39 #if defined(POLARSSL_X509_PARSE_C)
61 #if defined(POLARSSL_FS_IO)
68 static int x509_get_version(
unsigned char **p,
69 const unsigned char *end,
102 static int x509_crl_get_version(
unsigned char **p,
103 const unsigned char *end,
125 static int x509_get_serial(
unsigned char **p,
126 const unsigned char *end,
131 if( ( end - *p ) < 1 )
140 serial->
tag = *(*p)++;
156 static int x509_get_alg(
unsigned char **p,
157 const unsigned char *end,
201 static int x509_get_attr_type_value(
unsigned char **p,
202 const unsigned char *end,
223 if( ( end - *p ) < 1 )
259 static int x509_get_name(
unsigned char **p,
260 const unsigned char *end,
265 const unsigned char *end2;
278 if( ( ret = x509_get_attr_type_value( p, end, use ) ) != 0 )
286 if( use->
next == NULL )
305 if( cur->
next == NULL )
310 return( x509_get_name( p, end2, cur->
next ) );
318 static int x509_get_time(
unsigned char **p,
319 const unsigned char *end,
327 if( ( end - *p ) < 1 )
341 memset( date, 0,
sizeof( date ) );
342 memcpy( date, *p, ( len <
sizeof( date ) - 1 ) ?
343 len :
sizeof( date ) - 1 );
345 if( sscanf( date,
"%2d%2d%2d%2d%2d%2d",
350 time->
year += 100 * ( time->
year < 50 );
365 memset( date, 0,
sizeof( date ) );
366 memcpy( date, *p, ( len <
sizeof( date ) - 1 ) ?
367 len :
sizeof( date ) - 1 );
369 if( sscanf( date,
"%4d%2d%2d%2d%2d%2d",
388 static int x509_get_dates(
unsigned char **p,
389 const unsigned char *end,
402 if( ( ret = x509_get_time( p, end, from ) ) != 0 )
405 if( ( ret = x509_get_time( p, end, to ) ) != 0 )
420 static int x509_get_pubkey(
unsigned char **p,
421 const unsigned char *end,
429 if( ( ret = x509_get_alg( p, end, pk_alg_oid ) ) != 0 )
437 if( pk_alg_oid->
len == 9 &&
441 if( pk_alg_oid->
len == 9 &&
444 if( pk_alg_oid->
p[8] >= 2 && pk_alg_oid->
p[8] <= 5 )
447 if ( pk_alg_oid->
p[8] >= 11 && pk_alg_oid->
p[8] <= 14 )
451 if( pk_alg_oid->
len == 5 &&
455 if( can_handle == 0 )
461 if( ( end - *p ) < 1 )
480 if( *p + len != end2 )
495 static int x509_get_sig(
unsigned char **p,
496 const unsigned char *end,
508 if( --len < 1 || *(*p)++ != 0 )
522 static int x509_get_uid(
unsigned char **p,
523 const unsigned char *end,
552 static int x509_get_ext(
unsigned char **p,
553 const unsigned char *end,
583 if( end != *p + len )
593 static int x509_get_crl_ext(
unsigned char **p,
594 const unsigned char *end,
601 if( ( ret = x509_get_ext( p, end, ext, 0) ) != 0 )
628 static int x509_get_crl_entry_ext(
unsigned char **p,
629 const unsigned char *end,
659 if( end != *p + ext->
len )
679 static int x509_get_basic_constraints(
unsigned char **p,
680 const unsigned char *end,
710 if( *ca_istrue != 0 )
717 if( ( ret =
asn1_get_int( p, end, max_pathlen ) ) != 0 )
729 static int x509_get_ns_cert_type(
unsigned char **p,
730 const unsigned char *end,
731 unsigned char *ns_cert_type)
744 *ns_cert_type = *bs.
p;
748 static int x509_get_key_usage(
unsigned char **p,
749 const unsigned char *end,
750 unsigned char *key_usage)
772 static int x509_get_ext_key_usage(
unsigned char **p,
773 const unsigned char *end,
782 if( ext_key_usage->
buf.
p == NULL )
796 static int x509_get_crt_ext(
unsigned char **p,
797 const unsigned char *end,
802 unsigned char *end_ext_data, *end_ext_octet;
804 if( ( ret = x509_get_ext( p, end, &crt->
v3_ext, 3 ) ) != 0 )
827 end_ext_data = *p + len;
838 if( ( end - *p ) < 1 )
843 if( ( ret =
asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
852 end_ext_octet = *p + len;
854 if( end_ext_octet != end_ext_data )
865 if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
874 if( ( ret = x509_get_ns_cert_type( p, end_ext_octet,
883 if( ( ret = x509_get_key_usage( p, end_ext_octet,
892 if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
902 #if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
923 static int x509_get_entries(
unsigned char **p,
924 const unsigned char *end,
943 end = *p + entry_len;
948 const unsigned char *end2;
957 cur_entry->
raw.
p = *p;
958 cur_entry->
raw.
len = len2;
961 if( ( ret = x509_get_serial( p, end2, &cur_entry->
serial ) ) != 0 )
964 if( ( ret = x509_get_time( p, end2, &cur_entry->
revocation_date ) ) != 0 )
967 if( ( ret = x509_get_crl_entry_ext( p, end2, &cur_entry->
entry_ext ) ) != 0 )
974 if( cur_entry->
next == NULL )
977 cur_entry = cur_entry->
next;
987 if( sig_oid->
len == 9 &&
990 if( sig_oid->
p[8] >= 2 && sig_oid->
p[8] <= 5 )
992 *sig_alg = sig_oid->
p[8];
996 if ( sig_oid->
p[8] >= 11 && sig_oid->
p[8] <= 14 )
998 *sig_alg = sig_oid->
p[8];
1004 if( sig_oid->
len == 5 &&
1017 int x509parse_crt_der(
x509_cert *crt,
const unsigned char *buf,
size_t buflen )
1021 unsigned char *p, *end;
1026 if( crt == NULL || buf == NULL )
1029 p = (
unsigned char *) malloc( len = buflen );
1034 memcpy( p, buf, buflen );
1055 if( len != (
size_t) ( end - p ) )
1084 if( ( ret = x509_get_version( &p, end, &crt->
version ) ) != 0 ||
1085 ( ret = x509_get_serial( &p, end, &crt->
serial ) ) != 0 ||
1086 ( ret = x509_get_alg( &p, end, &crt->
sig_oid1 ) ) != 0 )
1100 if( ( ret = x509_get_sig_alg( &crt->
sig_oid1, &crt->
sig_alg ) ) != 0 )
1118 if( ( ret = x509_get_name( &p, p + len, &crt->
issuer ) ) != 0 )
1132 if( ( ret = x509_get_dates( &p, end, &crt->
valid_from,
1151 if( ( ret = x509_get_name( &p, p + len, &crt->
subject ) ) != 0 )
1171 if( ( ret = x509_get_pubkey( &p, p + len, &crt->
pk_oid,
1172 &crt->
rsa.
N, &crt->
rsa.
E ) ) != 0 )
1196 ret = x509_get_uid( &p, end, &crt->
issuer_id, 1 );
1206 ret = x509_get_uid( &p, end, &crt->
subject_id, 2 );
1216 ret = x509_get_crt_ext( &p, end, crt);
1237 if( ( ret = x509_get_alg( &p, end, &crt->
sig_oid2 ) ) != 0 )
1249 if( ( ret = x509_get_sig( &p, end, &crt->
sig ) ) != 0 )
1270 int ret, success = 0, first_error = 0, total_failed = 0;
1279 if( crt == NULL || buf == NULL )
1295 if( crt->
next == NULL )
1307 #if defined(POLARSSL_PEM_C)
1308 if( strstr( (
char *) buf,
"-----BEGIN CERTIFICATE-----" ) != NULL )
1313 return x509parse_crt_der( crt, buf, buflen );
1315 #if defined(POLARSSL_PEM_C)
1326 "-----BEGIN CERTIFICATE-----",
1327 "-----END CERTIFICATE-----",
1328 buf, NULL, 0, &use_len );
1342 if( first_error == 0 )
1350 ret = x509parse_crt_der( crt, pem.
buf, pem.
buflen );
1370 if( first_error == 0 )
1386 if( crt->
next == NULL )
1406 return( total_failed );
1407 else if( first_error )
1408 return( first_error );
1420 unsigned char *p, *end;
1422 #if defined(POLARSSL_PEM_C)
1432 if( crl == NULL || buf == NULL )
1445 if( crl->
next == NULL )
1452 memset( crl, 0,
sizeof(
x509_crl ) );
1455 #if defined(POLARSSL_PEM_C)
1458 "-----BEGIN X509 CRL-----",
1459 "-----END X509 CRL-----",
1460 buf, NULL, 0, &use_len );
1488 p = (
unsigned char *) malloc( len = buflen );
1493 memcpy( p, buf, buflen );
1498 p = (
unsigned char *) malloc( len = buflen );
1503 memcpy( p, buf, buflen );
1525 if( len != (
size_t) ( end - p ) )
1553 if( ( ret = x509_crl_get_version( &p, end, &crl->
version ) ) != 0 ||
1554 ( ret = x509_get_alg( &p, end, &crl->
sig_oid1 ) ) != 0 )
1568 if( ( ret = x509_get_sig_alg( &crl->
sig_oid1, &crl->
sig_alg ) ) != 0 )
1586 if( ( ret = x509_get_name( &p, p + len, &crl->
issuer ) ) != 0 )
1598 if( ( ret = x509_get_time( &p, end, &crl->
this_update ) ) != 0 )
1604 if( ( ret = x509_get_time( &p, end, &crl->
next_update ) ) != 0 )
1624 if( ( ret = x509_get_entries( &p, end, &crl->
entry ) ) != 0 )
1636 ret = x509_get_crl_ext( &p, end, &crl->
crl_ext );
1658 if( ( ret = x509_get_alg( &p, end, &crl->
sig_oid2 ) ) != 0 )
1670 if( ( ret = x509_get_sig( &p, end, &crl->
sig ) ) != 0 )
1687 if( crl->
next == NULL )
1694 memset( crl, 0,
sizeof(
x509_crl ) );
1702 #if defined(POLARSSL_FS_IO)
1706 int load_file(
const char *path,
unsigned char **buf,
size_t *n )
1710 if( ( f = fopen( path,
"rb" ) ) == NULL )
1713 fseek( f, 0, SEEK_END );
1714 *n = (size_t) ftell( f );
1715 fseek( f, 0, SEEK_SET );
1717 if( ( *buf = (
unsigned char *) malloc( *n + 1 ) ) == NULL )
1720 if( fread( *buf, 1, *n, f ) != *n )
1743 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
1748 memset( buf, 0, n + 1 );
1763 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
1768 memset( buf, 0, n + 1 );
1783 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
1790 (
unsigned char *) pwd, strlen( pwd ) );
1792 memset( buf, 0, n + 1 );
1807 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
1812 memset( buf, 0, n + 1 );
1823 const unsigned char *pwd,
size_t pwdlen )
1827 unsigned char *p, *end;
1828 unsigned char *p_alt;
1831 #if defined(POLARSSL_PEM_C)
1836 "-----BEGIN RSA PRIVATE KEY-----",
1837 "-----END RSA PRIVATE KEY-----",
1838 key, pwd, pwdlen, &len );
1843 "-----BEGIN PRIVATE KEY-----",
1844 "-----END PRIVATE KEY-----",
1845 key, pwd, pwdlen, &len );
1861 p = ( ret == 0 ) ? pem.
buf : (
unsigned char *) key;
1865 p = (
unsigned char *) key;
1900 #if defined(POLARSSL_PEM_C)
1911 #if defined(POLARSSL_PEM_C)
1920 #if defined(POLARSSL_PEM_C)
1929 if( ( ret = x509_get_alg( &p_alt, end, &pk_alg_oid ) ) != 0 )
1937 #if defined(POLARSSL_PEM_C)
1953 if( pk_alg_oid.
len == 9 &&
1957 if( pk_alg_oid.
len == 9 &&
1960 if( pk_alg_oid.
p[8] >= 2 && pk_alg_oid.
p[8] <= 5 )
1963 if ( pk_alg_oid.
p[8] >= 11 && pk_alg_oid.
p[8] <= 14 )
1967 if( pk_alg_oid.
len == 5 &&
1971 if( can_handle == 0 )
1981 #if defined(POLARSSL_PEM_C)
1988 if( ( end - p ) < 1 )
1990 #if defined(POLARSSL_PEM_C)
2003 #if defined(POLARSSL_PEM_C)
2014 #if defined(POLARSSL_PEM_C)
2023 #if defined(POLARSSL_PEM_C)
2040 #if defined(POLARSSL_PEM_C)
2051 #if defined(POLARSSL_PEM_C)
2061 #if defined(POLARSSL_PEM_C)
2068 #if defined(POLARSSL_PEM_C)
2082 unsigned char *p, *end;
2084 #if defined(POLARSSL_PEM_C)
2089 "-----BEGIN PUBLIC KEY-----",
2090 "-----END PUBLIC KEY-----",
2091 key, NULL, 0, &len );
2106 p = ( ret == 0 ) ? pem.
buf : (
unsigned char *) key;
2108 p = (
unsigned char *) key;
2132 #if defined(POLARSSL_PEM_C)
2139 if( ( ret = x509_get_pubkey( &p, end, &alg_oid, &rsa->
N, &rsa->
E ) ) != 0 )
2141 #if defined(POLARSSL_PEM_C)
2150 #if defined(POLARSSL_PEM_C)
2159 #if defined(POLARSSL_PEM_C)
2166 #if defined(POLARSSL_DHM_C)
2174 unsigned char *p, *end;
2175 #if defined(POLARSSL_PEM_C)
2181 "-----BEGIN DH PARAMETERS-----",
2182 "-----END DH PARAMETERS-----",
2183 dhmin, NULL, 0, &dhminlen );
2198 p = ( ret == 0 ) ? pem.
buf : (
unsigned char *) dhmin;
2200 p = (
unsigned char *) dhmin;
2215 #if defined(POLARSSL_PEM_C)
2226 #if defined(POLARSSL_PEM_C)
2235 #if defined(POLARSSL_PEM_C)
2243 #if defined(POLARSSL_PEM_C)
2250 #if defined(POLARSSL_FS_IO)
2260 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
2265 memset( buf, 0, n + 1 );
2273 #if defined _MSC_VER && !defined snprintf
2276 #if !defined vsnprintf
2277 #define vsnprintf _vsnprintf
2287 int compat_snprintf(
char *str,
size_t size,
const char *format, ...)
2292 va_start( ap, format );
2294 res = vsnprintf( str, size, format, ap );
2300 return( (
int) size + 20 );
2305 #define snprintf compat_snprintf
2308 #define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
2310 #define SAFE_SNPRINTF() \
2315 if ( (unsigned int) ret > n ) { \
2317 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
2320 n -= (unsigned int) ret; \
2321 p += (unsigned int) ret; \
2336 memset( s, 0,
sizeof( s ) );
2342 while( name != NULL )
2346 ret = snprintf( p, n,
", " );
2352 switch( name->
oid.
p[2] )
2355 ret = snprintf( p, n,
"CN=" );
break;
2358 ret = snprintf( p, n,
"C=" );
break;
2361 ret = snprintf( p, n,
"L=" );
break;
2364 ret = snprintf( p, n,
"ST=" );
break;
2367 ret = snprintf( p, n,
"O=" );
break;
2370 ret = snprintf( p, n,
"OU=" );
break;
2373 ret = snprintf( p, n,
"0x%02X=",
2381 switch( name->
oid.
p[8] )
2384 ret = snprintf( p, n,
"emailAddress=" );
break;
2387 ret = snprintf( p, n,
"0x%02X=",
2395 ret = snprintf( p, n,
"\?\?=" );
2399 for( i = 0; i < name->
val.
len; i++ )
2401 if( i >=
sizeof( s ) - 1 )
2405 if( c < 32 || c == 127 || ( c > 128 && c < 160 ) )
2410 ret = snprintf( p, n,
"%s", s );
2415 return( (
int) ( size - n ) );
2431 nr = ( serial->
len <= 32 )
2434 for( i = 0; i < nr; i++ )
2436 if( i == 0 && nr > 1 && serial->
p[i] == 0x0 )
2439 ret = snprintf( p, n,
"%02X%s",
2440 serial->
p[i], ( i < nr - 1 ) ?
":" :
"" );
2444 if( nr != serial->
len )
2446 ret = snprintf( p, n,
"...." );
2450 return( (
int) ( size - n ) );
2466 ret = snprintf( p, n,
"%scert. version : %d\n",
2469 ret = snprintf( p, n,
"%sserial number : ",
2476 ret = snprintf( p, n,
"\n%sissuer name : ", prefix );
2481 ret = snprintf( p, n,
"\n%ssubject name : ", prefix );
2486 ret = snprintf( p, n,
"\n%sissued on : " \
2487 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
2493 ret = snprintf( p, n,
"\n%sexpires on : " \
2494 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
2500 ret = snprintf( p, n,
"\n%ssigned using : RSA+", prefix );
2505 case SIG_RSA_MD2 : ret = snprintf( p, n,
"MD2" );
break;
2506 case SIG_RSA_MD4 : ret = snprintf( p, n,
"MD4" );
break;
2507 case SIG_RSA_MD5 : ret = snprintf( p, n,
"MD5" );
break;
2508 case SIG_RSA_SHA1 : ret = snprintf( p, n,
"SHA1" );
break;
2513 default: ret = snprintf( p, n,
"???" );
break;
2517 ret = snprintf( p, n,
"\n%sRSA key size : %d bits\n", prefix,
2518 (
int) crt->
rsa.
N.
n * (
int)
sizeof(
unsigned long ) * 8 );
2521 return( (
int) ( size - n ) );
2525 #define OID_CMP(oid_str, oid_buf) \
2526 ( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \
2527 memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) == 0)
2572 ret = snprintf( p, n,
"%d.%d", oid->
p[0]/40, oid->
p[0]%40 );
2578 for( i = 1; i < oid->
len; i++ )
2581 value += oid->
p[i] & 0x7F;
2583 if( !( oid->
p[i] & 0x80 ) )
2586 ret = snprintf( p, n,
".%d", value );
2592 return( (
int) ( size - n ) );
2609 ret = snprintf( p, n,
"%sCRL version : %d",
2613 ret = snprintf( p, n,
"\n%sissuer name : ", prefix );
2618 ret = snprintf( p, n,
"\n%sthis update : " \
2619 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
2625 ret = snprintf( p, n,
"\n%snext update : " \
2626 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
2632 entry = &crl->
entry;
2634 ret = snprintf( p, n,
"\n%sRevoked certificates:",
2638 while( entry != NULL && entry->
raw.
len != 0 )
2640 ret = snprintf( p, n,
"\n%sserial number: ",
2647 ret = snprintf( p, n,
" revocation date: " \
2648 "%04d-%02d-%02d %02d:%02d:%02d",
2654 entry = entry->
next;
2657 ret = snprintf( p, n,
"\n%ssigned using : RSA+", prefix );
2662 case SIG_RSA_MD2 : ret = snprintf( p, n,
"MD2" );
break;
2663 case SIG_RSA_MD4 : ret = snprintf( p, n,
"MD4" );
break;
2664 case SIG_RSA_MD5 : ret = snprintf( p, n,
"MD5" );
break;
2665 case SIG_RSA_SHA1 : ret = snprintf( p, n,
"SHA1" );
break;
2670 default: ret = snprintf( p, n,
"???" );
break;
2674 ret = snprintf( p, n,
"\n" );
2677 return( (
int) ( size - n ) );
2704 lt = localtime( &tt );
2706 year = lt->tm_year + 1900;
2707 mon = lt->tm_mon + 1;
2714 if( year > to->
year )
2717 if( year == to->
year &&
2721 if( year == to->
year &&
2726 if( year == to->
year &&
2732 if( year == to->
year &&
2739 if( year == to->
year &&
2757 while( cur != NULL && cur->
serial.
len != 0 )
2777 static void x509_hash(
const unsigned char *in,
size_t len,
int alg,
2778 unsigned char *out )
2782 #if defined(POLARSSL_MD2_C)
2785 #if defined(POLARSSL_MD4_C)
2788 #if defined(POLARSSL_MD5_C)
2791 #if defined(POLARSSL_SHA1_C)
2794 #if defined(POLARSSL_SHA2_C)
2798 #if defined(POLARSSL_SHA4_C)
2803 memset( out,
'\xFF', 64 );
2816 unsigned char hash[64];
2824 while( ca != NULL && crl_list != NULL && crl_list->
version != 0 )
2830 crl_list = crl_list->
next;
2839 x509_hash( crl_list->
tbs.
p, crl_list->
tbs.
len, hash_id, hash );
2842 0, hash, crl_list->
sig.
p ) == 0 )
2866 crl_list = crl_list->
next;
2877 const char *cn,
int *flags,
2878 int (*f_vrfy)(
void *,
x509_cert *,
int,
int),
2886 unsigned char hash[64];
2896 cn_len = strlen( cn );
2898 while( name != NULL )
2901 memcmp( name->
val.
p, cn, cn_len ) == 0 &&
2902 name->
val.
len == cn_len )
2920 while( parent != NULL && parent->
version != 0 )
2927 parent = parent->
next;
2933 x509_hash( crt->
tbs.
p, crt->
tbs.
len, hash_id, hash );
2940 *flags |= x509parse_verifycrl(crt, parent, ca_crl);
2943 if( NULL != f_vrfy )
2945 if( f_vrfy( p_vrfy, crt, pathlen - 1, ( *flags == 0 ) ) != 0 )
2950 else if( *flags != 0 )
2964 while( trust_ca != NULL && trust_ca->
version != 0 )
2970 trust_ca = trust_ca->
next;
2980 x509_hash( crt->
tbs.
p, crt->
tbs.
len, hash_id, hash );
2983 0, hash, crt->
sig.
p ) == 0 )
2992 trust_ca = trust_ca->
next;
2996 *flags |= x509parse_verifycrl( crt, trust_ca, ca_crl );
2999 if( NULL != f_vrfy )
3001 if( f_vrfy(p_vrfy, crt, pathlen-1, ( *flags == 0 ) ) != 0 )
3006 else if( *flags != 0 )
3032 while( name_cur != NULL )
3034 name_prv = name_cur;
3035 name_cur = name_cur->
next;
3036 memset( name_prv, 0,
sizeof(
x509_name ) );
3041 while( name_cur != NULL )
3043 name_prv = name_cur;
3044 name_cur = name_cur->
next;
3045 memset( name_prv, 0,
sizeof(
x509_name ) );
3050 while( seq_cur != NULL )
3053 seq_cur = seq_cur->
next;
3058 if( cert_cur->
raw.
p != NULL )
3060 memset( cert_cur->
raw.
p, 0, cert_cur->
raw.
len );
3061 free( cert_cur->
raw.
p );
3064 cert_cur = cert_cur->
next;
3066 while( cert_cur != NULL );
3071 cert_prv = cert_cur;
3072 cert_cur = cert_cur->
next;
3074 memset( cert_prv, 0,
sizeof(
x509_cert ) );
3075 if( cert_prv != crt )
3078 while( cert_cur != NULL );
3099 while( name_cur != NULL )
3101 name_prv = name_cur;
3102 name_cur = name_cur->
next;
3103 memset( name_prv, 0,
sizeof(
x509_name ) );
3108 while( entry_cur != NULL )
3110 entry_prv = entry_cur;
3111 entry_cur = entry_cur->
next;
3116 if( crl_cur->
raw.
p != NULL )
3118 memset( crl_cur->
raw.
p, 0, crl_cur->
raw.
len );
3119 free( crl_cur->
raw.
p );
3122 crl_cur = crl_cur->
next;
3124 while( crl_cur != NULL );
3130 crl_cur = crl_cur->
next;
3132 memset( crl_prv, 0,
sizeof(
x509_crl ) );
3133 if( crl_prv != crl )
3136 while( crl_cur != NULL );
3139 #if defined(POLARSSL_SELF_TEST)
3148 #if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C)
3155 #if defined(POLARSSL_DHM_C)
3160 printf(
" X.509 certificate load: " );
3162 memset( &clicert, 0,
sizeof(
x509_cert ) );
3164 ret =
x509parse_crt( &clicert, (
unsigned char *) test_cli_crt,
3165 strlen( test_cli_crt ) );
3169 printf(
"failed\n" );
3174 memset( &cacert, 0,
sizeof(
x509_cert ) );
3176 ret =
x509parse_crt( &cacert, (
unsigned char *) test_ca_crt,
3177 strlen( test_ca_crt ) );
3181 printf(
"failed\n" );
3187 printf(
"passed\n X.509 private key load: " );
3189 i = strlen( test_ca_key );
3190 j = strlen( test_ca_pwd );
3195 (
unsigned char *) test_ca_key, i,
3196 (
unsigned char *) test_ca_pwd, j ) ) != 0 )
3199 printf(
"failed\n" );
3205 printf(
"passed\n X.509 signature verify: ");
3207 ret =
x509parse_verify( &clicert, &cacert, NULL,
"PolarSSL Client 2", &flags, NULL, NULL );
3210 printf(
"%02x", flags);
3212 printf(
"failed\n" );
3217 #if defined(POLARSSL_DHM_C)
3219 printf(
"passed\n X.509 DHM parameter load: " );
3221 i = strlen( test_dhm_params );
3222 j = strlen( test_ca_pwd );
3224 if( ( ret =
x509parse_dhm( &dhm, (
unsigned char *) test_dhm_params, i ) ) != 0 )
3227 printf(
"failed\n" );
3233 printf(
"passed\n\n" );
3239 #if defined(POLARSSL_DHM_C)