3 #ifdef POLARSSL_BIGNUM_C
10 int verify_none(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
14 ((void) certificate_depth);
20 int verify_all(
void *data,
x509_crt *crt,
int certificate_depth,
int *flags )
24 ((void) certificate_depth);
33 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
37 #if defined(WANT_NOT_RND_MPI)
38 #if defined(POLARSSL_BIGNUM_C)
41 #error "not_rnd_mpi() need bignum.c"
47 typedef UINT32 uint32_t;
60 #define GET_UINT32_BE(n,b,i) \
62 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
63 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
64 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
65 | ( (uint32_t) (b)[(i) + 3] ); \
70 #define PUT_UINT32_BE(n,b,i) \
72 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
73 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
74 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
75 (b)[(i) + 3] = (unsigned char) ( (n) ); \
79 static int unhexify(
unsigned char *obuf,
const char *ibuf)
82 int len = strlen(ibuf) / 2;
83 assert(!(strlen(ibuf) %1));
88 if( c >=
'0' && c <=
'9' )
90 else if( c >=
'a' && c <=
'f' )
92 else if( c >=
'A' && c <=
'F' )
98 if( c2 >=
'0' && c2 <=
'9' )
100 else if( c2 >=
'a' && c2 <=
'f' )
102 else if( c2 >=
'A' && c2 <=
'F' )
107 *obuf++ = ( c << 4 ) | c2;
113 static void hexify(
unsigned char *obuf,
const unsigned char *ibuf,
int len)
125 *obuf++ =
'a' + h - 10;
130 *obuf++ =
'a' + l - 10;
146 static int rnd_std_rand(
void *rng_state,
unsigned char *output,
size_t len )
150 if( rng_state != NULL )
153 for( i = 0; i < len; ++i )
164 static int rnd_zero_rand(
void *rng_state,
unsigned char *output,
size_t len )
166 if( rng_state != NULL )
169 memset( output, 0, len );
196 if( rng_state == NULL )
205 memcpy( output, info->
buf, use_len );
206 info->
buf += use_len;
210 if( len - use_len > 0 )
211 return(
rnd_std_rand( NULL, output + use_len, len - use_len ) );
240 uint32_t i, *k, sum, delta=0x9E3779B9;
241 unsigned char result[4];
243 if( rng_state == NULL )
250 size_t use_len = ( len > 4 ) ? 4 : len;
253 for( i = 0; i < 32; i++ )
255 info->
v0 += (((info->
v1 << 4) ^ (info->
v1 >> 5)) + info->
v1) ^ (sum + k[sum & 3]);
257 info->
v1 += (((info->
v0 << 4) ^ (info->
v0 >> 5)) + info->
v0) ^ (sum + k[(sum>>11) & 3]);
261 memcpy( output, result, use_len );
268 #if defined(WANT_NOT_RND_MPI)
277 #define ciL (sizeof(t_uint))
278 #define CHARS_TO_LIMBS(i) (((i) + ciL - 1) / ciL)
279 static int not_rnd_mpi(
void *in,
unsigned char *out,
size_t len )
281 char *str = (
char *) in;
290 X.
n = CHARS_TO_LIMBS( len );
296 assert( strlen( str ) / 2 == len );
308 #ifdef POLARSSL_BIGNUM_C
310 #define TEST_SUITE_ACTIVE
318 if( test_errors == 1 )
319 printf(
"FAILED\n" );
320 printf(
" %s\n", test );
325 #define TEST_ASSERT( TEST ) \
326 do { test_assert( (TEST) ? 1 : 0, #TEST ); \
327 if( test_errors) return; \
332 if( (*str)[0] !=
'"' ||
333 (*str)[strlen( *str ) - 1] !=
'"' )
335 printf(
"Expected string (with \"\") for parameter and got: %s\n", *str );
340 (*str)[strlen( *str ) - 1] =
'\0';
352 for( i = 0; i < strlen( str ); i++ )
354 if( i == 0 && str[i] ==
'-' )
360 if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
361 str[i - 1] ==
'0' && str[i] ==
'x' )
367 if( str[i] <
'0' || str[i] >
'9' )
377 *value = strtol( str, NULL, 16 );
379 *value = strtol( str, NULL, 10 );
384 #ifdef POLARSSL_FS_IO
385 #ifdef POLARSSL_X509_CRT_PARSE_C
386 #ifdef POLARSSL_X509_CRL_PARSE_C
387 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH" ) == 0 )
392 #endif // POLARSSL_FS_IO
393 #endif // POLARSSL_X509_CRT_PARSE_C
394 #endif // POLARSSL_X509_CRL_PARSE_C
395 #ifdef POLARSSL_X509_CRT_PARSE_C
396 if( strcmp( str,
"POLARSSL_ERR_PK_UNKNOWN_PK_ALG" ) == 0 )
401 #endif // POLARSSL_X509_CRT_PARSE_C
402 #ifdef POLARSSL_X509_CRT_PARSE_C
403 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
408 #endif // POLARSSL_X509_CRT_PARSE_C
409 #ifdef POLARSSL_X509_CRT_PARSE_C
410 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
415 #endif // POLARSSL_X509_CRT_PARSE_C
416 #ifdef POLARSSL_X509_CRT_PARSE_C
417 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
422 #endif // POLARSSL_X509_CRT_PARSE_C
423 #ifdef POLARSSL_X509_CRL_PARSE_C
424 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_VERSION" ) == 0 )
429 #endif // POLARSSL_X509_CRL_PARSE_C
430 #ifdef POLARSSL_X509_CRT_PARSE_C
431 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA " ) == 0 )
436 #endif // POLARSSL_X509_CRT_PARSE_C
437 #ifdef POLARSSL_X509_CRT_PARSE_C
438 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
443 #endif // POLARSSL_X509_CRT_PARSE_C
444 #ifdef POLARSSL_X509_CRL_PARSE_C
445 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
450 #endif // POLARSSL_X509_CRL_PARSE_C
451 #ifdef POLARSSL_FS_IO
452 #ifdef POLARSSL_X509_CRT_PARSE_C
453 #ifdef POLARSSL_X509_CRL_PARSE_C
454 if( strcmp( str,
"BADCRL_EXPIRED" ) == 0 )
459 #endif // POLARSSL_FS_IO
460 #endif // POLARSSL_X509_CRT_PARSE_C
461 #endif // POLARSSL_X509_CRL_PARSE_C
462 #ifdef POLARSSL_X509_CRT_PARSE_C
463 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY" ) == 0 )
468 #endif // POLARSSL_X509_CRT_PARSE_C
469 #ifdef POLARSSL_FS_IO
470 #ifdef POLARSSL_X509_CRT_PARSE_C
471 #ifdef POLARSSL_X509_CRL_PARSE_C
472 if( strcmp( str,
"BADCERT_NOT_TRUSTED" ) == 0 )
477 #endif // POLARSSL_FS_IO
478 #endif // POLARSSL_X509_CRT_PARSE_C
479 #endif // POLARSSL_X509_CRL_PARSE_C
480 #ifdef POLARSSL_X509_CRT_PARSE_C
481 if( strcmp( str,
"POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
486 #endif // POLARSSL_X509_CRT_PARSE_C
487 #ifdef POLARSSL_FS_IO
488 #ifdef POLARSSL_X509_CRT_PARSE_C
489 #ifdef POLARSSL_X509_CRL_PARSE_C
490 if( strcmp( str,
"BADCERT_REVOKED" ) == 0 )
495 #endif // POLARSSL_FS_IO
496 #endif // POLARSSL_X509_CRT_PARSE_C
497 #endif // POLARSSL_X509_CRL_PARSE_C
498 #ifdef POLARSSL_X509_CRT_PARSE_C
499 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
504 #endif // POLARSSL_X509_CRT_PARSE_C
505 #ifdef POLARSSL_X509_CRT_PARSE_C
506 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
511 #endif // POLARSSL_X509_CRT_PARSE_C
512 #ifdef POLARSSL_FS_IO
513 #ifdef POLARSSL_X509_CRT_PARSE_C
514 #ifdef POLARSSL_X509_CRL_PARSE_C
515 if( strcmp( str,
"BADCERT_REVOKED | BADCRL_EXPIRED" ) == 0 )
520 #endif // POLARSSL_FS_IO
521 #endif // POLARSSL_X509_CRT_PARSE_C
522 #endif // POLARSSL_X509_CRL_PARSE_C
523 #ifdef POLARSSL_X509_CRT_PARSE_C
524 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
529 #endif // POLARSSL_X509_CRT_PARSE_C
530 #ifdef POLARSSL_X509_CRL_PARSE_C
531 if( strcmp( str,
"POLARSSL_ERR_X509_SIG_MISMATCH" ) == 0 )
536 #endif // POLARSSL_X509_CRL_PARSE_C
537 #ifdef POLARSSL_FS_IO
538 #ifdef POLARSSL_X509_CRT_PARSE_C
539 #ifdef POLARSSL_X509_CRL_PARSE_C
540 if( strcmp( str,
"BADCERT_OTHER" ) == 0 )
545 #endif // POLARSSL_FS_IO
546 #endif // POLARSSL_X509_CRT_PARSE_C
547 #endif // POLARSSL_X509_CRL_PARSE_C
548 #ifdef POLARSSL_X509_CRT_PARSE_C
549 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE" ) == 0 )
554 #endif // POLARSSL_X509_CRT_PARSE_C
555 #ifdef POLARSSL_X509_CRT_PARSE_C
556 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
561 #endif // POLARSSL_X509_CRT_PARSE_C
562 #ifdef POLARSSL_X509_CRT_PARSE_C
563 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
568 #endif // POLARSSL_X509_CRT_PARSE_C
569 #ifdef POLARSSL_X509_CRT_PARSE_C
570 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
575 #endif // POLARSSL_X509_CRT_PARSE_C
576 #ifdef POLARSSL_X509_CRL_PARSE_C
577 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
582 #endif // POLARSSL_X509_CRL_PARSE_C
583 #ifdef POLARSSL_X509_CRL_PARSE_C
584 if( strcmp( str,
" 1" ) == 0 )
589 #endif // POLARSSL_X509_CRL_PARSE_C
590 #ifdef POLARSSL_X509_CRT_PARSE_C
591 if( strcmp( str,
" 1" ) == 0 )
596 #endif // POLARSSL_X509_CRT_PARSE_C
597 #ifdef POLARSSL_X509_CRT_PARSE_C
598 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_INVALID_LENGTH" ) == 0 )
603 #endif // POLARSSL_X509_CRT_PARSE_C
604 #ifdef POLARSSL_X509_CRT_PARSE_C
605 if( strcmp( str,
"POLARSSL_ERR_PK_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
610 #endif // POLARSSL_X509_CRT_PARSE_C
611 #ifdef POLARSSL_FS_IO
612 #ifdef POLARSSL_X509_CRT_PARSE_C
613 #ifdef POLARSSL_X509_CRL_PARSE_C
614 if( strcmp( str,
"POLARSSL_ERR_X509_CERT_VERIFY_FAILED" ) == 0 )
619 #endif // POLARSSL_FS_IO
620 #endif // POLARSSL_X509_CRT_PARSE_C
621 #endif // POLARSSL_X509_CRL_PARSE_C
622 #ifdef POLARSSL_X509_CRT_PARSE_C
623 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
628 #endif // POLARSSL_X509_CRT_PARSE_C
629 #ifdef POLARSSL_X509_CRL_PARSE_C
630 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
635 #endif // POLARSSL_X509_CRL_PARSE_C
636 #ifdef POLARSSL_X509_CRT_PARSE_C
637 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
642 #endif // POLARSSL_X509_CRT_PARSE_C
643 #ifdef POLARSSL_X509_CRT_PARSE_C
644 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
649 #endif // POLARSSL_X509_CRT_PARSE_C
650 #ifdef POLARSSL_X509_CRL_PARSE_C
651 if( strcmp( str,
"POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
656 #endif // POLARSSL_X509_CRL_PARSE_C
657 #ifdef POLARSSL_X509_CRL_PARSE_C
658 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
663 #endif // POLARSSL_X509_CRL_PARSE_C
664 #ifdef POLARSSL_X509_CRT_PARSE_C
665 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
670 #endif // POLARSSL_X509_CRT_PARSE_C
671 #ifdef POLARSSL_X509_CRT_PARSE_C
672 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
677 #endif // POLARSSL_X509_CRT_PARSE_C
678 #ifdef POLARSSL_X509_CRL_PARSE_C
679 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
684 #endif // POLARSSL_X509_CRL_PARSE_C
685 #ifdef POLARSSL_X509_CRT_PARSE_C
686 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
691 #endif // POLARSSL_X509_CRT_PARSE_C
692 #ifdef POLARSSL_X509_CRT_PARSE_C
693 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH" ) == 0 )
698 #endif // POLARSSL_X509_CRT_PARSE_C
699 #ifdef POLARSSL_X509_CRT_PARSE_C
700 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_INVALID_DATA" ) == 0 )
705 #endif // POLARSSL_X509_CRT_PARSE_C
706 #ifdef POLARSSL_X509_CRT_PARSE_C
707 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
712 #endif // POLARSSL_X509_CRT_PARSE_C
713 #ifdef POLARSSL_X509_CRT_PARSE_C
714 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
719 #endif // POLARSSL_X509_CRT_PARSE_C
720 #ifdef POLARSSL_X509_CRT_PARSE_C
721 if( strcmp( str,
"POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
726 #endif // POLARSSL_X509_CRT_PARSE_C
727 #ifdef POLARSSL_FS_IO
728 #ifdef POLARSSL_X509_CRT_PARSE_C
729 #ifdef POLARSSL_X509_CRL_PARSE_C
730 if( strcmp( str,
"BADCERT_CN_MISMATCH + BADCERT_NOT_TRUSTED" ) == 0 )
735 #endif // POLARSSL_FS_IO
736 #endif // POLARSSL_X509_CRT_PARSE_C
737 #endif // POLARSSL_X509_CRL_PARSE_C
738 #ifdef POLARSSL_X509_CRT_PARSE_C
739 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
744 #endif // POLARSSL_X509_CRT_PARSE_C
745 #ifdef POLARSSL_X509_CRL_PARSE_C
746 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
751 #endif // POLARSSL_X509_CRL_PARSE_C
752 #ifdef POLARSSL_X509_CRT_PARSE_C
753 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
758 #endif // POLARSSL_X509_CRT_PARSE_C
759 #ifdef POLARSSL_X509_CRT_PARSE_C
760 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
765 #endif // POLARSSL_X509_CRT_PARSE_C
766 #ifdef POLARSSL_X509_CRL_PARSE_C
767 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_FORMAT" ) == 0 )
772 #endif // POLARSSL_X509_CRL_PARSE_C
773 #ifdef POLARSSL_FS_IO
774 #ifdef POLARSSL_X509_CRT_PARSE_C
775 #ifdef POLARSSL_X509_CRL_PARSE_C
776 if( strcmp( str,
"BADCERT_REVOKED | BADCERT_CN_MISMATCH" ) == 0 )
781 #endif // POLARSSL_FS_IO
782 #endif // POLARSSL_X509_CRT_PARSE_C
783 #endif // POLARSSL_X509_CRL_PARSE_C
784 #ifdef POLARSSL_X509_CRT_PARSE_C
785 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + POLARSSL_ERR_OID_NOT_FOUND" ) == 0 )
790 #endif // POLARSSL_X509_CRT_PARSE_C
791 #ifdef POLARSSL_FS_IO
792 #ifdef POLARSSL_X509_CRT_PARSE_C
793 #ifdef POLARSSL_X509_CRL_PARSE_C
794 if( strcmp( str,
"BADCERT_CN_MISMATCH" ) == 0 )
799 #endif // POLARSSL_FS_IO
800 #endif // POLARSSL_X509_CRT_PARSE_C
801 #endif // POLARSSL_X509_CRL_PARSE_C
802 #ifdef POLARSSL_X509_CRT_PARSE_C
803 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_VERSION + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
808 #endif // POLARSSL_X509_CRT_PARSE_C
809 #ifdef POLARSSL_X509_CRT_PARSE_C
810 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
815 #endif // POLARSSL_X509_CRT_PARSE_C
816 #ifdef POLARSSL_X509_CRL_PARSE_C
817 if( strcmp( str,
"POLARSSL_ERR_X509_UNKNOWN_SIG_ALG" ) == 0 )
822 #endif // POLARSSL_X509_CRL_PARSE_C
823 #ifdef POLARSSL_X509_CRT_PARSE_C
824 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
829 #endif // POLARSSL_X509_CRT_PARSE_C
830 #ifdef POLARSSL_X509_CRL_PARSE_C
831 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
836 #endif // POLARSSL_X509_CRL_PARSE_C
837 #ifdef POLARSSL_X509_CRT_PARSE_C
838 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA" ) == 0 )
843 #endif // POLARSSL_X509_CRT_PARSE_C
844 #ifdef POLARSSL_X509_CRT_PARSE_C
845 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
850 #endif // POLARSSL_X509_CRT_PARSE_C
851 #ifdef POLARSSL_X509_CRL_PARSE_C
852 if( strcmp( str,
"POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG" ) == 0 )
857 #endif // POLARSSL_X509_CRL_PARSE_C
860 printf(
"Expected integer for parameter and got: %s\n", str );
864 #ifdef POLARSSL_FS_IO
865 #ifdef POLARSSL_X509_CRT_PARSE_C
866 void test_suite_x509_cert_info(
char *crt_file,
char *result_str )
873 memset( buf, 0, 2000 );
888 #ifdef POLARSSL_FS_IO
889 #ifdef POLARSSL_X509_CRL_PARSE_C
890 void test_suite_x509_crl_info(
char *crl_file,
char *result_str )
897 memset( buf, 0, 2000 );
912 #ifdef POLARSSL_FS_IO
913 #ifdef POLARSSL_X509_CRT_PARSE_C
914 #ifdef POLARSSL_X509_CRL_PARSE_C
915 void test_suite_x509_verify(
char *crt_file,
char *ca_file,
char *crl_file,
916 char *cn_name_str,
int result,
int flags_result,
917 char *verify_callback )
924 int (*f_vrfy)(
void *,
x509_crt *, int,
int *) = NULL;
925 char * cn_name = NULL;
931 if( strcmp( cn_name_str,
"NULL" ) != 0 )
932 cn_name = cn_name_str;
934 if( strcmp( verify_callback,
"NULL" ) == 0 )
936 else if( strcmp( verify_callback,
"verify_none" ) == 0 )
937 f_vrfy = verify_none;
938 else if( strcmp( verify_callback,
"verify_all" ) == 0 )
941 TEST_ASSERT(
"No known verify callback selected" == 0 );
947 res =
x509_crt_verify( &crt, &ca, &crl, cn_name, &flags, f_vrfy, NULL );
960 #ifdef POLARSSL_FS_IO
961 #ifdef POLARSSL_X509_USE_C
962 void test_suite_x509_dn_gets(
char *crt_file,
char *entity,
char *result_str )
969 memset( buf, 0, 2000 );
972 if( strcmp( entity,
"subject" ) == 0 )
974 else if( strcmp( entity,
"issuer" ) == 0 )
989 #ifdef POLARSSL_FS_IO
990 #ifdef POLARSSL_X509_USE_C
991 void test_suite_x509_time_expired(
char *crt_file,
char *entity,
int result )
999 if( strcmp( entity,
"valid_from" ) == 0 )
1001 else if( strcmp( entity,
"valid_to" ) == 0 )
1011 #ifdef POLARSSL_X509_CRT_PARSE_C
1012 void test_suite_x509parse_crt(
char *crt_data,
char *result_str,
int result )
1015 unsigned char buf[2000];
1016 unsigned char output[2000];
1020 memset( buf, 0, 2000 );
1021 memset( output, 0, 2000 );
1023 data_len =
unhexify( buf, crt_data );
1026 if( ( result ) == 0 )
1033 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1040 #ifdef POLARSSL_X509_CRL_PARSE_C
1041 void test_suite_x509parse_crl(
char *crl_data,
char *result_str,
int result )
1044 unsigned char buf[2000];
1045 unsigned char output[2000];
1049 memset( buf, 0, 2000 );
1050 memset( output, 0, 2000 );
1052 data_len =
unhexify( buf, crl_data );
1055 if( ( result ) == 0 )
1062 TEST_ASSERT( strcmp( (
char *) output, result_str ) == 0 );
1069 #ifdef POLARSSL_X509_CRT_PARSE_C
1070 #ifdef POLARSSL_SELF_TEST
1071 void test_suite_x509_selftest()
1087 if( strcmp( str,
"POLARSSL_ECDSA_C" ) == 0 )
1089 #if defined(POLARSSL_ECDSA_C)
1095 if( strcmp( str,
"POLARSSL_PKCS1_V15" ) == 0 )
1097 #if defined(POLARSSL_PKCS1_V15)
1103 if( strcmp( str,
"POLARSSL_SHA512_C" ) == 0 )
1105 #if defined(POLARSSL_SHA512_C)
1111 if( strcmp( str,
"POLARSSL_RSA_C" ) == 0 )
1113 #if defined(POLARSSL_RSA_C)
1119 if( strcmp( str,
"POLARSSL_MD5_C" ) == 0 )
1121 #if defined(POLARSSL_MD5_C)
1127 if( strcmp( str,
"POLARSSL_MD4_C" ) == 0 )
1129 #if defined(POLARSSL_MD4_C)
1135 if( strcmp( str,
"POLARSSL_ECP_DP_SECP192R1_ENABLED" ) == 0 )
1137 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
1143 if( strcmp( str,
"POLARSSL_PEM_PARSE_C" ) == 0 )
1145 #if defined(POLARSSL_PEM_PARSE_C)
1151 if( strcmp( str,
"POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3" ) == 0 )
1153 #if defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
1159 if( strcmp( str,
"POLARSSL_ECP_C" ) == 0 )
1161 #if defined(POLARSSL_ECP_C)
1167 if( strcmp( str,
"POLARSSL_SHA1_C" ) == 0 )
1169 #if defined(POLARSSL_SHA1_C)
1175 if( strcmp( str,
"POLARSSL_SHA256_C" ) == 0 )
1177 #if defined(POLARSSL_SHA256_C)
1183 if( strcmp( str,
"POLARSSL_ECP_DP_SECP256R1_ENABLED" ) == 0 )
1185 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
1202 #if defined(TEST_SUITE_ACTIVE)
1203 if( strcmp( params[0],
"x509_cert_info" ) == 0 )
1205 #ifdef POLARSSL_FS_IO
1206 #ifdef POLARSSL_X509_CRT_PARSE_C
1208 char *param1 = params[1];
1209 char *param2 = params[2];
1213 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1220 test_suite_x509_cert_info( param1, param2 );
1228 if( strcmp( params[0],
"x509_crl_info" ) == 0 )
1230 #ifdef POLARSSL_FS_IO
1231 #ifdef POLARSSL_X509_CRL_PARSE_C
1233 char *param1 = params[1];
1234 char *param2 = params[2];
1238 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 3 );
1245 test_suite_x509_crl_info( param1, param2 );
1253 if( strcmp( params[0],
"x509_verify" ) == 0 )
1255 #ifdef POLARSSL_FS_IO
1256 #ifdef POLARSSL_X509_CRT_PARSE_C
1257 #ifdef POLARSSL_X509_CRL_PARSE_C
1259 char *param1 = params[1];
1260 char *param2 = params[2];
1261 char *param3 = params[3];
1262 char *param4 = params[4];
1265 char *param7 = params[7];
1269 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 8 );
1277 if(
verify_int( params[5], ¶m5 ) != 0 )
return( 2 );
1278 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
1281 test_suite_x509_verify( param1, param2, param3, param4, param5, param6, param7 );
1290 if( strcmp( params[0],
"x509_dn_gets" ) == 0 )
1292 #ifdef POLARSSL_FS_IO
1293 #ifdef POLARSSL_X509_USE_C
1295 char *param1 = params[1];
1296 char *param2 = params[2];
1297 char *param3 = params[3];
1301 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
1309 test_suite_x509_dn_gets( param1, param2, param3 );
1317 if( strcmp( params[0],
"x509_time_expired" ) == 0 )
1319 #ifdef POLARSSL_FS_IO
1320 #ifdef POLARSSL_X509_USE_C
1322 char *param1 = params[1];
1323 char *param2 = params[2];
1328 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
1334 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
1336 test_suite_x509_time_expired( param1, param2, param3 );
1344 if( strcmp( params[0],
"x509parse_crt" ) == 0 )
1346 #ifdef POLARSSL_X509_CRT_PARSE_C
1348 char *param1 = params[1];
1349 char *param2 = params[2];
1354 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
1360 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
1362 test_suite_x509parse_crt( param1, param2, param3 );
1369 if( strcmp( params[0],
"x509parse_crl" ) == 0 )
1371 #ifdef POLARSSL_X509_CRL_PARSE_C
1373 char *param1 = params[1];
1374 char *param2 = params[2];
1379 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 4 );
1385 if(
verify_int( params[3], ¶m3 ) != 0 )
return( 2 );
1387 test_suite_x509parse_crl( param1, param2, param3 );
1394 if( strcmp( params[0],
"x509_selftest" ) == 0 )
1396 #ifdef POLARSSL_X509_CRT_PARSE_C
1397 #ifdef POLARSSL_SELF_TEST
1402 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 1 );
1407 test_suite_x509_selftest( );
1417 fprintf( stdout,
"FAILED\nSkipping unknown test function '%s'\n", params[0] );
1431 ret = fgets( buf, len, f );
1435 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\n' )
1436 buf[strlen(buf) - 1] =
'\0';
1437 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\r' )
1438 buf[strlen(buf) - 1] =
'\0';
1449 params[cnt++] = cur;
1451 while( *p !=
'\0' && p < buf + len )
1461 if( p + 1 < buf + len )
1464 params[cnt++] = cur;
1473 for( i = 0; i < cnt; i++ )
1480 if( *p ==
'\\' && *(p + 1) ==
'n' )
1485 else if( *p ==
'\\' && *(p + 1) ==
':' )
1490 else if( *p ==
'\\' && *(p + 1) ==
'?' )
1506 int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
1507 const char *filename =
"/tmp/B.6b9404fc-5e27-486e-9bbd-77463d7343ee/BUILD/polarssl-1.3.2/tests/suites/test_suite_x509parse.data";
1512 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1513 unsigned char alloc_buf[1000000];
1514 memory_buffer_alloc_init( alloc_buf,
sizeof(alloc_buf) );
1517 file = fopen( filename,
"r" );
1520 fprintf( stderr,
"Failed to open\n" );
1524 while( !feof( file ) )
1528 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
1530 fprintf( stdout,
"%s%.66s", test_errors ?
"\n" :
"", buf );
1531 fprintf( stdout,
" " );
1532 for( i = strlen( buf ) + 1; i < 67; i++ )
1533 fprintf( stdout,
"." );
1534 fprintf( stdout,
" " );
1539 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
1543 if( strcmp( params[0],
"depends_on" ) == 0 )
1545 for( i = 1; i < cnt; i++ )
1549 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
1560 if( skip == 1 || ret == 3 )
1563 fprintf( stdout,
"----\n" );
1566 else if( ret == 0 && test_errors == 0 )
1568 fprintf( stdout,
"PASS\n" );
1573 fprintf( stderr,
"FAILED: FATAL PARSE ERROR\n" );
1580 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
1582 if( strlen(buf) != 0 )
1584 fprintf( stderr,
"Should be empty %d\n", (
int) strlen(buf) );
1590 fprintf( stdout,
"\n----------------------------------------------------------------------------\n\n");
1591 if( total_errors == 0 )
1592 fprintf( stdout,
"PASSED" );
1594 fprintf( stdout,
"FAILED" );
1596 fprintf( stdout,
" (%d / %d tests (%d skipped))\n",
1597 total_tests - total_errors, total_tests, total_skipped );
1599 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1600 #if defined(POLARSSL_MEMORY_DEBUG)
1601 memory_buffer_alloc_status();
1603 memory_buffer_alloc_free();
1606 return( total_errors != 0 );
#define POLARSSL_ERR_PK_INVALID_ALG
The algorithm tag or value is invalid.
int x509_time_expired(const x509_time *time)
Check a given x509_time against the system time and check if it is valid.
#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT
Invalid key tag or value.
void x509_crl_init(x509_crl *crl)
Initialize a CRL (chain)
#define POLARSSL_ERR_X509_INVALID_DATE
The date tag or value is invalid.
#define BADCERT_OTHER
Other reason (can be used by verify callback)
Info structure for the pseudo random function.
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH
Actual length differs from expected length.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
#define POLARSSL_ERR_X509_INVALID_FORMAT
The CRT/CRL/CSR format is invalid, e.g.
int x509_crt_parse(x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse one or more certificates and add them to the chained list.
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
void x509_crt_free(x509_crt *crt)
Unallocate all certificate data.
Configuration options (set of defines)
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
Signature algorithm (oid) is unsupported.
#define POLARSSL_ERR_ASN1_INVALID_DATA
Data is invalid.
#define POLARSSL_ERR_X509_INVALID_SIGNATURE
The signature tag or value invalid.
static int test_assert(int correct, char *test)
#define POLARSSL_ERR_ASN1_INVALID_LENGTH
Error when trying to determine the length or invalid length.
#define POLARSSL_ERR_X509_UNKNOWN_VERSION
CRT/CRL/CSR has an unsupported version number.
int main(int argc, char *argv[])
int x509_crl_parse_file(x509_crl *chain, const char *path)
Load one or more CRLs and add them to the chained list.
Object Identifier (OID) database.
int x509_crl_parse(x509_crl *chain, const unsigned char *buf, size_t buflen)
Parse one or more CRLs and add them to the chained list.
int x509_crl_info(char *buf, size_t size, const char *prefix, const x509_crl *crl)
Returns an informational string about the CRL.
Multi-precision integer library.
#define TEST_ASSERT(TEST)
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED
Certificate verification failed, e.g.
Container for an X.509 certificate.
#define POLARSSL_ERR_OID_NOT_FOUND
OID is not found.
Privacy Enhanced Mail (PEM) decoding.
x509_time valid_from
Start time of certificate validity.
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
void x509_crl_free(x509_crl *crl)
Unallocate all CRL data.
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
void x509_crt_init(x509_crt *crt)
Initialize a certificate (chain)
x509_name subject
The parsed subject data (named information object).
int x509_crt_verify(x509_crt *crt, x509_crt *trust_ca, x509_crl *ca_crl, const char *cn, int *flags, int(*f_vrfy)(void *, x509_crt *, int, int *), void *p_vrfy)
Verify the certificate signature.
x509_time valid_to
End time of certificate validity.
X.509 certificate parsing and writing.
#define POLARSSL_ERR_X509_INVALID_ALG
The algorithm tag or value is invalid.
int parse_arguments(char *buf, size_t len, char *params[50])
#define POLARSSL_ERR_ASN1_OUT_OF_DATA
Out of data when parsing an ASN1 data structure.
#define BADCERT_NOT_TRUSTED
The certificate is not correctly signed by the trusted CA.
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
static int unhexify(unsigned char *obuf, const char *ibuf)
int verify_string(char **str)
x509_name issuer
The parsed issuer data (named information object).
#define POLARSSL_ERR_X509_INVALID_NAME
The name tag or value is invalid.
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
#define BADCERT_REVOKED
The certificate has been revoked (is on a CRL).
#define BADCRL_EXPIRED
CRL is expired.
int dispatch_test(int cnt, char *params[50])
X.509 certificate revocation list parsing.
#define POLARSSL_ERR_X509_INVALID_VERSION
The CRT/CRL/CSR version element is invalid.
Certificate revocation list structure.
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS
The extension tag or value is invalid.
#define PUT_UINT32_BE(n, b, i)
#define BADCERT_CN_MISMATCH
The certificate Common Name (CN) does not match with the expected CN.
int x509_self_test(int verbose)
Checkup routine.
int verify_int(char *str, int *value)
int x509_crt_info(char *buf, size_t size, const char *prefix, const x509_crt *crt)
Returns an informational string about the certificate.
#define POLARSSL_ERR_X509_INVALID_SERIAL
The serial tag or value is invalid.
#define POLARSSL_ERR_PK_INVALID_PUBKEY
The pubkey tag or value is invalid (only RSA and EC are supported).
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG
ASN1 tag was of an unexpected value.
#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG
Key algorithm is unsupported (only RSA and EC are supported).
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
#define POLARSSL_ERR_X509_SIG_MISMATCH
Signature algorithms do not match.
int get_line(FILE *f, char *buf, size_t len)
int x509_crt_parse_file(x509_crt *chain, const char *path)
Load one or more certificates and add them to the chained list.