1/*
2 * Public Key layer for writing key files and structures
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19
20#include "common.h"
21
22#if defined(MBEDTLS_PK_WRITE_C)
23
24#include "mbedtls/pk.h"
25#include "mbedtls/asn1write.h"
26#include "mbedtls/oid.h"
27#include "mbedtls/platform_util.h"
28#include "mbedtls/error.h"
29
30#include <string.h>
31
32#if defined(MBEDTLS_RSA_C)
33#include "mbedtls/rsa.h"
34#endif
35#if defined(MBEDTLS_ECP_C)
36#include "mbedtls/bignum.h"
37#include "mbedtls/ecp.h"
38#include "mbedtls/platform_util.h"
39#endif
40#if defined(MBEDTLS_ECDSA_C)
41#include "mbedtls/ecdsa.h"
42#endif
43#if defined(MBEDTLS_PEM_WRITE_C)
44#include "mbedtls/pem.h"
45#endif
46
47#if defined(MBEDTLS_USE_PSA_CRYPTO)
48#include "psa/crypto.h"
49#include "mbedtls/psa_util.h"
50#endif
51#include "mbedtls/platform.h"
52
53/* Parameter validation macros based on platform_util.h */
54#define PK_VALIDATE_RET(cond) \
55 MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA)
56#define PK_VALIDATE(cond) \
57 MBEDTLS_INTERNAL_VALIDATE(cond)
58
59#if defined(MBEDTLS_RSA_C)
60/*
61 * RSAPublicKey ::= SEQUENCE {
62 * modulus INTEGER, -- n
63 * publicExponent INTEGER -- e
64 * }
65 */
66static int pk_write_rsa_pubkey(unsigned char **p, unsigned char *start,
67 mbedtls_rsa_context *rsa)
68{
69 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
70 size_t len = 0;
71 mbedtls_mpi T;
72
73 mbedtls_mpi_init(&T);
74
75 /* Export E */
76 if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 ||
77 (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
78 goto end_of_export;
79 }
80 len += ret;
81
82 /* Export N */
83 if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 ||
84 (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
85 goto end_of_export;
86 }
87 len += ret;
88
89end_of_export:
90
91 mbedtls_mpi_free(&T);
92 if (ret < 0) {
93 return ret;
94 }
95
96 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
97 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED |
98 MBEDTLS_ASN1_SEQUENCE));
99
100 return (int) len;
101}
102#endif /* MBEDTLS_RSA_C */
103
104#if defined(MBEDTLS_ECP_C)
105/*
106 * EC public key is an EC point
107 */
108static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start,
109 mbedtls_ecp_keypair *ec)
110{
111 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
112 size_t len = 0;
113 unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN];
114
115 if ((ret = mbedtls_ecp_point_write_binary(&ec->grp, &ec->Q,
116 MBEDTLS_ECP_PF_UNCOMPRESSED,
117 &len, buf, sizeof(buf))) != 0) {
118 return ret;
119 }
120
121 if (*p < start || (size_t) (*p - start) < len) {
122 return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
123 }
124
125 *p -= len;
126 memcpy(*p, buf, len);
127
128 return (int) len;
129}
130
131/*
132 * ECParameters ::= CHOICE {
133 * namedCurve OBJECT IDENTIFIER
134 * }
135 */
136static int pk_write_ec_param(unsigned char **p, unsigned char *start,
137 mbedtls_ecp_keypair *ec)
138{
139 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
140 size_t len = 0;
141 const char *oid;
142 size_t oid_len;
143
144 if ((ret = mbedtls_oid_get_oid_by_ec_grp(ec->grp.id, &oid, &oid_len)) != 0) {
145 return ret;
146 }
147
148 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len));
149
150 return (int) len;
151}
152
153/*
154 * privateKey OCTET STRING -- always of length ceil(log2(n)/8)
155 */
156static int pk_write_ec_private(unsigned char **p, unsigned char *start,
157 mbedtls_ecp_keypair *ec)
158{
159 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
160 size_t byte_length = (ec->grp.pbits + 7) / 8;
161 unsigned char tmp[MBEDTLS_ECP_MAX_BYTES];
162
163 ret = mbedtls_ecp_write_key(ec, tmp, byte_length);
164 if (ret != 0) {
165 goto exit;
166 }
167 ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length);
168
169exit:
170 mbedtls_platform_zeroize(tmp, byte_length);
171 return ret;
172}
173#endif /* MBEDTLS_ECP_C */
174
175int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
176 const mbedtls_pk_context *key)
177{
178 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
179 size_t len = 0;
180
181 (void) p;
182 (void) start;
183 (void) key;
184 (void) ret;
185
186 PK_VALIDATE_RET(p != NULL);
187 PK_VALIDATE_RET(*p != NULL);
188 PK_VALIDATE_RET(start != NULL);
189 PK_VALIDATE_RET(key != NULL);
190
191#if defined(MBEDTLS_RSA_C)
192 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) {
193 MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, mbedtls_pk_rsa(*key)));
194 } else
195#endif
196#if defined(MBEDTLS_ECP_C)
197 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) {
198 MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, mbedtls_pk_ec(*key)));
199 } else
200#endif
201#if defined(MBEDTLS_USE_PSA_CRYPTO)
202 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) {
203 size_t buffer_size;
204 psa_key_id_t *key_id = (psa_key_id_t *) key->pk_ctx;
205
206 if (*p < start) {
207 return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
208 }
209
210 buffer_size = (size_t) (*p - start);
211 if (psa_export_public_key(*key_id, start, buffer_size, &len)
212 != PSA_SUCCESS) {
213 return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
214 } else {
215 *p -= len;
216 memmove(*p, start, len);
217 }
218 } else
219#endif /* MBEDTLS_USE_PSA_CRYPTO */
220 return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
221
222 return (int) len;
223}
224
225int mbedtls_pk_write_pubkey_der(mbedtls_pk_context *key, unsigned char *buf, size_t size)
226{
227 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
228 unsigned char *c;
229 size_t len = 0, par_len = 0, oid_len;
230 mbedtls_pk_type_t pk_type;
231 const char *oid;
232
233 PK_VALIDATE_RET(key != NULL);
234 if (size == 0) {
235 return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
236 }
237 PK_VALIDATE_RET(buf != NULL);
238
239 c = buf + size;
240
241 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_pk_write_pubkey(&c, buf, key));
242
243 if (c - buf < 1) {
244 return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
245 }
246
247 /*
248 * SubjectPublicKeyInfo ::= SEQUENCE {
249 * algorithm AlgorithmIdentifier,
250 * subjectPublicKey BIT STRING }
251 */
252 *--c = 0;
253 len += 1;
254
255 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
256 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING));
257
258 pk_type = mbedtls_pk_get_type(key);
259#if defined(MBEDTLS_ECP_C)
260 if (pk_type == MBEDTLS_PK_ECKEY) {
261 MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, mbedtls_pk_ec(*key)));
262 }
263#endif
264#if defined(MBEDTLS_USE_PSA_CRYPTO)
265 if (pk_type == MBEDTLS_PK_OPAQUE) {
266 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
267 psa_key_type_t key_type;
268 psa_key_id_t key_id;
269 psa_ecc_family_t curve;
270 size_t bits;
271
272 key_id = *((psa_key_id_t *) key->pk_ctx);
273 if (PSA_SUCCESS != psa_get_key_attributes(key_id, &attributes)) {
274 return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
275 }
276 key_type = psa_get_key_type(&attributes);
277 bits = psa_get_key_bits(&attributes);
278 psa_reset_key_attributes(&attributes);
279
280 curve = PSA_KEY_TYPE_ECC_GET_FAMILY(key_type);
281 if (curve == 0) {
282 return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
283 }
284
285 ret = mbedtls_psa_get_ecc_oid_from_id(curve, bits, &oid, &oid_len);
286 if (ret != 0) {
287 return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
288 }
289
290 /* Write EC algorithm parameters; that's akin
291 * to pk_write_ec_param() above. */
292 MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_oid(&c, buf,
293 oid, oid_len));
294
295 /* The rest of the function works as for legacy EC contexts. */
296 pk_type = MBEDTLS_PK_ECKEY;
297 }
298#endif /* MBEDTLS_USE_PSA_CRYPTO */
299
300 if ((ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid,
301 &oid_len)) != 0) {
302 return ret;
303 }
304
305 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier(&c, buf, oid, oid_len,
306 par_len));
307
308 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
309 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED |
310 MBEDTLS_ASN1_SEQUENCE));
311
312 return (int) len;
313}
314
315int mbedtls_pk_write_key_der(mbedtls_pk_context *key, unsigned char *buf, size_t size)
316{
317 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
318 unsigned char *c;
319 size_t len = 0;
320
321 (void) ret;
322 (void) c;
323 (void) key;
324
325 PK_VALIDATE_RET(key != NULL);
326 if (size == 0) {
327 return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
328 }
329 PK_VALIDATE_RET(buf != NULL);
330
331 c = buf + size;
332
333#if defined(MBEDTLS_RSA_C)
334 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) {
335 mbedtls_mpi T; /* Temporary holding the exported parameters */
336 mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*key);
337
338 /*
339 * Export the parameters one after another to avoid simultaneous copies.
340 */
341
342 mbedtls_mpi_init(&T);
343
344 /* Export QP */
345 if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 ||
346 (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
347 goto end_of_export;
348 }
349 len += ret;
350
351 /* Export DQ */
352 if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 ||
353 (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
354 goto end_of_export;
355 }
356 len += ret;
357
358 /* Export DP */
359 if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 ||
360 (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
361 goto end_of_export;
362 }
363 len += ret;
364
365 /* Export Q */
366 if ((ret = mbedtls_rsa_export(rsa, NULL, NULL,
367 &T, NULL, NULL)) != 0 ||
368 (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
369 goto end_of_export;
370 }
371 len += ret;
372
373 /* Export P */
374 if ((ret = mbedtls_rsa_export(rsa, NULL, &T,
375 NULL, NULL, NULL)) != 0 ||
376 (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
377 goto end_of_export;
378 }
379 len += ret;
380
381 /* Export D */
382 if ((ret = mbedtls_rsa_export(rsa, NULL, NULL,
383 NULL, &T, NULL)) != 0 ||
384 (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
385 goto end_of_export;
386 }
387 len += ret;
388
389 /* Export E */
390 if ((ret = mbedtls_rsa_export(rsa, NULL, NULL,
391 NULL, NULL, &T)) != 0 ||
392 (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
393 goto end_of_export;
394 }
395 len += ret;
396
397 /* Export N */
398 if ((ret = mbedtls_rsa_export(rsa, &T, NULL,
399 NULL, NULL, NULL)) != 0 ||
400 (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) {
401 goto end_of_export;
402 }
403 len += ret;
404
405end_of_export:
406
407 mbedtls_mpi_free(&T);
408 if (ret < 0) {
409 return ret;
410 }
411
412 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 0));
413 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
414 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c,
415 buf, MBEDTLS_ASN1_CONSTRUCTED |
416 MBEDTLS_ASN1_SEQUENCE));
417 } else
418#endif /* MBEDTLS_RSA_C */
419#if defined(MBEDTLS_ECP_C)
420 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) {
421 mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*key);
422 size_t pub_len = 0, par_len = 0;
423
424 /*
425 * RFC 5915, or SEC1 Appendix C.4
426 *
427 * ECPrivateKey ::= SEQUENCE {
428 * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
429 * privateKey OCTET STRING,
430 * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
431 * publicKey [1] BIT STRING OPTIONAL
432 * }
433 */
434
435 /* publicKey */
436 MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(&c, buf, ec));
437
438 if (c - buf < 1) {
439 return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
440 }
441 *--c = 0;
442 pub_len += 1;
443
444 MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len));
445 MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING));
446
447 MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len));
448 MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf,
449 MBEDTLS_ASN1_CONTEXT_SPECIFIC |
450 MBEDTLS_ASN1_CONSTRUCTED | 1));
451 len += pub_len;
452
453 /* parameters */
454 MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec));
455
456 MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(&c, buf, par_len));
457 MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(&c, buf,
458 MBEDTLS_ASN1_CONTEXT_SPECIFIC |
459 MBEDTLS_ASN1_CONSTRUCTED | 0));
460 len += par_len;
461
462 /* privateKey */
463 MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(&c, buf, ec));
464
465 /* version */
466 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 1));
467
468 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len));
469 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED |
470 MBEDTLS_ASN1_SEQUENCE));
471 } else
472#endif /* MBEDTLS_ECP_C */
473 return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
474
475 return (int) len;
476}
477
478#if defined(MBEDTLS_PEM_WRITE_C)
479
480#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
481#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
482
483#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n"
484#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n"
485#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n"
486#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n"
487
488/*
489 * Max sizes of key per types. Shown as tag + len (+ content).
490 */
491
492#if defined(MBEDTLS_RSA_C)
493/*
494 * RSA public keys:
495 * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 3
496 * algorithm AlgorithmIdentifier, 1 + 1 (sequence)
497 * + 1 + 1 + 9 (rsa oid)
498 * + 1 + 1 (params null)
499 * subjectPublicKey BIT STRING } 1 + 3 + (1 + below)
500 * RSAPublicKey ::= SEQUENCE { 1 + 3
501 * modulus INTEGER, -- n 1 + 3 + MPI_MAX + 1
502 * publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1
503 * }
504 */
505#define RSA_PUB_DER_MAX_BYTES (38 + 2 * MBEDTLS_MPI_MAX_SIZE)
506
507/*
508 * RSA private keys:
509 * RSAPrivateKey ::= SEQUENCE { 1 + 3
510 * version Version, 1 + 1 + 1
511 * modulus INTEGER, 1 + 3 + MPI_MAX + 1
512 * publicExponent INTEGER, 1 + 3 + MPI_MAX + 1
513 * privateExponent INTEGER, 1 + 3 + MPI_MAX + 1
514 * prime1 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
515 * prime2 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
516 * exponent1 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
517 * exponent2 INTEGER, 1 + 3 + MPI_MAX / 2 + 1
518 * coefficient INTEGER, 1 + 3 + MPI_MAX / 2 + 1
519 * otherPrimeInfos OtherPrimeInfos OPTIONAL 0 (not supported)
520 * }
521 */
522#define MPI_MAX_SIZE_2 (MBEDTLS_MPI_MAX_SIZE / 2 + \
523 MBEDTLS_MPI_MAX_SIZE % 2)
524#define RSA_PRV_DER_MAX_BYTES (47 + 3 * MBEDTLS_MPI_MAX_SIZE \
525 + 5 * MPI_MAX_SIZE_2)
526
527#else /* MBEDTLS_RSA_C */
528
529#define RSA_PUB_DER_MAX_BYTES 0
530#define RSA_PRV_DER_MAX_BYTES 0
531
532#endif /* MBEDTLS_RSA_C */
533
534#if defined(MBEDTLS_ECP_C)
535/*
536 * EC public keys:
537 * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2
538 * algorithm AlgorithmIdentifier, 1 + 1 (sequence)
539 * + 1 + 1 + 7 (ec oid)
540 * + 1 + 1 + 9 (namedCurve oid)
541 * subjectPublicKey BIT STRING 1 + 2 + 1 [1]
542 * + 1 (point format) [1]
543 * + 2 * ECP_MAX (coords) [1]
544 * }
545 */
546#define ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_ECP_MAX_BYTES)
547
548/*
549 * EC private keys:
550 * ECPrivateKey ::= SEQUENCE { 1 + 2
551 * version INTEGER , 1 + 1 + 1
552 * privateKey OCTET STRING, 1 + 1 + ECP_MAX
553 * parameters [0] ECParameters OPTIONAL, 1 + 1 + (1 + 1 + 9)
554 * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above
555 * }
556 */
557#define ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_ECP_MAX_BYTES)
558
559#else /* MBEDTLS_ECP_C */
560
561#define ECP_PUB_DER_MAX_BYTES 0
562#define ECP_PRV_DER_MAX_BYTES 0
563
564#endif /* MBEDTLS_ECP_C */
565
566#define PUB_DER_MAX_BYTES (RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
567 RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES)
568#define PRV_DER_MAX_BYTES (RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \
569 RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES)
570
571int mbedtls_pk_write_pubkey_pem(mbedtls_pk_context *key, unsigned char *buf, size_t size)
572{
573 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
574 unsigned char output_buf[PUB_DER_MAX_BYTES];
575 size_t olen = 0;
576
577 PK_VALIDATE_RET(key != NULL);
578 PK_VALIDATE_RET(buf != NULL || size == 0);
579
580 if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf,
581 sizeof(output_buf))) < 0) {
582 return ret;
583 }
584
585 if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
586 output_buf + sizeof(output_buf) - ret,
587 ret, buf, size, &olen)) != 0) {
588 return ret;
589 }
590
591 return 0;
592}
593
594int mbedtls_pk_write_key_pem(mbedtls_pk_context *key, unsigned char *buf, size_t size)
595{
596 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
597 unsigned char output_buf[PRV_DER_MAX_BYTES];
598 const char *begin, *end;
599 size_t olen = 0;
600
601 PK_VALIDATE_RET(key != NULL);
602 PK_VALIDATE_RET(buf != NULL || size == 0);
603
604 if ((ret = mbedtls_pk_write_key_der(key, output_buf, sizeof(output_buf))) < 0) {
605 return ret;
606 }
607
608#if defined(MBEDTLS_RSA_C)
609 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) {
610 begin = PEM_BEGIN_PRIVATE_KEY_RSA;
611 end = PEM_END_PRIVATE_KEY_RSA;
612 } else
613#endif
614#if defined(MBEDTLS_ECP_C)
615 if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) {
616 begin = PEM_BEGIN_PRIVATE_KEY_EC;
617 end = PEM_END_PRIVATE_KEY_EC;
618 } else
619#endif
620 return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
621
622 if ((ret = mbedtls_pem_write_buffer(begin, end,
623 output_buf + sizeof(output_buf) - ret,
624 ret, buf, size, &olen)) != 0) {
625 return ret;
626 }
627
628 return 0;
629}
630#endif /* MBEDTLS_PEM_WRITE_C */
631
632#endif /* MBEDTLS_PK_WRITE_C */
633