1 #if !defined(POLARSSL_CONFIG_FILE)
4 #include POLARSSL_CONFIG_FILE
7 #ifdef POLARSSL_BIGNUM_C
15 int verify_none(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
19 ((void) certificate_depth);
25 int verify_all(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
29 ((void) certificate_depth);
38 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
42 #if defined(POLARSSL_PLATFORM_C)
45 #define polarssl_malloc malloc
46 #define polarssl_free free
51 typedef UINT32 uint32_t;
64 #define GET_UINT32_BE(n,b,i) \
66 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
67 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
68 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
69 | ( (uint32_t) (b)[(i) + 3] ); \
74 #define PUT_UINT32_BE(n,b,i) \
76 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
77 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
78 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
79 (b)[(i) + 3] = (unsigned char) ( (n) ); \
83 static int unhexify(
unsigned char *obuf,
const char *ibuf)
86 int len = strlen(ibuf) / 2;
87 assert(!(strlen(ibuf) %1));
92 if( c >=
'0' && c <=
'9' )
94 else if( c >=
'a' && c <=
'f' )
96 else if( c >=
'A' && c <=
'F' )
102 if( c2 >=
'0' && c2 <=
'9' )
104 else if( c2 >=
'a' && c2 <=
'f' )
106 else if( c2 >=
'A' && c2 <=
'F' )
111 *obuf++ = ( c << 4 ) | c2;
117 static void hexify(
unsigned char *obuf,
const unsigned char *ibuf,
int len)
129 *obuf++ =
'a' + h - 10;
134 *obuf++ =
'a' + l - 10;
151 size_t actual_len = len != 0 ? len : 1;
156 memset( p, 0x00, actual_len );
175 *olen = strlen(ibuf) / 2;
181 assert( obuf != NULL );
197 static int rnd_std_rand(
void *rng_state,
unsigned char *output,
size_t len )
199 #if !defined(__OpenBSD__)
202 if( rng_state != NULL )
205 for( i = 0; i < len; ++i )
208 if( rng_state != NULL )
211 arc4random_buf( output, len );
222 static int rnd_zero_rand(
void *rng_state,
unsigned char *output,
size_t len )
224 if( rng_state != NULL )
227 memset( output, 0, len );
254 if( rng_state == NULL )
263 memcpy( output, info->
buf, use_len );
264 info->
buf += use_len;
268 if( len - use_len > 0 )
269 return(
rnd_std_rand( NULL, output + use_len, len - use_len ) );
298 uint32_t i, *k, sum, delta=0x9E3779B9;
299 unsigned char result[4], *out = output;
301 if( rng_state == NULL )
308 size_t use_len = ( len > 4 ) ? 4 : len;
311 for( i = 0; i < 32; i++ )
313 info->
v0 += (((info->
v1 << 4) ^ (info->
v1 >> 5)) + info->
v1) ^ (sum + k[sum & 3]);
315 info->
v1 += (((info->
v0 << 4) ^ (info->
v0 >> 5)) + info->
v0) ^ (sum + k[(sum>>11) & 3]);
319 memcpy( out, result, use_len );
331 #if defined(POLARSSL_PLATFORM_C)
334 #define polarssl_printf printf
335 #define polarssl_malloc malloc
336 #define polarssl_free free
341 #ifdef POLARSSL_BIGNUM_C
343 #define TEST_SUITE_ACTIVE
345 static int test_assert(
int correct,
const char *test )
352 printf(
"FAILED\n" );
353 printf(
" %s\n", test );
358 #define TEST_ASSERT( TEST ) \
359 do { test_assert( (TEST) ? 1 : 0, #TEST ); \
360 if( test_errors) goto exit; \
365 if( (*str)[0] !=
'"' ||
366 (*str)[strlen( *str ) - 1] !=
'"' )
368 printf(
"Expected string (with \"\") for parameter and got: %s\n", *str );
373 (*str)[strlen( *str ) - 1] =
'\0';
385 for( i = 0; i < strlen( str ); i++ )
387 if( i == 0 && str[i] ==
'-' )
393 if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
394 str[i - 1] ==
'0' && str[i] ==
'x' )
400 if( ! ( ( str[i] >=
'0' && str[i] <=
'9' ) ||
401 ( hex && ( ( str[i] >=
'a' && str[i] <=
'f' ) ||
402 ( str[i] >=
'A' && str[i] <=
'F' ) ) ) ) )
412 *value = strtol( str, NULL, 16 );
414 *value = strtol( str, NULL, 10 );
419 #ifdef POLARSSL_X509_CRL_PARSE_C
420 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
425 #endif // POLARSSL_X509_CRL_PARSE_C
426 #ifdef POLARSSL_X509_CRT_PARSE_C
427 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
432 #endif // POLARSSL_X509_CRT_PARSE_C
433 #ifdef POLARSSL_X509_CSR_PARSE_C
434 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
439 #endif // POLARSSL_X509_CSR_PARSE_C
440 #ifdef POLARSSL_FS_IO
441 #ifdef POLARSSL_X509_CRT_PARSE_C
442 #ifdef POLARSSL_X509_CRL_PARSE_C
443 if( strcmp( str,
"BADCERT_REVOKED" ) == 0 )
448 #endif // POLARSSL_FS_IO
449 #endif // POLARSSL_X509_CRT_PARSE_C
450 #endif // POLARSSL_X509_CRL_PARSE_C
451 #ifdef POLARSSL_FS_IO
452 #ifdef POLARSSL_X509_CRT_PARSE_C
453 #ifdef POLARSSL_X509_CRL_PARSE_C
454 if( strcmp( str,
"BADCERT_CN_MISMATCH" ) == 0 )
459 #endif // POLARSSL_FS_IO
460 #endif // POLARSSL_X509_CRT_PARSE_C
461 #endif // POLARSSL_X509_CRL_PARSE_C
462 #ifdef POLARSSL_X509_CRT_PARSE_C
463 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
468 #endif // POLARSSL_X509_CRT_PARSE_C
469 #ifdef POLARSSL_FS_IO
470 #ifdef POLARSSL_X509_CRT_PARSE_C
471 #ifdef POLARSSL_X509_CRL_PARSE_C
472 if( strcmp( str,
"BADCERT_EXPIRED" ) == 0 )
477 #endif // POLARSSL_FS_IO
478 #endif // POLARSSL_X509_CRT_PARSE_C
479 #endif // POLARSSL_X509_CRL_PARSE_C
480 #ifdef POLARSSL_X509_CRT_PARSE_C
481 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
482 if( strcmp( str,
"ASN1_CONSTRUCTED | ASN1_SEQUENCE" ) == 0 )
487 #endif // POLARSSL_X509_CRT_PARSE_C
488 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
489 #ifdef POLARSSL_X509_CRT_PARSE_C
490 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
491 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
496 #endif // POLARSSL_X509_CRT_PARSE_C
497 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
498 #ifdef POLARSSL_X509_CRL_PARSE_C
499 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG" ) == 0 )
504 #endif // POLARSSL_X509_CRL_PARSE_C
505 #ifdef POLARSSL_X509_CSR_PARSE_C
506 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG" ) == 0 )
511 #endif // POLARSSL_X509_CSR_PARSE_C
512 #ifdef POLARSSL_FS_IO
513 #ifdef POLARSSL_X509_CRT_PARSE_C
514 #ifdef POLARSSL_X509_CRL_PARSE_C
515 if( strcmp( str,
"BADCERT_FUTURE" ) == 0 )
520 #endif // POLARSSL_FS_IO
521 #endif // POLARSSL_X509_CRT_PARSE_C
522 #endif // POLARSSL_X509_CRL_PARSE_C
523 #ifdef POLARSSL_FS_IO
524 #ifdef POLARSSL_X509_CRT_PARSE_C
525 #ifdef POLARSSL_X509_CRL_PARSE_C
526 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_FUTURE | BADCERT_CN_MISMATCH" ) == 0 )
531 #endif // POLARSSL_FS_IO
532 #endif // POLARSSL_X509_CRT_PARSE_C
533 #endif // POLARSSL_X509_CRL_PARSE_C
534 #ifdef POLARSSL_X509_CRT_PARSE_C
535 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
540 #endif // POLARSSL_X509_CRT_PARSE_C
541 #ifdef POLARSSL_X509_CSR_PARSE_C
542 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
547 #endif // POLARSSL_X509_CSR_PARSE_C
548 #ifdef POLARSSL_X509_CRT_PARSE_C
549 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
554 #endif // POLARSSL_X509_CRT_PARSE_C
555 #ifdef POLARSSL_X509_CRL_PARSE_C
556 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
561 #endif // POLARSSL_X509_CRL_PARSE_C
562 #ifdef POLARSSL_X509_CRT_PARSE_C
563 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
564 if( strcmp( str,
"POLARSSL_ERR_X509_FEATURE_UNAVAILABLE + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
569 #endif // POLARSSL_X509_CRT_PARSE_C
570 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
571 #ifdef POLARSSL_X509_CRT_PARSE_C
572 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
577 #endif // POLARSSL_X509_CRT_PARSE_C
578 #ifdef POLARSSL_FS_IO
579 #ifdef POLARSSL_X509_CRT_PARSE_C
580 #ifdef POLARSSL_X509_CRL_PARSE_C
581 if( strcmp( str,
"POLARSSL_ERR_X509_CERT_VERIFY_FAILED" ) == 0 )
586 #endif // POLARSSL_FS_IO
587 #endif // POLARSSL_X509_CRT_PARSE_C
588 #endif // POLARSSL_X509_CRL_PARSE_C
589 #ifdef POLARSSL_X509_CRL_PARSE_C
590 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
595 #endif // POLARSSL_X509_CRL_PARSE_C
596 #ifdef POLARSSL_X509_CRT_PARSE_C
597 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
602 #endif // POLARSSL_X509_CRT_PARSE_C
603 #ifdef POLARSSL_X509_CRT_PARSE_C
604 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
609 #endif // POLARSSL_X509_CRT_PARSE_C
610 #ifdef POLARSSL_X509_CSR_PARSE_C
611 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
616 #endif // POLARSSL_X509_CSR_PARSE_C
617 #ifdef POLARSSL_X509_CRT_PARSE_C
618 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE" ) == 0 )
623 #endif // POLARSSL_X509_CRT_PARSE_C
624 #ifdef POLARSSL_X509_CSR_PARSE_C
625 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
630 #endif // POLARSSL_X509_CSR_PARSE_C
631 #ifdef POLARSSL_FS_IO
632 #ifdef POLARSSL_X509_CRT_PARSE_C
633 #ifdef POLARSSL_X509_CRL_PARSE_C
634 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED" ) == 0 )
639 #endif // POLARSSL_FS_IO
640 #endif // POLARSSL_X509_CRT_PARSE_C
641 #endif // POLARSSL_X509_CRL_PARSE_C
642 #ifdef POLARSSL_X509_CRL_PARSE_C
643 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
648 #endif // POLARSSL_X509_CRL_PARSE_C
649 #ifdef POLARSSL_X509_CRT_PARSE_C
650 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
655 #endif // POLARSSL_X509_CRT_PARSE_C
656 #ifdef POLARSSL_X509_CSR_PARSE_C
657 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
662 #endif // POLARSSL_X509_CSR_PARSE_C
663 #ifdef POLARSSL_FS_IO
664 #ifdef POLARSSL_X509_CRT_PARSE_C
665 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
666 if( strcmp( str,
"POLARSSL_ERR_X509_BAD_INPUT_DATA" ) == 0 )
671 #endif // POLARSSL_FS_IO
672 #endif // POLARSSL_X509_CRT_PARSE_C
673 #endif // POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
674 #ifdef POLARSSL_FS_IO
675 #ifdef POLARSSL_X509_CRT_PARSE_C
676 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
677 if( strcmp( str,
"POLARSSL_ERR_X509_BAD_INPUT_DATA" ) == 0 )
682 #endif // POLARSSL_FS_IO
683 #endif // POLARSSL_X509_CRT_PARSE_C
684 #endif // POLARSSL_X509_CHECK_KEY_USAGE
685 #ifdef POLARSSL_X509_CRL_PARSE_C
686 if( strcmp( str,
"POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
691 #endif // POLARSSL_X509_CRL_PARSE_C
692 #ifdef POLARSSL_FS_IO
693 #ifdef POLARSSL_X509_CRT_PARSE_C
694 #ifdef POLARSSL_X509_CRL_PARSE_C
695 if( strcmp( str,
"BADCRL_NOT_TRUSTED" ) == 0 )
700 #endif // POLARSSL_FS_IO
701 #endif // POLARSSL_X509_CRT_PARSE_C
702 #endif // POLARSSL_X509_CRL_PARSE_C
703 #ifdef POLARSSL_X509_CRT_PARSE_C
704 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
709 #endif // POLARSSL_X509_CRT_PARSE_C
710 #ifdef POLARSSL_X509_CSR_PARSE_C
711 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
716 #endif // POLARSSL_X509_CSR_PARSE_C
717 #ifdef POLARSSL_X509_CRT_PARSE_C
718 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
723 #endif // POLARSSL_X509_CRT_PARSE_C
724 #ifdef POLARSSL_X509_CRT_PARSE_C
725 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
730 #endif // POLARSSL_X509_CRT_PARSE_C
731 #ifdef POLARSSL_FS_IO
732 #ifdef POLARSSL_X509_CRT_PARSE_C
733 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
734 if( strcmp( str,
"KU_KEY_CERT_SIGN|KU_CRL_SIGN" ) == 0 )
739 #endif // POLARSSL_FS_IO
740 #endif // POLARSSL_X509_CRT_PARSE_C
741 #endif // POLARSSL_X509_CHECK_KEY_USAGE
742 #ifdef POLARSSL_FS_IO
743 #ifdef POLARSSL_X509_CRT_PARSE_C
744 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
745 if( strcmp( str,
"KU_KEY_ENCIPHERMENT|KU_KEY_AGREEMENT" ) == 0 )
750 #endif // POLARSSL_FS_IO
751 #endif // POLARSSL_X509_CRT_PARSE_C
752 #endif // POLARSSL_X509_CHECK_KEY_USAGE
753 #ifdef POLARSSL_FS_IO
754 #ifdef POLARSSL_X509_CRT_PARSE_C
755 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
756 if( strcmp( str,
"KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT" ) == 0 )
761 #endif // POLARSSL_FS_IO
762 #endif // POLARSSL_X509_CRT_PARSE_C
763 #endif // POLARSSL_X509_CHECK_KEY_USAGE
764 #ifdef POLARSSL_X509_CRT_PARSE_C
765 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
770 #endif // POLARSSL_X509_CRT_PARSE_C
771 #ifdef POLARSSL_X509_CRT_PARSE_C
772 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
777 #endif // POLARSSL_X509_CRT_PARSE_C
778 #ifdef POLARSSL_X509_CRL_PARSE_C
779 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
784 #endif // POLARSSL_X509_CRL_PARSE_C
785 #ifdef POLARSSL_X509_CRT_PARSE_C
786 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
791 #endif // POLARSSL_X509_CRT_PARSE_C
792 #ifdef POLARSSL_X509_CRT_PARSE_C
793 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
794 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
799 #endif // POLARSSL_X509_CRT_PARSE_C
800 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
801 #ifdef POLARSSL_X509_CRT_PARSE_C
802 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
807 #endif // POLARSSL_X509_CRT_PARSE_C
808 #ifdef POLARSSL_X509_CRT_PARSE_C
809 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
810 if( strcmp( str,
"ASN1_SEQUENCE" ) == 0 )
815 #endif // POLARSSL_X509_CRT_PARSE_C
816 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
817 #ifdef POLARSSL_X509_CRT_PARSE_C
818 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY" ) == 0 )
823 #endif // POLARSSL_X509_CRT_PARSE_C
824 #ifdef POLARSSL_X509_CRL_PARSE_C
825 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
830 #endif // POLARSSL_X509_CRL_PARSE_C
831 #ifdef POLARSSL_X509_CRT_PARSE_C
832 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
837 #endif // POLARSSL_X509_CRT_PARSE_C
838 #ifdef POLARSSL_X509_CSR_PARSE_C
839 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
844 #endif // POLARSSL_X509_CSR_PARSE_C
845 #ifdef POLARSSL_X509_CRT_PARSE_C
846 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
847 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
852 #endif // POLARSSL_X509_CRT_PARSE_C
853 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
854 #ifdef POLARSSL_X509_CRL_PARSE_C
855 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
860 #endif // POLARSSL_X509_CRL_PARSE_C
861 #ifdef POLARSSL_X509_CRT_PARSE_C
862 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
863 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
868 #endif // POLARSSL_X509_CRT_PARSE_C
869 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
870 #ifdef POLARSSL_X509_CRT_PARSE_C
871 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
876 #endif // POLARSSL_X509_CRT_PARSE_C
877 #ifdef POLARSSL_X509_CSR_PARSE_C
878 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
883 #endif // POLARSSL_X509_CSR_PARSE_C
884 #ifdef POLARSSL_FS_IO
885 #ifdef POLARSSL_X509_CRT_PARSE_C
886 #ifdef POLARSSL_X509_CRL_PARSE_C
887 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_FUTURE" ) == 0 )
892 #endif // POLARSSL_FS_IO
893 #endif // POLARSSL_X509_CRT_PARSE_C
894 #endif // POLARSSL_X509_CRL_PARSE_C
895 #ifdef POLARSSL_X509_CRT_PARSE_C
896 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
901 #endif // POLARSSL_X509_CRT_PARSE_C
902 #ifdef POLARSSL_FS_IO
903 #ifdef POLARSSL_X509_CRT_PARSE_C
904 #ifdef POLARSSL_X509_CRL_PARSE_C
905 if( strcmp( str,
"BADCERT_NOT_TRUSTED" ) == 0 )
910 #endif // POLARSSL_FS_IO
911 #endif // POLARSSL_X509_CRT_PARSE_C
912 #endif // POLARSSL_X509_CRL_PARSE_C
913 #ifdef POLARSSL_X509_CRT_PARSE_C
914 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
915 if( strcmp( str,
"POLARSSL_MD_SHA256" ) == 0 )
920 #endif // POLARSSL_X509_CRT_PARSE_C
921 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
922 #ifdef POLARSSL_X509_CRT_PARSE_C
923 if( strcmp( str,
"POLARSSL_ERR_PK_UNKNOWN_PK_ALG" ) == 0 )
928 #endif // POLARSSL_X509_CRT_PARSE_C
929 #ifdef POLARSSL_X509_CSR_PARSE_C
930 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
935 #endif // POLARSSL_X509_CSR_PARSE_C
936 #ifdef POLARSSL_X509_CRT_PARSE_C
937 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
942 #endif // POLARSSL_X509_CRT_PARSE_C
943 #ifdef POLARSSL_FS_IO
944 #ifdef POLARSSL_X509_CRT_PARSE_C
945 #ifdef POLARSSL_X509_CRL_PARSE_C
946 if( strcmp( str,
"BADCERT_OTHER" ) == 0 )
951 #endif // POLARSSL_FS_IO
952 #endif // POLARSSL_X509_CRT_PARSE_C
953 #endif // POLARSSL_X509_CRL_PARSE_C
954 #ifdef POLARSSL_X509_CRL_PARSE_C
955 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
960 #endif // POLARSSL_X509_CRL_PARSE_C
961 #ifdef POLARSSL_X509_CSR_PARSE_C
962 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
967 #endif // POLARSSL_X509_CSR_PARSE_C
968 #ifdef POLARSSL_X509_CRT_PARSE_C
969 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
974 #endif // POLARSSL_X509_CRT_PARSE_C
975 #ifdef POLARSSL_FS_IO
976 #ifdef POLARSSL_X509_CRT_PARSE_C
977 #ifdef POLARSSL_X509_CRL_PARSE_C
978 if( strcmp( str,
"BADCERT_CN_MISMATCH + BADCERT_NOT_TRUSTED" ) == 0 )
983 #endif // POLARSSL_FS_IO
984 #endif // POLARSSL_X509_CRT_PARSE_C
985 #endif // POLARSSL_X509_CRL_PARSE_C
986 #ifdef POLARSSL_X509_CSR_PARSE_C
987 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
992 #endif // POLARSSL_X509_CSR_PARSE_C
993 #ifdef POLARSSL_FS_IO
994 #ifdef POLARSSL_X509_CRT_PARSE_C
995 #ifdef POLARSSL_X509_CRL_PARSE_C
996 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH" ) == 0 )
1001 #endif // POLARSSL_FS_IO
1002 #endif // POLARSSL_X509_CRT_PARSE_C
1003 #endif // POLARSSL_X509_CRL_PARSE_C
1004 #ifdef POLARSSL_X509_CRL_PARSE_C
1005 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1010 #endif // POLARSSL_X509_CRL_PARSE_C
1011 #ifdef POLARSSL_X509_CRT_PARSE_C
1012 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1017 #endif // POLARSSL_X509_CRT_PARSE_C
1018 #ifdef POLARSSL_X509_CSR_PARSE_C
1019 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1024 #endif // POLARSSL_X509_CSR_PARSE_C
1025 #ifdef POLARSSL_X509_CRT_PARSE_C
1026 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1031 #endif // POLARSSL_X509_CRT_PARSE_C
1032 #ifdef POLARSSL_X509_CRL_PARSE_C
1033 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1038 #endif // POLARSSL_X509_CRL_PARSE_C
1039 #ifdef POLARSSL_X509_CSR_PARSE_C
1040 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1045 #endif // POLARSSL_X509_CSR_PARSE_C
1046 #ifdef POLARSSL_X509_CRT_PARSE_C
1047 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1052 #endif // POLARSSL_X509_CRT_PARSE_C
1053 #ifdef POLARSSL_X509_CRL_PARSE_C
1054 if( strcmp( str,
" 1" ) == 0 )
1059 #endif // POLARSSL_X509_CRL_PARSE_C
1060 #ifdef POLARSSL_X509_CSR_PARSE_C
1061 if( strcmp( str,
" 1" ) == 0 )
1066 #endif // POLARSSL_X509_CSR_PARSE_C
1067 #ifdef POLARSSL_X509_CRT_PARSE_C
1068 if( strcmp( str,
" 1" ) == 0 )
1073 #endif // POLARSSL_X509_CRT_PARSE_C
1074 #ifdef POLARSSL_X509_USE_C
1075 if( strcmp( str,
"POLARSSL_ERR_OID_BUF_TOO_SMALL" ) == 0 )
1080 #endif // POLARSSL_X509_USE_C
1081 #ifdef POLARSSL_X509_CRT_PARSE_C
1082 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1087 #endif // POLARSSL_X509_CRT_PARSE_C
1088 #ifdef POLARSSL_X509_CSR_PARSE_C
1089 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1094 #endif // POLARSSL_X509_CSR_PARSE_C
1095 #ifdef POLARSSL_FS_IO
1096 #ifdef POLARSSL_X509_CRT_PARSE_C
1097 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1098 if( strcmp( str,
"KU_DIGITAL_SIGNATURE" ) == 0 )
1103 #endif // POLARSSL_FS_IO
1104 #endif // POLARSSL_X509_CRT_PARSE_C
1105 #endif // POLARSSL_X509_CHECK_KEY_USAGE
1106 #ifdef POLARSSL_X509_CRT_PARSE_C
1107 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1112 #endif // POLARSSL_X509_CRT_PARSE_C
1113 #ifdef POLARSSL_X509_CRT_PARSE_C
1114 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1115 if( strcmp( str,
"POLARSSL_MD_SHA1" ) == 0 )
1120 #endif // POLARSSL_X509_CRT_PARSE_C
1121 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1122 #ifdef POLARSSL_X509_CRT_PARSE_C
1123 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
1128 #endif // POLARSSL_X509_CRT_PARSE_C
1129 #ifdef POLARSSL_X509_CRT_PARSE_C
1130 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
1135 #endif // POLARSSL_X509_CRT_PARSE_C
1136 #ifdef POLARSSL_X509_CRL_PARSE_C
1137 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
1142 #endif // POLARSSL_X509_CRL_PARSE_C
1143 #ifdef POLARSSL_X509_CRT_PARSE_C
1144 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1145 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
1150 #endif // POLARSSL_X509_CRT_PARSE_C
1151 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1152 #ifdef POLARSSL_X509_CRT_PARSE_C
1153 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1158 #endif // POLARSSL_X509_CRT_PARSE_C
1159 #ifdef POLARSSL_FS_IO
1160 #ifdef POLARSSL_X509_CRT_PARSE_C
1161 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1162 if( strcmp( str,
"KU_KEY_CERT_SIGN" ) == 0 )
1167 #endif // POLARSSL_FS_IO
1168 #endif // POLARSSL_X509_CRT_PARSE_C
1169 #endif // POLARSSL_X509_CHECK_KEY_USAGE
1170 #ifdef POLARSSL_X509_CRT_PARSE_C
1171 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1176 #endif // POLARSSL_X509_CRT_PARSE_C
1177 #ifdef POLARSSL_FS_IO
1178 #ifdef POLARSSL_X509_CRT_PARSE_C
1179 #ifdef POLARSSL_X509_CRL_PARSE_C
1180 if( strcmp( str,
"BADCRL_EXPIRED" ) == 0 )
1185 #endif // POLARSSL_FS_IO
1186 #endif // POLARSSL_X509_CRT_PARSE_C
1187 #endif // POLARSSL_X509_CRL_PARSE_C
1188 #ifdef POLARSSL_FS_IO
1189 #ifdef POLARSSL_X509_CRT_PARSE_C
1190 #ifdef POLARSSL_X509_CRL_PARSE_C
1191 if( strcmp( str,
"BADCRL_FUTURE" ) == 0 )
1196 #endif // POLARSSL_FS_IO
1197 #endif // POLARSSL_X509_CRT_PARSE_C
1198 #endif // POLARSSL_X509_CRL_PARSE_C
1199 #ifdef POLARSSL_X509_CRT_PARSE_C
1200 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1205 #endif // POLARSSL_X509_CRT_PARSE_C
1206 #ifdef POLARSSL_X509_CRT_PARSE_C
1207 if( strcmp( str,
"POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
1212 #endif // POLARSSL_X509_CRT_PARSE_C
1213 #ifdef POLARSSL_FS_IO
1214 #ifdef POLARSSL_X509_CRT_PARSE_C
1215 #ifdef POLARSSL_X509_CRL_PARSE_C
1216 if( strcmp( str,
"BADCERT_REVOKED | BADCERT_CN_MISMATCH" ) == 0 )
1221 #endif // POLARSSL_FS_IO
1222 #endif // POLARSSL_X509_CRT_PARSE_C
1223 #endif // POLARSSL_X509_CRL_PARSE_C
1224 #ifdef POLARSSL_X509_CRT_PARSE_C
1225 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA " ) == 0 )
1230 #endif // POLARSSL_X509_CRT_PARSE_C
1231 #ifdef POLARSSL_X509_CRT_PARSE_C
1232 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1237 #endif // POLARSSL_X509_CRT_PARSE_C
1238 #ifdef POLARSSL_X509_CRT_PARSE_C
1239 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1244 #endif // POLARSSL_X509_CRT_PARSE_C
1245 #ifdef POLARSSL_X509_CRT_PARSE_C
1246 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1247 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG" ) == 0 )
1252 #endif // POLARSSL_X509_CRT_PARSE_C
1253 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1256 printf(
"Expected integer for parameter and got: %s\n", str );
1260 #ifdef POLARSSL_FS_IO
1261 #ifdef POLARSSL_X509_CRT_PARSE_C
1262 void test_suite_x509_cert_info(
char *crt_file,
char *result_str )
1269 memset( buf, 0, 2000 );
1285 #ifdef POLARSSL_FS_IO
1286 #ifdef POLARSSL_X509_CRL_PARSE_C
1287 void test_suite_x509_crl_info(
char *crl_file,
char *result_str )
1294 memset( buf, 0, 2000 );
1310 #ifdef POLARSSL_FS_IO
1311 #ifdef POLARSSL_X509_CSR_PARSE_C
1312 void test_suite_x509_csr_info(
char *csr_file,
char *result_str )
1319 memset( buf, 0, 2000 );
1335 #ifdef POLARSSL_FS_IO
1336 #ifdef POLARSSL_X509_CRT_PARSE_C
1337 #ifdef POLARSSL_X509_CRL_PARSE_C
1338 void test_suite_x509_verify(
char *crt_file,
char *ca_file,
char *crl_file,
1339 char *cn_name_str,
int result,
int flags_result,
1340 char *verify_callback )
1347 int (*f_vrfy)(
void *,
x509_crt *, int,
int *) = NULL;
1348 char * cn_name = NULL;
1354 if( strcmp( cn_name_str,
"NULL" ) != 0 )
1355 cn_name = cn_name_str;
1357 if( strcmp( verify_callback,
"NULL" ) == 0 )
1359 else if( strcmp( verify_callback,
"verify_none" ) == 0 )
1360 f_vrfy = verify_none;
1361 else if( strcmp( verify_callback,
"verify_all" ) == 0 )
1362 f_vrfy = verify_all;
1364 TEST_ASSERT(
"No known verify callback selected" == 0 );
1370 res =
x509_crt_verify( &crt, &ca, &crl, cn_name, &flags, f_vrfy, NULL );
1384 #ifdef POLARSSL_FS_IO
1385 #ifdef POLARSSL_X509_CRT_C
1386 void test_suite_x509_dn_gets(
char *crt_file,
char *entity,
char *result_str )
1393 memset( buf, 0, 2000 );
1396 if( strcmp( entity,
"subject" ) == 0 )
1398 else if( strcmp( entity,
"issuer" ) == 0 )
1414 #ifdef POLARSSL_FS_IO
1415 #ifdef POLARSSL_X509_CRT_C
1416 void test_suite_x509_time_expired(
char *crt_file,
char *entity,
int result )
1424 if( strcmp( entity,
"valid_from" ) == 0 )
1426 else if( strcmp( entity,
"valid_to" ) == 0 )
1437 #ifdef POLARSSL_FS_IO
1438 #ifdef POLARSSL_X509_CRT_C
1439 void test_suite_x509_time_future(
char *crt_file,
char *entity,
int result )
1447 if( strcmp( entity,
"valid_from" ) == 0 )
1449 else if( strcmp( entity,
"valid_to" ) == 0 )
1460 #ifdef POLARSSL_X509_CRT_PARSE_C
1461 void test_suite_x509parse_crt(
char *crt_data,
char *result_str,
int result )
1464 unsigned char buf[2000];
1465 unsigned char output[2000];
1469 memset( buf, 0, 2000 );
1470 memset( output, 0, 2000 );
1472 data_len =
unhexify( buf, crt_data );
1475 if( ( result ) == 0 )
1482 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1490 #ifdef POLARSSL_X509_CRL_PARSE_C
1491 void test_suite_x509parse_crl(
char *crl_data,
char *result_str,
int result )
1494 unsigned char buf[2000];
1495 unsigned char output[2000];
1499 memset( buf, 0, 2000 );
1500 memset( output, 0, 2000 );
1502 data_len =
unhexify( buf, crl_data );
1505 if( ( result ) == 0 )
1512 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1520 #ifdef POLARSSL_X509_CSR_PARSE_C
1521 void test_suite_x509_csr_parse(
char *csr_der_hex,
char *ref_out,
int ref_ret )
1524 unsigned char *csr_der = NULL;
1530 memset( my_out, 0,
sizeof( my_out ) );
1538 size_t my_out_len =
x509_csr_info( my_out,
sizeof( my_out ),
"", &csr );
1549 #ifdef POLARSSL_FS_IO
1550 #ifdef POLARSSL_X509_CRT_PARSE_C
1551 void test_suite_x509_crt_parse_path(
char *crt_path,
int ret,
int nb_crt )
1553 x509_crt chain, *cur;
1561 for( i = 0, cur = &chain; cur != NULL; cur = cur->
next )
1562 if( cur->
raw.
p != NULL )
1573 #ifdef POLARSSL_X509_USE_C
1574 void test_suite_x509_oid_desc(
char *oid_str,
char *ref_desc )
1578 unsigned char buf[20];
1580 memset( buf, 0,
sizeof buf );
1588 if( strcmp( ref_desc,
"notfound" ) == 0 )
1601 #ifdef POLARSSL_X509_USE_C
1602 void test_suite_x509_oid_numstr(
char *oid_str,
char *numstr,
int blen,
int ret )
1605 unsigned char oid_buf[20];
1608 memset( oid_buf, 0x00,
sizeof oid_buf );
1609 memset( num_buf, 0x2a,
sizeof num_buf );
1630 #ifdef POLARSSL_FS_IO
1631 #ifdef POLARSSL_X509_CRT_PARSE_C
1632 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1633 void test_suite_x509_check_key_usage(
char *crt_file,
int usage,
int ret )
1650 #ifdef POLARSSL_FS_IO
1651 #ifdef POLARSSL_X509_CRT_PARSE_C
1652 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
1653 void test_suite_x509_check_extended_key_usage(
char *crt_file,
char *usage_hex,
int ret )
1661 len =
unhexify( (
unsigned char *) oid, usage_hex );
1674 #ifdef POLARSSL_X509_CRT_PARSE_C
1675 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1676 void test_suite_x509_parse_rsassa_pss_params(
char *hex_params,
int params_tag,
1677 int ref_msg_md,
int ref_mgf_md,
1678 int ref_salt_len,
int ref_ret )
1686 params.
tag = params_tag;
1691 if( my_ret != ref_ret ) printf(
"\n%04X\n", - my_ret );
1708 #ifdef POLARSSL_X509_CRT_PARSE_C
1709 #ifdef POLARSSL_SELF_TEST
1710 void test_suite_x509_selftest()
1729 if( strcmp( str,
"POLARSSL_HAVE_TIME" ) == 0 )
1731 #if defined(POLARSSL_HAVE_TIME)
1737 if( strcmp( str,
"POLARSSL_MD5_C" ) == 0 )
1739 #if defined(POLARSSL_MD5_C)
1745 if( strcmp( str,
"POLARSSL_ECP_DP_SECP383R1_ENABLED" ) == 0 )
1747 #if defined(POLARSSL_ECP_DP_SECP383R1_ENABLED)
1753 if( strcmp( str,
"POLARSSL_SHA512_C" ) == 0 )
1755 #if defined(POLARSSL_SHA512_C)
1761 if( strcmp( str,
"POLARSSL_ECDSA_C" ) == 0 )
1763 #if defined(POLARSSL_ECDSA_C)
1769 if( strcmp( str,
"POLARSSL_X509_RSASSA_PSS_SUPPORT" ) == 0 )
1771 #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)
1777 if( strcmp( str,
"POLARSSL_X509_CHECK_KEY_USAGE" ) == 0 )
1779 #if defined(POLARSSL_X509_CHECK_KEY_USAGE)
1785 if( strcmp( str,
"POLARSSL_MD4_C" ) == 0 )
1787 #if defined(POLARSSL_MD4_C)
1793 if( strcmp( str,
"POLARSSL_ECP_DP_SECP256R1_ENABLED" ) == 0 )
1795 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
1801 if( strcmp( str,
"POLARSSL_CERTS_C" ) == 0 )
1803 #if defined(POLARSSL_CERTS_C)
1809 if( strcmp( str,
"POLARSSL_ECP_DP_SECP384R1_ENABLED" ) == 0 )
1811 #if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
1817 if( strcmp( str,
"POLARSSL_PKCS1_V15" ) == 0 )
1819 #if defined(POLARSSL_PKCS1_V15)
1825 if( strcmp( str,
"POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3" ) == 0 )
1827 #if defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
1833 if( strcmp( str,
"POLARSSL_SHA1_C" ) == 0 )
1835 #if defined(POLARSSL_SHA1_C)
1841 if( strcmp( str,
"POLARSSL_PEM_PARSE_C" ) == 0 )
1843 #if defined(POLARSSL_PEM_PARSE_C)
1849 if( strcmp( str,
"POLARSSL_ECP_C" ) == 0 )
1851 #if defined(POLARSSL_ECP_C)
1857 if( strcmp( str,
"POLARSSL_SHA256_C" ) == 0 )
1859 #if defined(POLARSSL_SHA256_C)
1865 if( strcmp( str,
"POLARSSL_RSA_C" ) == 0 )
1867 #if defined(POLARSSL_RSA_C)
1873 if( strcmp( str,
"POLARSSL_ECP_DP_SECP192R1_ENABLED" ) == 0 )
1875 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
1892 #if defined(TEST_SUITE_ACTIVE)
1893 if( strcmp( params[0],
"x509_cert_info" ) == 0 )
1895 #ifdef POLARSSL_FS_IO
1896 #ifdef POLARSSL_X509_CRT_PARSE_C
1898 char *param1 = params[1];
1899 char *param2 = params[2];
1903 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1910 test_suite_x509_cert_info( param1, param2 );
1918 if( strcmp( params[0],
"x509_crl_info" ) == 0 )
1920 #ifdef POLARSSL_FS_IO
1921 #ifdef POLARSSL_X509_CRL_PARSE_C
1923 char *param1 = params[1];
1924 char *param2 = params[2];
1928 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1935 test_suite_x509_crl_info( param1, param2 );
1943 if( strcmp( params[0],
"x509_csr_info" ) == 0 )
1945 #ifdef POLARSSL_FS_IO
1946 #ifdef POLARSSL_X509_CSR_PARSE_C
1948 char *param1 = params[1];
1949 char *param2 = params[2];
1953 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1960 test_suite_x509_csr_info( param1, param2 );
1968 if( strcmp( params[0],
"x509_verify" ) == 0 )
1970 #ifdef POLARSSL_FS_IO
1971 #ifdef POLARSSL_X509_CRT_PARSE_C
1972 #ifdef POLARSSL_X509_CRL_PARSE_C
1974 char *param1 = params[1];
1975 char *param2 = params[2];
1976 char *param3 = params[3];
1977 char *param4 = params[4];
1980 char *param7 = params[7];
1984 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 8 );
1992 if(
verify_int( params[5], ¶m5 ) != 0 )
return( 2 );
1993 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
1996 test_suite_x509_verify( param1, param2, param3, param4, param5, param6, param7 );
2005 if( strcmp( params[0],
"x509_dn_gets" ) == 0 )
2007 #ifdef POLARSSL_FS_IO
2008 #ifdef POLARSSL_X509_CRT_C
2010 char *param1 = params[1];
2011 char *param2 = params[2];
2012 char *param3 = params[3];
2016 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2024 test_suite_x509_dn_gets( param1, param2, param3 );
2032 if( strcmp( params[0],
"x509_time_expired" ) == 0 )
2034 #ifdef POLARSSL_FS_IO
2035 #ifdef POLARSSL_X509_CRT_C
2037 char *param1 = params[1];
2038 char *param2 = params[2];
2043 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2049 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2051 test_suite_x509_time_expired( param1, param2, param3 );
2059 if( strcmp( params[0],
"x509_time_future" ) == 0 )
2061 #ifdef POLARSSL_FS_IO
2062 #ifdef POLARSSL_X509_CRT_C
2064 char *param1 = params[1];
2065 char *param2 = params[2];
2070 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2076 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2078 test_suite_x509_time_future( param1, param2, param3 );
2086 if( strcmp( params[0],
"x509parse_crt" ) == 0 )
2088 #ifdef POLARSSL_X509_CRT_PARSE_C
2090 char *param1 = params[1];
2091 char *param2 = params[2];
2096 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2102 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2104 test_suite_x509parse_crt( param1, param2, param3 );
2111 if( strcmp( params[0],
"x509parse_crl" ) == 0 )
2113 #ifdef POLARSSL_X509_CRL_PARSE_C
2115 char *param1 = params[1];
2116 char *param2 = params[2];
2121 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2127 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2129 test_suite_x509parse_crl( param1, param2, param3 );
2136 if( strcmp( params[0],
"x509_csr_parse" ) == 0 )
2138 #ifdef POLARSSL_X509_CSR_PARSE_C
2140 char *param1 = params[1];
2141 char *param2 = params[2];
2146 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2152 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2154 test_suite_x509_csr_parse( param1, param2, param3 );
2161 if( strcmp( params[0],
"x509_crt_parse_path" ) == 0 )
2163 #ifdef POLARSSL_FS_IO
2164 #ifdef POLARSSL_X509_CRT_PARSE_C
2166 char *param1 = params[1];
2172 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2177 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2178 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2180 test_suite_x509_crt_parse_path( param1, param2, param3 );
2188 if( strcmp( params[0],
"x509_oid_desc" ) == 0 )
2190 #ifdef POLARSSL_X509_USE_C
2192 char *param1 = params[1];
2193 char *param2 = params[2];
2197 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
2204 test_suite_x509_oid_desc( param1, param2 );
2211 if( strcmp( params[0],
"x509_oid_numstr" ) == 0 )
2213 #ifdef POLARSSL_X509_USE_C
2215 char *param1 = params[1];
2216 char *param2 = params[2];
2222 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 5 );
2228 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2229 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
2231 test_suite_x509_oid_numstr( param1, param2, param3, param4 );
2238 if( strcmp( params[0],
"x509_check_key_usage" ) == 0 )
2240 #ifdef POLARSSL_FS_IO
2241 #ifdef POLARSSL_X509_CRT_PARSE_C
2242 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
2244 char *param1 = params[1];
2250 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2255 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2256 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2258 test_suite_x509_check_key_usage( param1, param2, param3 );
2267 if( strcmp( params[0],
"x509_check_extended_key_usage" ) == 0 )
2269 #ifdef POLARSSL_FS_IO
2270 #ifdef POLARSSL_X509_CRT_PARSE_C
2271 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
2273 char *param1 = params[1];
2274 char *param2 = params[2];
2279 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2285 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2287 test_suite_x509_check_extended_key_usage( param1, param2, param3 );
2296 if( strcmp( params[0],
"x509_parse_rsassa_pss_params" ) == 0 )
2298 #ifdef POLARSSL_X509_CRT_PARSE_C
2299 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
2301 char *param1 = params[1];
2310 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 7 );
2315 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2316 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2317 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
2318 if(
verify_int( params[5], ¶m5 ) != 0 )
return( 2 );
2319 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
2321 test_suite_x509_parse_rsassa_pss_params( param1, param2, param3, param4, param5, param6 );
2329 if( strcmp( params[0],
"x509_selftest" ) == 0 )
2331 #ifdef POLARSSL_X509_CRT_PARSE_C
2332 #ifdef POLARSSL_SELF_TEST
2337 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 1 );
2342 test_suite_x509_selftest( );
2352 fprintf( stdout,
"FAILED\nSkipping unknown test function '%s'\n", params[0] );
2366 ret = fgets( buf, len, f );
2370 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\n' )
2371 buf[strlen(buf) - 1] =
'\0';
2372 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\r' )
2373 buf[strlen(buf) - 1] =
'\0';
2384 params[cnt++] = cur;
2386 while( *p !=
'\0' && p < buf + len )
2396 if( p + 1 < buf + len )
2399 params[cnt++] = cur;
2408 for( i = 0; i < cnt; i++ )
2415 if( *p ==
'\\' && *(p + 1) ==
'n' )
2420 else if( *p ==
'\\' && *(p + 1) ==
':' )
2425 else if( *p ==
'\\' && *(p + 1) ==
'?' )
2441 int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
2442 const char *filename =
"/home/iurt/rpmbuild/BUILD/polarssl-1.3.8/tests/suites/test_suite_x509parse.data";
2447 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2448 unsigned char alloc_buf[1000000];
2452 file = fopen( filename,
"r" );
2455 fprintf( stderr,
"Failed to open\n" );
2459 while( !feof( file ) )
2463 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2465 fprintf( stdout,
"%s%.66s",
test_errors ?
"\n" :
"", buf );
2466 fprintf( stdout,
" " );
2467 for( i = strlen( buf ) + 1; i < 67; i++ )
2468 fprintf( stdout,
"." );
2469 fprintf( stdout,
" " );
2474 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2478 if( strcmp( params[0],
"depends_on" ) == 0 )
2480 for( i = 1; i < cnt; i++ )
2484 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2495 if( skip == 1 || ret == 3 )
2498 fprintf( stdout,
"----\n" );
2503 fprintf( stdout,
"PASS\n" );
2508 fprintf( stderr,
"FAILED: FATAL PARSE ERROR\n" );
2515 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2517 if( strlen(buf) != 0 )
2519 fprintf( stderr,
"Should be empty %d\n", (
int) strlen(buf) );
2525 fprintf( stdout,
"\n----------------------------------------------------------------------------\n\n");
2526 if( total_errors == 0 )
2527 fprintf( stdout,
"PASSED" );
2529 fprintf( stdout,
"FAILED" );
2531 fprintf( stdout,
" (%d / %d tests (%d skipped))\n",
2532 total_tests - total_errors, total_tests, total_skipped );
2534 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2535 #if defined(POLARSSL_MEMORY_DEBUG)
2536 memory_buffer_alloc_status();
2541 return( total_errors != 0 );
#define POLARSSL_ERR_PK_INVALID_ALG
The algorithm tag or value is invalid.
int x509_time_expired(const x509_time *time)
Check a given x509_time against the system time and check if it is not expired.
#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT
Invalid key tag or value.
int x509_csr_parse_der(x509_csr *csr, const unsigned char *buf, size_t buflen)
Load a Certificate Signing Request (CSR) in DER format.
void x509_crl_init(x509_crl *crl)
Initialize a CRL (chain)
Memory allocation layer (Deprecated to platform layer)
#define POLARSSL_ERR_X509_INVALID_DATE
The date tag or value is invalid.
#define BADCERT_OTHER
Other reason (can be used by verify callback)
Info structure for the pseudo random function.
x509_buf raw
The raw certificate data (DER).
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH
Actual length differs from expected length.
void memory_buffer_alloc_free(void)
Free the mutex for thread-safety and clear remaining memory.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
#define POLARSSL_ERR_X509_INVALID_FORMAT
The CRT/CRL/CSR format is invalid, e.g.
const char * x509_oid_get_description(x509_buf *oid)
Give an known OID, return its descriptive string.
int x509_crt_parse(x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse one or more certificates and add them to the chained list.
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
void x509_crt_free(x509_crt *crt)
Unallocate all certificate data.
Configuration options (set of defines)
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
Signature algorithm (oid) is unsupported.
#define POLARSSL_ERR_ASN1_INVALID_DATA
Data is invalid.
#define POLARSSL_ERR_X509_INVALID_SIGNATURE
The signature tag or value invalid.
static int test_assert(int correct, const char *test)
#define BADCRL_NOT_TRUSTED
CRL is not correctly signed by the trusted CA.
#define POLARSSL_ERR_ASN1_INVALID_LENGTH
Error when trying to determine the length or invalid length.
#define POLARSSL_ERR_X509_UNKNOWN_VERSION
CRT/CRL/CSR has an unsupported version number.
static unsigned char * zero_alloc(size_t len)
Allocate and zeroize a buffer.
int main(int argc, char *argv[])
int x509_crl_parse_file(x509_crl *chain, const char *path)
Load one or more CRLs and add them to the chained list.
Object Identifier (OID) database.
int x509_crl_parse(x509_crl *chain, const unsigned char *buf, size_t buflen)
Parse one or more CRLs and add them to the chained list.
int x509_crl_info(char *buf, size_t size, const char *prefix, const x509_crl *crl)
Returns an informational string about the CRL.
struct _x509_crt * next
Next certificate in the CA-chain.
int x509_crt_check_key_usage(const x509_crt *crt, int usage)
Check usage of certificate against keyUsage extension.
int memory_buffer_alloc_init(unsigned char *buf, size_t len)
Initialize use of stack-based memory allocator.
#define TEST_ASSERT(TEST)
#define BADCERT_EXPIRED
The certificate validity has expired.
#define BADCERT_FUTURE
The certificate validity starts in the future.
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED
Certificate verification failed, e.g.
Container for an X.509 certificate.
#define POLARSSL_ERR_OID_NOT_FOUND
OID is not found.
Privacy Enhanced Mail (PEM) decoding.
x509_time valid_from
Start time of certificate validity.
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
void x509_crl_free(x509_crl *crl)
Unallocate all CRL data.
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
void x509_crt_init(x509_crt *crt)
Initialize a certificate (chain)
unsigned char * p
ASN1 data, e.g.
x509_name subject
The parsed subject data (named information object).
X.509 certificate signing request parsing and writing.
int x509_crt_verify(x509_crt *crt, x509_crt *trust_ca, x509_crl *ca_crl, const char *cn, int *flags, int(*f_vrfy)(void *, x509_crt *, int, int *), void *p_vrfy)
Verify the certificate signature.
int x509_oid_get_numeric_string(char *buf, size_t size, x509_buf *oid)
Give an OID, return a string version of its OID number.
void x509_csr_free(x509_csr *csr)
Unallocate all CSR data.
static unsigned char * unhexify_alloc(const char *ibuf, size_t *olen)
Allocate and fill a buffer from hex data.
x509_time valid_to
End time of certificate validity.
X.509 certificate parsing and writing.
#define POLARSSL_ERR_X509_INVALID_ALG
The algorithm tag or value is invalid.
int parse_arguments(char *buf, size_t len, char *params[50])
#define POLARSSL_ERR_ASN1_OUT_OF_DATA
Out of data when parsing an ASN1 data structure.
int x509_get_rsassa_pss_params(const x509_buf *params, md_type_t *md_alg, md_type_t *mgf_md, int *salt_len)
#define BADCERT_NOT_TRUSTED
The certificate is not correctly signed by the trusted CA.
static int unhexify(unsigned char *obuf, const char *ibuf)
Type-length-value structure that allows for ASN1 using DER.
size_t len
ASN1 length, e.g.
#define BADCRL_FUTURE
The CRL is from the future.
int verify_string(char **str)
x509_name issuer
The parsed issuer data (named information object).
#define POLARSSL_ERR_X509_INVALID_NAME
The name tag or value is invalid.
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
#define BADCERT_REVOKED
The certificate has been revoked (is on a CRL).
#define BADCRL_EXPIRED
CRL is expired.
int dispatch_test(int cnt, char *params[50])
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE
Unavailable feature, e.g.
X.509 certificate revocation list parsing.
#define KU_DIGITAL_SIGNATURE
#define POLARSSL_ERR_X509_INVALID_VERSION
The CRT/CRL/CSR version element is invalid.
Certificate revocation list structure.
int x509_csr_info(char *buf, size_t size, const char *prefix, const x509_csr *csr)
Returns an informational string about the CSR.
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS
The extension tag or value is invalid.
#define POLARSSL_ERR_OID_BUF_TOO_SMALL
output buffer is too small
int x509_time_future(const x509_time *time)
Check a given x509_time against the system time and check if it is not from the future.
int x509_crt_parse_path(x509_crt *chain, const char *path)
Load one or more certificate files from a path and add them to the chained list.
Certificate Signing Request (CSR) structure.
#define POLARSSL_ERR_X509_BAD_INPUT_DATA
Input invalid.
#define PUT_UINT32_BE(n, b, i)
#define BADCERT_CN_MISMATCH
The certificate Common Name (CN) does not match with the expected CN.
int x509_csr_parse_file(x509_csr *csr, const char *path)
Load a Certificate Signing Request (CSR)
int x509_self_test(int verbose)
Checkup routine.
int verify_int(char *str, int *value)
int x509_crt_info(char *buf, size_t size, const char *prefix, const x509_crt *crt)
Returns an informational string about the certificate.
void x509_csr_init(x509_csr *csr)
Initialize a CSR.
#define POLARSSL_ERR_X509_INVALID_SERIAL
The serial tag or value is invalid.
int x509_crt_check_extended_key_usage(const x509_crt *crt, const char *usage_oid, size_t usage_len)
Check usage of certificate against extentedJeyUsage.
#define POLARSSL_ERR_PK_INVALID_PUBKEY
The pubkey tag or value is invalid (only RSA and EC are supported).
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG
ASN1 tag was of an unexpected value.
#define KU_KEY_ENCIPHERMENT
#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG
Key algorithm is unsupported (only RSA and EC are supported).
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
#define POLARSSL_ERR_X509_SIG_MISMATCH
Signature algorithms do not match.
int get_line(FILE *f, char *buf, size_t len)
int x509_crt_parse_file(x509_crt *chain, const char *path)
Load one or more certificates and add them to the chained list.