1 #if !defined(POLARSSL_CONFIG_FILE)
4 #include POLARSSL_CONFIG_FILE
7 #ifdef POLARSSL_BIGNUM_C
16 int verify_none(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
20 ((void) certificate_depth);
26 int verify_all(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
30 ((void) certificate_depth);
39 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
43 #if defined(POLARSSL_PLATFORM_C)
46 #define polarssl_malloc malloc
47 #define polarssl_free free
52 typedef UINT32 uint32_t;
65 #define GET_UINT32_BE(n,b,i) \
67 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
68 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
69 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
70 | ( (uint32_t) (b)[(i) + 3] ); \
75 #define PUT_UINT32_BE(n,b,i) \
77 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
78 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
79 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
80 (b)[(i) + 3] = (unsigned char) ( (n) ); \
84 static int unhexify(
unsigned char *obuf,
const char *ibuf)
87 int len = strlen(ibuf) / 2;
88 assert(!(strlen(ibuf) %1));
93 if( c >=
'0' && c <=
'9' )
95 else if( c >=
'a' && c <=
'f' )
97 else if( c >=
'A' && c <=
'F' )
103 if( c2 >=
'0' && c2 <=
'9' )
105 else if( c2 >=
'a' && c2 <=
'f' )
107 else if( c2 >=
'A' && c2 <=
'F' )
112 *obuf++ = ( c << 4 ) | c2;
118 static void hexify(
unsigned char *obuf,
const unsigned char *ibuf,
int len)
130 *obuf++ =
'a' + h - 10;
135 *obuf++ =
'a' + l - 10;
152 size_t actual_len = len != 0 ? len : 1;
157 memset( p, 0x00, actual_len );
176 *olen = strlen(ibuf) / 2;
182 assert( obuf != NULL );
198 static int rnd_std_rand(
void *rng_state,
unsigned char *output,
size_t len )
200 #if !defined(__OpenBSD__)
203 if( rng_state != NULL )
206 for( i = 0; i < len; ++i )
209 if( rng_state != NULL )
212 arc4random_buf( output, len );
223 static int rnd_zero_rand(
void *rng_state,
unsigned char *output,
size_t len )
225 if( rng_state != NULL )
228 memset( output, 0, len );
255 if( rng_state == NULL )
264 memcpy( output, info->
buf, use_len );
265 info->
buf += use_len;
269 if( len - use_len > 0 )
270 return(
rnd_std_rand( NULL, output + use_len, len - use_len ) );
299 uint32_t i, *k, sum, delta=0x9E3779B9;
300 unsigned char result[4], *out = output;
302 if( rng_state == NULL )
309 size_t use_len = ( len > 4 ) ? 4 : len;
312 for( i = 0; i < 32; i++ )
314 info->
v0 += (((info->
v1 << 4) ^ (info->
v1 >> 5)) + info->
v1) ^ (sum + k[sum & 3]);
316 info->
v1 += (((info->
v0 << 4) ^ (info->
v0 >> 5)) + info->
v0) ^ (sum + k[(sum>>11) & 3]);
320 memcpy( out, result, use_len );
332 #if defined(POLARSSL_PLATFORM_C)
335 #define polarssl_printf printf
336 #define polarssl_malloc malloc
337 #define polarssl_free free
342 #ifdef POLARSSL_BIGNUM_C
344 #define TEST_SUITE_ACTIVE
346 static int test_assert(
int correct,
const char *test )
353 printf(
"FAILED\n" );
354 printf(
" %s\n", test );
359 #define TEST_ASSERT( TEST ) \
360 do { test_assert( (TEST) ? 1 : 0, #TEST ); \
361 if( test_errors) goto exit; \
366 if( (*str)[0] !=
'"' ||
367 (*str)[strlen( *str ) - 1] !=
'"' )
369 printf(
"Expected string (with \"\") for parameter and got: %s\n", *str );
374 (*str)[strlen( *str ) - 1] =
'\0';
386 for( i = 0; i < strlen( str ); i++ )
388 if( i == 0 && str[i] ==
'-' )
394 if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
395 str[i - 1] ==
'0' && str[i] ==
'x' )
401 if( ! ( ( str[i] >=
'0' && str[i] <=
'9' ) ||
402 ( hex && ( ( str[i] >=
'a' && str[i] <=
'f' ) ||
403 ( str[i] >=
'A' && str[i] <=
'F' ) ) ) ) )
413 *value = strtol( str, NULL, 16 );
415 *value = strtol( str, NULL, 10 );
420 #ifdef POLARSSL_X509_CRT_PARSE_C
421 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
426 #endif // POLARSSL_X509_CRT_PARSE_C
427 #ifdef POLARSSL_X509_CRL_PARSE_C
428 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG" ) == 0 )
433 #endif // POLARSSL_X509_CRL_PARSE_C
434 #ifdef POLARSSL_X509_CSR_PARSE_C
435 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG" ) == 0 )
440 #endif // POLARSSL_X509_CSR_PARSE_C
441 #ifdef POLARSSL_FS_IO
442 #ifdef POLARSSL_X509_CRT_PARSE_C
443 #ifdef POLARSSL_X509_CRL_PARSE_C
444 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_FUTURE | BADCERT_CN_MISMATCH" ) == 0 )
449 #endif // POLARSSL_FS_IO
450 #endif // POLARSSL_X509_CRT_PARSE_C
451 #endif // POLARSSL_X509_CRL_PARSE_C
452 #ifdef POLARSSL_X509_CRT_PARSE_C
453 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
454 if( strcmp( str,
"POLARSSL_MD_SHA256" ) == 0 )
459 #endif // POLARSSL_X509_CRT_PARSE_C
460 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
461 #ifdef POLARSSL_FS_IO
462 #ifdef POLARSSL_X509_CRT_PARSE_C
463 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
464 if( strcmp( str,
"KU_KEY_CERT_SIGN" ) == 0 )
469 #endif // POLARSSL_FS_IO
470 #endif // POLARSSL_X509_CRT_PARSE_C
471 #endif // POLARSSL_X509_CHECK_KEY_USAGE
472 #ifdef POLARSSL_X509_CSR_PARSE_C
473 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
478 #endif // POLARSSL_X509_CSR_PARSE_C
479 #ifdef POLARSSL_X509_CRT_PARSE_C
480 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
485 #endif // POLARSSL_X509_CRT_PARSE_C
486 #ifdef POLARSSL_FS_IO
487 #ifdef POLARSSL_X509_CRT_PARSE_C
488 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
489 if( strcmp( str,
"POLARSSL_ERR_X509_BAD_INPUT_DATA" ) == 0 )
494 #endif // POLARSSL_FS_IO
495 #endif // POLARSSL_X509_CRT_PARSE_C
496 #endif // POLARSSL_X509_CHECK_KEY_USAGE
497 #ifdef POLARSSL_FS_IO
498 #ifdef POLARSSL_X509_CRT_PARSE_C
499 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
500 if( strcmp( str,
"POLARSSL_ERR_X509_BAD_INPUT_DATA" ) == 0 )
505 #endif // POLARSSL_FS_IO
506 #endif // POLARSSL_X509_CRT_PARSE_C
507 #endif // POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
508 #ifdef POLARSSL_X509_CRT_PARSE_C
509 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
510 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG" ) == 0 )
515 #endif // POLARSSL_X509_CRT_PARSE_C
516 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
517 #ifdef POLARSSL_FS_IO
518 #ifdef POLARSSL_X509_CRT_PARSE_C
519 #ifdef POLARSSL_X509_CRL_PARSE_C
520 if( strcmp( str,
"BADCERT_REVOKED | BADCERT_CN_MISMATCH" ) == 0 )
525 #endif // POLARSSL_FS_IO
526 #endif // POLARSSL_X509_CRT_PARSE_C
527 #endif // POLARSSL_X509_CRL_PARSE_C
528 #ifdef POLARSSL_X509_CRT_PARSE_C
529 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
530 if( strcmp( str,
"POLARSSL_ERR_X509_FEATURE_UNAVAILABLE + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
535 #endif // POLARSSL_X509_CRT_PARSE_C
536 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
537 #ifdef POLARSSL_X509_CRT_PARSE_C
538 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
543 #endif // POLARSSL_X509_CRT_PARSE_C
544 #ifdef POLARSSL_X509_CRL_PARSE_C
545 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
550 #endif // POLARSSL_X509_CRL_PARSE_C
551 #ifdef POLARSSL_X509_CRT_PARSE_C
552 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
557 #endif // POLARSSL_X509_CRT_PARSE_C
558 #ifdef POLARSSL_X509_CSR_PARSE_C
559 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
564 #endif // POLARSSL_X509_CSR_PARSE_C
565 #ifdef POLARSSL_X509_CSR_PARSE_C
566 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
571 #endif // POLARSSL_X509_CSR_PARSE_C
572 #ifdef POLARSSL_FS_IO
573 #ifdef POLARSSL_X509_CRT_PARSE_C
574 #ifdef POLARSSL_X509_CRL_PARSE_C
575 if( strcmp( str,
"BADCERT_OTHER" ) == 0 )
580 #endif // POLARSSL_FS_IO
581 #endif // POLARSSL_X509_CRT_PARSE_C
582 #endif // POLARSSL_X509_CRL_PARSE_C
583 #ifdef POLARSSL_X509_CRT_PARSE_C
584 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
585 if( strcmp( str,
"ASN1_SEQUENCE" ) == 0 )
590 #endif // POLARSSL_X509_CRT_PARSE_C
591 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
592 #ifdef POLARSSL_X509_CRT_PARSE_C
593 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
598 #endif // POLARSSL_X509_CRT_PARSE_C
599 #ifdef POLARSSL_X509_CRT_PARSE_C
600 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
605 #endif // POLARSSL_X509_CRT_PARSE_C
606 #ifdef POLARSSL_X509_CRL_PARSE_C
607 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
612 #endif // POLARSSL_X509_CRL_PARSE_C
613 #ifdef POLARSSL_FS_IO
614 #ifdef POLARSSL_X509_CRT_PARSE_C
615 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
616 if( strcmp( str,
"KU_KEY_ENCIPHERMENT|KU_KEY_AGREEMENT" ) == 0 )
621 #endif // POLARSSL_FS_IO
622 #endif // POLARSSL_X509_CRT_PARSE_C
623 #endif // POLARSSL_X509_CHECK_KEY_USAGE
624 #ifdef POLARSSL_FS_IO
625 #ifdef POLARSSL_X509_CRT_PARSE_C
626 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
627 if( strcmp( str,
"KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT" ) == 0 )
632 #endif // POLARSSL_FS_IO
633 #endif // POLARSSL_X509_CRT_PARSE_C
634 #endif // POLARSSL_X509_CHECK_KEY_USAGE
635 #ifdef POLARSSL_FS_IO
636 #ifdef POLARSSL_X509_CRT_PARSE_C
637 #ifdef POLARSSL_X509_CRL_PARSE_C
638 if( strcmp( str,
"BADCERT_NOT_TRUSTED" ) == 0 )
643 #endif // POLARSSL_FS_IO
644 #endif // POLARSSL_X509_CRT_PARSE_C
645 #endif // POLARSSL_X509_CRL_PARSE_C
646 #ifdef POLARSSL_X509_CSR_PARSE_C
647 if( strcmp( str,
" 1" ) == 0 )
652 #endif // POLARSSL_X509_CSR_PARSE_C
653 #ifdef POLARSSL_X509_CRT_PARSE_C
654 if( strcmp( str,
" 1" ) == 0 )
659 #endif // POLARSSL_X509_CRT_PARSE_C
660 #ifdef POLARSSL_X509_CRL_PARSE_C
661 if( strcmp( str,
" 1" ) == 0 )
666 #endif // POLARSSL_X509_CRL_PARSE_C
667 #ifdef POLARSSL_X509_CRT_PARSE_C
668 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
673 #endif // POLARSSL_X509_CRT_PARSE_C
674 #ifdef POLARSSL_X509_CRT_PARSE_C
675 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
676 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
681 #endif // POLARSSL_X509_CRT_PARSE_C
682 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
683 #ifdef POLARSSL_X509_CSR_PARSE_C
684 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
689 #endif // POLARSSL_X509_CSR_PARSE_C
690 #ifdef POLARSSL_X509_CRL_PARSE_C
691 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
696 #endif // POLARSSL_X509_CRL_PARSE_C
697 #ifdef POLARSSL_FS_IO
698 #ifdef POLARSSL_X509_CRT_PARSE_C
699 #ifdef POLARSSL_X509_CRL_PARSE_C
700 if( strcmp( str,
"BADCERT_CN_MISMATCH" ) == 0 )
705 #endif // POLARSSL_FS_IO
706 #endif // POLARSSL_X509_CRT_PARSE_C
707 #endif // POLARSSL_X509_CRL_PARSE_C
708 #ifdef POLARSSL_X509_CRT_PARSE_C
709 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA " ) == 0 )
714 #endif // POLARSSL_X509_CRT_PARSE_C
715 #ifdef POLARSSL_FS_IO
716 #ifdef POLARSSL_X509_CRT_PARSE_C
717 #ifdef POLARSSL_X509_CRL_PARSE_C
718 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_FUTURE" ) == 0 )
723 #endif // POLARSSL_FS_IO
724 #endif // POLARSSL_X509_CRT_PARSE_C
725 #endif // POLARSSL_X509_CRL_PARSE_C
726 #ifdef POLARSSL_X509_USE_C
727 if( strcmp( str,
"POLARSSL_ERR_OID_BUF_TOO_SMALL" ) == 0 )
732 #endif // POLARSSL_X509_USE_C
733 #ifdef POLARSSL_X509_CRT_PARSE_C
734 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
739 #endif // POLARSSL_X509_CRT_PARSE_C
740 #ifdef POLARSSL_FS_IO
741 #ifdef POLARSSL_X509_CRT_PARSE_C
742 #ifdef POLARSSL_X509_CRL_PARSE_C
743 if( strcmp( str,
"BADCRL_EXPIRED" ) == 0 )
748 #endif // POLARSSL_FS_IO
749 #endif // POLARSSL_X509_CRT_PARSE_C
750 #endif // POLARSSL_X509_CRL_PARSE_C
751 #ifdef POLARSSL_X509_CRT_PARSE_C
752 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
757 #endif // POLARSSL_X509_CRT_PARSE_C
758 #ifdef POLARSSL_X509_CRT_PARSE_C
759 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY" ) == 0 )
764 #endif // POLARSSL_X509_CRT_PARSE_C
765 #ifdef POLARSSL_FS_IO
766 #ifdef POLARSSL_X509_CRT_PARSE_C
767 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
768 if( strcmp( str,
"KU_KEY_CERT_SIGN|KU_CRL_SIGN" ) == 0 )
773 #endif // POLARSSL_FS_IO
774 #endif // POLARSSL_X509_CRT_PARSE_C
775 #endif // POLARSSL_X509_CHECK_KEY_USAGE
776 #ifdef POLARSSL_X509_CRL_PARSE_C
777 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
782 #endif // POLARSSL_X509_CRL_PARSE_C
783 #ifdef POLARSSL_X509_CSR_PARSE_C
784 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
789 #endif // POLARSSL_X509_CSR_PARSE_C
790 #ifdef POLARSSL_X509_CRT_PARSE_C
791 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
796 #endif // POLARSSL_X509_CRT_PARSE_C
797 #ifdef POLARSSL_X509_CRT_PARSE_C
798 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
799 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
804 #endif // POLARSSL_X509_CRT_PARSE_C
805 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
806 #ifdef POLARSSL_X509_CSR_PARSE_C
807 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
812 #endif // POLARSSL_X509_CSR_PARSE_C
813 #ifdef POLARSSL_X509_CRT_PARSE_C
814 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
819 #endif // POLARSSL_X509_CRT_PARSE_C
820 #ifdef POLARSSL_X509_CRL_PARSE_C
821 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
826 #endif // POLARSSL_X509_CRL_PARSE_C
827 #ifdef POLARSSL_X509_CRT_PARSE_C
828 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
833 #endif // POLARSSL_X509_CRT_PARSE_C
834 #ifdef POLARSSL_X509_CRL_PARSE_C
835 if( strcmp( str,
"POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
840 #endif // POLARSSL_X509_CRL_PARSE_C
841 #ifdef POLARSSL_FS_IO
842 #ifdef POLARSSL_X509_CRT_PARSE_C
843 #ifdef POLARSSL_X509_CRL_PARSE_C
844 if( strcmp( str,
"BADCERT_FUTURE" ) == 0 )
849 #endif // POLARSSL_FS_IO
850 #endif // POLARSSL_X509_CRT_PARSE_C
851 #endif // POLARSSL_X509_CRL_PARSE_C
852 #ifdef POLARSSL_X509_CRT_PARSE_C
853 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
858 #endif // POLARSSL_X509_CRT_PARSE_C
859 #ifdef POLARSSL_X509_CRT_PARSE_C
860 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
861 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
866 #endif // POLARSSL_X509_CRT_PARSE_C
867 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
868 #ifdef POLARSSL_X509_CRT_PARSE_C
869 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
874 #endif // POLARSSL_X509_CRT_PARSE_C
875 #ifdef POLARSSL_X509_CRT_PARSE_C
876 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE" ) == 0 )
881 #endif // POLARSSL_X509_CRT_PARSE_C
882 #ifdef POLARSSL_FS_IO
883 #ifdef POLARSSL_X509_CRT_PARSE_C
884 #ifdef POLARSSL_X509_CRL_PARSE_C
885 if( strcmp( str,
"BADCERT_CN_MISMATCH + BADCERT_NOT_TRUSTED" ) == 0 )
890 #endif // POLARSSL_FS_IO
891 #endif // POLARSSL_X509_CRT_PARSE_C
892 #endif // POLARSSL_X509_CRL_PARSE_C
893 #ifdef POLARSSL_FS_IO
894 #ifdef POLARSSL_X509_CRT_PARSE_C
895 #ifdef POLARSSL_X509_CRL_PARSE_C
896 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH" ) == 0 )
901 #endif // POLARSSL_FS_IO
902 #endif // POLARSSL_X509_CRT_PARSE_C
903 #endif // POLARSSL_X509_CRL_PARSE_C
904 #ifdef POLARSSL_X509_CRT_PARSE_C
905 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
910 #endif // POLARSSL_X509_CRT_PARSE_C
911 #ifdef POLARSSL_X509_CSR_PARSE_C
912 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
917 #endif // POLARSSL_X509_CSR_PARSE_C
918 #ifdef POLARSSL_X509_CRT_PARSE_C
919 #ifdef POLARSSL_FS_IO
920 if( strcmp( str,
"POLARSSL_ERR_PEM_INVALID_DATA + POLARSSL_ERR_BASE64_INVALID_CHARACTER" ) == 0 )
925 #endif // POLARSSL_X509_CRT_PARSE_C
926 #endif // POLARSSL_FS_IO
927 #ifdef POLARSSL_X509_CRT_PARSE_C
928 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
933 #endif // POLARSSL_X509_CRT_PARSE_C
934 #ifdef POLARSSL_X509_CRL_PARSE_C
935 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
940 #endif // POLARSSL_X509_CRL_PARSE_C
941 #ifdef POLARSSL_X509_CSR_PARSE_C
942 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
947 #endif // POLARSSL_X509_CSR_PARSE_C
948 #ifdef POLARSSL_X509_CRT_PARSE_C
949 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
954 #endif // POLARSSL_X509_CRT_PARSE_C
955 #ifdef POLARSSL_X509_CRT_PARSE_C
956 if( strcmp( str,
"POLARSSL_ERR_PK_UNKNOWN_PK_ALG" ) == 0 )
961 #endif // POLARSSL_X509_CRT_PARSE_C
962 #ifdef POLARSSL_X509_CRT_PARSE_C
963 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
968 #endif // POLARSSL_X509_CRT_PARSE_C
969 #ifdef POLARSSL_X509_CRL_PARSE_C
970 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
975 #endif // POLARSSL_X509_CRL_PARSE_C
976 #ifdef POLARSSL_X509_CRT_PARSE_C
977 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
982 #endif // POLARSSL_X509_CRT_PARSE_C
983 #ifdef POLARSSL_X509_CRT_PARSE_C
984 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
985 if( strcmp( str,
"ASN1_CONSTRUCTED | ASN1_SEQUENCE" ) == 0 )
990 #endif // POLARSSL_X509_CRT_PARSE_C
991 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
992 #ifdef POLARSSL_X509_CRT_PARSE_C
993 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
998 #endif // POLARSSL_X509_CRT_PARSE_C
999 #ifdef POLARSSL_X509_CRT_PARSE_C
1000 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1005 #endif // POLARSSL_X509_CRT_PARSE_C
1006 #ifdef POLARSSL_X509_CSR_PARSE_C
1007 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1012 #endif // POLARSSL_X509_CSR_PARSE_C
1013 #ifdef POLARSSL_X509_CRL_PARSE_C
1014 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1019 #endif // POLARSSL_X509_CRL_PARSE_C
1020 #ifdef POLARSSL_X509_CRT_PARSE_C
1021 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1026 #endif // POLARSSL_X509_CRT_PARSE_C
1027 #ifdef POLARSSL_FS_IO
1028 #ifdef POLARSSL_X509_CRT_PARSE_C
1029 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1030 if( strcmp( str,
"KU_DIGITAL_SIGNATURE" ) == 0 )
1035 #endif // POLARSSL_FS_IO
1036 #endif // POLARSSL_X509_CRT_PARSE_C
1037 #endif // POLARSSL_X509_CHECK_KEY_USAGE
1038 #ifdef POLARSSL_X509_CRT_PARSE_C
1039 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1040 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
1045 #endif // POLARSSL_X509_CRT_PARSE_C
1046 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1047 #ifdef POLARSSL_FS_IO
1048 #ifdef POLARSSL_X509_CRT_PARSE_C
1049 #ifdef POLARSSL_X509_CRL_PARSE_C
1050 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED" ) == 0 )
1055 #endif // POLARSSL_FS_IO
1056 #endif // POLARSSL_X509_CRT_PARSE_C
1057 #endif // POLARSSL_X509_CRL_PARSE_C
1058 #ifdef POLARSSL_X509_CRT_PARSE_C
1059 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1064 #endif // POLARSSL_X509_CRT_PARSE_C
1065 #ifdef POLARSSL_X509_CRT_PARSE_C
1066 if( strcmp( str,
"POLARSSL_ERR_X509_FEATURE_UNAVAILABLE" ) == 0 )
1071 #endif // POLARSSL_X509_CRT_PARSE_C
1072 #ifdef POLARSSL_X509_CRT_PARSE_C
1073 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1074 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
1079 #endif // POLARSSL_X509_CRT_PARSE_C
1080 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1081 #ifdef POLARSSL_FS_IO
1082 #ifdef POLARSSL_X509_CRT_PARSE_C
1083 #ifdef POLARSSL_X509_CRL_PARSE_C
1084 if( strcmp( str,
"BADCRL_FUTURE" ) == 0 )
1089 #endif // POLARSSL_FS_IO
1090 #endif // POLARSSL_X509_CRT_PARSE_C
1091 #endif // POLARSSL_X509_CRL_PARSE_C
1092 #ifdef POLARSSL_FS_IO
1093 #ifdef POLARSSL_X509_CRT_PARSE_C
1094 #ifdef POLARSSL_X509_CRL_PARSE_C
1095 if( strcmp( str,
"BADCERT_REVOKED" ) == 0 )
1100 #endif // POLARSSL_FS_IO
1101 #endif // POLARSSL_X509_CRT_PARSE_C
1102 #endif // POLARSSL_X509_CRL_PARSE_C
1103 #ifdef POLARSSL_FS_IO
1104 #ifdef POLARSSL_X509_CRT_PARSE_C
1105 #ifdef POLARSSL_X509_CRL_PARSE_C
1106 if( strcmp( str,
"BADCERT_EXPIRED" ) == 0 )
1111 #endif // POLARSSL_FS_IO
1112 #endif // POLARSSL_X509_CRT_PARSE_C
1113 #endif // POLARSSL_X509_CRL_PARSE_C
1114 #ifdef POLARSSL_X509_CRT_PARSE_C
1115 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
1120 #endif // POLARSSL_X509_CRT_PARSE_C
1121 #ifdef POLARSSL_FS_IO
1122 #ifdef POLARSSL_X509_CRT_PARSE_C
1123 #ifdef POLARSSL_X509_CRL_PARSE_C
1124 if( strcmp( str,
"BADCRL_NOT_TRUSTED" ) == 0 )
1129 #endif // POLARSSL_FS_IO
1130 #endif // POLARSSL_X509_CRT_PARSE_C
1131 #endif // POLARSSL_X509_CRL_PARSE_C
1132 #ifdef POLARSSL_X509_CRT_PARSE_C
1133 if( strcmp( str,
"POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
1138 #endif // POLARSSL_X509_CRT_PARSE_C
1139 #ifdef POLARSSL_X509_CRT_PARSE_C
1140 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
1145 #endif // POLARSSL_X509_CRT_PARSE_C
1146 #ifdef POLARSSL_X509_CSR_PARSE_C
1147 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1152 #endif // POLARSSL_X509_CSR_PARSE_C
1153 #ifdef POLARSSL_X509_CRL_PARSE_C
1154 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1159 #endif // POLARSSL_X509_CRL_PARSE_C
1160 #ifdef POLARSSL_X509_CRT_PARSE_C
1161 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1166 #endif // POLARSSL_X509_CRT_PARSE_C
1167 #ifdef POLARSSL_X509_CRT_PARSE_C
1168 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1169 if( strcmp( str,
"POLARSSL_MD_SHA1" ) == 0 )
1174 #endif // POLARSSL_X509_CRT_PARSE_C
1175 #endif // POLARSSL_X509_RSASSA_PSS_SUPPORT
1176 #ifdef POLARSSL_X509_CSR_PARSE_C
1177 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1182 #endif // POLARSSL_X509_CSR_PARSE_C
1183 #ifdef POLARSSL_X509_CRT_PARSE_C
1184 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1189 #endif // POLARSSL_X509_CRT_PARSE_C
1190 #ifdef POLARSSL_X509_CRT_PARSE_C
1191 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
1196 #endif // POLARSSL_X509_CRT_PARSE_C
1197 #ifdef POLARSSL_X509_CSR_PARSE_C
1198 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
1203 #endif // POLARSSL_X509_CSR_PARSE_C
1204 #ifdef POLARSSL_X509_CRL_PARSE_C
1205 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
1210 #endif // POLARSSL_X509_CRL_PARSE_C
1211 #ifdef POLARSSL_FS_IO
1212 #ifdef POLARSSL_X509_CRT_PARSE_C
1213 #ifdef POLARSSL_X509_CRL_PARSE_C
1214 if( strcmp( str,
"POLARSSL_ERR_X509_CERT_VERIFY_FAILED" ) == 0 )
1219 #endif // POLARSSL_FS_IO
1220 #endif // POLARSSL_X509_CRT_PARSE_C
1221 #endif // POLARSSL_X509_CRL_PARSE_C
1222 #ifdef POLARSSL_X509_CRT_PARSE_C
1223 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
1228 #endif // POLARSSL_X509_CRT_PARSE_C
1229 #ifdef POLARSSL_X509_CSR_PARSE_C
1230 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1235 #endif // POLARSSL_X509_CSR_PARSE_C
1236 #ifdef POLARSSL_X509_CRT_PARSE_C
1237 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1242 #endif // POLARSSL_X509_CRT_PARSE_C
1243 #ifdef POLARSSL_X509_CRL_PARSE_C
1244 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
1249 #endif // POLARSSL_X509_CRL_PARSE_C
1250 #ifdef POLARSSL_X509_CRT_PARSE_C
1251 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
1256 #endif // POLARSSL_X509_CRT_PARSE_C
1257 #ifdef POLARSSL_X509_CSR_PARSE_C
1258 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1263 #endif // POLARSSL_X509_CSR_PARSE_C
1264 #ifdef POLARSSL_X509_CRT_PARSE_C
1265 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
1270 #endif // POLARSSL_X509_CRT_PARSE_C
1273 printf(
"Expected integer for parameter and got: %s\n", str );
1277 #ifdef POLARSSL_FS_IO
1278 #ifdef POLARSSL_X509_CRT_PARSE_C
1279 void test_suite_x509_cert_info(
char *crt_file,
char *result_str )
1286 memset( buf, 0, 2000 );
1302 #ifdef POLARSSL_FS_IO
1303 #ifdef POLARSSL_X509_CRL_PARSE_C
1304 void test_suite_x509_crl_info(
char *crl_file,
char *result_str )
1311 memset( buf, 0, 2000 );
1327 #ifdef POLARSSL_FS_IO
1328 #ifdef POLARSSL_X509_CSR_PARSE_C
1329 void test_suite_x509_csr_info(
char *csr_file,
char *result_str )
1336 memset( buf, 0, 2000 );
1352 #ifdef POLARSSL_FS_IO
1353 #ifdef POLARSSL_X509_CRT_PARSE_C
1354 #ifdef POLARSSL_X509_CRL_PARSE_C
1355 void test_suite_x509_verify(
char *crt_file,
char *ca_file,
char *crl_file,
1356 char *cn_name_str,
int result,
int flags_result,
1357 char *verify_callback )
1364 int (*f_vrfy)(
void *,
x509_crt *, int,
int *) = NULL;
1365 char * cn_name = NULL;
1371 if( strcmp( cn_name_str,
"NULL" ) != 0 )
1372 cn_name = cn_name_str;
1374 if( strcmp( verify_callback,
"NULL" ) == 0 )
1376 else if( strcmp( verify_callback,
"verify_none" ) == 0 )
1377 f_vrfy = verify_none;
1378 else if( strcmp( verify_callback,
"verify_all" ) == 0 )
1379 f_vrfy = verify_all;
1381 TEST_ASSERT(
"No known verify callback selected" == 0 );
1387 res =
x509_crt_verify( &crt, &ca, &crl, cn_name, &flags, f_vrfy, NULL );
1401 #ifdef POLARSSL_FS_IO
1402 #ifdef POLARSSL_X509_CRT_C
1403 void test_suite_x509_dn_gets(
char *crt_file,
char *entity,
char *result_str )
1410 memset( buf, 0, 2000 );
1413 if( strcmp( entity,
"subject" ) == 0 )
1415 else if( strcmp( entity,
"issuer" ) == 0 )
1431 #ifdef POLARSSL_FS_IO
1432 #ifdef POLARSSL_X509_CRT_C
1433 void test_suite_x509_time_expired(
char *crt_file,
char *entity,
int result )
1441 if( strcmp( entity,
"valid_from" ) == 0 )
1443 else if( strcmp( entity,
"valid_to" ) == 0 )
1454 #ifdef POLARSSL_FS_IO
1455 #ifdef POLARSSL_X509_CRT_C
1456 void test_suite_x509_time_future(
char *crt_file,
char *entity,
int result )
1464 if( strcmp( entity,
"valid_from" ) == 0 )
1466 else if( strcmp( entity,
"valid_to" ) == 0 )
1477 #ifdef POLARSSL_X509_CRT_PARSE_C
1478 #ifdef POLARSSL_FS_IO
1479 void test_suite_x509parse_crt_file(
char *crt_file,
int result )
1493 #ifdef POLARSSL_X509_CRT_PARSE_C
1494 void test_suite_x509parse_crt(
char *crt_data,
char *result_str,
int result )
1497 unsigned char buf[2000];
1498 unsigned char output[2000];
1502 memset( buf, 0, 2000 );
1503 memset( output, 0, 2000 );
1505 data_len =
unhexify( buf, crt_data );
1508 if( ( result ) == 0 )
1515 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1523 #ifdef POLARSSL_X509_CRL_PARSE_C
1524 void test_suite_x509parse_crl(
char *crl_data,
char *result_str,
int result )
1527 unsigned char buf[2000];
1528 unsigned char output[2000];
1532 memset( buf, 0, 2000 );
1533 memset( output, 0, 2000 );
1535 data_len =
unhexify( buf, crl_data );
1538 if( ( result ) == 0 )
1545 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1553 #ifdef POLARSSL_X509_CSR_PARSE_C
1554 void test_suite_x509_csr_parse(
char *csr_der_hex,
char *ref_out,
int ref_ret )
1557 unsigned char *csr_der = NULL;
1563 memset( my_out, 0,
sizeof( my_out ) );
1571 size_t my_out_len =
x509_csr_info( my_out,
sizeof( my_out ),
"", &csr );
1582 #ifdef POLARSSL_FS_IO
1583 #ifdef POLARSSL_X509_CRT_PARSE_C
1584 void test_suite_x509_crt_parse_path(
char *crt_path,
int ret,
int nb_crt )
1586 x509_crt chain, *cur;
1594 for( i = 0, cur = &chain; cur != NULL; cur = cur->
next )
1595 if( cur->
raw.
p != NULL )
1606 #ifdef POLARSSL_X509_USE_C
1607 void test_suite_x509_oid_desc(
char *oid_str,
char *ref_desc )
1611 unsigned char buf[20];
1613 memset( buf, 0,
sizeof buf );
1621 if( strcmp( ref_desc,
"notfound" ) == 0 )
1634 #ifdef POLARSSL_X509_USE_C
1635 void test_suite_x509_oid_numstr(
char *oid_str,
char *numstr,
int blen,
int ret )
1638 unsigned char oid_buf[20];
1641 memset( oid_buf, 0x00,
sizeof oid_buf );
1642 memset( num_buf, 0x2a,
sizeof num_buf );
1663 #ifdef POLARSSL_FS_IO
1664 #ifdef POLARSSL_X509_CRT_PARSE_C
1665 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
1666 void test_suite_x509_check_key_usage(
char *crt_file,
int usage,
int ret )
1683 #ifdef POLARSSL_FS_IO
1684 #ifdef POLARSSL_X509_CRT_PARSE_C
1685 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
1686 void test_suite_x509_check_extended_key_usage(
char *crt_file,
char *usage_hex,
int ret )
1694 len =
unhexify( (
unsigned char *) oid, usage_hex );
1707 #ifdef POLARSSL_X509_CRT_PARSE_C
1708 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
1709 void test_suite_x509_parse_rsassa_pss_params(
char *hex_params,
int params_tag,
1710 int ref_msg_md,
int ref_mgf_md,
1711 int ref_salt_len,
int ref_ret )
1719 params.
tag = params_tag;
1724 if( my_ret != ref_ret ) printf(
"\n%04X\n", - my_ret );
1741 #ifdef POLARSSL_X509_CRT_PARSE_C
1742 #ifdef POLARSSL_SELF_TEST
1743 void test_suite_x509_selftest()
1762 if( strcmp( str,
"POLARSSL_HAVE_TIME" ) == 0 )
1764 #if defined(POLARSSL_HAVE_TIME)
1770 if( strcmp( str,
"POLARSSL_CERTS_C" ) == 0 )
1772 #if defined(POLARSSL_CERTS_C)
1778 if( strcmp( str,
"POLARSSL_MD4_C" ) == 0 )
1780 #if defined(POLARSSL_MD4_C)
1786 if( strcmp( str,
"POLARSSL_MD5_C" ) == 0 )
1788 #if defined(POLARSSL_MD5_C)
1794 if( strcmp( str,
"POLARSSL_RSA_C" ) == 0 )
1796 #if defined(POLARSSL_RSA_C)
1802 if( strcmp( str,
"POLARSSL_ECP_DP_SECP383R1_ENABLED" ) == 0 )
1804 #if defined(POLARSSL_ECP_DP_SECP383R1_ENABLED)
1810 if( strcmp( str,
"POLARSSL_ECP_DP_SECP192R1_ENABLED" ) == 0 )
1812 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
1818 if( strcmp( str,
"POLARSSL_PKCS1_V15" ) == 0 )
1820 #if defined(POLARSSL_PKCS1_V15)
1826 if( strcmp( str,
"POLARSSL_ECP_C" ) == 0 )
1828 #if defined(POLARSSL_ECP_C)
1834 if( strcmp( str,
"POLARSSL_ECP_DP_SECP256R1_ENABLED" ) == 0 )
1836 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
1842 if( strcmp( str,
"POLARSSL_X509_CHECK_KEY_USAGE" ) == 0 )
1844 #if defined(POLARSSL_X509_CHECK_KEY_USAGE)
1850 if( strcmp( str,
"POLARSSL_ECDSA_C" ) == 0 )
1852 #if defined(POLARSSL_ECDSA_C)
1858 if( strcmp( str,
"POLARSSL_PEM_PARSE_C" ) == 0 )
1860 #if defined(POLARSSL_PEM_PARSE_C)
1866 if( strcmp( str,
"POLARSSL_SHA256_C" ) == 0 )
1868 #if defined(POLARSSL_SHA256_C)
1874 if( strcmp( str,
"POLARSSL_SHA1_C" ) == 0 )
1876 #if defined(POLARSSL_SHA1_C)
1882 if( strcmp( str,
"POLARSSL_X509_RSASSA_PSS_SUPPORT" ) == 0 )
1884 #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)
1890 if( strcmp( str,
"POLARSSL_ECP_DP_SECP384R1_ENABLED" ) == 0 )
1892 #if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
1898 if( strcmp( str,
"POLARSSL_SHA512_C" ) == 0 )
1900 #if defined(POLARSSL_SHA512_C)
1906 if( strcmp( str,
"POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3" ) == 0 )
1908 #if defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
1925 #if defined(TEST_SUITE_ACTIVE)
1926 if( strcmp( params[0],
"x509_cert_info" ) == 0 )
1928 #ifdef POLARSSL_FS_IO
1929 #ifdef POLARSSL_X509_CRT_PARSE_C
1931 char *param1 = params[1];
1932 char *param2 = params[2];
1936 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1943 test_suite_x509_cert_info( param1, param2 );
1951 if( strcmp( params[0],
"x509_crl_info" ) == 0 )
1953 #ifdef POLARSSL_FS_IO
1954 #ifdef POLARSSL_X509_CRL_PARSE_C
1956 char *param1 = params[1];
1957 char *param2 = params[2];
1961 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1968 test_suite_x509_crl_info( param1, param2 );
1976 if( strcmp( params[0],
"x509_csr_info" ) == 0 )
1978 #ifdef POLARSSL_FS_IO
1979 #ifdef POLARSSL_X509_CSR_PARSE_C
1981 char *param1 = params[1];
1982 char *param2 = params[2];
1986 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1993 test_suite_x509_csr_info( param1, param2 );
2001 if( strcmp( params[0],
"x509_verify" ) == 0 )
2003 #ifdef POLARSSL_FS_IO
2004 #ifdef POLARSSL_X509_CRT_PARSE_C
2005 #ifdef POLARSSL_X509_CRL_PARSE_C
2007 char *param1 = params[1];
2008 char *param2 = params[2];
2009 char *param3 = params[3];
2010 char *param4 = params[4];
2013 char *param7 = params[7];
2017 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 8 );
2025 if(
verify_int( params[5], ¶m5 ) != 0 )
return( 2 );
2026 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
2029 test_suite_x509_verify( param1, param2, param3, param4, param5, param6, param7 );
2038 if( strcmp( params[0],
"x509_dn_gets" ) == 0 )
2040 #ifdef POLARSSL_FS_IO
2041 #ifdef POLARSSL_X509_CRT_C
2043 char *param1 = params[1];
2044 char *param2 = params[2];
2045 char *param3 = params[3];
2049 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2057 test_suite_x509_dn_gets( param1, param2, param3 );
2065 if( strcmp( params[0],
"x509_time_expired" ) == 0 )
2067 #ifdef POLARSSL_FS_IO
2068 #ifdef POLARSSL_X509_CRT_C
2070 char *param1 = params[1];
2071 char *param2 = params[2];
2076 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2082 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2084 test_suite_x509_time_expired( param1, param2, param3 );
2092 if( strcmp( params[0],
"x509_time_future" ) == 0 )
2094 #ifdef POLARSSL_FS_IO
2095 #ifdef POLARSSL_X509_CRT_C
2097 char *param1 = params[1];
2098 char *param2 = params[2];
2103 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2109 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2111 test_suite_x509_time_future( param1, param2, param3 );
2119 if( strcmp( params[0],
"x509parse_crt_file" ) == 0 )
2121 #ifdef POLARSSL_X509_CRT_PARSE_C
2122 #ifdef POLARSSL_FS_IO
2124 char *param1 = params[1];
2129 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
2134 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2136 test_suite_x509parse_crt_file( param1, param2 );
2144 if( strcmp( params[0],
"x509parse_crt" ) == 0 )
2146 #ifdef POLARSSL_X509_CRT_PARSE_C
2148 char *param1 = params[1];
2149 char *param2 = params[2];
2154 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2160 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2162 test_suite_x509parse_crt( param1, param2, param3 );
2169 if( strcmp( params[0],
"x509parse_crl" ) == 0 )
2171 #ifdef POLARSSL_X509_CRL_PARSE_C
2173 char *param1 = params[1];
2174 char *param2 = params[2];
2179 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2185 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2187 test_suite_x509parse_crl( param1, param2, param3 );
2194 if( strcmp( params[0],
"x509_csr_parse" ) == 0 )
2196 #ifdef POLARSSL_X509_CSR_PARSE_C
2198 char *param1 = params[1];
2199 char *param2 = params[2];
2204 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2210 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2212 test_suite_x509_csr_parse( param1, param2, param3 );
2219 if( strcmp( params[0],
"x509_crt_parse_path" ) == 0 )
2221 #ifdef POLARSSL_FS_IO
2222 #ifdef POLARSSL_X509_CRT_PARSE_C
2224 char *param1 = params[1];
2230 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2235 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2236 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2238 test_suite_x509_crt_parse_path( param1, param2, param3 );
2246 if( strcmp( params[0],
"x509_oid_desc" ) == 0 )
2248 #ifdef POLARSSL_X509_USE_C
2250 char *param1 = params[1];
2251 char *param2 = params[2];
2255 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
2262 test_suite_x509_oid_desc( param1, param2 );
2269 if( strcmp( params[0],
"x509_oid_numstr" ) == 0 )
2271 #ifdef POLARSSL_X509_USE_C
2273 char *param1 = params[1];
2274 char *param2 = params[2];
2280 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 5 );
2286 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2287 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
2289 test_suite_x509_oid_numstr( param1, param2, param3, param4 );
2296 if( strcmp( params[0],
"x509_check_key_usage" ) == 0 )
2298 #ifdef POLARSSL_FS_IO
2299 #ifdef POLARSSL_X509_CRT_PARSE_C
2300 #ifdef POLARSSL_X509_CHECK_KEY_USAGE
2302 char *param1 = params[1];
2308 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2313 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2314 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2316 test_suite_x509_check_key_usage( param1, param2, param3 );
2325 if( strcmp( params[0],
"x509_check_extended_key_usage" ) == 0 )
2327 #ifdef POLARSSL_FS_IO
2328 #ifdef POLARSSL_X509_CRT_PARSE_C
2329 #ifdef POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE
2331 char *param1 = params[1];
2332 char *param2 = params[2];
2337 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
2343 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2345 test_suite_x509_check_extended_key_usage( param1, param2, param3 );
2354 if( strcmp( params[0],
"x509_parse_rsassa_pss_params" ) == 0 )
2356 #ifdef POLARSSL_X509_CRT_PARSE_C
2357 #ifdef POLARSSL_X509_RSASSA_PSS_SUPPORT
2359 char *param1 = params[1];
2368 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 7 );
2373 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
2374 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
2375 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
2376 if(
verify_int( params[5], ¶m5 ) != 0 )
return( 2 );
2377 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
2379 test_suite_x509_parse_rsassa_pss_params( param1, param2, param3, param4, param5, param6 );
2387 if( strcmp( params[0],
"x509_selftest" ) == 0 )
2389 #ifdef POLARSSL_X509_CRT_PARSE_C
2390 #ifdef POLARSSL_SELF_TEST
2395 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 1 );
2400 test_suite_x509_selftest( );
2410 fprintf( stdout,
"FAILED\nSkipping unknown test function '%s'\n", params[0] );
2424 ret = fgets( buf, len, f );
2428 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\n' )
2429 buf[strlen(buf) - 1] =
'\0';
2430 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\r' )
2431 buf[strlen(buf) - 1] =
'\0';
2442 params[cnt++] = cur;
2444 while( *p !=
'\0' && p < buf + len )
2454 if( p + 1 < buf + len )
2457 params[cnt++] = cur;
2466 for( i = 0; i < cnt; i++ )
2473 if( *p ==
'\\' && *(p + 1) ==
'n' )
2478 else if( *p ==
'\\' && *(p + 1) ==
':' )
2483 else if( *p ==
'\\' && *(p + 1) ==
'?' )
2499 int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
2500 const char *filename =
"/tmp/B.1c06a028-9709-4951-a65b-b24142b09746/BUILD/polarssl-1.3.9/tests/suites/test_suite_x509parse.data";
2505 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2506 unsigned char alloc_buf[1000000];
2510 file = fopen( filename,
"r" );
2513 fprintf( stderr,
"Failed to open\n" );
2517 while( !feof( file ) )
2521 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2523 fprintf( stdout,
"%s%.66s",
test_errors ?
"\n" :
"", buf );
2524 fprintf( stdout,
" " );
2525 for( i = strlen( buf ) + 1; i < 67; i++ )
2526 fprintf( stdout,
"." );
2527 fprintf( stdout,
" " );
2532 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2536 if( strcmp( params[0],
"depends_on" ) == 0 )
2538 for( i = 1; i < cnt; i++ )
2542 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2553 if( skip == 1 || ret == 3 )
2556 fprintf( stdout,
"----\n" );
2561 fprintf( stdout,
"PASS\n" );
2566 fprintf( stderr,
"FAILED: FATAL PARSE ERROR\n" );
2573 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
2575 if( strlen(buf) != 0 )
2577 fprintf( stderr,
"Should be empty %d\n", (
int) strlen(buf) );
2583 fprintf( stdout,
"\n----------------------------------------------------------------------------\n\n");
2584 if( total_errors == 0 )
2585 fprintf( stdout,
"PASSED" );
2587 fprintf( stdout,
"FAILED" );
2589 fprintf( stdout,
" (%d / %d tests (%d skipped))\n",
2590 total_tests - total_errors, total_tests, total_skipped );
2592 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2593 #if defined(POLARSSL_MEMORY_DEBUG)
2594 memory_buffer_alloc_status();
2599 return( total_errors != 0 );
#define POLARSSL_ERR_PK_INVALID_ALG
The algorithm tag or value is invalid.
int x509_time_expired(const x509_time *time)
Check a given x509_time against the system time and check if it is not expired.
#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT
Invalid key tag or value.
int x509_csr_parse_der(x509_csr *csr, const unsigned char *buf, size_t buflen)
Load a Certificate Signing Request (CSR) in DER format.
void x509_crl_init(x509_crl *crl)
Initialize a CRL (chain)
Memory allocation layer (Deprecated to platform layer)
#define POLARSSL_ERR_X509_INVALID_DATE
The date tag or value is invalid.
#define BADCERT_OTHER
Other reason (can be used by verify callback)
Info structure for the pseudo random function.
x509_buf raw
The raw certificate data (DER).
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH
Actual length differs from expected length.
void memory_buffer_alloc_free(void)
Free the mutex for thread-safety and clear remaining memory.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
int get_line(FILE *f, char *buf, size_t len)
#define POLARSSL_ERR_X509_INVALID_FORMAT
The CRT/CRL/CSR format is invalid, e.g.
const char * x509_oid_get_description(x509_buf *oid)
Give an known OID, return its descriptive string.
int x509_crt_parse(x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse one or more certificates and add them to the chained list.
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
void x509_crt_free(x509_crt *crt)
Unallocate all certificate data.
Configuration options (set of defines)
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
Signature algorithm (oid) is unsupported.
#define POLARSSL_ERR_ASN1_INVALID_DATA
Data is invalid.
#define POLARSSL_ERR_X509_INVALID_SIGNATURE
The signature tag or value invalid.
static int test_assert(int correct, const char *test)
#define BADCRL_NOT_TRUSTED
CRL is not correctly signed by the trusted CA.
#define POLARSSL_ERR_ASN1_INVALID_LENGTH
Error when trying to determine the length or invalid length.
#define POLARSSL_ERR_X509_UNKNOWN_VERSION
CRT/CRL/CSR has an unsupported version number.
static unsigned char * zero_alloc(size_t len)
Allocate and zeroize a buffer.
int x509_crl_parse_file(x509_crl *chain, const char *path)
Load one or more CRLs and add them to the chained list.
Object Identifier (OID) database.
int x509_crl_parse(x509_crl *chain, const unsigned char *buf, size_t buflen)
Parse one or more CRLs and add them to the chained list.
int x509_crl_info(char *buf, size_t size, const char *prefix, const x509_crl *crl)
Returns an informational string about the CRL.
struct _x509_crt * next
Next certificate in the CA-chain.
int x509_crt_check_key_usage(const x509_crt *crt, int usage)
Check usage of certificate against keyUsage extension.
int memory_buffer_alloc_init(unsigned char *buf, size_t len)
Initialize use of stack-based memory allocator.
#define TEST_ASSERT(TEST)
#define BADCERT_EXPIRED
The certificate validity has expired.
#define BADCERT_FUTURE
The certificate validity starts in the future.
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED
Certificate verification failed, e.g.
Container for an X.509 certificate.
#define POLARSSL_ERR_OID_NOT_FOUND
OID is not found.
Privacy Enhanced Mail (PEM) decoding.
x509_time valid_from
Start time of certificate validity.
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
void x509_crl_free(x509_crl *crl)
Unallocate all CRL data.
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
void x509_crt_init(x509_crt *crt)
Initialize a certificate (chain)
unsigned char * p
ASN1 data, e.g.
x509_name subject
The parsed subject data (named information object).
X.509 certificate signing request parsing and writing.
int x509_crt_verify(x509_crt *crt, x509_crt *trust_ca, x509_crl *ca_crl, const char *cn, int *flags, int(*f_vrfy)(void *, x509_crt *, int, int *), void *p_vrfy)
Verify the certificate signature.
int x509_oid_get_numeric_string(char *buf, size_t size, x509_buf *oid)
Give an OID, return a string version of its OID number.
void x509_csr_free(x509_csr *csr)
Unallocate all CSR data.
static unsigned char * unhexify_alloc(const char *ibuf, size_t *olen)
Allocate and fill a buffer from hex data.
x509_time valid_to
End time of certificate validity.
int dispatch_test(int cnt, char *params[50])
X.509 certificate parsing and writing.
#define POLARSSL_ERR_X509_INVALID_ALG
The algorithm tag or value is invalid.
#define POLARSSL_ERR_ASN1_OUT_OF_DATA
Out of data when parsing an ASN1 data structure.
int x509_get_rsassa_pss_params(const x509_buf *params, md_type_t *md_alg, md_type_t *mgf_md, int *salt_len)
int parse_arguments(char *buf, size_t len, char *params[50])
#define BADCERT_NOT_TRUSTED
The certificate is not correctly signed by the trusted CA.
#define POLARSSL_ERR_PEM_INVALID_DATA
PEM string is not as expected.
static int unhexify(unsigned char *obuf, const char *ibuf)
RFC 1521 base64 encoding/decoding.
Type-length-value structure that allows for ASN1 using DER.
size_t len
ASN1 length, e.g.
#define BADCRL_FUTURE
The CRL is from the future.
int verify_string(char **str)
x509_name issuer
The parsed issuer data (named information object).
#define POLARSSL_ERR_X509_INVALID_NAME
The name tag or value is invalid.
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
#define BADCERT_REVOKED
The certificate has been revoked (is on a CRL).
#define BADCRL_EXPIRED
CRL is expired.
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE
Unavailable feature, e.g.
X.509 certificate revocation list parsing.
#define KU_DIGITAL_SIGNATURE
#define POLARSSL_ERR_X509_INVALID_VERSION
The CRT/CRL/CSR version element is invalid.
Certificate revocation list structure.
int x509_csr_info(char *buf, size_t size, const char *prefix, const x509_csr *csr)
Returns an informational string about the CSR.
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS
The extension tag or value is invalid.
#define POLARSSL_ERR_OID_BUF_TOO_SMALL
output buffer is too small
int x509_time_future(const x509_time *time)
Check a given x509_time against the system time and check if it is not from the future.
int x509_crt_parse_path(x509_crt *chain, const char *path)
Load one or more certificate files from a path and add them to the chained list.
Certificate Signing Request (CSR) structure.
#define POLARSSL_ERR_X509_BAD_INPUT_DATA
Input invalid.
#define PUT_UINT32_BE(n, b, i)
#define BADCERT_CN_MISMATCH
The certificate Common Name (CN) does not match with the expected CN.
int x509_csr_parse_file(x509_csr *csr, const char *path)
Load a Certificate Signing Request (CSR)
int x509_self_test(int verbose)
Checkup routine.
int verify_int(char *str, int *value)
int x509_crt_info(char *buf, size_t size, const char *prefix, const x509_crt *crt)
Returns an informational string about the certificate.
void x509_csr_init(x509_csr *csr)
Initialize a CSR.
#define POLARSSL_ERR_X509_INVALID_SERIAL
The serial tag or value is invalid.
int x509_crt_check_extended_key_usage(const x509_crt *crt, const char *usage_oid, size_t usage_len)
Check usage of certificate against extentedJeyUsage.
#define POLARSSL_ERR_PK_INVALID_PUBKEY
The pubkey tag or value is invalid (only RSA and EC are supported).
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG
ASN1 tag was of an unexpected value.
#define POLARSSL_ERR_BASE64_INVALID_CHARACTER
Invalid character in input.
#define KU_KEY_ENCIPHERMENT
#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG
Key algorithm is unsupported (only RSA and EC are supported).
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
#define POLARSSL_ERR_X509_SIG_MISMATCH
Signature algorithms do not match.
int x509_crt_parse_file(x509_crt *chain, const char *path)
Load one or more certificates and add them to the chained list.