39 #if defined(POLARSSL_X509_CRL_PARSE_C)
43 #if defined(POLARSSL_PEM_PARSE_C)
47 #if defined(POLARSSL_MEMORY_C)
50 #define polarssl_malloc malloc
51 #define polarssl_free free
62 #if defined(POLARSSL_FS_IO)
69 static int x509_crl_get_version(
unsigned char **p,
70 const unsigned char *end,
92 static int x509_get_crl_ext(
unsigned char **p,
93 const unsigned char *end,
127 static int x509_get_crl_entry_ext(
unsigned char **p,
128 const unsigned char *end,
158 if( end != *p + ext->
len )
181 static int x509_get_entries(
unsigned char **p,
182 const unsigned char *end,
201 end = *p + entry_len;
206 const unsigned char *end2;
215 cur_entry->
raw.
p = *p;
216 cur_entry->
raw.
len = len2;
225 if( ( ret = x509_get_crl_entry_ext( p, end2, &cur_entry->
entry_ext ) ) != 0 )
232 if( cur_entry->
next == NULL )
235 cur_entry = cur_entry->
next;
250 unsigned char *p, *end;
252 #if defined(POLARSSL_PEM_PARSE_C)
262 if( crl == NULL || buf == NULL )
275 if( crl->
next == NULL )
285 #if defined(POLARSSL_PEM_PARSE_C)
287 ret = pem_read_buffer( &pem,
288 "-----BEGIN X509 CRL-----",
289 "-----END X509 CRL-----",
290 buf, NULL, 0, &use_len );
324 memcpy( p, buf, buflen );
346 if( len != (
size_t) ( end - p ) )
374 if( ( ret = x509_crl_get_version( &p, end, &crl->
version ) ) != 0 ||
446 if( ( ret = x509_get_entries( &p, end, &crl->
entry ) ) != 0 )
458 ret = x509_get_crl_ext( &p, end, &crl->
crl_ext );
510 if( crl->
next == NULL )
525 #if defined(POLARSSL_FS_IO)
540 memset( buf, 0, n + 1 );
547 #if defined _MSC_VER && !defined snprintf
550 #if !defined vsnprintf
551 #define vsnprintf _vsnprintf
561 static int compat_snprintf(
char *str,
size_t size,
const char *format, ...)
566 va_start( ap, format );
568 res = vsnprintf( str, size, format, ap );
574 return( (
int) size + 20 );
579 #define snprintf compat_snprintf
582 #define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
584 #define SAFE_SNPRINTF() \
589 if ( (unsigned int) ret > n ) { \
591 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
594 n -= (unsigned int) ret; \
595 p += (unsigned int) ret; \
601 #define BEFORE_COLON 14
606 int x509_crl_info(
char *buf,
size_t size,
const char *prefix,
618 ret = snprintf( p, n,
"%sCRL version : %d",
622 ret = snprintf( p, n,
"\n%sissuer name : ", prefix );
627 ret = snprintf( p, n,
"\n%sthis update : " \
628 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
634 ret = snprintf( p, n,
"\n%snext update : " \
635 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
643 ret = snprintf( p, n,
"\n%sRevoked certificates:",
647 while( entry != NULL && entry->
raw.
len != 0 )
649 ret = snprintf( p, n,
"\n%sserial number: ",
656 ret = snprintf( p, n,
" revocation date: " \
657 "%04d-%02d-%02d %02d:%02d:%02d",
666 ret = snprintf( p, n,
"\n%ssigned using : ", prefix );
671 ret = snprintf( p, n,
"???" );
673 ret = snprintf( p, n,
"%s", desc );
676 ret = snprintf( p, n,
"\n" );
679 return( (
int) ( size - n ) );
708 while( name_cur != NULL )
711 name_cur = name_cur->
next;
712 memset( name_prv, 0,
sizeof(
x509_name ) );
717 while( entry_cur != NULL )
719 entry_prv = entry_cur;
720 entry_cur = entry_cur->
next;
725 if( crl_cur->
raw.
p != NULL )
727 memset( crl_cur->
raw.
p, 0, crl_cur->
raw.
len );
731 crl_cur = crl_cur->
next;
733 while( crl_cur != NULL );
739 crl_cur = crl_cur->
next;
741 memset( crl_prv, 0,
sizeof(
x509_crl ) );
745 while( crl_cur != NULL );
void x509_crl_init(x509_crl *crl)
Initialize a CRL (chain)
void *(* polarssl_malloc)(size_t len)
int x509_get_name(unsigned char **p, const unsigned char *end, x509_name *cur)
#define POLARSSL_ERR_X509_INVALID_DATE
The date tag or value is invalid.
int x509_get_serial(unsigned char **p, const unsigned char *end, x509_buf *serial)
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH
Actual length differs from expected length.
Certificate revocation list entry.
#define POLARSSL_ERR_X509_INVALID_FORMAT
The CRT/CRL/CSR format is invalid, e.g.
int asn1_get_int(unsigned char **p, const unsigned char *end, int *val)
Retrieve an integer ASN.1 tag and its value.
int x509_get_alg_null(unsigned char **p, const unsigned char *end, x509_buf *alg)
Configuration options (set of defines)
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
Signature algorithm (oid) is unsupported.
int x509_get_sig(unsigned char **p, const unsigned char *end, x509_buf *sig)
#define POLARSSL_ERR_X509_UNKNOWN_VERSION
CRT/CRL/CSR has an unsupported version number.
x509_name issuer
The parsed issuer data (named information object).
int x509_crl_parse_file(x509_crl *chain, const char *path)
Load one or more CRLs and add them to the chained list.
Object Identifier (OID) database.
int x509_crl_parse(x509_crl *chain, const unsigned char *buf, size_t buflen)
Parse one or more CRLs and add them to the chained list.
int x509_crl_info(char *buf, size_t size, const char *prefix, const x509_crl *crl)
Returns an informational string about the CRL.
x509_crl_entry entry
The CRL entries containing the certificate revocation times for this CA.
int x509_get_time(unsigned char **p, const unsigned char *end, x509_time *time)
Privacy Enhanced Mail (PEM) decoding.
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
void x509_crl_free(x509_crl *crl)
Unallocate all CRL data.
void(* polarssl_free)(void *ptr)
unsigned char * p
ASN1 data, e.g.
int oid_get_sig_alg_desc(const asn1_buf *oid, const char **desc)
Translate SignatureAlgorithm OID into description.
x509_buf tbs
The raw certificate body (DER).
struct _x509_crl_entry * next
md_type_t sig_md
Internal representation of the MD algorithm of the signature algorithm, e.g.
int x509_get_sig_alg(const x509_buf *sig_oid, md_type_t *md_alg, pk_type_t *pk_alg)
#define POLARSSL_ERR_ASN1_OUT_OF_DATA
Out of data when parsing an ASN1 data structure.
int x509_load_file(const char *path, unsigned char **buf, size_t *n)
Container for a sequence or list of 'named' ASN.1 data items.
Type-length-value structure that allows for ASN1 using DER.
pk_type_t sig_pk
< Internal representation of the Public Key algorithm of the signature algorithm, e...
size_t len
ASN1 length, e.g.
X.509 certificate revocation list parsing.
int asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag)
Get the tag and length of the tag.
int x509_get_ext(unsigned char **p, const unsigned char *end, x509_buf *ext, int tag)
#define POLARSSL_ERR_X509_INVALID_VERSION
The CRT/CRL/CSR version element is invalid.
Certificate revocation list structure.
struct _asn1_named_data * next
The next entry in the sequence.
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS
The extension tag or value is invalid.
#define POLARSSL_ERR_X509_BAD_INPUT_DATA
Input invalid.
x509_buf raw
The raw certificate data (DER).
#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
No PEM header or footer found.
x509_time revocation_date
x509_buf issuer_raw
The raw issuer data (DER).
#define POLARSSL_ERR_X509_MALLOC_FAILED
Allocation of memory failed.
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG
ASN1 tag was of an unexpected value.
int x509_serial_gets(char *buf, size_t size, const x509_buf *serial)
Store the certificate serial in printable form into buf; no more than size characters will be written...
#define POLARSSL_ERR_X509_SIG_MISMATCH
Signature algorithms do not match.