mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 16:05:43 +01:00
Test and fix x509_oid functions
This commit is contained in:
parent
6c1a73e061
commit
7afdb88216
@ -19,6 +19,8 @@ Bugfix
|
||||
Gergely Budai).
|
||||
* Fix #include path in ecdsa.h which wasn't accepted by some compilers.
|
||||
(found by Gergely Budai)
|
||||
* oid_get_numeric_string() used to truncate the output without returning an
|
||||
error if the output buffer was just 1 byte too small.
|
||||
|
||||
= PolarSSL 1.3.5 released on 2014-03-26
|
||||
Features
|
||||
|
@ -60,7 +60,7 @@
|
||||
* CAMELLIA 2 0x0024-0x0026
|
||||
* XTEA 1 0x0028-0x0028
|
||||
* BASE64 2 0x002A-0x002C
|
||||
* OID 1 0x002E-0x002E
|
||||
* OID 1 0x002E-0x002E 0x000B-0x000B
|
||||
* PADLOCK 1 0x0030-0x0030
|
||||
* DES 1 0x0032-0x0032
|
||||
* CTR_DBRG 4 0x0034-0x003A
|
||||
|
@ -44,6 +44,7 @@
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
|
||||
#define POLARSSL_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */
|
||||
|
||||
/*
|
||||
* Top level OID tuples
|
||||
@ -376,7 +377,8 @@ typedef struct {
|
||||
* \param size size of the buffer
|
||||
* \param oid OID to translate
|
||||
*
|
||||
* \return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL or actual length used
|
||||
* \return Length of the string written (excluding final NULL) or
|
||||
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
|
||||
*/
|
||||
int oid_get_numeric_string( char *buf, size_t size, const asn1_buf *oid );
|
||||
|
||||
|
@ -212,6 +212,8 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial );
|
||||
|
||||
/**
|
||||
* \brief Give an known OID, return its descriptive string.
|
||||
* (Deprecated. Use oid_get_extended_key_usage() instead.)
|
||||
* Warning: only works for extended_key_usage OIDs!
|
||||
*
|
||||
* \param oid buffer containing the oid
|
||||
*
|
||||
@ -228,8 +230,8 @@ const char *x509_oid_get_description( x509_buf *oid );
|
||||
* \param size Maximum size of buffer
|
||||
* \param oid Buffer containing the OID
|
||||
*
|
||||
* \return The amount of data written to the buffer, or -1 in
|
||||
* case of an error.
|
||||
* \return Length of the string written (exluding final NULL) or
|
||||
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
|
||||
*/
|
||||
int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid );
|
||||
|
||||
|
@ -655,6 +655,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
|
||||
#if defined(POLARSSL_OID_C)
|
||||
if( use_ret == -(POLARSSL_ERR_OID_NOT_FOUND) )
|
||||
snprintf( buf, buflen, "OID - OID is not found" );
|
||||
if( use_ret == -(POLARSSL_ERR_OID_BUF_TOO_SMALL) )
|
||||
snprintf( buf, buflen, "OID - output buffer is too small" );
|
||||
#endif /* POLARSSL_OID_C */
|
||||
|
||||
#if defined(POLARSSL_PADLOCK_C)
|
||||
|
@ -590,16 +590,14 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...)
|
||||
#define snprintf compat_snprintf
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
|
||||
|
||||
#define SAFE_SNPRINTF() \
|
||||
{ \
|
||||
if( ret == -1 ) \
|
||||
return( -1 ); \
|
||||
return POLARSSL_ERR_OID_BUF_TOO_SMALL; \
|
||||
\
|
||||
if ( (unsigned int) ret > n ) { \
|
||||
if ( (unsigned int) ret >= n ) { \
|
||||
p[n - 1] = '\0'; \
|
||||
return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
|
||||
return POLARSSL_ERR_OID_BUF_TOO_SMALL; \
|
||||
} \
|
||||
\
|
||||
n -= (unsigned int) ret; \
|
||||
@ -630,7 +628,7 @@ int oid_get_numeric_string( char *buf, size_t size,
|
||||
{
|
||||
/* Prevent overflow in value. */
|
||||
if ( ( ( value << 7 ) >> 7 ) != value )
|
||||
return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL );
|
||||
return( POLARSSL_ERR_OID_BUF_TOO_SMALL );
|
||||
|
||||
value <<= 7;
|
||||
value += oid->p[i] & 0x7F;
|
||||
|
@ -802,3 +802,27 @@ x509_crt_parse_path:"data_files/dir2":0:2
|
||||
X509 CRT parse path #4 (two certs, one non-cert)
|
||||
depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_SHA256_C:POLARSSL_ECDSA_C:POLARSSL_ECP_DP_SECP384R1_ENABLED
|
||||
x509_crt_parse_path:"data_files/dir3":1:2
|
||||
|
||||
X509 OID description #1
|
||||
x509_oid_desc:"2B06010505070301":"TLS Web Server Authentication"
|
||||
|
||||
X509 OID description #2
|
||||
x509_oid_desc:"2B0601050507030f":"notfound"
|
||||
|
||||
X509 OID description #3
|
||||
x509_oid_desc:"2B0601050507030100":"notfound"
|
||||
|
||||
X509 OID numstring #1 (wide buffer)
|
||||
x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":20:17
|
||||
|
||||
X509 OID numstring #2 (buffer just fits)
|
||||
x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":18:17
|
||||
|
||||
X509 OID numstring #3 (buffer too small)
|
||||
x509_oid_numstr:"2B06010505070301":"1.3.6.1.5.5.7.3.1":17:POLARSSL_ERR_OID_BUF_TOO_SMALL
|
||||
|
||||
X509 OID numstring #4 (larger number)
|
||||
x509_oid_numstr:"2A864886F70D":"1.2.840.113549":15:14
|
||||
|
||||
X509 OID numstring #5 (arithmetic overflow)
|
||||
x509_oid_numstr:"2A8648F9F8F7F6F5F4F3F2F1F001":"":100:POLARSSL_ERR_OID_BUF_TOO_SMALL
|
||||
|
@ -265,6 +265,57 @@ void x509_crt_parse_path( char *crt_path, int ret, int nb_crt )
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void x509_oid_desc( char *oid_str, char *ref_desc )
|
||||
{
|
||||
x509_buf oid;
|
||||
const char *desc;
|
||||
unsigned char buf[20];
|
||||
|
||||
memset( buf, 0, sizeof buf );
|
||||
|
||||
oid.tag = ASN1_OID;
|
||||
oid.len = unhexify( buf, oid_str );
|
||||
oid.p = buf;
|
||||
|
||||
desc = x509_oid_get_description( &oid );
|
||||
|
||||
if( strcmp( ref_desc, "notfound" ) == 0 )
|
||||
TEST_ASSERT( desc == NULL );
|
||||
else
|
||||
{
|
||||
TEST_ASSERT( desc != NULL );
|
||||
TEST_ASSERT( strcmp( desc, ref_desc ) == 0 );
|
||||
}
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void x509_oid_numstr( char *oid_str, char *numstr, int blen, int ret )
|
||||
{
|
||||
x509_buf oid;
|
||||
unsigned char oid_buf[20];
|
||||
char num_buf[100];
|
||||
|
||||
memset( oid_buf, 0x00, sizeof oid_buf );
|
||||
memset( num_buf, 0x2a, sizeof num_buf );
|
||||
|
||||
oid.tag = ASN1_OID;
|
||||
oid.len = unhexify( oid_buf, oid_str );
|
||||
oid.p = oid_buf;
|
||||
|
||||
TEST_ASSERT( (size_t) blen <= sizeof num_buf );
|
||||
|
||||
TEST_ASSERT( x509_oid_get_numeric_string( num_buf, blen, &oid ) == ret );
|
||||
|
||||
if( ret >= 0 )
|
||||
{
|
||||
TEST_ASSERT( num_buf[ret] == 0 );
|
||||
TEST_ASSERT( strcmp( num_buf, numstr ) == 0 );
|
||||
}
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_SELF_TEST */
|
||||
void x509_selftest()
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user