diff --git a/include/polarssl/compat-1.2.h b/include/polarssl/compat-1.2.h index 70c544b18..8b2a0165a 100644 --- a/include/polarssl/compat-1.2.h +++ b/include/polarssl/compat-1.2.h @@ -175,6 +175,8 @@ inline int sha4_self_test( int verbose ) { #endif #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) +#include "x509.h" + #define POLARSSL_ERR_X509_CERT_INVALID_FORMAT POLARSSL_ERR_X509_INVALID_FORMAT #define POLARSSL_ERR_X509_CERT_INVALID_VERSION POLARSSL_ERR_X509_INVALID_VERSION #define POLARSSL_ERR_X509_CERT_INVALID_ALG POLARSSL_ERR_X509_INVALID_ALG @@ -186,6 +188,16 @@ inline int sha4_self_test( int verbose ) { #define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE POLARSSL_ERR_X509_INVALID_SIGNATURE #define POLARSSL_ERR_X509_CERT_INVALID_SERIAL POLARSSL_ERR_X509_INVALID_SERIAL #define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION POLARSSL_ERR_X509_UNKNOWN_VERSION + +int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) { + return x509_serial_gets( buf, size, serial ); +} +int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) { + return x509_dn_gets( buf, size, dn ); +} +int x509parse_time_expired( const x509_time *time ) { + return x509_time_expired( time ); +} #endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */ #if defined(POLARSSL_X509_CRT_PARSE_C) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 17eefad7e..caefae4e9 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -190,7 +190,7 @@ x509_time; * \return The amount of data written to the buffer, or -1 in * case of an error. */ -int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ); +int x509_dn_gets( char *buf, size_t size, const x509_name *dn ); /** * \brief Store the certificate serial in printable form into buf; @@ -203,7 +203,7 @@ int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ); * \return The amount of data written to the buffer, or -1 in * case of an error. */ -int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ); +int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ); /** * \brief Give an known OID, return its descriptive string. @@ -237,7 +237,7 @@ int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ); * \return Return 0 if the x509_time is still valid, * or 1 otherwise. */ -int x509parse_time_expired( const x509_time *time ); +int x509_time_expired( const x509_time *time ); /** * \brief Checkup routine @@ -247,7 +247,8 @@ int x509parse_time_expired( const x509_time *time ); int x509_self_test( int verbose ); /* - * Internal module functions + * Internal module functions. You probably do not want to use these unless you + * know you do. */ int x509_get_name( unsigned char **p, const unsigned char *end, x509_name *cur ); @@ -256,16 +257,15 @@ int x509_get_alg_null( unsigned char **p, const unsigned char *end, int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, pk_type_t *pk_alg ); -int x509_load_file( const char *path, unsigned char **buf, size_t *n ); -int x509_key_size_helper( char *buf, size_t size, const char *name ); int x509_get_time( unsigned char **p, const unsigned char *end, x509_time *time ); int x509_get_serial( unsigned char **p, const unsigned char *end, x509_buf *serial ); int x509_get_ext( unsigned char **p, const unsigned char *end, x509_buf *ext, int tag ); - -int x509write_string_to_names( asn1_named_data **head, char *name ); +int x509_load_file( const char *path, unsigned char **buf, size_t *n ); +int x509_key_size_helper( char *buf, size_t size, const char *name ); +int x509_string_to_names( asn1_named_data **head, char *name ); int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len ); int x509_write_extensions( unsigned char **p, unsigned char *start, asn1_named_data *first ); diff --git a/library/x509.c b/library/x509.c index 47b1843af..7f6483ee4 100644 --- a/library/x509.c +++ b/library/x509.c @@ -480,7 +480,7 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...) * Store the name in printable form into buf; no more * than size characters will be written */ -int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) +int x509_dn_gets( char *buf, size_t size, const x509_name *dn ) { int ret; size_t i, n; @@ -540,7 +540,7 @@ int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) * Store the serial in printable form into buf; no more * than size characters will be written */ -int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) +int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ) { int ret; size_t i, n, nr; @@ -615,7 +615,7 @@ int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) * Return 0 if the x509_time is still valid, or 1 otherwise. */ #if defined(POLARSSL_HAVE_TIME) -int x509parse_time_expired( const x509_time *to ) +int x509_time_expired( const x509_time *to ) { int year, mon, day; int hour, min, sec; @@ -682,7 +682,7 @@ int x509parse_time_expired( const x509_time *to ) return( 0 ); } #else /* POLARSSL_HAVE_TIME */ -int x509parse_time_expired( const x509_time *to ) +int x509_time_expired( const x509_time *to ) { ((void) to); return( 0 ); diff --git a/library/x509_create.c b/library/x509_create.c index b59abbfe8..d7a1fee9f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -31,7 +31,7 @@ #include "polarssl/asn1write.h" #include "polarssl/oid.h" -int x509write_string_to_names( asn1_named_data **head, char *name ) +int x509_string_to_names( asn1_named_data **head, char *name ) { int ret = 0; char *s = name, *c = s; diff --git a/library/x509_crl.c b/library/x509_crl.c index aa9caeac6..1a10bc499 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -621,7 +621,7 @@ int x509parse_crl_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%sissuer name : ", prefix ); SAFE_SNPRINTF(); - ret = x509parse_dn_gets( p, n, &crl->issuer ); + ret = x509_dn_gets( p, n, &crl->issuer ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%sthis update : " \ @@ -650,7 +650,7 @@ int x509parse_crl_info( char *buf, size_t size, const char *prefix, prefix ); SAFE_SNPRINTF(); - ret = x509parse_serial_gets( p, n, &entry->serial); + ret = x509_serial_gets( p, n, &entry->serial); SAFE_SNPRINTF(); ret = snprintf( p, n, " revocation date: " \ diff --git a/library/x509_crt.c b/library/x509_crt.c index 609463ab1..f57fddc93 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1100,17 +1100,17 @@ int x509parse_cert_info( char *buf, size_t size, const char *prefix, prefix ); SAFE_SNPRINTF(); - ret = x509parse_serial_gets( p, n, &crt->serial); + ret = x509_serial_gets( p, n, &crt->serial); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%sissuer name : ", prefix ); SAFE_SNPRINTF(); - ret = x509parse_dn_gets( p, n, &crt->issuer ); + ret = x509_dn_gets( p, n, &crt->issuer ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%ssubject name : ", prefix ); SAFE_SNPRINTF(); - ret = x509parse_dn_gets( p, n, &crt->subject ); + ret = x509_dn_gets( p, n, &crt->subject ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%sissued on : " \ @@ -1163,7 +1163,7 @@ int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ) if( crt->serial.len == cur->serial.len && memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 ) { - if( x509parse_time_expired( &cur->revocation_date ) ) + if( x509_time_expired( &cur->revocation_date ) ) return( 1 ); } @@ -1229,7 +1229,7 @@ static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca, /* * Check for validity of CRL (Do not drop out) */ - if( x509parse_time_expired( &crl_list->next_update ) ) + if( x509_time_expired( &crl_list->next_update ) ) flags |= BADCRL_EXPIRED; /* @@ -1310,7 +1310,7 @@ static int x509parse_verify_top( unsigned char hash[POLARSSL_MD_MAX_SIZE]; const md_info_t *md_info; - if( x509parse_time_expired( &child->valid_to ) ) + if( x509_time_expired( &child->valid_to ) ) *flags |= BADCERT_EXPIRED; /* @@ -1388,7 +1388,7 @@ static int x509parse_verify_top( *flags |= x509parse_verifycrl( child, trust_ca, ca_crl ); #endif - if( x509parse_time_expired( &trust_ca->valid_to ) ) + if( x509_time_expired( &trust_ca->valid_to ) ) ca_flags |= BADCERT_EXPIRED; if( NULL != f_vrfy ) @@ -1422,7 +1422,7 @@ static int x509parse_verify_child( x509_cert *grandparent; const md_info_t *md_info; - if( x509parse_time_expired( &child->valid_to ) ) + if( x509_time_expired( &child->valid_to ) ) *flags |= BADCERT_EXPIRED; md_info = md_info_from_type( child->sig_md ); diff --git a/library/x509_crt_write.c b/library/x509_crt_write.c index a73517040..1761c1f14 100644 --- a/library/x509_crt_write.c +++ b/library/x509_crt_write.c @@ -78,12 +78,12 @@ void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key ) int x509write_crt_set_subject_name( x509write_cert *ctx, char *subject_name ) { - return x509write_string_to_names( &ctx->subject, subject_name ); + return x509_string_to_names( &ctx->subject, subject_name ); } int x509write_crt_set_issuer_name( x509write_cert *ctx, char *issuer_name ) { - return x509write_string_to_names( &ctx->issuer, issuer_name ); + return x509_string_to_names( &ctx->issuer, issuer_name ); } int x509write_crt_set_serial( x509write_cert *ctx, const mpi *serial ) diff --git a/library/x509_csr.c b/library/x509_csr.c index 200d44534..30cd1c106 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -379,7 +379,7 @@ int x509parse_csr_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssubject name : ", prefix ); SAFE_SNPRINTF(); - ret = x509parse_dn_gets( p, n, &csr->subject ); + ret = x509_dn_gets( p, n, &csr->subject ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n%ssigned using : ", prefix ); diff --git a/library/x509_csr_write.c b/library/x509_csr_write.c index b744300ab..1eb2afb3d 100644 --- a/library/x509_csr_write.c +++ b/library/x509_csr_write.c @@ -68,7 +68,7 @@ void x509write_csr_set_key( x509write_csr *ctx, pk_context *key ) int x509write_csr_set_subject_name( x509write_csr *ctx, char *subject_name ) { - return x509write_string_to_names( &ctx->subject, subject_name ); + return x509_string_to_names( &ctx->subject, subject_name ); } int x509write_csr_set_extension( x509write_csr *ctx, diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 691c13b54..84b12f667 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -416,12 +416,12 @@ int main( int argc, char *argv[] ) goto exit; } - ret = x509parse_dn_gets( issuer_name, sizeof(issuer_name), + ret = x509_dn_gets( issuer_name, sizeof(issuer_name), &issuer_crt.issuer ); if( ret < 0 ) { error_strerror( ret, buf, 1024 ); - printf( " failed\n ! x509parse_dn_gets returned -0x%02x - %s\n\n", -ret, buf ); + printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf ); goto exit; } @@ -448,12 +448,12 @@ int main( int argc, char *argv[] ) goto exit; } - ret = x509parse_dn_gets( subject_name, sizeof(subject_name), + ret = x509_dn_gets( subject_name, sizeof(subject_name), &csr.subject ); if( ret < 0 ) { error_strerror( ret, buf, 1024 ); - printf( " failed\n ! x509parse_dn_gets returned -0x%02x - %s\n\n", -ret, buf ); + printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf ); goto exit; } diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 0d15211a8..62a6fd52f 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -131,9 +131,9 @@ void x509_dn_gets( char *crt_file, char *entity, char *result_str ) TEST_ASSERT( x509parse_crtfile( &crt, crt_file ) == 0 ); if( strcmp( entity, "subject" ) == 0 ) - res = x509parse_dn_gets( buf, 2000, &crt.subject ); + res = x509_dn_gets( buf, 2000, &crt.subject ); else if( strcmp( entity, "issuer" ) == 0 ) - res = x509parse_dn_gets( buf, 2000, &crt.issuer ); + res = x509_dn_gets( buf, 2000, &crt.issuer ); else TEST_ASSERT( "Unknown entity" == 0 ); @@ -156,9 +156,9 @@ void x509_time_expired( char *crt_file, char *entity, int result ) TEST_ASSERT( x509parse_crtfile( &crt, crt_file ) == 0 ); if( strcmp( entity, "valid_from" ) == 0 ) - TEST_ASSERT( x509parse_time_expired( &crt.valid_from ) == result ); + TEST_ASSERT( x509_time_expired( &crt.valid_from ) == result ); else if( strcmp( entity, "valid_to" ) == 0 ) - TEST_ASSERT( x509parse_time_expired( &crt.valid_to ) == result ); + TEST_ASSERT( x509_time_expired( &crt.valid_to ) == result ); else TEST_ASSERT( "Unknown entity" == 0 );