px5g: remove obsolete reference to $(BUILD_VARIANT)

[librecmc/librecmc.git] / package / utils / px5g / px5g.c

diff --git a/package/utils/px5g/px5g.c b/package/utils/px5g/px5g.c
index 6b977081e120405a2b0644f8250e04533294a534..f0fe4dcfd39124bc83249cf32f9468652fedadb9 100644 (file)
--- a/package/utils/px5g/px5g.c
+++ b/package/utils/px5g/px5g.c
@@ -2,7 +2,7 @@
  * px5g - Embedded x509 key and certificate generator based on PolarSSL
  *
  *   Copyright (C) 2009 Steven Barth <steven@midlink.org>
- *   Copyright (C) 2014 Felix Fietkau <nbd@openwrt.org>
+ *   Copyright (C) 2014 Felix Fietkau <nbd@nbd.name>
  *
  *  This library is free software; you can redistribute it and/or
  *  modify it under the terms of the GNU Lesser General Public
@@ -30,9 +30,10 @@
 #include <fcntl.h>
 #include <stdbool.h>
 
-#include <polarssl/bignum.h>
-#include <polarssl/x509_crt.h>
-#include <polarssl/rsa.h>
+#include <mbedtls/bignum.h>
+#include <mbedtls/x509_crt.h>
+#include <mbedtls/rsa.h>
+#include <mbedtls/pk.h>
 
 #define PX5G_VERSION "0.2"
 #define PX5G_COPY "Copyright (c) 2009 Steven Barth <steven@midlink.org>"
@@ -72,15 +73,15 @@ static void write_file(const char *path, int len, bool pem)
        fclose(f);
 }
 
-static void write_key(pk_context *key, const char *path, bool pem)
+static void write_key(mbedtls_pk_context *key, const char *path, bool pem)
 {
        int len = 0;
 
        if (pem) {
-               if (pk_write_key_pem(key, (void *) buf, sizeof(buf)) == 0)
+               if (mbedtls_pk_write_key_pem(key, (void *) buf, sizeof(buf)) == 0)
                        len = strlen(buf);
        } else {
-               len = pk_write_key_der(key, (void *) buf, sizeof(buf));
+               len = mbedtls_pk_write_key_der(key, (void *) buf, sizeof(buf));
                if (len < 0)
                        len = 0;
        }
@@ -88,12 +89,12 @@ static void write_key(pk_context *key, const char *path, bool pem)
        write_file(path, len, pem);
 }
 
-static void gen_key(pk_context *key, int ksize, int exp, bool pem)
+static void gen_key(mbedtls_pk_context *key, int ksize, int exp, bool pem)
 {
-       pk_init(key);
-       pk_init_ctx(key, pk_info_from_type(POLARSSL_PK_RSA));
+       mbedtls_pk_init(key);
        fprintf(stderr, "Generating RSA private key, %i bit long modulus\n", ksize);
-       if (rsa_gen_key(pk_rsa(*key), _urandom, NULL, ksize, exp)) {
+       mbedtls_pk_setup(key, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA));
+       if (mbedtls_rsa_gen_key(mbedtls_pk_rsa(*key), _urandom, NULL, ksize, exp)) {
                fprintf(stderr, "error: key generation failed\n");
                exit(1);
        }
@@ -101,7 +102,7 @@ static void gen_key(pk_context *key, int ksize, int exp, bool pem)
 
 int rsakey(char **arg)
 {
-       pk_context key;
+       mbedtls_pk_context key;
        unsigned int ksize = 512;
        int exp = 65537;
        char *path = NULL;
@@ -125,16 +126,16 @@ int rsakey(char **arg)
        gen_key(&key, ksize, exp, pem);
        write_key(&key, path, pem);
 
-       pk_free(&key);
+       mbedtls_pk_free(&key);
 
        return 0;
 }
 
 int selfsigned(char **arg)
 {
-       pk_context key;
-       x509write_cert cert;
-       mpi serial;
+       mbedtls_pk_context key;
+       mbedtls_x509write_cert cert;
+       mbedtls_mpi serial;
 
        char *subject = "";
        unsigned int ksize = 512;
@@ -143,7 +144,7 @@ int selfsigned(char **arg)
        char *keypath = NULL, *certpath = NULL;
        bool pem = true;
        time_t from = time(NULL), to;
-       char fstr[20], tstr[20];
+       char fstr[20], tstr[20], sstr[17];
        int len;
 
        while (*arg && **arg == '-') {
@@ -188,7 +189,7 @@ int selfsigned(char **arg)
                                }
                                memcpy(newc, oldc, delim - oldc);
                                newc += delim - oldc;
-                               *newc++ = ';';
+                               *newc++ = ',';
                                oldc = delim + 1;
                        } while(*delim);
                        arg++;
@@ -211,30 +212,34 @@ int selfsigned(char **arg)
        fprintf(stderr, "Generating selfsigned certificate with subject '%s'"
                        " and validity %s-%s\n", subject, fstr, tstr);
 
-       x509write_crt_init(&cert);
-       x509write_crt_set_md_alg(&cert, POLARSSL_MD_SHA1);
-       x509write_crt_set_issuer_key(&cert, &key);
-       x509write_crt_set_subject_key(&cert, &key);
-       x509write_crt_set_subject_name(&cert, subject);
-       x509write_crt_set_issuer_name(&cert, subject);
-       x509write_crt_set_validity(&cert, fstr, tstr);
-       x509write_crt_set_basic_constraints(&cert, 0, -1);
-       x509write_crt_set_subject_key_identifier(&cert);
-       x509write_crt_set_authority_key_identifier(&cert);
-
-       mpi_init(&serial);
-       mpi_read_string(&serial, 10, "1");
-       x509write_crt_set_serial(&cert, &serial);
+       mbedtls_x509write_crt_init(&cert);
+       mbedtls_x509write_crt_set_md_alg(&cert, MBEDTLS_MD_SHA256);
+       mbedtls_x509write_crt_set_issuer_key(&cert, &key);
+       mbedtls_x509write_crt_set_subject_key(&cert, &key);
+       mbedtls_x509write_crt_set_subject_name(&cert, subject);
+       mbedtls_x509write_crt_set_issuer_name(&cert, subject);
+       mbedtls_x509write_crt_set_validity(&cert, fstr, tstr);
+       mbedtls_x509write_crt_set_basic_constraints(&cert, 0, -1);
+       mbedtls_x509write_crt_set_subject_key_identifier(&cert);
+       mbedtls_x509write_crt_set_authority_key_identifier(&cert);
+
+       _urandom(NULL, buf, 8);
+       for (len = 0; len < 8; len++)
+               sprintf(sstr + len*2, "%02x", (unsigned char) buf[len]);
+
+       mbedtls_mpi_init(&serial);
+       mbedtls_mpi_read_string(&serial, 16, sstr);
+       mbedtls_x509write_crt_set_serial(&cert, &serial);
 
        if (pem) {
-               if (x509write_crt_pem(&cert, (void *) buf, sizeof(buf), _urandom, NULL) < 0) {
+               if (mbedtls_x509write_crt_pem(&cert, (void *) buf, sizeof(buf), _urandom, NULL) < 0) {
                        fprintf(stderr, "Failed to generate certificate\n");
                        return 1;
                }
 
                len = strlen(buf);
        } else {
-               len = x509write_crt_der(&cert, (void *) buf, sizeof(buf), _urandom, NULL);
+               len = mbedtls_x509write_crt_der(&cert, (void *) buf, sizeof(buf), _urandom, NULL);
                if (len < 0) {
                        fprintf(stderr, "Failed to generate certificate: %d\n", len);
                        return 1;
@@ -242,9 +247,9 @@ int selfsigned(char **arg)
        }
        write_file(certpath, len, pem);
 
-       x509write_crt_free(&cert);
-       mpi_free(&serial);
-       pk_free(&key);
+       mbedtls_x509write_crt_free(&cert);
+       mbedtls_mpi_free(&serial);
+       mbedtls_pk_free(&key);
 
        return 0;
 }