1 #if !defined(POLARSSL_CONFIG_FILE)
4 #include POLARSSL_CONFIG_FILE
7 #ifdef POLARSSL_BIGNUM_C
15 int verify_none(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
19 ((void) certificate_depth);
25 int verify_all(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
29 ((void) certificate_depth);
38 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
42 #if defined(POLARSSL_PLATFORM_C)
45 #define polarssl_malloc malloc
46 #define polarssl_free free
51 typedef UINT32 uint32_t;
64 #define GET_UINT32_BE(n,b,i) \
66 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
67 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
68 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
69 | ( (uint32_t) (b)[(i) + 3] ); \
74 #define PUT_UINT32_BE(n,b,i) \
76 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
77 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
78 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
79 (b)[(i) + 3] = (unsigned char) ( (n) ); \
83 static int unhexify(
unsigned char *obuf,
const char *ibuf)
86 int len = strlen(ibuf) / 2;
87 assert(!(strlen(ibuf) %1));
92 if( c >=
'0' && c <=
'9' )
94 else if( c >=
'a' && c <=
'f' )
96 else if( c >=
'A' && c <=
'F' )
102 if( c2 >=
'0' && c2 <=
'9' )
104 else if( c2 >=
'a' && c2 <=
'f' )
106 else if( c2 >=
'A' && c2 <=
'F' )
111 *obuf++ = ( c << 4 ) | c2;
117 static void hexify(
unsigned char *obuf,
const unsigned char *ibuf,
int len)
129 *obuf++ =
'a' + h - 10;
134 *obuf++ =
'a' + l - 10;
151 size_t actual_len = len != 0 ? len : 1;
156 memset( p, 0x00, actual_len );
175 *olen = strlen(ibuf) / 2;
181 assert( obuf != NULL );
197 static int rnd_std_rand(
void *rng_state,
unsigned char *output,
size_t len )
199 #if !defined(__OpenBSD__)
202 if( rng_state != NULL )
205 for( i = 0; i < len; ++i )
208 if( rng_state != NULL )
211 arc4random_buf( output, len );
222 static int rnd_zero_rand(
void *rng_state,
unsigned char *output,
size_t len )
224 if( rng_state != NULL )
227 memset( output, 0, len );
254 if( rng_state == NULL )
263 memcpy( output, info->
buf, use_len );
264 info->
buf += use_len;
268 if( len - use_len > 0 )
269 return(
rnd_std_rand( NULL, output + use_len, len - use_len ) );
298 uint32_t i, *k, sum, delta=0x9E3779B9;
299 unsigned char result[4], *out = output;
301 if( rng_state == NULL )
308 size_t use_len = ( len > 4 ) ? 4 : len;
311 for( i = 0; i < 32; i++ )
313 info->
v0 += (((info->
v1 << 4) ^ (info->
v1 >> 5)) + info->
v1) ^ (sum + k[sum & 3]);
315 info->
v1 += (((info->
v0 << 4) ^ (info->
v0 >> 5)) + info->
v0) ^ (sum + k[(sum>>11) & 3]);
319 memcpy( out, result, use_len );
331 #if defined(POLARSSL_PLATFORM_C)
334 #define polarssl_printf printf
335 #define polarssl_malloc malloc
336 #define polarssl_free free
341 #ifdef POLARSSL_BIGNUM_C
343 #define TEST_SUITE_ACTIVE
345 static int test_assert(
int correct,
const char *test )
352 printf(
"FAILED\n" );
353 printf(
" %s\n", test );
358 #define TEST_ASSERT( TEST ) \
359 do { test_assert( (TEST) ? 1 : 0, #TEST ); \
360 if( test_errors) goto exit; \
365 if( (*str)[0] !=
'"' ||
366 (*str)[strlen( *str ) - 1] !=
'"' )
368 printf(
"Expected string (with \"\") for parameter and got: %s\n", *str );
373 (*str)[strlen( *str ) - 1] =
'\0';
385 for( i = 0; i < strlen( str ); i++ )
387 if( i == 0 && str[i] ==
'-' )
393 if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
394 str[i - 1] ==
'0' && str[i] ==
'x' )
400 if( ! ( ( str[i] >=
'0' && str[i] <=
'9' ) ||
401 ( hex && ( ( str[i] >=
'a' && str[i] <=
'f' ) ||
402 ( str[i] >=
'A' && str[i] <=
'F' ) ) ) ) )
412 *value = strtol( str, NULL, 16 );
414 *value = strtol( str, NULL, 10 );
419 #ifdef POLARSSL_X509_CSR_PARSE_C
420 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
425 #endif // POLARSSL_X509_CSR_PARSE_C
426 #ifdef POLARSSL_X509_CRT_PARSE_C
427 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
428 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
433 #endif // POLARSSL_X509_CRT_PARSE_C
434 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
435 #ifdef POLARSSL_X509_CRT_PARSE_C
436 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
441 #endif // POLARSSL_X509_CRT_PARSE_C
442 #ifdef POLARSSL_X509_CRL_PARSE_C
443 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
448 #endif // POLARSSL_X509_CRL_PARSE_C
449 #ifdef POLARSSL_X509_CRT_PARSE_C
450 if( strcmp( str,
"POLARSSL_ERR_PK_UNKNOWN_PK_ALG" ) == 0 )
455 #endif // POLARSSL_X509_CRT_PARSE_C
456 #ifdef POLARSSL_FS_IO
457 #ifdef POLARSSL_X509_CRT_PARSE_C
458 #ifdef POLARSSL_X509_CRL_PARSE_C
459 if( strcmp( str,
"BADCERT_EXPIRED" ) == 0 )
464 #endif // POLARSSL_FS_IO
465 #endif // POLARSSL_X509_CRT_PARSE_C
466 #endif // POLARSSL_X509_CRL_PARSE_C
467 #ifdef POLARSSL_X509_CRT_PARSE_C
468 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
473 #endif // POLARSSL_X509_CRT_PARSE_C
474 #ifdef POLARSSL_FS_IO
475 #ifdef POLARSSL_X509_CRT_PARSE_C
476 #ifdef POLARSSL_X509_CRL_PARSE_C
477 if( strcmp( str,
"BADCERT_NOT_TRUSTED" ) == 0 )
482 #endif // POLARSSL_FS_IO
483 #endif // POLARSSL_X509_CRT_PARSE_C
484 #endif // POLARSSL_X509_CRL_PARSE_C
485 #ifdef POLARSSL_X509_CRT_PARSE_C
486 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
487 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
492 #endif // POLARSSL_X509_CRT_PARSE_C
493 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
494 #ifdef POLARSSL_X509_CRL_PARSE_C
495 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
500 #endif // POLARSSL_X509_CRL_PARSE_C
501 #ifdef POLARSSL_X509_CRT_PARSE_C
502 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
507 #endif // POLARSSL_X509_CRT_PARSE_C
508 #ifdef POLARSSL_X509_CSR_PARSE_C
509 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
514 #endif // POLARSSL_X509_CSR_PARSE_C
515 #ifdef POLARSSL_X509_CRT_PARSE_C
516 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
521 #endif // POLARSSL_X509_CRT_PARSE_C
522 #ifdef POLARSSL_X509_CRT_PARSE_C
523 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
528 #endif // POLARSSL_X509_CRT_PARSE_C
529 #ifdef POLARSSL_X509_CRL_PARSE_C
530 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
535 #endif // POLARSSL_X509_CRL_PARSE_C
536 #ifdef POLARSSL_X509_CSR_PARSE_C
537 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
542 #endif // POLARSSL_X509_CSR_PARSE_C
543 #ifdef POLARSSL_X509_CRT_PARSE_C
544 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
549 #endif // POLARSSL_X509_CRT_PARSE_C
550 #ifdef POLARSSL_FS_IO
551 #ifdef POLARSSL_X509_CRT_PARSE_C
552 #ifdef POLARSSL_X509_CRL_PARSE_C
553 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_FUTURE | BADCERT_CN_MISMATCH" ) == 0 )
558 #endif // POLARSSL_FS_IO
559 #endif // POLARSSL_X509_CRT_PARSE_C
560 #endif // POLARSSL_X509_CRL_PARSE_C
561 #ifdef POLARSSL_X509_CRT_PARSE_C
562 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA " ) == 0 )
567 #endif // POLARSSL_X509_CRT_PARSE_C
568 #ifdef POLARSSL_X509_CRT_PARSE_C
569 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
574 #endif // POLARSSL_X509_CRT_PARSE_C
575 #ifdef POLARSSL_X509_CRT_PARSE_C
576 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
581 #endif // POLARSSL_X509_CRT_PARSE_C
582 #ifdef POLARSSL_X509_CRL_PARSE_C
583 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
588 #endif // POLARSSL_X509_CRL_PARSE_C
589 #ifdef POLARSSL_X509_CSR_PARSE_C
590 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
595 #endif // POLARSSL_X509_CSR_PARSE_C
596 #ifdef POLARSSL_X509_CRT_PARSE_C
597 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
602 #endif // POLARSSL_X509_CRT_PARSE_C
603 #ifdef POLARSSL_X509_CRT_PARSE_C
604 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE" ) == 0 )
609 #endif // POLARSSL_X509_CRT_PARSE_C
610 #ifdef POLARSSL_X509_CSR_PARSE_C
611 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
616 #endif // POLARSSL_X509_CSR_PARSE_C
617 #ifdef POLARSSL_X509_CRL_PARSE_C
618 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
623 #endif // POLARSSL_X509_CRL_PARSE_C
624 #ifdef POLARSSL_X509_CRT_PARSE_C
625 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
630 #endif // POLARSSL_X509_CRT_PARSE_C
631 #ifdef POLARSSL_X509_CRT_PARSE_C
632 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
633 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
638 #endif // POLARSSL_X509_CRT_PARSE_C
639 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
640 #ifdef POLARSSL_X509_CRT_PARSE_C
641 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
642 if( strcmp( str,
"POLARSSL_MD_SHA1" ) == 0 )
647 #endif // POLARSSL_X509_CRT_PARSE_C
648 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
649 #ifdef POLARSSL_X509_CSR_PARSE_C
650 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
655 #endif // POLARSSL_X509_CSR_PARSE_C
656 #ifdef POLARSSL_X509_CRT_PARSE_C
657 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
662 #endif // POLARSSL_X509_CRT_PARSE_C
663 #ifdef POLARSSL_FS_IO
664 #ifdef POLARSSL_X509_CRT_PARSE_C
665 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
666 if( strcmp( str,
"KU_KEY_ENCIPHERMENT|KU_KEY_AGREEMENT" ) == 0 )
671 #endif // POLARSSL_FS_IO
672 #endif // POLARSSL_X509_CRT_PARSE_C
673 #endif // POLARSSL_X509_CHECK_KEY_USAGE
674 #ifdef POLARSSL_FS_IO
675 #ifdef POLARSSL_X509_CRT_PARSE_C
676 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
677 if( strcmp( str,
"KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT" ) == 0 )
682 #endif // POLARSSL_FS_IO
683 #endif // POLARSSL_X509_CRT_PARSE_C
684 #endif // POLARSSL_X509_CHECK_KEY_USAGE
685 #ifdef POLARSSL_X509_CSR_PARSE_C
686 if( strcmp( str,
" 1" ) == 0 )
691 #endif // POLARSSL_X509_CSR_PARSE_C
692 #ifdef POLARSSL_X509_CRT_PARSE_C
693 if( strcmp( str,
" 1" ) == 0 )
698 #endif // POLARSSL_X509_CRT_PARSE_C
699 #ifdef POLARSSL_X509_CRL_PARSE_C
700 if( strcmp( str,
" 1" ) == 0 )
705 #endif // POLARSSL_X509_CRL_PARSE_C
706 #ifdef POLARSSL_X509_CRT_PARSE_C
707 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
712 #endif // POLARSSL_X509_CRT_PARSE_C
713 #ifdef POLARSSL_X509_CRL_PARSE_C
714 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
719 #endif // POLARSSL_X509_CRL_PARSE_C
720 #ifdef POLARSSL_X509_CSR_PARSE_C
721 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
726 #endif // POLARSSL_X509_CSR_PARSE_C
727 #ifdef POLARSSL_X509_CRT_PARSE_C
728 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
733 #endif // POLARSSL_X509_CRT_PARSE_C
734 #ifdef POLARSSL_X509_CRT_PARSE_C
735 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY" ) == 0 )
740 #endif // POLARSSL_X509_CRT_PARSE_C
741 #ifdef POLARSSL_FS_IO
742 #ifdef POLARSSL_X509_CRT_PARSE_C
743 #ifdef POLARSSL_X509_CRL_PARSE_C
744 if( strcmp( str,
"BADCRL_FUTURE" ) == 0 )
749 #endif // POLARSSL_FS_IO
750 #endif // POLARSSL_X509_CRT_PARSE_C
751 #endif // POLARSSL_X509_CRL_PARSE_C
752 #ifdef POLARSSL_X509_CRT_PARSE_C
753 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
754 if( strcmp( str,
"ASN1_SEQUENCE" ) == 0 )
759 #endif // POLARSSL_X509_CRT_PARSE_C
760 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
761 #ifdef POLARSSL_X509_CRT_PARSE_C
762 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
767 #endif // POLARSSL_X509_CRT_PARSE_C
768 #ifdef POLARSSL_X509_CRT_PARSE_C
769 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
774 #endif // POLARSSL_X509_CRT_PARSE_C
775 #ifdef POLARSSL_FS_IO
776 #ifdef POLARSSL_X509_CRT_PARSE_C
777 #ifdef POLARSSL_X509_CRL_PARSE_C
778 if( strcmp( str,
"BADCERT_REVOKED" ) == 0 )
783 #endif // POLARSSL_FS_IO
784 #endif // POLARSSL_X509_CRT_PARSE_C
785 #endif // POLARSSL_X509_CRL_PARSE_C
786 #ifdef POLARSSL_X509_CRT_PARSE_C
787 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
788 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
793 #endif // POLARSSL_X509_CRT_PARSE_C
794 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
795 #ifdef POLARSSL_X509_CSR_PARSE_C
796 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG" ) == 0 )
801 #endif // POLARSSL_X509_CSR_PARSE_C
802 #ifdef POLARSSL_X509_CRL_PARSE_C
803 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG" ) == 0 )
808 #endif // POLARSSL_X509_CRL_PARSE_C
809 #ifdef POLARSSL_X509_CRT_PARSE_C
810 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
815 #endif // POLARSSL_X509_CRT_PARSE_C
816 #ifdef POLARSSL_X509_CRT_PARSE_C
817 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
822 #endif // POLARSSL_X509_CRT_PARSE_C
823 #ifdef POLARSSL_FS_IO
824 #ifdef POLARSSL_X509_CRT_PARSE_C
825 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
826 if( strcmp( str,
"POLARSSL_ERR_X509_BAD_INPUT_DATA" ) == 0 )
831 #endif // POLARSSL_FS_IO
832 #endif // POLARSSL_X509_CRT_PARSE_C
833 #endif // POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
834 #ifdef POLARSSL_FS_IO
835 #ifdef POLARSSL_X509_CRT_PARSE_C
836 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
837 if( strcmp( str,
"POLARSSL_ERR_X509_BAD_INPUT_DATA" ) == 0 )
842 #endif // POLARSSL_FS_IO
843 #endif // POLARSSL_X509_CRT_PARSE_C
844 #endif // POLARSSL_X509_CHECK_KEY_USAGE
845 #ifdef POLARSSL_X509_CRL_PARSE_C
846 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
851 #endif // POLARSSL_X509_CRL_PARSE_C
852 #ifdef POLARSSL_FS_IO
853 #ifdef POLARSSL_X509_CRT_PARSE_C
854 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
855 if( strcmp( str,
"KU_DIGITAL_SIGNATURE" ) == 0 )
860 #endif // POLARSSL_FS_IO
861 #endif // POLARSSL_X509_CRT_PARSE_C
862 #endif // POLARSSL_X509_CHECK_KEY_USAGE
863 #ifdef POLARSSL_X509_CRT_PARSE_C
864 if( strcmp( str,
"POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
869 #endif // POLARSSL_X509_CRT_PARSE_C
870 #ifdef POLARSSL_X509_USE_C
871 if( strcmp( str,
"POLARSSL_ERR_OID_BUF_TOO_SMALL" ) == 0 )
876 #endif // POLARSSL_X509_USE_C
877 #ifdef POLARSSL_FS_IO
878 #ifdef POLARSSL_X509_CRT_PARSE_C
879 #ifdef POLARSSL_X509_CRL_PARSE_C
880 if( strcmp( str,
"POLARSSL_ERR_X509_CERT_VERIFY_FAILED" ) == 0 )
885 #endif // POLARSSL_FS_IO
886 #endif // POLARSSL_X509_CRT_PARSE_C
887 #endif // POLARSSL_X509_CRL_PARSE_C
888 #ifdef POLARSSL_X509_CRT_PARSE_C
889 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
894 #endif // POLARSSL_X509_CRT_PARSE_C
895 #ifdef POLARSSL_X509_CRT_PARSE_C
896 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
897 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
902 #endif // POLARSSL_X509_CRT_PARSE_C
903 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
904 #ifdef POLARSSL_X509_CRT_PARSE_C
905 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
910 #endif // POLARSSL_X509_CRT_PARSE_C
911 #ifdef POLARSSL_FS_IO
912 #ifdef POLARSSL_X509_CRT_PARSE_C
913 #ifdef POLARSSL_X509_CRL_PARSE_C
914 if( strcmp( str,
"BADCERT_CN_MISMATCH + BADCERT_NOT_TRUSTED" ) == 0 )
919 #endif // POLARSSL_FS_IO
920 #endif // POLARSSL_X509_CRT_PARSE_C
921 #endif // POLARSSL_X509_CRL_PARSE_C
922 #ifdef POLARSSL_X509_CRT_PARSE_C
923 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
928 #endif // POLARSSL_X509_CRT_PARSE_C
929 #ifdef POLARSSL_X509_CSR_PARSE_C
930 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
935 #endif // POLARSSL_X509_CSR_PARSE_C
936 #ifdef POLARSSL_X509_CRT_PARSE_C
937 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
942 #endif // POLARSSL_X509_CRT_PARSE_C
943 #ifdef POLARSSL_FS_IO
944 #ifdef POLARSSL_X509_CRT_PARSE_C
945 #ifdef POLARSSL_X509_CRL_PARSE_C
946 if( strcmp( str,
"BADCERT_REVOKED | BADCERT_CN_MISMATCH" ) == 0 )
951 #endif // POLARSSL_FS_IO
952 #endif // POLARSSL_X509_CRT_PARSE_C
953 #endif // POLARSSL_X509_CRL_PARSE_C
954 #ifdef POLARSSL_FS_IO
955 #ifdef POLARSSL_X509_CRT_PARSE_C
956 #ifdef POLARSSL_X509_CRL_PARSE_C
957 if( strcmp( str,
"BADCERT_FUTURE" ) == 0 )
962 #endif // POLARSSL_FS_IO
963 #endif // POLARSSL_X509_CRT_PARSE_C
964 #endif // POLARSSL_X509_CRL_PARSE_C
965 #ifdef POLARSSL_X509_CSR_PARSE_C
966 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
971 #endif // POLARSSL_X509_CSR_PARSE_C
972 #ifdef POLARSSL_X509_CRL_PARSE_C
973 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
978 #endif // POLARSSL_X509_CRL_PARSE_C
979 #ifdef POLARSSL_X509_CRT_PARSE_C
980 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
985 #endif // POLARSSL_X509_CRT_PARSE_C
986 #ifdef POLARSSL_X509_CRT_PARSE_C
987 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
992 #endif // POLARSSL_X509_CRT_PARSE_C
993 #ifdef POLARSSL_X509_CSR_PARSE_C
994 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
999 #endif // POLARSSL_X509_CSR_PARSE_C
1000 #ifdef POLARSSL_X509_CRT_PARSE_C
1001 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1002 if( strcmp( str,
"POLARSSL_ERR_X509_FEATURE_UNAVAILABLE + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
1007 #endif // POLARSSL_X509_CRT_PARSE_C
1008 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1009 #ifdef POLARSSL_FS_IO
1010 #ifdef POLARSSL_X509_CRT_PARSE_C
1011 #ifdef POLARSSL_X509_CRL_PARSE_C
1012 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED" ) == 0 )
1017 #endif // POLARSSL_FS_IO
1018 #endif // POLARSSL_X509_CRT_PARSE_C
1019 #endif // POLARSSL_X509_CRL_PARSE_C
1020 #ifdef POLARSSL_X509_CRT_PARSE_C
1021 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
1026 #endif // POLARSSL_X509_CRT_PARSE_C
1027 #ifdef POLARSSL_X509_CSR_PARSE_C
1028 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
1033 #endif // POLARSSL_X509_CSR_PARSE_C
1034 #ifdef POLARSSL_X509_CRT_PARSE_C
1035 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
1040 #endif // POLARSSL_X509_CRT_PARSE_C
1041 #ifdef POLARSSL_X509_CRL_PARSE_C
1042 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
1047 #endif // POLARSSL_X509_CRL_PARSE_C
1048 #ifdef POLARSSL_FS_IO
1049 #ifdef POLARSSL_X509_CRT_PARSE_C
1050 #ifdef POLARSSL_X509_CRL_PARSE_C
1051 if( strcmp( str,
"BADCRL_EXPIRED" ) == 0 )
1056 #endif // POLARSSL_FS_IO
1057 #endif // POLARSSL_X509_CRT_PARSE_C
1058 #endif // POLARSSL_X509_CRL_PARSE_C
1059 #ifdef POLARSSL_FS_IO
1060 #ifdef POLARSSL_X509_CRT_PARSE_C
1061 #ifdef POLARSSL_X509_CRL_PARSE_C
1062 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH" ) == 0 )
1067 #endif // POLARSSL_FS_IO
1068 #endif // POLARSSL_X509_CRT_PARSE_C
1069 #endif // POLARSSL_X509_CRL_PARSE_C
1070 #ifdef POLARSSL_X509_CRT_PARSE_C
1071 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1076 #endif // POLARSSL_X509_CRT_PARSE_C
1077 #ifdef POLARSSL_X509_CRT_PARSE_C
1078 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1079 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG" ) == 0 )
1084 #endif // POLARSSL_X509_CRT_PARSE_C
1085 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1086 #ifdef POLARSSL_X509_CRT_PARSE_C
1087 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1088 if( strcmp( str,
"ASN1_CONSTRUCTED | ASN1_SEQUENCE" ) == 0 )
1093 #endif // POLARSSL_X509_CRT_PARSE_C
1094 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1095 #ifdef POLARSSL_FS_IO
1096 #ifdef POLARSSL_X509_CRT_PARSE_C
1097 #ifdef POLARSSL_X509_CRL_PARSE_C
1098 if( strcmp( str,
"BADCERT_OTHER" ) == 0 )
1103 #endif // POLARSSL_FS_IO
1104 #endif // POLARSSL_X509_CRT_PARSE_C
1105 #endif // POLARSSL_X509_CRL_PARSE_C
1106 #ifdef POLARSSL_FS_IO
1107 #ifdef POLARSSL_X509_CRT_PARSE_C
1108 #ifdef POLARSSL_X509_CRL_PARSE_C
1109 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_FUTURE" ) == 0 )
1114 #endif // POLARSSL_FS_IO
1115 #endif // POLARSSL_X509_CRT_PARSE_C
1116 #endif // POLARSSL_X509_CRL_PARSE_C
1117 #ifdef POLARSSL_X509_CRT_PARSE_C
1118 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1119 if( strcmp( str,
"POLARSSL_MD_SHA256" ) == 0 )
1124 #endif // POLARSSL_X509_CRT_PARSE_C
1125 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1126 #ifdef POLARSSL_FS_IO
1127 #ifdef POLARSSL_X509_CRT_PARSE_C
1128 #ifdef POLARSSL_X509_CRL_PARSE_C
1129 if( strcmp( str,
"BADCRL_NOT_TRUSTED" ) == 0 )
1134 #endif // POLARSSL_FS_IO
1135 #endif // POLARSSL_X509_CRT_PARSE_C
1136 #endif // POLARSSL_X509_CRL_PARSE_C
1137 #ifdef POLARSSL_X509_CRT_PARSE_C
1138 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
1143 #endif // POLARSSL_X509_CRT_PARSE_C
1144 #ifdef POLARSSL_FS_IO
1145 #ifdef POLARSSL_X509_CRT_PARSE_C
1146 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1147 if( strcmp( str,
"KU_KEY_CERT_SIGN" ) == 0 )
1152 #endif // POLARSSL_FS_IO
1153 #endif // POLARSSL_X509_CRT_PARSE_C
1154 #endif // POLARSSL_X509_CHECK_KEY_USAGE
1155 #ifdef POLARSSL_X509_CRT_PARSE_C
1156 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1161 #endif // POLARSSL_X509_CRT_PARSE_C
1162 #ifdef POLARSSL_X509_CRL_PARSE_C
1163 if( strcmp( str,
"POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1168 #endif // POLARSSL_X509_CRL_PARSE_C
1169 #ifdef POLARSSL_X509_CRT_PARSE_C
1170 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1175 #endif // POLARSSL_X509_CRT_PARSE_C
1176 #ifdef POLARSSL_X509_CRL_PARSE_C
1177 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1182 #endif // POLARSSL_X509_CRL_PARSE_C
1183 #ifdef POLARSSL_X509_CSR_PARSE_C
1184 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1189 #endif // POLARSSL_X509_CSR_PARSE_C
1190 #ifdef POLARSSL_X509_CRT_PARSE_C
1191 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1196 #endif // POLARSSL_X509_CRT_PARSE_C
1197 #ifdef POLARSSL_X509_CSR_PARSE_C
1198 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1203 #endif // POLARSSL_X509_CSR_PARSE_C
1204 #ifdef POLARSSL_X509_CRL_PARSE_C
1205 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1210 #endif // POLARSSL_X509_CRL_PARSE_C
1211 #ifdef POLARSSL_X509_CRT_PARSE_C
1212 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1217 #endif // POLARSSL_X509_CRT_PARSE_C
1218 #ifdef POLARSSL_FS_IO
1219 #ifdef POLARSSL_X509_CRT_PARSE_C
1220 #ifdef POLARSSL_X509_CRL_PARSE_C
1221 if( strcmp( str,
"BADCERT_CN_MISMATCH" ) == 0 )
1226 #endif // POLARSSL_FS_IO
1227 #endif // POLARSSL_X509_CRT_PARSE_C
1228 #endif // POLARSSL_X509_CRL_PARSE_C
1229 #ifdef POLARSSL_FS_IO
1230 #ifdef POLARSSL_X509_CRT_PARSE_C
1231 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1232 if( strcmp( str,
"KU_KEY_CERT_SIGN|KU_CRL_SIGN" ) == 0 )
1237 #endif // POLARSSL_FS_IO
1238 #endif // POLARSSL_X509_CRT_PARSE_C
1239 #endif // POLARSSL_X509_CHECK_KEY_USAGE
1240 #ifdef POLARSSL_X509_CRT_PARSE_C
1241 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1246 #endif // POLARSSL_X509_CRT_PARSE_C
1247 #ifdef POLARSSL_X509_CSR_PARSE_C
1248 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1253 #endif // POLARSSL_X509_CSR_PARSE_C
1256 printf(
"Expected integer for parameter and got: %s\n", str );
1260 #ifdef POLARSSL_FS_IO
1261 #ifdef POLARSSL_X509_CRT_PARSE_C
1262 void test_suite_x509_cert_info(
char *crt_file,
char *result_str )
1269 memset( buf, 0, 2000 );
1285 #ifdef POLARSSL_FS_IO
1286 #ifdef POLARSSL_X509_CRL_PARSE_C
1287 void test_suite_x509_crl_info(
char *crl_file,
char *result_str )
1294 memset( buf, 0, 2000 );
1310 #ifdef POLARSSL_FS_IO
1311 #ifdef POLARSSL_X509_CSR_PARSE_C
1312 void test_suite_x509_csr_info(
char *csr_file,
char *result_str )
1319 memset( buf, 0, 2000 );
1335 #ifdef POLARSSL_FS_IO
1336 #ifdef POLARSSL_X509_CRT_PARSE_C
1337 #ifdef POLARSSL_X509_CRL_PARSE_C
1338 void test_suite_x509_verify(
char *crt_file,
char *ca_file,
char *crl_file,
1339 char *cn_name_str,
int result,
int flags_result,
1340 char *verify_callback )
1347 int (*f_vrfy)(
void *,
x509_crt *, int,
int *) = NULL;
1348 char * cn_name = NULL;
1354 if( strcmp( cn_name_str,
"NULL" ) != 0 )
1355 cn_name = cn_name_str;
1357 if( strcmp( verify_callback,
"NULL" ) == 0 )
1359 else if( strcmp( verify_callback,
"verify_none" ) == 0 )
1360 f_vrfy = verify_none;
1361 else if( strcmp( verify_callback,
"verify_all" ) == 0 )
1362 f_vrfy = verify_all;
1364 TEST_ASSERT(
"No known verify callback selected" == 0 );
1370 res =
x509_crt_verify( &crt, &ca, &crl, cn_name, &flags, f_vrfy, NULL );
1384 #ifdef POLARSSL_FS_IO
1385 #ifdef POLARSSL_X509_CRT_C
1386 void test_suite_x509_dn_gets(
char *crt_file,
char *entity,
char *result_str )
1393 memset( buf, 0, 2000 );
1396 if( strcmp( entity,
"subject" ) == 0 )
1398 else if( strcmp( entity,
"issuer" ) == 0 )
1414 #ifdef POLARSSL_FS_IO
1415 #ifdef POLARSSL_X509_CRT_C
1416 void test_suite_x509_time_expired(
char *crt_file,
char *entity,
int result )
1424 if( strcmp( entity,
"valid_from" ) == 0 )
1426 else if( strcmp( entity,
"valid_to" ) == 0 )
1437 #ifdef POLARSSL_FS_IO
1438 #ifdef POLARSSL_X509_CRT_C
1439 void test_suite_x509_time_future(
char *crt_file,
char *entity,
int result )
1447 if( strcmp( entity,
"valid_from" ) == 0 )
1449 else if( strcmp( entity,
"valid_to" ) == 0 )
1460 #ifdef POLARSSL_X509_CRT_PARSE_C
1461 void test_suite_x509parse_crt(
char *crt_data,
char *result_str,
int result )
1464 unsigned char buf[2000];
1465 unsigned char output[2000];
1469 memset( buf, 0, 2000 );
1470 memset( output, 0, 2000 );
1472 data_len =
unhexify( buf, crt_data );
1475 if( ( result ) == 0 )
1482 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1490 #ifdef POLARSSL_X509_CRL_PARSE_C
1491 void test_suite_x509parse_crl(
char *crl_data,
char *result_str,
int result )
1494 unsigned char buf[2000];
1495 unsigned char output[2000];
1499 memset( buf, 0, 2000 );
1500 memset( output, 0, 2000 );
1502 data_len =
unhexify( buf, crl_data );
1505 if( ( result ) == 0 )
1512 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1520 #ifdef POLARSSL_X509_CSR_PARSE_C
1521 void test_suite_x509_csr_parse(
char *csr_der_hex,
char *ref_out,
int ref_ret )
1524 unsigned char *csr_der = NULL;
1530 memset( my_out, 0,
sizeof( my_out ) );
1538 size_t my_out_len =
x509_csr_info( my_out,
sizeof( my_out ),
"", &csr );
1549 #ifdef POLARSSL_FS_IO
1550 #ifdef POLARSSL_X509_CRT_PARSE_C
1551 void test_suite_x509_crt_parse_path(
char *crt_path,
int ret,
int nb_crt )
1553 x509_crt chain, *cur;
1561 for( i = 0, cur = &chain; cur != NULL; cur = cur->
next )
1562 if( cur->
raw.
p != NULL )
1573 #ifdef POLARSSL_X509_USE_C
1574 void test_suite_x509_oid_desc(
char *oid_str,
char *ref_desc )
1578 unsigned char buf[20];
1580 memset( buf, 0,
sizeof buf );
1588 if( strcmp( ref_desc,
"notfound" ) == 0 )
1601 #ifdef POLARSSL_X509_USE_C
1602 void test_suite_x509_oid_numstr(
char *oid_str,
char *numstr,
int blen,
int ret )
1605 unsigned char oid_buf[20];
1608 memset( oid_buf, 0x00,
sizeof oid_buf );
1609 memset( num_buf, 0x2a,
sizeof num_buf );
1630 #ifdef POLARSSL_FS_IO
1631 #ifdef POLARSSL_X509_CRT_PARSE_C
1632 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1633 void test_suite_x509_check_key_usage(
char *crt_file,
int usage,
int ret )
1650 #ifdef POLARSSL_FS_IO
1651 #ifdef POLARSSL_X509_CRT_PARSE_C
1652 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
1653 void test_suite_x509_check_extended_key_usage(
char *crt_file,
char *usage_hex,
int ret )
1661 len =
unhexify( (
unsigned char *) oid, usage_hex );
1674 #ifdef POLARSSL_X509_CRT_PARSE_C
1675 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1676 void test_suite_x509_parse_rsassa_pss_params(
char *hex_params,
int params_tag,
1677 int ref_msg_md,
int ref_mgf_md,
1678 int ref_salt_len,
int ref_ret )
1686 params.
tag = params_tag;
1691 if( my_ret != ref_ret ) printf(
"\n%04X\n", - my_ret );
1708 #ifdef POLARSSL_X509_CRT_PARSE_C
1709 #ifdef POLARSSL_SELF_TEST
1710 void test_suite_x509_selftest()
1729 if( strcmp( str,
"POLARSSL_X509_RSASSA_PSS_SUPPORT" ) == 0 )
1731 #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)
1737 if( strcmp( str,
"POLARSSL_ECP_DP_SECP384R1_ENABLED" ) == 0 )
1739 #if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
1745 if( strcmp( str,
"POLARSSL_PKCS1_V15" ) == 0 )
1747 #if defined(POLARSSL_PKCS1_V15)
1753 if( strcmp( str,
"POLARSSL_ECP_C" ) == 0 )
1755 #if defined(POLARSSL_ECP_C)
1761 if( strcmp( str,
"POLARSSL_PEM_PARSE_C" ) == 0 )
1763 #if defined(POLARSSL_PEM_PARSE_C)
1769 if( strcmp( str,
"POLARSSL_CERTS_C" ) == 0 )
1771 #if defined(POLARSSL_CERTS_C)
1777 if( strcmp( str,
"POLARSSL_X509_CHECK_KEY_USAGE" ) == 0 )
1779 #if defined(POLARSSL_X509_CHECK_KEY_USAGE)
1785 if( strcmp( str,
"POLARSSL_SHA512_C" ) == 0 )
1787 #if defined(POLARSSL_SHA512_C)
1793 if( strcmp( str,
"POLARSSL_SHA256_C" ) == 0 )
1795 #if defined(POLARSSL_SHA256_C)
1801 if( strcmp( str,
"POLARSSL_RSA_C" ) == 0 )
1803 #if defined(POLARSSL_RSA_C)
1809 if( strcmp( str,
"POLARSSL_ECDSA_C" ) == 0 )
1811 #if defined(POLARSSL_ECDSA_C)
1817 if( strcmp( str,
"POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3" ) == 0 )
1819 #if defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
1825 if( strcmp( str,
"POLARSSL_ECP_DP_SECP256R1_ENABLED" ) == 0 )
1827 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
1833 if( strcmp( str,
"POLARSSL_HAVE_TIME" ) == 0 )
1835 #if defined(POLARSSL_HAVE_TIME)
1841 if( strcmp( str,
"POLARSSL_ECP_DP_SECP383R1_ENABLED" ) == 0 )
1843 #if defined(POLARSSL_ECP_DP_SECP383R1_ENABLED)
1849 if( strcmp( str,
"POLARSSL_ECP_DP_SECP192R1_ENABLED" ) == 0 )
1851 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
1857 if( strcmp( str,
"POLARSSL_MD5_C" ) == 0 )
1859 #if defined(POLARSSL_MD5_C)
1865 if( strcmp( str,
"POLARSSL_SHA1_C" ) == 0 )
1867 #if defined(POLARSSL_SHA1_C)
1873 if( strcmp( str,
"POLARSSL_MD4_C" ) == 0 )
1875 #if defined(POLARSSL_MD4_C)
1892 #if defined(TEST_SUITE_ACTIVE)
1893 if( strcmp( params[0],
"x509_cert_info" ) == 0 )
1895 #ifdef POLARSSL_FS_IO
1896 #ifdef POLARSSL_X509_CRT_PARSE_C
1898 char *param1 = params[1];
1899 char *param2 = params[2];
1903 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1910 test_suite_x509_cert_info( param1, param2 );
1918 if( strcmp( params[0],
"x509_crl_info" ) == 0 )
1920 #ifdef POLARSSL_FS_IO
1921 #ifdef POLARSSL_X509_CRL_PARSE_C
1923 char *param1 = params[1];
1924 char *param2 = params[2];
1928 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1935 test_suite_x509_crl_info( param1, param2 );
1943 if( strcmp( params[0],
"x509_csr_info" ) == 0 )
1945 #ifdef POLARSSL_FS_IO
1946 #ifdef POLARSSL_X509_CSR_PARSE_C
1948 char *param1 = params[1];
1949 char *param2 = params[2];
1953 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1960 test_suite_x509_csr_info( param1, param2 );
1968 if( strcmp( params[0],
"x509_verify" ) == 0 )
1970 #ifdef POLARSSL_FS_IO
1971 #ifdef POLARSSL_X509_CRT_PARSE_C
1972 #ifdef POLARSSL_X509_CRL_PARSE_C
1974 char *param1 = params[1];
1975 char *param2 = params[2];
1976 char *param3 = params[3];
1977 char *param4 = params[4];
1980 char *param7 = params[7];
1984 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 8 );
1992 if(
verify_int( params[5], ¶m5 ) != 0 )
return( 2 );
1993 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
1996 test_suite_x509_verify( param1, param2, param3, param4, param5, param6, param7 );
2005 if( strcmp( params[0],
"x509_dn_gets" ) == 0 )
2007 #ifdef POLARSSL_FS_IO
2008 #ifdef POLARSSL_X509_CRT_C
2010 char *param1 = params[1];
2011 char *param2 = params[2];
2012 char *param3 = params[3];
2016 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2024 test_suite_x509_dn_gets( param1, param2, param3 );
2032 if( strcmp( params[0],
"x509_time_expired" ) == 0 )
2034 #ifdef POLARSSL_FS_IO
2035 #ifdef POLARSSL_X509_CRT_C
2037 char *param1 = params[1];
2038 char *param2 = params[2];
2043 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2049 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2051 test_suite_x509_time_expired( param1, param2, param3 );
2059 if( strcmp( params[0],
"x509_time_future" ) == 0 )
2061 #ifdef POLARSSL_FS_IO
2062 #ifdef POLARSSL_X509_CRT_C
2064 char *param1 = params[1];
2065 char *param2 = params[2];
2070 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2076 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2078 test_suite_x509_time_future( param1, param2, param3 );
2086 if( strcmp( params[0],
"x509parse_crt" ) == 0 )
2088 #ifdef POLARSSL_X509_CRT_PARSE_C
2090 char *param1 = params[1];
2091 char *param2 = params[2];
2096 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2102 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2104 test_suite_x509parse_crt( param1, param2, param3 );
2111 if( strcmp( params[0],
"x509parse_crl" ) == 0 )
2113 #ifdef POLARSSL_X509_CRL_PARSE_C
2115 char *param1 = params[1];
2116 char *param2 = params[2];
2121 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2127 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2129 test_suite_x509parse_crl( param1, param2, param3 );
2136 if( strcmp( params[0],
"x509_csr_parse" ) == 0 )
2138 #ifdef POLARSSL_X509_CSR_PARSE_C
2140 char *param1 = params[1];
2141 char *param2 = params[2];
2146 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2152 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2154 test_suite_x509_csr_parse( param1, param2, param3 );
2161 if( strcmp( params[0],
"x509_crt_parse_path" ) == 0 )
2163 #ifdef POLARSSL_FS_IO
2164 #ifdef POLARSSL_X509_CRT_PARSE_C
2166 char *param1 = params[1];
2172 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2177 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2178 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2180 test_suite_x509_crt_parse_path( param1, param2, param3 );
2188 if( strcmp( params[0],
"x509_oid_desc" ) == 0 )
2190 #ifdef POLARSSL_X509_USE_C
2192 char *param1 = params[1];
2193 char *param2 = params[2];
2197 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
2204 test_suite_x509_oid_desc( param1, param2 );
2211 if( strcmp( params[0],
"x509_oid_numstr" ) == 0 )
2213 #ifdef POLARSSL_X509_USE_C
2215 char *param1 = params[1];
2216 char *param2 = params[2];
2222 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 5 );
2228 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2229 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
2231 test_suite_x509_oid_numstr( param1, param2, param3, param4 );
2238 if( strcmp( params[0],
"x509_check_key_usage" ) == 0 )
2240 #ifdef POLARSSL_FS_IO
2241 #ifdef POLARSSL_X509_CRT_PARSE_C
2242 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
2244 char *param1 = params[1];
2250 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2255 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2256 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2258 test_suite_x509_check_key_usage( param1, param2, param3 );
2267 if( strcmp( params[0],
"x509_check_extended_key_usage" ) == 0 )
2269 #ifdef POLARSSL_FS_IO
2270 #ifdef POLARSSL_X509_CRT_PARSE_C
2271 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
2273 char *param1 = params[1];
2274 char *param2 = params[2];
2279 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2285 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2287 test_suite_x509_check_extended_key_usage( param1, param2, param3 );
2296 if( strcmp( params[0],
"x509_parse_rsassa_pss_params" ) == 0 )
2298 #ifdef POLARSSL_X509_CRT_PARSE_C
2299 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
2301 char *param1 = params[1];
2310 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 7 );
2315 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2316 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2317 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
2318 if(
verify_int( params[5], ¶m5 ) != 0 )
return( 2 );
2319 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
2321 test_suite_x509_parse_rsassa_pss_params( param1, param2, param3, param4, param5, param6 );
2329 if( strcmp( params[0],
"x509_selftest" ) == 0 )
2331 #ifdef POLARSSL_X509_CRT_PARSE_C
2332 #ifdef POLARSSL_SELF_TEST
2337 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 1 );
2342 test_suite_x509_selftest( );
2352 fprintf( stdout,
"FAILED\nSkipping unknown test function '%s'\n", params[0] );
2366 ret = fgets( buf, len, f );
2370 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\n' )
2371 buf[strlen(buf) - 1] =
'\0';
2372 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\r' )
2373 buf[strlen(buf) - 1] =
'\0';
2384 params[cnt++] = cur;
2386 while( *p !=
'\0' && p < buf + len )
2396 if( p + 1 < buf + len )
2399 params[cnt++] = cur;
2408 for( i = 0; i < cnt; i++ )
2415 if( *p ==
'\\' && *(p + 1) ==
'n' )
2420 else if( *p ==
'\\' && *(p + 1) ==
':' )
2425 else if( *p ==
'\\' && *(p + 1) ==
'?' )
2441 int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
2442 const char *filename =
"/tmp/B.43ee1cd1-d3e3-4a1b-8449-a820e9bbf54f/BUILD/polarssl-1.3.8/tests/suites/test_suite_x509parse.data";
2447 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2448 unsigned char alloc_buf[1000000];
2452 file = fopen( filename,
"r" );
2455 fprintf( stderr,
"Failed to open\n" );
2459 while( !feof( file ) )
2463 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2465 fprintf( stdout,
"%s%.66s",
test_errors ?
"\n" :
"", buf );
2466 fprintf( stdout,
" " );
2467 for( i = strlen( buf ) + 1; i < 67; i++ )
2468 fprintf( stdout,
"." );
2469 fprintf( stdout,
" " );
2474 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2478 if( strcmp( params[0],
"depends_on" ) == 0 )
2480 for( i = 1; i < cnt; i++ )
2484 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2495 if( skip == 1 || ret == 3 )
2498 fprintf( stdout,
"----\n" );
2503 fprintf( stdout,
"PASS\n" );
2508 fprintf( stderr,
"FAILED: FATAL PARSE ERROR\n" );
2515 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2517 if( strlen(buf) != 0 )
2519 fprintf( stderr,
"Should be empty %d\n", (
int) strlen(buf) );
2525 fprintf( stdout,
"\n----------------------------------------------------------------------------\n\n");
2526 if( total_errors == 0 )
2527 fprintf( stdout,
"PASSED" );
2529 fprintf( stdout,
"FAILED" );
2531 fprintf( stdout,
" (%d / %d tests (%d skipped))\n",
2532 total_tests - total_errors, total_tests, total_skipped );
2534 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2535 #if defined(POLARSSL_MEMORY_DEBUG)
2536 memory_buffer_alloc_status();
2541 return( total_errors != 0 );
#define POLARSSL_ERR_PK_INVALID_ALG
The algorithm tag or value is invalid.
int x509_time_expired(const x509_time *time)
Check a given x509_time against the system time and check if it is not expired.
#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT
Invalid key tag or value.
int x509_csr_parse_der(x509_csr *csr, const unsigned char *buf, size_t buflen)
Load a Certificate Signing Request (CSR) in DER format.
void x509_crl_init(x509_crl *crl)
Initialize a CRL (chain)
Memory allocation layer (Deprecated to platform layer)
#define POLARSSL_ERR_X509_INVALID_DATE
The date tag or value is invalid.
#define BADCERT_OTHER
Other reason (can be used by verify callback)
Info structure for the pseudo random function.
x509_buf raw
The raw certificate data (DER).
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH
Actual length differs from expected length.
void memory_buffer_alloc_free(void)
Free the mutex for thread-safety and clear remaining memory.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
int get_line(FILE *f, char *buf, size_t len)
#define POLARSSL_ERR_X509_INVALID_FORMAT
The CRT/CRL/CSR format is invalid, e.g.
const char * x509_oid_get_description(x509_buf *oid)
Give an known OID, return its descriptive string.
int x509_crt_parse(x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse one or more certificates and add them to the chained list.
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
void x509_crt_free(x509_crt *crt)
Unallocate all certificate data.
Configuration options (set of defines)
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
Signature algorithm (oid) is unsupported.
#define POLARSSL_ERR_ASN1_INVALID_DATA
Data is invalid.
#define POLARSSL_ERR_X509_INVALID_SIGNATURE
The signature tag or value invalid.
static int test_assert(int correct, const char *test)
#define BADCRL_NOT_TRUSTED
CRL is not correctly signed by the trusted CA.
#define POLARSSL_ERR_ASN1_INVALID_LENGTH
Error when trying to determine the length or invalid length.
#define POLARSSL_ERR_X509_UNKNOWN_VERSION
CRT/CRL/CSR has an unsupported version number.
static unsigned char * zero_alloc(size_t len)
Allocate and zeroize a buffer.
int x509_crl_parse_file(x509_crl *chain, const char *path)
Load one or more CRLs and add them to the chained list.
Object Identifier (OID) database.
int x509_crl_parse(x509_crl *chain, const unsigned char *buf, size_t buflen)
Parse one or more CRLs and add them to the chained list.
int x509_crl_info(char *buf, size_t size, const char *prefix, const x509_crl *crl)
Returns an informational string about the CRL.
struct _x509_crt * next
Next certificate in the CA-chain.
int x509_crt_check_key_usage(const x509_crt *crt, int usage)
Check usage of certificate against keyUsage extension.
int memory_buffer_alloc_init(unsigned char *buf, size_t len)
Initialize use of stack-based memory allocator.
#define TEST_ASSERT(TEST)
#define BADCERT_EXPIRED
The certificate validity has expired.
#define BADCERT_FUTURE
The certificate validity starts in the future.
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED
Certificate verification failed, e.g.
Container for an X.509 certificate.
#define POLARSSL_ERR_OID_NOT_FOUND
OID is not found.
Privacy Enhanced Mail (PEM) decoding.
x509_time valid_from
Start time of certificate validity.
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
void x509_crl_free(x509_crl *crl)
Unallocate all CRL data.
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
void x509_crt_init(x509_crt *crt)
Initialize a certificate (chain)
unsigned char * p
ASN1 data, e.g.
x509_name subject
The parsed subject data (named information object).
X.509 certificate signing request parsing and writing.
int x509_crt_verify(x509_crt *crt, x509_crt *trust_ca, x509_crl *ca_crl, const char *cn, int *flags, int(*f_vrfy)(void *, x509_crt *, int, int *), void *p_vrfy)
Verify the certificate signature.
int x509_oid_get_numeric_string(char *buf, size_t size, x509_buf *oid)
Give an OID, return a string version of its OID number.
void x509_csr_free(x509_csr *csr)
Unallocate all CSR data.
static unsigned char * unhexify_alloc(const char *ibuf, size_t *olen)
Allocate and fill a buffer from hex data.
x509_time valid_to
End time of certificate validity.
int dispatch_test(int cnt, char *params[50])
X.509 certificate parsing and writing.
#define POLARSSL_ERR_X509_INVALID_ALG
The algorithm tag or value is invalid.
#define POLARSSL_ERR_ASN1_OUT_OF_DATA
Out of data when parsing an ASN1 data structure.
int x509_get_rsassa_pss_params(const x509_buf *params, md_type_t *md_alg, md_type_t *mgf_md, int *salt_len)
int parse_arguments(char *buf, size_t len, char *params[50])
#define BADCERT_NOT_TRUSTED
The certificate is not correctly signed by the trusted CA.
static int unhexify(unsigned char *obuf, const char *ibuf)
Type-length-value structure that allows for ASN1 using DER.
size_t len
ASN1 length, e.g.
#define BADCRL_FUTURE
The CRL is from the future.
int verify_string(char **str)
x509_name issuer
The parsed issuer data (named information object).
#define POLARSSL_ERR_X509_INVALID_NAME
The name tag or value is invalid.
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
#define BADCERT_REVOKED
The certificate has been revoked (is on a CRL).
#define BADCRL_EXPIRED
CRL is expired.
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE
Unavailable feature, e.g.
X.509 certificate revocation list parsing.
#define KU_DIGITAL_SIGNATURE
#define POLARSSL_ERR_X509_INVALID_VERSION
The CRT/CRL/CSR version element is invalid.
Certificate revocation list structure.
int x509_csr_info(char *buf, size_t size, const char *prefix, const x509_csr *csr)
Returns an informational string about the CSR.
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS
The extension tag or value is invalid.
#define POLARSSL_ERR_OID_BUF_TOO_SMALL
output buffer is too small
int x509_time_future(const x509_time *time)
Check a given x509_time against the system time and check if it is not from the future.
int x509_crt_parse_path(x509_crt *chain, const char *path)
Load one or more certificate files from a path and add them to the chained list.
Certificate Signing Request (CSR) structure.
#define POLARSSL_ERR_X509_BAD_INPUT_DATA
Input invalid.
#define PUT_UINT32_BE(n, b, i)
#define BADCERT_CN_MISMATCH
The certificate Common Name (CN) does not match with the expected CN.
int x509_csr_parse_file(x509_csr *csr, const char *path)
Load a Certificate Signing Request (CSR)
int x509_self_test(int verbose)
Checkup routine.
int verify_int(char *str, int *value)
int x509_crt_info(char *buf, size_t size, const char *prefix, const x509_crt *crt)
Returns an informational string about the certificate.
void x509_csr_init(x509_csr *csr)
Initialize a CSR.
#define POLARSSL_ERR_X509_INVALID_SERIAL
The serial tag or value is invalid.
int x509_crt_check_extended_key_usage(const x509_crt *crt, const char *usage_oid, size_t usage_len)
Check usage of certificate against extentedJeyUsage.
#define POLARSSL_ERR_PK_INVALID_PUBKEY
The pubkey tag or value is invalid (only RSA and EC are supported).
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG
ASN1 tag was of an unexpected value.
#define KU_KEY_ENCIPHERMENT
#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG
Key algorithm is unsupported (only RSA and EC are supported).
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
#define POLARSSL_ERR_X509_SIG_MISMATCH
Signature algorithms do not match.
int x509_crt_parse_file(x509_crt *chain, const char *path)
Load one or more certificates and add them to the chained list.