e255d6fd00135409315d90ddfe224f1af4c9c8cd
[strongswan.git] / src / libstrongswan / plugins / pem / pem_encoder.c
1 /*
2 * Copyright (C) 2010 Andreas Steffen
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "pem_encoder.h"
17
18 #define BYTES_PER_LINE 48
19
20 /**
21 * See header.
22 */
23 bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
24 va_list args)
25 {
26 chunk_t asn1;
27 char *label;
28 u_char *pos;
29 size_t len, written, pem_chars, pem_lines;
30 chunk_t n, e, d, p, q, exp1, exp2, coeff, to_free = chunk_empty;
31
32 switch (type)
33 {
34 case PUBKEY_PEM:
35 label ="PUBLIC KEY";
36 /* direct PKCS#1 PEM encoding */
37 if (cred_encoding_args(args, CRED_PART_RSA_PUB_ASN1_DER,
38 &asn1, CRED_PART_END) ||
39 cred_encoding_args(args, CRED_PART_ECDSA_PUB_ASN1_DER,
40 &asn1, CRED_PART_END))
41 {
42 break;
43 }
44 /* indirect PEM encoding from components */
45 if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
46 CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
47 {
48 if (lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,
49 NULL, &asn1, CRED_PART_RSA_MODULUS, n,
50 CRED_PART_RSA_PUB_EXP, e, CRED_PART_END))
51 {
52 to_free = asn1;
53 break;
54 }
55 }
56 return FALSE;
57 case PRIVKEY_PEM:
58 label ="RSA PRIVATE KEY";
59 /* direct PKCS#1 PEM encoding */
60 if (cred_encoding_args(args, CRED_PART_RSA_PRIV_ASN1_DER,
61 &asn1, CRED_PART_END))
62 {
63 break;
64 }
65 /* indirect PEM encoding from components */
66 if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
67 CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d,
68 CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q,
69 CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2,
70 CRED_PART_RSA_COEFF, &coeff, CRED_PART_END))
71 {
72 if (lib->encoding->encode(lib->encoding, PRIVKEY_ASN1_DER, NULL,
73 &asn1, CRED_PART_RSA_MODULUS, n,
74 CRED_PART_RSA_PUB_EXP, e, CRED_PART_RSA_PRIV_EXP, d,
75 CRED_PART_RSA_PRIME1, p, CRED_PART_RSA_PRIME2, q,
76 CRED_PART_RSA_EXP1, exp1, CRED_PART_RSA_EXP2, exp2,
77 CRED_PART_RSA_COEFF, coeff, CRED_PART_END))
78 {
79 to_free = asn1;
80 break;
81 }
82 }
83 if (cred_encoding_args(args, CRED_PART_ECDSA_PRIV_ASN1_DER,
84 &asn1, CRED_PART_END))
85 {
86 label ="EC PRIVATE KEY";
87 break;
88 }
89 return FALSE;
90 case CERT_PEM:
91 if (cred_encoding_args(args, CRED_PART_X509_ASN1_DER,
92 &asn1, CRED_PART_END))
93 { /* PEM encode x509 certificate */
94 label = "CERTIFICATE";
95 break;
96 }
97 if (cred_encoding_args(args, CRED_PART_X509_CRL_ASN1_DER,
98 &asn1, CRED_PART_END))
99 { /* PEM encode CRL */
100 label = "X509 CRL";
101 break;
102 }
103 if (cred_encoding_args(args, CRED_PART_PKCS10_ASN1_DER,
104 &asn1, CRED_PART_END))
105 { /* PEM encode PKCS10 certificate reqeuest */
106 label = "CERTIFICATE REQUEST";
107 break;
108 }
109 default:
110 return FALSE;
111 }
112
113 /* compute and allocate maximum size of PEM object */
114 pem_chars = 4*(asn1.len + 2)/3;
115 pem_lines = (asn1.len + BYTES_PER_LINE - 1) / BYTES_PER_LINE;
116 *encoding = chunk_alloc(5 + 2*(6 + strlen(label) + 6) + 3 + pem_chars + pem_lines);
117 pos = encoding->ptr;
118 len = encoding->len;
119
120 /* write PEM header */
121 written = snprintf(pos, len, "-----BEGIN %s-----\n", label);
122 pos += written;
123 len -= written;
124
125 /* write PEM body */
126 while (pem_lines--)
127 {
128 chunk_t asn1_line, pem_line;
129
130 asn1_line = chunk_create(asn1.ptr, min(asn1.len, BYTES_PER_LINE));
131 asn1.ptr += asn1_line.len;
132 asn1.len -= asn1_line.len;
133 pem_line = chunk_to_base64(asn1_line, pos);
134 pos += pem_line.len;
135 len -= pem_line.len;
136 *pos = '\n';
137 pos++;
138 len--;
139 }
140
141 chunk_clear(&to_free);
142
143 /* write PEM trailer */
144 written = snprintf(pos, len, "-----END %s-----", label);
145 pos += written;
146 len -= written;
147
148 /* replace termination null character with newline */
149 *pos = '\n';
150 pos++;
151 len--;
152
153 /* compute effective length of PEM object */
154 encoding->len = pos - encoding->ptr;
155 return TRUE;
156 }
157