2 * X.509 certificate and private key decoding
4 * Copyright (C) 2006-2011, Brainspark B.V.
6 * This file is part of PolarSSL (http://www.polarssl.org)
7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 * The ITU-T X.509 standard defines a certificate format for PKI.
28 * http://www.ietf.org/rfc/rfc3279.txt
29 * http://www.ietf.org/rfc/rfc3280.txt
31 * ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc
33 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
34 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
39 #if defined(POLARSSL_X509_PARSE_C)
45 #if defined(POLARSSL_MD2_C)
48 #if defined(POLARSSL_MD4_C)
51 #if defined(POLARSSL_MD5_C)
54 #if defined(POLARSSL_SHA1_C)
57 #if defined(POLARSSL_SHA2_C)
60 #if defined(POLARSSL_SHA4_C)
64 #if defined(POLARSSL_PKCS5_C)
67 #if defined(POLARSSL_PKCS12_C)
79 #if defined(POLARSSL_FS_IO)
82 #include <sys/types.h>
88 /* Compare a given OID string with an OID x509_buf * */
89 #define OID_CMP(oid_str, oid_buf) \
90 ( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \
91 memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) == 0)
94 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
96 static int x509_get_version( unsigned char **p
,
97 const unsigned char *end
,
103 if( ( ret
= asn1_get_tag( p
, end
, &len
,
104 ASN1_CONTEXT_SPECIFIC
| ASN1_CONSTRUCTED
| 0 ) ) != 0 )
106 if( ret
== POLARSSL_ERR_ASN1_UNEXPECTED_TAG
)
117 if( ( ret
= asn1_get_int( p
, end
, ver
) ) != 0 )
118 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION
+ ret
);
121 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION
+
122 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
128 * Version ::= INTEGER { v1(0), v2(1) }
130 static int x509_crl_get_version( unsigned char **p
,
131 const unsigned char *end
,
136 if( ( ret
= asn1_get_int( p
, end
, ver
) ) != 0 )
138 if( ret
== POLARSSL_ERR_ASN1_UNEXPECTED_TAG
)
144 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION
+ ret
);
151 * CertificateSerialNumber ::= INTEGER
153 static int x509_get_serial( unsigned char **p
,
154 const unsigned char *end
,
159 if( ( end
- *p
) < 1 )
160 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL
+
161 POLARSSL_ERR_ASN1_OUT_OF_DATA
);
163 if( **p
!= ( ASN1_CONTEXT_SPECIFIC
| ASN1_PRIMITIVE
| 2 ) &&
164 **p
!= ASN1_INTEGER
)
165 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL
+
166 POLARSSL_ERR_ASN1_UNEXPECTED_TAG
);
168 serial
->tag
= *(*p
)++;
170 if( ( ret
= asn1_get_len( p
, end
, &serial
->len
) ) != 0 )
171 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL
+ ret
);
180 * AlgorithmIdentifier ::= SEQUENCE {
181 * algorithm OBJECT IDENTIFIER,
182 * parameters ANY DEFINED BY algorithm OPTIONAL }
184 static int x509_get_alg( unsigned char **p
,
185 const unsigned char *end
,
191 if( ( ret
= asn1_get_tag( p
, end
, &len
,
192 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
193 return( POLARSSL_ERR_X509_CERT_INVALID_ALG
+ ret
);
198 if( ( ret
= asn1_get_tag( p
, end
, &alg
->len
, ASN1_OID
) ) != 0 )
199 return( POLARSSL_ERR_X509_CERT_INVALID_ALG
+ ret
);
208 * assume the algorithm parameters must be NULL
210 if( ( ret
= asn1_get_tag( p
, end
, &len
, ASN1_NULL
) ) != 0 )
211 return( POLARSSL_ERR_X509_CERT_INVALID_ALG
+ ret
);
214 return( POLARSSL_ERR_X509_CERT_INVALID_ALG
+
215 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
221 * AttributeTypeAndValue ::= SEQUENCE {
222 * type AttributeType,
223 * value AttributeValue }
225 * AttributeType ::= OBJECT IDENTIFIER
227 * AttributeValue ::= ANY DEFINED BY AttributeType
229 static int x509_get_attr_type_value( unsigned char **p
,
230 const unsigned char *end
,
238 if( ( ret
= asn1_get_tag( p
, end
, &len
,
239 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
240 return( POLARSSL_ERR_X509_CERT_INVALID_NAME
+ ret
);
245 if( ( ret
= asn1_get_tag( p
, end
, &oid
->len
, ASN1_OID
) ) != 0 )
246 return( POLARSSL_ERR_X509_CERT_INVALID_NAME
+ ret
);
251 if( ( end
- *p
) < 1 )
252 return( POLARSSL_ERR_X509_CERT_INVALID_NAME
+
253 POLARSSL_ERR_ASN1_OUT_OF_DATA
);
255 if( **p
!= ASN1_BMP_STRING
&& **p
!= ASN1_UTF8_STRING
&&
256 **p
!= ASN1_T61_STRING
&& **p
!= ASN1_PRINTABLE_STRING
&&
257 **p
!= ASN1_IA5_STRING
&& **p
!= ASN1_UNIVERSAL_STRING
)
258 return( POLARSSL_ERR_X509_CERT_INVALID_NAME
+
259 POLARSSL_ERR_ASN1_UNEXPECTED_TAG
);
264 if( ( ret
= asn1_get_len( p
, end
, &val
->len
) ) != 0 )
265 return( POLARSSL_ERR_X509_CERT_INVALID_NAME
+ ret
);
276 * RelativeDistinguishedName ::=
277 * SET OF AttributeTypeAndValue
279 * AttributeTypeAndValue ::= SEQUENCE {
280 * type AttributeType,
281 * value AttributeValue }
283 * AttributeType ::= OBJECT IDENTIFIER
285 * AttributeValue ::= ANY DEFINED BY AttributeType
287 static int x509_get_name( unsigned char **p
,
288 const unsigned char *end
,
293 const unsigned char *end2
;
296 if( ( ret
= asn1_get_tag( p
, end
, &len
,
297 ASN1_CONSTRUCTED
| ASN1_SET
) ) != 0 )
298 return( POLARSSL_ERR_X509_CERT_INVALID_NAME
+ ret
);
306 if( ( ret
= x509_get_attr_type_value( p
, end
, use
) ) != 0 )
311 use
->next
= (x509_name
*) malloc(
312 sizeof( x509_name
) );
314 if( use
->next
== NULL
)
315 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
317 memset( use
->next
, 0, sizeof( x509_name
) );
325 * recurse until end of SEQUENCE is reached
330 cur
->next
= (x509_name
*) malloc(
331 sizeof( x509_name
) );
333 if( cur
->next
== NULL
)
334 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
336 memset( cur
->next
, 0, sizeof( x509_name
) );
338 return( x509_get_name( p
, end2
, cur
->next
) );
344 * generalTime GeneralizedTime }
346 static int x509_get_time( unsigned char **p
,
347 const unsigned char *end
,
355 if( ( end
- *p
) < 1 )
356 return( POLARSSL_ERR_X509_CERT_INVALID_DATE
+
357 POLARSSL_ERR_ASN1_OUT_OF_DATA
);
361 if ( tag
== ASN1_UTC_TIME
)
364 ret
= asn1_get_len( p
, end
, &len
);
367 return( POLARSSL_ERR_X509_CERT_INVALID_DATE
+ ret
);
369 memset( date
, 0, sizeof( date
) );
370 memcpy( date
, *p
, ( len
< sizeof( date
) - 1 ) ?
371 len
: sizeof( date
) - 1 );
373 if( sscanf( date
, "%2d%2d%2d%2d%2d%2d",
374 &time
->year
, &time
->mon
, &time
->day
,
375 &time
->hour
, &time
->min
, &time
->sec
) < 5 )
376 return( POLARSSL_ERR_X509_CERT_INVALID_DATE
);
378 time
->year
+= 100 * ( time
->year
< 50 );
385 else if ( tag
== ASN1_GENERALIZED_TIME
)
388 ret
= asn1_get_len( p
, end
, &len
);
391 return( POLARSSL_ERR_X509_CERT_INVALID_DATE
+ ret
);
393 memset( date
, 0, sizeof( date
) );
394 memcpy( date
, *p
, ( len
< sizeof( date
) - 1 ) ?
395 len
: sizeof( date
) - 1 );
397 if( sscanf( date
, "%4d%2d%2d%2d%2d%2d",
398 &time
->year
, &time
->mon
, &time
->day
,
399 &time
->hour
, &time
->min
, &time
->sec
) < 5 )
400 return( POLARSSL_ERR_X509_CERT_INVALID_DATE
);
407 return( POLARSSL_ERR_X509_CERT_INVALID_DATE
+ POLARSSL_ERR_ASN1_UNEXPECTED_TAG
);
412 * Validity ::= SEQUENCE {
416 static int x509_get_dates( unsigned char **p
,
417 const unsigned char *end
,
424 if( ( ret
= asn1_get_tag( p
, end
, &len
,
425 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
426 return( POLARSSL_ERR_X509_CERT_INVALID_DATE
+ ret
);
430 if( ( ret
= x509_get_time( p
, end
, from
) ) != 0 )
433 if( ( ret
= x509_get_time( p
, end
, to
) ) != 0 )
437 return( POLARSSL_ERR_X509_CERT_INVALID_DATE
+
438 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
444 * SubjectPublicKeyInfo ::= SEQUENCE {
445 * algorithm AlgorithmIdentifier,
446 * subjectPublicKey BIT STRING }
448 static int x509_get_pubkey( unsigned char **p
,
449 const unsigned char *end
,
450 x509_buf
*pk_alg_oid
,
457 if( ( ret
= x509_get_alg( p
, end
, pk_alg_oid
) ) != 0 )
461 * only RSA public keys handled at this time
463 if( pk_alg_oid
->len
!= 9 ||
464 memcmp( pk_alg_oid
->p
, OID_PKCS1_RSA
, 9 ) != 0 )
466 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG
);
469 if( ( ret
= asn1_get_tag( p
, end
, &len
, ASN1_BIT_STRING
) ) != 0 )
470 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY
+ ret
);
472 if( ( end
- *p
) < 1 )
473 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY
+
474 POLARSSL_ERR_ASN1_OUT_OF_DATA
);
479 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY
);
482 * RSAPublicKey ::= SEQUENCE {
483 * modulus INTEGER, -- n
484 * publicExponent INTEGER -- e
487 if( ( ret
= asn1_get_tag( p
, end2
, &len
,
488 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
489 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY
+ ret
);
491 if( *p
+ len
!= end2
)
492 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY
+
493 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
495 if( ( ret
= asn1_get_mpi( p
, end2
, N
) ) != 0 ||
496 ( ret
= asn1_get_mpi( p
, end2
, E
) ) != 0 )
497 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY
+ ret
);
500 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY
+
501 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
506 static int x509_get_sig( unsigned char **p
,
507 const unsigned char *end
,
513 if( ( end
- *p
) < 1 )
514 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE
+
515 POLARSSL_ERR_ASN1_OUT_OF_DATA
);
519 if( ( ret
= asn1_get_tag( p
, end
, &len
, ASN1_BIT_STRING
) ) != 0 )
520 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE
+ ret
);
523 if( --len
< 1 || *(*p
)++ != 0 )
524 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE
);
535 * X.509 v2/v3 unique identifier (not parsed)
537 static int x509_get_uid( unsigned char **p
,
538 const unsigned char *end
,
539 x509_buf
*uid
, int n
)
548 if( ( ret
= asn1_get_tag( p
, end
, &uid
->len
,
549 ASN1_CONTEXT_SPECIFIC
| ASN1_CONSTRUCTED
| n
) ) != 0 )
551 if( ret
== POLARSSL_ERR_ASN1_UNEXPECTED_TAG
)
564 * X.509 Extensions (No parsing of extensions, pointer should
565 * be either manually updated or extensions should be parsed!
567 static int x509_get_ext( unsigned char **p
,
568 const unsigned char *end
,
569 x509_buf
*ext
, int tag
)
579 if( ( ret
= asn1_get_tag( p
, end
, &ext
->len
,
580 ASN1_CONTEXT_SPECIFIC
| ASN1_CONSTRUCTED
| tag
) ) != 0 )
587 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
589 * Extension ::= SEQUENCE {
590 * extnID OBJECT IDENTIFIER,
591 * critical BOOLEAN DEFAULT FALSE,
592 * extnValue OCTET STRING }
594 if( ( ret
= asn1_get_tag( p
, end
, &len
,
595 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
596 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
598 if( end
!= *p
+ len
)
599 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
600 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
606 * X.509 CRL v2 extensions (no extensions parsed yet.)
608 static int x509_get_crl_ext( unsigned char **p
,
609 const unsigned char *end
,
615 /* Get explicit tag */
616 if( ( ret
= x509_get_ext( p
, end
, ext
, 0) ) != 0 )
618 if( ret
== POLARSSL_ERR_ASN1_UNEXPECTED_TAG
)
626 if( ( ret
= asn1_get_tag( p
, end
, &len
,
627 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
628 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
634 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
635 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
641 * X.509 CRL v2 entry extensions (no extensions parsed yet.)
643 static int x509_get_crl_entry_ext( unsigned char **p
,
644 const unsigned char *end
,
658 * Get CRL-entry extension sequence header
659 * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2
661 if( ( ret
= asn1_get_tag( p
, end
, &ext
->len
,
662 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
664 if( ret
== POLARSSL_ERR_ASN1_UNEXPECTED_TAG
)
669 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
674 if( end
!= *p
+ ext
->len
)
675 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
676 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
680 if( ( ret
= asn1_get_tag( p
, end
, &len
,
681 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
682 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
688 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
689 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
694 static int x509_get_basic_constraints( unsigned char **p
,
695 const unsigned char *end
,
703 * BasicConstraints ::= SEQUENCE {
704 * cA BOOLEAN DEFAULT FALSE,
705 * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
707 *ca_istrue
= 0; /* DEFAULT FALSE */
708 *max_pathlen
= 0; /* endless */
710 if( ( ret
= asn1_get_tag( p
, end
, &len
,
711 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
712 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
717 if( ( ret
= asn1_get_bool( p
, end
, ca_istrue
) ) != 0 )
719 if( ret
== POLARSSL_ERR_ASN1_UNEXPECTED_TAG
)
720 ret
= asn1_get_int( p
, end
, ca_istrue
);
723 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
725 if( *ca_istrue
!= 0 )
732 if( ( ret
= asn1_get_int( p
, end
, max_pathlen
) ) != 0 )
733 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
736 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
737 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
744 static int x509_get_ns_cert_type( unsigned char **p
,
745 const unsigned char *end
,
746 unsigned char *ns_cert_type
)
749 x509_bitstring bs
= { 0, 0, NULL
};
751 if( ( ret
= asn1_get_bitstring( p
, end
, &bs
) ) != 0 )
752 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
755 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
756 POLARSSL_ERR_ASN1_INVALID_LENGTH
);
758 /* Get actual bitstring */
759 *ns_cert_type
= *bs
.p
;
763 static int x509_get_key_usage( unsigned char **p
,
764 const unsigned char *end
,
765 unsigned char *key_usage
)
768 x509_bitstring bs
= { 0, 0, NULL
};
770 if( ( ret
= asn1_get_bitstring( p
, end
, &bs
) ) != 0 )
771 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
774 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
775 POLARSSL_ERR_ASN1_INVALID_LENGTH
);
777 /* Get actual bitstring */
783 * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
785 * KeyPurposeId ::= OBJECT IDENTIFIER
787 static int x509_get_ext_key_usage( unsigned char **p
,
788 const unsigned char *end
,
789 x509_sequence
*ext_key_usage
)
793 if( ( ret
= asn1_get_sequence_of( p
, end
, ext_key_usage
, ASN1_OID
) ) != 0 )
794 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
796 /* Sequence length must be >= 1 */
797 if( ext_key_usage
->buf
.p
== NULL
)
798 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
799 POLARSSL_ERR_ASN1_INVALID_LENGTH
);
805 * SubjectAltName ::= GeneralNames
807 * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
809 * GeneralName ::= CHOICE {
810 * otherName [0] OtherName,
811 * rfc822Name [1] IA5String,
812 * dNSName [2] IA5String,
813 * x400Address [3] ORAddress,
814 * directoryName [4] Name,
815 * ediPartyName [5] EDIPartyName,
816 * uniformResourceIdentifier [6] IA5String,
817 * iPAddress [7] OCTET STRING,
818 * registeredID [8] OBJECT IDENTIFIER }
820 * OtherName ::= SEQUENCE {
821 * type-id OBJECT IDENTIFIER,
822 * value [0] EXPLICIT ANY DEFINED BY type-id }
824 * EDIPartyName ::= SEQUENCE {
825 * nameAssigner [0] DirectoryString OPTIONAL,
826 * partyName [1] DirectoryString }
828 * NOTE: PolarSSL only parses and uses dNSName at this point.
830 static int x509_get_subject_alt_name( unsigned char **p
,
831 const unsigned char *end
,
832 x509_sequence
*subject_alt_name
)
838 asn1_sequence
*cur
= subject_alt_name
;
840 /* Get main sequence tag */
841 if( ( ret
= asn1_get_tag( p
, end
, &len
,
842 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
843 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
845 if( *p
+ len
!= end
)
846 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
847 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
851 if( ( end
- *p
) < 1 )
852 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
853 POLARSSL_ERR_ASN1_OUT_OF_DATA
);
857 if( ( ret
= asn1_get_len( p
, end
, &tag_len
) ) != 0 )
858 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
860 if( ( tag
& ASN1_CONTEXT_SPECIFIC
) != ASN1_CONTEXT_SPECIFIC
)
861 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
862 POLARSSL_ERR_ASN1_UNEXPECTED_TAG
);
864 if( tag
!= ( ASN1_CONTEXT_SPECIFIC
| 2 ) )
876 /* Allocate and assign next pointer */
879 cur
->next
= (asn1_sequence
*) malloc(
880 sizeof( asn1_sequence
) );
882 if( cur
->next
== NULL
)
883 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
884 POLARSSL_ERR_ASN1_MALLOC_FAILED
);
886 memset( cur
->next
, 0, sizeof( asn1_sequence
) );
891 /* Set final sequence entry's next pointer to NULL */
895 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
896 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
902 * X.509 v3 extensions
904 * TODO: Perform all of the basic constraints tests required by the RFC
905 * TODO: Set values for undetected extensions to a sane default?
908 static int x509_get_crt_ext( unsigned char **p
,
909 const unsigned char *end
,
914 unsigned char *end_ext_data
, *end_ext_octet
;
916 if( ( ret
= x509_get_ext( p
, end
, &crt
->v3_ext
, 3 ) ) != 0 )
918 if( ret
== POLARSSL_ERR_ASN1_UNEXPECTED_TAG
)
927 * Extension ::= SEQUENCE {
928 * extnID OBJECT IDENTIFIER,
929 * critical BOOLEAN DEFAULT FALSE,
930 * extnValue OCTET STRING }
932 x509_buf extn_oid
= {0, 0, NULL
};
933 int is_critical
= 0; /* DEFAULT FALSE */
935 if( ( ret
= asn1_get_tag( p
, end
, &len
,
936 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
937 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
939 end_ext_data
= *p
+ len
;
941 /* Get extension ID */
944 if( ( ret
= asn1_get_tag( p
, end
, &extn_oid
.len
, ASN1_OID
) ) != 0 )
945 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
950 if( ( end
- *p
) < 1 )
951 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
952 POLARSSL_ERR_ASN1_OUT_OF_DATA
);
954 /* Get optional critical */
955 if( ( ret
= asn1_get_bool( p
, end_ext_data
, &is_critical
) ) != 0 &&
956 ( ret
!= POLARSSL_ERR_ASN1_UNEXPECTED_TAG
) )
957 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
959 /* Data should be octet string type */
960 if( ( ret
= asn1_get_tag( p
, end_ext_data
, &len
,
961 ASN1_OCTET_STRING
) ) != 0 )
962 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+ ret
);
964 end_ext_octet
= *p
+ len
;
966 if( end_ext_octet
!= end_ext_data
)
967 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
968 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
971 * Detect supported extensions
973 if( ( OID_SIZE( OID_BASIC_CONSTRAINTS
) == extn_oid
.len
) &&
974 memcmp( extn_oid
.p
, OID_BASIC_CONSTRAINTS
, extn_oid
.len
) == 0 )
976 /* Parse basic constraints */
977 if( ( ret
= x509_get_basic_constraints( p
, end_ext_octet
,
978 &crt
->ca_istrue
, &crt
->max_pathlen
) ) != 0 )
980 crt
->ext_types
|= EXT_BASIC_CONSTRAINTS
;
982 else if( ( OID_SIZE( OID_NS_CERT_TYPE
) == extn_oid
.len
) &&
983 memcmp( extn_oid
.p
, OID_NS_CERT_TYPE
, extn_oid
.len
) == 0 )
985 /* Parse netscape certificate type */
986 if( ( ret
= x509_get_ns_cert_type( p
, end_ext_octet
,
987 &crt
->ns_cert_type
) ) != 0 )
989 crt
->ext_types
|= EXT_NS_CERT_TYPE
;
991 else if( ( OID_SIZE( OID_KEY_USAGE
) == extn_oid
.len
) &&
992 memcmp( extn_oid
.p
, OID_KEY_USAGE
, extn_oid
.len
) == 0 )
994 /* Parse key usage */
995 if( ( ret
= x509_get_key_usage( p
, end_ext_octet
,
996 &crt
->key_usage
) ) != 0 )
998 crt
->ext_types
|= EXT_KEY_USAGE
;
1000 else if( ( OID_SIZE( OID_EXTENDED_KEY_USAGE
) == extn_oid
.len
) &&
1001 memcmp( extn_oid
.p
, OID_EXTENDED_KEY_USAGE
, extn_oid
.len
) == 0 )
1003 /* Parse extended key usage */
1004 if( ( ret
= x509_get_ext_key_usage( p
, end_ext_octet
,
1005 &crt
->ext_key_usage
) ) != 0 )
1007 crt
->ext_types
|= EXT_EXTENDED_KEY_USAGE
;
1009 else if( ( OID_SIZE( OID_SUBJECT_ALT_NAME
) == extn_oid
.len
) &&
1010 memcmp( extn_oid
.p
, OID_SUBJECT_ALT_NAME
, extn_oid
.len
) == 0 )
1012 /* Parse extended key usage */
1013 if( ( ret
= x509_get_subject_alt_name( p
, end_ext_octet
,
1014 &crt
->subject_alt_names
) ) != 0 )
1016 crt
->ext_types
|= EXT_SUBJECT_ALT_NAME
;
1020 /* No parser found, skip extension */
1023 #if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
1026 /* Data is marked as critical: fail */
1027 return ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
1028 POLARSSL_ERR_ASN1_UNEXPECTED_TAG
);
1035 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS
+
1036 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
1044 static int x509_get_entries( unsigned char **p
,
1045 const unsigned char *end
,
1046 x509_crl_entry
*entry
)
1050 x509_crl_entry
*cur_entry
= entry
;
1055 if( ( ret
= asn1_get_tag( p
, end
, &entry_len
,
1056 ASN1_SEQUENCE
| ASN1_CONSTRUCTED
) ) != 0 )
1058 if( ret
== POLARSSL_ERR_ASN1_UNEXPECTED_TAG
)
1064 end
= *p
+ entry_len
;
1069 const unsigned char *end2
;
1071 if( ( ret
= asn1_get_tag( p
, end
, &len2
,
1072 ASN1_SEQUENCE
| ASN1_CONSTRUCTED
) ) != 0 )
1077 cur_entry
->raw
.tag
= **p
;
1078 cur_entry
->raw
.p
= *p
;
1079 cur_entry
->raw
.len
= len2
;
1082 if( ( ret
= x509_get_serial( p
, end2
, &cur_entry
->serial
) ) != 0 )
1085 if( ( ret
= x509_get_time( p
, end2
, &cur_entry
->revocation_date
) ) != 0 )
1088 if( ( ret
= x509_get_crl_entry_ext( p
, end2
, &cur_entry
->entry_ext
) ) != 0 )
1093 cur_entry
->next
= malloc( sizeof( x509_crl_entry
) );
1095 if( cur_entry
->next
== NULL
)
1096 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
1098 cur_entry
= cur_entry
->next
;
1099 memset( cur_entry
, 0, sizeof( x509_crl_entry
) );
1106 static int x509_get_sig_alg( const x509_buf
*sig_oid
, int *sig_alg
)
1108 if( sig_oid
->len
== 9 &&
1109 memcmp( sig_oid
->p
, OID_PKCS1
, 8 ) == 0 )
1111 if( sig_oid
->p
[8] >= 2 && sig_oid
->p
[8] <= 5 )
1113 *sig_alg
= sig_oid
->p
[8];
1117 if ( sig_oid
->p
[8] >= 11 && sig_oid
->p
[8] <= 14 )
1119 *sig_alg
= sig_oid
->p
[8];
1123 return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG
);
1125 if( sig_oid
->len
== 5 &&
1126 memcmp( sig_oid
->p
, OID_RSA_SHA_OBS
, 5 ) == 0 )
1128 *sig_alg
= SIG_RSA_SHA1
;
1132 return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG
);
1136 * Parse and fill a single X.509 certificate in DER format
1138 int x509parse_crt_der_core( x509_cert
*crt
, const unsigned char *buf
,
1143 unsigned char *p
, *end
, *crt_end
;
1146 * Check for valid input
1148 if( crt
== NULL
|| buf
== NULL
)
1149 return( POLARSSL_ERR_X509_INVALID_INPUT
);
1151 p
= (unsigned char *) malloc( len
= buflen
);
1154 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
1156 memcpy( p
, buf
, buflen
);
1165 * Certificate ::= SEQUENCE {
1166 * tbsCertificate TBSCertificate,
1167 * signatureAlgorithm AlgorithmIdentifier,
1168 * signatureValue BIT STRING }
1170 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
1171 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
1174 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
);
1177 if( len
> (size_t) ( end
- p
) )
1180 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+
1181 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
1186 * TBSCertificate ::= SEQUENCE {
1190 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
1191 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
1194 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+ ret
);
1198 crt
->tbs
.len
= end
- crt
->tbs
.p
;
1201 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
1203 * CertificateSerialNumber ::= INTEGER
1205 * signature AlgorithmIdentifier
1207 if( ( ret
= x509_get_version( &p
, end
, &crt
->version
) ) != 0 ||
1208 ( ret
= x509_get_serial( &p
, end
, &crt
->serial
) ) != 0 ||
1209 ( ret
= x509_get_alg( &p
, end
, &crt
->sig_oid1
) ) != 0 )
1217 if( crt
->version
> 3 )
1220 return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION
);
1223 if( ( ret
= x509_get_sig_alg( &crt
->sig_oid1
, &crt
->sig_alg
) ) != 0 )
1232 crt
->issuer_raw
.p
= p
;
1234 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
1235 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
1238 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+ ret
);
1241 if( ( ret
= x509_get_name( &p
, p
+ len
, &crt
->issuer
) ) != 0 )
1247 crt
->issuer_raw
.len
= p
- crt
->issuer_raw
.p
;
1250 * Validity ::= SEQUENCE {
1255 if( ( ret
= x509_get_dates( &p
, end
, &crt
->valid_from
,
1256 &crt
->valid_to
) ) != 0 )
1265 crt
->subject_raw
.p
= p
;
1267 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
1268 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
1271 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+ ret
);
1274 if( len
&& ( ret
= x509_get_name( &p
, p
+ len
, &crt
->subject
) ) != 0 )
1280 crt
->subject_raw
.len
= p
- crt
->subject_raw
.p
;
1283 * SubjectPublicKeyInfo ::= SEQUENCE
1284 * algorithm AlgorithmIdentifier,
1285 * subjectPublicKey BIT STRING }
1287 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
1288 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
1291 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+ ret
);
1294 if( ( ret
= x509_get_pubkey( &p
, p
+ len
, &crt
->pk_oid
,
1295 &crt
->rsa
.N
, &crt
->rsa
.E
) ) != 0 )
1301 if( ( ret
= rsa_check_pubkey( &crt
->rsa
) ) != 0 )
1307 crt
->rsa
.len
= mpi_size( &crt
->rsa
.N
);
1310 * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
1311 * -- If present, version shall be v2 or v3
1312 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
1313 * -- If present, version shall be v2 or v3
1314 * extensions [3] EXPLICIT Extensions OPTIONAL
1315 * -- If present, version shall be v3
1317 if( crt
->version
== 2 || crt
->version
== 3 )
1319 ret
= x509_get_uid( &p
, end
, &crt
->issuer_id
, 1 );
1327 if( crt
->version
== 2 || crt
->version
== 3 )
1329 ret
= x509_get_uid( &p
, end
, &crt
->subject_id
, 2 );
1337 if( crt
->version
== 3 )
1339 ret
= x509_get_crt_ext( &p
, end
, crt
);
1350 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+
1351 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
1357 * signatureAlgorithm AlgorithmIdentifier,
1358 * signatureValue BIT STRING
1360 if( ( ret
= x509_get_alg( &p
, end
, &crt
->sig_oid2
) ) != 0 )
1366 if( crt
->sig_oid1
.len
!= crt
->sig_oid2
.len
||
1367 memcmp( crt
->sig_oid1
.p
, crt
->sig_oid2
.p
, crt
->sig_oid1
.len
) != 0 )
1370 return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH
);
1373 if( ( ret
= x509_get_sig( &p
, end
, &crt
->sig
) ) != 0 )
1382 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+
1383 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
1390 * Parse one X.509 certificate in DER format from a buffer and add them to a
1393 int x509parse_crt_der( x509_cert
*chain
, const unsigned char *buf
, size_t buflen
)
1396 x509_cert
*crt
= chain
, *prev
= NULL
;
1399 * Check for valid input
1401 if( crt
== NULL
|| buf
== NULL
)
1402 return( POLARSSL_ERR_X509_INVALID_INPUT
);
1404 while( crt
->version
!= 0 && crt
->next
!= NULL
)
1411 * Add new certificate on the end of the chain if needed.
1413 if ( crt
->version
!= 0 && crt
->next
== NULL
)
1415 crt
->next
= (x509_cert
*) malloc( sizeof( x509_cert
) );
1417 if( crt
->next
== NULL
)
1418 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
1422 memset( crt
, 0, sizeof( x509_cert
) );
1425 if( ( ret
= x509parse_crt_der_core( crt
, buf
, buflen
) ) != 0 )
1440 * Parse one or more PEM certificates from a buffer and add them to the chained list
1442 int x509parse_crt( x509_cert
*chain
, const unsigned char *buf
, size_t buflen
)
1444 int ret
, success
= 0, first_error
= 0, total_failed
= 0;
1445 int buf_format
= X509_FORMAT_DER
;
1448 * Check for valid input
1450 if( chain
== NULL
|| buf
== NULL
)
1451 return( POLARSSL_ERR_X509_INVALID_INPUT
);
1454 * Determine buffer content. Buffer contains either one DER certificate or
1455 * one or more PEM certificates.
1457 #if defined(POLARSSL_PEM_C)
1458 if( strstr( (const char *) buf
, "-----BEGIN CERTIFICATE-----" ) != NULL
)
1459 buf_format
= X509_FORMAT_PEM
;
1462 if( buf_format
== X509_FORMAT_DER
)
1463 return x509parse_crt_der( chain
, buf
, buflen
);
1465 #if defined(POLARSSL_PEM_C)
1466 if( buf_format
== X509_FORMAT_PEM
)
1475 ret
= pem_read_buffer( &pem
,
1476 "-----BEGIN CERTIFICATE-----",
1477 "-----END CERTIFICATE-----",
1478 buf
, NULL
, 0, &use_len
);
1488 else if( ret
== POLARSSL_ERR_PEM_BAD_INPUT_DATA
)
1492 else if( ret
!= POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
)
1497 * PEM header and footer were found
1502 if( first_error
== 0 )
1510 ret
= x509parse_crt_der( chain
, pem
.buf
, pem
.buflen
);
1517 * Quit parsing on a memory error
1519 if( ret
== POLARSSL_ERR_X509_MALLOC_FAILED
)
1522 if( first_error
== 0 )
1535 return( total_failed
);
1536 else if( first_error
)
1537 return( first_error
);
1539 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT
);
1543 * Parse one or more CRLs and add them to the chained list
1545 int x509parse_crl( x509_crl
*chain
, const unsigned char *buf
, size_t buflen
)
1549 unsigned char *p
, *end
;
1551 #if defined(POLARSSL_PEM_C)
1559 * Check for valid input
1561 if( crl
== NULL
|| buf
== NULL
)
1562 return( POLARSSL_ERR_X509_INVALID_INPUT
);
1564 while( crl
->version
!= 0 && crl
->next
!= NULL
)
1568 * Add new CRL on the end of the chain if needed.
1570 if ( crl
->version
!= 0 && crl
->next
== NULL
)
1572 crl
->next
= (x509_crl
*) malloc( sizeof( x509_crl
) );
1574 if( crl
->next
== NULL
)
1576 x509_crl_free( crl
);
1577 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
1581 memset( crl
, 0, sizeof( x509_crl
) );
1584 #if defined(POLARSSL_PEM_C)
1586 ret
= pem_read_buffer( &pem
,
1587 "-----BEGIN X509 CRL-----",
1588 "-----END X509 CRL-----",
1589 buf
, NULL
, 0, &use_len
);
1607 else if( ret
!= POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
)
1615 * nope, copy the raw DER data
1617 p
= (unsigned char *) malloc( len
= buflen
);
1620 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
1622 memcpy( p
, buf
, buflen
);
1627 p
= (unsigned char *) malloc( len
= buflen
);
1630 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
1632 memcpy( p
, buf
, buflen
);
1642 * CertificateList ::= SEQUENCE {
1643 * tbsCertList TBSCertList,
1644 * signatureAlgorithm AlgorithmIdentifier,
1645 * signatureValue BIT STRING }
1647 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
1648 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
1650 x509_crl_free( crl
);
1651 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
);
1654 if( len
!= (size_t) ( end
- p
) )
1656 x509_crl_free( crl
);
1657 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+
1658 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
1662 * TBSCertList ::= SEQUENCE {
1666 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
1667 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
1669 x509_crl_free( crl
);
1670 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+ ret
);
1674 crl
->tbs
.len
= end
- crl
->tbs
.p
;
1677 * Version ::= INTEGER OPTIONAL { v1(0), v2(1) }
1678 * -- if present, MUST be v2
1680 * signature AlgorithmIdentifier
1682 if( ( ret
= x509_crl_get_version( &p
, end
, &crl
->version
) ) != 0 ||
1683 ( ret
= x509_get_alg( &p
, end
, &crl
->sig_oid1
) ) != 0 )
1685 x509_crl_free( crl
);
1691 if( crl
->version
> 2 )
1693 x509_crl_free( crl
);
1694 return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION
);
1697 if( ( ret
= x509_get_sig_alg( &crl
->sig_oid1
, &crl
->sig_alg
) ) != 0 )
1699 x509_crl_free( crl
);
1700 return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG
);
1706 crl
->issuer_raw
.p
= p
;
1708 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
1709 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
1711 x509_crl_free( crl
);
1712 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+ ret
);
1715 if( ( ret
= x509_get_name( &p
, p
+ len
, &crl
->issuer
) ) != 0 )
1717 x509_crl_free( crl
);
1721 crl
->issuer_raw
.len
= p
- crl
->issuer_raw
.p
;
1725 * nextUpdate Time OPTIONAL
1727 if( ( ret
= x509_get_time( &p
, end
, &crl
->this_update
) ) != 0 )
1729 x509_crl_free( crl
);
1733 if( ( ret
= x509_get_time( &p
, end
, &crl
->next_update
) ) != 0 )
1735 if ( ret
!= ( POLARSSL_ERR_X509_CERT_INVALID_DATE
+
1736 POLARSSL_ERR_ASN1_UNEXPECTED_TAG
) &&
1737 ret
!= ( POLARSSL_ERR_X509_CERT_INVALID_DATE
+
1738 POLARSSL_ERR_ASN1_OUT_OF_DATA
) )
1740 x509_crl_free( crl
);
1746 * revokedCertificates SEQUENCE OF SEQUENCE {
1747 * userCertificate CertificateSerialNumber,
1748 * revocationDate Time,
1749 * crlEntryExtensions Extensions OPTIONAL
1750 * -- if present, MUST be v2
1753 if( ( ret
= x509_get_entries( &p
, end
, &crl
->entry
) ) != 0 )
1755 x509_crl_free( crl
);
1760 * crlExtensions EXPLICIT Extensions OPTIONAL
1761 * -- if present, MUST be v2
1763 if( crl
->version
== 2 )
1765 ret
= x509_get_crl_ext( &p
, end
, &crl
->crl_ext
);
1769 x509_crl_free( crl
);
1776 x509_crl_free( crl
);
1777 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+
1778 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
1781 end
= crl
->raw
.p
+ crl
->raw
.len
;
1784 * signatureAlgorithm AlgorithmIdentifier,
1785 * signatureValue BIT STRING
1787 if( ( ret
= x509_get_alg( &p
, end
, &crl
->sig_oid2
) ) != 0 )
1789 x509_crl_free( crl
);
1793 if( crl
->sig_oid1
.len
!= crl
->sig_oid2
.len
||
1794 memcmp( crl
->sig_oid1
.p
, crl
->sig_oid2
.p
, crl
->sig_oid1
.len
) != 0 )
1796 x509_crl_free( crl
);
1797 return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH
);
1800 if( ( ret
= x509_get_sig( &p
, end
, &crl
->sig
) ) != 0 )
1802 x509_crl_free( crl
);
1808 x509_crl_free( crl
);
1809 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+
1810 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
1815 crl
->next
= (x509_crl
*) malloc( sizeof( x509_crl
) );
1817 if( crl
->next
== NULL
)
1819 x509_crl_free( crl
);
1820 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
1824 memset( crl
, 0, sizeof( x509_crl
) );
1826 return( x509parse_crl( crl
, buf
, buflen
) );
1832 #if defined(POLARSSL_FS_IO)
1834 * Load all data from a file into a given buffer.
1836 int load_file( const char *path
, unsigned char **buf
, size_t *n
)
1840 if( ( f
= fopen( path
, "rb" ) ) == NULL
)
1841 return( POLARSSL_ERR_X509_FILE_IO_ERROR
);
1843 fseek( f
, 0, SEEK_END
);
1844 *n
= (size_t) ftell( f
);
1845 fseek( f
, 0, SEEK_SET
);
1847 if( ( *buf
= (unsigned char *) malloc( *n
+ 1 ) ) == NULL
)
1848 return( POLARSSL_ERR_X509_MALLOC_FAILED
);
1850 if( fread( *buf
, 1, *n
, f
) != *n
)
1854 return( POLARSSL_ERR_X509_FILE_IO_ERROR
);
1865 * Load one or more certificates and add them to the chained list
1867 int x509parse_crtfile( x509_cert
*chain
, const char *path
)
1873 if ( (ret
= load_file( path
, &buf
, &n
) ) != 0 )
1876 ret
= x509parse_crt( chain
, buf
, n
);
1878 memset( buf
, 0, n
+ 1 );
1884 int x509parse_crtpath( x509_cert
*chain
, const char *path
)
1889 WCHAR szDir
[MAX_PATH
];
1890 char filename
[MAX_PATH
];
1892 int len
= strlen( path
);
1894 WIN32_FIND_DATAW file_data
;
1897 if( len
> MAX_PATH
- 3 )
1898 return( POLARSSL_ERR_X509_INVALID_INPUT
);
1900 memset( szDir
, 0, sizeof(szDir
) );
1901 memset( filename
, 0, MAX_PATH
);
1902 memcpy( filename
, path
, len
);
1903 filename
[len
++] = '\\';
1905 filename
[len
++] = '*';
1907 w_ret
= MultiByteToWideChar( CP_ACP
, 0, path
, len
, szDir
, MAX_PATH
- 3 );
1909 hFind
= FindFirstFileW( szDir
, &file_data
);
1910 if (hFind
== INVALID_HANDLE_VALUE
)
1911 return( POLARSSL_ERR_X509_FILE_IO_ERROR
);
1913 len
= MAX_PATH
- len
;
1916 memset( p
, 0, len
);
1918 if( file_data
.dwFileAttributes
& FILE_ATTRIBUTE_DIRECTORY
)
1921 w_ret
= WideCharToMultiByte( CP_ACP
, 0, file_data
.cFileName
,
1922 lstrlenW(file_data
.cFileName
),
1926 w_ret
= x509parse_crtfile( chain
, filename
);
1932 while( FindNextFileW( hFind
, &file_data
) != 0 );
1934 if (GetLastError() != ERROR_NO_MORE_FILES
)
1935 ret
= POLARSSL_ERR_X509_FILE_IO_ERROR
;
1942 struct dirent entry
, *result
= NULL
;
1943 char entry_name
[255];
1944 DIR *dir
= opendir( path
);
1947 return( POLARSSL_ERR_X509_FILE_IO_ERROR
);
1949 while( ( t_ret
= readdir_r( dir
, &entry
, &result
) ) == 0 )
1951 if( result
== NULL
)
1954 snprintf( entry_name
, sizeof(entry_name
), "%s/%s", path
, entry
.d_name
);
1956 i
= stat( entry_name
, &sb
);
1959 return( POLARSSL_ERR_X509_FILE_IO_ERROR
);
1961 if( !S_ISREG( sb
.st_mode
) )
1964 // Ignore parse errors
1966 t_ret
= x509parse_crtfile( chain
, entry_name
);
1979 * Load one or more CRLs and add them to the chained list
1981 int x509parse_crlfile( x509_crl
*chain
, const char *path
)
1987 if ( (ret
= load_file( path
, &buf
, &n
) ) != 0 )
1990 ret
= x509parse_crl( chain
, buf
, n
);
1992 memset( buf
, 0, n
+ 1 );
1999 * Load and parse a private RSA key
2001 int x509parse_keyfile( rsa_context
*rsa
, const char *path
, const char *pwd
)
2007 if ( (ret
= load_file( path
, &buf
, &n
) ) != 0 )
2011 ret
= x509parse_key( rsa
, buf
, n
, NULL
, 0 );
2013 ret
= x509parse_key( rsa
, buf
, n
,
2014 (unsigned char *) pwd
, strlen( pwd
) );
2016 memset( buf
, 0, n
+ 1 );
2023 * Load and parse a public RSA key
2025 int x509parse_public_keyfile( rsa_context
*rsa
, const char *path
)
2031 if ( (ret
= load_file( path
, &buf
, &n
) ) != 0 )
2034 ret
= x509parse_public_key( rsa
, buf
, n
);
2036 memset( buf
, 0, n
+ 1 );
2041 #endif /* POLARSSL_FS_IO */
2044 * Parse a PKCS#1 encoded private RSA key
2046 static int x509parse_key_pkcs1_der( rsa_context
*rsa
,
2047 const unsigned char *key
,
2052 unsigned char *p
, *end
;
2054 p
= (unsigned char *) key
;
2058 * This function parses the RSAPrivateKey (PKCS#1)
2060 * RSAPrivateKey ::= SEQUENCE {
2062 * modulus INTEGER, -- n
2063 * publicExponent INTEGER, -- e
2064 * privateExponent INTEGER, -- d
2065 * prime1 INTEGER, -- p
2066 * prime2 INTEGER, -- q
2067 * exponent1 INTEGER, -- d mod (p-1)
2068 * exponent2 INTEGER, -- d mod (q-1)
2069 * coefficient INTEGER, -- (inverse of q) mod p
2070 * otherPrimeInfos OtherPrimeInfos OPTIONAL
2073 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
2074 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
2076 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2081 if( ( ret
= asn1_get_int( &p
, end
, &rsa
->ver
) ) != 0 )
2083 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2088 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION
+ ret
);
2091 if( ( ret
= asn1_get_mpi( &p
, end
, &rsa
->N
) ) != 0 ||
2092 ( ret
= asn1_get_mpi( &p
, end
, &rsa
->E
) ) != 0 ||
2093 ( ret
= asn1_get_mpi( &p
, end
, &rsa
->D
) ) != 0 ||
2094 ( ret
= asn1_get_mpi( &p
, end
, &rsa
->P
) ) != 0 ||
2095 ( ret
= asn1_get_mpi( &p
, end
, &rsa
->Q
) ) != 0 ||
2096 ( ret
= asn1_get_mpi( &p
, end
, &rsa
->DP
) ) != 0 ||
2097 ( ret
= asn1_get_mpi( &p
, end
, &rsa
->DQ
) ) != 0 ||
2098 ( ret
= asn1_get_mpi( &p
, end
, &rsa
->QP
) ) != 0 )
2101 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2104 rsa
->len
= mpi_size( &rsa
->N
);
2109 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+
2110 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
2113 if( ( ret
= rsa_check_privkey( rsa
) ) != 0 )
2123 * Parse an unencrypted PKCS#8 encoded private RSA key
2125 static int x509parse_key_pkcs8_unencrypted_der(
2127 const unsigned char *key
,
2132 unsigned char *p
, *end
;
2133 x509_buf pk_alg_oid
;
2135 p
= (unsigned char *) key
;
2139 * This function parses the PrivatKeyInfo object (PKCS#8)
2141 * PrivateKeyInfo ::= SEQUENCE {
2143 * algorithm AlgorithmIdentifier,
2144 * PrivateKey BIT STRING
2147 * AlgorithmIdentifier ::= SEQUENCE {
2148 * algorithm OBJECT IDENTIFIER,
2149 * parameters ANY DEFINED BY algorithm OPTIONAL
2152 * The PrivateKey BIT STRING is a PKCS#1 RSAPrivateKey
2154 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
2155 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
2157 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2162 if( ( ret
= asn1_get_int( &p
, end
, &rsa
->ver
) ) != 0 )
2164 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2169 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION
+ ret
);
2172 if( ( ret
= x509_get_alg( &p
, end
, &pk_alg_oid
) ) != 0 )
2174 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2178 * only RSA keys handled at this time
2180 if( pk_alg_oid
.len
!= 9 ||
2181 memcmp( pk_alg_oid
.p
, OID_PKCS1_RSA
, 9 ) != 0 )
2183 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG
);
2187 * Get the OCTET STRING and parse the PKCS#1 format inside
2189 if( ( ret
= asn1_get_tag( &p
, end
, &len
, ASN1_OCTET_STRING
) ) != 0 )
2190 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2192 if( ( end
- p
) < 1 )
2194 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+
2195 POLARSSL_ERR_ASN1_OUT_OF_DATA
);
2200 if( ( ret
= x509parse_key_pkcs1_der( rsa
, p
, end
- p
) ) != 0 )
2207 * Parse an encrypted PKCS#8 encoded private RSA key
2209 static int x509parse_key_pkcs8_encrypted_der(
2211 const unsigned char *key
,
2213 const unsigned char *pwd
,
2218 unsigned char *p
, *end
, *end2
;
2219 x509_buf pbe_alg_oid
, pbe_params
;
2220 unsigned char buf
[2048];
2222 memset(buf
, 0, 2048);
2224 p
= (unsigned char *) key
;
2228 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED
);
2231 * This function parses the EncryptedPrivatKeyInfo object (PKCS#8)
2233 * EncryptedPrivateKeyInfo ::= SEQUENCE {
2234 * encryptionAlgorithm EncryptionAlgorithmIdentifier,
2235 * encryptedData EncryptedData
2238 * EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
2240 * EncryptedData ::= OCTET STRING
2242 * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
2244 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
2245 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
2247 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2252 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
2253 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
2255 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2260 if( ( ret
= asn1_get_tag( &p
, end
, &pbe_alg_oid
.len
, ASN1_OID
) ) != 0 )
2261 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2264 p
+= pbe_alg_oid
.len
;
2267 * Store the algorithm parameters
2270 pbe_params
.len
= end2
- p
;
2271 p
+= pbe_params
.len
;
2273 if( ( ret
= asn1_get_tag( &p
, end
, &len
, ASN1_OCTET_STRING
) ) != 0 )
2274 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2276 // buf has been sized to 2048 bytes
2278 return( POLARSSL_ERR_X509_INVALID_INPUT
);
2281 * Decrypt EncryptedData with appropriate PDE
2283 #if defined(POLARSSL_PKCS12_C)
2284 if( OID_CMP( OID_PKCS12_PBE_SHA1_DES3_EDE_CBC
, &pbe_alg_oid
) )
2286 if( ( ret
= pkcs12_pbe( &pbe_params
, PKCS12_PBE_DECRYPT
,
2287 POLARSSL_CIPHER_DES_EDE3_CBC
, POLARSSL_MD_SHA1
,
2288 pwd
, pwdlen
, p
, len
, buf
) ) != 0 )
2290 if( ret
== POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH
)
2291 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH
);
2296 else if( OID_CMP( OID_PKCS12_PBE_SHA1_DES2_EDE_CBC
, &pbe_alg_oid
) )
2298 if( ( ret
= pkcs12_pbe( &pbe_params
, PKCS12_PBE_DECRYPT
,
2299 POLARSSL_CIPHER_DES_EDE_CBC
, POLARSSL_MD_SHA1
,
2300 pwd
, pwdlen
, p
, len
, buf
) ) != 0 )
2302 if( ret
== POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH
)
2303 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH
);
2308 else if( OID_CMP( OID_PKCS12_PBE_SHA1_RC4_128
, &pbe_alg_oid
) )
2310 if( ( ret
= pkcs12_pbe_sha1_rc4_128( &pbe_params
,
2313 p
, len
, buf
) ) != 0 )
2318 // Best guess for password mismatch when using RC4. If first tag is
2319 // not ASN1_CONSTRUCTED | ASN1_SEQUENCE
2321 if( *buf
!= ( ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) )
2322 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH
);
2325 #endif /* POLARSSL_PKCS12_C */
2326 #if defined(POLARSSL_PKCS5_C)
2327 if( OID_CMP( OID_PKCS5_PBES2
, &pbe_alg_oid
) )
2329 if( ( ret
= pkcs5_pbes2( &pbe_params
, PKCS5_DECRYPT
, pwd
, pwdlen
,
2330 p
, len
, buf
) ) != 0 )
2332 if( ret
== POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH
)
2333 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH
);
2339 #endif /* POLARSSL_PKCS5_C */
2340 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE
);
2342 return x509parse_key_pkcs8_unencrypted_der( rsa
, buf
, len
);
2346 * Parse a private RSA key
2348 int x509parse_key( rsa_context
*rsa
, const unsigned char *key
, size_t keylen
,
2349 const unsigned char *pwd
, size_t pwdlen
)
2353 #if defined(POLARSSL_PEM_C)
2358 ret
= pem_read_buffer( &pem
,
2359 "-----BEGIN RSA PRIVATE KEY-----",
2360 "-----END RSA PRIVATE KEY-----",
2361 key
, pwd
, pwdlen
, &len
);
2364 if( ( ret
= x509parse_key_pkcs1_der( rsa
, pem
.buf
, pem
.buflen
) ) != 0 )
2372 else if( ret
== POLARSSL_ERR_PEM_PASSWORD_MISMATCH
)
2373 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH
);
2374 else if( ret
== POLARSSL_ERR_PEM_PASSWORD_REQUIRED
)
2375 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED
);
2376 else if( ret
!= POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
)
2379 ret
= pem_read_buffer( &pem
,
2380 "-----BEGIN PRIVATE KEY-----",
2381 "-----END PRIVATE KEY-----",
2382 key
, NULL
, 0, &len
);
2385 if( ( ret
= x509parse_key_pkcs8_unencrypted_der( rsa
,
2386 pem
.buf
, pem
.buflen
) ) != 0 )
2394 else if( ret
!= POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
)
2397 ret
= pem_read_buffer( &pem
,
2398 "-----BEGIN ENCRYPTED PRIVATE KEY-----",
2399 "-----END ENCRYPTED PRIVATE KEY-----",
2400 key
, NULL
, 0, &len
);
2403 if( ( ret
= x509parse_key_pkcs8_encrypted_der( rsa
,
2404 pem
.buf
, pem
.buflen
,
2405 pwd
, pwdlen
) ) != 0 )
2413 else if( ret
!= POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
)
2418 #endif /* POLARSSL_PEM_C */
2420 // At this point we only know it's not a PEM formatted key. Could be any
2421 // of the known DER encoded private key formats
2423 // We try the different DER format parsers to see if one passes without
2426 if( ( ret
= x509parse_key_pkcs8_encrypted_der( rsa
, key
, keylen
,
2427 pwd
, pwdlen
) ) == 0 )
2434 if( ret
== POLARSSL_ERR_X509_PASSWORD_MISMATCH
)
2439 if( ( ret
= x509parse_key_pkcs8_unencrypted_der( rsa
, key
, keylen
) ) == 0 )
2444 if( ( ret
= x509parse_key_pkcs1_der( rsa
, key
, keylen
) ) == 0 )
2449 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
);
2453 * Parse a public RSA key
2455 int x509parse_public_key( rsa_context
*rsa
, const unsigned char *key
, size_t keylen
)
2459 unsigned char *p
, *end
;
2461 #if defined(POLARSSL_PEM_C)
2465 ret
= pem_read_buffer( &pem
,
2466 "-----BEGIN PUBLIC KEY-----",
2467 "-----END PUBLIC KEY-----",
2468 key
, NULL
, 0, &len
);
2475 keylen
= pem
.buflen
;
2477 else if( ret
!= POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
)
2483 p
= ( ret
== 0 ) ? pem
.buf
: (unsigned char *) key
;
2485 p
= (unsigned char *) key
;
2490 * PublicKeyInfo ::= SEQUENCE {
2491 * algorithm AlgorithmIdentifier,
2492 * PublicKey BIT STRING
2495 * AlgorithmIdentifier ::= SEQUENCE {
2496 * algorithm OBJECT IDENTIFIER,
2497 * parameters ANY DEFINED BY algorithm OPTIONAL
2500 * RSAPublicKey ::= SEQUENCE {
2501 * modulus INTEGER, -- n
2502 * publicExponent INTEGER -- e
2506 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
2507 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
2509 #if defined(POLARSSL_PEM_C)
2513 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT
+ ret
);
2516 if( ( ret
= x509_get_pubkey( &p
, end
, &alg_oid
, &rsa
->N
, &rsa
->E
) ) != 0 )
2518 #if defined(POLARSSL_PEM_C)
2522 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2525 if( ( ret
= rsa_check_pubkey( rsa
) ) != 0 )
2527 #if defined(POLARSSL_PEM_C)
2534 rsa
->len
= mpi_size( &rsa
->N
);
2536 #if defined(POLARSSL_PEM_C)
2543 #if defined(POLARSSL_DHM_C)
2545 * Parse DHM parameters
2547 int x509parse_dhm( dhm_context
*dhm
, const unsigned char *dhmin
, size_t dhminlen
)
2551 unsigned char *p
, *end
;
2552 #if defined(POLARSSL_PEM_C)
2557 ret
= pem_read_buffer( &pem
,
2558 "-----BEGIN DH PARAMETERS-----",
2559 "-----END DH PARAMETERS-----",
2560 dhmin
, NULL
, 0, &dhminlen
);
2567 dhminlen
= pem
.buflen
;
2569 else if( ret
!= POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
)
2575 p
= ( ret
== 0 ) ? pem
.buf
: (unsigned char *) dhmin
;
2577 p
= (unsigned char *) dhmin
;
2581 memset( dhm
, 0, sizeof( dhm_context
) );
2584 * DHParams ::= SEQUENCE {
2585 * prime INTEGER, -- P
2586 * generator INTEGER, -- g
2589 if( ( ret
= asn1_get_tag( &p
, end
, &len
,
2590 ASN1_CONSTRUCTED
| ASN1_SEQUENCE
) ) != 0 )
2592 #if defined(POLARSSL_PEM_C)
2595 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2600 if( ( ret
= asn1_get_mpi( &p
, end
, &dhm
->P
) ) != 0 ||
2601 ( ret
= asn1_get_mpi( &p
, end
, &dhm
->G
) ) != 0 )
2603 #if defined(POLARSSL_PEM_C)
2607 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+ ret
);
2612 #if defined(POLARSSL_PEM_C)
2616 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT
+
2617 POLARSSL_ERR_ASN1_LENGTH_MISMATCH
);
2620 #if defined(POLARSSL_PEM_C)
2627 #if defined(POLARSSL_FS_IO)
2629 * Load and parse a private RSA key
2631 int x509parse_dhmfile( dhm_context
*dhm
, const char *path
)
2637 if ( ( ret
= load_file( path
, &buf
, &n
) ) != 0 )
2640 ret
= x509parse_dhm( dhm
, buf
, n
);
2642 memset( buf
, 0, n
+ 1 );
2647 #endif /* POLARSSL_FS_IO */
2648 #endif /* POLARSSL_DHM_C */
2650 #if defined _MSC_VER && !defined snprintf
2653 #if !defined vsnprintf
2654 #define vsnprintf _vsnprintf
2658 * Windows _snprintf and _vsnprintf are not compatible to linux versions.
2659 * Result value is not size of buffer needed, but -1 if no fit is possible.
2661 * This fuction tries to 'fix' this by at least suggesting enlarging the
2664 int compat_snprintf(char *str
, size_t size
, const char *format
, ...)
2669 va_start( ap
, format
);
2671 res
= vsnprintf( str
, size
, format
, ap
);
2675 // No quick fix possible
2677 return( (int) size
+ 20 );
2682 #define snprintf compat_snprintf
2685 #define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
2687 #define SAFE_SNPRINTF() \
2692 if ( (unsigned int) ret > n ) { \
2694 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
2697 n -= (unsigned int) ret; \
2698 p += (unsigned int) ret; \
2702 * Store the name in printable form into buf; no more
2703 * than size characters will be written
2705 int x509parse_dn_gets( char *buf
, size_t size
, const x509_name
*dn
)
2710 const x509_name
*name
;
2713 memset( s
, 0, sizeof( s
) );
2719 while( name
!= NULL
)
2729 ret
= snprintf( p
, n
, ", " );
2733 if( name
->oid
.len
== 3 &&
2734 memcmp( name
->oid
.p
, OID_X520
, 2 ) == 0 )
2736 switch( name
->oid
.p
[2] )
2738 case X520_COMMON_NAME
:
2739 ret
= snprintf( p
, n
, "CN=" ); break;
2742 ret
= snprintf( p
, n
, "C=" ); break;
2745 ret
= snprintf( p
, n
, "L=" ); break;
2748 ret
= snprintf( p
, n
, "ST=" ); break;
2750 case X520_ORGANIZATION
:
2751 ret
= snprintf( p
, n
, "O=" ); break;
2754 ret
= snprintf( p
, n
, "OU=" ); break;
2757 ret
= snprintf( p
, n
, "0x%02X=",
2763 else if( name
->oid
.len
== 9 &&
2764 memcmp( name
->oid
.p
, OID_PKCS9
, 8 ) == 0 )
2766 switch( name
->oid
.p
[8] )
2769 ret
= snprintf( p
, n
, "emailAddress=" ); break;
2772 ret
= snprintf( p
, n
, "0x%02X=",
2780 ret
= snprintf( p
, n
, "\?\?=" );
2784 for( i
= 0; i
< name
->val
.len
; i
++ )
2786 if( i
>= sizeof( s
) - 1 )
2790 if( c
< 32 || c
== 127 || ( c
> 128 && c
< 160 ) )
2795 ret
= snprintf( p
, n
, "%s", s
);
2800 return( (int) ( size
- n
) );
2804 * Store the serial in printable form into buf; no more
2805 * than size characters will be written
2807 int x509parse_serial_gets( char *buf
, size_t size
, const x509_buf
*serial
)
2816 nr
= ( serial
->len
<= 32 )
2819 for( i
= 0; i
< nr
; i
++ )
2821 if( i
== 0 && nr
> 1 && serial
->p
[i
] == 0x0 )
2824 ret
= snprintf( p
, n
, "%02X%s",
2825 serial
->p
[i
], ( i
< nr
- 1 ) ? ":" : "" );
2829 if( nr
!= serial
->len
)
2831 ret
= snprintf( p
, n
, "...." );
2835 return( (int) ( size
- n
) );
2839 * Return an informational string about the certificate.
2841 int x509parse_cert_info( char *buf
, size_t size
, const char *prefix
,
2842 const x509_cert
*crt
)
2851 ret
= snprintf( p
, n
, "%scert. version : %d\n",
2852 prefix
, crt
->version
);
2854 ret
= snprintf( p
, n
, "%sserial number : ",
2858 ret
= x509parse_serial_gets( p
, n
, &crt
->serial
);
2861 ret
= snprintf( p
, n
, "\n%sissuer name : ", prefix
);
2863 ret
= x509parse_dn_gets( p
, n
, &crt
->issuer
);
2866 ret
= snprintf( p
, n
, "\n%ssubject name : ", prefix
);
2868 ret
= x509parse_dn_gets( p
, n
, &crt
->subject
);
2871 ret
= snprintf( p
, n
, "\n%sissued on : " \
2872 "%04d-%02d-%02d %02d:%02d:%02d", prefix
,
2873 crt
->valid_from
.year
, crt
->valid_from
.mon
,
2874 crt
->valid_from
.day
, crt
->valid_from
.hour
,
2875 crt
->valid_from
.min
, crt
->valid_from
.sec
);
2878 ret
= snprintf( p
, n
, "\n%sexpires on : " \
2879 "%04d-%02d-%02d %02d:%02d:%02d", prefix
,
2880 crt
->valid_to
.year
, crt
->valid_to
.mon
,
2881 crt
->valid_to
.day
, crt
->valid_to
.hour
,
2882 crt
->valid_to
.min
, crt
->valid_to
.sec
);
2885 ret
= snprintf( p
, n
, "\n%ssigned using : RSA+", prefix
);
2888 switch( crt
->sig_alg
)
2890 case SIG_RSA_MD2
: ret
= snprintf( p
, n
, "MD2" ); break;
2891 case SIG_RSA_MD4
: ret
= snprintf( p
, n
, "MD4" ); break;
2892 case SIG_RSA_MD5
: ret
= snprintf( p
, n
, "MD5" ); break;
2893 case SIG_RSA_SHA1
: ret
= snprintf( p
, n
, "SHA1" ); break;
2894 case SIG_RSA_SHA224
: ret
= snprintf( p
, n
, "SHA224" ); break;
2895 case SIG_RSA_SHA256
: ret
= snprintf( p
, n
, "SHA256" ); break;
2896 case SIG_RSA_SHA384
: ret
= snprintf( p
, n
, "SHA384" ); break;
2897 case SIG_RSA_SHA512
: ret
= snprintf( p
, n
, "SHA512" ); break;
2898 default: ret
= snprintf( p
, n
, "???" ); break;
2902 ret
= snprintf( p
, n
, "\n%sRSA key size : %d bits\n", prefix
,
2903 (int) crt
->rsa
.N
.n
* (int) sizeof( t_uint
) * 8 );
2906 return( (int) ( size
- n
) );
2910 * Return an informational string describing the given OID
2912 const char *x509_oid_get_description( x509_buf
*oid
)
2917 else if( OID_CMP( OID_SERVER_AUTH
, oid
) )
2918 return( STRING_SERVER_AUTH
);
2920 else if( OID_CMP( OID_CLIENT_AUTH
, oid
) )
2921 return( STRING_CLIENT_AUTH
);
2923 else if( OID_CMP( OID_CODE_SIGNING
, oid
) )
2924 return( STRING_CODE_SIGNING
);
2926 else if( OID_CMP( OID_EMAIL_PROTECTION
, oid
) )
2927 return( STRING_EMAIL_PROTECTION
);
2929 else if( OID_CMP( OID_TIME_STAMPING
, oid
) )
2930 return( STRING_TIME_STAMPING
);
2932 else if( OID_CMP( OID_OCSP_SIGNING
, oid
) )
2933 return( STRING_OCSP_SIGNING
);
2938 /* Return the x.y.z.... style numeric string for the given OID */
2939 int x509_oid_get_numeric_string( char *buf
, size_t size
, x509_buf
*oid
)
2949 /* First byte contains first two dots */
2952 ret
= snprintf( p
, n
, "%d.%d", oid
->p
[0]/40, oid
->p
[0]%40 );
2956 /* TODO: value can overflow in value. */
2958 for( i
= 1; i
< oid
->len
; i
++ )
2961 value
+= oid
->p
[i
] & 0x7F;
2963 if( !( oid
->p
[i
] & 0x80 ) )
2966 ret
= snprintf( p
, n
, ".%d", value
);
2972 return( (int) ( size
- n
) );
2976 * Return an informational string about the CRL.
2978 int x509parse_crl_info( char *buf
, size_t size
, const char *prefix
,
2979 const x509_crl
*crl
)
2984 const x509_crl_entry
*entry
;
2989 ret
= snprintf( p
, n
, "%sCRL version : %d",
2990 prefix
, crl
->version
);
2993 ret
= snprintf( p
, n
, "\n%sissuer name : ", prefix
);
2995 ret
= x509parse_dn_gets( p
, n
, &crl
->issuer
);
2998 ret
= snprintf( p
, n
, "\n%sthis update : " \
2999 "%04d-%02d-%02d %02d:%02d:%02d", prefix
,
3000 crl
->this_update
.year
, crl
->this_update
.mon
,
3001 crl
->this_update
.day
, crl
->this_update
.hour
,
3002 crl
->this_update
.min
, crl
->this_update
.sec
);
3005 ret
= snprintf( p
, n
, "\n%snext update : " \
3006 "%04d-%02d-%02d %02d:%02d:%02d", prefix
,
3007 crl
->next_update
.year
, crl
->next_update
.mon
,
3008 crl
->next_update
.day
, crl
->next_update
.hour
,
3009 crl
->next_update
.min
, crl
->next_update
.sec
);
3012 entry
= &crl
->entry
;
3014 ret
= snprintf( p
, n
, "\n%sRevoked certificates:",
3018 while( entry
!= NULL
&& entry
->raw
.len
!= 0 )
3020 ret
= snprintf( p
, n
, "\n%sserial number: ",
3024 ret
= x509parse_serial_gets( p
, n
, &entry
->serial
);
3027 ret
= snprintf( p
, n
, " revocation date: " \
3028 "%04d-%02d-%02d %02d:%02d:%02d",
3029 entry
->revocation_date
.year
, entry
->revocation_date
.mon
,
3030 entry
->revocation_date
.day
, entry
->revocation_date
.hour
,
3031 entry
->revocation_date
.min
, entry
->revocation_date
.sec
);
3034 entry
= entry
->next
;
3037 ret
= snprintf( p
, n
, "\n%ssigned using : RSA+", prefix
);
3040 switch( crl
->sig_alg
)
3042 case SIG_RSA_MD2
: ret
= snprintf( p
, n
, "MD2" ); break;
3043 case SIG_RSA_MD4
: ret
= snprintf( p
, n
, "MD4" ); break;
3044 case SIG_RSA_MD5
: ret
= snprintf( p
, n
, "MD5" ); break;
3045 case SIG_RSA_SHA1
: ret
= snprintf( p
, n
, "SHA1" ); break;
3046 case SIG_RSA_SHA224
: ret
= snprintf( p
, n
, "SHA224" ); break;
3047 case SIG_RSA_SHA256
: ret
= snprintf( p
, n
, "SHA256" ); break;
3048 case SIG_RSA_SHA384
: ret
= snprintf( p
, n
, "SHA384" ); break;
3049 case SIG_RSA_SHA512
: ret
= snprintf( p
, n
, "SHA512" ); break;
3050 default: ret
= snprintf( p
, n
, "???" ); break;
3054 ret
= snprintf( p
, n
, "\n" );
3057 return( (int) ( size
- n
) );
3061 * Return 0 if the x509_time is still valid, or 1 otherwise.
3063 int x509parse_time_expired( const x509_time
*to
)
3084 lt
= localtime( &tt
);
3086 year
= lt
->tm_year
+ 1900;
3087 mon
= lt
->tm_mon
+ 1;
3094 if( year
> to
->year
)
3097 if( year
== to
->year
&&
3101 if( year
== to
->year
&&
3106 if( year
== to
->year
&&
3112 if( year
== to
->year
&&
3119 if( year
== to
->year
&&
3131 * Return 1 if the certificate is revoked, or 0 otherwise.
3133 int x509parse_revoked( const x509_cert
*crt
, const x509_crl
*crl
)
3135 const x509_crl_entry
*cur
= &crl
->entry
;
3137 while( cur
!= NULL
&& cur
->serial
.len
!= 0 )
3139 if( crt
->serial
.len
== cur
->serial
.len
&&
3140 memcmp( crt
->serial
.p
, cur
->serial
.p
, crt
->serial
.len
) == 0 )
3142 if( x509parse_time_expired( &cur
->revocation_date
) )
3153 * Wrapper for x509 hashes.
3155 static void x509_hash( const unsigned char *in
, size_t len
, int alg
,
3156 unsigned char *out
)
3160 #if defined(POLARSSL_MD2_C)
3161 case SIG_RSA_MD2
: md2( in
, len
, out
); break;
3163 #if defined(POLARSSL_MD4_C)
3164 case SIG_RSA_MD4
: md4( in
, len
, out
); break;
3166 #if defined(POLARSSL_MD5_C)
3167 case SIG_RSA_MD5
: md5( in
, len
, out
); break;
3169 #if defined(POLARSSL_SHA1_C)
3170 case SIG_RSA_SHA1
: sha1( in
, len
, out
); break;
3172 #if defined(POLARSSL_SHA2_C)
3173 case SIG_RSA_SHA224
: sha2( in
, len
, out
, 1 ); break;
3174 case SIG_RSA_SHA256
: sha2( in
, len
, out
, 0 ); break;
3176 #if defined(POLARSSL_SHA4_C)
3177 case SIG_RSA_SHA384
: sha4( in
, len
, out
, 1 ); break;
3178 case SIG_RSA_SHA512
: sha4( in
, len
, out
, 0 ); break;
3181 memset( out
, '\xFF', 64 );
3187 * Check that the given certificate is valid accoring to the CRL.
3189 static int x509parse_verifycrl(x509_cert
*crt
, x509_cert
*ca
,
3194 unsigned char hash
[64];
3200 * TODO: What happens if no CRL is present?
3201 * Suggestion: Revocation state should be unknown if no CRL is present.
3202 * For backwards compatibility this is not yet implemented.
3205 while( crl_list
!= NULL
)
3207 if( crl_list
->version
== 0 ||
3208 crl_list
->issuer_raw
.len
!= ca
->subject_raw
.len
||
3209 memcmp( crl_list
->issuer_raw
.p
, ca
->subject_raw
.p
,
3210 crl_list
->issuer_raw
.len
) != 0 )
3212 crl_list
= crl_list
->next
;
3217 * Check if CRL is correctly signed by the trusted CA
3219 hash_id
= crl_list
->sig_alg
;
3221 x509_hash( crl_list
->tbs
.p
, crl_list
->tbs
.len
, hash_id
, hash
);
3223 if( !rsa_pkcs1_verify( &ca
->rsa
, RSA_PUBLIC
, hash_id
,
3224 0, hash
, crl_list
->sig
.p
) == 0 )
3227 * CRL is not trusted
3229 flags
|= BADCRL_NOT_TRUSTED
;
3234 * Check for validity of CRL (Do not drop out)
3236 if( x509parse_time_expired( &crl_list
->next_update
) )
3237 flags
|= BADCRL_EXPIRED
;
3240 * Check if certificate is revoked
3242 if( x509parse_revoked(crt
, crl_list
) )
3244 flags
|= BADCERT_REVOKED
;
3248 crl_list
= crl_list
->next
;
3253 int x509_wildcard_verify( const char *cn
, x509_buf
*name
)
3258 if( name
->len
< 3 || name
->p
[0] != '*' || name
->p
[1] != '.' )
3261 for( i
= 0; i
< strlen( cn
); ++i
)
3273 if( strlen( cn
) - cn_idx
== name
->len
- 1 &&
3274 memcmp( name
->p
+ 1, cn
+ cn_idx
, name
->len
- 1 ) == 0 )
3282 static int x509parse_verify_top(
3283 x509_cert
*child
, x509_cert
*trust_ca
,
3284 x509_crl
*ca_crl
, int path_cnt
, int *flags
,
3285 int (*f_vrfy
)(void *, x509_cert
*, int, int *),
3289 int ca_flags
= 0, check_path_cnt
= path_cnt
+ 1;
3290 unsigned char hash
[64];
3292 if( x509parse_time_expired( &child
->valid_to
) )
3293 *flags
|= BADCERT_EXPIRED
;
3296 * Child is the top of the chain. Check against the trust_ca list.
3298 *flags
|= BADCERT_NOT_TRUSTED
;
3300 while( trust_ca
!= NULL
)
3302 if( trust_ca
->version
== 0 ||
3303 child
->issuer_raw
.len
!= trust_ca
->subject_raw
.len
||
3304 memcmp( child
->issuer_raw
.p
, trust_ca
->subject_raw
.p
,
3305 child
->issuer_raw
.len
) != 0 )
3307 trust_ca
= trust_ca
->next
;
3312 * Reduce path_len to check against if top of the chain is
3313 * the same as the trusted CA
3315 if( child
->subject_raw
.len
== trust_ca
->subject_raw
.len
&&
3316 memcmp( child
->subject_raw
.p
, trust_ca
->subject_raw
.p
,
3317 child
->issuer_raw
.len
) == 0 )
3322 if( trust_ca
->max_pathlen
> 0 &&
3323 trust_ca
->max_pathlen
< check_path_cnt
)
3325 trust_ca
= trust_ca
->next
;
3329 hash_id
= child
->sig_alg
;
3331 x509_hash( child
->tbs
.p
, child
->tbs
.len
, hash_id
, hash
);
3333 if( rsa_pkcs1_verify( &trust_ca
->rsa
, RSA_PUBLIC
, hash_id
,
3334 0, hash
, child
->sig
.p
) != 0 )
3336 trust_ca
= trust_ca
->next
;
3341 * Top of chain is signed by a trusted CA
3343 *flags
&= ~BADCERT_NOT_TRUSTED
;
3348 * If top of chain is not the same as the trusted CA send a verify request
3349 * to the callback for any issues with validity and CRL presence for the
3350 * trusted CA certificate.
3352 if( trust_ca
!= NULL
&&
3353 ( child
->subject_raw
.len
!= trust_ca
->subject_raw
.len
||
3354 memcmp( child
->subject_raw
.p
, trust_ca
->subject_raw
.p
,
3355 child
->issuer_raw
.len
) != 0 ) )
3357 /* Check trusted CA's CRL for then chain's top crt */
3358 *flags
|= x509parse_verifycrl( child
, trust_ca
, ca_crl
);
3360 if( x509parse_time_expired( &trust_ca
->valid_to
) )
3361 ca_flags
|= BADCERT_EXPIRED
;
3363 if( NULL
!= f_vrfy
)
3365 if( ( ret
= f_vrfy( p_vrfy
, trust_ca
, path_cnt
+ 1, &ca_flags
) ) != 0 )
3370 /* Call callback on top cert */
3371 if( NULL
!= f_vrfy
)
3373 if( ( ret
= f_vrfy(p_vrfy
, child
, path_cnt
, flags
) ) != 0 )
3382 static int x509parse_verify_child(
3383 x509_cert
*child
, x509_cert
*parent
, x509_cert
*trust_ca
,
3384 x509_crl
*ca_crl
, int path_cnt
, int *flags
,
3385 int (*f_vrfy
)(void *, x509_cert
*, int, int *),
3389 int parent_flags
= 0;
3390 unsigned char hash
[64];
3391 x509_cert
*grandparent
;
3393 if( x509parse_time_expired( &child
->valid_to
) )
3394 *flags
|= BADCERT_EXPIRED
;
3396 hash_id
= child
->sig_alg
;
3398 x509_hash( child
->tbs
.p
, child
->tbs
.len
, hash_id
, hash
);
3400 if( rsa_pkcs1_verify( &parent
->rsa
, RSA_PUBLIC
, hash_id
, 0, hash
,
3401 child
->sig
.p
) != 0 )
3402 *flags
|= BADCERT_NOT_TRUSTED
;
3404 /* Check trusted CA's CRL for the given crt */
3405 *flags
|= x509parse_verifycrl(child
, parent
, ca_crl
);
3407 grandparent
= parent
->next
;
3409 while( grandparent
!= NULL
)
3411 if( grandparent
->version
== 0 ||
3412 grandparent
->ca_istrue
== 0 ||
3413 parent
->issuer_raw
.len
!= grandparent
->subject_raw
.len
||
3414 memcmp( parent
->issuer_raw
.p
, grandparent
->subject_raw
.p
,
3415 parent
->issuer_raw
.len
) != 0 )
3417 grandparent
= grandparent
->next
;
3423 if( grandparent
!= NULL
)
3428 ret
= x509parse_verify_child( parent
, grandparent
, trust_ca
, ca_crl
, path_cnt
+ 1, &parent_flags
, f_vrfy
, p_vrfy
);
3434 ret
= x509parse_verify_top( parent
, trust_ca
, ca_crl
, path_cnt
+ 1, &parent_flags
, f_vrfy
, p_vrfy
);
3439 /* child is verified to be a child of the parent, call verify callback */
3440 if( NULL
!= f_vrfy
)
3441 if( ( ret
= f_vrfy( p_vrfy
, child
, path_cnt
, flags
) ) != 0 )
3444 *flags
|= parent_flags
;
3450 * Verify the certificate validity
3452 int x509parse_verify( x509_cert
*crt
,
3453 x509_cert
*trust_ca
,
3455 const char *cn
, int *flags
,
3456 int (*f_vrfy
)(void *, x509_cert
*, int, int *),
3464 x509_sequence
*cur
= NULL
;
3470 name
= &crt
->subject
;
3471 cn_len
= strlen( cn
);
3473 if( crt
->ext_types
& EXT_SUBJECT_ALT_NAME
)
3475 cur
= &crt
->subject_alt_names
;
3477 while( cur
!= NULL
)
3479 if( cur
->buf
.len
== cn_len
&&
3480 memcmp( cn
, cur
->buf
.p
, cn_len
) == 0 )
3483 if( cur
->buf
.len
> 2 &&
3484 memcmp( cur
->buf
.p
, "*.", 2 ) == 0 &&
3485 x509_wildcard_verify( cn
, &cur
->buf
) )
3492 *flags
|= BADCERT_CN_MISMATCH
;
3496 while( name
!= NULL
)
3498 if( name
->oid
.len
== 3 &&
3499 memcmp( name
->oid
.p
, OID_CN
, 3 ) == 0 )
3501 if( name
->val
.len
== cn_len
&&
3502 memcmp( name
->val
.p
, cn
, cn_len
) == 0 )
3505 if( name
->val
.len
> 2 &&
3506 memcmp( name
->val
.p
, "*.", 2 ) == 0 &&
3507 x509_wildcard_verify( cn
, &name
->val
) )
3515 *flags
|= BADCERT_CN_MISMATCH
;
3520 * Iterate upwards in the given cert chain, to find our crt parent.
3521 * Ignore any upper cert with CA != TRUE.
3525 while( parent
!= NULL
&& parent
->version
!= 0 )
3527 if( parent
->ca_istrue
== 0 ||
3528 crt
->issuer_raw
.len
!= parent
->subject_raw
.len
||
3529 memcmp( crt
->issuer_raw
.p
, parent
->subject_raw
.p
,
3530 crt
->issuer_raw
.len
) != 0 )
3532 parent
= parent
->next
;
3538 if( parent
!= NULL
)
3543 ret
= x509parse_verify_child( crt
, parent
, trust_ca
, ca_crl
, pathlen
, flags
, f_vrfy
, p_vrfy
);
3549 ret
= x509parse_verify_top( crt
, trust_ca
, ca_crl
, pathlen
, flags
, f_vrfy
, p_vrfy
);
3555 return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED
);
3561 * Unallocate all certificate data
3563 void x509_free( x509_cert
*crt
)
3565 x509_cert
*cert_cur
= crt
;
3566 x509_cert
*cert_prv
;
3567 x509_name
*name_cur
;
3568 x509_name
*name_prv
;
3569 x509_sequence
*seq_cur
;
3570 x509_sequence
*seq_prv
;
3577 rsa_free( &cert_cur
->rsa
);
3579 name_cur
= cert_cur
->issuer
.next
;
3580 while( name_cur
!= NULL
)
3582 name_prv
= name_cur
;
3583 name_cur
= name_cur
->next
;
3584 memset( name_prv
, 0, sizeof( x509_name
) );
3588 name_cur
= cert_cur
->subject
.next
;
3589 while( name_cur
!= NULL
)
3591 name_prv
= name_cur
;
3592 name_cur
= name_cur
->next
;
3593 memset( name_prv
, 0, sizeof( x509_name
) );
3597 seq_cur
= cert_cur
->ext_key_usage
.next
;
3598 while( seq_cur
!= NULL
)
3601 seq_cur
= seq_cur
->next
;
3602 memset( seq_prv
, 0, sizeof( x509_sequence
) );
3606 seq_cur
= cert_cur
->subject_alt_names
.next
;
3607 while( seq_cur
!= NULL
)
3610 seq_cur
= seq_cur
->next
;
3611 memset( seq_prv
, 0, sizeof( x509_sequence
) );
3615 if( cert_cur
->raw
.p
!= NULL
)
3617 memset( cert_cur
->raw
.p
, 0, cert_cur
->raw
.len
);
3618 free( cert_cur
->raw
.p
);
3621 cert_cur
= cert_cur
->next
;
3623 while( cert_cur
!= NULL
);
3628 cert_prv
= cert_cur
;
3629 cert_cur
= cert_cur
->next
;
3631 memset( cert_prv
, 0, sizeof( x509_cert
) );
3632 if( cert_prv
!= crt
)
3635 while( cert_cur
!= NULL
);
3639 * Unallocate all CRL data
3641 void x509_crl_free( x509_crl
*crl
)
3643 x509_crl
*crl_cur
= crl
;
3645 x509_name
*name_cur
;
3646 x509_name
*name_prv
;
3647 x509_crl_entry
*entry_cur
;
3648 x509_crl_entry
*entry_prv
;
3655 name_cur
= crl_cur
->issuer
.next
;
3656 while( name_cur
!= NULL
)
3658 name_prv
= name_cur
;
3659 name_cur
= name_cur
->next
;
3660 memset( name_prv
, 0, sizeof( x509_name
) );
3664 entry_cur
= crl_cur
->entry
.next
;
3665 while( entry_cur
!= NULL
)
3667 entry_prv
= entry_cur
;
3668 entry_cur
= entry_cur
->next
;
3669 memset( entry_prv
, 0, sizeof( x509_crl_entry
) );
3673 if( crl_cur
->raw
.p
!= NULL
)
3675 memset( crl_cur
->raw
.p
, 0, crl_cur
->raw
.len
);
3676 free( crl_cur
->raw
.p
);
3679 crl_cur
= crl_cur
->next
;
3681 while( crl_cur
!= NULL
);
3687 crl_cur
= crl_cur
->next
;
3689 memset( crl_prv
, 0, sizeof( x509_crl
) );
3690 if( crl_prv
!= crl
)
3693 while( crl_cur
!= NULL
);
3696 #if defined(POLARSSL_SELF_TEST)
3703 int x509_self_test( int verbose
)
3705 #if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C)
3712 #if defined(POLARSSL_DHM_C)
3717 printf( " X.509 certificate load: " );
3719 memset( &clicert
, 0, sizeof( x509_cert
) );
3721 ret
= x509parse_crt( &clicert
, (const unsigned char *) test_cli_crt
,
3722 strlen( test_cli_crt
) );
3726 printf( "failed\n" );
3731 memset( &cacert
, 0, sizeof( x509_cert
) );
3733 ret
= x509parse_crt( &cacert
, (const unsigned char *) test_ca_crt
,
3734 strlen( test_ca_crt
) );
3738 printf( "failed\n" );
3744 printf( "passed\n X.509 private key load: " );
3746 i
= strlen( test_ca_key
);
3747 j
= strlen( test_ca_pwd
);
3749 rsa_init( &rsa
, RSA_PKCS_V15
, 0 );
3751 if( ( ret
= x509parse_key( &rsa
,
3752 (const unsigned char *) test_ca_key
, i
,
3753 (const unsigned char *) test_ca_pwd
, j
) ) != 0 )
3756 printf( "failed\n" );
3762 printf( "passed\n X.509 signature verify: ");
3764 ret
= x509parse_verify( &clicert
, &cacert
, NULL
, "PolarSSL Client 2", &flags
, NULL
, NULL
);
3767 printf("%02x", flags
);
3769 printf( "failed\n" );
3774 #if defined(POLARSSL_DHM_C)
3776 printf( "passed\n X.509 DHM parameter load: " );
3778 i
= strlen( test_dhm_params
);
3779 j
= strlen( test_ca_pwd
);
3781 if( ( ret
= x509parse_dhm( &dhm
, (const unsigned char *) test_dhm_params
, i
) ) != 0 )
3784 printf( "failed\n" );
3790 printf( "passed\n\n" );
3793 x509_free( &cacert
);
3794 x509_free( &clicert
);
3796 #if defined(POLARSSL_DHM_C)
3803 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE
);