Convert x509write_crt interface to PK
diff --git a/include/polarssl/x509write.h b/include/polarssl/x509write.h
index a063695..40db9e7 100644
--- a/include/polarssl/x509write.h
+++ b/include/polarssl/x509write.h
@@ -259,17 +259,17 @@
* \brief Set the subject public key for the certificate
*
* \param ctx CRT context to use
- * \param rsa RSA public key to include
+ * \param key public key to include
*/
-void x509write_crt_set_subject_key( x509write_cert *ctx, rsa_context *rsa );
+void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key );
/**
* \brief Set the issuer key used for signing the certificate
*
* \param ctx CRT context to use
- * \param rsa RSA key to sign with
+ * \param key private key to sign with
*/
-void x509write_crt_set_issuer_key( x509write_cert *ctx, rsa_context *rsa );
+void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key );
/**
* \brief Set the MD algorithm to use for the signature
diff --git a/library/x509write.c b/library/x509write.c
index d55e241..d8000f0 100644
--- a/library/x509write.c
+++ b/library/x509write.c
@@ -312,14 +312,14 @@
ctx->md_alg = md_alg;
}
-void x509write_crt_set_subject_key( x509write_cert *ctx, rsa_context *rsa )
+void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key )
{
- ctx->subject_key = rsa;
+ ctx->subject_key = pk_rsa( *key );
}
-void x509write_crt_set_issuer_key( x509write_cert *ctx, rsa_context *rsa )
+void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key )
{
- ctx->issuer_key = rsa;
+ ctx->issuer_key = pk_rsa( *key );
}
int x509write_crt_set_subject_name( x509write_cert *ctx, char *subject_name )
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index f0939c8..8943493 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -172,9 +172,9 @@
{
int ret = 0;
x509_cert issuer_crt;
- rsa_context loaded_issuer_rsa, loaded_subject_rsa;
- rsa_context *issuer_rsa = &loaded_issuer_rsa,
- *subject_rsa = &loaded_subject_rsa;
+ pk_context loaded_issuer_key, loaded_subject_key;
+ pk_context *issuer_key = &loaded_issuer_key,
+ *subject_key = &loaded_subject_key;
char buf[1024];
char issuer_name[128];
char subject_name[128];
@@ -189,8 +189,8 @@
*/
x509write_crt_init( &crt );
x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA1 );
- rsa_init( &loaded_issuer_rsa, RSA_PKCS_V15, 0 );
- rsa_init( &loaded_subject_rsa, RSA_PKCS_V15, 0 );
+ pk_init( &loaded_issuer_key );
+ pk_init( &loaded_subject_key );
mpi_init( &serial );
memset( &csr, 0, sizeof(x509_csr) );
memset( &issuer_crt, 0, sizeof(x509_cert) );
@@ -417,7 +417,7 @@
}
opt.subject_name = subject_name;
- subject_rsa = pk_rsa( csr.pk );
+ subject_key = &csr.pk;
printf( " ok\n" );
}
@@ -430,12 +430,12 @@
printf( " . Loading the subject key ..." );
fflush( stdout );
- ret = x509parse_keyfile_rsa( &loaded_subject_rsa, opt.subject_key,
- opt.subject_pwd );
+ ret = x509parse_keyfile( &loaded_subject_key, opt.subject_key,
+ opt.subject_pwd );
if( ret != 0 )
{
error_strerror( ret, buf, 1024 );
- printf( " failed\n ! x509parse_keyfile_rsa returned -0x%02x - %s\n\n", -ret, buf );
+ printf( " failed\n ! x509parse_keyfile returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
@@ -445,12 +445,12 @@
printf( " . Loading the issuer key ..." );
fflush( stdout );
- ret = x509parse_keyfile_rsa( &loaded_issuer_rsa, opt.issuer_key,
+ ret = x509parse_keyfile( &loaded_issuer_key, opt.issuer_key,
opt.issuer_pwd );
if( ret != 0 )
{
error_strerror( ret, buf, 1024 );
- printf( " failed\n ! x509parse_keyfile_rsa returned -x%02x - %s\n\n", -ret, buf );
+ printf( " failed\n ! x509parse_keyfile returned -x%02x - %s\n\n", -ret, buf );
goto exit;
}
@@ -459,8 +459,10 @@
if( strlen( opt.issuer_crt ) )
{
if( !pk_can_do( &issuer_crt.pk, POLARSSL_PK_RSA ) ||
- mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->N, &issuer_rsa->N ) != 0 ||
- mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->E, &issuer_rsa->E ) != 0 )
+ mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->N,
+ &pk_rsa( *issuer_key )->N ) != 0 ||
+ mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->E,
+ &pk_rsa( *issuer_key )->E ) != 0 )
{
printf( " failed\n ! issuer_key does not match issuer certificate\n\n" );
ret = -1;
@@ -473,11 +475,11 @@
if( opt.selfsign )
{
opt.issuer_name = opt.subject_name;
- subject_rsa = issuer_rsa;
+ subject_key = issuer_key;
}
- x509write_crt_set_subject_key( &crt, subject_rsa );
- x509write_crt_set_issuer_key( &crt, issuer_rsa );
+ x509write_crt_set_subject_key( &crt, subject_key );
+ x509write_crt_set_issuer_key( &crt, issuer_key );
/*
* 1.0. Check the names for validity
@@ -606,8 +608,8 @@
exit:
x509write_crt_free( &crt );
- rsa_free( &loaded_subject_rsa );
- rsa_free( &loaded_issuer_rsa );
+ pk_free( &loaded_subject_key );
+ pk_free( &loaded_issuer_key );
mpi_free( &serial );
#if defined(_WIN32)
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index c2d4e4e..f916b1c 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -66,7 +66,7 @@
char *serial_str, char *not_before, char *not_after,
int md_type, char *cert_check_file )
{
- rsa_context subject_rsa, issuer_rsa;
+ pk_context subject_key, issuer_key;
pem_context pem;
x509write_cert crt;
unsigned char *c;
@@ -78,12 +78,12 @@
FILE *f;
mpi_init( &serial );
- rsa_init( &subject_rsa, RSA_PKCS_V15, 0 );
- rsa_init( &issuer_rsa, RSA_PKCS_V15, 0 );
+ pk_init( &subject_key );
+ pk_init( &issuer_key );
- TEST_ASSERT( x509parse_keyfile_rsa( &subject_rsa, subject_key_file,
+ TEST_ASSERT( x509parse_keyfile( &subject_key, subject_key_file,
subject_pwd ) == 0 );
- TEST_ASSERT( x509parse_keyfile_rsa( &issuer_rsa, issuer_key_file,
+ TEST_ASSERT( x509parse_keyfile( &issuer_key, issuer_key_file,
issuer_pwd ) == 0 );
TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );
@@ -94,8 +94,8 @@
x509write_crt_set_md_alg( &crt, md_type );
TEST_ASSERT( x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
TEST_ASSERT( x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
- x509write_crt_set_subject_key( &crt, &subject_rsa );
- x509write_crt_set_issuer_key( &crt, &issuer_rsa );
+ x509write_crt_set_subject_key( &crt, &subject_key );
+ x509write_crt_set_issuer_key( &crt, &issuer_key );
TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
@@ -118,8 +118,8 @@
TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 );
x509write_crt_free( &crt );
- rsa_free( &issuer_rsa );
- rsa_free( &subject_rsa );
+ pk_free( &issuer_key );
+ pk_free( &subject_key );
pem_free( &pem );
mpi_free( &serial );
}