pem_export.c
Go to the documentation of this file.
1 /**
2  * @file pem_export.c
3  * @brief PEM file export functions
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2025 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.5.2
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "pkix/pem_export.h"
37 #include "encoding/asn1.h"
38 #include "debug.h"
39 
40 //Check crypto library configuration
41 #if (PEM_SUPPORT == ENABLED)
42 
43 
44 /**
45  * @brief Export an X.509 certificate to PEM format
46  * @param[in] cert Pointer to the DER-encoded certificate
47  * @param[in] certLen Length of the DER-encoded certificate, in bytes
48  * @param[out] output Buffer where to store the PEM string (optional parameter)
49  * @param[out] written Length of the resulting PEM string
50  * @return Error code
51  **/
52 
53 error_t pemExportCertificate(const uint8_t *cert, size_t certLen,
54  char_t *output, size_t *written)
55 {
56  error_t error;
57  size_t n;
58 
59  //Check parameters
60  if(cert == NULL || written == NULL)
61  return ERROR_INVALID_PARAMETER;
62 
63  //X.509 certificates are encoded using the "CERTIFICATE" label
64  error = pemEncodeFile(cert, certLen, "CERTIFICATE", output, &n);
65  //Any error to report?
66  if(error)
67  return error;
68 
69  //Total number of bytes that have been written
70  *written = n;
71 
72  //Successful processing
73  return NO_ERROR;
74 }
75 
76 
77 /**
78  * @brief Export a certificate revocation list to PEM format
79  * @param[in] crl Pointer to the DER-encoded CRL
80  * @param[in] crlLen Length of the DER-encoded CRL, in bytes
81  * @param[out] output Buffer where to store the PEM string (optional parameter)
82  * @param[out] written Length of the resulting PEM string
83  * @return Error code
84  **/
85 
86 error_t pemExportCrl(const uint8_t *crl, size_t crlLen,
87  char_t *output, size_t *written)
88 {
89  error_t error;
90  size_t n;
91 
92  //Check parameters
93  if(crl == NULL || written == NULL)
94  return ERROR_INVALID_PARAMETER;
95 
96  //CRLs are encoded using the "X509 CRL" label
97  error = pemEncodeFile(crl, crlLen, "X509 CRL", output, &n);
98  //Any error to report?
99  if(error)
100  return error;
101 
102  //Total number of bytes that have been written
103  *written = n;
104 
105  //Successful processing
106  return NO_ERROR;
107 }
108 
109 
110 /**
111  * @brief Export a certification signing request to PEM format
112  * @param[in] csr Pointer to the DER-encoded CSR
113  * @param[in] csrLen Length of the DER-encoded CSR, in bytes
114  * @param[out] output Buffer where to store the PEM string (optional parameter)
115  * @param[out] written Length of the resulting PEM string
116  * @return Error code
117  **/
118 
119 error_t pemExportCsr(const uint8_t *csr, size_t csrLen,
120  char_t *output, size_t *written)
121 {
122  error_t error;
123  size_t n;
124 
125  //Check parameters
126  if(csr == NULL || written == NULL)
127  return ERROR_INVALID_PARAMETER;
128 
129  //CSRs are encoded using the "CERTIFICATE REQUEST" label
130  error = pemEncodeFile(csr, csrLen, "CERTIFICATE REQUEST", output, &n);
131  //Any error to report?
132  if(error)
133  return error;
134 
135  //Total number of bytes that have been written
136  *written = n;
137 
138  //Successful processing
139  return NO_ERROR;
140 }
141 
142 
143 /**
144  * @brief Export EC domain parameters to PEM format
145  * @param[in] curve Elliptic curve parameters
146  * @param[out] output Buffer where to store the PEM string (optional parameter)
147  * @param[out] written Length of the resulting PEM string
148  * @return Error code
149  **/
150 
151 error_t pemExportEcParameters(const EcCurve *curve, char_t *output,
152  size_t *written)
153 {
154 #if (EC_SUPPORT == ENABLED)
155  error_t error;
156  size_t n;
157  Asn1Tag tag;
158 
159  //Check parameters
160  if(curve == NULL || written == NULL)
161  return ERROR_INVALID_PARAMETER;
162 
163  //Format ECParameters field
164  tag.constructed = FALSE;
165  tag.objClass = ASN1_CLASS_UNIVERSAL;
166  tag.objType = ASN1_TYPE_OBJECT_IDENTIFIER;
167  tag.length = curve->oidSize;
168  tag.value = curve->oid;
169 
170  //Write the corresponding ASN.1 tag
171  error = asn1WriteTag(&tag, FALSE, (uint8_t *) output, &n);
172  //Any error to report?
173  if(error)
174  return error;
175 
176  //EC domain parameters are encoded using the "EC PARAMETERS" label
177  error = pemEncodeFile(output, n, "EC PARAMETERS", output, &n);
178  //Any error to report?
179  if(error)
180  return error;
181 
182  //Total number of bytes that have been written
183  *written = n;
184 
185  //Successful processing
186  return NO_ERROR;
187 #else
188  //Not implemented
189  return ERROR_NOT_IMPLEMENTED;
190 #endif
191 }
192 
193 #endif
ERROR_NOT_IMPLEMENTED
@ ERROR_NOT_IMPLEMENTED
Definition: error.h:66
pemExportCrl
error_t pemExportCrl(const uint8_t *crl, size_t crlLen, char_t *output, size_t *written)
Export a certificate revocation list to PEM format.
Definition: pem_export.c:86
Asn1Tag::length
size_t length
Definition: asn1.h:109
FALSE
#define FALSE
Definition: os_port.h:46
ERROR_INVALID_PARAMETER
@ ERROR_INVALID_PARAMETER
Invalid parameter.
Definition: error.h:47
error_t
error_t
Error codes.
Definition: error.h:43
ASN1_CLASS_UNIVERSAL
#define ASN1_CLASS_UNIVERSAL
Definition: asn1.h:52
Asn1Tag
ASN.1 tag.
Definition: asn1.h:105
pemEncodeFile
error_t pemEncodeFile(const void *input, size_t inputLen, const char_t *label, char_t *output, size_t *outputLen)
Convert ASN.1 data to PEM encoding.
Definition: pem_common.c:122
pemExportCsr
error_t pemExportCsr(const uint8_t *csr, size_t csrLen, char_t *output, size_t *written)
Export a certification signing request to PEM format.
Definition: pem_export.c:119
crypto.h
General definitions for cryptographic algorithms.
asn1WriteTag
error_t asn1WriteTag(Asn1Tag *tag, bool_t reverse, uint8_t *data, size_t *written)
Write an ASN.1 tag.
Definition: asn1.c:334
Asn1Tag::objClass
uint_t objClass
Definition: asn1.h:107
pem_export.h
PEM file export functions.
pemExportEcParameters
error_t pemExportEcParameters(const EcCurve *curve, char_t *output, size_t *written)
Export EC domain parameters to PEM format.
Definition: pem_export.c:151
char_t
char char_t
Definition: compiler_port.h:55
n
uint8_t n
Definition: dhcpv6_common.h:416
pemExportCertificate
error_t pemExportCertificate(const uint8_t *cert, size_t certLen, char_t *output, size_t *written)
Export an X.509 certificate to PEM format.
Definition: pem_export.c:53
Asn1Tag::constructed
bool_t constructed
Definition: asn1.h:106
ASN1_TYPE_OBJECT_IDENTIFIER
@ ASN1_TYPE_OBJECT_IDENTIFIER
Definition: asn1.h:77
EcCurve
#define EcCurve
Definition: ec.h:346
Asn1Tag::value
const uint8_t * value
Definition: asn1.h:110
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
debug.h
Debugging facilities.
Asn1Tag::objType
uint_t objType
Definition: asn1.h:108
asn1.h
ASN.1 (Abstract Syntax Notation One)