Move PEM conversion of DER data to x509write module

include/polarssl/x509write.h

@@ -215,6 +215,20 @@ int x509write_key_der( rsa_context *rsa, unsigned char *buf, size_t size );
  */
 int x509write_csr_der( x509_csr *ctx, unsigned char *buf, size_t size );
 
+#if defined(POLARSSL_BASE64_C)
+/**
+ * \brief           Write a CSR (Certificate Signing Request) to a
+ *                  PEM string
+ *
+ * \param rsa       CSR to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ *
+ * \return          0 successful, or a specific error code
+ */
+int x509write_csr_pem( x509_csr *ctx, unsigned char *buf, size_t size );
+#endif /* POLARSSL_BASE64_C */
+
 #ifdef __cplusplus
 }
 #endif

library/x509write.c

@@ -33,6 +33,10 @@
 #include "polarssl/md.h"
 #include "polarssl/oid.h"
 
+#if defined(POLARSSL_BASE64_C)
+#include "polarssl/base64.h"
+#endif
+
 #if defined(POLARSSL_MEMORY_C)
 #include "polarssl/memory.h"
 #else
@@ -518,4 +522,57 @@ int x509write_csr_der( x509_csr *ctx, unsigned char *buf, size_t size )
     return( len );
 }
 
+#define CSR_PEM_BEGIN   "-----BEGIN CERTIFICATE REQUEST-----\n"
+#define CSR_PEM_END     "-----END CERTIFICATE REQUEST-----\n"
+
+#if defined(POLARSSL_BASE64_C)
+int x509write_csr_pem( x509_csr *ctx, unsigned char *buf, size_t size )
+{
+    int ret;
+    unsigned char output_buf[4096];
+    unsigned char base_buf[4096];
+    unsigned char *c, *p = buf;
+    size_t len = 0, olen = 4096;
+
+    memset( output_buf, 0, 4096 );
+
+    if( ( ret = x509write_csr_der( ctx, output_buf, 4096 ) ) < 0 )
+        return( ret );
+
+    len = ret;
+    c = output_buf + 4095 - len;
+
+    if( ( ret = base64_encode( base_buf, &olen, c, len ) ) != 0 )
+        return( ret );
+
+    c = base_buf;
+
+    if( olen + strlen( CSR_PEM_BEGIN ) + strlen( CSR_PEM_END ) +
+        olen / 64 > size )
+    {
+        return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
+    }
+
+    memcpy( p, CSR_PEM_BEGIN, strlen( CSR_PEM_BEGIN ) );
+    p += strlen( CSR_PEM_BEGIN );
+
+    while( olen )
+    {
+        len = ( olen > 64 ) ? 64 : olen;
+        memcpy( p, c, len );
+        olen -= len;
+        p += len;
+        c += len;
+        *p++ = '\n';
+    }
+
+    memcpy( p, CSR_PEM_END, strlen( CSR_PEM_END ) );
+    p += strlen( CSR_PEM_END );
+
+    *p = '\0';
+
+    return( 0 );
+}
+#endif /* POLARSSL_BASE64_C */
+
 #endif

programs/x509/cert_req.c

@@ -62,41 +62,23 @@ struct options
 
 int write_certificate_request( x509_csr *req, char *output_file )
 {
+    int ret;
     FILE *f;
     unsigned char output_buf[4096];
-    unsigned char base_buf[4096];
-    unsigned char *c;
-    int ret;
-    size_t len = 0, olen = 4096;
+    size_t len = 0;
 
-    memset(output_buf, 0, 4096);
-    ret = x509write_csr_der( req, output_buf, 4096 );
-
-    if( ret < 0 )
+    memset( output_buf, 0, 4096 );
+    if( ( ret = x509write_csr_pem( req, output_buf, 4096 ) ) < 0 )
         return( ret );
 
-    len = ret;
-    c = output_buf + 4095 - len;
-
-    if( ( ret = base64_encode( base_buf, &olen, c, len ) ) != 0 )
-        return( ret );
-
-    c = base_buf;
+    len = strlen( (char *) output_buf );
 
     if( ( f = fopen( output_file, "w" ) ) == NULL )
         return( -1 );
 
-    fprintf(f, "-----BEGIN CERTIFICATE REQUEST-----\n");
-    while (olen)
-    {
-        int use_len = olen;
-        if (use_len > 64) use_len = 64;
-        fwrite( c, 1, use_len, f );
-        olen -= use_len;
-        c += use_len;
-        fprintf(f, "\n");
-    }
-    fprintf(f, "-----END CERTIFICATE REQUEST-----\n");
+    if( fwrite( output_buf, 1, len, f ) != len )
+        return( -1 );
+
     fclose(f);
 
     return( 0 );