57#if !defined(MBEDTLS_CONFIG_FILE)
60#include MBEDTLS_CONFIG_FILE
63#if defined(MBEDTLS_X509_USE_C)
72#if defined(MBEDTLS_PEM_PARSE_C)
76#if defined(MBEDTLS_PLATFORM_C)
81#define mbedtls_free free
82#define mbedtls_calloc calloc
83#define mbedtls_printf printf
84#define mbedtls_snprintf snprintf
87#if defined(MBEDTLS_HAVE_TIME)
90#if defined(MBEDTLS_HAVE_TIME_DATE)
95#define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); }
96#define CHECK_RANGE(min, max, val) \
99 if( ( val ) < ( min ) || ( val ) > ( max ) ) \
113 if( (
end - *
p ) < 1 )
164#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
178 const unsigned char *
end;
187 p = (
unsigned char *) alg->
p;
239 const unsigned char *
end, *end2;
253 p = (
unsigned char *)
params->p;
302 if( (
ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 )
353 if( trailer_field != 1 )
376static int x509_get_attr_type_value(
unsigned char **
p,
377 const unsigned char *
end,
391 if( (
end - *
p ) < 1 )
404 if( (
end - *
p ) < 1 )
463 const unsigned char *end_set;
475 end_set = *
p + set_len;
479 if( (
ret = x509_get_attr_type_value(
p, end_set,
cur ) ) != 0 )
486 cur->next_merged = 1;
511static int x509_parse_int(
unsigned char **
p,
size_t n,
int *
res )
517 if( ( **
p <
'0') || ( **
p >
'9' ) )
521 *
res += ( *(*p)++ -
'0' );
539 case 1:
case 3:
case 5:
case 7:
case 8:
case 10:
case 12:
542 case 4:
case 6:
case 9:
case 11:
546 if( ( !(
t->year % 4 ) &&
t->year % 100 ) ||
564static int x509_parse_time(
unsigned char **
p,
size_t len,
size_t yearlen,
572 if (
len < yearlen + 8 )
579 CHECK( x509_parse_int(
p, yearlen, &
tm->year ) );
588 CHECK( x509_parse_int(
p, 2, &
tm->mon ) );
589 CHECK( x509_parse_int(
p, 2, &
tm->day ) );
590 CHECK( x509_parse_int(
p, 2, &
tm->hour ) );
591 CHECK( x509_parse_int(
p, 2, &
tm->min ) );
598 CHECK( x509_parse_int(
p, 2, &
tm->sec ) );
607 if ( 1 ==
len &&
'Z' == **
p )
619 CHECK( x509_date_is_valid(
tm ) );
633 size_t len, year_len;
636 if( (
end - *
p ) < 1 )
656 return x509_parse_time(
p,
len, year_len,
tm );
665 if( (
end - *
p ) < 1 )
692 if( *sig_opts !=
NULL )
698#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
704 if( pss_opts ==
NULL )
717 *sig_opts = (
void *) pss_opts;
724 sig_params->
len != 0 )
775 unsigned char c,
merge = 0;
808 for(
i = 0;
i <
name->val.len;
i++ )
810 if(
i >=
sizeof(
s ) - 1 )
814 if(
c < 32 ||
c == 127 || (
c > 128 &&
c < 160 ) )
826 return( (
int) (
size -
n ) );
845 for(
i = 0;
i <
nr;
i++ )
861 return( (
int) (
size -
n ) );
869 const void *sig_opts )
883#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
906 return( (
int)(
size -
n ) );
924#if defined(MBEDTLS_HAVE_TIME_DATE)
931 struct tm *lt, tm_buf;
936 lt = mbedtls_platform_gmtime_r( &tt, &tm_buf );
998 if( x509_get_current_time( &
now ) != 0 )
1001 return( x509_check_time( &
now, to ) );
1008 if( x509_get_current_time( &
now ) != 0 )
1011 return( x509_check_time(
from, &
now ) );
1029#if defined(MBEDTLS_SELF_TEST)
1037int mbedtls_x509_self_test(
int verbose )
1040#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C)
_STLP_MOVE_TO_STD_NAMESPACE _OutputIter merge(_InputIter1 __first1, _InputIter1 __last1, _InputIter2 __first2, _InputIter2 __last2, _OutputIter __result)
Sample certificates and DHM parameters for testing.
const size_t mbedtls_test_cli_crt_len
const char * mbedtls_test_ca_crt
const size_t mbedtls_test_ca_crt_len
const char * mbedtls_test_cli_crt
static const WCHAR *const ext[]
static void cleanup(void)
GLenum const GLfloat * params
GLenum GLuint GLenum GLsizei const GLchar * buf
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
#define MBEDTLS_OID_CMP(oid_str, oid_buf)
int mbedtls_asn1_get_bitstring_null(unsigned char **p, const unsigned char *end, size_t *len)
Retrieve a bitstring ASN.1 tag without unused bits and its value. Updates the pointer to the beginnin...
#define MBEDTLS_ERR_ASN1_OUT_OF_DATA
#define MBEDTLS_ASN1_GENERALIZED_TIME
#define MBEDTLS_ASN1_IA5_STRING
#define MBEDTLS_ASN1_BMP_STRING
#define MBEDTLS_ASN1_PRINTABLE_STRING
#define MBEDTLS_ASN1_SEQUENCE
#define MBEDTLS_ASN1_INTEGER
int mbedtls_asn1_get_int(unsigned char **p, const unsigned char *end, int *val)
Retrieve an integer ASN.1 tag and its value. Updates the pointer to immediately behind the full tag.
#define MBEDTLS_ASN1_PRIMITIVE
#define MBEDTLS_ASN1_CONTEXT_SPECIFIC
#define MBEDTLS_ASN1_CONSTRUCTED
#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
#define MBEDTLS_ASN1_T61_STRING
#define MBEDTLS_ASN1_UTC_TIME
#define MBEDTLS_ASN1_UNIVERSAL_STRING
#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
int mbedtls_asn1_get_len(unsigned char **p, const unsigned char *end, size_t *len)
Get the length of an ASN.1 element. Updates the pointer to immediately behind the length.
int mbedtls_asn1_get_alg_null(unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *alg)
Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no params. Updates the pointer to immedia...
int mbedtls_asn1_get_alg(unsigned char **p, const unsigned char *end, mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params)
Retrieve an AlgorithmIdentifier ASN.1 sequence. Updates the pointer to immediately behind the full Al...
#define MBEDTLS_ASN1_NULL
int mbedtls_asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag)
Get the tag and length of the tag. Check for the requested tag. Updates the pointer to immediately be...
#define MBEDTLS_ASN1_UTF8_STRING
#define MBEDTLS_ASN1_BIT_STRING
void mbedtls_x509_crt_init(mbedtls_x509_crt *crt)
Initialize a certificate (chain)
#define MBEDTLS_ERR_X509_INVALID_SIGNATURE
int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse one DER-encoded or one or more concatenated PEM-encoded certificates and add them to the chaine...
int mbedtls_x509_time_is_past(const mbedtls_x509_time *to)
Check a given mbedtls_x509_time against the system time and tell if it's in the past.
int mbedtls_x509_time_is_future(const mbedtls_x509_time *from)
Check a given mbedtls_x509_time against the system time and tell if it's in the future.
int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params, mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, int *salt_len)
#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE
int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end, mbedtls_x509_name *cur)
#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG
int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written.
int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *alg)
#define MBEDTLS_ERR_X509_INVALID_SERIAL
#define MBEDTLS_X509_SAFE_SNPRINTF
int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, void **sig_opts)
#define MBEDTLS_ERR_X509_INVALID_NAME
int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *alg, mbedtls_x509_buf *params)
int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt, mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl, const char *cn, uint32_t *flags, int(*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy)
Verify the certificate signature.
#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS
int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *ext, int tag)
void mbedtls_x509_crt_free(mbedtls_x509_crt *crt)
Unallocate all certificate data.
int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name)
#define MBEDTLS_ERR_X509_INVALID_DATE
int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid, mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, const void *sig_opts)
#define MBEDTLS_ERR_X509_ALLOC_FAILED
int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *serial)
int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig)
int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end, mbedtls_x509_time *t)
#define MBEDTLS_X509_MAX_DN_NAME_SIZE
#define MBEDTLS_ERR_X509_INVALID_ALG
#define MBEDTLS_ERR_X509_BAD_INPUT_DATA
int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial)
Store the certificate serial in printable form into buf; no more than size characters will be written...
mbedtls_md_type_t
Supported message digests.
const char * mbedtls_md_get_name(const mbedtls_md_info_t *md_info)
This function extracts the message-digest name from the message-digest information structure.
static const WCHAR desc[]
#define CHECK_RANGE(range, expected_start, expected_end)
Object Identifier (OID) database.
int mbedtls_oid_get_attr_short_name(const mbedtls_asn1_buf *oid, const char **short_name)
Translate an X.509 attribute type OID into the short name (e.g. the OID for an X520 Common Name into ...
#define MBEDTLS_ERR_OID_NOT_FOUND
int mbedtls_oid_get_sig_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg)
Translate SignatureAlgorithm OID into md_type and pk_type.
int mbedtls_oid_get_md_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg)
Translate hash algorithm OID into md_type.
int mbedtls_oid_get_sig_alg_desc(const mbedtls_asn1_buf *oid, const char **desc)
Translate SignatureAlgorithm OID into description.
Privacy Enhanced Mail (PEM) decoding.
mbedtls_pk_type_t
Public key types.
#define mbedtls_md_info_from_type
Configuration options (set of defines)
Options for RSASSA-PSS signature verification. See mbedtls_rsa_rsassa_pss_verify_ext()
mbedtls_md_type_t mgf1_hash_id
__inline int before(__u32 seq1, __u32 seq2)
__inline int after(__u32 seq1, __u32 seq2)
X.509 generic defines and structures.
X.509 certificate parsing and writing.