Merge pull request #6171 from mprse/md_x509_test
Driver-only hashes: X.509
This commit is contained in:
Gilles Peskine
GitHub
commit
03f1c39ac7
20 changed files with 848 additions and 754 deletions
|
|
@ -889,14 +889,16 @@
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
|
||||
!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \
|
||||
!defined(MBEDTLS_PK_PARSE_C) )
|
||||
!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \
|
||||
!defined(MBEDTLS_PK_PARSE_C) || \
|
||||
( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) )
|
||||
#error "MBEDTLS_X509_USE_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
|
||||
!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \
|
||||
!defined(MBEDTLS_PK_WRITE_C) )
|
||||
!defined(MBEDTLS_PK_PARSE_C) || \
|
||||
( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) )
|
||||
#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
|
|
|
|||
|
|
@ -3118,8 +3118,11 @@
|
|||
* library/x509_crt.c
|
||||
* library/x509_csr.c
|
||||
*
|
||||
* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
|
||||
* MBEDTLS_PK_PARSE_C
|
||||
* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
|
||||
* (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
|
||||
*
|
||||
* \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init()
|
||||
* before doing any X.509 operation.
|
||||
*
|
||||
* This module is required for the X.509 parsing modules.
|
||||
*/
|
||||
|
|
@ -3176,7 +3179,11 @@
|
|||
*
|
||||
* Module: library/x509_create.c
|
||||
*
|
||||
* Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
|
||||
* Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
|
||||
* (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
|
||||
*
|
||||
* \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init()
|
||||
* before doing any X.509 create operation.
|
||||
*
|
||||
* This module is the basis for creating X.509 certificates and CSRs.
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -34,9 +34,7 @@
|
|||
#include "mbedtls/cipher.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
#include "mbedtls/md.h"
|
||||
#endif
|
||||
|
||||
/** OID is not found. */
|
||||
#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E
|
||||
|
|
@ -519,7 +517,6 @@ int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
|
|||
const char **oid, size_t *olen );
|
||||
#endif /* MBEDTLS_ECP_C */
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
/**
|
||||
* \brief Translate SignatureAlgorithm OID into md_type and pk_type
|
||||
*
|
||||
|
|
@ -564,7 +561,6 @@ int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t
|
|||
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
|
||||
*/
|
||||
int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac );
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
/**
|
||||
* \brief Translate hash algorithm OID into md_type
|
||||
|
|
|
|||
|
|
@ -1108,7 +1108,7 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
|
|||
int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
|
||||
int is_ca, int max_pathlen );
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_SHA1_C) || ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
|
||||
/**
|
||||
* \brief Set the subjectKeyIdentifier extension for a CRT
|
||||
* Requires that mbedtls_x509write_crt_set_subject_key() has been
|
||||
|
|
@ -1130,7 +1130,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
|
|||
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
|
||||
*/
|
||||
int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#endif /* MBEDTLS_SHA1_C || (MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_1)*/
|
||||
|
||||
/**
|
||||
* \brief Set the Key Usage Extension flags
|
||||
|
|
|
|||
|
|
@ -90,6 +90,9 @@
|
|||
#define MBEDTLS_OR_PSA_HELPERS_H
|
||||
|
||||
#include "common.h"
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
#include "psa/crypto.h"
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
||||
/*
|
||||
* Hashes
|
||||
|
|
|
|||
|
|
@ -329,7 +329,6 @@ FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certi
|
|||
FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description)
|
||||
#endif /* MBEDTLS_X509_REMOVE_INFO */
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
/*
|
||||
* For SignatureAlgorithmIdentifier
|
||||
*/
|
||||
|
|
@ -342,80 +341,80 @@ typedef struct {
|
|||
static const oid_sig_alg_t oid_sig_alg[] =
|
||||
{
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5" ),
|
||||
MBEDTLS_MD_MD5, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_MD5_C */
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA1, "sha-1WithRSAEncryption", "RSA with SHA1" ),
|
||||
MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA224, "sha224WithRSAEncryption", "RSA with SHA-224" ),
|
||||
MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA256, "sha256WithRSAEncryption", "RSA with SHA-256" ),
|
||||
MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA384, "sha384WithRSAEncryption", "RSA with SHA-384" ),
|
||||
MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA384_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA512, "sha512WithRSAEncryption", "RSA with SHA-512" ),
|
||||
MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_RSA_SHA_OBS, "sha-1WithRSAEncryption", "RSA with SHA1" ),
|
||||
MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA1, "ecdsa-with-SHA1", "ECDSA with SHA1" ),
|
||||
MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA224, "ecdsa-with-SHA224", "ECDSA with SHA224" ),
|
||||
MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA256, "ecdsa-with-SHA256", "ECDSA with SHA256" ),
|
||||
MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384" ),
|
||||
MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA384_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512" ),
|
||||
MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */
|
||||
#endif /* MBEDTLS_ECDSA_C */
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
{
|
||||
|
|
@ -437,7 +436,6 @@ FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg
|
|||
|
||||
FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg)
|
||||
FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg)
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
/*
|
||||
* For PublicKeyInfo (PKCS1, RFC 5480)
|
||||
|
|
@ -650,7 +648,6 @@ FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
|
|||
FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
|
||||
FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg)
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
/*
|
||||
* For HMAC digestAlgorithm
|
||||
*/
|
||||
|
|
@ -661,36 +658,36 @@ typedef struct {
|
|||
|
||||
static const oid_md_hmac_t oid_md_hmac[] =
|
||||
{
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA1, "hmacSHA1", "HMAC-SHA-1" ),
|
||||
MBEDTLS_MD_SHA1,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA224, "hmacSHA224", "HMAC-SHA-224" ),
|
||||
MBEDTLS_MD_SHA224,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA256, "hmacSHA256", "HMAC-SHA-256" ),
|
||||
MBEDTLS_MD_SHA256,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA384, "hmacSHA384", "HMAC-SHA-384" ),
|
||||
MBEDTLS_MD_SHA384,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA384_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA512, "hmacSHA512", "HMAC-SHA-512" ),
|
||||
MBEDTLS_MD_SHA512,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */
|
||||
{
|
||||
NULL_OID_DESCRIPTOR,
|
||||
MBEDTLS_MD_NONE,
|
||||
|
|
@ -699,7 +696,6 @@ static const oid_md_hmac_t oid_md_hmac[] =
|
|||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac)
|
||||
FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac)
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
#if defined(MBEDTLS_PKCS12_C)
|
||||
/*
|
||||
|
|
|
|||
116
library/pem.c
116
library/pem.c
|
|
@ -29,6 +29,7 @@
|
|||
#include "mbedtls/cipher.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "hash_info.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
|
@ -40,14 +41,25 @@
|
|||
#define mbedtls_free free
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "psa/crypto.h"
|
||||
#endif
|
||||
|
||||
#include "legacy_or_psa.h"
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#define PEM_RFC1421
|
||||
#endif /* MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
void mbedtls_pem_init( mbedtls_pem_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( mbedtls_pem_context ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#if defined(PEM_RFC1421)
|
||||
/*
|
||||
* Read a 16-byte hex string and convert it to binary
|
||||
*/
|
||||
|
|
@ -73,6 +85,7 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
static int pem_pbkdf1( unsigned char *key, size_t keylen,
|
||||
unsigned char *iv,
|
||||
const unsigned char *pwd, size_t pwdlen )
|
||||
|
|
@ -130,6 +143,84 @@ exit:
|
|||
|
||||
return( ret );
|
||||
}
|
||||
#else
|
||||
static int pem_pbkdf1( unsigned char *key, size_t keylen,
|
||||
unsigned char *iv,
|
||||
const unsigned char *pwd, size_t pwdlen )
|
||||
{
|
||||
unsigned char md5sum[16];
|
||||
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
|
||||
size_t output_length = 0;
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
|
||||
if( ( status = psa_hash_setup( &operation, PSA_ALG_MD5 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, pwd, pwdlen ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, iv, 8 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_finish( &operation, md5sum,
|
||||
PSA_HASH_LENGTH( PSA_ALG_MD5 ),
|
||||
&output_length ) ) != PSA_SUCCESS )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( status = psa_hash_abort( &operation ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
/*
|
||||
* key[ 0..15] = MD5(pwd || IV)
|
||||
*/
|
||||
if( keylen <= 16 )
|
||||
{
|
||||
memcpy( key, md5sum, keylen );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
memcpy( key, md5sum, 16 );
|
||||
|
||||
/*
|
||||
* key[16..23] = MD5(key[ 0..15] || pwd || IV])
|
||||
*/
|
||||
if( ( status = psa_hash_setup( &operation, PSA_ALG_MD5 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, md5sum, 16 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, pwd, pwdlen ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, iv, 8 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_finish( &operation, md5sum,
|
||||
PSA_HASH_LENGTH( PSA_ALG_MD5 ),
|
||||
&output_length ) ) != PSA_SUCCESS )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( status = psa_hash_abort( &operation ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
size_t use_len = 16;
|
||||
if( keylen < 32 )
|
||||
use_len = keylen - 16;
|
||||
|
||||
memcpy( key + 16, md5sum, use_len );
|
||||
|
||||
exit:
|
||||
mbedtls_platform_zeroize( md5sum, 16 );
|
||||
|
||||
return( mbedtls_md_error_from_psa ( status ) );
|
||||
}
|
||||
#endif /* MBEDTLS_MD5_C */
|
||||
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
/*
|
||||
|
|
@ -219,8 +310,7 @@ exit:
|
|||
}
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
|
||||
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
#endif /* PEM_RFC1421 */
|
||||
|
||||
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
|
||||
const unsigned char *data, const unsigned char *pwd,
|
||||
|
|
@ -230,15 +320,13 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
size_t len;
|
||||
unsigned char *buf;
|
||||
const unsigned char *s1, *s2, *end;
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#if defined(PEM_RFC1421)
|
||||
unsigned char pem_iv[16];
|
||||
mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE;
|
||||
#else
|
||||
((void) pwd);
|
||||
((void) pwdlen);
|
||||
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
#endif /* PEM_RFC1421 */
|
||||
|
||||
if( ctx == NULL )
|
||||
return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA );
|
||||
|
|
@ -270,8 +358,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
|
||||
if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
|
||||
{
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#if defined(PEM_RFC1421)
|
||||
enc++;
|
||||
|
||||
s1 += 22;
|
||||
|
|
@ -333,8 +420,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
else return( MBEDTLS_ERR_PEM_INVALID_DATA );
|
||||
#else
|
||||
return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
|
||||
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
#endif /* PEM_RFC1421 */
|
||||
}
|
||||
|
||||
if( s1 >= s2 )
|
||||
|
|
@ -357,8 +443,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
|
||||
if( enc != 0 )
|
||||
{
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#if defined(PEM_RFC1421)
|
||||
if( pwd == NULL )
|
||||
{
|
||||
mbedtls_platform_zeroize( buf, len );
|
||||
|
|
@ -406,8 +491,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
mbedtls_platform_zeroize( buf, len );
|
||||
mbedtls_free( buf );
|
||||
return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
|
||||
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
#endif /* PEM_RFC1421 */
|
||||
}
|
||||
|
||||
ctx->buf = buf;
|
||||
|
|
|
|||
|
|
@ -62,6 +62,8 @@
|
|||
#include <time.h>
|
||||
#endif
|
||||
|
||||
#include "legacy_or_psa.h"
|
||||
|
||||
#define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); }
|
||||
#define CHECK_RANGE(min, max, val) \
|
||||
do \
|
||||
|
|
@ -138,31 +140,31 @@ static inline const char* md_type_to_string( mbedtls_md_type_t md_alg )
|
|||
{
|
||||
switch( md_alg )
|
||||
{
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_MD5:
|
||||
return( "MD5" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA1:
|
||||
return( "SHA1" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA224:
|
||||
return( "SHA224" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA256:
|
||||
return( "SHA256" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA384:
|
||||
return( "SHA384" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA512:
|
||||
return( "SHA512" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_RIPEMD160:
|
||||
return( "RIPEMD160" );
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -46,6 +46,8 @@
|
|||
#include "hash_info.h"
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#include "legacy_or_psa.h"
|
||||
|
||||
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
|
||||
|
|
@ -172,7 +174,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
|
|||
is_ca, buf + sizeof(buf) - len, len ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
static int mbedtls_x509write_crt_set_key_identifier( mbedtls_x509write_cert *ctx,
|
||||
int is_ca,
|
||||
unsigned char tag )
|
||||
|
|
@ -254,7 +256,7 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
|
|||
1,
|
||||
(MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0) );
|
||||
}
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
|
||||
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
|
||||
unsigned int key_usage )
|
||||
|
|
|
|||
|
|
@ -1876,14 +1876,6 @@ component_test_psa_crypto_config_accel_hash_use_psa () {
|
|||
scripts/config.py unset MBEDTLS_PKCS12_C
|
||||
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC
|
||||
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
|
||||
# X.509 currently depends on MD_C
|
||||
scripts/config.py unset MBEDTLS_X509_CREATE_C
|
||||
scripts/config.py unset MBEDTLS_X509_CRL_PARSE_C
|
||||
scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C
|
||||
scripts/config.py unset MBEDTLS_X509_CRT_WRITE_C
|
||||
scripts/config.py unset MBEDTLS_X509_CSR_PARSE_C
|
||||
scripts/config.py unset MBEDTLS_X509_CSR_WRITE_C
|
||||
scripts/config.py unset MBEDTLS_X509_USE_C
|
||||
# TLS currently depends on MD_C
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
|
||||
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
|
|
|
|||
|
|
@ -59,31 +59,31 @@ OID get x509 extension - wrong oid - id-ce
|
|||
oid_get_x509_extension:"551D":0
|
||||
|
||||
OID hash id - id-md5
|
||||
depends_on:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
|
||||
oid_get_md_alg_id:"2A864886f70d0205":MBEDTLS_MD_MD5
|
||||
|
||||
OID hash id - id-sha1
|
||||
depends_on:MBEDTLS_SHA1_C
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
|
||||
oid_get_md_alg_id:"2b0e03021a":MBEDTLS_MD_SHA1
|
||||
|
||||
OID hash id - id-sha224
|
||||
depends_on:MBEDTLS_SHA224_C
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
|
||||
oid_get_md_alg_id:"608648016503040204":MBEDTLS_MD_SHA224
|
||||
|
||||
OID hash id - id-sha256
|
||||
depends_on:MBEDTLS_SHA256_C
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
|
||||
oid_get_md_alg_id:"608648016503040201":MBEDTLS_MD_SHA256
|
||||
|
||||
OID hash id - id-sha384
|
||||
depends_on:MBEDTLS_SHA384_C
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
|
||||
oid_get_md_alg_id:"608648016503040202":MBEDTLS_MD_SHA384
|
||||
|
||||
OID hash id - id-sha512
|
||||
depends_on:MBEDTLS_SHA512_C
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
|
||||
oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512
|
||||
|
||||
OID hash id - id-ripemd160
|
||||
depends_on:MBEDTLS_RIPEMD160_C
|
||||
depends_on:MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
|
||||
oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160
|
||||
|
||||
OID hash id - invalid oid
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
#include "mbedtls/asn1.h"
|
||||
#include "mbedtls/asn1write.h"
|
||||
#include "string.h"
|
||||
#include "legacy_or_psa.h"
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
|
|
@ -82,7 +83,7 @@ void oid_get_x509_extension( data_t *oid, int exp_type )
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_MD_C */
|
||||
/* BEGIN_CASE */
|
||||
void oid_get_md_alg_id( data_t *oid, int exp_md_id )
|
||||
{
|
||||
mbedtls_asn1_buf md_oid = { 0, 0, NULL };
|
||||
|
|
|
|||
|
|
@ -20,22 +20,25 @@ PEM read (unencrypted, valid)
|
|||
mbedtls_pem_read_buffer:"^":"$":"^\nTWJlZCBUTFM=\n$":"":0:"4d62656420544c53"
|
||||
|
||||
PEM read (DES-EDE3-CBC + invalid iv)
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
|
||||
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:""
|
||||
|
||||
PEM read (DES-CBC + invalid iv)
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
|
||||
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:""
|
||||
|
||||
PEM read (unknown encryption algorithm)
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC
|
||||
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG:""
|
||||
|
||||
PEM read (malformed PEM DES-CBC)
|
||||
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:""
|
||||
|
||||
PEM read (malformed PEM DES-EDE3-CBC)
|
||||
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:""
|
||||
|
||||
PEM read (malformed PEM AES-128-CBC)
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,AA94892A169FA426AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:""
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@
|
|||
#include "mbedtls/pem.h"
|
||||
#include "mbedtls/des.h"
|
||||
#include "mbedtls/aes.h"
|
||||
#include "legacy_or_psa.h"
|
||||
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
|
||||
|
|
@ -32,7 +34,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C */
|
||||
void mbedtls_pem_read_buffer( char *header, char *footer, char *data,
|
||||
char *pwd, int res, data_t *out )
|
||||
{
|
||||
|
|
|
|||
|
|
@ -1,77 +1,77 @@
|
|||
Parse RSA Key #1 (No password when required)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
|
||||
pk_parse_keyfile_rsa:"data_files/test-ca.key":"NULL":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
|
||||
|
||||
Parse RSA Key #2 (Correct password)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
|
||||
pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLTest":0
|
||||
|
||||
Parse RSA Key #3 (Wrong password)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
|
||||
pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLWRONG":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
|
||||
|
||||
Parse RSA Key #4 (DES Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_des.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #5 (3DES Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_3des.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #6 (AES-128 Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes128.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #7 (AES-192 Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes192.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #8 (AES-256 Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes256.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #9 (2048-bit, DES Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_des.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #10 (2048-bit, 3DES Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_3des.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #11 (2048-bit, AES-128 Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes128.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #12 (2048-bit, AES-192 Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes192.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #13 (2048-bit, AES-256 Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes256.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #14 (4096-bit, DES Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_des.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #15 (4096-bit, 3DES Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_3des.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #16 (4096-bit, AES-128 Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes128.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #17 (4096-bit, AES-192 Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes192.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #18 (4096-bit, AES-256 Encrypted)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
|
||||
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes256.pem":"testkey":0
|
||||
|
||||
Parse RSA Key #19 (PKCS#8 wrapped)
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C
|
||||
depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C
|
||||
pk_parse_keyfile_rsa:"data_files/format_gen.key":"":0
|
||||
|
||||
Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES)
|
||||
|
|
@ -949,7 +949,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
|||
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pem":"NULL":0
|
||||
|
||||
Parse EC Key #3 (SEC1 PEM encrypted)
|
||||
depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA
|
||||
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pw.pem":"polar":0
|
||||
|
||||
Parse EC Key #4 (PKCS8 DER)
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
#include "mbedtls/pk.h"
|
||||
#include "mbedtls/pem.h"
|
||||
#include "mbedtls/oid.h"
|
||||
#include "legacy_or_psa.h"
|
||||
/* END_HEADER */
|
||||
|
||||
/* BEGIN_DEPENDENCIES
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -10,6 +10,8 @@
|
|||
#include "mbedtls/error.h"
|
||||
#include "string.h"
|
||||
|
||||
#include "legacy_or_psa.h"
|
||||
|
||||
#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19
|
||||
#error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \
|
||||
than the current threshold 19. To test larger values, please \
|
||||
|
|
|
|||
|
|
@ -1,141 +1,141 @@
|
|||
Certificate Request check Server1 SHA1
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0
|
||||
|
||||
Certificate Request check Server1 SHA224
|
||||
depends_on:MBEDTLS_SHA224_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0
|
||||
|
||||
Certificate Request check Server1 SHA256
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0
|
||||
|
||||
Certificate Request check Server1 SHA384
|
||||
depends_on:MBEDTLS_SHA384_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0
|
||||
|
||||
Certificate Request check Server1 SHA512
|
||||
depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0
|
||||
|
||||
Certificate Request check Server1 MD5
|
||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0
|
||||
|
||||
Certificate Request check Server1 key_usage
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0
|
||||
|
||||
Certificate Request check opaque Server1 key_usage
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check_opaque:"data_files/server1.key":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
|
||||
|
||||
Certificate Request check Server1 key_usage empty
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0
|
||||
|
||||
Certificate Request check Server1 ns_cert_type
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
|
||||
|
||||
Certificate Request check Server1 ns_cert_type empty
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1
|
||||
|
||||
Certificate Request check Server1 key_usage + ns_cert_type
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||
x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
|
||||
|
||||
Certificate Request check Server5 ECDSA, key_usage
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0
|
||||
|
||||
Certificate Request check opaque Server5 ECDSA, key_usage
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
|
||||
|
||||
Certificate write check Server1 SHA1
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, not before 1970
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, not after 2050
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, not before 1970, not after 2050
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, not before 2050, not after 2059
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20500210144406":"20590210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, key_usage
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, ns_cert_type
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, version 1
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, CA
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":0:1:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, RSA_ALT
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, RSA_ALT, key_usage
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, RSA_ALT, version 1
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, RSA_ALT, CA
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, Opaque
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":2:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, Opaque, key_usage
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":2:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, Opaque, ns_cert_type
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":2:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, Opaque, version 1
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":2:0:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server1 SHA1, Opaque, CA
|
||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
|
||||
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":2:1:"data_files/test-ca.crt"
|
||||
|
||||
Certificate write check Server5 ECDSA
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:0:0:1:-1:"data_files/server5.crt":0:0:"data_files/test-ca2.crt"
|
||||
|
||||
Certificate write check Server5 ECDSA, Opaque
|
||||
depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO
|
||||
x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:0:0:1:-1:"":2:0:"data_files/test-ca2.crt"
|
||||
|
||||
X509 String to Names #1
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@
|
|||
#include "mbedtls/rsa.h"
|
||||
|
||||
#include "hash_info.h"
|
||||
#include "legacy_or_psa.h"
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen,
|
||||
|
|
@ -231,7 +232,7 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
void x509_crt_check( char *subject_key_file, char *subject_pwd,
|
||||
char *subject_name, char *issuer_key_file,
|
||||
char *issuer_pwd, char *issuer_name,
|
||||
|
|
|
|||
Loading…
Reference in a new issue