compute memory requirement for PEM-encoding correctly
[strongswan.git] / src / libstrongswan / plugins / pem / pem_encoder.c
index 65073f5..9c8237e 100644 (file)
 /**
  * See header.
  */
-bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
+bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
                                                va_list args)
 {
        chunk_t asn1;
        char *label;
        u_char *pos;
        size_t len, written, pem_chars, pem_lines;
+       chunk_t n, e, d, p, q, exp1, exp2, coeff, to_free = chunk_empty;
 
        switch (type)
        {
-               case KEY_PUB_PEM:
-                       if (!key_encoding_args(args, KEY_PART_RSA_PUB_ASN1_DER,
-                                                                  &asn1, KEY_PART_END))
+               case PUBKEY_PEM:
+                       label ="PUBLIC KEY";
+                       /* direct PKCS#1 PEM encoding */
+                       if (cred_encoding_args(args, CRED_PART_RSA_PUB_ASN1_DER,
+                                                                       &asn1, CRED_PART_END) ||
+                               cred_encoding_args(args, CRED_PART_ECDSA_PUB_ASN1_DER,
+                                                                       &asn1, CRED_PART_END))
                        {
-                               return FALSE;
+                               break;
                        }
-                       label ="PUBLIC KEY";
-                       break;
-               case KEY_PRIV_PEM:
-                       if (!key_encoding_args(args, KEY_PART_RSA_PRIV_ASN1_DER,
-                                                                  &asn1, KEY_PART_END))
+                       /* indirect PEM encoding from components */
+                       if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
+                                                                       CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
                        {
-                               return FALSE;
+                               if (lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,
+                                                                       NULL, &asn1, CRED_PART_RSA_MODULUS, n,
+                                                                       CRED_PART_RSA_PUB_EXP, e, CRED_PART_END))
+                               {
+                                       to_free = asn1;
+                                       break;
+                               }
                        }
+                       return FALSE;
+               case PRIVKEY_PEM:
                        label ="RSA PRIVATE KEY";
-                       break;
+                       /* direct PKCS#1 PEM encoding */
+                       if (cred_encoding_args(args, CRED_PART_RSA_PRIV_ASN1_DER,
+                                                                       &asn1, CRED_PART_END))
+                       {
+                               break;
+                       }
+                       /* indirect PEM encoding from components */
+                       if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
+                                               CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d,
+                                               CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q,
+                                               CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2,
+                                               CRED_PART_RSA_COEFF, &coeff, CRED_PART_END))
+                       {
+                               if (lib->encoding->encode(lib->encoding, PRIVKEY_ASN1_DER, NULL,
+                                               &asn1, CRED_PART_RSA_MODULUS, n,
+                                               CRED_PART_RSA_PUB_EXP, e, CRED_PART_RSA_PRIV_EXP, d,
+                                               CRED_PART_RSA_PRIME1, p, CRED_PART_RSA_PRIME2, q,
+                                               CRED_PART_RSA_EXP1, exp1, CRED_PART_RSA_EXP2, exp2,
+                                               CRED_PART_RSA_COEFF, coeff, CRED_PART_END))
+                               {
+                                       to_free = asn1;
+                                       break;
+                               }
+                       }
+                       if (cred_encoding_args(args, CRED_PART_ECDSA_PRIV_ASN1_DER,
+                                                                  &asn1, CRED_PART_END))
+                       {
+                               label ="EC PRIVATE KEY";
+                               break;
+                       }
+                       return FALSE;
+               case CERT_PEM:
+                       if (cred_encoding_args(args, CRED_PART_X509_ASN1_DER,
+                                                                  &asn1, CRED_PART_END))
+                       {       /* PEM encode x509 certificate */
+                               label = "CERTIFICATE";
+                               break;
+                       }
+                       if (cred_encoding_args(args, CRED_PART_X509_CRL_ASN1_DER,
+                                                                  &asn1, CRED_PART_END))
+                       {       /* PEM encode CRL */
+                               label = "X509 CRL";
+                               break;
+                       }
+                       if (cred_encoding_args(args, CRED_PART_PKCS10_ASN1_DER,
+                                                                  &asn1, CRED_PART_END))
+                       {       /* PEM encode PKCS10 certificate reqeuest */
+                               label = "CERTIFICATE REQUEST";
+                               break;
+                       }
                default:
                        return FALSE;
        }
 
        /* compute and allocate maximum size of PEM object */
-       pem_chars = 4*(asn1.len + 2)/3;
-       pem_lines = (asn1.len + BYTES_PER_LINE - 1) / BYTES_PER_LINE; 
+       pem_chars = 4 * ((asn1.len + 2) / 3);
+       pem_lines = (asn1.len + BYTES_PER_LINE - 1) / BYTES_PER_LINE;
        *encoding = chunk_alloc(5 + 2*(6 + strlen(label) + 6) + 3 + pem_chars + pem_lines);
        pos = encoding->ptr;
        len = encoding->len;
@@ -60,7 +120,7 @@ bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
        /* write PEM header */
        written = snprintf(pos, len, "-----BEGIN %s-----\n", label);
        pos += written;
-       len -= written; 
+       len -= written;
 
        /* write PEM body */
        while (pem_lines--)
@@ -78,13 +138,15 @@ bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
                len--;
        }
 
+       chunk_clear(&to_free);
+
        /* write PEM trailer */
        written = snprintf(pos, len, "-----END %s-----", label);
        pos += written;
-       len -= written; 
+       len -= written;
 
        /* replace termination null character with newline */
-    *pos = '\n';
+       *pos = '\n';
        pos++;
        len--;