PEM encoding
1182  * @param[out] privateKey EdDSA private key resulting from the parsing process
1183  * @return Error code
1184  **/
1185 
1187  EddsaPrivateKey *privateKey)
1188 {
1189 #if (ED25519_SUPPORT == ENABLED || ED448_SUPPORT == ENABLED)
1190  error_t error;
1191  size_t n;
1192  uint8_t *buffer;
1193  Pkcs8PrivateKeyInfo privateKeyInfo;
1194 
1195  //Check parameters
1196  if(input == NULL && length != 0)
1197  return ERROR_INVALID_PARAMETER;
1198  if(privateKey == NULL)
1199  return ERROR_INVALID_PARAMETER;
1200 
1201  //PKCS#8 private keys are encoded using the "PRIVATE KEY" label
1202  error = pemDecodeFile(input, length, "PRIVATE KEY", NULL, &n, NULL);
1203 
1204  //Check status code
1205  if(!error)
1206  {
1207  //Allocate a memory buffer to hold the ASN.1 data
1208  buffer = cryptoAllocMem(n);
1209 
1210  //Successful memory allocation?
1211  if(buffer != NULL)
1212  {
1213  //Decode the content of the PEM container
1214  error = pemDecodeFile(input, length, "PRIVATE KEY", buffer, &n, NULL);
1215 
1216  //Check status code
1217  if(!error)
1218  {
1219  //Read the PrivateKeyInfo structure (refer to RFC 5208, section 5)
1220  error = pkcs8ParsePrivateKeyInfo(buffer, n, &privateKeyInfo);
1221  }
1222 
1223  //Check status code
1224  if(!error)
1225  {
1226  //Import the EdDSA private key
1227  error = pkcs8ImportEddsaPrivateKey(&privateKeyInfo, privateKey);
1228  }
1229 
1230  //Release previously allocated memory
1231  cryptoFreeMem(buffer);
1232  }
1233  else
1234  {
1235  //Failed to allocate memory
1236  error = ERROR_OUT_OF_MEMORY;
1237  }
1238  }
1239 
1240  //Any error to report?
1241  if(error)
1242  {
1243  //Clean up side effects
1244  eddsaFreePrivateKey(privateKey);
1245  }
1246 
1247  //Return status code
1248  return error;
1249 #else
1250  //Not implemented
1251  return ERROR_NOT_IMPLEMENTED;
1252 #endif
1253 }
1254 
1255 
1256 /**
1257  * @brief Retrieve the type of a PEM-encoded public key
1258  * @param[in] input Pointer to the PEM encoding
1259  * @param[in] length Length of the PEM encoding
1260  * @param[out] Public key type
1261  * @return Error code
1262  **/
1263 
1265  X509KeyType *keyType)
1266 {
1267  error_t error;
1268  size_t n;
1269  uint8_t *buffer;
1270  X509SubjectPublicKeyInfo publicKeyInfo;
1271 
1272  //Check parameters
1273  if(input == NULL && length != 0)
1274  return ERROR_INVALID_PARAMETER;
1275  if(keyType == NULL)
1276  return ERROR_INVALID_PARAMETER;
1277 
1278  //Initialize status code
1279  error = NO_ERROR;
1280 
1281  //Default public key type
1282  *keyType = X509_KEY_TYPE_UNKNOWN;
1283 
1284 #if (RSA_SUPPORT == ENABLED)
1285  //PEM container with "RSA PUBLIC KEY" label?
1286  if(pemDecodeFile(input, length, "RSA PUBLIC KEY", NULL, &n, NULL) == NO_ERROR)
1287  {
1288  //The PEM file contains an RSA public key (PKCS #1 format)
1289  *keyType = X509_KEY_TYPE_RSA;
1290  }
1291  else
1292 #endif
1293  //PEM container with "PUBLIC KEY" label?
1294  if(pemDecodeFile(input, length, "PUBLIC KEY", NULL, &n, NULL) == NO_ERROR)
1295  {
1296  //Allocate a memory buffer to hold the ASN.1 data
1297  buffer = cryptoAllocMem(n);
1298 
1299  //Successful memory allocation?
1300  if(buffer != NULL)
1301  {
1302  //Decode the content of the PEM container
1303  error = pemDecodeFile(input, length, "PUBLIC KEY", buffer, &n, NULL);
1304 
1305  //Check status code
1306  if(!error)
1307  {
1308  //The ASN.1 encoded data of the public key is the SubjectPublicKeyInfo
1309  //structure (refer to RFC 7468, section 13)
1310  error = x509ParseSubjectPublicKeyInfo(buffer, n, &n, &publicKeyInfo);
1311  }
1312 
1313  //Check status code
1314  if(!error)
1315  {
1316  //Check public key algorithm identifier
1317  *keyType = x509GetPublicKeyType(publicKeyInfo.oid,
1318  publicKeyInfo.oidLen);
1319 
1320  //Unknown algorithm identifier?
1321  if(*keyType == X509_KEY_TYPE_UNKNOWN)
1322  {
1323  //Report an error
1324  error = ERROR_WRONG_IDENTIFIER;
1325  }
1326  }
1327 
1328  //Release previously allocated memory
1329  cryptoFreeMem(buffer);
1330  }
1331  else
1332  {
1333  //Failed to allocate memory
1334  error = ERROR_OUT_OF_MEMORY;
1335  }
1336  }
1337  else
1338  {
1339  //The PEM file does not contain a valid public key
1340  error = ERROR_END_OF_FILE;
1341  }
1342 
1343  //Return status code
1344  return error;
1345 }
1346 
1347 
1348 /**
1349  * @brief Retrieve the type of a PEM-encoded private key
1350  * @param[in] input Pointer to the PEM encoding
1351  * @param[in] length Length of the PEM encoding
1352  * @param[out] Private key type
1353  * @return Error code
1354  **/
1355 
1357  X509KeyType *keyType)
1358 {
1359  error_t error;
1360  size_t n;
1361  uint8_t *buffer;
1362  Pkcs8PrivateKeyInfo privateKeyInfo;
1363 
1364  //Check parameters
1365  if(input == NULL && length != 0)
1366  return ERROR_INVALID_PARAMETER;
1367  if(keyType == NULL)
1368  return ERROR_INVALID_PARAMETER;
1369 
1370  //Initialize status code
1371  error = NO_ERROR;
1372 
1373  //Default private key type
1374  *keyType = X509_KEY_TYPE_UNKNOWN;
1375 
1376 #if (RSA_SUPPORT == ENABLED)
1377  //PEM container with "RSA PRIVATE KEY" label?
1378  if(pemDecodeFile(input, length, "RSA PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
1379  {
1380  //The PEM file contains an RSA private key (PKCS #1 format)
1381  *keyType = X509_KEY_TYPE_RSA;
1382  }
1383  else
1384 #endif
1385 #if (DSA_SUPPORT == ENABLED)
1386  //PEM container with "DSA PRIVATE KEY" label?
1387  if(pemDecodeFile(input, length, "DSA PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
1388  {
1389  //The PEM file contains a DSA private key
1390  *keyType = X509_KEY_TYPE_DSA;
1391  }
1392  else
1393 #endif
1394 #if (EC_SUPPORT == ENABLED)
1395  //PEM container with "EC PRIVATE KEY" label?
1396  if(pemDecodeFile(input, length, "EC PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
1397  {
1398  //The PEM file contains an EC private key
1399  *keyType = X509_KEY_TYPE_EC;
1400  }
1401  else
1402 #endif
1403  //PEM container with "PRIVATE KEY" label?
1404  if(pemDecodeFile(input, length, "PRIVATE KEY", NULL, &n, NULL) == NO_ERROR)
1405  {
1406  //Allocate a memory buffer to hold the ASN.1 data
1407  buffer = cryptoAllocMem(n);
1408 
1409  //Successful memory allocation?
1410  if(buffer != NULL)
1411  {
1412  //Decode the content of the PEM container
1413  error = pemDecodeFile(input, length, "PRIVATE KEY", buffer, &n, NULL);
1414 
1415  //Check status code
1416  if(!error)
1417  {
1418  //Read the PrivateKeyInfo structure (refer to RFC 5208, section 5)
1419  error = pkcs8ParsePrivateKeyInfo(buffer, n, &privateKeyInfo);
1420  }
1421 
1422  //Check status code
1423  if(!error)
1424  {
1425  //Check private key algorithm identifier
1426  *keyType = x509GetPublicKeyType(privateKeyInfo.oid,
1427  privateKeyInfo.oidLen);
1428 
1429  //Unknown algorithm identifier?
1430  if(*keyType == X509_KEY_TYPE_UNKNOWN)
1431  {
1432  //Report an error
1433  error = ERROR_WRONG_IDENTIFIER;
1434  }
1435  }
1436 
1437  //Release previously allocated memory
1438  cryptoFreeMem(buffer);
1439  }
1440  else
1441  {
1442  //Failed to allocate memory
1443  error = ERROR_OUT_OF_MEMORY;
1444  }
1445  }
1446  else
1447  {
1448  //The PEM file does not contain a valid private key
1449  error = ERROR_END_OF_FILE;
1450  }
1451 
1452  //Return status code
1453  return error;
1454 }
1455 
1456 
1457 /**
1458  * @brief Convert PEM container to ASN.1 format
1459  * @param[in] input PEM container to decode
1460  * @param[in] inputLen Length of the PEM container to decode
1461  * @param[in] label Label indicating the type of data
1462  * @param[out] output ASN.1 data (optional parameter)
1463  * @param[out] outputLen Length of the ASN.1 data
1464  * @param[out] consumed Total number of characters that have been consumed
1465  * (optional parameter)
1466  **/
1467 
1468 error_t pemDecodeFile(const char_t *input, size_t inputLen, const char_t *label,
1469  uint8_t *output, size_t *outputLen, size_t *consumed)
1470 {
1471  error_t error;
1472  int_t i;
1473  int_t j;
1474 
1475  //The PEM container begins with a "-----BEGIN " line
1476  i = pemFindTag(input, inputLen, "-----BEGIN ", label, "-----");
1477  //Encapsulation boundary not found?
1478  if(i < 0)
1479  return ERROR_END_OF_FILE;
1480 
1481  //Skip the encapsulation boundary
1482  i += cryptoStrlen("-----BEGIN -----") + cryptoStrlen(label);
1483 
1484  //The PEM container ends with a "-----END " line
1485  j = pemFindTag(input + i, inputLen - i, "-----END ", label, "-----");
1486  //Encapsulation boundary not found?
1487  if(j < 0)
1488  return ERROR_INVALID_SYNTAX;
1489 
1490  //The contents of the PEM file is Base64-encoded
1491  error = base64Decode(input + i, j, output, outputLen);
1492  //Failed to decode the file?
1493  if(error)
1494  return error;
1495 
1496  //Sanity check
1497  if(*outputLen == 0)
1498  return ERROR_INVALID_SYNTAX;
1499 
1500  //If the output parameter is NULL, then the function calculates the
1501  //length of the resulting ASN.1 data without copying any data
1502  if(output != NULL)
1503  {
1504  //Display ASN.1 structure
1505  error = asn1DumpObject(output, *outputLen, 0);
1506  //Any error to report?
1507  if(error)
1508  return error;
1509  }
1510 
1511  //The last parameter is optional
1512  if(consumed != NULL)
1513  {
1514  //Total number of characters that have been consumed
1515  *consumed = i + j + cryptoStrlen("-----END -----") + cryptoStrlen(label);
1516  }
1517 
1518  //Successful processing
1519  return NO_ERROR;
1520 }
1521 
1522 
1523 /**
1524  * @brief Search a string for a given tag
1525  * @param[in] input String to search
1526  * @param[in] inputLen Length of the string to search
1527  * @param[in] tag1 First part of the tag (NULL-terminated string)
1528  * @param[in] tag2 Second part of the tag (NULL-terminated string)
1529  * @param[in] tag3 Third part of the tag (NULL-terminated string)
1530  * @return The index of the first occurrence of the tag in the string,
1531  * or -1 if the tag does not appear in the string
1532  **/
1533 
1534 int_t pemFindTag(const char_t *input, size_t inputLen, const char_t *tag1,
1535  const char_t *tag2, const char_t *tag3)
1536 {
1537  size_t i;
1538  size_t j;
1539  size_t n1;
1540  size_t n2;
1541  size_t n3;
1542  int_t index;
1543 
1544  //Initialize index
1545  index = -1;
1546 
1547  //Calculate the length of the tag
1548  n1 = cryptoStrlen(tag1);
1549  n2 = cryptoStrlen(tag2);
1550  n3 = cryptoStrlen(tag3);
1551 
1552  //Parse input string
1553  for(i = 0; (i + n1 + n2 + n3) <= inputLen; i++)
1554  {
1555  //Compare current substring with the given tag
1556  for(j = 0; j < (n1 + n2 + n3); j++)
1557  {
1558  if(j < n1)
1559  {
1560  if(input[i + j] != tag1[j])
1561  break;
1562  }
1563  else if(j < (n1 + n2))
1564  {
1565  if(input[i + j] != tag2[j - n1])
1566  break;
1567  }
1568  else
1569  {
1570  if(input[i + j] != tag3[j - n1 - n2])
1571  break;
1572  }
1573  }
1574 
1575  //Check whether the tag has been found
1576  if(j == (n1 + n2 + n3))
1577  {
1578  index = i;
1579  break;
1580  }
1581  }
1582 
1583  //Return the index of the first occurrence of the tag in the string
1584  return index;
1585 }
1586 
1587 #endif
error_t pkcs8ParsePrivateKeyInfo(const uint8_t *data, size_t length, Pkcs8PrivateKeyInfo *privateKeyInfo)
Parse PrivateKeyInfo structure.
error_t pemGetPublicKeyType(const char_t *input, size_t length, X509KeyType *keyType)
Retrieve the type of a PEM-encoded public key.
Definition: pem_import.c:1264
@ X509_KEY_TYPE_RSA
Definition: x509_common.h:506
Pkcs8RsaPrivateKey rsaPrivateKey
uint8_t length
Definition: dtls_misc.h:149
const uint8_t * oid
Definition: x509_common.h:698
error_t x509ImportEddsaPublicKey(const X509SubjectPublicKeyInfo *publicKeyInfo, EddsaPublicKey *publicKey)
Import an EdDSA public key.
Private key information.
void rsaFreePublicKey(RsaPublicKey *key)
Release an RSA public key.
Definition: rsa.c:118
error_t pemGetPrivateKeyType(const char_t *input, size_t length, X509KeyType *keyType)
Retrieve the type of a PEM-encoded private key.
Definition: pem_import.c:1356
const uint8_t * oid
error_t pemImportRsaPrivateKey(const char_t *input, size_t length, RsaPrivateKey *privateKey)
Decode a PEM file containing an RSA private key.
Definition: pem_import.c:382
Arbitrary precision integer.
Definition: mpi.h:69
signed int int_t
Definition: compiler_port.h:44
error_t x509ImportRsaPublicKey(const X509SubjectPublicKeyInfo *publicKeyInfo, RsaPublicKey *publicKey)
Import an RSA public key.
@ ERROR_NOT_IMPLEMENTED
Definition: error.h:66
error_t x509ImportEcParameters(const X509EcParameters *ecParams, EcDomainParameters *params)
Import EC domain parameters.
error_t x509ParseSubjectPublicKeyInfo(const uint8_t *data, size_t length, size_t *totalLength, X509SubjectPublicKeyInfo *publicKeyInfo)
Parse SubjectPublicKeyInfo structure.
OID (Object Identifier)
void eddsaFreePrivateKey(EddsaPrivateKey *key)
Release a DSA private key.
Definition: eddsa.c:86
uint8_t p
Definition: ndp.h:298
void dsaFreePrivateKey(DsaPrivateKey *key)
Release a DSA private key.
Definition: dsa.c:122
const uint8_t EC_PUBLIC_KEY_OID[7]
Definition: ec.c:47
X509EcParameters ecParams
Definition: x509_common.h:708
error_t x509ParseRsaPublicKey(const uint8_t *data, size_t length, X509RsaPublicKey *rsaPublicKey)
Parse RSAPublicKey structure.
error_t asn1DumpObject(const uint8_t *data, size_t length, uint_t level)
Display an ASN.1 data object.
Definition: asn1.c:690
@ ERROR_OUT_OF_MEMORY
Definition: error.h:63
EC domain parameters.
Definition: ec.h:63
error_t pemImportEddsaPrivateKey(const char_t *input, size_t length, EddsaPrivateKey *privateKey)
Decode a PEM file containing a EdDSA private key.
Definition: pem_import.c:1186
void ecFreeDomainParameters(EcDomainParameters *params)
Release EC domain parameters.
Definition: ec.c:75
int_t pemFindTag(const char_t *input, size_t inputLen, const char_t *tag1, const char_t *tag2, const char_t *tag3)
Search a string for a given tag.
Definition: pem_import.c:1534
error_t pemImportDsaPrivateKey(const char_t *input, size_t length, DsaPrivateKey *privateKey)
Decode a PEM file containing a DSA private key.
Definition: pem_import.c:585
const uint8_t DSA_OID[7]
Definition: dsa.c:51
size_t totalLength
Definition: asn1.h:104
size_t length
Definition: asn1.h:102
@ X509_KEY_TYPE_EC
Definition: x509_common.h:509
error_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t *outputLen)
Base64 decoding algorithm.
Definition: base64.c:194
Pkcs8EcPrivateKey ecPrivateKey
error_t pemImportCertificate(const char_t *input, size_t inputLen, uint8_t *output, size_t *outputLen, size_t *consumed)
Decode a PEM file containing a certificate.
Definition: pem_import.c:60
PEM file import functions.
DSA public key.
Definition: dsa.h:60
@ ERROR_INVALID_PARAMETER
Invalid parameter.
Definition: error.h:47
#define cryptoStrlen(s)
Definition: crypto.h:660
error_t x509ImportDsaPublicKey(const X509SubjectPublicKeyInfo *publicKeyInfo, DsaPublicKey *publicKey)
Import a DSA public key.
error_t
Error codes.
Definition: error.h:42
EC parameters.
Definition: x509_common.h:672
void rsaFreePrivateKey(RsaPrivateKey *key)
Release an RSA private key.
Definition: rsa.c:150
EdDSA public key.
Definition: eddsa.h:48
error_t pemImportEcPrivateKey(const char_t *input, size_t length, Mpi *privateKey)
Decode a PEM file containing an EC private key.
Definition: pem_import.c:983
ASN.1 tag.
Definition: asn1.h:97
RSA public key.
Definition: rsa.h:48
X509RsaPublicKey rsaPublicKey
Definition: x509_common.h:701
X509DsaParameters dsaParams
MPI (Multiple Precision Integer Arithmetic)
Mpi p
Prime modulus.
Definition: dh.h:50
@ ERROR_END_OF_FILE
Definition: error.h:157
General definitions for cryptographic algorithms.
Base64 encoding scheme.
DSA private key.
Definition: dsa.h:73
Elliptic curve point.
Definition: ec.h:51
error_t pkcs8ParseRsaPrivateKey(const uint8_t *data, size_t length, Pkcs8RsaPrivateKey *rsaPrivateKey)
Parse RSAPrivateKey structure.
error_t pkcs8ImportEddsaPrivateKey(const Pkcs8PrivateKeyInfo *privateKeyInfo, EddsaPrivateKey *privateKey)
Import an EdDSA private key.
error_t x509ImportEcPublicKey(const X509SubjectPublicKeyInfo *publicKeyInfo, EcPoint *publicKey)
Import an EC public key.
error_t pemImportEcParameters(const char_t *input, size_t length, EcDomainParameters *params)
Decode a PEM file containing EC domain parameters.
Definition: pem_import.c:709
EdDSA private key.
Definition: eddsa.h:58
const uint8_t RSA_ENCRYPTION_OID[9]
Definition: rsa.c:57
#define cryptoMemset(p, value, length)
Definition: crypto.h:636
#define TRACE_DEBUG(...)
Definition: debug.h:106
char char_t
Definition: compiler_port.h:43
error_t pemImportEddsaPublicKey(const char_t *input, size_t length, EddsaPublicKey *publicKey)
Decode a PEM file containing a EdDSA public key.
Definition: pem_import.c:1107
uint8_t n
RSA private key.
Definition: rsa.h:59
Subject public key information.
Definition: x509_common.h:694
error_t asn1ReadMpi(const uint8_t *data, size_t length, Asn1Tag *tag, Mpi *value)
Read a multiple-precision integer from the input stream.
Definition: asn1.c:334
@ X509_KEY_TYPE_DSA
Definition: x509_common.h:508
#define cryptoFreeMem(p)
Definition: crypto.h:630
error_t pemImportEcPublicKey(const char_t *input, size_t length, EcPoint *publicKey)
Decode a PEM file containing an EC public key.
Definition: pem_import.c:904
PKCS #8 key parsing.
error_t pkcs8ImportEcPrivateKey(const Pkcs8PrivateKeyInfo *privateKeyInfo, Mpi *privateKey)
Import an EC private key.
@ ERROR_WRONG_IDENTIFIER
Definition: error.h:88
#define cryptoAllocMem(size)
Definition: crypto.h:625
error_t pemImportRsaPublicKey(const char_t *input, size_t length, RsaPublicKey *publicKey)
Decode a PEM file containing an RSA public key.
Definition: pem_import.c:258
void eddsaFreePublicKey(EddsaPublicKey *key)
Release a DSA public key.
Definition: eddsa.c:61
@ ERROR_INVALID_SYNTAX
Definition: error.h:68
error_t x509ParseEcParameters(const uint8_t *data, size_t length, X509EcParameters *ecParams)
Parse ECParameters structure.
Mpi g
Generator.
Definition: dh.h:51
error_t pkcs8ImportDsaPrivateKey(const Pkcs8PrivateKeyInfo *privateKeyInfo, DsaPrivateKey *privateKey)
Import an DSA private key.
error_t pkcs8ParseEcPrivateKey(const uint8_t *data, size_t length, X509EcParameters *ecParams, Pkcs8EcPrivateKey *ecPrivateKey)
Parse ECPrivateKey structure.
@ X509_KEY_TYPE_UNKNOWN
Definition: x509_common.h:505
Parsing of ASN.1 encoded keys.
Pkcs8DsaPrivateKey dsaPrivateKey
Diffie-Hellman parameters.
Definition: dh.h:48
#define TRACE_DEBUG_MPI(p, a)
Definition: debug.h:109
void ecFree(EcPoint *r)
Release an elliptic curve point.
Definition: ec.c:170
X509KeyType
Public Key types.
Definition: x509_common.h:503
error_t asn1ReadSequence(const uint8_t *data, size_t length, Asn1Tag *tag)
Read an ASN.1 sequence from the input stream.
Definition: asn1.c:163
error_t pemImportCrl(const char_t *input, size_t inputLen, uint8_t *output, size_t *outputLen, size_t *consumed)
Decode a PEM file containing a certificate revocation list.
Definition: pem_import.c:91
error_t pemImportDhParameters(const char_t *input, size_t length, DhParameters *params)
Decode a PEM file containing Diffie-Hellman parameters.
Definition: pem_import.c:148
X509EcParameters ecParams
X509KeyType x509GetPublicKeyType(const uint8_t *oid, size_t length)
Get the public key type that matches the specified OID.
Definition: x509_common.c:779
error_t pemImportCsr(const char_t *input, size_t inputLen, uint8_t *output, size_t *outputLen)
Decode a PEM file containing a certification signing request.
Definition: pem_import.c:120
void dsaFreePublicKey(DsaPublicKey *key)
Release a DSA public key.
Definition: dsa.c:92
const uint8_t * value
Definition: asn1.h:103
@ NO_ERROR
Success.
Definition: error.h:44
error_t pkcs8ImportRsaPrivateKey(const Pkcs8PrivateKeyInfo *privateKeyInfo, RsaPrivateKey *privateKey)
Import an RSA private key.
error_t pemImportDsaPublicKey(const char_t *input, size_t length, DsaPublicKey *publicKey)
Decode a PEM file containing a DSA public key.
Definition: pem_import.c:506
error_t pkcs8ParseDsaPrivateKey(const uint8_t *data, size_t length, X509DsaParameters *dsaParams, Pkcs8DsaPrivateKey *dsaPrivateKey)
Parse DSAPrivateKey structure.
Debugging facilities.
ASN.1 (Abstract Syntax Notation One)
error_t pemDecodeFile(const char_t *input, size_t inputLen, const char_t *label, uint8_t *output, size_t *outputLen, size_t *consumed)
Convert PEM container to ASN.1 format.
Definition: pem_import.c:1468
void mpiFree(Mpi *r)
Release a multiple precision integer.
Definition: mpi.c:62