x509write_csr.c File Reference

#include "polarssl/config.h"
#include "polarssl/x509_csr.h"
#include "polarssl/oid.h"
#include "polarssl/asn1write.h"
#include "polarssl/pem.h"
#include <string.h>
#include <stdlib.h>
Include dependency graph for x509write_csr.c:

Go to the source code of this file.

Defines

#define PEM_BEGIN_CSR   "-----BEGIN CERTIFICATE REQUEST-----\n"
#define PEM_END_CSR   "-----END CERTIFICATE REQUEST-----\n"

Functions

void x509write_csr_init (x509write_csr *ctx)
 Initialize a CSR context.
void x509write_csr_free (x509write_csr *ctx)
 Free the contents of a CSR context.
void x509write_csr_set_md_alg (x509write_csr *ctx, md_type_t md_alg)
 Set the MD algorithm to use for the signature (e.g.
void x509write_csr_set_key (x509write_csr *ctx, pk_context *key)
 Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it).
int x509write_csr_set_subject_name (x509write_csr *ctx, const char *subject_name)
 Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g.
int x509write_csr_set_extension (x509write_csr *ctx, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len)
 Generic function to add to or replace an extension in the CSR.
int x509write_csr_set_key_usage (x509write_csr *ctx, unsigned char key_usage)
 Set the Key Usage Extension flags (e.g.
int x509write_csr_set_ns_cert_type (x509write_csr *ctx, unsigned char ns_cert_type)
 Set the Netscape Cert Type flags (e.g.
int x509write_csr_der (x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.
int x509write_csr_pem (x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
 Write a CSR (Certificate Signing Request) to a PEM string.

Define Documentation

#define PEM_BEGIN_CSR   "-----BEGIN CERTIFICATE REQUEST-----\n"

Definition at line 216 of file x509write_csr.c.

Referenced by x509write_csr_pem().

#define PEM_END_CSR   "-----END CERTIFICATE REQUEST-----\n"

Definition at line 217 of file x509write_csr.c.

Referenced by x509write_csr_pem().


Function Documentation

int x509write_csr_der ( x509write_csr ctx,
unsigned char *  buf,
size_t  size,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Write a CSR (Certificate Signing Request) to a DER structure Note: data is written at the end of the buffer! Use the return value to determine where you should start using the buffer.

Parameters:
ctx CSR to write away
buf buffer to write to
size size of the buffer
f_rng RNG function (for signature, see note)
p_rng RNG parameter
Returns:
length of data written if successful, or a specific error code
Note:
f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for countermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.

Definition at line 124 of file x509write_csr.c.

References ASN1_CHK_ADD, ASN1_CONSTRUCTED, ASN1_CONTEXT_SPECIFIC, ASN1_SEQUENCE, ASN1_SET, asn1_write_int(), asn1_write_len(), asn1_write_oid(), asn1_write_tag(), _x509write_csr::extensions, _x509write_csr::key, md(), _x509write_csr::md_alg, md_info_from_type(), oid_get_oid_by_sig_alg(), OID_PKCS9_CSR_EXT_REQ, OID_SIZE, pk_get_type(), pk_sign(), pk_write_pubkey_der(), POLARSSL_MPI_MAX_SIZE, POLARSSL_PK_ECDSA, POLARSSL_PK_ECKEY, _x509write_csr::subject, x509_write_extensions(), x509_write_names(), and x509_write_sig().

Referenced by x509write_csr_pem().

void x509write_csr_free ( x509write_csr ctx  ) 

Free the contents of a CSR context.

Parameters:
ctx CSR context to free

Definition at line 51 of file x509write_csr.c.

References asn1_free_named_data_list(), _x509write_csr::extensions, and _x509write_csr::subject.

Referenced by test_suite_x509_csr_check().

void x509write_csr_init ( x509write_csr ctx  ) 

Initialize a CSR context.

Parameters:
ctx CSR context to initialize

Definition at line 46 of file x509write_csr.c.

Referenced by test_suite_x509_csr_check().

int x509write_csr_pem ( x509write_csr ctx,
unsigned char *  buf,
size_t  size,
int(*)(void *, unsigned char *, size_t)  f_rng,
void *  p_rng 
)

Write a CSR (Certificate Signing Request) to a PEM string.

Parameters:
ctx CSR to write away
buf buffer to write to
size size of the buffer
f_rng RNG function (for signature, see note)
p_rng RNG parameter
Returns:
0 successful, or a specific error code
Note:
f_rng may be NULL if RSA is used for signature and the signature is made offline (otherwise f_rng is desirable for couermeasures against timing attacks). ECDSA signatures always require a non-NULL f_rng.

Definition at line 220 of file x509write_csr.c.

References PEM_BEGIN_CSR, PEM_END_CSR, pem_write_buffer(), and x509write_csr_der().

Referenced by test_suite_x509_csr_check().

int x509write_csr_set_extension ( x509write_csr ctx,
const char *  oid,
size_t  oid_len,
const unsigned char *  val,
size_t  val_len 
)

Generic function to add to or replace an extension in the CSR.

Parameters:
ctx CSR context to use
oid OID of the extension
oid_len length of the OID
val value of the extension OCTET STRING
val_len length of the value data
Returns:
0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED

Definition at line 75 of file x509write_csr.c.

References _x509write_csr::extensions, and x509_set_extension().

Referenced by x509write_csr_set_key_usage(), and x509write_csr_set_ns_cert_type().

void x509write_csr_set_key ( x509write_csr ctx,
pk_context key 
)

Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it).

Parameters:
ctx CSR context to use
key Asymetric key to include

Definition at line 64 of file x509write_csr.c.

References _x509write_csr::key.

Referenced by test_suite_x509_csr_check().

int x509write_csr_set_key_usage ( x509write_csr ctx,
unsigned char  key_usage 
)

Set the Key Usage Extension flags (e.g.

KU_DIGITAL_SIGNATURE | KU_KEY_CERT_SIGN)

Parameters:
ctx CSR context to use
key_usage key usage flags to set
Returns:
0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED

Definition at line 83 of file x509write_csr.c.

References asn1_write_bitstring(), OID_KEY_USAGE, OID_SIZE, and x509write_csr_set_extension().

void x509write_csr_set_md_alg ( x509write_csr ctx,
md_type_t  md_alg 
)

Set the MD algorithm to use for the signature (e.g.

POLARSSL_MD_SHA1)

Parameters:
ctx CSR context to use
md_alg MD algorithm to use

Definition at line 59 of file x509write_csr.c.

References _x509write_csr::md_alg.

Referenced by test_suite_x509_csr_check().

int x509write_csr_set_ns_cert_type ( x509write_csr ctx,
unsigned char  ns_cert_type 
)

Set the Netscape Cert Type flags (e.g.

NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_EMAIL)

Parameters:
ctx CSR context to use
ns_cert_type Netscape Cert Type flags to set
Returns:
0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED

Definition at line 103 of file x509write_csr.c.

References asn1_write_bitstring(), OID_NS_CERT_TYPE, OID_SIZE, and x509write_csr_set_extension().

int x509write_csr_set_subject_name ( x509write_csr ctx,
const char *  subject_name 
)

Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and values: e.g.

"C=NL,O=Offspark,CN=PolarSSL Server 1"

Parameters:
ctx CSR context to use
subject_name subject name to set
Returns:
0 if subject name was parsed successfully, or a specific error code

Definition at line 69 of file x509write_csr.c.

References _x509write_csr::subject, and x509_string_to_names().

Referenced by test_suite_x509_csr_check().


Generated on 9 Apr 2014 for PolarSSL v1.3.2 by  doxygen 1.6.1