39 #if defined(POLARSSL_X509_PARSE_C)
61 #if defined(POLARSSL_FS_IO)
68 static int x509_get_version(
unsigned char **p,
69 const unsigned char *end,
102 static int x509_crl_get_version(
unsigned char **p,
103 const unsigned char *end,
125 static int x509_get_serial(
unsigned char **p,
126 const unsigned char *end,
131 if( ( end - *p ) < 1 )
140 serial->
tag = *(*p)++;
156 static int x509_get_alg(
unsigned char **p,
157 const unsigned char *end,
201 static int x509_get_attr_type_value(
unsigned char **p,
202 const unsigned char *end,
223 if( ( end - *p ) < 1 )
259 static int x509_get_name(
unsigned char **p,
260 const unsigned char *end,
265 const unsigned char *end2;
278 if( ( ret = x509_get_attr_type_value( p, end, use ) ) != 0 )
286 if( use->
next == NULL )
305 if( cur->
next == NULL )
310 return( x509_get_name( p, end2, cur->
next ) );
318 static int x509_get_time(
unsigned char **p,
319 const unsigned char *end,
327 if( ( end - *p ) < 1 )
341 memset( date, 0,
sizeof( date ) );
342 memcpy( date, *p, ( len <
sizeof( date ) - 1 ) ?
343 len :
sizeof( date ) - 1 );
345 if( sscanf( date,
"%2d%2d%2d%2d%2d%2d",
350 time->
year += 100 * ( time->
year < 50 );
365 memset( date, 0,
sizeof( date ) );
366 memcpy( date, *p, ( len <
sizeof( date ) - 1 ) ?
367 len :
sizeof( date ) - 1 );
369 if( sscanf( date,
"%4d%2d%2d%2d%2d%2d",
388 static int x509_get_dates(
unsigned char **p,
389 const unsigned char *end,
402 if( ( ret = x509_get_time( p, end, from ) ) != 0 )
405 if( ( ret = x509_get_time( p, end, to ) ) != 0 )
420 static int x509_get_pubkey(
unsigned char **p,
421 const unsigned char *end,
429 if( ( ret = x509_get_alg( p, end, pk_alg_oid ) ) != 0 )
437 if( pk_alg_oid->
len == 9 &&
441 if( pk_alg_oid->
len == 9 &&
444 if( pk_alg_oid->
p[8] >= 2 && pk_alg_oid->
p[8] <= 5 )
447 if ( pk_alg_oid->
p[8] >= 11 && pk_alg_oid->
p[8] <= 14 )
451 if( pk_alg_oid->
len == 5 &&
455 if( can_handle == 0 )
461 if( ( end - *p ) < 1 )
480 if( *p + len != end2 )
495 static int x509_get_sig(
unsigned char **p,
496 const unsigned char *end,
508 if( --len < 1 || *(*p)++ != 0 )
522 static int x509_get_uid(
unsigned char **p,
523 const unsigned char *end,
552 static int x509_get_ext(
unsigned char **p,
553 const unsigned char *end,
583 if( end != *p + len )
593 static int x509_get_crl_ext(
unsigned char **p,
594 const unsigned char *end,
601 if( ( ret = x509_get_ext( p, end, ext, 0) ) != 0 )
628 static int x509_get_crl_entry_ext(
unsigned char **p,
629 const unsigned char *end,
659 if( end != *p + ext->
len )
679 static int x509_get_basic_constraints(
unsigned char **p,
680 const unsigned char *end,
710 if( *ca_istrue != 0 )
717 if( ( ret =
asn1_get_int( p, end, max_pathlen ) ) != 0 )
729 static int x509_get_ns_cert_type(
unsigned char **p,
730 const unsigned char *end,
731 unsigned char *ns_cert_type)
744 *ns_cert_type = *bs.
p;
748 static int x509_get_key_usage(
unsigned char **p,
749 const unsigned char *end,
750 unsigned char *key_usage)
772 static int x509_get_ext_key_usage(
unsigned char **p,
773 const unsigned char *end,
782 if( ext_key_usage->
buf.
p == NULL )
796 static int x509_get_crt_ext(
unsigned char **p,
797 const unsigned char *end,
802 unsigned char *end_ext_data, *end_ext_octet;
804 if( ( ret = x509_get_ext( p, end, &crt->
v3_ext, 3 ) ) != 0 )
827 end_ext_data = *p + len;
838 if( ( end - *p ) < 1 )
843 if( ( ret =
asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
852 end_ext_octet = *p + len;
854 if( end_ext_octet != end_ext_data )
865 if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
874 if( ( ret = x509_get_ns_cert_type( p, end_ext_octet,
883 if( ( ret = x509_get_key_usage( p, end_ext_octet,
892 if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
902 #if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
923 static int x509_get_entries(
unsigned char **p,
924 const unsigned char *end,
943 end = *p + entry_len;
948 const unsigned char *end2;
957 cur_entry->
raw.
p = *p;
958 cur_entry->
raw.
len = len2;
961 if( ( ret = x509_get_serial( p, end2, &cur_entry->
serial ) ) != 0 )
964 if( ( ret = x509_get_time( p, end2, &cur_entry->
revocation_date ) ) != 0 )
967 if( ( ret = x509_get_crl_entry_ext( p, end2, &cur_entry->
entry_ext ) ) != 0 )
974 if( cur_entry->
next == NULL )
977 cur_entry = cur_entry->
next;
987 if( sig_oid->
len == 9 &&
990 if( sig_oid->
p[8] >= 2 && sig_oid->
p[8] <= 5 )
992 *sig_alg = sig_oid->
p[8];
996 if ( sig_oid->
p[8] >= 11 && sig_oid->
p[8] <= 14 )
998 *sig_alg = sig_oid->
p[8];
1004 if( sig_oid->
len == 5 &&
1017 int x509parse_crt_der(
x509_cert *crt,
const unsigned char *buf,
size_t buflen )
1021 unsigned char *p, *end, *crt_end;
1026 if( crt == NULL || buf == NULL )
1029 p = (
unsigned char *) malloc( len = buflen );
1034 memcpy( p, buf, buflen );
1055 if( len > (
size_t) ( end - p ) )
1085 if( ( ret = x509_get_version( &p, end, &crt->
version ) ) != 0 ||
1086 ( ret = x509_get_serial( &p, end, &crt->
serial ) ) != 0 ||
1087 ( ret = x509_get_alg( &p, end, &crt->
sig_oid1 ) ) != 0 )
1101 if( ( ret = x509_get_sig_alg( &crt->
sig_oid1, &crt->
sig_alg ) ) != 0 )
1119 if( ( ret = x509_get_name( &p, p + len, &crt->
issuer ) ) != 0 )
1133 if( ( ret = x509_get_dates( &p, end, &crt->
valid_from,
1152 if( ( ret = x509_get_name( &p, p + len, &crt->
subject ) ) != 0 )
1172 if( ( ret = x509_get_pubkey( &p, p + len, &crt->
pk_oid,
1173 &crt->
rsa.
N, &crt->
rsa.
E ) ) != 0 )
1197 ret = x509_get_uid( &p, end, &crt->
issuer_id, 1 );
1207 ret = x509_get_uid( &p, end, &crt->
subject_id, 2 );
1217 ret = x509_get_crt_ext( &p, end, crt);
1238 if( ( ret = x509_get_alg( &p, end, &crt->
sig_oid2 ) ) != 0 )
1251 if( ( ret = x509_get_sig( &p, end, &crt->
sig ) ) != 0 )
1272 int ret, success = 0, first_error = 0, total_failed = 0;
1281 if( crt == NULL || buf == NULL )
1297 if( crt->
next == NULL )
1309 #if defined(POLARSSL_PEM_C)
1310 if( strstr( (
char *) buf,
"-----BEGIN CERTIFICATE-----" ) != NULL )
1315 return x509parse_crt_der( crt, buf, buflen );
1317 #if defined(POLARSSL_PEM_C)
1328 "-----BEGIN CERTIFICATE-----",
1329 "-----END CERTIFICATE-----",
1330 buf, NULL, 0, &use_len );
1344 if( first_error == 0 )
1352 ret = x509parse_crt_der( crt, pem.
buf, pem.
buflen );
1372 if( first_error == 0 )
1388 if( crt->
next == NULL )
1408 return( total_failed );
1409 else if( first_error )
1410 return( first_error );
1422 unsigned char *p, *end;
1424 #if defined(POLARSSL_PEM_C)
1434 if( crl == NULL || buf == NULL )
1447 if( crl->
next == NULL )
1454 memset( crl, 0,
sizeof(
x509_crl ) );
1457 #if defined(POLARSSL_PEM_C)
1460 "-----BEGIN X509 CRL-----",
1461 "-----END X509 CRL-----",
1462 buf, NULL, 0, &use_len );
1490 p = (
unsigned char *) malloc( len = buflen );
1495 memcpy( p, buf, buflen );
1500 p = (
unsigned char *) malloc( len = buflen );
1505 memcpy( p, buf, buflen );
1527 if( len != (
size_t) ( end - p ) )
1555 if( ( ret = x509_crl_get_version( &p, end, &crl->
version ) ) != 0 ||
1556 ( ret = x509_get_alg( &p, end, &crl->
sig_oid1 ) ) != 0 )
1570 if( ( ret = x509_get_sig_alg( &crl->
sig_oid1, &crl->
sig_alg ) ) != 0 )
1588 if( ( ret = x509_get_name( &p, p + len, &crl->
issuer ) ) != 0 )
1600 if( ( ret = x509_get_time( &p, end, &crl->
this_update ) ) != 0 )
1606 if( ( ret = x509_get_time( &p, end, &crl->
next_update ) ) != 0 )
1626 if( ( ret = x509_get_entries( &p, end, &crl->
entry ) ) != 0 )
1638 ret = x509_get_crl_ext( &p, end, &crl->
crl_ext );
1660 if( ( ret = x509_get_alg( &p, end, &crl->
sig_oid2 ) ) != 0 )
1673 if( ( ret = x509_get_sig( &p, end, &crl->
sig ) ) != 0 )
1690 if( crl->
next == NULL )
1697 memset( crl, 0,
sizeof(
x509_crl ) );
1705 #if defined(POLARSSL_FS_IO)
1709 int load_file(
const char *path,
unsigned char **buf,
size_t *n )
1713 if( ( f = fopen( path,
"rb" ) ) == NULL )
1716 fseek( f, 0, SEEK_END );
1717 *n = (size_t) ftell( f );
1718 fseek( f, 0, SEEK_SET );
1720 if( ( *buf = (
unsigned char *) malloc( *n + 1 ) ) == NULL )
1723 if( fread( *buf, 1, *n, f ) != *n )
1746 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
1751 memset( buf, 0, n + 1 );
1766 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
1771 memset( buf, 0, n + 1 );
1786 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
1793 (
unsigned char *) pwd, strlen( pwd ) );
1795 memset( buf, 0, n + 1 );
1810 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
1815 memset( buf, 0, n + 1 );
1826 const unsigned char *pwd,
size_t pwdlen )
1830 unsigned char *p, *end;
1831 unsigned char *p_alt;
1834 #if defined(POLARSSL_PEM_C)
1839 "-----BEGIN RSA PRIVATE KEY-----",
1840 "-----END RSA PRIVATE KEY-----",
1841 key, pwd, pwdlen, &len );
1846 "-----BEGIN PRIVATE KEY-----",
1847 "-----END PRIVATE KEY-----",
1848 key, pwd, pwdlen, &len );
1864 p = ( ret == 0 ) ? pem.
buf : (
unsigned char *) key;
1868 p = (
unsigned char *) key;
1903 #if defined(POLARSSL_PEM_C)
1914 #if defined(POLARSSL_PEM_C)
1923 #if defined(POLARSSL_PEM_C)
1932 if( ( ret = x509_get_alg( &p_alt, end, &pk_alg_oid ) ) != 0 )
1940 #if defined(POLARSSL_PEM_C)
1956 if( pk_alg_oid.
len == 9 &&
1960 if( pk_alg_oid.
len == 9 &&
1963 if( pk_alg_oid.
p[8] >= 2 && pk_alg_oid.
p[8] <= 5 )
1966 if ( pk_alg_oid.
p[8] >= 11 && pk_alg_oid.
p[8] <= 14 )
1970 if( pk_alg_oid.
len == 5 &&
1974 if( can_handle == 0 )
1984 #if defined(POLARSSL_PEM_C)
1991 if( ( end - p ) < 1 )
1993 #if defined(POLARSSL_PEM_C)
2006 #if defined(POLARSSL_PEM_C)
2017 #if defined(POLARSSL_PEM_C)
2026 #if defined(POLARSSL_PEM_C)
2043 #if defined(POLARSSL_PEM_C)
2054 #if defined(POLARSSL_PEM_C)
2064 #if defined(POLARSSL_PEM_C)
2071 #if defined(POLARSSL_PEM_C)
2085 unsigned char *p, *end;
2087 #if defined(POLARSSL_PEM_C)
2092 "-----BEGIN PUBLIC KEY-----",
2093 "-----END PUBLIC KEY-----",
2094 key, NULL, 0, &len );
2109 p = ( ret == 0 ) ? pem.
buf : (
unsigned char *) key;
2111 p = (
unsigned char *) key;
2135 #if defined(POLARSSL_PEM_C)
2142 if( ( ret = x509_get_pubkey( &p, end, &alg_oid, &rsa->
N, &rsa->
E ) ) != 0 )
2144 #if defined(POLARSSL_PEM_C)
2153 #if defined(POLARSSL_PEM_C)
2162 #if defined(POLARSSL_PEM_C)
2169 #if defined(POLARSSL_DHM_C)
2177 unsigned char *p, *end;
2178 #if defined(POLARSSL_PEM_C)
2184 "-----BEGIN DH PARAMETERS-----",
2185 "-----END DH PARAMETERS-----",
2186 dhmin, NULL, 0, &dhminlen );
2201 p = ( ret == 0 ) ? pem.
buf : (
unsigned char *) dhmin;
2203 p = (
unsigned char *) dhmin;
2218 #if defined(POLARSSL_PEM_C)
2229 #if defined(POLARSSL_PEM_C)
2238 #if defined(POLARSSL_PEM_C)
2246 #if defined(POLARSSL_PEM_C)
2253 #if defined(POLARSSL_FS_IO)
2263 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
2268 memset( buf, 0, n + 1 );
2276 #if defined _MSC_VER && !defined snprintf
2279 #if !defined vsnprintf
2280 #define vsnprintf _vsnprintf
2290 int compat_snprintf(
char *str,
size_t size,
const char *format, ...)
2295 va_start( ap, format );
2297 res = vsnprintf( str, size, format, ap );
2303 return( (
int) size + 20 );
2308 #define snprintf compat_snprintf
2311 #define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
2313 #define SAFE_SNPRINTF() \
2318 if ( (unsigned int) ret > n ) { \
2320 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
2323 n -= (unsigned int) ret; \
2324 p += (unsigned int) ret; \
2339 memset( s, 0,
sizeof( s ) );
2345 while( name != NULL )
2349 ret = snprintf( p, n,
", " );
2353 if( name->
oid.
len == 3 &&
2356 switch( name->
oid.
p[2] )
2359 ret = snprintf( p, n,
"CN=" );
break;
2362 ret = snprintf( p, n,
"C=" );
break;
2365 ret = snprintf( p, n,
"L=" );
break;
2368 ret = snprintf( p, n,
"ST=" );
break;
2371 ret = snprintf( p, n,
"O=" );
break;
2374 ret = snprintf( p, n,
"OU=" );
break;
2377 ret = snprintf( p, n,
"0x%02X=",
2383 else if( name->
oid.
len == 9 &&
2386 switch( name->
oid.
p[8] )
2389 ret = snprintf( p, n,
"emailAddress=" );
break;
2392 ret = snprintf( p, n,
"0x%02X=",
2400 ret = snprintf( p, n,
"\?\?=" );
2404 for( i = 0; i < name->
val.
len; i++ )
2406 if( i >=
sizeof( s ) - 1 )
2410 if( c < 32 || c == 127 || ( c > 128 && c < 160 ) )
2415 ret = snprintf( p, n,
"%s", s );
2420 return( (
int) ( size - n ) );
2436 nr = ( serial->
len <= 32 )
2439 for( i = 0; i < nr; i++ )
2441 if( i == 0 && nr > 1 && serial->
p[i] == 0x0 )
2444 ret = snprintf( p, n,
"%02X%s",
2445 serial->
p[i], ( i < nr - 1 ) ?
":" :
"" );
2449 if( nr != serial->
len )
2451 ret = snprintf( p, n,
"...." );
2455 return( (
int) ( size - n ) );
2471 ret = snprintf( p, n,
"%scert. version : %d\n",
2474 ret = snprintf( p, n,
"%sserial number : ",
2481 ret = snprintf( p, n,
"\n%sissuer name : ", prefix );
2486 ret = snprintf( p, n,
"\n%ssubject name : ", prefix );
2491 ret = snprintf( p, n,
"\n%sissued on : " \
2492 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
2498 ret = snprintf( p, n,
"\n%sexpires on : " \
2499 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
2505 ret = snprintf( p, n,
"\n%ssigned using : RSA+", prefix );
2510 case SIG_RSA_MD2 : ret = snprintf( p, n,
"MD2" );
break;
2511 case SIG_RSA_MD4 : ret = snprintf( p, n,
"MD4" );
break;
2512 case SIG_RSA_MD5 : ret = snprintf( p, n,
"MD5" );
break;
2513 case SIG_RSA_SHA1 : ret = snprintf( p, n,
"SHA1" );
break;
2518 default: ret = snprintf( p, n,
"???" );
break;
2522 ret = snprintf( p, n,
"\n%sRSA key size : %d bits\n", prefix,
2523 (
int) crt->
rsa.
N.
n * (
int)
sizeof(
unsigned long ) * 8 );
2526 return( (
int) ( size - n ) );
2530 #define OID_CMP(oid_str, oid_buf) \
2531 ( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \
2532 memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) == 0)
2577 ret = snprintf( p, n,
"%d.%d", oid->
p[0]/40, oid->
p[0]%40 );
2583 for( i = 1; i < oid->
len; i++ )
2586 value += oid->
p[i] & 0x7F;
2588 if( !( oid->
p[i] & 0x80 ) )
2591 ret = snprintf( p, n,
".%d", value );
2597 return( (
int) ( size - n ) );
2614 ret = snprintf( p, n,
"%sCRL version : %d",
2618 ret = snprintf( p, n,
"\n%sissuer name : ", prefix );
2623 ret = snprintf( p, n,
"\n%sthis update : " \
2624 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
2630 ret = snprintf( p, n,
"\n%snext update : " \
2631 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
2637 entry = &crl->
entry;
2639 ret = snprintf( p, n,
"\n%sRevoked certificates:",
2643 while( entry != NULL && entry->
raw.
len != 0 )
2645 ret = snprintf( p, n,
"\n%sserial number: ",
2652 ret = snprintf( p, n,
" revocation date: " \
2653 "%04d-%02d-%02d %02d:%02d:%02d",
2659 entry = entry->
next;
2662 ret = snprintf( p, n,
"\n%ssigned using : RSA+", prefix );
2667 case SIG_RSA_MD2 : ret = snprintf( p, n,
"MD2" );
break;
2668 case SIG_RSA_MD4 : ret = snprintf( p, n,
"MD4" );
break;
2669 case SIG_RSA_MD5 : ret = snprintf( p, n,
"MD5" );
break;
2670 case SIG_RSA_SHA1 : ret = snprintf( p, n,
"SHA1" );
break;
2675 default: ret = snprintf( p, n,
"???" );
break;
2679 ret = snprintf( p, n,
"\n" );
2682 return( (
int) ( size - n ) );
2709 lt = localtime( &tt );
2711 year = lt->tm_year + 1900;
2712 mon = lt->tm_mon + 1;
2719 if( year > to->
year )
2722 if( year == to->
year &&
2726 if( year == to->
year &&
2731 if( year == to->
year &&
2737 if( year == to->
year &&
2744 if( year == to->
year &&
2762 while( cur != NULL && cur->
serial.
len != 0 )
2780 static void x509_hash(
const unsigned char *in,
size_t len,
int alg,
2781 unsigned char *out )
2785 #if defined(POLARSSL_MD2_C)
2788 #if defined(POLARSSL_MD4_C)
2791 #if defined(POLARSSL_MD5_C)
2794 #if defined(POLARSSL_SHA1_C)
2797 #if defined(POLARSSL_SHA2_C)
2801 #if defined(POLARSSL_SHA4_C)
2806 memset( out,
'\xFF', 64 );
2819 unsigned char hash[64];
2827 while( ca != NULL && crl_list != NULL && crl_list->
version != 0 )
2833 crl_list = crl_list->
next;
2842 x509_hash( crl_list->
tbs.
p, crl_list->
tbs.
len, hash_id, hash );
2845 0, hash, crl_list->
sig.
p ) == 0 )
2869 crl_list = crl_list->
next;
2880 const char *cn,
int *flags,
2881 int (*f_vrfy)(
void *,
x509_cert *,
int,
int),
2889 unsigned char hash[64];
2899 cn_len = strlen( cn );
2901 while( name != NULL )
2903 if( name->
oid.
len == 3 &&
2905 name->
val.
len == cn_len &&
2906 memcmp( name->
val.
p, cn, cn_len ) == 0 )
2924 while( parent != NULL && parent->
version != 0 )
2931 parent = parent->
next;
2937 x509_hash( crt->
tbs.
p, crt->
tbs.
len, hash_id, hash );
2944 *flags |= x509parse_verifycrl(crt, parent, ca_crl);
2947 if( NULL != f_vrfy )
2949 if( f_vrfy( p_vrfy, crt, pathlen - 1, ( *flags == 0 ) ) != 0 )
2954 else if( *flags != 0 )
2968 while( trust_ca != NULL && trust_ca->
version != 0 )
2974 trust_ca = trust_ca->
next;
2984 x509_hash( crt->
tbs.
p, crt->
tbs.
len, hash_id, hash );
2987 0, hash, crt->
sig.
p ) == 0 )
2996 trust_ca = trust_ca->
next;
3000 *flags |= x509parse_verifycrl( crt, trust_ca, ca_crl );
3003 if( NULL != f_vrfy )
3005 if( f_vrfy(p_vrfy, crt, pathlen-1, ( *flags == 0 ) ) != 0 )
3010 else if( *flags != 0 )
3036 while( name_cur != NULL )
3038 name_prv = name_cur;
3039 name_cur = name_cur->
next;
3040 memset( name_prv, 0,
sizeof(
x509_name ) );
3045 while( name_cur != NULL )
3047 name_prv = name_cur;
3048 name_cur = name_cur->
next;
3049 memset( name_prv, 0,
sizeof(
x509_name ) );
3054 while( seq_cur != NULL )
3057 seq_cur = seq_cur->
next;
3062 if( cert_cur->
raw.
p != NULL )
3064 memset( cert_cur->
raw.
p, 0, cert_cur->
raw.
len );
3065 free( cert_cur->
raw.
p );
3068 cert_cur = cert_cur->
next;
3070 while( cert_cur != NULL );
3075 cert_prv = cert_cur;
3076 cert_cur = cert_cur->
next;
3078 memset( cert_prv, 0,
sizeof(
x509_cert ) );
3079 if( cert_prv != crt )
3082 while( cert_cur != NULL );
3103 while( name_cur != NULL )
3105 name_prv = name_cur;
3106 name_cur = name_cur->
next;
3107 memset( name_prv, 0,
sizeof(
x509_name ) );
3112 while( entry_cur != NULL )
3114 entry_prv = entry_cur;
3115 entry_cur = entry_cur->
next;
3120 if( crl_cur->
raw.
p != NULL )
3122 memset( crl_cur->
raw.
p, 0, crl_cur->
raw.
len );
3123 free( crl_cur->
raw.
p );
3126 crl_cur = crl_cur->
next;
3128 while( crl_cur != NULL );
3134 crl_cur = crl_cur->
next;
3136 memset( crl_prv, 0,
sizeof(
x509_crl ) );
3137 if( crl_prv != crl )
3140 while( crl_cur != NULL );
3143 #if defined(POLARSSL_SELF_TEST)
3152 #if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C)
3159 #if defined(POLARSSL_DHM_C)
3164 printf(
" X.509 certificate load: " );
3166 memset( &clicert, 0,
sizeof(
x509_cert ) );
3168 ret =
x509parse_crt( &clicert, (
unsigned char *) test_cli_crt,
3169 strlen( test_cli_crt ) );
3173 printf(
"failed\n" );
3178 memset( &cacert, 0,
sizeof(
x509_cert ) );
3180 ret =
x509parse_crt( &cacert, (
unsigned char *) test_ca_crt,
3181 strlen( test_ca_crt ) );
3185 printf(
"failed\n" );
3191 printf(
"passed\n X.509 private key load: " );
3193 i = strlen( test_ca_key );
3194 j = strlen( test_ca_pwd );
3199 (
unsigned char *) test_ca_key, i,
3200 (
unsigned char *) test_ca_pwd, j ) ) != 0 )
3203 printf(
"failed\n" );
3209 printf(
"passed\n X.509 signature verify: ");
3211 ret =
x509parse_verify( &clicert, &cacert, NULL,
"PolarSSL Client 2", &flags, NULL, NULL );
3214 printf(
"%02x", flags);
3216 printf(
"failed\n" );
3221 #if defined(POLARSSL_DHM_C)
3223 printf(
"passed\n X.509 DHM parameter load: " );
3225 i = strlen( test_dhm_params );
3226 j = strlen( test_ca_pwd );
3228 if( ( ret =
x509parse_dhm( &dhm, (
unsigned char *) test_dhm_params, i ) ) != 0 )
3231 printf(
"failed\n" );
3237 printf(
"passed\n\n" );
3243 #if defined(POLARSSL_DHM_C)