yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Renamed x509_cert structure to x509_crt for consistency

Browse source
This commit is contained in:
Paul Bakker 2013-09-18 14:13:26 +02:00
parent 9556d3d650
commit c559c7a680
25 changed files with 114 additions and 112 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
include/polarssl/compat-1.2.h
View file

@ -203,6 +203,8 @@ inline int x509parse_time_expired( const x509_time *time ) {
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
#define POLARSSL_X509_PARSE_C #define POLARSSL_X509_PARSE_C
#include "x509_crt.h" #include "x509_crt.h"
typedef x509_crt x509_cert;
inline int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, inline int x509parse_crt_der( x509_cert *chain, const unsigned char *buf,
size_t buflen ) { size_t buflen ) {
return x509_crt_parse_der( chain, buf, buflen ); return x509_crt_parse_der( chain, buf, buflen );

2
include/polarssl/debug.h
View file

@ -102,7 +102,7 @@ void debug_print_ecp( const ssl_context *ssl, int level,
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
void debug_print_crt( const ssl_context *ssl, int level, void debug_print_crt( const ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const x509_cert *crt ); const char *text, const x509_crt *crt );
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

4
include/polarssl/pkcs11.h
View file

@ -33,7 +33,7 @@
#if defined(POLARSSL_PKCS11_C) #if defined(POLARSSL_PKCS11_C)
#include "x509.h" #include "x509_crt.h"
#include <pkcs11-helper-1.0/pkcs11h-certificate.h> #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
@ -65,7 +65,7 @@ typedef struct {
* *
* \return 0 on success. * \return 0 on success.
*/ */
int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11h_cert ); int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
/** /**
* Initialise a pkcs11_context, storing the given certificate. Note that the * Initialise a pkcs11_context, storing the given certificate. Note that the

20
include/polarssl/ssl.h
View file

@ -411,7 +411,7 @@ struct _ssl_session
unsigned char master[48]; /*!< the master secret */ unsigned char master[48]; /*!< the master secret */
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
x509_cert *peer_cert; /*!< peer X.509 cert chain */ x509_crt *peer_cert; /*!< peer X.509 cert chain */
#endif /* POLARSSL_X509_CRT_PARSE_C */ #endif /* POLARSSL_X509_CRT_PARSE_C */
int verify_result; /*!< verification result */ int verify_result; /*!< verification result */
@ -584,7 +584,7 @@ struct _ssl_context
#endif #endif
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
int (*f_vrfy)(void *, x509_cert *, int, int *); int (*f_vrfy)(void *, x509_crt *, int, int *);
void *p_vrfy; /*!< context for verification */ void *p_vrfy; /*!< context for verification */
#endif #endif
@ -647,8 +647,8 @@ struct _ssl_context
int pk_key_own_alloc; /*!< did we allocate pk_key? */ int pk_key_own_alloc; /*!< did we allocate pk_key? */
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
x509_cert *own_cert; /*!< own X.509 certificate */ x509_crt *own_cert; /*!< own X.509 certificate */
x509_cert *ca_chain; /*!< own trusted CA chain */ x509_crt *ca_chain; /*!< own trusted CA chain */
const char *peer_cn; /*!< expected peer CN */ const char *peer_cn; /*!< expected peer CN */
#endif /* POLARSSL_X509_CRT_PARSE_C */ #endif /* POLARSSL_X509_CRT_PARSE_C */
#if defined(POLARSSL_X509_CRL_PARSE_C) #if defined(POLARSSL_X509_CRL_PARSE_C)
@ -825,7 +825,7 @@ void ssl_set_authmode( ssl_context *ssl, int authmode );
* \param p_vrfy verification parameter * \param p_vrfy verification parameter
*/ */
void ssl_set_verify( ssl_context *ssl, void ssl_set_verify( ssl_context *ssl,
int (*f_vrfy)(void *, x509_cert *, int, int *), int (*f_vrfy)(void *, x509_crt *, int, int *),
void *p_vrfy ); void *p_vrfy );
#endif /* POLARSSL_X509_CRT_PARSE_C */ #endif /* POLARSSL_X509_CRT_PARSE_C */
@ -956,7 +956,7 @@ void ssl_set_ciphersuites_for_version( ssl_context *ssl,
* \param ca_crl trusted CA CRLs * \param ca_crl trusted CA CRLs
* \param peer_cn expected peer CommonName (or NULL) * \param peer_cn expected peer CommonName (or NULL)
*/ */
void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain, void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain,
x509_crl *ca_crl, const char *peer_cn ); x509_crl *ca_crl, const char *peer_cn );
/** /**
@ -970,7 +970,7 @@ void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
* \param own_cert own public certificate chain * \param own_cert own public certificate chain
* \param pk_key own private key * \param pk_key own private key
*/ */
void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert, void ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
pk_context *pk_key ); pk_context *pk_key );
#if defined(POLARSSL_RSA_C) #if defined(POLARSSL_RSA_C)
@ -987,7 +987,7 @@ void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert, int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
rsa_context *rsa_key ); rsa_context *rsa_key );
#endif /* POLARSSL_RSA_C */ #endif /* POLARSSL_RSA_C */
@ -1012,7 +1012,7 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert, int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert,
void *rsa_key, void *rsa_key,
rsa_decrypt_func rsa_decrypt, rsa_decrypt_func rsa_decrypt,
rsa_sign_func rsa_sign, rsa_sign_func rsa_sign,
@ -1293,7 +1293,7 @@ const char *ssl_get_version( const ssl_context *ssl );
* *
* \return the current peer certificate * \return the current peer certificate
*/ */
const x509_cert *ssl_get_peer_cert( const ssl_context *ssl ); const x509_crt *ssl_get_peer_cert( const ssl_context *ssl );
#endif /* POLARSSL_X509_CRT_PARSE_C */ #endif /* POLARSSL_X509_CRT_PARSE_C */
/** /**

2
include/polarssl/x509.h
View file

@ -57,7 +57,7 @@
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */ #define POLARSSL_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */
#define POLARSSL_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */ #define POLARSSL_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */ #define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */
#define POLARSSL_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::x509_cert sig_oid) */ #define POLARSSL_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::x509_crt sig_oid) */
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ #define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */ #define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */
#define POLARSSL_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */ #define POLARSSL_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */

30
include/polarssl/x509_crt.h
View file

@ -52,7 +52,7 @@ extern "C" {
/** /**
* Container for an X.509 certificate. The certificate may be chained. * Container for an X.509 certificate. The certificate may be chained.
*/ */
typedef struct _x509_cert typedef struct _x509_crt
{ {
x509_buf raw; /**< The raw certificate data (DER). */ x509_buf raw; /**< The raw certificate data (DER). */
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
@ -92,9 +92,9 @@ typedef struct _x509_cert
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */;
struct _x509_cert *next; /**< Next certificate in the CA-chain. */ struct _x509_crt *next; /**< Next certificate in the CA-chain. */
} }
x509_cert; x509_crt;
#define X509_CRT_VERSION_1 0 #define X509_CRT_VERSION_1 0
#define X509_CRT_VERSION_2 1 #define X509_CRT_VERSION_2 1
@ -132,7 +132,7 @@ x509write_cert;
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf, int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf,
size_t buflen ); size_t buflen );
/** /**
@ -149,7 +149,7 @@ int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen ); int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen );
#if defined(POLARSSL_FS_IO) #if defined(POLARSSL_FS_IO)
/** /**
@ -165,7 +165,7 @@ int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen );
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int x509_crt_parse_file( x509_cert *chain, const char *path ); int x509_crt_parse_file( x509_crt *chain, const char *path );
/** /**
* \brief Load one or more certificate files from a path and add them * \brief Load one or more certificate files from a path and add them
@ -180,7 +180,7 @@ int x509_crt_parse_file( x509_cert *chain, const char *path );
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int x509_crt_parse_path( x509_cert *chain, const char *path ); int x509_crt_parse_path( x509_crt *chain, const char *path );
#endif /* POLARSSL_FS_IO */ #endif /* POLARSSL_FS_IO */
/** /**
@ -196,7 +196,7 @@ int x509_crt_parse_path( x509_cert *chain, const char *path );
* case of an error. * case of an error.
*/ */
int x509_crt_info( char *buf, size_t size, const char *prefix, int x509_crt_info( char *buf, size_t size, const char *prefix,
const x509_cert *crt ); const x509_crt *crt );
/** /**
* \brief Verify the certificate signature * \brief Verify the certificate signature
@ -206,7 +206,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
* the verification callback is called for each * the verification callback is called for each
* certificate in the chain (from the trust-ca down to the * certificate in the chain (from the trust-ca down to the
* presented crt). The parameters for the callback are: * presented crt). The parameters for the callback are:
* (void *parameter, x509_cert *crt, int certificate_depth, * (void *parameter, x509_crt *crt, int certificate_depth,
* int *flags). With the flags representing current flags for * int *flags). With the flags representing current flags for
* that specific certificate and the certificate depth from * that specific certificate and the certificate depth from
* the bottom (Peer cert depth = 0). * the bottom (Peer cert depth = 0).
@ -234,11 +234,11 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
* or another error in case of a fatal error encountered * or another error in case of a fatal error encountered
* during the verification process. * during the verification process.
*/ */
int x509_crt_verify( x509_cert *crt, int x509_crt_verify( x509_crt *crt,
x509_cert *trust_ca, x509_crt *trust_ca,
x509_crl *ca_crl, x509_crl *ca_crl,
const char *cn, int *flags, const char *cn, int *flags,
int (*f_vrfy)(void *, x509_cert *, int, int *), int (*f_vrfy)(void *, x509_crt *, int, int *),
void *p_vrfy ); void *p_vrfy );
#if defined(POLARSSL_X509_CRL_PARSE_C) #if defined(POLARSSL_X509_CRL_PARSE_C)
@ -251,7 +251,7 @@ int x509_crt_verify( x509_cert *crt,
* \return 1 if the certificate is revoked, 0 otherwise * \return 1 if the certificate is revoked, 0 otherwise
* *
*/ */
int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl ); int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl );
#endif /* POLARSSL_X509_CRL_PARSE_C */ #endif /* POLARSSL_X509_CRL_PARSE_C */
/** /**
@ -259,14 +259,14 @@ int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl );
* *
* \param crt Certificate chain to initialize * \param crt Certificate chain to initialize
*/ */
void x509_crt_init( x509_cert *crt ); void x509_crt_init( x509_crt *crt );
/** /**
* \brief Unallocate all certificate data * \brief Unallocate all certificate data
* *
* \param crt Certificate chain to free * \param crt Certificate chain to free
*/ */
void x509_crt_free( x509_cert *crt ); void x509_crt_free( x509_crt *crt );
#endif /* POLARSSL_X509_CRT_PARSE_C */ #endif /* POLARSSL_X509_CRT_PARSE_C */
/* \} name */ /* \} name */

2
library/debug.c
View file

@ -260,7 +260,7 @@ static void debug_print_pk( const ssl_context *ssl, int level,
void debug_print_crt( const ssl_context *ssl, int level, void debug_print_crt( const ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const x509_cert *crt ) const char *text, const x509_crt *crt )
{ {
char str[1024], prefix[64]; char str[1024], prefix[64];
int i = 0, maxlen = sizeof( prefix ) - 1; int i = 0, maxlen = sizeof( prefix ) - 1;

10
library/pkcs11.c
View file

@ -40,7 +40,7 @@
#include <stdlib.h> #include <stdlib.h>
int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11_cert ) int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
{ {
int ret = 1; int ret = 1;
unsigned char *cert_blob = NULL; unsigned char *cert_blob = NULL;
@ -71,7 +71,7 @@ int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11_cert )
goto cleanup; goto cleanup;
} }
if( 0 != x509parse_crt(cert, cert_blob, cert_blob_size ) ) if( 0 != x509_crt_parse(cert, cert_blob, cert_blob_size ) )
{ {
ret = 6; ret = 6;
goto cleanup; goto cleanup;
@ -91,9 +91,9 @@ int pkcs11_priv_key_init( pkcs11_context *priv_key,
pkcs11h_certificate_t pkcs11_cert ) pkcs11h_certificate_t pkcs11_cert )
{ {
int ret = 1; int ret = 1;
x509_cert cert; x509_crt cert;
memset( &cert, 0, sizeof( cert ) ); x509_crt_init( &cert );
if( priv_key == NULL ) if( priv_key == NULL )
goto cleanup; goto cleanup;
@ -107,7 +107,7 @@ int pkcs11_priv_key_init( pkcs11_context *priv_key,
ret = 0; ret = 0;
cleanup: cleanup:
x509_free( &cert ); x509_crt_free( &cert );
return ret; return ret;
} }

4
library/ssl_cache.c
View file

@ -91,11 +91,11 @@ int ssl_cache_get( void *data, ssl_session *session )
*/ */
if( entry->peer_cert.p != NULL ) if( entry->peer_cert.p != NULL )
{ {
session->peer_cert = (x509_cert *) polarssl_malloc( sizeof(x509_cert) ); session->peer_cert = (x509_crt *) polarssl_malloc( sizeof(x509_crt) );
if( session->peer_cert == NULL ) if( session->peer_cert == NULL )
return( 1 ); return( 1 );
memset( session->peer_cert, 0, sizeof(x509_cert) ); memset( session->peer_cert, 0, sizeof(x509_crt) );
if( x509_crt_parse( session->peer_cert, entry->peer_cert.p, if( x509_crt_parse( session->peer_cert, entry->peer_cert.p,
entry->peer_cert.len ) != 0 ) entry->peer_cert.len ) != 0 )
{ {

6
library/ssl_srv.c
View file

@ -135,12 +135,12 @@ static int ssl_load_session( ssl_session *session,
if( p + cert_len > end ) if( p + cert_len > end )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
session->peer_cert = polarssl_malloc( sizeof( x509_cert ) ); session->peer_cert = polarssl_malloc( sizeof( x509_crt ) );
if( session->peer_cert == NULL ) if( session->peer_cert == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED ); return( POLARSSL_ERR_SSL_MALLOC_FAILED );
memset( session->peer_cert, 0, sizeof( x509_cert ) ); memset( session->peer_cert, 0, sizeof( x509_crt ) );
if( ( ret = x509_crt_parse( session->peer_cert, p, cert_len ) ) != 0 ) if( ( ret = x509_crt_parse( session->peer_cert, p, cert_len ) ) != 0 )
{ {
@ -1695,7 +1695,7 @@ static int ssl_write_certificate_request( ssl_context *ssl )
size_t dn_size, total_dn_size; /* excluding length bytes */ size_t dn_size, total_dn_size; /* excluding length bytes */
size_t ct_len, sa_len; /* including length bytes */ size_t ct_len, sa_len; /* including length bytes */
unsigned char *buf, *p; unsigned char *buf, *p;
const x509_cert *crt; const x509_crt *crt;
SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) );

26
library/ssl_tls.c
View file

@ -80,10 +80,10 @@ static int ssl_session_copy( ssl_session *dst, const ssl_session *src )
{ {
int ret; int ret;
if( ( dst->peer_cert = polarssl_malloc( sizeof(x509_cert) ) ) == NULL ) if( ( dst->peer_cert = polarssl_malloc( sizeof(x509_crt) ) ) == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED ); return( POLARSSL_ERR_SSL_MALLOC_FAILED );
memset( dst->peer_cert, 0, sizeof(x509_cert) ); memset( dst->peer_cert, 0, sizeof(x509_crt) );
if( ( ret = x509_crt_parse( dst->peer_cert, src->peer_cert->raw.p, if( ( ret = x509_crt_parse( dst->peer_cert, src->peer_cert->raw.p,
src->peer_cert->raw.len ) != 0 ) ) src->peer_cert->raw.len ) != 0 ) )
@ -2272,7 +2272,7 @@ int ssl_write_certificate( ssl_context *ssl )
{ {
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
size_t i, n; size_t i, n;
const x509_cert *crt; const x509_crt *crt;
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
@ -2486,15 +2486,15 @@ int ssl_parse_certificate( ssl_context *ssl )
polarssl_free( ssl->session_negotiate->peer_cert ); polarssl_free( ssl->session_negotiate->peer_cert );
} }
if( ( ssl->session_negotiate->peer_cert = (x509_cert *) polarssl_malloc( if( ( ssl->session_negotiate->peer_cert = (x509_crt *) polarssl_malloc(
sizeof( x509_cert ) ) ) == NULL ) sizeof( x509_crt ) ) ) == NULL )
{ {
SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed",
sizeof( x509_cert ) ) ); sizeof( x509_crt ) ) );
return( POLARSSL_ERR_SSL_MALLOC_FAILED ); return( POLARSSL_ERR_SSL_MALLOC_FAILED );
} }
memset( ssl->session_negotiate->peer_cert, 0, sizeof( x509_cert ) ); memset( ssl->session_negotiate->peer_cert, 0, sizeof( x509_crt ) );
i = 7; i = 7;
@ -3379,7 +3379,7 @@ void ssl_set_authmode( ssl_context *ssl, int authmode )
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
void ssl_set_verify( ssl_context *ssl, void ssl_set_verify( ssl_context *ssl,
int (*f_vrfy)(void *, x509_cert *, int, int *), int (*f_vrfy)(void *, x509_crt *, int, int *),
void *p_vrfy ) void *p_vrfy )
{ {
ssl->f_vrfy = f_vrfy; ssl->f_vrfy = f_vrfy;
@ -3464,7 +3464,7 @@ void ssl_set_ciphersuites_for_version( ssl_context *ssl, const int *ciphersuites
} }
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain, void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain,
x509_crl *ca_crl, const char *peer_cn ) x509_crl *ca_crl, const char *peer_cn )
{ {
ssl->ca_chain = ca_chain; ssl->ca_chain = ca_chain;
@ -3472,7 +3472,7 @@ void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
ssl->peer_cn = peer_cn; ssl->peer_cn = peer_cn;
} }
void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert, void ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
pk_context *pk_key ) pk_context *pk_key )
{ {
ssl->own_cert = own_cert; ssl->own_cert = own_cert;
@ -3480,7 +3480,7 @@ void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
} }
#if defined(POLARSSL_RSA_C) #if defined(POLARSSL_RSA_C)
int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert, int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
rsa_context *rsa_key ) rsa_context *rsa_key )
{ {
int ret; int ret;
@ -3505,7 +3505,7 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert,
} }
#endif /* POLARSSL_RSA_C */ #endif /* POLARSSL_RSA_C */
int ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert, int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert,
void *rsa_key, void *rsa_key,
rsa_decrypt_func rsa_decrypt, rsa_decrypt_func rsa_decrypt,
rsa_sign_func rsa_sign, rsa_sign_func rsa_sign,
@ -3731,7 +3731,7 @@ const char *ssl_get_version( const ssl_context *ssl )
} }
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
const x509_cert *ssl_get_peer_cert( const ssl_context *ssl ) const x509_crt *ssl_get_peer_cert( const ssl_context *ssl )
{ {
if( ssl == NULL || ssl->session == NULL ) if( ssl == NULL || ssl->session == NULL )
return NULL; return NULL;

8
library/x509.c
View file

@ -702,13 +702,13 @@ int x509_self_test( int verbose )
#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C) #if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C)
int ret; int ret;
int flags; int flags;
x509_cert cacert; x509_crt cacert;
x509_cert clicert; x509_crt clicert;
if( verbose != 0 ) if( verbose != 0 )
printf( " X.509 certificate load: " ); printf( " X.509 certificate load: " );
memset( &clicert, 0, sizeof( x509_cert ) ); memset( &clicert, 0, sizeof( x509_crt ) );
ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt, ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt,
strlen( test_cli_crt ) ); strlen( test_cli_crt ) );
@ -720,7 +720,7 @@ int x509_self_test( int verbose )
return( ret ); return( ret );
} }
memset( &cacert, 0, sizeof( x509_cert ) ); memset( &cacert, 0, sizeof( x509_crt ) );
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_crt, ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_crt,
strlen( test_ca_crt ) ); strlen( test_ca_crt ) );

52
library/x509_crt.c
View file

@ -379,7 +379,7 @@ static int x509_get_subject_alt_name( unsigned char **p,
*/ */
static int x509_get_crt_ext( unsigned char **p, static int x509_get_crt_ext( unsigned char **p,
const unsigned char *end, const unsigned char *end,
x509_cert *crt ) x509_crt *crt )
{ {
int ret; int ret;
size_t len; size_t len;
@ -515,7 +515,7 @@ static int x509_get_crt_ext( unsigned char **p,
/* /*
* Parse and fill a single X.509 certificate in DER format * Parse and fill a single X.509 certificate in DER format
*/ */
static int x509_crt_parse_der_core( x509_cert *crt, const unsigned char *buf, static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
size_t buflen ) size_t buflen )
{ {
int ret; int ret;
@ -756,11 +756,11 @@ static int x509_crt_parse_der_core( x509_cert *crt, const unsigned char *buf,
* Parse one X.509 certificate in DER format from a buffer and add them to a * Parse one X.509 certificate in DER format from a buffer and add them to a
* chained list * chained list
*/ */
int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf, int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf,
size_t buflen ) size_t buflen )
{ {
int ret; int ret;
x509_cert *crt = chain, *prev = NULL; x509_crt *crt = chain, *prev = NULL;
/* /*
* Check for valid input * Check for valid input
@ -779,7 +779,7 @@ int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
*/ */
if ( crt->version != 0 && crt->next == NULL) if ( crt->version != 0 && crt->next == NULL)
{ {
crt->next = (x509_cert *) polarssl_malloc( sizeof( x509_cert ) ); crt->next = (x509_crt *) polarssl_malloc( sizeof( x509_crt ) );
if( crt->next == NULL ) if( crt->next == NULL )
return( POLARSSL_ERR_X509_MALLOC_FAILED ); return( POLARSSL_ERR_X509_MALLOC_FAILED );
@ -806,7 +806,7 @@ int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
/* /*
* Parse one or more PEM certificates from a buffer and add them to the chained list * Parse one or more PEM certificates from a buffer and add them to the chained list
*/ */
int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen ) int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen )
{ {
int success = 0, first_error = 0, total_failed = 0; int success = 0, first_error = 0, total_failed = 0;
int buf_format = X509_FORMAT_DER; int buf_format = X509_FORMAT_DER;
@ -911,7 +911,7 @@ int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen )
/* /*
* Load one or more certificates and add them to the chained list * Load one or more certificates and add them to the chained list
*/ */
int x509_crt_parse_file( x509_cert *chain, const char *path ) int x509_crt_parse_file( x509_crt *chain, const char *path )
{ {
int ret; int ret;
size_t n; size_t n;
@ -928,7 +928,7 @@ int x509_crt_parse_file( x509_cert *chain, const char *path )
return( ret ); return( ret );
} }
int x509_crt_parse_path( x509_cert *chain, const char *path ) int x509_crt_parse_path( x509_crt *chain, const char *path )
{ {
int ret = 0; int ret = 0;
#if defined(_WIN32) #if defined(_WIN32)
@ -1083,7 +1083,7 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...)
#define BEFORE_COLON 14 #define BEFORE_COLON 14
#define BC "14" #define BC "14"
int x509_crt_info( char *buf, size_t size, const char *prefix, int x509_crt_info( char *buf, size_t size, const char *prefix,
const x509_cert *crt ) const x509_crt *crt )
{ {
int ret; int ret;
size_t n; size_t n;
@ -1155,7 +1155,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
/* /*
* Return 1 if the certificate is revoked, or 0 otherwise. * Return 1 if the certificate is revoked, or 0 otherwise.
*/ */
int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl ) int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl )
{ {
const x509_crl_entry *cur = &crl->entry; const x509_crl_entry *cur = &crl->entry;
@ -1177,7 +1177,7 @@ int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl )
/* /*
* Check that the given certificate is valid accoring to the CRL. * Check that the given certificate is valid accoring to the CRL.
*/ */
static int x509_crt_verifycrl( x509_cert *crt, x509_cert *ca, static int x509_crt_verifycrl( x509_crt *crt, x509_crt *ca,
x509_crl *crl_list) x509_crl *crl_list)
{ {
int flags = 0; int flags = 0;
@ -1301,9 +1301,9 @@ static int x509_wildcard_verify( const char *cn, x509_buf *name )
} }
static int x509_crt_verify_top( static int x509_crt_verify_top(
x509_cert *child, x509_cert *trust_ca, x509_crt *child, x509_crt *trust_ca,
x509_crl *ca_crl, int path_cnt, int *flags, x509_crl *ca_crl, int path_cnt, int *flags,
int (*f_vrfy)(void *, x509_cert *, int, int *), int (*f_vrfy)(void *, x509_crt *, int, int *),
void *p_vrfy ) void *p_vrfy )
{ {
int ret; int ret;
@ -1412,15 +1412,15 @@ static int x509_crt_verify_top(
} }
static int x509_crt_verify_child( static int x509_crt_verify_child(
x509_cert *child, x509_cert *parent, x509_cert *trust_ca, x509_crt *child, x509_crt *parent, x509_crt *trust_ca,
x509_crl *ca_crl, int path_cnt, int *flags, x509_crl *ca_crl, int path_cnt, int *flags,
int (*f_vrfy)(void *, x509_cert *, int, int *), int (*f_vrfy)(void *, x509_crt *, int, int *),
void *p_vrfy ) void *p_vrfy )
{ {
int ret; int ret;
int parent_flags = 0; int parent_flags = 0;
unsigned char hash[POLARSSL_MD_MAX_SIZE]; unsigned char hash[POLARSSL_MD_MAX_SIZE];
x509_cert *grandparent; x509_crt *grandparent;
const md_info_t *md_info; const md_info_t *md_info;
if( x509_time_expired( &child->valid_to ) ) if( x509_time_expired( &child->valid_to ) )
@ -1496,17 +1496,17 @@ static int x509_crt_verify_child(
/* /*
* Verify the certificate validity * Verify the certificate validity
*/ */
int x509_crt_verify( x509_cert *crt, int x509_crt_verify( x509_crt *crt,
x509_cert *trust_ca, x509_crt *trust_ca,
x509_crl *ca_crl, x509_crl *ca_crl,
const char *cn, int *flags, const char *cn, int *flags,
int (*f_vrfy)(void *, x509_cert *, int, int *), int (*f_vrfy)(void *, x509_crt *, int, int *),
void *p_vrfy ) void *p_vrfy )
{ {
size_t cn_len; size_t cn_len;
int ret; int ret;
int pathlen = 0; int pathlen = 0;
x509_cert *parent; x509_crt *parent;
x509_name *name; x509_name *name;
x509_sequence *cur = NULL; x509_sequence *cur = NULL;
@ -1606,18 +1606,18 @@ int x509_crt_verify( x509_cert *crt,
/* /*
* Initialize a certificate chain * Initialize a certificate chain
*/ */
void x509_crt_init( x509_cert *crt ) void x509_crt_init( x509_crt *crt )
{ {
memset( crt, 0, sizeof(x509_cert) ); memset( crt, 0, sizeof(x509_crt) );
} }
/* /*
* Unallocate all certificate data * Unallocate all certificate data
*/ */
void x509_crt_free( x509_cert *crt ) void x509_crt_free( x509_crt *crt )
{ {
x509_cert *cert_cur = crt; x509_crt *cert_cur = crt;
x509_cert *cert_prv; x509_crt *cert_prv;
x509_name *name_cur; x509_name *name_cur;
x509_name *name_prv; x509_name *name_prv;
x509_sequence *seq_cur; x509_sequence *seq_cur;
@ -1682,7 +1682,7 @@ void x509_crt_free( x509_cert *crt )
cert_prv = cert_cur; cert_prv = cert_cur;
cert_cur = cert_cur->next; cert_cur = cert_cur->next;
memset( cert_prv, 0, sizeof( x509_cert ) ); memset( cert_prv, 0, sizeof( x509_crt ) );
if( cert_prv != crt ) if( cert_prv != crt )
polarssl_free( cert_prv ); polarssl_free( cert_prv );
} }

2
programs/ssl/ssl_client1.c
View file

@ -81,7 +81,7 @@ int main( int argc, char *argv[] )
entropy_context entropy; entropy_context entropy;
ctr_drbg_context ctr_drbg; ctr_drbg_context ctr_drbg;
ssl_context ssl; ssl_context ssl;
x509_cert cacert; x509_crt cacert;
((void) argc); ((void) argc);
((void) argv); ((void) argv);

6
programs/ssl/ssl_client2.c
View file

@ -115,7 +115,7 @@ static void my_debug( void *ctx, int level, const char *str )
/* /*
* Enabled if debug_level > 1 in code below * Enabled if debug_level > 1 in code below
*/ */
static int my_verify( void *data, x509_cert *crt, int depth, int *flags ) static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
{ {
char buf[1024]; char buf[1024];
((void) data); ((void) data);
@ -255,8 +255,8 @@ int main( int argc, char *argv[] )
ssl_context ssl; ssl_context ssl;
ssl_session saved_session; ssl_session saved_session;
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
x509_cert cacert; x509_crt cacert;
x509_cert clicert; x509_crt clicert;
pk_context pkey; pk_context pkey;
#endif #endif
char *p, *q; char *p, *q;

2
programs/ssl/ssl_fork_server.c
View file

@ -103,7 +103,7 @@ int main( int argc, char *argv[] )
entropy_context entropy; entropy_context entropy;
ctr_drbg_context ctr_drbg; ctr_drbg_context ctr_drbg;
ssl_context ssl; ssl_context ssl;
x509_cert srvcert; x509_crt srvcert;
pk_context pkey; pk_context pkey;
((void) argc); ((void) argc);

4
programs/ssl/ssl_mail_client.c
View file

@ -351,8 +351,8 @@ int main( int argc, char *argv[] )
entropy_context entropy; entropy_context entropy;
ctr_drbg_context ctr_drbg; ctr_drbg_context ctr_drbg;
ssl_context ssl; ssl_context ssl;
x509_cert cacert; x509_crt cacert;
x509_cert clicert; x509_crt clicert;
pk_context pkey; pk_context pkey;
int i; int i;
size_t n; size_t n;

2
programs/ssl/ssl_server.c
View file

@ -95,7 +95,7 @@ int main( int argc, char *argv[] )
entropy_context entropy; entropy_context entropy;
ctr_drbg_context ctr_drbg; ctr_drbg_context ctr_drbg;
ssl_context ssl; ssl_context ssl;
x509_cert srvcert; x509_crt srvcert;
pk_context pkey; pk_context pkey;
#if defined(POLARSSL_SSL_CACHE_C) #if defined(POLARSSL_SSL_CACHE_C)
ssl_cache_context cache; ssl_cache_context cache;

4
programs/ssl/ssl_server2.c
View file

@ -213,8 +213,8 @@ int main( int argc, char *argv[] )
ctr_drbg_context ctr_drbg; ctr_drbg_context ctr_drbg;
ssl_context ssl; ssl_context ssl;
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
x509_cert cacert; x509_crt cacert;
x509_cert srvcert; x509_crt srvcert;
pk_context pkey; pk_context pkey;
#endif #endif
#if defined(POLARSSL_SSL_CACHE_C) #if defined(POLARSSL_SSL_CACHE_C)

4
programs/test/ssl_cert_test.c
View file

@ -82,7 +82,7 @@ int main( int argc, char *argv[] )
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )
{ {
int ret, i; int ret, i;
x509_cert cacert; x509_crt cacert;
x509_crl crl; x509_crl crl;
char buf[10240]; char buf[10240];
@ -139,7 +139,7 @@ int main( int argc, char *argv[] )
*/ */
char name[512]; char name[512];
int flags; int flags;
x509_cert clicert; x509_crt clicert;
pk_context pk; pk_context pk;
x509_crt_init( &clicert ); x509_crt_init( &clicert );

2
programs/test/ssl_test.c
View file

@ -166,7 +166,7 @@ static int ssl_test( struct options *opt )
entropy_context entropy; entropy_context entropy;
ctr_drbg_context ctr_drbg; ctr_drbg_context ctr_drbg;
ssl_context ssl; ssl_context ssl;
x509_cert srvcert; x509_crt srvcert;
pk_context pkey; pk_context pkey;
ret = 1; ret = 1;

10
programs/x509/cert_app.c
View file

@ -95,7 +95,7 @@ static void my_debug( void *ctx, int level, const char *str )
} }
} }
static int my_verify( void *data, x509_cert *crt, int depth, int *flags ) static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
{ {
char buf[1024]; char buf[1024];
((void) data); ((void) data);
@ -156,8 +156,8 @@ int main( int argc, char *argv[] )
entropy_context entropy; entropy_context entropy;
ctr_drbg_context ctr_drbg; ctr_drbg_context ctr_drbg;
ssl_context ssl; ssl_context ssl;
x509_cert cacert; x509_crt cacert;
x509_cert clicert; x509_crt clicert;
pk_context pkey; pk_context pkey;
int i, j; int i, j;
int flags, verify = 0; int flags, verify = 0;
@ -267,8 +267,8 @@ int main( int argc, char *argv[] )
if( opt.mode == MODE_FILE ) if( opt.mode == MODE_FILE )
{ {
x509_cert crt; x509_crt crt;
x509_cert *cur = &crt; x509_crt *cur = &crt;
x509_crt_init( &crt ); x509_crt_init( &crt );
/* /*

2
programs/x509/cert_write.c
View file

@ -181,7 +181,7 @@ int write_certificate( x509write_cert *crt, char *output_file,
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )
{ {
int ret = 0; int ret = 0;
x509_cert issuer_crt; x509_crt issuer_crt;
pk_context loaded_issuer_key, loaded_subject_key; pk_context loaded_issuer_key, loaded_subject_key;
pk_context *issuer_key = &loaded_issuer_key, pk_context *issuer_key = &loaded_issuer_key,
*subject_key = &loaded_subject_key; *subject_key = &loaded_subject_key;

2
tests/suites/test_suite_debug.function
View file

@ -26,7 +26,7 @@ void string_debug(void *data, int level, const char *str)
void debug_print_crt( char *crt_file, char *file, int line, char *prefix, void debug_print_crt( char *crt_file, char *file, int line, char *prefix,
char *result_str ) char *result_str )
{ {
x509_cert crt; x509_crt crt;
ssl_context ssl; ssl_context ssl;
struct buffer_data buffer; struct buffer_data buffer;

18
tests/suites/test_suite_x509parse.function
View file

@ -4,7 +4,7 @@
#include <polarssl/pem.h> #include <polarssl/pem.h>
#include <polarssl/oid.h> #include <polarssl/oid.h>
int verify_none( void *data, x509_cert *crt, int certificate_depth, int *flags ) int verify_none( void *data, x509_crt *crt, int certificate_depth, int *flags )
{ {
((void) data); ((void) data);
((void) crt); ((void) crt);
@ -14,7 +14,7 @@ int verify_none( void *data, x509_cert *crt, int certificate_depth, int *flags )
return 0; return 0;
} }
int verify_all( void *data, x509_cert *crt, int certificate_depth, int *flags ) int verify_all( void *data, x509_crt *crt, int certificate_depth, int *flags )
{ {
((void) data); ((void) data);
((void) crt); ((void) crt);
@ -34,7 +34,7 @@ int verify_all( void *data, x509_cert *crt, int certificate_depth, int *flags )
/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_PARSE_C */ /* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_PARSE_C */
void x509_cert_info( char *crt_file, char *result_str ) void x509_cert_info( char *crt_file, char *result_str )
{ {
x509_cert crt; x509_crt crt;
char buf[2000]; char buf[2000];
int res; int res;
@ -80,12 +80,12 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
char *cn_name_str, int result, int flags_result, char *cn_name_str, int result, int flags_result,
char *verify_callback ) char *verify_callback )
{ {
x509_cert crt; x509_crt crt;
x509_cert ca; x509_crt ca;
x509_crl crl; x509_crl crl;
int flags = 0; int flags = 0;
int res; int res;
int (*f_vrfy)(void *, x509_cert *, int, int *) = NULL; int (*f_vrfy)(void *, x509_crt *, int, int *) = NULL;
char * cn_name = NULL; char * cn_name = NULL;
x509_crt_init( &crt ); x509_crt_init( &crt );
@ -122,7 +122,7 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */ /* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */
void x509_dn_gets( char *crt_file, char *entity, char *result_str ) void x509_dn_gets( char *crt_file, char *entity, char *result_str )
{ {
x509_cert crt; x509_crt crt;
char buf[2000]; char buf[2000];
int res = 0; int res = 0;
@ -149,7 +149,7 @@ void x509_dn_gets( char *crt_file, char *entity, char *result_str )
/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */ /* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */
void x509_time_expired( char *crt_file, char *entity, int result ) void x509_time_expired( char *crt_file, char *entity, int result )
{ {
x509_cert crt; x509_crt crt;
x509_crt_init( &crt ); x509_crt_init( &crt );
@ -169,7 +169,7 @@ void x509_time_expired( char *crt_file, char *entity, int result )
/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C */ /* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C */
void x509parse_crt( char *crt_data, char *result_str, int result ) void x509parse_crt( char *crt_data, char *result_str, int result )
{ {
x509_cert crt; x509_crt crt;
unsigned char buf[2000]; unsigned char buf[2000];
unsigned char output[2000]; unsigned char output[2000];
int data_len, res; int data_len, res;