compute memory requirement for PEM-encoding correctly
[strongswan.git] / src / libstrongswan / plugins / pem / pem_encoder.c
index 48a2674..9c8237e 100644 (file)
 /**
  * See header.
  */
-bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
+bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
                                                va_list args)
 {
        chunk_t asn1;
        char *label;
        u_char *pos;
        size_t len, written, pem_chars, pem_lines;
+       chunk_t n, e, d, p, q, exp1, exp2, coeff, to_free = chunk_empty;
 
        switch (type)
        {
-               case KEY_PUB_PEM:
-                       if (key_encoding_args(args, KEY_PART_RSA_PUB_ASN1_DER,
-                                                                  &asn1, KEY_PART_END) ||
-                               key_encoding_args(args, KEY_PART_ECDSA_PUB_ASN1_DER,
-                                                                  &asn1, KEY_PART_END))
+               case PUBKEY_PEM:
+                       label ="PUBLIC KEY";
+                       /* direct PKCS#1 PEM encoding */
+                       if (cred_encoding_args(args, CRED_PART_RSA_PUB_ASN1_DER,
+                                                                       &asn1, CRED_PART_END) ||
+                               cred_encoding_args(args, CRED_PART_ECDSA_PUB_ASN1_DER,
+                                                                       &asn1, CRED_PART_END))
                        {
-                               label ="PUBLIC KEY";
                                break;
                        }
+                       /* indirect PEM encoding from components */
+                       if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
+                                                                       CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
+                       {
+                               if (lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,
+                                                                       NULL, &asn1, CRED_PART_RSA_MODULUS, n,
+                                                                       CRED_PART_RSA_PUB_EXP, e, CRED_PART_END))
+                               {
+                                       to_free = asn1;
+                                       break;
+                               }
+                       }
                        return FALSE;
-               case KEY_PRIV_PEM:
-                       if (key_encoding_args(args, KEY_PART_RSA_PRIV_ASN1_DER,
-                                                                  &asn1, KEY_PART_END))
+               case PRIVKEY_PEM:
+                       label ="RSA PRIVATE KEY";
+                       /* direct PKCS#1 PEM encoding */
+                       if (cred_encoding_args(args, CRED_PART_RSA_PRIV_ASN1_DER,
+                                                                       &asn1, CRED_PART_END))
                        {
-                               label ="RSA PRIVATE KEY";
                                break;
                        }
-                       if (key_encoding_args(args, KEY_PART_ECDSA_PRIV_ASN1_DER,
-                                                                  &asn1, KEY_PART_END))
+                       /* indirect PEM encoding from components */
+                       if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
+                                               CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d,
+                                               CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q,
+                                               CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2,
+                                               CRED_PART_RSA_COEFF, &coeff, CRED_PART_END))
+                       {
+                               if (lib->encoding->encode(lib->encoding, PRIVKEY_ASN1_DER, NULL,
+                                               &asn1, CRED_PART_RSA_MODULUS, n,
+                                               CRED_PART_RSA_PUB_EXP, e, CRED_PART_RSA_PRIV_EXP, d,
+                                               CRED_PART_RSA_PRIME1, p, CRED_PART_RSA_PRIME2, q,
+                                               CRED_PART_RSA_EXP1, exp1, CRED_PART_RSA_EXP2, exp2,
+                                               CRED_PART_RSA_COEFF, coeff, CRED_PART_END))
+                               {
+                                       to_free = asn1;
+                                       break;
+                               }
+                       }
+                       if (cred_encoding_args(args, CRED_PART_ECDSA_PRIV_ASN1_DER,
+                                                                  &asn1, CRED_PART_END))
                        {
                                label ="EC PRIVATE KEY";
                                break;
                        }
                        return FALSE;
+               case CERT_PEM:
+                       if (cred_encoding_args(args, CRED_PART_X509_ASN1_DER,
+                                                                  &asn1, CRED_PART_END))
+                       {       /* PEM encode x509 certificate */
+                               label = "CERTIFICATE";
+                               break;
+                       }
+                       if (cred_encoding_args(args, CRED_PART_X509_CRL_ASN1_DER,
+                                                                  &asn1, CRED_PART_END))
+                       {       /* PEM encode CRL */
+                               label = "X509 CRL";
+                               break;
+                       }
+                       if (cred_encoding_args(args, CRED_PART_PKCS10_ASN1_DER,
+                                                                  &asn1, CRED_PART_END))
+                       {       /* PEM encode PKCS10 certificate reqeuest */
+                               label = "CERTIFICATE REQUEST";
+                               break;
+                       }
                default:
                        return FALSE;
        }
 
        /* compute and allocate maximum size of PEM object */
-       pem_chars = 4*(asn1.len + 2)/3;
+       pem_chars = 4 * ((asn1.len + 2) / 3);
        pem_lines = (asn1.len + BYTES_PER_LINE - 1) / BYTES_PER_LINE;
        *encoding = chunk_alloc(5 + 2*(6 + strlen(label) + 6) + 3 + pem_chars + pem_lines);
        pos = encoding->ptr;
@@ -86,6 +138,8 @@ bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
                len--;
        }
 
+       chunk_clear(&to_free);
+
        /* write PEM trailer */
        written = snprintf(pos, len, "-----END %s-----", label);
        pos += written;