diff --git a/include/polarssl/x509write.h b/include/polarssl/x509write.h index a063695c8..40db9e767 100644 --- a/include/polarssl/x509write.h +++ b/include/polarssl/x509write.h @@ -259,17 +259,17 @@ int x509write_crt_set_subject_name( x509write_cert *ctx, char *subject_name ); * \brief Set the subject public key for the certificate * * \param ctx CRT context to use - * \param rsa RSA public key to include + * \param key public key to include */ -void x509write_crt_set_subject_key( x509write_cert *ctx, rsa_context *rsa ); +void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key ); /** * \brief Set the issuer key used for signing the certificate * * \param ctx CRT context to use - * \param rsa RSA key to sign with + * \param key private key to sign with */ -void x509write_crt_set_issuer_key( x509write_cert *ctx, rsa_context *rsa ); +void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key ); /** * \brief Set the MD algorithm to use for the signature diff --git a/library/x509write.c b/library/x509write.c index d55e24187..d8000f015 100644 --- a/library/x509write.c +++ b/library/x509write.c @@ -312,14 +312,14 @@ void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg ) ctx->md_alg = md_alg; } -void x509write_crt_set_subject_key( x509write_cert *ctx, rsa_context *rsa ) +void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key ) { - ctx->subject_key = rsa; + ctx->subject_key = pk_rsa( *key ); } -void x509write_crt_set_issuer_key( x509write_cert *ctx, rsa_context *rsa ) +void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key ) { - ctx->issuer_key = rsa; + ctx->issuer_key = pk_rsa( *key ); } int x509write_crt_set_subject_name( x509write_cert *ctx, char *subject_name ) diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index f0939c8f2..8943493e9 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -172,9 +172,9 @@ int main( int argc, char *argv[] ) { int ret = 0; x509_cert issuer_crt; - rsa_context loaded_issuer_rsa, loaded_subject_rsa; - rsa_context *issuer_rsa = &loaded_issuer_rsa, - *subject_rsa = &loaded_subject_rsa; + pk_context loaded_issuer_key, loaded_subject_key; + pk_context *issuer_key = &loaded_issuer_key, + *subject_key = &loaded_subject_key; char buf[1024]; char issuer_name[128]; char subject_name[128]; @@ -189,8 +189,8 @@ int main( int argc, char *argv[] ) */ x509write_crt_init( &crt ); x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA1 ); - rsa_init( &loaded_issuer_rsa, RSA_PKCS_V15, 0 ); - rsa_init( &loaded_subject_rsa, RSA_PKCS_V15, 0 ); + pk_init( &loaded_issuer_key ); + pk_init( &loaded_subject_key ); mpi_init( &serial ); memset( &csr, 0, sizeof(x509_csr) ); memset( &issuer_crt, 0, sizeof(x509_cert) ); @@ -417,7 +417,7 @@ int main( int argc, char *argv[] ) } opt.subject_name = subject_name; - subject_rsa = pk_rsa( csr.pk ); + subject_key = &csr.pk; printf( " ok\n" ); } @@ -430,12 +430,12 @@ int main( int argc, char *argv[] ) printf( " . Loading the subject key ..." ); fflush( stdout ); - ret = x509parse_keyfile_rsa( &loaded_subject_rsa, opt.subject_key, - opt.subject_pwd ); + ret = x509parse_keyfile( &loaded_subject_key, opt.subject_key, + opt.subject_pwd ); if( ret != 0 ) { error_strerror( ret, buf, 1024 ); - printf( " failed\n ! x509parse_keyfile_rsa returned -0x%02x - %s\n\n", -ret, buf ); + printf( " failed\n ! x509parse_keyfile returned -0x%02x - %s\n\n", -ret, buf ); goto exit; } @@ -445,12 +445,12 @@ int main( int argc, char *argv[] ) printf( " . Loading the issuer key ..." ); fflush( stdout ); - ret = x509parse_keyfile_rsa( &loaded_issuer_rsa, opt.issuer_key, + ret = x509parse_keyfile( &loaded_issuer_key, opt.issuer_key, opt.issuer_pwd ); if( ret != 0 ) { error_strerror( ret, buf, 1024 ); - printf( " failed\n ! x509parse_keyfile_rsa returned -x%02x - %s\n\n", -ret, buf ); + printf( " failed\n ! x509parse_keyfile returned -x%02x - %s\n\n", -ret, buf ); goto exit; } @@ -459,8 +459,10 @@ int main( int argc, char *argv[] ) if( strlen( opt.issuer_crt ) ) { if( !pk_can_do( &issuer_crt.pk, POLARSSL_PK_RSA ) || - mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->N, &issuer_rsa->N ) != 0 || - mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->E, &issuer_rsa->E ) != 0 ) + mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->N, + &pk_rsa( *issuer_key )->N ) != 0 || + mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->E, + &pk_rsa( *issuer_key )->E ) != 0 ) { printf( " failed\n ! issuer_key does not match issuer certificate\n\n" ); ret = -1; @@ -473,11 +475,11 @@ int main( int argc, char *argv[] ) if( opt.selfsign ) { opt.issuer_name = opt.subject_name; - subject_rsa = issuer_rsa; + subject_key = issuer_key; } - x509write_crt_set_subject_key( &crt, subject_rsa ); - x509write_crt_set_issuer_key( &crt, issuer_rsa ); + x509write_crt_set_subject_key( &crt, subject_key ); + x509write_crt_set_issuer_key( &crt, issuer_key ); /* * 1.0. Check the names for validity @@ -606,8 +608,8 @@ int main( int argc, char *argv[] ) exit: x509write_crt_free( &crt ); - rsa_free( &loaded_subject_rsa ); - rsa_free( &loaded_issuer_rsa ); + pk_free( &loaded_subject_key ); + pk_free( &loaded_issuer_key ); mpi_free( &serial ); #if defined(_WIN32) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index c2d4e4eee..f916b1cf2 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -66,7 +66,7 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, char *serial_str, char *not_before, char *not_after, int md_type, char *cert_check_file ) { - rsa_context subject_rsa, issuer_rsa; + pk_context subject_key, issuer_key; pem_context pem; x509write_cert crt; unsigned char *c; @@ -78,12 +78,12 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, FILE *f; mpi_init( &serial ); - rsa_init( &subject_rsa, RSA_PKCS_V15, 0 ); - rsa_init( &issuer_rsa, RSA_PKCS_V15, 0 ); + pk_init( &subject_key ); + pk_init( &issuer_key ); - TEST_ASSERT( x509parse_keyfile_rsa( &subject_rsa, subject_key_file, + TEST_ASSERT( x509parse_keyfile( &subject_key, subject_key_file, subject_pwd ) == 0 ); - TEST_ASSERT( x509parse_keyfile_rsa( &issuer_rsa, issuer_key_file, + TEST_ASSERT( x509parse_keyfile( &issuer_key, issuer_key_file, issuer_pwd ) == 0 ); TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 ); @@ -94,8 +94,8 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, x509write_crt_set_md_alg( &crt, md_type ); TEST_ASSERT( x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 ); TEST_ASSERT( x509write_crt_set_subject_name( &crt, subject_name ) == 0 ); - x509write_crt_set_subject_key( &crt, &subject_rsa ); - x509write_crt_set_issuer_key( &crt, &issuer_rsa ); + x509write_crt_set_subject_key( &crt, &subject_key ); + x509write_crt_set_issuer_key( &crt, &issuer_key ); TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 ); TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 ); @@ -118,8 +118,8 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 ); x509write_crt_free( &crt ); - rsa_free( &issuer_rsa ); - rsa_free( &subject_rsa ); + pk_free( &issuer_key ); + pk_free( &subject_key ); pem_free( &pem ); mpi_free( &serial ); }