result_t X509Cert::get_serial(exlib::string &retVal) { mbedtls_x509_crt *crt = get_crt(); if (!crt) return CHECK_ERROR(CALL_E_INVALID_CALL); int32_t ret; mbedtls_mpi serial; mbedtls_mpi_init(&serial); ret = mbedtls_mpi_read_binary(&serial, crt->serial.p, crt->serial.len); if (ret != 0) return CHECK_ERROR(_ssl::setError(ret)); retVal.resize(8192); size_t sz = retVal.length(); ret = mbedtls_mpi_write_string(&serial, 10, &retVal[0], sz, &sz); mbedtls_mpi_free(&serial); if (ret != 0) return CHECK_ERROR(_ssl::setError(ret)); retVal.resize(sz - 1); return 0; }
/* write one */ static int write_radix(void *a, char *b, int radix) { size_t ol = SIZE_MAX; int res = mbedtls_mpi_write_string(a, radix, b, ol, &ol); if (res == MBEDTLS_ERR_MPI_ALLOC_FAILED) return CRYPT_MEM; if (res) return CRYPT_ERROR; return CRYPT_OK; }
char *ssh_mbedcry_bn2num(bignum num, int radix) { char *buf = NULL; size_t olen; int rc; rc = mbedtls_mpi_write_string(num, radix, buf, 0, &olen); if (rc != 0) { return NULL; } buf = malloc(olen); if (buf == NULL) { return NULL; } rc = mbedtls_mpi_write_string(num, radix, buf, olen, &olen); if (rc != 0) { SAFE_FREE(buf); return NULL; } return buf; }
static int lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, union lws_tls_cert_info_results *buf, size_t len) { if (!x509) return -1; switch (type) { case LWS_TLS_CERT_INFO_VALIDITY_FROM: buf->time = lws_tls_mbedtls_time_to_unix(&x509->valid_from); if (buf->time == (time_t)(long long)-1) return -1; break; case LWS_TLS_CERT_INFO_VALIDITY_TO: buf->time = lws_tls_mbedtls_time_to_unix(&x509->valid_to); if (buf->time == (time_t)(long long)-1) return -1; break; case LWS_TLS_CERT_INFO_COMMON_NAME: return lws_tls_mbedtls_get_x509_name(&x509->subject, buf, len); case LWS_TLS_CERT_INFO_ISSUER_NAME: return lws_tls_mbedtls_get_x509_name(&x509->issuer, buf, len); case LWS_TLS_CERT_INFO_USAGE: buf->usage = x509->key_usage; break; case LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY: { char *p = buf->ns.name; size_t r = len, u; switch (mbedtls_pk_get_type(&x509->pk)) { case MBEDTLS_PK_RSA: { mbedtls_rsa_context *rsa = mbedtls_pk_rsa(x509->pk); if (mbedtls_mpi_write_string(&rsa->N, 16, p, r, &u)) return -1; r -= u; p += u; if (mbedtls_mpi_write_string(&rsa->E, 16, p, r, &u)) return -1; p += u; buf->ns.len = lws_ptr_diff(p, buf->ns.name); break; } case MBEDTLS_PK_ECKEY: { mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(x509->pk); if (mbedtls_mpi_write_string(&ecp->Q.X, 16, p, r, &u)) return -1; r -= u; p += u; if (mbedtls_mpi_write_string(&ecp->Q.Y, 16, p, r, &u)) return -1; r -= u; p += u; if (mbedtls_mpi_write_string(&ecp->Q.Z, 16, p, r, &u)) return -1; p += u; buf->ns.len = lws_ptr_diff(p, buf->ns.name); break; } default: lwsl_notice("%s: x509 has unsupported pubkey type %d\n", __func__, mbedtls_pk_get_type(&x509->pk)); return -1; } break; } default: return -1; } return 0; }