ssl_client2: Fail gracefully if no PEM-encoded CRTs are available

This commit is contained in:
Hanno Becker 2019-03-05 16:10:27 +00:00
parent f74f5ce88d
commit 37e7db23d3

View File

@ -1085,7 +1085,7 @@ int main( int argc, char *argv[] )
ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C) #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) for( i = 0; mbedtls_test_cas[i] != NULL; i++ )
{ {
ret = mbedtls_x509_crt_parse( &cacert, ret = mbedtls_x509_crt_parse( &cacert,
@ -1097,9 +1097,13 @@ int main( int argc, char *argv[] )
#else #else
{ {
ret = 1; ret = 1;
mbedtls_printf("MBEDTLS_CERTS_C not defined."); #if !defined(MBEDTLS_CERTS_C)
mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
#else
mbedtls_printf( "All test CRTs loaded via MBEDTLS_CERTS_C are PEM-encoded, but MBEDTLS_PEM_PARSE_C is disabled." );
} }
#endif #endif /* MBEDTLS_CERTS_C */
#endif /* MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C */
if( ret < 0 ) if( ret < 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
@ -1124,15 +1128,19 @@ int main( int argc, char *argv[] )
ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C) #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt,
mbedtls_test_cli_crt_len ); mbedtls_test_cli_crt_len );
#else #else
{ {
ret = 1; ret = 1;
mbedtls_printf("MBEDTLS_CERTS_C not defined."); #if !defined(MBEDTLS_CERTS_C)
mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
#else
mbedtls_printf( "All test CRTs loaded via MBEDTLS_CERTS_C are PEM-encoded, but MBEDTLS_PEM_PARSE_C is disabled." );
} }
#endif #endif /* MBEDTLS_CERTS_C */
#endif /* MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C */
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret ); mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
@ -1147,15 +1155,19 @@ int main( int argc, char *argv[] )
ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" );
else else
#endif #endif
#if defined(MBEDTLS_CERTS_C) #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C)
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key,
mbedtls_test_cli_key_len, NULL, 0 ); mbedtls_test_cli_key_len, NULL, 0 );
#else #else
{ {
ret = 1; ret = 1;
mbedtls_printf("MBEDTLS_CERTS_C not defined."); #if !defined(MBEDTLS_CERTS_C)
mbedtls_printf( "MBEDTLS_CERTS_C not defined." );
#else
mbedtls_printf( "All test keys loaded via MBEDTLS_CERTS_C are PEM-encoded, but MBEDTLS_PEM_PARSE_C is disabled." );
} }
#endif #endif /* MBEDTLS_CERTS_C */
#endif /* MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C */
if( ret != 0 ) if( ret != 0 )
{ {
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", -ret ); mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", -ret );