mbedtls/include/polarssl/pem.h

/**
 * \file pem.h
 *
 * \brief Privacy Enhanced Mail (PEM) decoding
 *
 *  Copyright (C) 2006-2013, ARM Limited, All Rights Reserved
 *
 *  This file is part of mbed TLS (https://tls.mbed.org)
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#ifndef POLARSSL_PEM_H
#define POLARSSL_PEM_H

#include <stddef.h>

/**
 * \name PEM Error codes
 * These error codes are returned in case of errors reading the
 * PEM data.
 * \{
 */
#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT          -0x1080  /**< No PEM header or footer found. */
#define POLARSSL_ERR_PEM_INVALID_DATA                      -0x1100  /**< PEM string is not as expected. */
#define POLARSSL_ERR_PEM_MALLOC_FAILED                     -0x1180  /**< Failed to allocate memory. */
#define POLARSSL_ERR_PEM_INVALID_ENC_IV                    -0x1200  /**< RSA IV is not in hex-format. */
#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG                   -0x1280  /**< Unsupported key encryption algorithm. */
#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED                 -0x1300  /**< Private key password can't be empty. */
#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH                 -0x1380  /**< Given private key password does not allow for correct decryption. */
#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE               -0x1400  /**< Unavailable feature, e.g. hashing/encryption combination. */
#define POLARSSL_ERR_PEM_BAD_INPUT_DATA                    -0x1480  /**< Bad input parameters to function. */
/* \} name */

#ifdef __cplusplus
extern "C" {
#endif

#if defined(POLARSSL_PEM_PARSE_C)
/**
 * \brief       PEM context structure
 */
typedef struct
{
    unsigned char *buf;     /*!< buffer for decoded data             */
    size_t buflen;          /*!< length of the buffer                */
    unsigned char *info;    /*!< buffer for extra header information */
}
pem_context;

/**
 * \brief       PEM context setup
 *
 * \param ctx   context to be initialized
 */
void pem_init( pem_context *ctx );

/**
 * \brief       Read a buffer for PEM information and store the resulting
 *              data into the specified context buffers.
 *
 * \param ctx       context to use
 * \param header    header string to seek and expect
 * \param footer    footer string to seek and expect
 * \param data      source data to look in
 * \param pwd       password for decryption (can be NULL)
 * \param pwdlen    length of password
 * \param use_len   destination for total length used (set after header is
 *                  correctly read, so unless you get
 *                  POLARSSL_ERR_PEM_BAD_INPUT_DATA or
 *                  POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is
 *                  the length to skip)
 *
 * \note            Attempts to check password correctness by verifying if
 *                  the decrypted text starts with an ASN.1 sequence of
 *                  appropriate length
 *
 * \return          0 on success, or a specific PEM error code
 */
int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
                     const unsigned char *data,
                     const unsigned char *pwd,
                     size_t pwdlen, size_t *use_len );

/**
 * \brief       PEM context memory freeing
 *
 * \param ctx   context to be freed
 */
void pem_free( pem_context *ctx );
#endif /* POLARSSL_PEM_PARSE_C */

#if defined(POLARSSL_PEM_WRITE_C)
/**
 * \brief           Write a buffer of PEM information from a DER encoded
 *                  buffer.
 *
 * \param header    header string to write
 * \param footer    footer string to write
 * \param der_data  DER data to write
 * \param der_len   length of the DER data
 * \param buf       buffer to write to
 * \param buf_len   length of output buffer
 * \param olen      total length written / required (if buf_len is not enough)
 *
 * \return          0 on success, or a specific PEM or BASE64 error code. On
 *                  POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL olen is the required
 *                  size.
 */
int pem_write_buffer( const char *header, const char *footer,
                      const unsigned char *der_data, size_t der_len,
                      unsigned char *buf, size_t buf_len, size_t *olen );
#endif /* POLARSSL_PEM_WRITE_C */

#ifdef __cplusplus
}
#endif

#endif /* pem.h */
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`/**`
			`* \file pem.h`
			`*`
			`* \brief Privacy Enhanced Mail (PEM) decoding`
			`*`
Update copyright 2015-01-23 10:45:19 +01:00			`* Copyright (C) 2006-2013, ARM Limited, All Rights Reserved`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`*`
Rename website and repository 2015-03-06 14:17:10 +01:00			`* This file is part of mbed TLS (https://tls.mbed.org)`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`*`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation; either version 2 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License along`
			`* with this program; if not, write to the Free Software Foundation, Inc.,`
			`* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.`
			`*/`
			`#ifndef POLARSSL_PEM_H`
			`#define POLARSSL_PEM_H`

cleanup library and some basic tests. Includes, add guards to includes 2015-02-06 14:43:58 +01:00			`#include <stddef.h>`
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops 2011-04-24 10:57:21 +02:00
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`/**`
			`* \name PEM Error codes`
			`* These error codes are returned in case of errors reading the`
			`* PEM data.`
			`* \{`
			`*/`
pem_read_buffer() already update use_len after header and footer are read After header and footer are read, pem_read_buffer() is able to determine the length of input data used. This allows calling functions to skip this PEM bit if an error occurs during its parsing. (cherry picked from commit 9255e8300e550b548b54603c77585921f442e391) 2013-06-24 13:02:41 +02:00			`#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /*< No PEM header or footer found. /`
- A error_strerror function() has been added to translate between error codes and their description. - The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative. - Descriptions to all error codes have been added. - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers. 2011-05-09 18:17:09 +02:00			`#define POLARSSL_ERR_PEM_INVALID_DATA -0x1100 /*< PEM string is not as expected. /`
			`#define POLARSSL_ERR_PEM_MALLOC_FAILED -0x1180 /*< Failed to allocate memory. /`
			`#define POLARSSL_ERR_PEM_INVALID_ENC_IV -0x1200 /*< RSA IV is not in hex-format. /`
			`#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /*< Unsupported key encryption algorithm. /`
			`#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED -0x1300 /*< Private key password can't be empty. /`
			`#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH -0x1380 /*< Given private key password does not allow for correct decryption. /`
			`#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /*< Unavailable feature, e.g. hashing/encryption combination. /`
pem_read_buffer() already update use_len after header and footer are read After header and footer are read, pem_read_buffer() is able to determine the length of input data used. This allows calling functions to skip this PEM bit if an error occurs during its parsing. (cherry picked from commit 9255e8300e550b548b54603c77585921f442e391) 2013-06-24 13:02:41 +02:00			`#define POLARSSL_ERR_PEM_BAD_INPUT_DATA -0x1480 /*< Bad input parameters to function. /`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`/* \} name */`

Moved __cplusplus extern statement to include struct definitions as well. 2013-06-27 14:29:21 +02:00			`#ifdef __cplusplus`
			`extern "C" {`
			`#endif`

POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C 2013-09-15 20:43:33 +02:00			`#if defined(POLARSSL_PEM_PARSE_C)`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`/**`
			`* \brief PEM context structure`
			`*/`
			`typedef struct`
			`{`
			`unsigned char buf; /!< buffer for decoded data */`
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops 2011-04-24 10:57:21 +02:00			`size_t buflen; /!< length of the buffer /`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`unsigned char info; /!< buffer for extra header information */`
			`}`
			`pem_context;`

			`/**`
			`* \brief PEM context setup`
			`*`
			`* \param ctx context to be initialized`
			`*/`
			`void pem_init( pem_context *ctx );`

			`/**`
			`* \brief Read a buffer for PEM information and store the resulting`
			`* data into the specified context buffers.`
			`*`
			`* \param ctx context to use`
			`* \param header header string to seek and expect`
			`* \param footer footer string to seek and expect`
			`* \param data source data to look in`
			`* \param pwd password for decryption (can be NULL)`
			`* \param pwdlen length of password`
pem_read_buffer() already update use_len after header and footer are read After header and footer are read, pem_read_buffer() is able to determine the length of input data used. This allows calling functions to skip this PEM bit if an error occurs during its parsing. (cherry picked from commit 9255e8300e550b548b54603c77585921f442e391) 2013-06-24 13:02:41 +02:00			`* \param use_len destination for total length used (set after header is`
			`* correctly read, so unless you get`
			`* POLARSSL_ERR_PEM_BAD_INPUT_DATA or`
			`* POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is`
			`* the length to skip)`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`*`
Simplify password check in pem_read_buffer() 2013-07-09 16:35:23 +02:00			`* \note Attempts to check password correctness by verifying if`
			`* the decrypted text starts with an ASN.1 sequence of`
			`* appropriate length`
Fix undocumented feature of pem_read_buffer() Used to work only for RSAPrivateKey content, now accepts ECPrivateKey too, and may even work with similar enough structures when they appear. 2013-07-03 21:01:35 +02:00			`*`
Move *_pemify() function to PEM module 2013-09-15 20:03:26 +02:00			`* \return 0 on success, or a specific PEM error code`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`*/`
Cleanup up non-prototyped functions (static) and const-correctness More fixes based on the compiler directives -Wcast-qual -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations. Not everything with regards to -Wcast-qual has been fixed as some have unwanted consequences for the rest of the code. 2013-06-25 16:25:17 +02:00			`int pem_read_buffer( pem_context ctx, const char header, const char *footer,`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00			`const unsigned char *data,`
			`const unsigned char *pwd,`
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops 2011-04-24 10:57:21 +02:00			`size_t pwdlen, size_t *use_len );`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00
POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C 2013-09-15 20:43:33 +02:00			`/**`
			`* \brief PEM context memory freeing`
			`*`
			`* \param ctx context to be freed`
			`*/`
			`void pem_free( pem_context *ctx );`
			`#endif /* POLARSSL_PEM_PARSE_C */`

			`#if defined(POLARSSL_PEM_WRITE_C)`
Move *_pemify() function to PEM module 2013-09-15 20:03:26 +02:00			`/**`
			`* \brief Write a buffer of PEM information from a DER encoded`
			`* buffer.`
			`*`
			`* \param header header string to write`
			`* \param footer footer string to write`
			`* \param der_data DER data to write`
			`* \param der_len length of the DER data`
			`* \param buf buffer to write to`
			`* \param buf_len length of output buffer`
			`* \param olen total length written / required (if buf_len is not enough)`
			`*`
			`* \return 0 on success, or a specific PEM or BASE64 error code. On`
			`* POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL olen is the required`
			`* size.`
			`*/`
			`int pem_write_buffer( const char header, const char footer,`
			`const unsigned char *der_data, size_t der_len,`
			`unsigned char buf, size_t buf_len, size_t olen );`
POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C 2013-09-15 20:43:33 +02:00			`#endif /* POLARSSL_PEM_WRITE_C */`
- Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding - Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5) - Added tests for encrypted keyfiles 2011-02-12 15:30:57 +01:00
			`#ifdef __cplusplus`
			`}`
			`#endif`

			`#endif /* pem.h */`