Renamed x509parse_* functions to new form
e.g. x509parse_crtfile -> x509_crt_parse_file
This commit is contained in:
parent
369d2eb2a2
commit
ddf26b4e38
26 changed files with 258 additions and 201 deletions
|
@ -189,13 +189,13 @@ inline int sha4_self_test( int verbose ) {
|
||||||
#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL POLARSSL_ERR_X509_INVALID_SERIAL
|
#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL POLARSSL_ERR_X509_INVALID_SERIAL
|
||||||
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION POLARSSL_ERR_X509_UNKNOWN_VERSION
|
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION POLARSSL_ERR_X509_UNKNOWN_VERSION
|
||||||
|
|
||||||
int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) {
|
inline int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) {
|
||||||
return x509_serial_gets( buf, size, serial );
|
return x509_serial_gets( buf, size, serial );
|
||||||
}
|
}
|
||||||
int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) {
|
inline int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) {
|
||||||
return x509_dn_gets( buf, size, dn );
|
return x509_dn_gets( buf, size, dn );
|
||||||
}
|
}
|
||||||
int x509parse_time_expired( const x509_time *time ) {
|
inline int x509parse_time_expired( const x509_time *time ) {
|
||||||
return x509_time_expired( time );
|
return x509_time_expired( time );
|
||||||
}
|
}
|
||||||
#endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */
|
#endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */
|
||||||
|
@ -203,12 +203,67 @@ int x509parse_time_expired( const x509_time *time ) {
|
||||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||||
#define POLARSSL_X509_PARSE_C
|
#define POLARSSL_X509_PARSE_C
|
||||||
#include "x509_crt.h"
|
#include "x509_crt.h"
|
||||||
|
inline int x509parse_crt_der( x509_cert *chain, const unsigned char *buf,
|
||||||
|
size_t buflen ) {
|
||||||
|
return x509_crt_parse_der( chain, buf, buflen );
|
||||||
|
}
|
||||||
|
inline int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen ) {
|
||||||
|
return x509_crt_parse( chain, buf, buflen );
|
||||||
|
}
|
||||||
|
inline int x509parse_crtfile( x509_cert *chain, const char *path ) {
|
||||||
|
return x509_crt_parse_file( chain, path );
|
||||||
|
}
|
||||||
|
inline int x509parse_crtpath( x509_cert *chain, const char *path ) {
|
||||||
|
return x509_crt_parse_path( chain, path );
|
||||||
|
}
|
||||||
|
inline int x509parse_cert_info( char *buf, size_t size, const char *prefix,
|
||||||
|
const x509_cert *crt ) {
|
||||||
|
return x509_crt_info( buf, size, prefix, crt );
|
||||||
|
}
|
||||||
|
inline int x509parse_verify( x509_cert *crt, x509_cert *trust_ca,
|
||||||
|
x509_crl *ca_crl, const char *cn, int *flags,
|
||||||
|
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||||
|
void *p_vrfy ) {
|
||||||
|
return x509_crt_verify( crt, trust_ca, ca_crl, cn, flags, f_vrfy, p_vrfy );
|
||||||
|
}
|
||||||
|
inline int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ) {
|
||||||
|
return x509_crt_revoked( crt, crl );
|
||||||
|
}
|
||||||
inline void x509_free( x509_cert *crt ) {
|
inline void x509_free( x509_cert *crt ) {
|
||||||
return x509_crt_free( crt );
|
return x509_crt_free( crt );
|
||||||
}
|
}
|
||||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||||
|
|
||||||
|
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
||||||
|
#define POLARSSL_X509_PARSE_C
|
||||||
|
#include "x509_crl.h"
|
||||||
|
inline int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen ) {
|
||||||
|
return x509_crl_parse( chain, buf, buflen );
|
||||||
|
}
|
||||||
|
inline int x509parse_crlfile( x509_crl *chain, const char *path ) {
|
||||||
|
return x509_crl_parse_file( chain, path );
|
||||||
|
}
|
||||||
|
inline int x509parse_crl_info( char *buf, size_t size, const char *prefix,
|
||||||
|
const x509_crl *crl ) {
|
||||||
|
return x509_crl_info( buf, size, prefix, crl );
|
||||||
|
}
|
||||||
|
#endif /* POLARSSL_X509_CRL_PARSE_C */
|
||||||
|
|
||||||
|
#if defined(POLARSSL_X509_CSR_PARSE_C)
|
||||||
|
#define POLARSSL_X509_PARSE_C
|
||||||
|
#include "x509_csr.h"
|
||||||
|
inline int x509parse_csr( x509_csr *csr, const unsigned char *buf, size_t buflen ) {
|
||||||
|
return x509_csr_parse( csr, buf, buflen );
|
||||||
|
}
|
||||||
|
inline int x509parse_csrfile( x509_csr *csr, const char *path ) {
|
||||||
|
return x509_csr_parse_file( csr, path );
|
||||||
|
}
|
||||||
|
inline int x509parse_csr_info( char *buf, size_t size, const char *prefix,
|
||||||
|
const x509_csr *csr ) {
|
||||||
|
return x509_csr_info( buf, size, prefix, csr );
|
||||||
|
}
|
||||||
|
#endif /* POLARSSL_X509_CSR_PARSE_C */
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_TLS_C)
|
#if defined(POLARSSL_SSL_TLS_C)
|
||||||
#include "ssl_ciphersuites.h"
|
#include "ssl_ciphersuites.h"
|
||||||
|
|
||||||
|
|
|
@ -104,7 +104,7 @@ x509_crl;
|
||||||
*
|
*
|
||||||
* \return 0 if successful, or a specific X509 or PEM error code
|
* \return 0 if successful, or a specific X509 or PEM error code
|
||||||
*/
|
*/
|
||||||
int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen );
|
int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen );
|
||||||
|
|
||||||
#if defined(POLARSSL_FS_IO)
|
#if defined(POLARSSL_FS_IO)
|
||||||
/**
|
/**
|
||||||
|
@ -116,12 +116,11 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen );
|
||||||
*
|
*
|
||||||
* \return 0 if successful, or a specific X509 or PEM error code
|
* \return 0 if successful, or a specific X509 or PEM error code
|
||||||
*/
|
*/
|
||||||
int x509parse_crlfile( x509_crl *chain, const char *path );
|
int x509_crl_parse_file( x509_crl *chain, const char *path );
|
||||||
#endif /* POLARSSL_FS_IO */
|
#endif /* POLARSSL_FS_IO */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Returns an informational string about the
|
* \brief Returns an informational string about the CRL.
|
||||||
* CRL.
|
|
||||||
*
|
*
|
||||||
* \param buf Buffer to write to
|
* \param buf Buffer to write to
|
||||||
* \param size Maximum size of buffer
|
* \param size Maximum size of buffer
|
||||||
|
@ -131,8 +130,8 @@ int x509parse_crlfile( x509_crl *chain, const char *path );
|
||||||
* \return The amount of data written to the buffer, or -1 in
|
* \return The amount of data written to the buffer, or -1 in
|
||||||
* case of an error.
|
* case of an error.
|
||||||
*/
|
*/
|
||||||
int x509parse_crl_info( char *buf, size_t size, const char *prefix,
|
int x509_crl_info( char *buf, size_t size, const char *prefix,
|
||||||
const x509_crl *crl );
|
const x509_crl *crl );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Initialize a CRL (chain)
|
* \brief Initialize a CRL (chain)
|
||||||
|
|
|
@ -132,8 +132,8 @@ x509write_cert;
|
||||||
*
|
*
|
||||||
* \return 0 if successful, or a specific X509 or PEM error code
|
* \return 0 if successful, or a specific X509 or PEM error code
|
||||||
*/
|
*/
|
||||||
int x509parse_crt_der( x509_cert *chain, const unsigned char *buf,
|
int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
|
||||||
size_t buflen );
|
size_t buflen );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Parse one or more certificates and add them
|
* \brief Parse one or more certificates and add them
|
||||||
|
@ -149,7 +149,7 @@ int x509parse_crt_der( x509_cert *chain, const unsigned char *buf,
|
||||||
* \return 0 if all certificates parsed successfully, a positive number
|
* \return 0 if all certificates parsed successfully, a positive number
|
||||||
* if partly successful or a specific X509 or PEM error code
|
* if partly successful or a specific X509 or PEM error code
|
||||||
*/
|
*/
|
||||||
int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen );
|
int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen );
|
||||||
|
|
||||||
#if defined(POLARSSL_FS_IO)
|
#if defined(POLARSSL_FS_IO)
|
||||||
/**
|
/**
|
||||||
|
@ -165,7 +165,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen );
|
||||||
* \return 0 if all certificates parsed successfully, a positive number
|
* \return 0 if all certificates parsed successfully, a positive number
|
||||||
* if partly successful or a specific X509 or PEM error code
|
* if partly successful or a specific X509 or PEM error code
|
||||||
*/
|
*/
|
||||||
int x509parse_crtfile( x509_cert *chain, const char *path );
|
int x509_crt_parse_file( x509_cert *chain, const char *path );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Load one or more certificate files from a path and add them
|
* \brief Load one or more certificate files from a path and add them
|
||||||
|
@ -180,7 +180,7 @@ int x509parse_crtfile( x509_cert *chain, const char *path );
|
||||||
* \return 0 if all certificates parsed successfully, a positive number
|
* \return 0 if all certificates parsed successfully, a positive number
|
||||||
* if partly successful or a specific X509 or PEM error code
|
* if partly successful or a specific X509 or PEM error code
|
||||||
*/
|
*/
|
||||||
int x509parse_crtpath( x509_cert *chain, const char *path );
|
int x509_crt_parse_path( x509_cert *chain, const char *path );
|
||||||
#endif /* POLARSSL_FS_IO */
|
#endif /* POLARSSL_FS_IO */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -195,8 +195,8 @@ int x509parse_crtpath( x509_cert *chain, const char *path );
|
||||||
* \return The amount of data written to the buffer, or -1 in
|
* \return The amount of data written to the buffer, or -1 in
|
||||||
* case of an error.
|
* case of an error.
|
||||||
*/
|
*/
|
||||||
int x509parse_cert_info( char *buf, size_t size, const char *prefix,
|
int x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||||
const x509_cert *crt );
|
const x509_cert *crt );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Verify the certificate signature
|
* \brief Verify the certificate signature
|
||||||
|
@ -234,12 +234,12 @@ int x509parse_cert_info( char *buf, size_t size, const char *prefix,
|
||||||
* or another error in case of a fatal error encountered
|
* or another error in case of a fatal error encountered
|
||||||
* during the verification process.
|
* during the verification process.
|
||||||
*/
|
*/
|
||||||
int x509parse_verify( x509_cert *crt,
|
int x509_crt_verify( x509_cert *crt,
|
||||||
x509_cert *trust_ca,
|
x509_cert *trust_ca,
|
||||||
x509_crl *ca_crl,
|
x509_crl *ca_crl,
|
||||||
const char *cn, int *flags,
|
const char *cn, int *flags,
|
||||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||||
void *p_vrfy );
|
void *p_vrfy );
|
||||||
|
|
||||||
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
||||||
/**
|
/**
|
||||||
|
@ -251,7 +251,7 @@ int x509parse_verify( x509_cert *crt,
|
||||||
* \return 1 if the certificate is revoked, 0 otherwise
|
* \return 1 if the certificate is revoked, 0 otherwise
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
int x509parse_revoked( const x509_cert *crt, const x509_crl *crl );
|
int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl );
|
||||||
#endif /* POLARSSL_X509_CRL_PARSE_C */
|
#endif /* POLARSSL_X509_CRL_PARSE_C */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -88,7 +88,7 @@ x509write_csr;
|
||||||
*
|
*
|
||||||
* \return 0 if successful, or a specific X509 or PEM error code
|
* \return 0 if successful, or a specific X509 or PEM error code
|
||||||
*/
|
*/
|
||||||
int x509parse_csr( x509_csr *csr, const unsigned char *buf, size_t buflen );
|
int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen );
|
||||||
|
|
||||||
#if defined(POLARSSL_FS_IO)
|
#if defined(POLARSSL_FS_IO)
|
||||||
/**
|
/**
|
||||||
|
@ -99,7 +99,7 @@ int x509parse_csr( x509_csr *csr, const unsigned char *buf, size_t buflen );
|
||||||
*
|
*
|
||||||
* \return 0 if successful, or a specific X509 or PEM error code
|
* \return 0 if successful, or a specific X509 or PEM error code
|
||||||
*/
|
*/
|
||||||
int x509parse_csrfile( x509_csr *csr, const char *path );
|
int x509_csr_parse_file( x509_csr *csr, const char *path );
|
||||||
#endif /* POLARSSL_FS_IO */
|
#endif /* POLARSSL_FS_IO */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -114,8 +114,8 @@ int x509parse_csrfile( x509_csr *csr, const char *path );
|
||||||
* \return The amount of data written to the buffer, or -1 in
|
* \return The amount of data written to the buffer, or -1 in
|
||||||
* case of an error.
|
* case of an error.
|
||||||
*/
|
*/
|
||||||
int x509parse_csr_info( char *buf, size_t size, const char *prefix,
|
int x509_csr_info( char *buf, size_t size, const char *prefix,
|
||||||
const x509_csr *csr );
|
const x509_csr *csr );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Initialize a CSR
|
* \brief Initialize a CSR
|
||||||
|
|
|
@ -275,7 +275,7 @@ void debug_print_crt( const ssl_context *ssl, int level,
|
||||||
while( crt != NULL )
|
while( crt != NULL )
|
||||||
{
|
{
|
||||||
char buf[1024];
|
char buf[1024];
|
||||||
x509parse_cert_info( buf, sizeof( buf ) - 1, prefix, crt );
|
x509_crt_info( buf, sizeof( buf ) - 1, prefix, crt );
|
||||||
|
|
||||||
snprintf( str, maxlen, "%s(%04d): %s #%d:\n%s",
|
snprintf( str, maxlen, "%s(%04d): %s #%d:\n%s",
|
||||||
file, line, text, ++i, buf );
|
file, line, text, ++i, buf );
|
||||||
|
|
|
@ -96,8 +96,8 @@ int ssl_cache_get( void *data, ssl_session *session )
|
||||||
return( 1 );
|
return( 1 );
|
||||||
|
|
||||||
memset( session->peer_cert, 0, sizeof(x509_cert) );
|
memset( session->peer_cert, 0, sizeof(x509_cert) );
|
||||||
if( x509parse_crt( session->peer_cert, entry->peer_cert.p,
|
if( x509_crt_parse( session->peer_cert, entry->peer_cert.p,
|
||||||
entry->peer_cert.len ) != 0 )
|
entry->peer_cert.len ) != 0 )
|
||||||
{
|
{
|
||||||
polarssl_free( session->peer_cert );
|
polarssl_free( session->peer_cert );
|
||||||
session->peer_cert = NULL;
|
session->peer_cert = NULL;
|
||||||
|
|
|
@ -142,7 +142,7 @@ static int ssl_load_session( ssl_session *session,
|
||||||
|
|
||||||
memset( session->peer_cert, 0, sizeof( x509_cert ) );
|
memset( session->peer_cert, 0, sizeof( x509_cert ) );
|
||||||
|
|
||||||
if( ( ret = x509parse_crt( session->peer_cert, p, cert_len ) ) != 0 )
|
if( ( ret = x509_crt_parse( session->peer_cert, p, cert_len ) ) != 0 )
|
||||||
{
|
{
|
||||||
x509_crt_free( session->peer_cert );
|
x509_crt_free( session->peer_cert );
|
||||||
polarssl_free( session->peer_cert );
|
polarssl_free( session->peer_cert );
|
||||||
|
|
|
@ -85,8 +85,8 @@ static int ssl_session_copy( ssl_session *dst, const ssl_session *src )
|
||||||
|
|
||||||
memset( dst->peer_cert, 0, sizeof(x509_cert) );
|
memset( dst->peer_cert, 0, sizeof(x509_cert) );
|
||||||
|
|
||||||
if( ( ret = x509parse_crt( dst->peer_cert, src->peer_cert->raw.p,
|
if( ( ret = x509_crt_parse( dst->peer_cert, src->peer_cert->raw.p,
|
||||||
src->peer_cert->raw.len ) != 0 ) )
|
src->peer_cert->raw.len ) != 0 ) )
|
||||||
{
|
{
|
||||||
polarssl_free( dst->peer_cert );
|
polarssl_free( dst->peer_cert );
|
||||||
dst->peer_cert = NULL;
|
dst->peer_cert = NULL;
|
||||||
|
@ -2516,11 +2516,11 @@ int ssl_parse_certificate( ssl_context *ssl )
|
||||||
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE );
|
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE );
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = x509parse_crt_der( ssl->session_negotiate->peer_cert,
|
ret = x509_crt_parse_der( ssl->session_negotiate->peer_cert,
|
||||||
ssl->in_msg + i, n );
|
ssl->in_msg + i, n );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
SSL_DEBUG_RET( 1, " x509parse_crt", ret );
|
SSL_DEBUG_RET( 1, " x509_crt_parse_der", ret );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2537,10 +2537,10 @@ int ssl_parse_certificate( ssl_context *ssl )
|
||||||
return( POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED );
|
return( POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED );
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = x509parse_verify( ssl->session_negotiate->peer_cert,
|
ret = x509_crt_verify( ssl->session_negotiate->peer_cert,
|
||||||
ssl->ca_chain, ssl->ca_crl, ssl->peer_cn,
|
ssl->ca_chain, ssl->ca_crl, ssl->peer_cn,
|
||||||
&ssl->session_negotiate->verify_result,
|
&ssl->session_negotiate->verify_result,
|
||||||
ssl->f_vrfy, ssl->p_vrfy );
|
ssl->f_vrfy, ssl->p_vrfy );
|
||||||
|
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
SSL_DEBUG_RET( 1, "x509_verify_cert", ret );
|
SSL_DEBUG_RET( 1, "x509_verify_cert", ret );
|
||||||
|
|
|
@ -710,8 +710,8 @@ int x509_self_test( int verbose )
|
||||||
|
|
||||||
memset( &clicert, 0, sizeof( x509_cert ) );
|
memset( &clicert, 0, sizeof( x509_cert ) );
|
||||||
|
|
||||||
ret = x509parse_crt( &clicert, (const unsigned char *) test_cli_crt,
|
ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt,
|
||||||
strlen( test_cli_crt ) );
|
strlen( test_cli_crt ) );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
if( verbose != 0 )
|
if( verbose != 0 )
|
||||||
|
@ -722,8 +722,8 @@ int x509_self_test( int verbose )
|
||||||
|
|
||||||
memset( &cacert, 0, sizeof( x509_cert ) );
|
memset( &cacert, 0, sizeof( x509_cert ) );
|
||||||
|
|
||||||
ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt,
|
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_crt,
|
||||||
strlen( test_ca_crt ) );
|
strlen( test_ca_crt ) );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
if( verbose != 0 )
|
if( verbose != 0 )
|
||||||
|
@ -735,7 +735,7 @@ int x509_self_test( int verbose )
|
||||||
if( verbose != 0 )
|
if( verbose != 0 )
|
||||||
printf( "passed\n X.509 signature verify: ");
|
printf( "passed\n X.509 signature verify: ");
|
||||||
|
|
||||||
ret = x509parse_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL );
|
ret = x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
if( verbose != 0 )
|
if( verbose != 0 )
|
||||||
|
|
|
@ -243,7 +243,7 @@ static int x509_get_entries( unsigned char **p,
|
||||||
/*
|
/*
|
||||||
* Parse one or more CRLs and add them to the chained list
|
* Parse one or more CRLs and add them to the chained list
|
||||||
*/
|
*/
|
||||||
int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t len;
|
size_t len;
|
||||||
|
@ -516,7 +516,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||||
crl = crl->next;
|
crl = crl->next;
|
||||||
x509_crl_init( crl );
|
x509_crl_init( crl );
|
||||||
|
|
||||||
return( x509parse_crl( crl, buf, buflen ) );
|
return( x509_crl_parse( crl, buf, buflen ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
@ -526,7 +526,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||||
/*
|
/*
|
||||||
* Load one or more CRLs and add them to the chained list
|
* Load one or more CRLs and add them to the chained list
|
||||||
*/
|
*/
|
||||||
int x509parse_crlfile( x509_crl *chain, const char *path )
|
int x509_crl_parse_file( x509_crl *chain, const char *path )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
@ -535,7 +535,7 @@ int x509parse_crlfile( x509_crl *chain, const char *path )
|
||||||
if ( ( ret = x509_load_file( path, &buf, &n ) ) != 0 )
|
if ( ( ret = x509_load_file( path, &buf, &n ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
ret = x509parse_crl( chain, buf, n );
|
ret = x509_crl_parse( chain, buf, n );
|
||||||
|
|
||||||
memset( buf, 0, n + 1 );
|
memset( buf, 0, n + 1 );
|
||||||
polarssl_free( buf );
|
polarssl_free( buf );
|
||||||
|
@ -603,8 +603,8 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...)
|
||||||
/*
|
/*
|
||||||
* Return an informational string about the CRL.
|
* Return an informational string about the CRL.
|
||||||
*/
|
*/
|
||||||
int x509parse_crl_info( char *buf, size_t size, const char *prefix,
|
int x509_crl_info( char *buf, size_t size, const char *prefix,
|
||||||
const x509_crl *crl )
|
const x509_crl *crl )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
|
|
@ -515,8 +515,8 @@ static int x509_get_crt_ext( unsigned char **p,
|
||||||
/*
|
/*
|
||||||
* Parse and fill a single X.509 certificate in DER format
|
* Parse and fill a single X.509 certificate in DER format
|
||||||
*/
|
*/
|
||||||
static int x509parse_crt_der_core( x509_cert *crt, const unsigned char *buf,
|
static int x509_crt_parse_der_core( x509_cert *crt, const unsigned char *buf,
|
||||||
size_t buflen )
|
size_t buflen )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t len;
|
size_t len;
|
||||||
|
@ -756,7 +756,8 @@ static int x509parse_crt_der_core( x509_cert *crt, const unsigned char *buf,
|
||||||
* Parse one X.509 certificate in DER format from a buffer and add them to a
|
* Parse one X.509 certificate in DER format from a buffer and add them to a
|
||||||
* chained list
|
* chained list
|
||||||
*/
|
*/
|
||||||
int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen )
|
int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
|
||||||
|
size_t buflen )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
x509_cert *crt = chain, *prev = NULL;
|
x509_cert *crt = chain, *prev = NULL;
|
||||||
|
@ -788,7 +789,7 @@ int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen
|
||||||
x509_crt_init( crt );
|
x509_crt_init( crt );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = x509parse_crt_der_core( crt, buf, buflen ) ) != 0 )
|
if( ( ret = x509_crt_parse_der_core( crt, buf, buflen ) ) != 0 )
|
||||||
{
|
{
|
||||||
if( prev )
|
if( prev )
|
||||||
prev->next = NULL;
|
prev->next = NULL;
|
||||||
|
@ -805,7 +806,7 @@ int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen
|
||||||
/*
|
/*
|
||||||
* Parse one or more PEM certificates from a buffer and add them to the chained list
|
* Parse one or more PEM certificates from a buffer and add them to the chained list
|
||||||
*/
|
*/
|
||||||
int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
|
int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen )
|
||||||
{
|
{
|
||||||
int success = 0, first_error = 0, total_failed = 0;
|
int success = 0, first_error = 0, total_failed = 0;
|
||||||
int buf_format = X509_FORMAT_DER;
|
int buf_format = X509_FORMAT_DER;
|
||||||
|
@ -826,7 +827,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if( buf_format == X509_FORMAT_DER )
|
if( buf_format == X509_FORMAT_DER )
|
||||||
return x509parse_crt_der( chain, buf, buflen );
|
return x509_crt_parse_der( chain, buf, buflen );
|
||||||
|
|
||||||
#if defined(POLARSSL_PEM_PARSE_C)
|
#if defined(POLARSSL_PEM_PARSE_C)
|
||||||
if( buf_format == X509_FORMAT_PEM )
|
if( buf_format == X509_FORMAT_PEM )
|
||||||
|
@ -874,7 +875,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
|
||||||
else
|
else
|
||||||
break;
|
break;
|
||||||
|
|
||||||
ret = x509parse_crt_der( chain, pem.buf, pem.buflen );
|
ret = x509_crt_parse_der( chain, pem.buf, pem.buflen );
|
||||||
|
|
||||||
pem_free( &pem );
|
pem_free( &pem );
|
||||||
|
|
||||||
|
@ -910,7 +911,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
|
||||||
/*
|
/*
|
||||||
* Load one or more certificates and add them to the chained list
|
* Load one or more certificates and add them to the chained list
|
||||||
*/
|
*/
|
||||||
int x509parse_crtfile( x509_cert *chain, const char *path )
|
int x509_crt_parse_file( x509_cert *chain, const char *path )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
@ -919,7 +920,7 @@ int x509parse_crtfile( x509_cert *chain, const char *path )
|
||||||
if ( ( ret = x509_load_file( path, &buf, &n ) ) != 0 )
|
if ( ( ret = x509_load_file( path, &buf, &n ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
ret = x509parse_crt( chain, buf, n );
|
ret = x509_crt_parse( chain, buf, n );
|
||||||
|
|
||||||
memset( buf, 0, n + 1 );
|
memset( buf, 0, n + 1 );
|
||||||
polarssl_free( buf );
|
polarssl_free( buf );
|
||||||
|
@ -927,7 +928,7 @@ int x509parse_crtfile( x509_cert *chain, const char *path )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
int x509parse_crtpath( x509_cert *chain, const char *path )
|
int x509_crt_parse_path( x509_cert *chain, const char *path )
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
#if defined(_WIN32)
|
#if defined(_WIN32)
|
||||||
|
@ -969,7 +970,7 @@ int x509parse_crtpath( x509_cert *chain, const char *path )
|
||||||
p, len - 1,
|
p, len - 1,
|
||||||
NULL, NULL );
|
NULL, NULL );
|
||||||
|
|
||||||
w_ret = x509parse_crtfile( chain, filename );
|
w_ret = x509_crt_parse_file( chain, filename );
|
||||||
if( w_ret < 0 )
|
if( w_ret < 0 )
|
||||||
ret++;
|
ret++;
|
||||||
else
|
else
|
||||||
|
@ -1012,7 +1013,7 @@ cleanup:
|
||||||
|
|
||||||
// Ignore parse errors
|
// Ignore parse errors
|
||||||
//
|
//
|
||||||
t_ret = x509parse_crtfile( chain, entry_name );
|
t_ret = x509_crt_parse_file( chain, entry_name );
|
||||||
if( t_ret < 0 )
|
if( t_ret < 0 )
|
||||||
ret++;
|
ret++;
|
||||||
else
|
else
|
||||||
|
@ -1081,8 +1082,8 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...)
|
||||||
*/
|
*/
|
||||||
#define BEFORE_COLON 14
|
#define BEFORE_COLON 14
|
||||||
#define BC "14"
|
#define BC "14"
|
||||||
int x509parse_cert_info( char *buf, size_t size, const char *prefix,
|
int x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||||
const x509_cert *crt )
|
const x509_cert *crt )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
@ -1154,7 +1155,7 @@ int x509parse_cert_info( char *buf, size_t size, const char *prefix,
|
||||||
/*
|
/*
|
||||||
* Return 1 if the certificate is revoked, or 0 otherwise.
|
* Return 1 if the certificate is revoked, or 0 otherwise.
|
||||||
*/
|
*/
|
||||||
int x509parse_revoked( const x509_cert *crt, const x509_crl *crl )
|
int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl )
|
||||||
{
|
{
|
||||||
const x509_crl_entry *cur = &crl->entry;
|
const x509_crl_entry *cur = &crl->entry;
|
||||||
|
|
||||||
|
@ -1176,8 +1177,8 @@ int x509parse_revoked( const x509_cert *crt, const x509_crl *crl )
|
||||||
/*
|
/*
|
||||||
* Check that the given certificate is valid accoring to the CRL.
|
* Check that the given certificate is valid accoring to the CRL.
|
||||||
*/
|
*/
|
||||||
static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca,
|
static int x509_crt_verifycrl( x509_cert *crt, x509_cert *ca,
|
||||||
x509_crl *crl_list)
|
x509_crl *crl_list)
|
||||||
{
|
{
|
||||||
int flags = 0;
|
int flags = 0;
|
||||||
unsigned char hash[POLARSSL_MD_MAX_SIZE];
|
unsigned char hash[POLARSSL_MD_MAX_SIZE];
|
||||||
|
@ -1235,7 +1236,7 @@ static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca,
|
||||||
/*
|
/*
|
||||||
* Check if certificate is revoked
|
* Check if certificate is revoked
|
||||||
*/
|
*/
|
||||||
if( x509parse_revoked(crt, crl_list) )
|
if( x509_crt_revoked(crt, crl_list) )
|
||||||
{
|
{
|
||||||
flags |= BADCERT_REVOKED;
|
flags |= BADCERT_REVOKED;
|
||||||
break;
|
break;
|
||||||
|
@ -1299,7 +1300,7 @@ static int x509_wildcard_verify( const char *cn, x509_buf *name )
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
static int x509parse_verify_top(
|
static int x509_crt_verify_top(
|
||||||
x509_cert *child, x509_cert *trust_ca,
|
x509_cert *child, x509_cert *trust_ca,
|
||||||
x509_crl *ca_crl, int path_cnt, int *flags,
|
x509_crl *ca_crl, int path_cnt, int *flags,
|
||||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||||
|
@ -1385,7 +1386,7 @@ static int x509parse_verify_top(
|
||||||
{
|
{
|
||||||
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
||||||
/* Check trusted CA's CRL for the chain's top crt */
|
/* Check trusted CA's CRL for the chain's top crt */
|
||||||
*flags |= x509parse_verifycrl( child, trust_ca, ca_crl );
|
*flags |= x509_crt_verifycrl( child, trust_ca, ca_crl );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if( x509_time_expired( &trust_ca->valid_to ) )
|
if( x509_time_expired( &trust_ca->valid_to ) )
|
||||||
|
@ -1410,7 +1411,7 @@ static int x509parse_verify_top(
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
static int x509parse_verify_child(
|
static int x509_crt_verify_child(
|
||||||
x509_cert *child, x509_cert *parent, x509_cert *trust_ca,
|
x509_cert *child, x509_cert *parent, x509_cert *trust_ca,
|
||||||
x509_crl *ca_crl, int path_cnt, int *flags,
|
x509_crl *ca_crl, int path_cnt, int *flags,
|
||||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||||
|
@ -1447,7 +1448,7 @@ static int x509parse_verify_child(
|
||||||
|
|
||||||
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
||||||
/* Check trusted CA's CRL for the given crt */
|
/* Check trusted CA's CRL for the given crt */
|
||||||
*flags |= x509parse_verifycrl(child, parent, ca_crl);
|
*flags |= x509_crt_verifycrl(child, parent, ca_crl);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
grandparent = parent->next;
|
grandparent = parent->next;
|
||||||
|
@ -1471,13 +1472,13 @@ static int x509parse_verify_child(
|
||||||
/*
|
/*
|
||||||
* Part of the chain
|
* Part of the chain
|
||||||
*/
|
*/
|
||||||
ret = x509parse_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
|
ret = x509_crt_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
ret = x509parse_verify_top( parent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
|
ret = x509_crt_verify_top( parent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
@ -1495,12 +1496,12 @@ static int x509parse_verify_child(
|
||||||
/*
|
/*
|
||||||
* Verify the certificate validity
|
* Verify the certificate validity
|
||||||
*/
|
*/
|
||||||
int x509parse_verify( x509_cert *crt,
|
int x509_crt_verify( x509_cert *crt,
|
||||||
x509_cert *trust_ca,
|
x509_cert *trust_ca,
|
||||||
x509_crl *ca_crl,
|
x509_crl *ca_crl,
|
||||||
const char *cn, int *flags,
|
const char *cn, int *flags,
|
||||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||||
void *p_vrfy )
|
void *p_vrfy )
|
||||||
{
|
{
|
||||||
size_t cn_len;
|
size_t cn_len;
|
||||||
int ret;
|
int ret;
|
||||||
|
@ -1585,13 +1586,13 @@ int x509parse_verify( x509_cert *crt,
|
||||||
/*
|
/*
|
||||||
* Part of the chain
|
* Part of the chain
|
||||||
*/
|
*/
|
||||||
ret = x509parse_verify_child( crt, parent, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
|
ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
ret = x509parse_verify_top( crt, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
|
ret = x509_crt_verify_top( crt, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
|
@ -87,7 +87,7 @@ static int x509_csr_get_version( unsigned char **p,
|
||||||
/*
|
/*
|
||||||
* Parse a CSR
|
* Parse a CSR
|
||||||
*/
|
*/
|
||||||
int x509parse_csr( x509_csr *csr, const unsigned char *buf, size_t buflen )
|
int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t len;
|
size_t len;
|
||||||
|
@ -287,7 +287,7 @@ int x509parse_csr( x509_csr *csr, const unsigned char *buf, size_t buflen )
|
||||||
/*
|
/*
|
||||||
* Load a CSR into the structure
|
* Load a CSR into the structure
|
||||||
*/
|
*/
|
||||||
int x509parse_csrfile( x509_csr *csr, const char *path )
|
int x509_csr_parse_file( x509_csr *csr, const char *path )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
@ -296,7 +296,7 @@ int x509parse_csrfile( x509_csr *csr, const char *path )
|
||||||
if ( ( ret = x509_load_file( path, &buf, &n ) ) != 0 )
|
if ( ( ret = x509_load_file( path, &buf, &n ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
ret = x509parse_csr( csr, buf, n );
|
ret = x509_csr_parse( csr, buf, n );
|
||||||
|
|
||||||
memset( buf, 0, n + 1 );
|
memset( buf, 0, n + 1 );
|
||||||
polarssl_free( buf );
|
polarssl_free( buf );
|
||||||
|
@ -361,8 +361,8 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...)
|
||||||
/*
|
/*
|
||||||
* Return an informational string about the CSR.
|
* Return an informational string about the CSR.
|
||||||
*/
|
*/
|
||||||
int x509parse_csr_info( char *buf, size_t size, const char *prefix,
|
int x509_csr_info( char *buf, size_t size, const char *prefix,
|
||||||
const x509_csr *csr )
|
const x509_csr *csr )
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
|
|
@ -113,8 +113,8 @@ int main( int argc, char *argv[] )
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
#if defined(POLARSSL_CERTS_C)
|
#if defined(POLARSSL_CERTS_C)
|
||||||
ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt,
|
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_crt,
|
||||||
strlen( test_ca_crt ) );
|
strlen( test_ca_crt ) );
|
||||||
#else
|
#else
|
||||||
ret = 1;
|
ret = 1;
|
||||||
printf("POLARSSL_CERTS_C not defined.");
|
printf("POLARSSL_CERTS_C not defined.");
|
||||||
|
@ -122,7 +122,7 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
if( ret < 0 )
|
if( ret < 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned -0x%x\n\n", -ret );
|
printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -121,7 +121,7 @@ static int my_verify( void *data, x509_cert *crt, int depth, int *flags )
|
||||||
((void) data);
|
((void) data);
|
||||||
|
|
||||||
printf( "\nVerify requested for (Depth %d):\n", depth );
|
printf( "\nVerify requested for (Depth %d):\n", depth );
|
||||||
x509parse_cert_info( buf, sizeof( buf ) - 1, "", crt );
|
x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
|
||||||
printf( "%s", buf );
|
printf( "%s", buf );
|
||||||
|
|
||||||
if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
|
if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
|
||||||
|
@ -574,13 +574,13 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
#if defined(POLARSSL_FS_IO)
|
#if defined(POLARSSL_FS_IO)
|
||||||
if( strlen( opt.ca_path ) )
|
if( strlen( opt.ca_path ) )
|
||||||
ret = x509parse_crtpath( &cacert, opt.ca_path );
|
ret = x509_crt_parse_path( &cacert, opt.ca_path );
|
||||||
else if( strlen( opt.ca_file ) )
|
else if( strlen( opt.ca_file ) )
|
||||||
ret = x509parse_crtfile( &cacert, opt.ca_file );
|
ret = x509_crt_parse_file( &cacert, opt.ca_file );
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#if defined(POLARSSL_CERTS_C)
|
#if defined(POLARSSL_CERTS_C)
|
||||||
ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt,
|
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_crt,
|
||||||
strlen( test_ca_crt ) );
|
strlen( test_ca_crt ) );
|
||||||
#else
|
#else
|
||||||
{
|
{
|
||||||
|
@ -590,7 +590,7 @@ int main( int argc, char *argv[] )
|
||||||
#endif
|
#endif
|
||||||
if( ret < 0 )
|
if( ret < 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned -0x%x\n\n", -ret );
|
printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -606,11 +606,11 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
#if defined(POLARSSL_FS_IO)
|
#if defined(POLARSSL_FS_IO)
|
||||||
if( strlen( opt.crt_file ) )
|
if( strlen( opt.crt_file ) )
|
||||||
ret = x509parse_crtfile( &clicert, opt.crt_file );
|
ret = x509_crt_parse_file( &clicert, opt.crt_file );
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#if defined(POLARSSL_CERTS_C)
|
#if defined(POLARSSL_CERTS_C)
|
||||||
ret = x509parse_crt( &clicert, (const unsigned char *) test_cli_crt,
|
ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt,
|
||||||
strlen( test_cli_crt ) );
|
strlen( test_cli_crt ) );
|
||||||
#else
|
#else
|
||||||
{
|
{
|
||||||
|
@ -620,7 +620,7 @@ int main( int argc, char *argv[] )
|
||||||
#endif
|
#endif
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned -0x%x\n\n", -ret );
|
printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -790,8 +790,8 @@ int main( int argc, char *argv[] )
|
||||||
if( ssl_get_peer_cert( &ssl ) != NULL )
|
if( ssl_get_peer_cert( &ssl ) != NULL )
|
||||||
{
|
{
|
||||||
printf( " . Peer certificate information ...\n" );
|
printf( " . Peer certificate information ...\n" );
|
||||||
x509parse_cert_info( (char *) buf, sizeof( buf ) - 1, " ",
|
x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||||
ssl_get_peer_cert( &ssl ) );
|
ssl_get_peer_cert( &ssl ) );
|
||||||
printf( "%s\n", buf );
|
printf( "%s\n", buf );
|
||||||
}
|
}
|
||||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||||
|
|
|
@ -138,22 +138,22 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This demonstration program uses embedded test certificates.
|
* This demonstration program uses embedded test certificates.
|
||||||
* Instead, you may want to use x509parse_crtfile() to read the
|
* Instead, you may want to use x509_crt_parse_file() to read the
|
||||||
* server and CA certificates, as well as x509parse_keyfile().
|
* server and CA certificates, as well as pk_parse_keyfile().
|
||||||
*/
|
*/
|
||||||
ret = x509parse_crt( &srvcert, (const unsigned char *) test_srv_crt,
|
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
|
||||||
strlen( test_srv_crt ) );
|
strlen( test_srv_crt ) );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = x509parse_crt( &srvcert, (const unsigned char *) test_ca_crt,
|
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_crt,
|
||||||
strlen( test_ca_crt ) );
|
strlen( test_ca_crt ) );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -173,8 +173,8 @@ static int do_handshake( ssl_context *ssl, struct options *opt )
|
||||||
printf( " ok\n" );
|
printf( " ok\n" );
|
||||||
|
|
||||||
printf( " . Peer certificate information ...\n" );
|
printf( " . Peer certificate information ...\n" );
|
||||||
x509parse_cert_info( (char *) buf, sizeof( buf ) - 1, " ",
|
x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||||
ssl_get_peer_cert( ssl ) );
|
ssl_get_peer_cert( ssl ) );
|
||||||
printf( "%s\n", buf );
|
printf( "%s\n", buf );
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
@ -483,12 +483,12 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
#if defined(POLARSSL_FS_IO)
|
#if defined(POLARSSL_FS_IO)
|
||||||
if( strlen( opt.ca_file ) )
|
if( strlen( opt.ca_file ) )
|
||||||
ret = x509parse_crtfile( &cacert, opt.ca_file );
|
ret = x509_crt_parse_file( &cacert, opt.ca_file );
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#if defined(POLARSSL_CERTS_C)
|
#if defined(POLARSSL_CERTS_C)
|
||||||
ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt,
|
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_crt,
|
||||||
strlen( test_ca_crt ) );
|
strlen( test_ca_crt ) );
|
||||||
#else
|
#else
|
||||||
{
|
{
|
||||||
ret = 1;
|
ret = 1;
|
||||||
|
@ -497,7 +497,7 @@ int main( int argc, char *argv[] )
|
||||||
#endif
|
#endif
|
||||||
if( ret < 0 )
|
if( ret < 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -513,12 +513,12 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
#if defined(POLARSSL_FS_IO)
|
#if defined(POLARSSL_FS_IO)
|
||||||
if( strlen( opt.crt_file ) )
|
if( strlen( opt.crt_file ) )
|
||||||
ret = x509parse_crtfile( &clicert, opt.crt_file );
|
ret = x509_crt_parse_file( &clicert, opt.crt_file );
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#if defined(POLARSSL_CERTS_C)
|
#if defined(POLARSSL_CERTS_C)
|
||||||
ret = x509parse_crt( &clicert, (const unsigned char *) test_cli_crt,
|
ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt,
|
||||||
strlen( test_cli_crt ) );
|
strlen( test_cli_crt ) );
|
||||||
#else
|
#else
|
||||||
{
|
{
|
||||||
ret = -1;
|
ret = -1;
|
||||||
|
@ -527,7 +527,7 @@ int main( int argc, char *argv[] )
|
||||||
#endif
|
#endif
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -118,22 +118,22 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This demonstration program uses embedded test certificates.
|
* This demonstration program uses embedded test certificates.
|
||||||
* Instead, you may want to use x509parse_crtfile() to read the
|
* Instead, you may want to use x509_crt_parse_file() to read the
|
||||||
* server and CA certificates, as well as x509parse_keyfile().
|
* server and CA certificates, as well as pk_parse_keyfile().
|
||||||
*/
|
*/
|
||||||
ret = x509parse_crt( &srvcert, (const unsigned char *) test_srv_crt,
|
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
|
||||||
strlen( test_srv_crt ) );
|
strlen( test_srv_crt ) );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = x509parse_crt( &srvcert, (const unsigned char *) test_ca_crt,
|
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_crt,
|
||||||
strlen( test_ca_crt ) );
|
strlen( test_ca_crt ) );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -525,14 +525,14 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
#if defined(POLARSSL_FS_IO)
|
#if defined(POLARSSL_FS_IO)
|
||||||
if( strlen( opt.ca_path ) )
|
if( strlen( opt.ca_path ) )
|
||||||
ret = x509parse_crtpath( &cacert, opt.ca_path );
|
ret = x509_crt_parse_path( &cacert, opt.ca_path );
|
||||||
else if( strlen( opt.ca_file ) )
|
else if( strlen( opt.ca_file ) )
|
||||||
ret = x509parse_crtfile( &cacert, opt.ca_file );
|
ret = x509_crt_parse_file( &cacert, opt.ca_file );
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#if defined(POLARSSL_CERTS_C)
|
#if defined(POLARSSL_CERTS_C)
|
||||||
ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt,
|
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_crt,
|
||||||
strlen( test_ca_crt ) );
|
strlen( test_ca_crt ) );
|
||||||
#else
|
#else
|
||||||
{
|
{
|
||||||
ret = 1;
|
ret = 1;
|
||||||
|
@ -541,7 +541,7 @@ int main( int argc, char *argv[] )
|
||||||
#endif
|
#endif
|
||||||
if( ret < 0 )
|
if( ret < 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned -0x%x\n\n", -ret );
|
printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -555,12 +555,12 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
#if defined(POLARSSL_FS_IO)
|
#if defined(POLARSSL_FS_IO)
|
||||||
if( strlen( opt.crt_file ) )
|
if( strlen( opt.crt_file ) )
|
||||||
ret = x509parse_crtfile( &srvcert, opt.crt_file );
|
ret = x509_crt_parse_file( &srvcert, opt.crt_file );
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
#if defined(POLARSSL_CERTS_C)
|
#if defined(POLARSSL_CERTS_C)
|
||||||
ret = x509parse_crt( &srvcert, (const unsigned char *) test_srv_crt,
|
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
|
||||||
strlen( test_srv_crt ) );
|
strlen( test_srv_crt ) );
|
||||||
#else
|
#else
|
||||||
{
|
{
|
||||||
ret = 1;
|
ret = 1;
|
||||||
|
@ -569,7 +569,7 @@ int main( int argc, char *argv[] )
|
||||||
#endif
|
#endif
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned -0x%x\n\n", -ret );
|
printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -777,8 +777,8 @@ reset:
|
||||||
if( ssl_get_peer_cert( &ssl ) )
|
if( ssl_get_peer_cert( &ssl ) )
|
||||||
{
|
{
|
||||||
printf( " . Peer certificate information ...\n" );
|
printf( " . Peer certificate information ...\n" );
|
||||||
x509parse_cert_info( (char *) buf, sizeof( buf ) - 1, " ",
|
x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||||
ssl_get_peer_cert( &ssl ) );
|
ssl_get_peer_cert( &ssl ) );
|
||||||
printf( "%s\n", buf );
|
printf( "%s\n", buf );
|
||||||
}
|
}
|
||||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||||
|
|
|
@ -100,18 +100,18 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Alternatively, you may load the CA certificates from a .pem or
|
* Alternatively, you may load the CA certificates from a .pem or
|
||||||
* .crt file by calling x509parse_crtfile( &cacert, "myca.crt" ).
|
* .crt file by calling x509_crt_parse_file( &cacert, "myca.crt" ).
|
||||||
*/
|
*/
|
||||||
ret = x509parse_crtfile( &cacert, "ssl/test-ca/test-ca.crt" );
|
ret = x509_crt_parse_file( &cacert, "ssl/test-ca/test-ca.crt" );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crtfile returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
printf( " ok\n" );
|
printf( " ok\n" );
|
||||||
|
|
||||||
x509parse_cert_info( buf, 1024, "CRT: ", &cacert );
|
x509_crt_info( buf, 1024, "CRT: ", &cacert );
|
||||||
printf("%s\n", buf );
|
printf("%s\n", buf );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -120,16 +120,16 @@ int main( int argc, char *argv[] )
|
||||||
printf( " . Loading the CRL ..." );
|
printf( " . Loading the CRL ..." );
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
ret = x509parse_crlfile( &crl, "ssl/test-ca/crl.pem" );
|
ret = x509_crl_parse_file( &crl, "ssl/test-ca/crl.pem" );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crlfile returned %d\n\n", ret );
|
printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
printf( " ok\n" );
|
printf( " ok\n" );
|
||||||
|
|
||||||
x509parse_crl_info( buf, 1024, "CRL: ", &crl );
|
x509_crl_info( buf, 1024, "CRL: ", &crl );
|
||||||
printf("%s\n", buf );
|
printf("%s\n", buf );
|
||||||
|
|
||||||
for( i = 0; i < MAX_CLIENT_CERTS; i++ )
|
for( i = 0; i < MAX_CLIENT_CERTS; i++ )
|
||||||
|
@ -150,10 +150,10 @@ int main( int argc, char *argv[] )
|
||||||
printf( " . Loading the client certificate %s...", name );
|
printf( " . Loading the client certificate %s...", name );
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
ret = x509parse_crtfile( &clicert, name );
|
ret = x509_crt_parse_file( &clicert, name );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -165,7 +165,8 @@ int main( int argc, char *argv[] )
|
||||||
printf( " . Verify the client certificate with CA certificate..." );
|
printf( " . Verify the client certificate with CA certificate..." );
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
ret = x509parse_verify( &clicert, &cacert, &crl, NULL, &flags, NULL, NULL );
|
ret = x509_crt_verify( &clicert, &cacert, &crl, NULL, &flags, NULL,
|
||||||
|
NULL );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
if( ret == POLARSSL_ERR_X509_CERT_VERIFY_FAILED )
|
if( ret == POLARSSL_ERR_X509_CERT_VERIFY_FAILED )
|
||||||
|
@ -183,7 +184,7 @@ int main( int argc, char *argv[] )
|
||||||
if( flags & BADCRL_EXPIRED )
|
if( flags & BADCRL_EXPIRED )
|
||||||
printf( " CRL_EXPIRED " );
|
printf( " CRL_EXPIRED " );
|
||||||
} else {
|
} else {
|
||||||
printf( " failed\n ! x509parse_verify returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_verify returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -214,19 +214,19 @@ static int ssl_test( struct options *opt )
|
||||||
printf("POLARSSL_CERTS_C not defined.\n");
|
printf("POLARSSL_CERTS_C not defined.\n");
|
||||||
goto exit;
|
goto exit;
|
||||||
#else
|
#else
|
||||||
ret = x509parse_crt( &srvcert, (const unsigned char *) test_srv_crt,
|
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
|
||||||
strlen( test_srv_crt ) );
|
strlen( test_srv_crt ) );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " ! x509parse_crt returned %d\n\n", ret );
|
printf( " ! x509_crt_parse returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = x509parse_crt( &srvcert, (const unsigned char *) test_ca_crt,
|
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_crt,
|
||||||
strlen( test_ca_crt ) );
|
strlen( test_ca_crt ) );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " ! x509parse_crt returned %d\n\n", ret );
|
printf( " ! x509_crt_parse returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -101,7 +101,7 @@ static int my_verify( void *data, x509_cert *crt, int depth, int *flags )
|
||||||
((void) data);
|
((void) data);
|
||||||
|
|
||||||
printf( "\nVerify requested for (Depth %d):\n", depth );
|
printf( "\nVerify requested for (Depth %d):\n", depth );
|
||||||
x509parse_cert_info( buf, sizeof( buf ) - 1, "", crt );
|
x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
|
||||||
printf( "%s", buf );
|
printf( "%s", buf );
|
||||||
|
|
||||||
if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
|
if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
|
||||||
|
@ -248,18 +248,18 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
if( strlen( opt.ca_path ) )
|
if( strlen( opt.ca_path ) )
|
||||||
{
|
{
|
||||||
ret = x509parse_crtpath( &cacert, opt.ca_path );
|
ret = x509_crt_parse_path( &cacert, opt.ca_path );
|
||||||
verify = 1;
|
verify = 1;
|
||||||
}
|
}
|
||||||
else if( strlen( opt.ca_file ) )
|
else if( strlen( opt.ca_file ) )
|
||||||
{
|
{
|
||||||
ret = x509parse_crtfile( &cacert, opt.ca_file );
|
ret = x509_crt_parse_file( &cacert, opt.ca_file );
|
||||||
verify = 1;
|
verify = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ret < 0 )
|
if( ret < 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned -0x%x\n\n", -ret );
|
printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -277,18 +277,18 @@ int main( int argc, char *argv[] )
|
||||||
printf( "\n . Loading the certificate(s) ..." );
|
printf( "\n . Loading the certificate(s) ..." );
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
ret = x509parse_crtfile( &crt, opt.filename );
|
ret = x509_crt_parse_file( &crt, opt.filename );
|
||||||
|
|
||||||
if( ret < 0 )
|
if( ret < 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||||
x509_crt_free( &crt );
|
x509_crt_free( &crt );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( opt.permissive == 0 && ret > 0 )
|
if( opt.permissive == 0 && ret > 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crt failed to parse %d certificates\n\n", ret );
|
printf( " failed\n ! x509_crt_parse failed to parse %d certificates\n\n", ret );
|
||||||
x509_crt_free( &crt );
|
x509_crt_free( &crt );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
@ -301,10 +301,11 @@ int main( int argc, char *argv[] )
|
||||||
while( cur != NULL )
|
while( cur != NULL )
|
||||||
{
|
{
|
||||||
printf( " . Peer certificate information ...\n" );
|
printf( " . Peer certificate information ...\n" );
|
||||||
ret = x509parse_cert_info( (char *) buf, sizeof( buf ) - 1, " ", cur );
|
ret = x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||||
|
cur );
|
||||||
if( ret == -1 )
|
if( ret == -1 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_cert_info returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
|
||||||
x509_crt_free( &crt );
|
x509_crt_free( &crt );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
@ -321,8 +322,8 @@ int main( int argc, char *argv[] )
|
||||||
{
|
{
|
||||||
printf( " . Verifying X.509 certificate..." );
|
printf( " . Verifying X.509 certificate..." );
|
||||||
|
|
||||||
if( ( ret = x509parse_verify( &crt, &cacert, NULL, NULL, &flags,
|
if( ( ret = x509_crt_verify( &crt, &cacert, NULL, NULL, &flags,
|
||||||
my_verify, NULL ) ) != 0 )
|
my_verify, NULL ) ) != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n" );
|
printf( " failed\n" );
|
||||||
|
|
||||||
|
@ -426,11 +427,11 @@ int main( int argc, char *argv[] )
|
||||||
* 5. Print the certificate
|
* 5. Print the certificate
|
||||||
*/
|
*/
|
||||||
printf( " . Peer certificate information ...\n" );
|
printf( " . Peer certificate information ...\n" );
|
||||||
ret = x509parse_cert_info( (char *) buf, sizeof( buf ) - 1, " ",
|
ret = x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
|
||||||
ssl.session->peer_cert );
|
ssl.session->peer_cert );
|
||||||
if( ret == -1 )
|
if( ret == -1 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_cert_info returned %d\n\n", ret );
|
printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
|
||||||
ssl_free( &ssl );
|
ssl_free( &ssl );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
|
@ -409,10 +409,10 @@ int main( int argc, char *argv[] )
|
||||||
printf( " . Loading the issuer certificate ..." );
|
printf( " . Loading the issuer certificate ..." );
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
if( ( ret = x509parse_crtfile( &issuer_crt, opt.issuer_crt ) ) != 0 )
|
if( ( ret = x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 )
|
||||||
{
|
{
|
||||||
error_strerror( ret, buf, 1024 );
|
error_strerror( ret, buf, 1024 );
|
||||||
printf( " failed\n ! x509parse_crtfile returned -0x%02x - %s\n\n", -ret, buf );
|
printf( " failed\n ! x509_crt_parse_file returned -0x%02x - %s\n\n", -ret, buf );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -441,10 +441,10 @@ int main( int argc, char *argv[] )
|
||||||
printf( " . Loading the certificate request ..." );
|
printf( " . Loading the certificate request ..." );
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
if( ( ret = x509parse_csrfile( &csr, opt.request_file ) ) != 0 )
|
if( ( ret = x509_csr_parse_file( &csr, opt.request_file ) ) != 0 )
|
||||||
{
|
{
|
||||||
error_strerror( ret, buf, 1024 );
|
error_strerror( ret, buf, 1024 );
|
||||||
printf( " failed\n ! x509parse_csrfile returned -0x%02x - %s\n\n", -ret, buf );
|
printf( " failed\n ! x509_csr_parse_file returned -0x%02x - %s\n\n", -ret, buf );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -114,11 +114,11 @@ int main( int argc, char *argv[] )
|
||||||
printf( "\n . Loading the CRL ..." );
|
printf( "\n . Loading the CRL ..." );
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
ret = x509parse_crlfile( &crl, opt.filename );
|
ret = x509_crl_parse_file( &crl, opt.filename );
|
||||||
|
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crl returned %d\n\n", ret );
|
printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
|
||||||
x509_crl_free( &crl );
|
x509_crl_free( &crl );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
@ -129,10 +129,10 @@ int main( int argc, char *argv[] )
|
||||||
* 1.2 Print the CRL
|
* 1.2 Print the CRL
|
||||||
*/
|
*/
|
||||||
printf( " . CRL information ...\n" );
|
printf( " . CRL information ...\n" );
|
||||||
ret = x509parse_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
|
ret = x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
|
||||||
if( ret == -1 )
|
if( ret == -1 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_crl_info returned %d\n\n", ret );
|
printf( " failed\n ! x509_crl_info returned %d\n\n", ret );
|
||||||
x509_crl_free( &crl );
|
x509_crl_free( &crl );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
|
@ -114,11 +114,11 @@ int main( int argc, char *argv[] )
|
||||||
printf( "\n . Loading the CSR ..." );
|
printf( "\n . Loading the CSR ..." );
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
ret = x509parse_csrfile( &csr, opt.filename );
|
ret = x509_csr_parse_file( &csr, opt.filename );
|
||||||
|
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_csr returned %d\n\n", ret );
|
printf( " failed\n ! x509_csr_parse_file returned %d\n\n", ret );
|
||||||
x509_csr_free( &csr );
|
x509_csr_free( &csr );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
@ -129,10 +129,10 @@ int main( int argc, char *argv[] )
|
||||||
* 1.2 Print the CSR
|
* 1.2 Print the CSR
|
||||||
*/
|
*/
|
||||||
printf( " . CSR information ...\n" );
|
printf( " . CSR information ...\n" );
|
||||||
ret = x509parse_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
|
ret = x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
|
||||||
if( ret == -1 )
|
if( ret == -1 )
|
||||||
{
|
{
|
||||||
printf( " failed\n ! x509parse_csr_info returned %d\n\n", ret );
|
printf( " failed\n ! x509_csr_info returned %d\n\n", ret );
|
||||||
x509_csr_free( &csr );
|
x509_csr_free( &csr );
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,7 +37,7 @@ void debug_print_crt( char *crt_file, char *file, int line, char *prefix,
|
||||||
|
|
||||||
ssl_set_dbg(&ssl, string_debug, &buffer);
|
ssl_set_dbg(&ssl, string_debug, &buffer);
|
||||||
|
|
||||||
TEST_ASSERT( x509parse_crtfile( &crt, crt_file ) == 0 );
|
TEST_ASSERT( x509_crt_parse_file( &crt, crt_file ) == 0 );
|
||||||
debug_print_crt( &ssl, 0, file, line, prefix, &crt);
|
debug_print_crt( &ssl, 0, file, line, prefix, &crt);
|
||||||
|
|
||||||
TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
|
TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
|
||||||
|
|
|
@ -41,8 +41,8 @@ void x509_cert_info( char *crt_file, char *result_str )
|
||||||
x509_crt_init( &crt );
|
x509_crt_init( &crt );
|
||||||
memset( buf, 0, 2000 );
|
memset( buf, 0, 2000 );
|
||||||
|
|
||||||
TEST_ASSERT( x509parse_crtfile( &crt, crt_file ) == 0 );
|
TEST_ASSERT( x509_crt_parse_file( &crt, crt_file ) == 0 );
|
||||||
res = x509parse_cert_info( buf, 2000, "", &crt );
|
res = x509_crt_info( buf, 2000, "", &crt );
|
||||||
|
|
||||||
x509_crt_free( &crt );
|
x509_crt_free( &crt );
|
||||||
|
|
||||||
|
@ -63,8 +63,8 @@ void x509_crl_info( char *crl_file, char *result_str )
|
||||||
x509_crl_init( &crl );
|
x509_crl_init( &crl );
|
||||||
memset( buf, 0, 2000 );
|
memset( buf, 0, 2000 );
|
||||||
|
|
||||||
TEST_ASSERT( x509parse_crlfile( &crl, crl_file ) == 0 );
|
TEST_ASSERT( x509_crl_parse_file( &crl, crl_file ) == 0 );
|
||||||
res = x509parse_crl_info( buf, 2000, "", &crl );
|
res = x509_crl_info( buf, 2000, "", &crl );
|
||||||
|
|
||||||
x509_crl_free( &crl );
|
x509_crl_free( &crl );
|
||||||
|
|
||||||
|
@ -104,11 +104,11 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
|
||||||
else
|
else
|
||||||
TEST_ASSERT( "No known verify callback selected" == 0 );
|
TEST_ASSERT( "No known verify callback selected" == 0 );
|
||||||
|
|
||||||
TEST_ASSERT( x509parse_crtfile( &crt, crt_file ) == 0 );
|
TEST_ASSERT( x509_crt_parse_file( &crt, crt_file ) == 0 );
|
||||||
TEST_ASSERT( x509parse_crtfile( &ca, ca_file ) == 0 );
|
TEST_ASSERT( x509_crt_parse_file( &ca, ca_file ) == 0 );
|
||||||
TEST_ASSERT( x509parse_crlfile( &crl, crl_file ) == 0 );
|
TEST_ASSERT( x509_crl_parse_file( &crl, crl_file ) == 0 );
|
||||||
|
|
||||||
res = x509parse_verify( &crt, &ca, &crl, cn_name, &flags, f_vrfy, NULL );
|
res = x509_crt_verify( &crt, &ca, &crl, cn_name, &flags, f_vrfy, NULL );
|
||||||
|
|
||||||
x509_crt_free( &crt );
|
x509_crt_free( &crt );
|
||||||
x509_crt_free( &ca );
|
x509_crt_free( &ca );
|
||||||
|
@ -129,7 +129,7 @@ void x509_dn_gets( char *crt_file, char *entity, char *result_str )
|
||||||
x509_crt_init( &crt );
|
x509_crt_init( &crt );
|
||||||
memset( buf, 0, 2000 );
|
memset( buf, 0, 2000 );
|
||||||
|
|
||||||
TEST_ASSERT( x509parse_crtfile( &crt, crt_file ) == 0 );
|
TEST_ASSERT( x509_crt_parse_file( &crt, crt_file ) == 0 );
|
||||||
if( strcmp( entity, "subject" ) == 0 )
|
if( strcmp( entity, "subject" ) == 0 )
|
||||||
res = x509_dn_gets( buf, 2000, &crt.subject );
|
res = x509_dn_gets( buf, 2000, &crt.subject );
|
||||||
else if( strcmp( entity, "issuer" ) == 0 )
|
else if( strcmp( entity, "issuer" ) == 0 )
|
||||||
|
@ -153,7 +153,7 @@ void x509_time_expired( char *crt_file, char *entity, int result )
|
||||||
|
|
||||||
x509_crt_init( &crt );
|
x509_crt_init( &crt );
|
||||||
|
|
||||||
TEST_ASSERT( x509parse_crtfile( &crt, crt_file ) == 0 );
|
TEST_ASSERT( x509_crt_parse_file( &crt, crt_file ) == 0 );
|
||||||
|
|
||||||
if( strcmp( entity, "valid_from" ) == 0 )
|
if( strcmp( entity, "valid_from" ) == 0 )
|
||||||
TEST_ASSERT( x509_time_expired( &crt.valid_from ) == result );
|
TEST_ASSERT( x509_time_expired( &crt.valid_from ) == result );
|
||||||
|
@ -180,10 +180,10 @@ void x509parse_crt( char *crt_data, char *result_str, int result )
|
||||||
|
|
||||||
data_len = unhexify( buf, crt_data );
|
data_len = unhexify( buf, crt_data );
|
||||||
|
|
||||||
TEST_ASSERT( x509parse_crt( &crt, buf, data_len ) == ( result ) );
|
TEST_ASSERT( x509_crt_parse( &crt, buf, data_len ) == ( result ) );
|
||||||
if( ( result ) == 0 )
|
if( ( result ) == 0 )
|
||||||
{
|
{
|
||||||
res = x509parse_cert_info( (char *) output, 2000, "", &crt );
|
res = x509_crt_info( (char *) output, 2000, "", &crt );
|
||||||
|
|
||||||
TEST_ASSERT( res != -1 );
|
TEST_ASSERT( res != -1 );
|
||||||
TEST_ASSERT( res != -2 );
|
TEST_ASSERT( res != -2 );
|
||||||
|
@ -209,10 +209,10 @@ void x509parse_crl( char *crl_data, char *result_str, int result )
|
||||||
|
|
||||||
data_len = unhexify( buf, crl_data );
|
data_len = unhexify( buf, crl_data );
|
||||||
|
|
||||||
TEST_ASSERT( x509parse_crl( &crl, buf, data_len ) == ( result ) );
|
TEST_ASSERT( x509_crl_parse( &crl, buf, data_len ) == ( result ) );
|
||||||
if( ( result ) == 0 )
|
if( ( result ) == 0 )
|
||||||
{
|
{
|
||||||
res = x509parse_crl_info( (char *) output, 2000, "", &crl );
|
res = x509_crl_info( (char *) output, 2000, "", &crl );
|
||||||
|
|
||||||
TEST_ASSERT( res != -1 );
|
TEST_ASSERT( res != -1 );
|
||||||
TEST_ASSERT( res != -2 );
|
TEST_ASSERT( res != -2 );
|
||||||
|
|
Loading…
Reference in a new issue