@ -30,9 +30,20 @@
# include <fcntl.h>
# include <stdbool.h>
# ifdef MBEDTLS
# include <mbedtls/bignum.h>
# include <mbedtls/x509_crt.h>
# include <mbedtls/rsa.h>
# include <mbedtls/pk.h>
# define lib_wrapper(x) mbedtls_##x
# define MD_SHA256 MBEDTLS_MD_SHA256
# else
# include <polarssl/bignum.h>
# include <polarssl/x509_crt.h>
# include <polarssl/rsa.h>
# define lib_wrapper(x) x
# define MD_SHA256 POLARSSL_MD_SHA256
# endif
# define PX5G_VERSION "0.2"
# define PX5G_COPY "Copyright (c) 2009 Steven Barth <steven@midlink.org>"
@ -72,15 +83,15 @@ static void write_file(const char *path, int len, bool pem)
fclose ( f ) ;
}
static void write_key ( pk_context * key , const char * path , bool pem )
static void write_key ( lib_wrapper ( pk_context ) * key , const char * path , bool pem )
{
int len = 0 ;
if ( pem ) {
if ( pk_write_key_pem ( key , ( void * ) buf , sizeof ( buf ) ) = = 0 )
if ( lib_wrapper ( pk_write_key_pem ( key , ( void * ) buf , sizeof ( buf ) ) = = 0 ) )
len = strlen ( buf ) ;
} else {
len = pk_write_key_der ( key , ( void * ) buf , sizeof ( buf ) ) ;
len = lib_wrapper ( pk_write_key_der ( key , ( void * ) buf , sizeof ( buf ) ) ) ;
if ( len < 0 )
len = 0 ;
}
@ -88,12 +99,17 @@ static void write_key(pk_context *key, const char *path, bool pem)
write_file ( path , len , pem ) ;
}
static void gen_key ( pk_context * key , int ksize , int exp , bool pem )
static void gen_key ( lib_wrapper ( pk_context ) * key , int ksize , int exp , bool pem )
{
pk_init ( key ) ;
pk_init_ctx ( key , pk_info_from_type ( POLARSSL_PK_RSA ) ) ;
lib_wrapper ( pk_init ( key ) ) ;
fprintf ( stderr , " Generating RSA private key, %i bit long modulus \n " , ksize ) ;
# ifdef MBEDTLS
mbedtls_pk_setup ( key , mbedtls_pk_info_from_type ( MBEDTLS_PK_RSA ) ) ;
if ( mbedtls_rsa_gen_key ( mbedtls_pk_rsa ( * key ) , _urandom , NULL , ksize , exp ) ) {
# else
pk_init_ctx ( key , lib_wrapper ( pk_info_from_type ( POLARSSL_PK_RSA ) ) ) ;
if ( rsa_gen_key ( pk_rsa ( * key ) , _urandom , NULL , ksize , exp ) ) {
# endif
fprintf ( stderr , " error: key generation failed \n " ) ;
exit ( 1 ) ;
}
@ -101,7 +117,7 @@ static void gen_key(pk_context *key, int ksize, int exp, bool pem)
int rsakey ( char * * arg )
{
pk_context key ;
lib_wrapper ( pk_context ) key ;
unsigned int ksize = 512 ;
int exp = 65537 ;
char * path = NULL ;
@ -125,16 +141,16 @@ int rsakey(char **arg)
gen_key ( & key , ksize , exp , pem ) ;
write_key ( & key , path , pem ) ;
pk_free ( & key ) ;
lib_wrapper ( pk_free ( & key ) ) ;
return 0 ;
}
int selfsigned ( char * * arg )
{
pk_context key ;
x509write_cert cert ;
mpi serial ;
lib_wrapper ( pk_context ) key ;
lib_wrapper ( x509write_cert ) cert ;
lib_wrapper ( mpi ) serial ;
char * subject = " " ;
unsigned int ksize = 512 ;
@ -211,34 +227,34 @@ int selfsigned(char **arg)
fprintf ( stderr , " Generating selfsigned certificate with subject '%s' "
" and validity %s-%s \n " , subject , fstr , tstr ) ;
x509write_crt_init ( & cert ) ;
x509write_crt_set_md_alg ( & cert , POLARSSL_ MD_SHA256) ;
x509write_crt_set_issuer_key ( & cert , & key ) ;
x509write_crt_set_subject_key ( & cert , & key ) ;
x509write_crt_set_subject_name ( & cert , subject ) ;
x509write_crt_set_issuer_name ( & cert , subject ) ;
x509write_crt_set_validity ( & cert , fstr , tstr ) ;
x509write_crt_set_basic_constraints ( & cert , 0 , - 1 ) ;
x509write_crt_set_subject_key_identifier ( & cert ) ;
x509write_crt_set_authority_key_identifier ( & cert ) ;
lib_wrapper ( x509write_crt_init ( & cert ) ) ;
lib_wrapper ( x509write_crt_set_md_alg ( & cert , MD_SHA256 ) ) ;
lib_wrapper ( x509write_crt_set_issuer_key ( & cert , & key ) ) ;
lib_wrapper ( x509write_crt_set_subject_key ( & cert , & key ) ) ;
lib_wrapper ( x509write_crt_set_subject_name ( & cert , subject ) ) ;
lib_wrapper ( x509write_crt_set_issuer_name ( & cert , subject ) ) ;
lib_wrapper ( x509write_crt_set_validity ( & cert , fstr , tstr ) ) ;
lib_wrapper ( x509write_crt_set_basic_constraints ( & cert , 0 , - 1 ) ) ;
lib_wrapper ( x509write_crt_set_subject_key_identifier ( & cert ) ) ;
lib_wrapper ( x509write_crt_set_authority_key_identifier ( & cert ) ) ;
_urandom ( NULL , buf , 8 ) ;
for ( len = 0 ; len < 8 ; len + + )
sprintf ( sstr + len * 2 , " %02x " , ( unsigned char ) buf [ len ] ) ;
mpi_init ( & serial ) ;
mpi_read_string ( & serial , 16 , sstr ) ;
x509write_crt_set_serial ( & cert , & serial ) ;
lib_wrapper ( mpi_init ( & serial ) ) ;
lib_wrapper ( mpi_read_string ( & serial , 16 , sstr ) ) ;
lib_wrapper ( x509write_crt_set_serial ( & cert , & serial ) ) ;
if ( pem ) {
if ( x509write_crt_pem ( & cert , ( void * ) buf , sizeof ( buf ) , _urandom , NULL ) < 0 ) {
if ( lib_wrapper ( x509write_crt_pem ( & cert , ( void * ) buf , sizeof ( buf ) , _urandom , NULL ) < 0 ) ) {
fprintf ( stderr , " Failed to generate certificate \n " ) ;
return 1 ;
}
len = strlen ( buf ) ;
} else {
len = x509write_crt_der ( & cert , ( void * ) buf , sizeof ( buf ) , _urandom , NULL ) ;
len = lib_wrapper ( x509write_crt_der ( & cert , ( void * ) buf , sizeof ( buf ) , _urandom , NULL ) ) ;
if ( len < 0 ) {
fprintf ( stderr , " Failed to generate certificate: %d \n " , len ) ;
return 1 ;
@ -246,9 +262,9 @@ int selfsigned(char **arg)
}
write_file ( certpath , len , pem ) ;
x509write_crt_free ( & cert ) ;
mpi_free ( & serial ) ;
pk_free ( & key ) ;
lib_wrapper ( x509write_crt_free ( & cert ) ) ;
lib_wrapper ( mpi_free ( & serial ) ) ;
lib_wrapper ( pk_free ( & key ) ) ;
return 0 ;
}