mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 00:55:39 +01:00
Renamed x509_cert structure to x509_crt for consistency
This commit is contained in:
Paul Bakker
parent
9556d3d650
commit
c559c7a680
@ -203,6 +203,8 @@ inline int x509parse_time_expired( const x509_time *time ) {
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
#define POLARSSL_X509_PARSE_C
|
||||
#include "x509_crt.h"
|
||||
typedef x509_crt x509_cert;
|
||||
|
||||
inline int x509parse_crt_der( x509_cert *chain, const unsigned char *buf,
|
||||
size_t buflen ) {
|
||||
return x509_crt_parse_der( chain, buf, buflen );
|
||||
|
||||
@ -102,7 +102,7 @@ void debug_print_ecp( const ssl_context *ssl, int level,
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
void debug_print_crt( const ssl_context *ssl, int level,
|
||||
const char *file, int line,
|
||||
const char *text, const x509_cert *crt );
|
||||
const char *text, const x509_crt *crt );
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
||||
@ -33,7 +33,7 @@
|
||||
|
||||
#if defined(POLARSSL_PKCS11_C)
|
||||
|
||||
#include "x509.h"
|
||||
#include "x509_crt.h"
|
||||
|
||||
#include <pkcs11-helper-1.0/pkcs11h-certificate.h>
|
||||
|
||||
@ -65,7 +65,7 @@ typedef struct {
|
||||
*
|
||||
* \return 0 on success.
|
||||
*/
|
||||
int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11h_cert );
|
||||
int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
|
||||
|
||||
/**
|
||||
* Initialise a pkcs11_context, storing the given certificate. Note that the
|
||||
|
||||
@ -411,7 +411,7 @@ struct _ssl_session
|
||||
unsigned char master[48]; /*!< the master secret */
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
x509_cert *peer_cert; /*!< peer X.509 cert chain */
|
||||
x509_crt *peer_cert; /*!< peer X.509 cert chain */
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||
int verify_result; /*!< verification result */
|
||||
|
||||
@ -584,7 +584,7 @@ struct _ssl_context
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
int (*f_vrfy)(void *, x509_cert *, int, int *);
|
||||
int (*f_vrfy)(void *, x509_crt *, int, int *);
|
||||
void *p_vrfy; /*!< context for verification */
|
||||
#endif
|
||||
|
||||
@ -647,8 +647,8 @@ struct _ssl_context
|
||||
int pk_key_own_alloc; /*!< did we allocate pk_key? */
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
x509_cert *own_cert; /*!< own X.509 certificate */
|
||||
x509_cert *ca_chain; /*!< own trusted CA chain */
|
||||
x509_crt *own_cert; /*!< own X.509 certificate */
|
||||
x509_crt *ca_chain; /*!< own trusted CA chain */
|
||||
const char *peer_cn; /*!< expected peer CN */
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
||||
@ -825,7 +825,7 @@ void ssl_set_authmode( ssl_context *ssl, int authmode );
|
||||
* \param p_vrfy verification parameter
|
||||
*/
|
||||
void ssl_set_verify( ssl_context *ssl,
|
||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||
int (*f_vrfy)(void *, x509_crt *, int, int *),
|
||||
void *p_vrfy );
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||
|
||||
@ -956,7 +956,7 @@ void ssl_set_ciphersuites_for_version( ssl_context *ssl,
|
||||
* \param ca_crl trusted CA CRLs
|
||||
* \param peer_cn expected peer CommonName (or NULL)
|
||||
*/
|
||||
void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
|
||||
void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain,
|
||||
x509_crl *ca_crl, const char *peer_cn );
|
||||
|
||||
/**
|
||||
@ -970,7 +970,7 @@ void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
|
||||
* \param own_cert own public certificate chain
|
||||
* \param pk_key own private key
|
||||
*/
|
||||
void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
|
||||
void ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
|
||||
pk_context *pk_key );
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
@ -987,7 +987,7 @@ void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
|
||||
*
|
||||
* \return 0 on success, or a specific error code.
|
||||
*/
|
||||
int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert,
|
||||
int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
|
||||
rsa_context *rsa_key );
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
@ -1012,7 +1012,7 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert,
|
||||
*
|
||||
* \return 0 on success, or a specific error code.
|
||||
*/
|
||||
int ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert,
|
||||
int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert,
|
||||
void *rsa_key,
|
||||
rsa_decrypt_func rsa_decrypt,
|
||||
rsa_sign_func rsa_sign,
|
||||
@ -1293,7 +1293,7 @@ const char *ssl_get_version( const ssl_context *ssl );
|
||||
*
|
||||
* \return the current peer certificate
|
||||
*/
|
||||
const x509_cert *ssl_get_peer_cert( const ssl_context *ssl );
|
||||
const x509_crt *ssl_get_peer_cert( const ssl_context *ssl );
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||
|
||||
/**
|
||||
|
||||
@ -57,7 +57,7 @@
|
||||
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */
|
||||
#define POLARSSL_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */
|
||||
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */
|
||||
#define POLARSSL_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::x509_cert sig_oid) */
|
||||
#define POLARSSL_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::x509_crt sig_oid) */
|
||||
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
|
||||
#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */
|
||||
#define POLARSSL_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */
|
||||
|
||||
@ -52,7 +52,7 @@ extern "C" {
|
||||
/**
|
||||
* Container for an X.509 certificate. The certificate may be chained.
|
||||
*/
|
||||
typedef struct _x509_cert
|
||||
typedef struct _x509_crt
|
||||
{
|
||||
x509_buf raw; /**< The raw certificate data (DER). */
|
||||
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
|
||||
@ -92,9 +92,9 @@ typedef struct _x509_cert
|
||||
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
|
||||
pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */;
|
||||
|
||||
struct _x509_cert *next; /**< Next certificate in the CA-chain. */
|
||||
struct _x509_crt *next; /**< Next certificate in the CA-chain. */
|
||||
}
|
||||
x509_cert;
|
||||
x509_crt;
|
||||
|
||||
#define X509_CRT_VERSION_1 0
|
||||
#define X509_CRT_VERSION_2 1
|
||||
@ -132,7 +132,7 @@ x509write_cert;
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
|
||||
int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf,
|
||||
size_t buflen );
|
||||
|
||||
/**
|
||||
@ -149,7 +149,7 @@ int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
|
||||
* \return 0 if all certificates parsed successfully, a positive number
|
||||
* if partly successful or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen );
|
||||
int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen );
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/**
|
||||
@ -165,7 +165,7 @@ int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen );
|
||||
* \return 0 if all certificates parsed successfully, a positive number
|
||||
* if partly successful or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509_crt_parse_file( x509_cert *chain, const char *path );
|
||||
int x509_crt_parse_file( x509_crt *chain, const char *path );
|
||||
|
||||
/**
|
||||
* \brief Load one or more certificate files from a path and add them
|
||||
@ -180,7 +180,7 @@ int x509_crt_parse_file( x509_cert *chain, const char *path );
|
||||
* \return 0 if all certificates parsed successfully, a positive number
|
||||
* if partly successful or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509_crt_parse_path( x509_cert *chain, const char *path );
|
||||
int x509_crt_parse_path( x509_crt *chain, const char *path );
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
/**
|
||||
@ -196,7 +196,7 @@ int x509_crt_parse_path( x509_cert *chain, const char *path );
|
||||
* case of an error.
|
||||
*/
|
||||
int x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||
const x509_cert *crt );
|
||||
const x509_crt *crt );
|
||||
|
||||
/**
|
||||
* \brief Verify the certificate signature
|
||||
@ -206,7 +206,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||
* the verification callback is called for each
|
||||
* certificate in the chain (from the trust-ca down to the
|
||||
* presented crt). The parameters for the callback are:
|
||||
* (void *parameter, x509_cert *crt, int certificate_depth,
|
||||
* (void *parameter, x509_crt *crt, int certificate_depth,
|
||||
* int *flags). With the flags representing current flags for
|
||||
* that specific certificate and the certificate depth from
|
||||
* the bottom (Peer cert depth = 0).
|
||||
@ -234,11 +234,11 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||
* or another error in case of a fatal error encountered
|
||||
* during the verification process.
|
||||
*/
|
||||
int x509_crt_verify( x509_cert *crt,
|
||||
x509_cert *trust_ca,
|
||||
int x509_crt_verify( x509_crt *crt,
|
||||
x509_crt *trust_ca,
|
||||
x509_crl *ca_crl,
|
||||
const char *cn, int *flags,
|
||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||
int (*f_vrfy)(void *, x509_crt *, int, int *),
|
||||
void *p_vrfy );
|
||||
|
||||
#if defined(POLARSSL_X509_CRL_PARSE_C)
|
||||
@ -251,7 +251,7 @@ int x509_crt_verify( x509_cert *crt,
|
||||
* \return 1 if the certificate is revoked, 0 otherwise
|
||||
*
|
||||
*/
|
||||
int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl );
|
||||
int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl );
|
||||
#endif /* POLARSSL_X509_CRL_PARSE_C */
|
||||
|
||||
/**
|
||||
@ -259,14 +259,14 @@ int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl );
|
||||
*
|
||||
* \param crt Certificate chain to initialize
|
||||
*/
|
||||
void x509_crt_init( x509_cert *crt );
|
||||
void x509_crt_init( x509_crt *crt );
|
||||
|
||||
/**
|
||||
* \brief Unallocate all certificate data
|
||||
*
|
||||
* \param crt Certificate chain to free
|
||||
*/
|
||||
void x509_crt_free( x509_cert *crt );
|
||||
void x509_crt_free( x509_crt *crt );
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||
|
||||
/* \} name */
|
||||
|
||||
@ -260,7 +260,7 @@ static void debug_print_pk( const ssl_context *ssl, int level,
|
||||
|
||||
void debug_print_crt( const ssl_context *ssl, int level,
|
||||
const char *file, int line,
|
||||
const char *text, const x509_cert *crt )
|
||||
const char *text, const x509_crt *crt )
|
||||
{
|
||||
char str[1024], prefix[64];
|
||||
int i = 0, maxlen = sizeof( prefix ) - 1;
|
||||
|
||||
@ -40,7 +40,7 @@
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11_cert )
|
||||
int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
|
||||
{
|
||||
int ret = 1;
|
||||
unsigned char *cert_blob = NULL;
|
||||
@ -71,7 +71,7 @@ int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11_cert )
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if( 0 != x509parse_crt(cert, cert_blob, cert_blob_size ) )
|
||||
if( 0 != x509_crt_parse(cert, cert_blob, cert_blob_size ) )
|
||||
{
|
||||
ret = 6;
|
||||
goto cleanup;
|
||||
@ -91,9 +91,9 @@ int pkcs11_priv_key_init( pkcs11_context *priv_key,
|
||||
pkcs11h_certificate_t pkcs11_cert )
|
||||
{
|
||||
int ret = 1;
|
||||
x509_cert cert;
|
||||
x509_crt cert;
|
||||
|
||||
memset( &cert, 0, sizeof( cert ) );
|
||||
x509_crt_init( &cert );
|
||||
|
||||
if( priv_key == NULL )
|
||||
goto cleanup;
|
||||
@ -107,7 +107,7 @@ int pkcs11_priv_key_init( pkcs11_context *priv_key,
|
||||
ret = 0;
|
||||
|
||||
cleanup:
|
||||
x509_free( &cert );
|
||||
x509_crt_free( &cert );
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -91,11 +91,11 @@ int ssl_cache_get( void *data, ssl_session *session )
|
||||
*/
|
||||
if( entry->peer_cert.p != NULL )
|
||||
{
|
||||
session->peer_cert = (x509_cert *) polarssl_malloc( sizeof(x509_cert) );
|
||||
session->peer_cert = (x509_crt *) polarssl_malloc( sizeof(x509_crt) );
|
||||
if( session->peer_cert == NULL )
|
||||
return( 1 );
|
||||
|
||||
memset( session->peer_cert, 0, sizeof(x509_cert) );
|
||||
memset( session->peer_cert, 0, sizeof(x509_crt) );
|
||||
if( x509_crt_parse( session->peer_cert, entry->peer_cert.p,
|
||||
entry->peer_cert.len ) != 0 )
|
||||
{
|
||||
|
||||
@ -135,12 +135,12 @@ static int ssl_load_session( ssl_session *session,
|
||||
if( p + cert_len > end )
|
||||
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
session->peer_cert = polarssl_malloc( sizeof( x509_cert ) );
|
||||
session->peer_cert = polarssl_malloc( sizeof( x509_crt ) );
|
||||
|
||||
if( session->peer_cert == NULL )
|
||||
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
|
||||
|
||||
memset( session->peer_cert, 0, sizeof( x509_cert ) );
|
||||
memset( session->peer_cert, 0, sizeof( x509_crt ) );
|
||||
|
||||
if( ( ret = x509_crt_parse( session->peer_cert, p, cert_len ) ) != 0 )
|
||||
{
|
||||
@ -1695,7 +1695,7 @@ static int ssl_write_certificate_request( ssl_context *ssl )
|
||||
size_t dn_size, total_dn_size; /* excluding length bytes */
|
||||
size_t ct_len, sa_len; /* including length bytes */
|
||||
unsigned char *buf, *p;
|
||||
const x509_cert *crt;
|
||||
const x509_crt *crt;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) );
|
||||
|
||||
|
||||
@ -80,10 +80,10 @@ static int ssl_session_copy( ssl_session *dst, const ssl_session *src )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ( dst->peer_cert = polarssl_malloc( sizeof(x509_cert) ) ) == NULL )
|
||||
if( ( dst->peer_cert = polarssl_malloc( sizeof(x509_crt) ) ) == NULL )
|
||||
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
|
||||
|
||||
memset( dst->peer_cert, 0, sizeof(x509_cert) );
|
||||
memset( dst->peer_cert, 0, sizeof(x509_crt) );
|
||||
|
||||
if( ( ret = x509_crt_parse( dst->peer_cert, src->peer_cert->raw.p,
|
||||
src->peer_cert->raw.len ) != 0 ) )
|
||||
@ -2272,7 +2272,7 @@ int ssl_write_certificate( ssl_context *ssl )
|
||||
{
|
||||
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
size_t i, n;
|
||||
const x509_cert *crt;
|
||||
const x509_crt *crt;
|
||||
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
|
||||
@ -2486,15 +2486,15 @@ int ssl_parse_certificate( ssl_context *ssl )
|
||||
polarssl_free( ssl->session_negotiate->peer_cert );
|
||||
}
|
||||
|
||||
if( ( ssl->session_negotiate->peer_cert = (x509_cert *) polarssl_malloc(
|
||||
sizeof( x509_cert ) ) ) == NULL )
|
||||
if( ( ssl->session_negotiate->peer_cert = (x509_crt *) polarssl_malloc(
|
||||
sizeof( x509_crt ) ) ) == NULL )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed",
|
||||
sizeof( x509_cert ) ) );
|
||||
sizeof( x509_crt ) ) );
|
||||
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
|
||||
}
|
||||
|
||||
memset( ssl->session_negotiate->peer_cert, 0, sizeof( x509_cert ) );
|
||||
memset( ssl->session_negotiate->peer_cert, 0, sizeof( x509_crt ) );
|
||||
|
||||
i = 7;
|
||||
|
||||
@ -3379,7 +3379,7 @@ void ssl_set_authmode( ssl_context *ssl, int authmode )
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
void ssl_set_verify( ssl_context *ssl,
|
||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||
int (*f_vrfy)(void *, x509_crt *, int, int *),
|
||||
void *p_vrfy )
|
||||
{
|
||||
ssl->f_vrfy = f_vrfy;
|
||||
@ -3464,7 +3464,7 @@ void ssl_set_ciphersuites_for_version( ssl_context *ssl, const int *ciphersuites
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
|
||||
void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain,
|
||||
x509_crl *ca_crl, const char *peer_cn )
|
||||
{
|
||||
ssl->ca_chain = ca_chain;
|
||||
@ -3472,7 +3472,7 @@ void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
|
||||
ssl->peer_cn = peer_cn;
|
||||
}
|
||||
|
||||
void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
|
||||
void ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
|
||||
pk_context *pk_key )
|
||||
{
|
||||
ssl->own_cert = own_cert;
|
||||
@ -3480,7 +3480,7 @@ void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert,
|
||||
int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
|
||||
rsa_context *rsa_key )
|
||||
{
|
||||
int ret;
|
||||
@ -3505,7 +3505,7 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert,
|
||||
}
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
int ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert,
|
||||
int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert,
|
||||
void *rsa_key,
|
||||
rsa_decrypt_func rsa_decrypt,
|
||||
rsa_sign_func rsa_sign,
|
||||
@ -3731,7 +3731,7 @@ const char *ssl_get_version( const ssl_context *ssl )
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
const x509_cert *ssl_get_peer_cert( const ssl_context *ssl )
|
||||
const x509_crt *ssl_get_peer_cert( const ssl_context *ssl )
|
||||
{
|
||||
if( ssl == NULL || ssl->session == NULL )
|
||||
return NULL;
|
||||
|
||||
@ -702,13 +702,13 @@ int x509_self_test( int verbose )
|
||||
#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C)
|
||||
int ret;
|
||||
int flags;
|
||||
x509_cert cacert;
|
||||
x509_cert clicert;
|
||||
x509_crt cacert;
|
||||
x509_crt clicert;
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( " X.509 certificate load: " );
|
||||
|
||||
memset( &clicert, 0, sizeof( x509_cert ) );
|
||||
memset( &clicert, 0, sizeof( x509_crt ) );
|
||||
|
||||
ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt,
|
||||
strlen( test_cli_crt ) );
|
||||
@ -720,7 +720,7 @@ int x509_self_test( int verbose )
|
||||
return( ret );
|
||||
}
|
||||
|
||||
memset( &cacert, 0, sizeof( x509_cert ) );
|
||||
memset( &cacert, 0, sizeof( x509_crt ) );
|
||||
|
||||
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_crt,
|
||||
strlen( test_ca_crt ) );
|
||||
|
||||
@ -379,7 +379,7 @@ static int x509_get_subject_alt_name( unsigned char **p,
|
||||
*/
|
||||
static int x509_get_crt_ext( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
x509_cert *crt )
|
||||
x509_crt *crt )
|
||||
{
|
||||
int ret;
|
||||
size_t len;
|
||||
@ -515,7 +515,7 @@ static int x509_get_crt_ext( unsigned char **p,
|
||||
/*
|
||||
* Parse and fill a single X.509 certificate in DER format
|
||||
*/
|
||||
static int x509_crt_parse_der_core( x509_cert *crt, const unsigned char *buf,
|
||||
static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||
size_t buflen )
|
||||
{
|
||||
int ret;
|
||||
@ -756,11 +756,11 @@ static int x509_crt_parse_der_core( x509_cert *crt, const unsigned char *buf,
|
||||
* Parse one X.509 certificate in DER format from a buffer and add them to a
|
||||
* chained list
|
||||
*/
|
||||
int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
|
||||
int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf,
|
||||
size_t buflen )
|
||||
{
|
||||
int ret;
|
||||
x509_cert *crt = chain, *prev = NULL;
|
||||
x509_crt *crt = chain, *prev = NULL;
|
||||
|
||||
/*
|
||||
* Check for valid input
|
||||
@ -779,7 +779,7 @@ int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
|
||||
*/
|
||||
if ( crt->version != 0 && crt->next == NULL)
|
||||
{
|
||||
crt->next = (x509_cert *) polarssl_malloc( sizeof( x509_cert ) );
|
||||
crt->next = (x509_crt *) polarssl_malloc( sizeof( x509_crt ) );
|
||||
|
||||
if( crt->next == NULL )
|
||||
return( POLARSSL_ERR_X509_MALLOC_FAILED );
|
||||
@ -806,7 +806,7 @@ int x509_crt_parse_der( x509_cert *chain, const unsigned char *buf,
|
||||
/*
|
||||
* Parse one or more PEM certificates from a buffer and add them to the chained list
|
||||
*/
|
||||
int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen )
|
||||
int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen )
|
||||
{
|
||||
int success = 0, first_error = 0, total_failed = 0;
|
||||
int buf_format = X509_FORMAT_DER;
|
||||
@ -911,7 +911,7 @@ int x509_crt_parse( x509_cert *chain, const unsigned char *buf, size_t buflen )
|
||||
/*
|
||||
* Load one or more certificates and add them to the chained list
|
||||
*/
|
||||
int x509_crt_parse_file( x509_cert *chain, const char *path )
|
||||
int x509_crt_parse_file( x509_crt *chain, const char *path )
|
||||
{
|
||||
int ret;
|
||||
size_t n;
|
||||
@ -928,7 +928,7 @@ int x509_crt_parse_file( x509_cert *chain, const char *path )
|
||||
return( ret );
|
||||
}
|
||||
|
||||
int x509_crt_parse_path( x509_cert *chain, const char *path )
|
||||
int x509_crt_parse_path( x509_crt *chain, const char *path )
|
||||
{
|
||||
int ret = 0;
|
||||
#if defined(_WIN32)
|
||||
@ -1083,7 +1083,7 @@ static int compat_snprintf(char *str, size_t size, const char *format, ...)
|
||||
#define BEFORE_COLON 14
|
||||
#define BC "14"
|
||||
int x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||
const x509_cert *crt )
|
||||
const x509_crt *crt )
|
||||
{
|
||||
int ret;
|
||||
size_t n;
|
||||
@ -1155,7 +1155,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||
/*
|
||||
* Return 1 if the certificate is revoked, or 0 otherwise.
|
||||
*/
|
||||
int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl )
|
||||
int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl )
|
||||
{
|
||||
const x509_crl_entry *cur = &crl->entry;
|
||||
|
||||
@ -1177,7 +1177,7 @@ int x509_crt_revoked( const x509_cert *crt, const x509_crl *crl )
|
||||
/*
|
||||
* Check that the given certificate is valid accoring to the CRL.
|
||||
*/
|
||||
static int x509_crt_verifycrl( x509_cert *crt, x509_cert *ca,
|
||||
static int x509_crt_verifycrl( x509_crt *crt, x509_crt *ca,
|
||||
x509_crl *crl_list)
|
||||
{
|
||||
int flags = 0;
|
||||
@ -1301,9 +1301,9 @@ static int x509_wildcard_verify( const char *cn, x509_buf *name )
|
||||
}
|
||||
|
||||
static int x509_crt_verify_top(
|
||||
x509_cert *child, x509_cert *trust_ca,
|
||||
x509_crt *child, x509_crt *trust_ca,
|
||||
x509_crl *ca_crl, int path_cnt, int *flags,
|
||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||
int (*f_vrfy)(void *, x509_crt *, int, int *),
|
||||
void *p_vrfy )
|
||||
{
|
||||
int ret;
|
||||
@ -1412,15 +1412,15 @@ static int x509_crt_verify_top(
|
||||
}
|
||||
|
||||
static int x509_crt_verify_child(
|
||||
x509_cert *child, x509_cert *parent, x509_cert *trust_ca,
|
||||
x509_crt *child, x509_crt *parent, x509_crt *trust_ca,
|
||||
x509_crl *ca_crl, int path_cnt, int *flags,
|
||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||
int (*f_vrfy)(void *, x509_crt *, int, int *),
|
||||
void *p_vrfy )
|
||||
{
|
||||
int ret;
|
||||
int parent_flags = 0;
|
||||
unsigned char hash[POLARSSL_MD_MAX_SIZE];
|
||||
x509_cert *grandparent;
|
||||
x509_crt *grandparent;
|
||||
const md_info_t *md_info;
|
||||
|
||||
if( x509_time_expired( &child->valid_to ) )
|
||||
@ -1496,17 +1496,17 @@ static int x509_crt_verify_child(
|
||||
/*
|
||||
* Verify the certificate validity
|
||||
*/
|
||||
int x509_crt_verify( x509_cert *crt,
|
||||
x509_cert *trust_ca,
|
||||
int x509_crt_verify( x509_crt *crt,
|
||||
x509_crt *trust_ca,
|
||||
x509_crl *ca_crl,
|
||||
const char *cn, int *flags,
|
||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||
int (*f_vrfy)(void *, x509_crt *, int, int *),
|
||||
void *p_vrfy )
|
||||
{
|
||||
size_t cn_len;
|
||||
int ret;
|
||||
int pathlen = 0;
|
||||
x509_cert *parent;
|
||||
x509_crt *parent;
|
||||
x509_name *name;
|
||||
x509_sequence *cur = NULL;
|
||||
|
||||
@ -1606,18 +1606,18 @@ int x509_crt_verify( x509_cert *crt,
|
||||
/*
|
||||
* Initialize a certificate chain
|
||||
*/
|
||||
void x509_crt_init( x509_cert *crt )
|
||||
void x509_crt_init( x509_crt *crt )
|
||||
{
|
||||
memset( crt, 0, sizeof(x509_cert) );
|
||||
memset( crt, 0, sizeof(x509_crt) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Unallocate all certificate data
|
||||
*/
|
||||
void x509_crt_free( x509_cert *crt )
|
||||
void x509_crt_free( x509_crt *crt )
|
||||
{
|
||||
x509_cert *cert_cur = crt;
|
||||
x509_cert *cert_prv;
|
||||
x509_crt *cert_cur = crt;
|
||||
x509_crt *cert_prv;
|
||||
x509_name *name_cur;
|
||||
x509_name *name_prv;
|
||||
x509_sequence *seq_cur;
|
||||
@ -1682,7 +1682,7 @@ void x509_crt_free( x509_cert *crt )
|
||||
cert_prv = cert_cur;
|
||||
cert_cur = cert_cur->next;
|
||||
|
||||
memset( cert_prv, 0, sizeof( x509_cert ) );
|
||||
memset( cert_prv, 0, sizeof( x509_crt ) );
|
||||
if( cert_prv != crt )
|
||||
polarssl_free( cert_prv );
|
||||
}
|
||||
|
||||
@ -81,7 +81,7 @@ int main( int argc, char *argv[] )
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_cert cacert;
|
||||
x509_crt cacert;
|
||||
|
||||
((void) argc);
|
||||
((void) argv);
|
||||
|
||||
@ -115,7 +115,7 @@ static void my_debug( void *ctx, int level, const char *str )
|
||||
/*
|
||||
* Enabled if debug_level > 1 in code below
|
||||
*/
|
||||
static int my_verify( void *data, x509_cert *crt, int depth, int *flags )
|
||||
static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
|
||||
{
|
||||
char buf[1024];
|
||||
((void) data);
|
||||
@ -255,8 +255,8 @@ int main( int argc, char *argv[] )
|
||||
ssl_context ssl;
|
||||
ssl_session saved_session;
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
x509_cert cacert;
|
||||
x509_cert clicert;
|
||||
x509_crt cacert;
|
||||
x509_crt clicert;
|
||||
pk_context pkey;
|
||||
#endif
|
||||
char *p, *q;
|
||||
|
||||
@ -103,7 +103,7 @@ int main( int argc, char *argv[] )
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_cert srvcert;
|
||||
x509_crt srvcert;
|
||||
pk_context pkey;
|
||||
|
||||
((void) argc);
|
||||
|
||||
@ -351,8 +351,8 @@ int main( int argc, char *argv[] )
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_cert cacert;
|
||||
x509_cert clicert;
|
||||
x509_crt cacert;
|
||||
x509_crt clicert;
|
||||
pk_context pkey;
|
||||
int i;
|
||||
size_t n;
|
||||
|
||||
@ -95,7 +95,7 @@ int main( int argc, char *argv[] )
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_cert srvcert;
|
||||
x509_crt srvcert;
|
||||
pk_context pkey;
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_context cache;
|
||||
|
||||
@ -213,8 +213,8 @@ int main( int argc, char *argv[] )
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
x509_cert cacert;
|
||||
x509_cert srvcert;
|
||||
x509_crt cacert;
|
||||
x509_crt srvcert;
|
||||
pk_context pkey;
|
||||
#endif
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
|
||||
@ -82,7 +82,7 @@ int main( int argc, char *argv[] )
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret, i;
|
||||
x509_cert cacert;
|
||||
x509_crt cacert;
|
||||
x509_crl crl;
|
||||
char buf[10240];
|
||||
|
||||
@ -139,7 +139,7 @@ int main( int argc, char *argv[] )
|
||||
*/
|
||||
char name[512];
|
||||
int flags;
|
||||
x509_cert clicert;
|
||||
x509_crt clicert;
|
||||
pk_context pk;
|
||||
|
||||
x509_crt_init( &clicert );
|
||||
|
||||
@ -166,7 +166,7 @@ static int ssl_test( struct options *opt )
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_cert srvcert;
|
||||
x509_crt srvcert;
|
||||
pk_context pkey;
|
||||
|
||||
ret = 1;
|
||||
|
||||
@ -95,7 +95,7 @@ static void my_debug( void *ctx, int level, const char *str )
|
||||
}
|
||||
}
|
||||
|
||||
static int my_verify( void *data, x509_cert *crt, int depth, int *flags )
|
||||
static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
|
||||
{
|
||||
char buf[1024];
|
||||
((void) data);
|
||||
@ -156,8 +156,8 @@ int main( int argc, char *argv[] )
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_cert cacert;
|
||||
x509_cert clicert;
|
||||
x509_crt cacert;
|
||||
x509_crt clicert;
|
||||
pk_context pkey;
|
||||
int i, j;
|
||||
int flags, verify = 0;
|
||||
@ -267,8 +267,8 @@ int main( int argc, char *argv[] )
|
||||
|
||||
if( opt.mode == MODE_FILE )
|
||||
{
|
||||
x509_cert crt;
|
||||
x509_cert *cur = &crt;
|
||||
x509_crt crt;
|
||||
x509_crt *cur = &crt;
|
||||
x509_crt_init( &crt );
|
||||
|
||||
/*
|
||||
|
||||
@ -181,7 +181,7 @@ int write_certificate( x509write_cert *crt, char *output_file,
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
int ret = 0;
|
||||
x509_cert issuer_crt;
|
||||
x509_crt issuer_crt;
|
||||
pk_context loaded_issuer_key, loaded_subject_key;
|
||||
pk_context *issuer_key = &loaded_issuer_key,
|
||||
*subject_key = &loaded_subject_key;
|
||||
|
||||
@ -26,7 +26,7 @@ void string_debug(void *data, int level, const char *str)
|
||||
void debug_print_crt( char *crt_file, char *file, int line, char *prefix,
|
||||
char *result_str )
|
||||
{
|
||||
x509_cert crt;
|
||||
x509_crt crt;
|
||||
ssl_context ssl;
|
||||
struct buffer_data buffer;
|
||||
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
#include <polarssl/pem.h>
|
||||
#include <polarssl/oid.h>
|
||||
|
||||
int verify_none( void *data, x509_cert *crt, int certificate_depth, int *flags )
|
||||
int verify_none( void *data, x509_crt *crt, int certificate_depth, int *flags )
|
||||
{
|
||||
((void) data);
|
||||
((void) crt);
|
||||
@ -14,7 +14,7 @@ int verify_none( void *data, x509_cert *crt, int certificate_depth, int *flags )
|
||||
return 0;
|
||||
}
|
||||
|
||||
int verify_all( void *data, x509_cert *crt, int certificate_depth, int *flags )
|
||||
int verify_all( void *data, x509_crt *crt, int certificate_depth, int *flags )
|
||||
{
|
||||
((void) data);
|
||||
((void) crt);
|
||||
@ -34,7 +34,7 @@ int verify_all( void *data, x509_cert *crt, int certificate_depth, int *flags )
|
||||
/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_PARSE_C */
|
||||
void x509_cert_info( char *crt_file, char *result_str )
|
||||
{
|
||||
x509_cert crt;
|
||||
x509_crt crt;
|
||||
char buf[2000];
|
||||
int res;
|
||||
|
||||
@ -80,12 +80,12 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
|
||||
char *cn_name_str, int result, int flags_result,
|
||||
char *verify_callback )
|
||||
{
|
||||
x509_cert crt;
|
||||
x509_cert ca;
|
||||
x509_crt crt;
|
||||
x509_crt ca;
|
||||
x509_crl crl;
|
||||
int flags = 0;
|
||||
int res;
|
||||
int (*f_vrfy)(void *, x509_cert *, int, int *) = NULL;
|
||||
int (*f_vrfy)(void *, x509_crt *, int, int *) = NULL;
|
||||
char * cn_name = NULL;
|
||||
|
||||
x509_crt_init( &crt );
|
||||
@ -122,7 +122,7 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
|
||||
/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */
|
||||
void x509_dn_gets( char *crt_file, char *entity, char *result_str )
|
||||
{
|
||||
x509_cert crt;
|
||||
x509_crt crt;
|
||||
char buf[2000];
|
||||
int res = 0;
|
||||
|
||||
@ -149,7 +149,7 @@ void x509_dn_gets( char *crt_file, char *entity, char *result_str )
|
||||
/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_USE_C */
|
||||
void x509_time_expired( char *crt_file, char *entity, int result )
|
||||
{
|
||||
x509_cert crt;
|
||||
x509_crt crt;
|
||||
|
||||
x509_crt_init( &crt );
|
||||
|
||||
@ -169,7 +169,7 @@ void x509_time_expired( char *crt_file, char *entity, int result )
|
||||
/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C */
|
||||
void x509parse_crt( char *crt_data, char *result_str, int result )
|
||||
{
|
||||
x509_cert crt;
|
||||
x509_crt crt;
|
||||
unsigned char buf[2000];
|
||||
unsigned char output[2000];
|
||||
int data_len, res;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user