mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 14:55:40 +01:00
Test and fix x509_oid functions
This commit is contained in:
parent
6c1a73e061
commit
7afdb88216
@ -19,6 +19,8 @@ Bugfix
|
|||||||
Gergely Budai).
|
Gergely Budai).
|
||||||
* Fix #include path in ecdsa.h which wasn't accepted by some compilers.
|
* Fix #include path in ecdsa.h which wasn't accepted by some compilers.
|
||||||
(found by Gergely Budai)
|
(found by Gergely Budai)
|
||||||
|
* oid_get_numeric_string() used to truncate the output without returning an
|
||||||
|
error if the output buffer was just 1 byte too small.
|
||||||
|
|
||||||
= PolarSSL 1.3.5 released on 2014-03-26
|
= PolarSSL 1.3.5 released on 2014-03-26
|
||||||
Features
|
Features
|
||||||
|
@ -60,7 +60,7 @@
|
|||||||
* CAMELLIA 2 0x0024-0x0026
|
* CAMELLIA 2 0x0024-0x0026
|
||||||
* XTEA 1 0x0028-0x0028
|
* XTEA 1 0x0028-0x0028
|
||||||
* BASE64 2 0x002A-0x002C
|
* BASE64 2 0x002A-0x002C
|
||||||
* OID 1 0x002E-0x002E
|
* OID 1 0x002E-0x002E 0x000B-0x000B
|
||||||
* PADLOCK 1 0x0030-0x0030
|
* PADLOCK 1 0x0030-0x0030
|
||||||
* DES 1 0x0032-0x0032
|
* DES 1 0x0032-0x0032
|
||||||
* CTR_DBRG 4 0x0034-0x003A
|
* CTR_DBRG 4 0x0034-0x003A
|
||||||
|
@ -44,6 +44,7 @@
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define POLARSSL_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
|
#define POLARSSL_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
|
||||||
|
#define POLARSSL_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Top level OID tuples
|
* Top level OID tuples
|
||||||
@ -376,7 +377,8 @@ typedef struct {
|
|||||||
* \param size size of the buffer
|
* \param size size of the buffer
|
||||||
* \param oid OID to translate
|
* \param oid OID to translate
|
||||||
*
|
*
|
||||||
* \return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL or actual length used
|
* \return Length of the string written (excluding final NULL) or
|
||||||
|
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
|
||||||
*/
|
*/
|
||||||
int oid_get_numeric_string( char *buf, size_t size, const asn1_buf *oid );
|
int oid_get_numeric_string( char *buf, size_t size, const asn1_buf *oid );
|
||||||
|
|
||||||
|
@ -212,6 +212,8 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial );
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Give an known OID, return its descriptive string.
|
* \brief Give an known OID, return its descriptive string.
|
||||||
|
* (Deprecated. Use oid_get_extended_key_usage() instead.)
|
||||||
|
* Warning: only works for extended_key_usage OIDs!
|
||||||
*
|
*
|
||||||
* \param oid buffer containing the oid
|
* \param oid buffer containing the oid
|
||||||
*
|
*
|
||||||
@ -228,8 +230,8 @@ const char *x509_oid_get_description( x509_buf *oid );
|
|||||||
* \param size Maximum size of buffer
|
* \param size Maximum size of buffer
|
||||||
* \param oid Buffer containing the OID
|
* \param oid Buffer containing the OID
|
||||||
*
|
*
|
||||||
* \return The amount of data written to the buffer, or -1 in
|
* \return Length of the string written (exluding final NULL) or
|
||||||
* case of an error.
|
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
|
||||||
*/
|
*/
|
||||||
int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid );
|
int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid );
|
||||||
|
|
||||||
|
@ -655,6 +655,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
|
|||||||
#if defined(POLARSSL_OID_C)
|
#if defined(POLARSSL_OID_C)
|
||||||
if( use_ret == -(POLARSSL_ERR_OID_NOT_FOUND) )
|
if( use_ret == -(POLARSSL_ERR_OID_NOT_FOUND) )
|
||||||
snprintf( buf, buflen, "OID - OID is not found" );
|
snprintf( buf, buflen, "OID - OID is not found" );
|
||||||
|
if( use_ret == -(POLARSSL_ERR_OID_BUF_TOO_SMALL) )
|
||||||
|
snprintf( buf, buflen, "OID - output buffer is too small" );
|
||||||
#endif /* POLARSSL_OID_C */
|
#endif /* POLARSSL_OID_C */
|
||||||
|
|
||||||
#if defined(POLARSSL_PADLOCK_C)
|
#if defined(POLARSSL_PADLOCK_C)
|
||||||
|
@ -590,16 +590,14 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...)
|
|||||||
#define snprintf compat_snprintf
|
#define snprintf compat_snprintf
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
|
|
||||||
|
|
||||||
#define SAFE_SNPRINTF() \
|
#define SAFE_SNPRINTF() \
|
||||||
{ \
|
{ \
|
||||||
if( ret == -1 ) \
|
if( ret == -1 ) \
|
||||||
return( -1 ); \
|
return POLARSSL_ERR_OID_BUF_TOO_SMALL; \
|
||||||
\
|
\
|
||||||
if ( (unsigned int) ret > n ) { \
|
if ( (unsigned int) ret >= n ) { \
|
||||||
p[n - 1] = '\0'; \
|
p[n - 1] = '\0'; \
|
||||||
return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
|
return POLARSSL_ERR_OID_BUF_TOO_SMALL; \
|
||||||
} \
|
} \
|
||||||
\
|
\
|
||||||
n -= (unsigned int) ret; \
|
n -= (unsigned int) ret; \
|
||||||
@ -630,7 +628,7 @@ int oid_get_numeric_string( char *buf, size_t size,
|
|||||||
{
|
{
|
||||||
/* Prevent overflow in value. */
|
/* Prevent overflow in value. */
|
||||||
if ( ( ( value << 7 ) >> 7 ) != value )
|
if ( ( ( value << 7 ) >> 7 ) != value )
|
||||||
return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL );
|
return( POLARSSL_ERR_OID_BUF_TOO_SMALL );
|
||||||
|
|
||||||
value <<= 7;
|
value <<= 7;
|
||||||
value += oid->p[i] & 0x7F;
|
value += oid->p[i] & 0x7F;
|
||||||
|
@ -802,3 +802,27 @@ x509_crt_parse_path:"data_files/dir2":0:2
|
|||||||
X509 CRT parse path #4 (two certs, one non-cert)
|
X509 CRT parse path #4 (two certs, one non-cert)
|
||||||
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_SHA256_C:POLARSSL_ECDSA_C:POLARSSL_ECP_DP_SECP384R1_ENABLED
|
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_SHA256_C:POLARSSL_ECDSA_C:POLARSSL_ECP_DP_SECP384R1_ENABLED
|
||||||
x509_crt_parse_path:"data_files/dir3":1:2
|
x509_crt_parse_path:"data_files/dir3":1:2
|
||||||
|
|
||||||
|
X509 OID description #1
|
||||||
|
x509_oid_desc:"2B06010505070301":"TLS Web Server Authentication"
|
||||||
|
|
||||||
|
X509 OID description #2
|
||||||
|
x509_oid_desc:"2B0601050507030f":"notfound"
|
||||||
|
|
||||||
|
X509 OID description #3
|
||||||
|
x509_oid_desc:"2B0601050507030100":"notfound"
|
||||||
|
|
||||||
|
X509 OID numstring #1 (wide buffer)
|
||||||
|
x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":20:17
|
||||||
|
|
||||||
|
X509 OID numstring #2 (buffer just fits)
|
||||||
|
x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":18:17
|
||||||
|
|
||||||
|
X509 OID numstring #3 (buffer too small)
|
||||||
|
x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":17:POLARSSL_ERR_OID_BUF_TOO_SMALL
|
||||||
|
|
||||||
|
X509 OID numstring #4 (larger number)
|
||||||
|
x509_oid_numstr:"2A864886F70D":"1.2.840.113549":15:14
|
||||||
|
|
||||||
|
X509 OID numstring #5 (arithmetic overflow)
|
||||||
|
x509_oid_numstr:"2A8648F9F8F7F6F5F4F3F2F1F001":"":100:POLARSSL_ERR_OID_BUF_TOO_SMALL
|
||||||
|
@ -265,6 +265,57 @@ void x509_crt_parse_path( char *crt_path, int ret, int nb_crt )
|
|||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
|
/* BEGIN_CASE */
|
||||||
|
void x509_oid_desc( char *oid_str, char *ref_desc )
|
||||||
|
{
|
||||||
|
x509_buf oid;
|
||||||
|
const char *desc;
|
||||||
|
unsigned char buf[20];
|
||||||
|
|
||||||
|
memset( buf, 0, sizeof buf );
|
||||||
|
|
||||||
|
oid.tag = ASN1_OID;
|
||||||
|
oid.len = unhexify( buf, oid_str );
|
||||||
|
oid.p = buf;
|
||||||
|
|
||||||
|
desc = x509_oid_get_description( &oid );
|
||||||
|
|
||||||
|
if( strcmp( ref_desc, "notfound" ) == 0 )
|
||||||
|
TEST_ASSERT( desc == NULL );
|
||||||
|
else
|
||||||
|
{
|
||||||
|
TEST_ASSERT( desc != NULL );
|
||||||
|
TEST_ASSERT( strcmp( desc, ref_desc ) == 0 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
/* END_CASE */
|
||||||
|
|
||||||
|
/* BEGIN_CASE */
|
||||||
|
void x509_oid_numstr( char *oid_str, char *numstr, int blen, int ret )
|
||||||
|
{
|
||||||
|
x509_buf oid;
|
||||||
|
unsigned char oid_buf[20];
|
||||||
|
char num_buf[100];
|
||||||
|
|
||||||
|
memset( oid_buf, 0x00, sizeof oid_buf );
|
||||||
|
memset( num_buf, 0x2a, sizeof num_buf );
|
||||||
|
|
||||||
|
oid.tag = ASN1_OID;
|
||||||
|
oid.len = unhexify( oid_buf, oid_str );
|
||||||
|
oid.p = oid_buf;
|
||||||
|
|
||||||
|
TEST_ASSERT( (size_t) blen <= sizeof num_buf );
|
||||||
|
|
||||||
|
TEST_ASSERT( x509_oid_get_numeric_string( num_buf, blen, &oid ) == ret );
|
||||||
|
|
||||||
|
if( ret >= 0 )
|
||||||
|
{
|
||||||
|
TEST_ASSERT( num_buf[ret] == 0 );
|
||||||
|
TEST_ASSERT( strcmp( num_buf, numstr ) == 0 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_SELF_TEST */
|
/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_SELF_TEST */
|
||||||
void x509_selftest()
|
void x509_selftest()
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user