1 #if !defined(POLARSSL_CONFIG_FILE)
4 #include POLARSSL_CONFIG_FILE
7 #ifdef POLARSSL_BIGNUM_C
15 int verify_none(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
19 ((void) certificate_depth);
25 int verify_all(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
29 ((void) certificate_depth);
38 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
42 #if defined(POLARSSL_PLATFORM_C)
45 #define polarssl_malloc malloc
46 #define polarssl_free free
51 typedef UINT32 uint32_t;
64 #define GET_UINT32_BE(n,b,i) \
66 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
67 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
68 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
69 | ( (uint32_t) (b)[(i) + 3] ); \
74 #define PUT_UINT32_BE(n,b,i) \
76 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
77 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
78 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
79 (b)[(i) + 3] = (unsigned char) ( (n) ); \
83 static int unhexify(
unsigned char *obuf,
const char *ibuf)
86 int len = strlen(ibuf) / 2;
87 assert(!(strlen(ibuf) %1));
92 if( c >=
'0' && c <=
'9' )
94 else if( c >=
'a' && c <=
'f' )
96 else if( c >=
'A' && c <=
'F' )
102 if( c2 >=
'0' && c2 <=
'9' )
104 else if( c2 >=
'a' && c2 <=
'f' )
106 else if( c2 >=
'A' && c2 <=
'F' )
111 *obuf++ = ( c << 4 ) | c2;
117 static void hexify(
unsigned char *obuf,
const unsigned char *ibuf,
int len)
129 *obuf++ =
'a' + h - 10;
134 *obuf++ =
'a' + l - 10;
151 size_t actual_len = len != 0 ? len : 1;
156 memset( p, 0x00, actual_len );
175 *olen = strlen(ibuf) / 2;
181 assert( obuf != NULL );
197 static int rnd_std_rand(
void *rng_state,
unsigned char *output,
size_t len )
199 #if !defined(__OpenBSD__)
202 if( rng_state != NULL )
205 for( i = 0; i < len; ++i )
208 if( rng_state != NULL )
211 arc4random_buf( output, len );
222 static int rnd_zero_rand(
void *rng_state,
unsigned char *output,
size_t len )
224 if( rng_state != NULL )
227 memset( output, 0, len );
254 if( rng_state == NULL )
263 memcpy( output, info->
buf, use_len );
264 info->
buf += use_len;
268 if( len - use_len > 0 )
269 return(
rnd_std_rand( NULL, output + use_len, len - use_len ) );
298 uint32_t i, *k, sum, delta=0x9E3779B9;
299 unsigned char result[4], *out = output;
301 if( rng_state == NULL )
308 size_t use_len = ( len > 4 ) ? 4 : len;
311 for( i = 0; i < 32; i++ )
313 info->
v0 += (((info->
v1 << 4) ^ (info->
v1 >> 5)) + info->
v1) ^ (sum + k[sum & 3]);
315 info->
v1 += (((info->
v0 << 4) ^ (info->
v0 >> 5)) + info->
v0) ^ (sum + k[(sum>>11) & 3]);
319 memcpy( out, result, use_len );
331 #if defined(POLARSSL_PLATFORM_C)
334 #define polarssl_printf printf
335 #define polarssl_malloc malloc
336 #define polarssl_free free
341 #ifdef POLARSSL_BIGNUM_C
343 #define TEST_SUITE_ACTIVE
345 static int test_assert(
int correct,
const char *test )
352 printf(
"FAILED\n" );
353 printf(
" %s\n", test );
358 #define TEST_ASSERT( TEST ) \
359 do { test_assert( (TEST) ? 1 : 0, #TEST ); \
360 if( test_errors) goto exit; \
365 if( (*str)[0] !=
'"' ||
366 (*str)[strlen( *str ) - 1] !=
'"' )
368 printf(
"Expected string (with \"\") for parameter and got: %s\n", *str );
373 (*str)[strlen( *str ) - 1] =
'\0';
385 for( i = 0; i < strlen( str ); i++ )
387 if( i == 0 && str[i] ==
'-' )
393 if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
394 str[i - 1] ==
'0' && str[i] ==
'x' )
400 if( ! ( ( str[i] >=
'0' && str[i] <=
'9' ) ||
401 ( hex && ( ( str[i] >=
'a' && str[i] <=
'f' ) ||
402 ( str[i] >=
'A' && str[i] <=
'F' ) ) ) ) )
412 *value = strtol( str, NULL, 16 );
414 *value = strtol( str, NULL, 10 );
419 #ifdef POLARSSL_X509_CRT_PARSE_C
420 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
425 #endif // POLARSSL_X509_CRT_PARSE_C
426 #ifdef POLARSSL_X509_CRL_PARSE_C
427 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
432 #endif // POLARSSL_X509_CRL_PARSE_C
433 #ifdef POLARSSL_X509_CSR_PARSE_C
434 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
439 #endif // POLARSSL_X509_CSR_PARSE_C
440 #ifdef POLARSSL_X509_CRT_PARSE_C
441 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
446 #endif // POLARSSL_X509_CRT_PARSE_C
447 #ifdef POLARSSL_X509_CRT_PARSE_C
448 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
453 #endif // POLARSSL_X509_CRT_PARSE_C
454 #ifdef POLARSSL_X509_CRL_PARSE_C
455 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
460 #endif // POLARSSL_X509_CRL_PARSE_C
461 #ifdef POLARSSL_X509_CRT_PARSE_C
462 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
463 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
468 #endif // POLARSSL_X509_CRT_PARSE_C
469 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
470 #ifdef POLARSSL_X509_CSR_PARSE_C
471 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
476 #endif // POLARSSL_X509_CSR_PARSE_C
477 #ifdef POLARSSL_X509_CRT_PARSE_C
478 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
483 #endif // POLARSSL_X509_CRT_PARSE_C
484 #ifdef POLARSSL_X509_CRL_PARSE_C
485 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
490 #endif // POLARSSL_X509_CRL_PARSE_C
491 #ifdef POLARSSL_X509_CRT_PARSE_C
492 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
497 #endif // POLARSSL_X509_CRT_PARSE_C
498 #ifdef POLARSSL_X509_CRT_PARSE_C
499 if( strcmp( str,
"POLARSSL_ERR_PK_UNKNOWN_PK_ALG" ) == 0 )
504 #endif // POLARSSL_X509_CRT_PARSE_C
505 #ifdef POLARSSL_X509_CRT_PARSE_C
506 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
507 if( strcmp( str,
"ASN1_CONSTRUCTED | ASN1_SEQUENCE" ) == 0 )
512 #endif // POLARSSL_X509_CRT_PARSE_C
513 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
514 #ifdef POLARSSL_X509_CSR_PARSE_C
515 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
520 #endif // POLARSSL_X509_CSR_PARSE_C
521 #ifdef POLARSSL_X509_CRT_PARSE_C
522 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
527 #endif // POLARSSL_X509_CRT_PARSE_C
528 #ifdef POLARSSL_X509_CRL_PARSE_C
529 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
534 #endif // POLARSSL_X509_CRL_PARSE_C
535 #ifdef POLARSSL_X509_CRT_PARSE_C
536 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
541 #endif // POLARSSL_X509_CRT_PARSE_C
542 #ifdef POLARSSL_X509_CRT_PARSE_C
543 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
548 #endif // POLARSSL_X509_CRT_PARSE_C
549 #ifdef POLARSSL_X509_CRT_PARSE_C
550 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
555 #endif // POLARSSL_X509_CRT_PARSE_C
556 #ifdef POLARSSL_X509_CRT_PARSE_C
557 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
562 #endif // POLARSSL_X509_CRT_PARSE_C
563 #ifdef POLARSSL_X509_CSR_PARSE_C
564 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
569 #endif // POLARSSL_X509_CSR_PARSE_C
570 #ifdef POLARSSL_X509_CRL_PARSE_C
571 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
576 #endif // POLARSSL_X509_CRL_PARSE_C
577 #ifdef POLARSSL_X509_CRT_PARSE_C
578 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
583 #endif // POLARSSL_X509_CRT_PARSE_C
584 #ifdef POLARSSL_FS_IO
585 #ifdef POLARSSL_X509_CRT_PARSE_C
586 #ifdef POLARSSL_X509_CRL_PARSE_C
587 if( strcmp( str,
"BADCERT_FUTURE" ) == 0 )
592 #endif // POLARSSL_FS_IO
593 #endif // POLARSSL_X509_CRT_PARSE_C
594 #endif // POLARSSL_X509_CRL_PARSE_C
595 #ifdef POLARSSL_X509_CRT_PARSE_C
596 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
601 #endif // POLARSSL_X509_CRT_PARSE_C
602 #ifdef POLARSSL_X509_CRL_PARSE_C
603 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
608 #endif // POLARSSL_X509_CRL_PARSE_C
609 #ifdef POLARSSL_X509_CSR_PARSE_C
610 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
615 #endif // POLARSSL_X509_CSR_PARSE_C
616 #ifdef POLARSSL_X509_CRT_PARSE_C
617 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
622 #endif // POLARSSL_X509_CRT_PARSE_C
623 #ifdef POLARSSL_X509_CRL_PARSE_C
624 if( strcmp( str,
"POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
629 #endif // POLARSSL_X509_CRL_PARSE_C
630 #ifdef POLARSSL_X509_CRT_PARSE_C
631 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
636 #endif // POLARSSL_X509_CRT_PARSE_C
637 #ifdef POLARSSL_X509_CRT_PARSE_C
638 if( strcmp( str,
" 1" ) == 0 )
643 #endif // POLARSSL_X509_CRT_PARSE_C
644 #ifdef POLARSSL_X509_CSR_PARSE_C
645 if( strcmp( str,
" 1" ) == 0 )
650 #endif // POLARSSL_X509_CSR_PARSE_C
651 #ifdef POLARSSL_X509_CRL_PARSE_C
652 if( strcmp( str,
" 1" ) == 0 )
657 #endif // POLARSSL_X509_CRL_PARSE_C
658 #ifdef POLARSSL_FS_IO
659 #ifdef POLARSSL_X509_CRT_PARSE_C
660 #ifdef POLARSSL_X509_CRL_PARSE_C
661 if( strcmp( str,
"BADCERT_REVOKED" ) == 0 )
666 #endif // POLARSSL_FS_IO
667 #endif // POLARSSL_X509_CRT_PARSE_C
668 #endif // POLARSSL_X509_CRL_PARSE_C
669 #ifdef POLARSSL_X509_CRT_PARSE_C
670 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
671 if( strcmp( str,
"POLARSSL_MD_SHA256" ) == 0 )
676 #endif // POLARSSL_X509_CRT_PARSE_C
677 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
678 #ifdef POLARSSL_X509_USE_C
679 if( strcmp( str,
"POLARSSL_ERR_OID_BUF_TOO_SMALL" ) == 0 )
684 #endif // POLARSSL_X509_USE_C
685 #ifdef POLARSSL_X509_CRT_PARSE_C
686 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA " ) == 0 )
691 #endif // POLARSSL_X509_CRT_PARSE_C
692 #ifdef POLARSSL_X509_CRT_PARSE_C
693 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
694 if( strcmp( str,
"POLARSSL_ERR_X509_FEATURE_UNAVAILABLE + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
699 #endif // POLARSSL_X509_CRT_PARSE_C
700 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
701 #ifdef POLARSSL_X509_CRT_PARSE_C
702 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
703 if( strcmp( str,
"POLARSSL_MD_SHA1" ) == 0 )
708 #endif // POLARSSL_X509_CRT_PARSE_C
709 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
710 #ifdef POLARSSL_X509_CSR_PARSE_C
711 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG" ) == 0 )
716 #endif // POLARSSL_X509_CSR_PARSE_C
717 #ifdef POLARSSL_X509_CRL_PARSE_C
718 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG" ) == 0 )
723 #endif // POLARSSL_X509_CRL_PARSE_C
724 #ifdef POLARSSL_FS_IO
725 #ifdef POLARSSL_X509_CRT_PARSE_C
726 #ifdef POLARSSL_X509_CRL_PARSE_C
727 if( strcmp( str,
"BADCERT_CN_MISMATCH + BADCERT_NOT_TRUSTED" ) == 0 )
732 #endif // POLARSSL_FS_IO
733 #endif // POLARSSL_X509_CRT_PARSE_C
734 #endif // POLARSSL_X509_CRL_PARSE_C
735 #ifdef POLARSSL_X509_CRT_PARSE_C
736 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
737 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
742 #endif // POLARSSL_X509_CRT_PARSE_C
743 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
744 #ifdef POLARSSL_X509_CRT_PARSE_C
745 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
750 #endif // POLARSSL_X509_CRT_PARSE_C
751 #ifdef POLARSSL_X509_CRT_PARSE_C
752 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
757 #endif // POLARSSL_X509_CRT_PARSE_C
758 #ifdef POLARSSL_X509_CSR_PARSE_C
759 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
764 #endif // POLARSSL_X509_CSR_PARSE_C
765 #ifdef POLARSSL_X509_CRT_PARSE_C
766 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
767 if( strcmp( str,
"ASN1_SEQUENCE" ) == 0 )
772 #endif // POLARSSL_X509_CRT_PARSE_C
773 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
774 #ifdef POLARSSL_X509_CRT_PARSE_C
775 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE" ) == 0 )
780 #endif // POLARSSL_X509_CRT_PARSE_C
781 #ifdef POLARSSL_FS_IO
782 #ifdef POLARSSL_X509_CRT_PARSE_C
783 #ifdef POLARSSL_X509_CRL_PARSE_C
784 if( strcmp( str,
"BADCERT_EXPIRED" ) == 0 )
789 #endif // POLARSSL_FS_IO
790 #endif // POLARSSL_X509_CRT_PARSE_C
791 #endif // POLARSSL_X509_CRL_PARSE_C
792 #ifdef POLARSSL_FS_IO
793 #ifdef POLARSSL_X509_CRT_PARSE_C
794 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
795 if( strcmp( str,
"KU_KEY_CERT_SIGN|KU_CRL_SIGN" ) == 0 )
800 #endif // POLARSSL_FS_IO
801 #endif // POLARSSL_X509_CRT_PARSE_C
802 #endif // POLARSSL_X509_CHECK_KEY_USAGE
803 #ifdef POLARSSL_X509_CRT_PARSE_C
804 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
809 #endif // POLARSSL_X509_CRT_PARSE_C
810 #ifdef POLARSSL_X509_CSR_PARSE_C
811 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
816 #endif // POLARSSL_X509_CSR_PARSE_C
817 #ifdef POLARSSL_X509_CRL_PARSE_C
818 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
823 #endif // POLARSSL_X509_CRL_PARSE_C
824 #ifdef POLARSSL_X509_CRT_PARSE_C
825 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
830 #endif // POLARSSL_X509_CRT_PARSE_C
831 #ifdef POLARSSL_FS_IO
832 #ifdef POLARSSL_X509_CRT_PARSE_C
833 #ifdef POLARSSL_X509_CRL_PARSE_C
834 if( strcmp( str,
"BADCRL_FUTURE" ) == 0 )
839 #endif // POLARSSL_FS_IO
840 #endif // POLARSSL_X509_CRT_PARSE_C
841 #endif // POLARSSL_X509_CRL_PARSE_C
842 #ifdef POLARSSL_FS_IO
843 #ifdef POLARSSL_X509_CRT_PARSE_C
844 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
845 if( strcmp( str,
"POLARSSL_ERR_X509_BAD_INPUT_DATA" ) == 0 )
850 #endif // POLARSSL_FS_IO
851 #endif // POLARSSL_X509_CRT_PARSE_C
852 #endif // POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
853 #ifdef POLARSSL_FS_IO
854 #ifdef POLARSSL_X509_CRT_PARSE_C
855 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
856 if( strcmp( str,
"POLARSSL_ERR_X509_BAD_INPUT_DATA" ) == 0 )
861 #endif // POLARSSL_FS_IO
862 #endif // POLARSSL_X509_CRT_PARSE_C
863 #endif // POLARSSL_X509_CHECK_KEY_USAGE
864 #ifdef POLARSSL_X509_CRT_PARSE_C
865 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
866 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
871 #endif // POLARSSL_X509_CRT_PARSE_C
872 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
873 #ifdef POLARSSL_X509_CRT_PARSE_C
874 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
879 #endif // POLARSSL_X509_CRT_PARSE_C
880 #ifdef POLARSSL_X509_CSR_PARSE_C
881 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
886 #endif // POLARSSL_X509_CSR_PARSE_C
887 #ifdef POLARSSL_FS_IO
888 #ifdef POLARSSL_X509_CRT_PARSE_C
889 #ifdef POLARSSL_X509_CRL_PARSE_C
890 if( strcmp( str,
"BADCERT_REVOKED | BADCERT_CN_MISMATCH" ) == 0 )
895 #endif // POLARSSL_FS_IO
896 #endif // POLARSSL_X509_CRT_PARSE_C
897 #endif // POLARSSL_X509_CRL_PARSE_C
898 #ifdef POLARSSL_X509_CRT_PARSE_C
899 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
904 #endif // POLARSSL_X509_CRT_PARSE_C
905 #ifdef POLARSSL_X509_CRT_PARSE_C
906 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
907 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
912 #endif // POLARSSL_X509_CRT_PARSE_C
913 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
914 #ifdef POLARSSL_X509_CSR_PARSE_C
915 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
920 #endif // POLARSSL_X509_CSR_PARSE_C
921 #ifdef POLARSSL_X509_CRL_PARSE_C
922 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
927 #endif // POLARSSL_X509_CRL_PARSE_C
928 #ifdef POLARSSL_FS_IO
929 #ifdef POLARSSL_X509_CRT_PARSE_C
930 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
931 if( strcmp( str,
"KU_DIGITAL_SIGNATURE" ) == 0 )
936 #endif // POLARSSL_FS_IO
937 #endif // POLARSSL_X509_CRT_PARSE_C
938 #endif // POLARSSL_X509_CHECK_KEY_USAGE
939 #ifdef POLARSSL_FS_IO
940 #ifdef POLARSSL_X509_CRT_PARSE_C
941 #ifdef POLARSSL_X509_CRL_PARSE_C
942 if( strcmp( str,
"POLARSSL_ERR_X509_CERT_VERIFY_FAILED" ) == 0 )
947 #endif // POLARSSL_FS_IO
948 #endif // POLARSSL_X509_CRT_PARSE_C
949 #endif // POLARSSL_X509_CRL_PARSE_C
950 #ifdef POLARSSL_X509_CRL_PARSE_C
951 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
956 #endif // POLARSSL_X509_CRL_PARSE_C
957 #ifdef POLARSSL_X509_CRT_PARSE_C
958 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
963 #endif // POLARSSL_X509_CRT_PARSE_C
964 #ifdef POLARSSL_FS_IO
965 #ifdef POLARSSL_X509_CRT_PARSE_C
966 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
967 if( strcmp( str,
"KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT" ) == 0 )
972 #endif // POLARSSL_FS_IO
973 #endif // POLARSSL_X509_CRT_PARSE_C
974 #endif // POLARSSL_X509_CHECK_KEY_USAGE
975 #ifdef POLARSSL_FS_IO
976 #ifdef POLARSSL_X509_CRT_PARSE_C
977 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
978 if( strcmp( str,
"KU_KEY_CERT_SIGN" ) == 0 )
983 #endif // POLARSSL_FS_IO
984 #endif // POLARSSL_X509_CRT_PARSE_C
985 #endif // POLARSSL_X509_CHECK_KEY_USAGE
986 #ifdef POLARSSL_X509_CSR_PARSE_C
987 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
992 #endif // POLARSSL_X509_CSR_PARSE_C
993 #ifdef POLARSSL_FS_IO
994 #ifdef POLARSSL_X509_CRT_PARSE_C
995 #ifdef POLARSSL_X509_CRL_PARSE_C
996 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_FUTURE | BADCERT_CN_MISMATCH" ) == 0 )
1001 #endif // POLARSSL_FS_IO
1002 #endif // POLARSSL_X509_CRT_PARSE_C
1003 #endif // POLARSSL_X509_CRL_PARSE_C
1004 #ifdef POLARSSL_FS_IO
1005 #ifdef POLARSSL_X509_CRT_PARSE_C
1006 #ifdef POLARSSL_X509_CRL_PARSE_C
1007 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_FUTURE" ) == 0 )
1012 #endif // POLARSSL_FS_IO
1013 #endif // POLARSSL_X509_CRT_PARSE_C
1014 #endif // POLARSSL_X509_CRL_PARSE_C
1015 #ifdef POLARSSL_X509_CRL_PARSE_C
1016 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1021 #endif // POLARSSL_X509_CRL_PARSE_C
1022 #ifdef POLARSSL_X509_CSR_PARSE_C
1023 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1028 #endif // POLARSSL_X509_CSR_PARSE_C
1029 #ifdef POLARSSL_X509_CRT_PARSE_C
1030 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1035 #endif // POLARSSL_X509_CRT_PARSE_C
1036 #ifdef POLARSSL_FS_IO
1037 #ifdef POLARSSL_X509_CRT_PARSE_C
1038 #ifdef POLARSSL_X509_CRL_PARSE_C
1039 if( strcmp( str,
"BADCERT_OTHER" ) == 0 )
1044 #endif // POLARSSL_FS_IO
1045 #endif // POLARSSL_X509_CRT_PARSE_C
1046 #endif // POLARSSL_X509_CRL_PARSE_C
1047 #ifdef POLARSSL_X509_CRT_PARSE_C
1048 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY" ) == 0 )
1053 #endif // POLARSSL_X509_CRT_PARSE_C
1054 #ifdef POLARSSL_X509_CRT_PARSE_C
1055 if( strcmp( str,
"POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
1060 #endif // POLARSSL_X509_CRT_PARSE_C
1061 #ifdef POLARSSL_X509_CRT_PARSE_C
1062 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
1067 #endif // POLARSSL_X509_CRT_PARSE_C
1068 #ifdef POLARSSL_X509_CRT_PARSE_C
1069 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1074 #endif // POLARSSL_X509_CRT_PARSE_C
1075 #ifdef POLARSSL_X509_CRL_PARSE_C
1076 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1081 #endif // POLARSSL_X509_CRL_PARSE_C
1082 #ifdef POLARSSL_X509_CSR_PARSE_C
1083 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1088 #endif // POLARSSL_X509_CSR_PARSE_C
1089 #ifdef POLARSSL_X509_CRT_PARSE_C
1090 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
1095 #endif // POLARSSL_X509_CRT_PARSE_C
1096 #ifdef POLARSSL_X509_CRT_PARSE_C
1097 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1098 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG" ) == 0 )
1103 #endif // POLARSSL_X509_CRT_PARSE_C
1104 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1105 #ifdef POLARSSL_FS_IO
1106 #ifdef POLARSSL_X509_CRT_PARSE_C
1107 #ifdef POLARSSL_X509_CRL_PARSE_C
1108 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED" ) == 0 )
1113 #endif // POLARSSL_FS_IO
1114 #endif // POLARSSL_X509_CRT_PARSE_C
1115 #endif // POLARSSL_X509_CRL_PARSE_C
1116 #ifdef POLARSSL_X509_CRT_PARSE_C
1117 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
1122 #endif // POLARSSL_X509_CRT_PARSE_C
1123 #ifdef POLARSSL_X509_CRT_PARSE_C
1124 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1129 #endif // POLARSSL_X509_CRT_PARSE_C
1130 #ifdef POLARSSL_X509_CRT_PARSE_C
1131 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1136 #endif // POLARSSL_X509_CRT_PARSE_C
1137 #ifdef POLARSSL_X509_CSR_PARSE_C
1138 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1143 #endif // POLARSSL_X509_CSR_PARSE_C
1144 #ifdef POLARSSL_X509_CRT_PARSE_C
1145 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1150 #endif // POLARSSL_X509_CRT_PARSE_C
1151 #ifdef POLARSSL_FS_IO
1152 #ifdef POLARSSL_X509_CRT_PARSE_C
1153 #ifdef POLARSSL_X509_CRL_PARSE_C
1154 if( strcmp( str,
"BADCRL_EXPIRED" ) == 0 )
1159 #endif // POLARSSL_FS_IO
1160 #endif // POLARSSL_X509_CRT_PARSE_C
1161 #endif // POLARSSL_X509_CRL_PARSE_C
1162 #ifdef POLARSSL_X509_CRT_PARSE_C
1163 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
1168 #endif // POLARSSL_X509_CRT_PARSE_C
1169 #ifdef POLARSSL_FS_IO
1170 #ifdef POLARSSL_X509_CRT_PARSE_C
1171 #ifdef POLARSSL_X509_CRL_PARSE_C
1172 if( strcmp( str,
"BADCERT_CN_MISMATCH" ) == 0 )
1177 #endif // POLARSSL_FS_IO
1178 #endif // POLARSSL_X509_CRT_PARSE_C
1179 #endif // POLARSSL_X509_CRL_PARSE_C
1180 #ifdef POLARSSL_FS_IO
1181 #ifdef POLARSSL_X509_CRT_PARSE_C
1182 #ifdef POLARSSL_X509_CRL_PARSE_C
1183 if( strcmp( str,
"BADCERT_NOT_TRUSTED" ) == 0 )
1188 #endif // POLARSSL_FS_IO
1189 #endif // POLARSSL_X509_CRT_PARSE_C
1190 #endif // POLARSSL_X509_CRL_PARSE_C
1191 #ifdef POLARSSL_FS_IO
1192 #ifdef POLARSSL_X509_CRT_PARSE_C
1193 #ifdef POLARSSL_X509_CRL_PARSE_C
1194 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH" ) == 0 )
1199 #endif // POLARSSL_FS_IO
1200 #endif // POLARSSL_X509_CRT_PARSE_C
1201 #endif // POLARSSL_X509_CRL_PARSE_C
1202 #ifdef POLARSSL_X509_CRT_PARSE_C
1203 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1204 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
1209 #endif // POLARSSL_X509_CRT_PARSE_C
1210 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1211 #ifdef POLARSSL_X509_CRT_PARSE_C
1212 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1217 #endif // POLARSSL_X509_CRT_PARSE_C
1218 #ifdef POLARSSL_X509_CSR_PARSE_C
1219 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1224 #endif // POLARSSL_X509_CSR_PARSE_C
1225 #ifdef POLARSSL_FS_IO
1226 #ifdef POLARSSL_X509_CRT_PARSE_C
1227 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1228 if( strcmp( str,
"KU_KEY_ENCIPHERMENT|KU_KEY_AGREEMENT" ) == 0 )
1233 #endif // POLARSSL_FS_IO
1234 #endif // POLARSSL_X509_CRT_PARSE_C
1235 #endif // POLARSSL_X509_CHECK_KEY_USAGE
1236 #ifdef POLARSSL_FS_IO
1237 #ifdef POLARSSL_X509_CRT_PARSE_C
1238 #ifdef POLARSSL_X509_CRL_PARSE_C
1239 if( strcmp( str,
"BADCRL_NOT_TRUSTED" ) == 0 )
1244 #endif // POLARSSL_FS_IO
1245 #endif // POLARSSL_X509_CRT_PARSE_C
1246 #endif // POLARSSL_X509_CRL_PARSE_C
1247 #ifdef POLARSSL_X509_CRT_PARSE_C
1248 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1253 #endif // POLARSSL_X509_CRT_PARSE_C
1256 printf(
"Expected integer for parameter and got: %s\n", str );
1260 #ifdef POLARSSL_FS_IO
1261 #ifdef POLARSSL_X509_CRT_PARSE_C
1262 void test_suite_x509_cert_info(
char *crt_file,
char *result_str )
1269 memset( buf, 0, 2000 );
1285 #ifdef POLARSSL_FS_IO
1286 #ifdef POLARSSL_X509_CRL_PARSE_C
1287 void test_suite_x509_crl_info(
char *crl_file,
char *result_str )
1294 memset( buf, 0, 2000 );
1310 #ifdef POLARSSL_FS_IO
1311 #ifdef POLARSSL_X509_CSR_PARSE_C
1312 void test_suite_x509_csr_info(
char *csr_file,
char *result_str )
1319 memset( buf, 0, 2000 );
1335 #ifdef POLARSSL_FS_IO
1336 #ifdef POLARSSL_X509_CRT_PARSE_C
1337 #ifdef POLARSSL_X509_CRL_PARSE_C
1338 void test_suite_x509_verify(
char *crt_file,
char *ca_file,
char *crl_file,
1339 char *cn_name_str,
int result,
int flags_result,
1340 char *verify_callback )
1347 int (*f_vrfy)(
void *,
x509_crt *, int,
int *) = NULL;
1348 char * cn_name = NULL;
1354 if( strcmp( cn_name_str,
"NULL" ) != 0 )
1355 cn_name = cn_name_str;
1357 if( strcmp( verify_callback,
"NULL" ) == 0 )
1359 else if( strcmp( verify_callback,
"verify_none" ) == 0 )
1360 f_vrfy = verify_none;
1361 else if( strcmp( verify_callback,
"verify_all" ) == 0 )
1362 f_vrfy = verify_all;
1364 TEST_ASSERT(
"No known verify callback selected" == 0 );
1370 res =
x509_crt_verify( &crt, &ca, &crl, cn_name, &flags, f_vrfy, NULL );
1384 #ifdef POLARSSL_FS_IO
1385 #ifdef POLARSSL_X509_CRT_C
1386 void test_suite_x509_dn_gets(
char *crt_file,
char *entity,
char *result_str )
1393 memset( buf, 0, 2000 );
1396 if( strcmp( entity,
"subject" ) == 0 )
1398 else if( strcmp( entity,
"issuer" ) == 0 )
1414 #ifdef POLARSSL_FS_IO
1415 #ifdef POLARSSL_X509_CRT_C
1416 void test_suite_x509_time_expired(
char *crt_file,
char *entity,
int result )
1424 if( strcmp( entity,
"valid_from" ) == 0 )
1426 else if( strcmp( entity,
"valid_to" ) == 0 )
1437 #ifdef POLARSSL_FS_IO
1438 #ifdef POLARSSL_X509_CRT_C
1439 void test_suite_x509_time_future(
char *crt_file,
char *entity,
int result )
1447 if( strcmp( entity,
"valid_from" ) == 0 )
1449 else if( strcmp( entity,
"valid_to" ) == 0 )
1460 #ifdef POLARSSL_X509_CRT_PARSE_C
1461 void test_suite_x509parse_crt(
char *crt_data,
char *result_str,
int result )
1464 unsigned char buf[2000];
1465 unsigned char output[2000];
1469 memset( buf, 0, 2000 );
1470 memset( output, 0, 2000 );
1472 data_len =
unhexify( buf, crt_data );
1475 if( ( result ) == 0 )
1482 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1490 #ifdef POLARSSL_X509_CRL_PARSE_C
1491 void test_suite_x509parse_crl(
char *crl_data,
char *result_str,
int result )
1494 unsigned char buf[2000];
1495 unsigned char output[2000];
1499 memset( buf, 0, 2000 );
1500 memset( output, 0, 2000 );
1502 data_len =
unhexify( buf, crl_data );
1505 if( ( result ) == 0 )
1512 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1520 #ifdef POLARSSL_X509_CSR_PARSE_C
1521 void test_suite_x509_csr_parse(
char *csr_der_hex,
char *ref_out,
int ref_ret )
1524 unsigned char *csr_der = NULL;
1530 memset( my_out, 0,
sizeof( my_out ) );
1538 size_t my_out_len =
x509_csr_info( my_out,
sizeof( my_out ),
"", &csr );
1549 #ifdef POLARSSL_FS_IO
1550 #ifdef POLARSSL_X509_CRT_PARSE_C
1551 void test_suite_x509_crt_parse_path(
char *crt_path,
int ret,
int nb_crt )
1553 x509_crt chain, *cur;
1561 for( i = 0, cur = &chain; cur != NULL; cur = cur->
next )
1562 if( cur->
raw.
p != NULL )
1573 #ifdef POLARSSL_X509_USE_C
1574 void test_suite_x509_oid_desc(
char *oid_str,
char *ref_desc )
1578 unsigned char buf[20];
1580 memset( buf, 0,
sizeof buf );
1588 if( strcmp( ref_desc,
"notfound" ) == 0 )
1601 #ifdef POLARSSL_X509_USE_C
1602 void test_suite_x509_oid_numstr(
char *oid_str,
char *numstr,
int blen,
int ret )
1605 unsigned char oid_buf[20];
1608 memset( oid_buf, 0x00,
sizeof oid_buf );
1609 memset( num_buf, 0x2a,
sizeof num_buf );
1630 #ifdef POLARSSL_FS_IO
1631 #ifdef POLARSSL_X509_CRT_PARSE_C
1632 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1633 void test_suite_x509_check_key_usage(
char *crt_file,
int usage,
int ret )
1650 #ifdef POLARSSL_FS_IO
1651 #ifdef POLARSSL_X509_CRT_PARSE_C
1652 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
1653 void test_suite_x509_check_extended_key_usage(
char *crt_file,
char *usage_hex,
int ret )
1661 len =
unhexify( (
unsigned char *) oid, usage_hex );
1674 #ifdef POLARSSL_X509_CRT_PARSE_C
1675 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1676 void test_suite_x509_parse_rsassa_pss_params(
char *hex_params,
int params_tag,
1677 int ref_msg_md,
int ref_mgf_md,
1678 int ref_salt_len,
int ref_ret )
1686 params.
tag = params_tag;
1691 if( my_ret != ref_ret ) printf(
"\n%04X\n", - my_ret );
1708 #ifdef POLARSSL_X509_CRT_PARSE_C
1709 #ifdef POLARSSL_SELF_TEST
1710 void test_suite_x509_selftest()
1729 if( strcmp( str,
"POLARSSL_SHA512_C" ) == 0 )
1731 #if defined(POLARSSL_SHA512_C)
1737 if( strcmp( str,
"POLARSSL_MD5_C" ) == 0 )
1739 #if defined(POLARSSL_MD5_C)
1745 if( strcmp( str,
"POLARSSL_X509_RSASSA_PSS_SUPPORT" ) == 0 )
1747 #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)
1753 if( strcmp( str,
"POLARSSL_MD4_C" ) == 0 )
1755 #if defined(POLARSSL_MD4_C)
1761 if( strcmp( str,
"POLARSSL_SHA1_C" ) == 0 )
1763 #if defined(POLARSSL_SHA1_C)
1769 if( strcmp( str,
"POLARSSL_CERTS_C" ) == 0 )
1771 #if defined(POLARSSL_CERTS_C)
1777 if( strcmp( str,
"POLARSSL_RSA_C" ) == 0 )
1779 #if defined(POLARSSL_RSA_C)
1785 if( strcmp( str,
"POLARSSL_ECP_DP_SECP192R1_ENABLED" ) == 0 )
1787 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
1793 if( strcmp( str,
"POLARSSL_PKCS1_V15" ) == 0 )
1795 #if defined(POLARSSL_PKCS1_V15)
1801 if( strcmp( str,
"POLARSSL_ECDSA_C" ) == 0 )
1803 #if defined(POLARSSL_ECDSA_C)
1809 if( strcmp( str,
"POLARSSL_HAVE_TIME" ) == 0 )
1811 #if defined(POLARSSL_HAVE_TIME)
1817 if( strcmp( str,
"POLARSSL_X509_CHECK_KEY_USAGE" ) == 0 )
1819 #if defined(POLARSSL_X509_CHECK_KEY_USAGE)
1825 if( strcmp( str,
"POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3" ) == 0 )
1827 #if defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
1833 if( strcmp( str,
"POLARSSL_ECP_C" ) == 0 )
1835 #if defined(POLARSSL_ECP_C)
1841 if( strcmp( str,
"POLARSSL_ECP_DP_SECP384R1_ENABLED" ) == 0 )
1843 #if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
1849 if( strcmp( str,
"POLARSSL_ECP_DP_SECP256R1_ENABLED" ) == 0 )
1851 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
1857 if( strcmp( str,
"POLARSSL_ECP_DP_SECP383R1_ENABLED" ) == 0 )
1859 #if defined(POLARSSL_ECP_DP_SECP383R1_ENABLED)
1865 if( strcmp( str,
"POLARSSL_PEM_PARSE_C" ) == 0 )
1867 #if defined(POLARSSL_PEM_PARSE_C)
1873 if( strcmp( str,
"POLARSSL_SHA256_C" ) == 0 )
1875 #if defined(POLARSSL_SHA256_C)
1892 #if defined(TEST_SUITE_ACTIVE)
1893 if( strcmp( params[0],
"x509_cert_info" ) == 0 )
1895 #ifdef POLARSSL_FS_IO
1896 #ifdef POLARSSL_X509_CRT_PARSE_C
1898 char *param1 = params[1];
1899 char *param2 = params[2];
1903 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1910 test_suite_x509_cert_info( param1, param2 );
1918 if( strcmp( params[0],
"x509_crl_info" ) == 0 )
1920 #ifdef POLARSSL_FS_IO
1921 #ifdef POLARSSL_X509_CRL_PARSE_C
1923 char *param1 = params[1];
1924 char *param2 = params[2];
1928 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1935 test_suite_x509_crl_info( param1, param2 );
1943 if( strcmp( params[0],
"x509_csr_info" ) == 0 )
1945 #ifdef POLARSSL_FS_IO
1946 #ifdef POLARSSL_X509_CSR_PARSE_C
1948 char *param1 = params[1];
1949 char *param2 = params[2];
1953 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1960 test_suite_x509_csr_info( param1, param2 );
1968 if( strcmp( params[0],
"x509_verify" ) == 0 )
1970 #ifdef POLARSSL_FS_IO
1971 #ifdef POLARSSL_X509_CRT_PARSE_C
1972 #ifdef POLARSSL_X509_CRL_PARSE_C
1974 char *param1 = params[1];
1975 char *param2 = params[2];
1976 char *param3 = params[3];
1977 char *param4 = params[4];
1980 char *param7 = params[7];
1984 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 8 );
1992 if(
verify_int( params[5], ¶m5 ) != 0 )
return( 2 );
1993 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
1996 test_suite_x509_verify( param1, param2, param3, param4, param5, param6, param7 );
2005 if( strcmp( params[0],
"x509_dn_gets" ) == 0 )
2007 #ifdef POLARSSL_FS_IO
2008 #ifdef POLARSSL_X509_CRT_C
2010 char *param1 = params[1];
2011 char *param2 = params[2];
2012 char *param3 = params[3];
2016 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2024 test_suite_x509_dn_gets( param1, param2, param3 );
2032 if( strcmp( params[0],
"x509_time_expired" ) == 0 )
2034 #ifdef POLARSSL_FS_IO
2035 #ifdef POLARSSL_X509_CRT_C
2037 char *param1 = params[1];
2038 char *param2 = params[2];
2043 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2049 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2051 test_suite_x509_time_expired( param1, param2, param3 );
2059 if( strcmp( params[0],
"x509_time_future" ) == 0 )
2061 #ifdef POLARSSL_FS_IO
2062 #ifdef POLARSSL_X509_CRT_C
2064 char *param1 = params[1];
2065 char *param2 = params[2];
2070 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2076 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2078 test_suite_x509_time_future( param1, param2, param3 );
2086 if( strcmp( params[0],
"x509parse_crt" ) == 0 )
2088 #ifdef POLARSSL_X509_CRT_PARSE_C
2090 char *param1 = params[1];
2091 char *param2 = params[2];
2096 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2102 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2104 test_suite_x509parse_crt( param1, param2, param3 );
2111 if( strcmp( params[0],
"x509parse_crl" ) == 0 )
2113 #ifdef POLARSSL_X509_CRL_PARSE_C
2115 char *param1 = params[1];
2116 char *param2 = params[2];
2121 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2127 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2129 test_suite_x509parse_crl( param1, param2, param3 );
2136 if( strcmp( params[0],
"x509_csr_parse" ) == 0 )
2138 #ifdef POLARSSL_X509_CSR_PARSE_C
2140 char *param1 = params[1];
2141 char *param2 = params[2];
2146 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2152 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2154 test_suite_x509_csr_parse( param1, param2, param3 );
2161 if( strcmp( params[0],
"x509_crt_parse_path" ) == 0 )
2163 #ifdef POLARSSL_FS_IO
2164 #ifdef POLARSSL_X509_CRT_PARSE_C
2166 char *param1 = params[1];
2172 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2177 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2178 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2180 test_suite_x509_crt_parse_path( param1, param2, param3 );
2188 if( strcmp( params[0],
"x509_oid_desc" ) == 0 )
2190 #ifdef POLARSSL_X509_USE_C
2192 char *param1 = params[1];
2193 char *param2 = params[2];
2197 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
2204 test_suite_x509_oid_desc( param1, param2 );
2211 if( strcmp( params[0],
"x509_oid_numstr" ) == 0 )
2213 #ifdef POLARSSL_X509_USE_C
2215 char *param1 = params[1];
2216 char *param2 = params[2];
2222 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 5 );
2228 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2229 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
2231 test_suite_x509_oid_numstr( param1, param2, param3, param4 );
2238 if( strcmp( params[0],
"x509_check_key_usage" ) == 0 )
2240 #ifdef POLARSSL_FS_IO
2241 #ifdef POLARSSL_X509_CRT_PARSE_C
2242 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
2244 char *param1 = params[1];
2250 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2255 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2256 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2258 test_suite_x509_check_key_usage( param1, param2, param3 );
2267 if( strcmp( params[0],
"x509_check_extended_key_usage" ) == 0 )
2269 #ifdef POLARSSL_FS_IO
2270 #ifdef POLARSSL_X509_CRT_PARSE_C
2271 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
2273 char *param1 = params[1];
2274 char *param2 = params[2];
2279 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2285 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2287 test_suite_x509_check_extended_key_usage( param1, param2, param3 );
2296 if( strcmp( params[0],
"x509_parse_rsassa_pss_params" ) == 0 )
2298 #ifdef POLARSSL_X509_CRT_PARSE_C
2299 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
2301 char *param1 = params[1];
2310 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 7 );
2315 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2316 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2317 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
2318 if(
verify_int( params[5], ¶m5 ) != 0 )
return( 2 );
2319 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
2321 test_suite_x509_parse_rsassa_pss_params( param1, param2, param3, param4, param5, param6 );
2329 if( strcmp( params[0],
"x509_selftest" ) == 0 )
2331 #ifdef POLARSSL_X509_CRT_PARSE_C
2332 #ifdef POLARSSL_SELF_TEST
2337 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 1 );
2342 test_suite_x509_selftest( );
2352 fprintf( stdout,
"FAILED\nSkipping unknown test function '%s'\n", params[0] );
2366 ret = fgets( buf, len, f );
2370 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\n' )
2371 buf[strlen(buf) - 1] =
'\0';
2372 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\r' )
2373 buf[strlen(buf) - 1] =
'\0';
2384 params[cnt++] = cur;
2386 while( *p !=
'\0' && p < buf + len )
2396 if( p + 1 < buf + len )
2399 params[cnt++] = cur;
2408 for( i = 0; i < cnt; i++ )
2415 if( *p ==
'\\' && *(p + 1) ==
'n' )
2420 else if( *p ==
'\\' && *(p + 1) ==
':' )
2425 else if( *p ==
'\\' && *(p + 1) ==
'?' )
2441 int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
2442 const char *filename =
"/tmp/B.43ee1cd1-d3e3-4a1b-8449-a820e9bbf54f/BUILD/polarssl-1.3.8/tests/suites/test_suite_x509parse.data";
2447 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2448 unsigned char alloc_buf[1000000];
2452 file = fopen( filename,
"r" );
2455 fprintf( stderr,
"Failed to open\n" );
2459 while( !feof( file ) )
2463 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2465 fprintf( stdout,
"%s%.66s",
test_errors ?
"\n" :
"", buf );
2466 fprintf( stdout,
" " );
2467 for( i = strlen( buf ) + 1; i < 67; i++ )
2468 fprintf( stdout,
"." );
2469 fprintf( stdout,
" " );
2474 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2478 if( strcmp( params[0],
"depends_on" ) == 0 )
2480 for( i = 1; i < cnt; i++ )
2484 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2495 if( skip == 1 || ret == 3 )
2498 fprintf( stdout,
"----\n" );
2503 fprintf( stdout,
"PASS\n" );
2508 fprintf( stderr,
"FAILED: FATAL PARSE ERROR\n" );
2515 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2517 if( strlen(buf) != 0 )
2519 fprintf( stderr,
"Should be empty %d\n", (
int) strlen(buf) );
2525 fprintf( stdout,
"\n----------------------------------------------------------------------------\n\n");
2526 if( total_errors == 0 )
2527 fprintf( stdout,
"PASSED" );
2529 fprintf( stdout,
"FAILED" );
2531 fprintf( stdout,
" (%d / %d tests (%d skipped))\n",
2532 total_tests - total_errors, total_tests, total_skipped );
2534 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2535 #if defined(POLARSSL_MEMORY_DEBUG)
2536 memory_buffer_alloc_status();
2541 return( total_errors != 0 );
#define POLARSSL_ERR_PK_INVALID_ALG
The algorithm tag or value is invalid.
int x509_time_expired(const x509_time *time)
Check a given x509_time against the system time and check if it is not expired.
#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT
Invalid key tag or value.
int x509_csr_parse_der(x509_csr *csr, const unsigned char *buf, size_t buflen)
Load a Certificate Signing Request (CSR) in DER format.
void x509_crl_init(x509_crl *crl)
Initialize a CRL (chain)
Memory allocation layer (Deprecated to platform layer)
#define POLARSSL_ERR_X509_INVALID_DATE
The date tag or value is invalid.
#define BADCERT_OTHER
Other reason (can be used by verify callback)
Info structure for the pseudo random function.
x509_buf raw
The raw certificate data (DER).
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH
Actual length differs from expected length.
void memory_buffer_alloc_free(void)
Free the mutex for thread-safety and clear remaining memory.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
int get_line(FILE *f, char *buf, size_t len)
#define POLARSSL_ERR_X509_INVALID_FORMAT
The CRT/CRL/CSR format is invalid, e.g.
const char * x509_oid_get_description(x509_buf *oid)
Give an known OID, return its descriptive string.
int x509_crt_parse(x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse one or more certificates and add them to the chained list.
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
void x509_crt_free(x509_crt *crt)
Unallocate all certificate data.
Configuration options (set of defines)
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
Signature algorithm (oid) is unsupported.
#define POLARSSL_ERR_ASN1_INVALID_DATA
Data is invalid.
#define POLARSSL_ERR_X509_INVALID_SIGNATURE
The signature tag or value invalid.
static int test_assert(int correct, const char *test)
#define BADCRL_NOT_TRUSTED
CRL is not correctly signed by the trusted CA.
#define POLARSSL_ERR_ASN1_INVALID_LENGTH
Error when trying to determine the length or invalid length.
#define POLARSSL_ERR_X509_UNKNOWN_VERSION
CRT/CRL/CSR has an unsupported version number.
static unsigned char * zero_alloc(size_t len)
Allocate and zeroize a buffer.
int x509_crl_parse_file(x509_crl *chain, const char *path)
Load one or more CRLs and add them to the chained list.
Object Identifier (OID) database.
int x509_crl_parse(x509_crl *chain, const unsigned char *buf, size_t buflen)
Parse one or more CRLs and add them to the chained list.
int x509_crl_info(char *buf, size_t size, const char *prefix, const x509_crl *crl)
Returns an informational string about the CRL.
struct _x509_crt * next
Next certificate in the CA-chain.
int x509_crt_check_key_usage(const x509_crt *crt, int usage)
Check usage of certificate against keyUsage extension.
int memory_buffer_alloc_init(unsigned char *buf, size_t len)
Initialize use of stack-based memory allocator.
#define TEST_ASSERT(TEST)
#define BADCERT_EXPIRED
The certificate validity has expired.
#define BADCERT_FUTURE
The certificate validity starts in the future.
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED
Certificate verification failed, e.g.
Container for an X.509 certificate.
#define POLARSSL_ERR_OID_NOT_FOUND
OID is not found.
Privacy Enhanced Mail (PEM) decoding.
x509_time valid_from
Start time of certificate validity.
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
void x509_crl_free(x509_crl *crl)
Unallocate all CRL data.
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
void x509_crt_init(x509_crt *crt)
Initialize a certificate (chain)
unsigned char * p
ASN1 data, e.g.
x509_name subject
The parsed subject data (named information object).
X.509 certificate signing request parsing and writing.
int x509_crt_verify(x509_crt *crt, x509_crt *trust_ca, x509_crl *ca_crl, const char *cn, int *flags, int(*f_vrfy)(void *, x509_crt *, int, int *), void *p_vrfy)
Verify the certificate signature.
int x509_oid_get_numeric_string(char *buf, size_t size, x509_buf *oid)
Give an OID, return a string version of its OID number.
void x509_csr_free(x509_csr *csr)
Unallocate all CSR data.
static unsigned char * unhexify_alloc(const char *ibuf, size_t *olen)
Allocate and fill a buffer from hex data.
x509_time valid_to
End time of certificate validity.
int dispatch_test(int cnt, char *params[50])
X.509 certificate parsing and writing.
#define POLARSSL_ERR_X509_INVALID_ALG
The algorithm tag or value is invalid.
#define POLARSSL_ERR_ASN1_OUT_OF_DATA
Out of data when parsing an ASN1 data structure.
int x509_get_rsassa_pss_params(const x509_buf *params, md_type_t *md_alg, md_type_t *mgf_md, int *salt_len)
int parse_arguments(char *buf, size_t len, char *params[50])
#define BADCERT_NOT_TRUSTED
The certificate is not correctly signed by the trusted CA.
static int unhexify(unsigned char *obuf, const char *ibuf)
Type-length-value structure that allows for ASN1 using DER.
size_t len
ASN1 length, e.g.
#define BADCRL_FUTURE
The CRL is from the future.
int verify_string(char **str)
x509_name issuer
The parsed issuer data (named information object).
#define POLARSSL_ERR_X509_INVALID_NAME
The name tag or value is invalid.
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
#define BADCERT_REVOKED
The certificate has been revoked (is on a CRL).
#define BADCRL_EXPIRED
CRL is expired.
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE
Unavailable feature, e.g.
X.509 certificate revocation list parsing.
#define KU_DIGITAL_SIGNATURE
#define POLARSSL_ERR_X509_INVALID_VERSION
The CRT/CRL/CSR version element is invalid.
Certificate revocation list structure.
int x509_csr_info(char *buf, size_t size, const char *prefix, const x509_csr *csr)
Returns an informational string about the CSR.
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS
The extension tag or value is invalid.
#define POLARSSL_ERR_OID_BUF_TOO_SMALL
output buffer is too small
int x509_time_future(const x509_time *time)
Check a given x509_time against the system time and check if it is not from the future.
int x509_crt_parse_path(x509_crt *chain, const char *path)
Load one or more certificate files from a path and add them to the chained list.
Certificate Signing Request (CSR) structure.
#define POLARSSL_ERR_X509_BAD_INPUT_DATA
Input invalid.
#define PUT_UINT32_BE(n, b, i)
#define BADCERT_CN_MISMATCH
The certificate Common Name (CN) does not match with the expected CN.
int x509_csr_parse_file(x509_csr *csr, const char *path)
Load a Certificate Signing Request (CSR)
int x509_self_test(int verbose)
Checkup routine.
int verify_int(char *str, int *value)
int x509_crt_info(char *buf, size_t size, const char *prefix, const x509_crt *crt)
Returns an informational string about the certificate.
void x509_csr_init(x509_csr *csr)
Initialize a CSR.
#define POLARSSL_ERR_X509_INVALID_SERIAL
The serial tag or value is invalid.
int x509_crt_check_extended_key_usage(const x509_crt *crt, const char *usage_oid, size_t usage_len)
Check usage of certificate against extentedJeyUsage.
#define POLARSSL_ERR_PK_INVALID_PUBKEY
The pubkey tag or value is invalid (only RSA and EC are supported).
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG
ASN1 tag was of an unexpected value.
#define KU_KEY_ENCIPHERMENT
#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG
Key algorithm is unsupported (only RSA and EC are supported).
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
#define POLARSSL_ERR_X509_SIG_MISMATCH
Signature algorithms do not match.
int x509_crt_parse_file(x509_crt *chain, const char *path)
Load one or more certificates and add them to the chained list.