SwitchEmu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-03-25 21:22:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

The Great Renaming

Browse Source 
A simple execution of tmp/invoke-rename.pl
This commit is contained in:
Manuel Pégourié-Gonnard
2015-04-08 12:49:31 +02:00
parent b5904d25ef
commit 2cf5a7c98e
291 changed files with 36012 additions and 36012 deletions
Download Patch File Download Diff File Expand all files Collapse all files

268
programs/x509/cert_app.c
View File

@@ -20,32 +20,32 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_fprintf fprintf
#define polarssl_printf printf
#define mbedtls_fprintf fprintf
#define mbedtls_printf printf
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_CLI_C) || \
!defined(POLARSSL_NET_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
!defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_CTR_DRBG_C)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
"MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or "
"MBEDTLS_CTR_DRBG_C not defined.\n");
return( 0 );
}
#else
@@ -114,43 +114,43 @@ static void my_debug( void *ctx, int level, const char *str )
{
if( level < opt.debug_level )
{
polarssl_fprintf( (FILE *) ctx, "%s", str );
mbedtls_fprintf( (FILE *) ctx, "%s", str );
fflush( (FILE *) ctx );
}
}
static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, int *flags )
{
char buf[1024];
((void) data);
polarssl_printf( "\nVerify requested for (Depth %d):\n", depth );
x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
polarssl_printf( "%s", buf );
mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth );
mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
mbedtls_printf( "%s", buf );
if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
polarssl_printf( " ! server certificate has expired\n" );
if( ( (*flags) & MBEDTLS_BADCERT_EXPIRED ) != 0 )
mbedtls_printf( " ! server certificate has expired\n" );
if( ( (*flags) & BADCERT_REVOKED ) != 0 )
polarssl_printf( " ! server certificate has been revoked\n" );
if( ( (*flags) & MBEDTLS_X509_BADCERT_REVOKED ) != 0 )
mbedtls_printf( " ! server certificate has been revoked\n" );
if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 )
polarssl_printf( " ! CN mismatch\n" );
if( ( (*flags) & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 )
mbedtls_printf( " ! CN mismatch\n" );
if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 )
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
if( ( (*flags) & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 )
mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" );
if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 )
polarssl_printf( " ! CRL not trusted\n" );
if( ( (*flags) & MBEDTLS_X509_BADCRL_NOT_TRUSTED ) != 0 )
mbedtls_printf( " ! CRL not trusted\n" );
if( ( (*flags) & BADCRL_EXPIRED ) != 0 )
polarssl_printf( " ! CRL expired\n" );
if( ( (*flags) & MBEDTLS_X509_BADCRL_EXPIRED ) != 0 )
mbedtls_printf( " ! CRL expired\n" );
if( ( (*flags) & BADCERT_OTHER ) != 0 )
polarssl_printf( " ! other (unknown) flag\n" );
if( ( (*flags) & MBEDTLS_BADCERT_OTHER ) != 0 )
mbedtls_printf( " ! other (unknown) flag\n" );
if ( ( *flags ) == 0 )
polarssl_printf( " This certificate has no flags\n" );
mbedtls_printf( " This certificate has no flags\n" );
return( 0 );
}
@@ -159,13 +159,13 @@ int main( int argc, char *argv[] )
{
int ret = 0, server_fd;
unsigned char buf[1024];
entropy_context entropy;
ctr_drbg_context ctr_drbg;
ssl_context ssl;
x509_crt cacert;
x509_crt clicert;
x509_crl cacrl;
pk_context pkey;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert;
mbedtls_x509_crl cacrl;
mbedtls_pk_context pkey;
int i, j;
int flags, verify = 0;
char *p, *q;
@@ -175,21 +175,21 @@ int main( int argc, char *argv[] )
* Set to sane values
*/
server_fd = 0;
x509_crt_init( &cacert );
x509_crt_init( &clicert );
#if defined(POLARSSL_X509_CRL_PARSE_C)
x509_crl_init( &cacrl );
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
#if defined(MBEDTLS_X509_CRL_PARSE_C)
mbedtls_x509_crl_init( &cacrl );
#else
/* Zeroize structure as CRL parsing is not supported and we have to pass
it to the verify function */
memset( &cacrl, 0, sizeof(x509_crl) );
memset( &cacrl, 0, sizeof(mbedtls_x509_crl) );
#endif
pk_init( &pkey );
mbedtls_pk_init( &pkey );
if( argc == 0 )
{
usage:
polarssl_printf( USAGE );
mbedtls_printf( USAGE );
ret = 2;
goto exit;
}
@@ -261,34 +261,34 @@ int main( int argc, char *argv[] )
/*
* 1.1. Load the trusted CA
*/
polarssl_printf( " . Loading the CA root certificate ..." );
mbedtls_printf( " . Loading the CA root certificate ..." );
fflush( stdout );
if( strlen( opt.ca_path ) )
{
ret = x509_crt_parse_path( &cacert, opt.ca_path );
ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path );
verify = 1;
}
else if( strlen( opt.ca_file ) )
{
ret = x509_crt_parse_file( &cacert, opt.ca_file );
ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file );
verify = 1;
}
if( ret < 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret );
goto exit;
}
polarssl_printf( " ok (%d skipped)\n", ret );
mbedtls_printf( " ok (%d skipped)\n", ret );
#if defined(POLARSSL_X509_CRL_PARSE_C)
#if defined(MBEDTLS_X509_CRL_PARSE_C)
if( strlen( opt.crl_file ) )
{
if( ( ret = x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 )
if( ( ret = mbedtls_x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 )
{
polarssl_printf( " failed\n ! x509_crl_parse returned -0x%x\n\n", -ret );
mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", -ret );
goto exit;
}
@@ -298,50 +298,50 @@ int main( int argc, char *argv[] )
if( opt.mode == MODE_FILE )
{
x509_crt crt;
x509_crt *cur = &crt;
x509_crt_init( &crt );
mbedtls_x509_crt crt;
mbedtls_x509_crt *cur = &crt;
mbedtls_x509_crt_init( &crt );
/*
* 1.1. Load the certificate(s)
*/
polarssl_printf( "\n . Loading the certificate(s) ..." );
mbedtls_printf( "\n . Loading the certificate(s) ..." );
fflush( stdout );
ret = x509_crt_parse_file( &crt, opt.filename );
ret = mbedtls_x509_crt_parse_file( &crt, opt.filename );
if( ret < 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
x509_crt_free( &crt );
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret );
mbedtls_x509_crt_free( &crt );
goto exit;
}
if( opt.permissive == 0 && ret > 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse failed to parse %d certificates\n\n", ret );
x509_crt_free( &crt );
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse failed to parse %d certificates\n\n", ret );
mbedtls_x509_crt_free( &crt );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
/*
* 1.2 Print the certificate(s)
*/
while( cur != NULL )
{
polarssl_printf( " . Peer certificate information ...\n" );
ret = x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
mbedtls_printf( " . Peer certificate information ...\n" );
ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
cur );
if( ret == -1 )
{
polarssl_printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
x509_crt_free( &crt );
mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret );
mbedtls_x509_crt_free( &crt );
goto exit;
}
polarssl_printf( "%s\n", buf );
mbedtls_printf( "%s\n", buf );
cur = cur->next;
}
@@ -353,99 +353,99 @@ int main( int argc, char *argv[] )
*/
if( verify )
{
polarssl_printf( " . Verifying X.509 certificate..." );
mbedtls_printf( " . Verifying X.509 certificate..." );
if( ( ret = x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags,
if( ( ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags,
my_verify, NULL ) ) != 0 )
{
polarssl_printf( " failed\n" );
mbedtls_printf( " failed\n" );
if( ( ret & BADCERT_EXPIRED ) != 0 )
polarssl_printf( " ! server certificate has expired\n" );
if( ( ret & MBEDTLS_BADCERT_EXPIRED ) != 0 )
mbedtls_printf( " ! server certificate has expired\n" );
if( ( ret & BADCERT_REVOKED ) != 0 )
polarssl_printf( " ! server certificate has been revoked\n" );
if( ( ret & MBEDTLS_X509_BADCERT_REVOKED ) != 0 )
mbedtls_printf( " ! server certificate has been revoked\n" );
if( ( ret & BADCERT_CN_MISMATCH ) != 0 )
polarssl_printf( " ! CN mismatch (expected CN=%s)\n", opt.server_name );
if( ( ret & MBEDTLS_X509_BADCERT_CN_MISMATCH ) != 0 )
mbedtls_printf( " ! CN mismatch (expected CN=%s)\n", opt.server_name );
if( ( ret & BADCERT_NOT_TRUSTED ) != 0 )
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
if( ( ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) != 0 )
mbedtls_printf( " ! self-signed or not signed by a trusted CA\n" );
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
}
else
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
}
x509_crt_free( &crt );
mbedtls_x509_crt_free( &crt );
}
else if( opt.mode == MODE_SSL )
{
/*
* 1. Initialize the RNG and the session data
*/
polarssl_printf( "\n . Seeding the random number generator..." );
mbedtls_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
entropy_init( &entropy );
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
mbedtls_entropy_init( &entropy );
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d\n", ret );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
/*
* 2. Start the connection
*/
polarssl_printf( " . SSL connection to tcp/%s/%-4d...", opt.server_name,
mbedtls_printf( " . SSL connection to tcp/%s/%-4d...", opt.server_name,
opt.server_port );
fflush( stdout );
if( ( ret = net_connect( &server_fd, opt.server_name,
opt.server_port, NET_PROTO_TCP ) ) != 0 )
if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name,
opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
{
polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
goto exit;
}
/*
* 3. Setup stuff
*/
if( ( ret = ssl_init( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
{
polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
goto exit;
}
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
if( verify )
{
ssl_set_authmode( &ssl, SSL_VERIFY_REQUIRED );
ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
ssl_set_verify( &ssl, my_verify, NULL );
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_REQUIRED );
mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
}
else
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_bio_timeout( &ssl, &server_fd, net_send, net_recv, NULL, 0 );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
{
polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
polarssl_printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
#endif
@@ -453,35 +453,35 @@ int main( int argc, char *argv[] )
/*
* 4. Handshake
*/
while( ( ret = ssl_handshake( &ssl ) ) != 0 )
while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
{
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
{
polarssl_printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
ssl_free( &ssl );
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
mbedtls_ssl_free( &ssl );
goto exit;
}
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
/*
* 5. Print the certificate
*/
polarssl_printf( " . Peer certificate information ...\n" );
ret = x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
mbedtls_printf( " . Peer certificate information ...\n" );
ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
ssl.session->peer_cert );
if( ret == -1 )
{
polarssl_printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
ssl_free( &ssl );
mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret );
mbedtls_ssl_free( &ssl );
goto exit;
}
polarssl_printf( "%s\n", buf );
mbedtls_printf( "%s\n", buf );
ssl_close_notify( &ssl );
ssl_free( &ssl );
mbedtls_ssl_close_notify( &ssl );
mbedtls_ssl_free( &ssl );
}
else
goto usage;
@@ -489,18 +489,18 @@ int main( int argc, char *argv[] )
exit:
if( server_fd )
net_close( server_fd );
x509_crt_free( &cacert );
x509_crt_free( &clicert );
#if defined(POLARSSL_X509_CRL_PARSE_C)
x509_crl_free( &cacrl );
mbedtls_net_close( server_fd );
mbedtls_x509_crt_free( &cacert );
mbedtls_x509_crt_free( &clicert );
#if defined(MBEDTLS_X509_CRL_PARSE_C)
mbedtls_x509_crl_free( &cacrl );
#endif
pk_free( &pkey );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
mbedtls_pk_free( &pkey );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
#if defined(_WIN32)
polarssl_printf( " + Press Enter to exit this program.\n" );
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
@@ -509,6 +509,6 @@ exit:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_SSL_TLS_C &&
POLARSSL_SSL_CLI_C && POLARSSL_NET_C && POLARSSL_RSA_C &&
POLARSSL_X509_CRT_PARSE_C && POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C &&
MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C &&
MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */

130
programs/x509/cert_req.c
View File

@@ -20,27 +20,27 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#define mbedtls_printf printf
#endif
#if !defined(POLARSSL_X509_CSR_WRITE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C)
#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
int main( void )
{
polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_SHA256_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
mbedtls_printf( "MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or "
"MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or "
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
"not defined.\n");
return( 0 );
}
@@ -102,7 +102,7 @@ struct options
unsigned char ns_cert_type; /* NS cert type */
} opt;
int write_certificate_request( x509write_csr *req, const char *output_file,
int write_certificate_request( mbedtls_x509write_csr *req, const char *output_file,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
@@ -112,7 +112,7 @@ int write_certificate_request( x509write_csr *req, const char *output_file,
size_t len = 0;
memset( output_buf, 0, 4096 );
if( ( ret = x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 )
if( ( ret = mbedtls_x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 )
return( ret );
len = strlen( (char *) output_buf );
@@ -134,27 +134,27 @@ int write_certificate_request( x509write_csr *req, const char *output_file,
int main( int argc, char *argv[] )
{
int ret = 0;
pk_context key;
mbedtls_pk_context key;
char buf[1024];
int i;
char *p, *q, *r;
x509write_csr req;
entropy_context entropy;
ctr_drbg_context ctr_drbg;
mbedtls_x509write_csr req;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
const char *pers = "csr example app";
/*
* Set to sane values
*/
x509write_csr_init( &req );
x509write_csr_set_md_alg( &req, POLARSSL_MD_SHA256 );
pk_init( &key );
mbedtls_x509write_csr_init( &req );
mbedtls_x509write_csr_set_md_alg( &req, MBEDTLS_MD_SHA256 );
mbedtls_pk_init( &key );
memset( buf, 0, sizeof( buf ) );
if( argc == 0 )
{
usage:
polarssl_printf( USAGE );
mbedtls_printf( USAGE );
ret = 1;
goto exit;
}
@@ -196,19 +196,19 @@ int main( int argc, char *argv[] )
*r++ = '\0';
if( strcmp( q, "digital_signature" ) == 0 )
opt.key_usage |= KU_DIGITAL_SIGNATURE;
opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
else if( strcmp( q, "non_repudiation" ) == 0 )
opt.key_usage |= KU_NON_REPUDIATION;
opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION;
else if( strcmp( q, "key_encipherment" ) == 0 )
opt.key_usage |= KU_KEY_ENCIPHERMENT;
opt.key_usage |= MBEDTLS_KU_KEY_ENCIPHERMENT;
else if( strcmp( q, "data_encipherment" ) == 0 )
opt.key_usage |= KU_DATA_ENCIPHERMENT;
opt.key_usage |= MBEDTLS_KU_DATA_ENCIPHERMENT;
else if( strcmp( q, "key_agreement" ) == 0 )
opt.key_usage |= KU_KEY_AGREEMENT;
opt.key_usage |= MBEDTLS_KU_KEY_AGREEMENT;
else if( strcmp( q, "key_cert_sign" ) == 0 )
opt.key_usage |= KU_KEY_CERT_SIGN;
opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN;
else if( strcmp( q, "crl_sign" ) == 0 )
opt.key_usage |= KU_CRL_SIGN;
opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN;
else
goto usage;
@@ -223,19 +223,19 @@ int main( int argc, char *argv[] )
*r++ = '\0';
if( strcmp( q, "ssl_client" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_SSL_CLIENT;
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT;
else if( strcmp( q, "ssl_server" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_SSL_SERVER;
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_SSL_SERVER;
else if( strcmp( q, "email" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_EMAIL;
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL;
else if( strcmp( q, "object_signing" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_OBJECT_SIGNING;
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING;
else if( strcmp( q, "ssl_ca" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_SSL_CA;
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_SSL_CA;
else if( strcmp( q, "email_ca" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_EMAIL_CA;
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_EMAIL_CA;
else if( strcmp( q, "object_signing_ca" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_OBJECT_SIGNING_CA;
else
goto usage;
@@ -247,98 +247,98 @@ int main( int argc, char *argv[] )
}
if( opt.key_usage )
x509write_csr_set_key_usage( &req, opt.key_usage );
mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage );
if( opt.ns_cert_type )
x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type );
mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type );
/*
* 0. Seed the PRNG
*/
polarssl_printf( " . Seeding the random number generator..." );
mbedtls_printf( " . Seeding the random number generator..." );
fflush( stdout );
entropy_init( &entropy );
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
mbedtls_entropy_init( &entropy );
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
polarssl_printf( " failed\n ! ctr_drbg_init returned %d", ret );
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d", ret );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
/*
* 1.0. Check the subject name for validity
*/
polarssl_printf( " . Checking subjet name..." );
mbedtls_printf( " . Checking subjet name..." );
fflush( stdout );
if( ( ret = x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 )
if( ( ret = mbedtls_x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 )
{
polarssl_printf( " failed\n ! x509write_csr_set_subject_name returned %d", ret );
mbedtls_printf( " failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
/*
* 1.1. Load the key
*/
polarssl_printf( " . Loading the private key ..." );
mbedtls_printf( " . Loading the private key ..." );
fflush( stdout );
ret = pk_parse_keyfile( &key, opt.filename, NULL );
ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL );
if( ret != 0 )
{
polarssl_printf( " failed\n ! pk_parse_keyfile returned %d", ret );
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned %d", ret );
goto exit;
}
x509write_csr_set_key( &req, &key );
mbedtls_x509write_csr_set_key( &req, &key );
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
/*
* 1.2. Writing the request
*/
polarssl_printf( " . Writing the certificate request ..." );
mbedtls_printf( " . Writing the certificate request ..." );
fflush( stdout );
if( ( ret = write_certificate_request( &req, opt.output_file,
ctr_drbg_random, &ctr_drbg ) ) != 0 )
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
polarssl_printf( " failed\n ! write_certifcate_request %d", ret );
mbedtls_printf( " failed\n ! write_certifcate_request %d", ret );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
exit:
if( ret != 0 && ret != 1)
{
#ifdef POLARSSL_ERROR_C
polarssl_strerror( ret, buf, sizeof( buf ) );
polarssl_printf( " - %s\n", buf );
#ifdef MBEDTLS_ERROR_C
mbedtls_strerror( ret, buf, sizeof( buf ) );
mbedtls_printf( " - %s\n", buf );
#else
polarssl_printf("\n");
mbedtls_printf("\n");
#endif
}
x509write_csr_free( &req );
pk_free( &key );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
mbedtls_x509write_csr_free( &req );
mbedtls_pk_free( &key );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
#if defined(_WIN32)
polarssl_printf( " + Press Enter to exit this program.\n" );
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( ret );
}
#endif /* POLARSSL_X509_CSR_WRITE_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_ENTROPY_C && POLARSSL_CTR_DRBG_C */
#endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */

304
programs/x509/cert_write.c
View File

@@ -20,29 +20,29 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#define mbedtls_printf printf
#endif
#if !defined(POLARSSL_X509_CRT_WRITE_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_ERROR_C) || !defined(POLARSSL_SHA256_C)
#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C)
int main( void )
{
polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
"POLARSSL_FS_IO and/or POLARSSL_SHA256_C and_or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_ERROR_C not defined.\n");
mbedtls_printf( "MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
"MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and_or "
"MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
"MBEDTLS_ERROR_C not defined.\n");
return( 0 );
}
#else
@@ -57,14 +57,14 @@ int main( void )
#include <stdlib.h>
#include <string.h>
#if defined(POLARSSL_X509_CSR_PARSE_C)
#if defined(MBEDTLS_X509_CSR_PARSE_C)
#define USAGE_CSR \
" request_file=%%s default: (empty)\n" \
" If request_file is specified, subject_key,\n" \
" subject_pwd and subject_name are ignored!\n"
#else
#define USAGE_CSR ""
#endif /* POLARSSL_X509_CSR_PARSE_C */
#endif /* MBEDTLS_X509_CSR_PARSE_C */
#define DFL_ISSUER_CRT ""
#define DFL_REQUEST_FILE ""
@@ -153,7 +153,7 @@ struct options
unsigned char ns_cert_type; /* NS cert type */
} opt;
int write_certificate( x509write_cert *crt, const char *output_file,
int write_certificate( mbedtls_x509write_cert *crt, const char *output_file,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
@@ -163,7 +163,7 @@ int write_certificate( x509write_cert *crt, const char *output_file,
size_t len = 0;
memset( output_buf, 0, 4096 );
if( ( ret = x509write_crt_pem( crt, output_buf, 4096, f_rng, p_rng ) ) < 0 )
if( ( ret = mbedtls_x509write_crt_pem( crt, output_buf, 4096, f_rng, p_rng ) ) < 0 )
return( ret );
len = strlen( (char *) output_buf );
@@ -185,42 +185,42 @@ int write_certificate( x509write_cert *crt, const char *output_file,
int main( int argc, char *argv[] )
{
int ret = 0;
x509_crt issuer_crt;
pk_context loaded_issuer_key, loaded_subject_key;
pk_context *issuer_key = &loaded_issuer_key,
mbedtls_x509_crt issuer_crt;
mbedtls_pk_context loaded_issuer_key, loaded_subject_key;
mbedtls_pk_context *issuer_key = &loaded_issuer_key,
*subject_key = &loaded_subject_key;
char buf[1024];
char issuer_name[128];
int i;
char *p, *q, *r;
#if defined(POLARSSL_X509_CSR_PARSE_C)
#if defined(MBEDTLS_X509_CSR_PARSE_C)
char subject_name[128];
x509_csr csr;
mbedtls_x509_csr csr;
#endif
x509write_cert crt;
mpi serial;
entropy_context entropy;
ctr_drbg_context ctr_drbg;
mbedtls_x509write_cert crt;
mbedtls_mpi serial;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
const char *pers = "crt example app";
/*
* Set to sane values
*/
x509write_crt_init( &crt );
x509write_crt_set_md_alg( &crt, POLARSSL_MD_SHA256 );
pk_init( &loaded_issuer_key );
pk_init( &loaded_subject_key );
mpi_init( &serial );
#if defined(POLARSSL_X509_CSR_PARSE_C)
x509_csr_init( &csr );
mbedtls_x509write_crt_init( &crt );
mbedtls_x509write_crt_set_md_alg( &crt, MBEDTLS_MD_SHA256 );
mbedtls_pk_init( &loaded_issuer_key );
mbedtls_pk_init( &loaded_subject_key );
mbedtls_mpi_init( &serial );
#if defined(MBEDTLS_X509_CSR_PARSE_C)
mbedtls_x509_csr_init( &csr );
#endif
x509_crt_init( &issuer_crt );
mbedtls_x509_crt_init( &issuer_crt );
memset( buf, 0, 1024 );
if( argc == 0 )
{
usage:
polarssl_printf( USAGE );
mbedtls_printf( USAGE );
ret = 1;
goto exit;
}
@@ -312,19 +312,19 @@ int main( int argc, char *argv[] )
*r++ = '\0';
if( strcmp( q, "digital_signature" ) == 0 )
opt.key_usage |= KU_DIGITAL_SIGNATURE;
opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
else if( strcmp( q, "non_repudiation" ) == 0 )
opt.key_usage |= KU_NON_REPUDIATION;
opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION;
else if( strcmp( q, "key_encipherment" ) == 0 )
opt.key_usage |= KU_KEY_ENCIPHERMENT;
opt.key_usage |= MBEDTLS_KU_KEY_ENCIPHERMENT;
else if( strcmp( q, "data_encipherment" ) == 0 )
opt.key_usage |= KU_DATA_ENCIPHERMENT;
opt.key_usage |= MBEDTLS_KU_DATA_ENCIPHERMENT;
else if( strcmp( q, "key_agreement" ) == 0 )
opt.key_usage |= KU_KEY_AGREEMENT;
opt.key_usage |= MBEDTLS_KU_KEY_AGREEMENT;
else if( strcmp( q, "key_cert_sign" ) == 0 )
opt.key_usage |= KU_KEY_CERT_SIGN;
opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN;
else if( strcmp( q, "crl_sign" ) == 0 )
opt.key_usage |= KU_CRL_SIGN;
opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN;
else
goto usage;
@@ -339,19 +339,19 @@ int main( int argc, char *argv[] )
*r++ = '\0';
if( strcmp( q, "ssl_client" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_SSL_CLIENT;
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT;
else if( strcmp( q, "ssl_server" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_SSL_SERVER;
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_SSL_SERVER;
else if( strcmp( q, "email" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_EMAIL;
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL;
else if( strcmp( q, "object_signing" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_OBJECT_SIGNING;
opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING;
else if( strcmp( q, "ssl_ca" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_SSL_CA;
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_SSL_CA;
else if( strcmp( q, "email_ca" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_EMAIL_CA;
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_EMAIL_CA;
else if( strcmp( q, "object_signing_ca" ) == 0 )
opt.ns_cert_type |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
opt.ns_cert_type |= MBEDTLS_NS_CERT_TYPE_OBJECT_SIGNING_CA;
else
goto usage;
@@ -362,39 +362,39 @@ int main( int argc, char *argv[] )
goto usage;
}
polarssl_printf("\n");
mbedtls_printf("\n");
/*
* 0. Seed the PRNG
*/
polarssl_printf( " . Seeding the random number generator..." );
mbedtls_printf( " . Seeding the random number generator..." );
fflush( stdout );
entropy_init( &entropy );
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
mbedtls_entropy_init( &entropy );
if( ( ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! ctr_drbg_init returned %d - %s\n", ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_init returned %d - %s\n", ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
// Parse serial to MPI
//
polarssl_printf( " . Reading serial number..." );
mbedtls_printf( " . Reading serial number..." );
fflush( stdout );
if( ( ret = mpi_read_string( &serial, 10, opt.serial ) ) != 0 )
if( ( ret = mbedtls_mpi_read_string( &serial, 10, opt.serial ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! mpi_read_string returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_mpi_read_string returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
// Parse issuer certificate if present
//
@@ -403,31 +403,31 @@ int main( int argc, char *argv[] )
/*
* 1.0.a. Load the certificates
*/
polarssl_printf( " . Loading the issuer certificate ..." );
mbedtls_printf( " . Loading the issuer certificate ..." );
fflush( stdout );
if( ( ret = x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 )
if( ( ret = mbedtls_x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509_crt_parse_file returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
ret = x509_dn_gets( issuer_name, sizeof(issuer_name),
ret = mbedtls_x509_dn_gets( issuer_name, sizeof(issuer_name),
&issuer_crt.subject );
if( ret < 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
opt.issuer_name = issuer_name;
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
}
#if defined(POLARSSL_X509_CSR_PARSE_C)
#if defined(MBEDTLS_X509_CSR_PARSE_C)
// Parse certificate request if present
//
if( !opt.selfsign && strlen( opt.request_file ) )
@@ -435,61 +435,61 @@ int main( int argc, char *argv[] )
/*
* 1.0.b. Load the CSR
*/
polarssl_printf( " . Loading the certificate request ..." );
mbedtls_printf( " . Loading the certificate request ..." );
fflush( stdout );
if( ( ret = x509_csr_parse_file( &csr, opt.request_file ) ) != 0 )
if( ( ret = mbedtls_x509_csr_parse_file( &csr, opt.request_file ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509_csr_parse_file returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
ret = x509_dn_gets( subject_name, sizeof(subject_name),
ret = mbedtls_x509_dn_gets( subject_name, sizeof(subject_name),
&csr.subject );
if( ret < 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
opt.subject_name = subject_name;
subject_key = &csr.pk;
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
}
#endif /* POLARSSL_X509_CSR_PARSE_C */
#endif /* MBEDTLS_X509_CSR_PARSE_C */
/*
* 1.1. Load the keys
*/
if( !opt.selfsign && !strlen( opt.request_file ) )
{
polarssl_printf( " . Loading the subject key ..." );
mbedtls_printf( " . Loading the subject key ..." );
fflush( stdout );
ret = pk_parse_keyfile( &loaded_subject_key, opt.subject_key,
ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key,
opt.subject_pwd );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! pk_parse_keyfile returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
}
polarssl_printf( " . Loading the issuer key ..." );
mbedtls_printf( " . Loading the issuer key ..." );
fflush( stdout );
ret = pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key,
ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key,
opt.issuer_pwd );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! pk_parse_keyfile returned -x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -x%02x - %s\n\n", -ret, buf );
goto exit;
}
@@ -497,19 +497,19 @@ int main( int argc, char *argv[] )
//
if( strlen( opt.issuer_crt ) )
{
if( !pk_can_do( &issuer_crt.pk, POLARSSL_PK_RSA ) ||
mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->N,
&pk_rsa( *issuer_key )->N ) != 0 ||
mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->E,
&pk_rsa( *issuer_key )->E ) != 0 )
if( !mbedtls_pk_can_do( &issuer_crt.pk, MBEDTLS_PK_RSA ) ||
mbedtls_mpi_cmp_mpi( &mbedtls_pk_rsa( issuer_crt.pk )->N,
&mbedtls_pk_rsa( *issuer_key )->N ) != 0 ||
mbedtls_mpi_cmp_mpi( &mbedtls_pk_rsa( issuer_crt.pk )->E,
&mbedtls_pk_rsa( *issuer_key )->E ) != 0 )
{
polarssl_printf( " failed\n ! issuer_key does not match issuer certificate\n\n" );
mbedtls_printf( " failed\n ! issuer_key does not match issuer certificate\n\n" );
ret = -1;
goto exit;
}
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
if( opt.selfsign )
{
@@ -517,152 +517,152 @@ int main( int argc, char *argv[] )
subject_key = issuer_key;
}
x509write_crt_set_subject_key( &crt, subject_key );
x509write_crt_set_issuer_key( &crt, issuer_key );
mbedtls_x509write_crt_set_subject_key( &crt, subject_key );
mbedtls_x509write_crt_set_issuer_key( &crt, issuer_key );
/*
* 1.0. Check the names for validity
*/
if( ( ret = x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 )
if( ( ret = mbedtls_x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509write_crt_set_subject_name returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject_name returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
if( ( ret = x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 )
if( ( ret = mbedtls_x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509write_crt_set_issuer_name returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_issuer_name returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " . Setting certificate values ..." );
mbedtls_printf( " . Setting certificate values ..." );
fflush( stdout );
ret = x509write_crt_set_serial( &crt, &serial );
ret = mbedtls_x509write_crt_set_serial( &crt, &serial );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509write_crt_set_serial returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_serial returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
ret = x509write_crt_set_validity( &crt, opt.not_before, opt.not_after );
ret = mbedtls_x509write_crt_set_validity( &crt, opt.not_before, opt.not_after );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509write_crt_set_validity returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_validity returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
polarssl_printf( " . Adding the Basic Constraints extension ..." );
mbedtls_printf( " . Adding the Basic Constraints extension ..." );
fflush( stdout );
ret = x509write_crt_set_basic_constraints( &crt, opt.is_ca,
ret = mbedtls_x509write_crt_set_basic_constraints( &crt, opt.is_ca,
opt.max_pathlen );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509write_crt_set_basic_contraints returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! x509write_crt_set_basic_contraints returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
#if defined(POLARSSL_SHA1_C)
polarssl_printf( " . Adding the Subject Key Identifier ..." );
#if defined(MBEDTLS_SHA1_C)
mbedtls_printf( " . Adding the Subject Key Identifier ..." );
fflush( stdout );
ret = x509write_crt_set_subject_key_identifier( &crt );
ret = mbedtls_x509write_crt_set_subject_key_identifier( &crt );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509write_crt_set_subject_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
polarssl_printf( " . Adding the Authority Key Identifier ..." );
mbedtls_printf( " . Adding the Authority Key Identifier ..." );
fflush( stdout );
ret = x509write_crt_set_authority_key_identifier( &crt );
ret = mbedtls_x509write_crt_set_authority_key_identifier( &crt );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509write_crt_set_authority_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_authority_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
#endif /* POLARSSL_SHA1_C */
mbedtls_printf( " ok\n" );
#endif /* MBEDTLS_SHA1_C */
if( opt.key_usage )
{
polarssl_printf( " . Adding the Key Usage extension ..." );
mbedtls_printf( " . Adding the Key Usage extension ..." );
fflush( stdout );
ret = x509write_crt_set_key_usage( &crt, opt.key_usage );
ret = mbedtls_x509write_crt_set_key_usage( &crt, opt.key_usage );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509write_crt_set_key_usage returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_key_usage returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
}
if( opt.ns_cert_type )
{
polarssl_printf( " . Adding the NS Cert Type extension ..." );
mbedtls_printf( " . Adding the NS Cert Type extension ..." );
fflush( stdout );
ret = x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type );
ret = mbedtls_x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! x509write_crt_set_ns_cert_type returned -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_ns_cert_type returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
}
/*
* 1.2. Writing the request
*/
polarssl_printf( " . Writing the certificate..." );
mbedtls_printf( " . Writing the certificate..." );
fflush( stdout );
if( ( ret = write_certificate( &crt, opt.output_file,
ctr_drbg_random, &ctr_drbg ) ) != 0 )
mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
polarssl_printf( " failed\n ! write_certifcate -0x%02x - %s\n\n", -ret, buf );
mbedtls_strerror( ret, buf, 1024 );
mbedtls_printf( " failed\n ! write_certifcate -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
exit:
x509write_crt_free( &crt );
pk_free( &loaded_subject_key );
pk_free( &loaded_issuer_key );
mpi_free( &serial );
ctr_drbg_free( &ctr_drbg );
entropy_free( &entropy );
mbedtls_x509write_crt_free( &crt );
mbedtls_pk_free( &loaded_subject_key );
mbedtls_pk_free( &loaded_issuer_key );
mbedtls_mpi_free( &serial );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
#if defined(_WIN32)
polarssl_printf( " + Press Enter to exit this program.\n" );
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( ret );
}
#endif /* POLARSSL_X509_CRT_WRITE_C && POLARSSL_X509_CRT_PARSE_C &&
POLARSSL_FS_IO && POLARSSL_ENTROPY_C && POLARSSL_CTR_DRBG_C &&
POLARSSL_ERROR_C */
#endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C &&
MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
MBEDTLS_ERROR_C */

50
programs/x509/crl_app.c
View File

@@ -20,25 +20,25 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#define mbedtls_printf printf
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRL_PARSE_C) || !defined(POLARSSL_FS_IO)
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRL_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -70,19 +70,19 @@ int main( int argc, char *argv[] )
{
int ret = 0;
unsigned char buf[100000];
x509_crl crl;
mbedtls_x509_crl crl;
int i;
char *p, *q;
/*
* Set to sane values
*/
x509_crl_init( &crl );
mbedtls_x509_crl_init( &crl );
if( argc == 0 )
{
usage:
polarssl_printf( USAGE );
mbedtls_printf( USAGE );
goto exit;
}
@@ -104,43 +104,43 @@ int main( int argc, char *argv[] )
/*
* 1.1. Load the CRL
*/
polarssl_printf( "\n . Loading the CRL ..." );
mbedtls_printf( "\n . Loading the CRL ..." );
fflush( stdout );
ret = x509_crl_parse_file( &crl, opt.filename );
ret = mbedtls_x509_crl_parse_file( &crl, opt.filename );
if( ret != 0 )
{
polarssl_printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
x509_crl_free( &crl );
mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret );
mbedtls_x509_crl_free( &crl );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
/*
* 1.2 Print the CRL
*/
polarssl_printf( " . CRL information ...\n" );
ret = x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
mbedtls_printf( " . CRL information ...\n" );
ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
if( ret == -1 )
{
polarssl_printf( " failed\n ! x509_crl_info returned %d\n\n", ret );
x509_crl_free( &crl );
mbedtls_printf( " failed\n ! mbedtls_x509_crl_info returned %d\n\n", ret );
mbedtls_x509_crl_free( &crl );
goto exit;
}
polarssl_printf( "%s\n", buf );
mbedtls_printf( "%s\n", buf );
exit:
x509_crl_free( &crl );
mbedtls_x509_crl_free( &crl );
#if defined(_WIN32)
polarssl_printf( " + Press Enter to exit this program.\n" );
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_X509_CRL_PARSE_C &&
POLARSSL_FS_IO */
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C &&
MBEDTLS_FS_IO */

50
programs/x509/req_app.c
View File

@@ -20,25 +20,25 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#define mbedtls_printf printf
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CSR_PARSE_C) || !defined(POLARSSL_FS_IO)
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO)
int main( void )
{
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CSR_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
return( 0 );
}
#else
@@ -70,19 +70,19 @@ int main( int argc, char *argv[] )
{
int ret = 0;
unsigned char buf[100000];
x509_csr csr;
mbedtls_x509_csr csr;
int i;
char *p, *q;
/*
* Set to sane values
*/
x509_csr_init( &csr );
mbedtls_x509_csr_init( &csr );
if( argc == 0 )
{
usage:
polarssl_printf( USAGE );
mbedtls_printf( USAGE );
goto exit;
}
@@ -104,43 +104,43 @@ int main( int argc, char *argv[] )
/*
* 1.1. Load the CSR
*/
polarssl_printf( "\n . Loading the CSR ..." );
mbedtls_printf( "\n . Loading the CSR ..." );
fflush( stdout );
ret = x509_csr_parse_file( &csr, opt.filename );
ret = mbedtls_x509_csr_parse_file( &csr, opt.filename );
if( ret != 0 )
{
polarssl_printf( " failed\n ! x509_csr_parse_file returned %d\n\n", ret );
x509_csr_free( &csr );
mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file returned %d\n\n", ret );
mbedtls_x509_csr_free( &csr );
goto exit;
}
polarssl_printf( " ok\n" );
mbedtls_printf( " ok\n" );
/*
* 1.2 Print the CSR
*/
polarssl_printf( " . CSR information ...\n" );
ret = x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
mbedtls_printf( " . CSR information ...\n" );
ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
if( ret == -1 )
{
polarssl_printf( " failed\n ! x509_csr_info returned %d\n\n", ret );
x509_csr_free( &csr );
mbedtls_printf( " failed\n ! mbedtls_x509_csr_info returned %d\n\n", ret );
mbedtls_x509_csr_free( &csr );
goto exit;
}
polarssl_printf( "%s\n", buf );
mbedtls_printf( "%s\n", buf );
exit:
x509_csr_free( &csr );
mbedtls_x509_csr_free( &csr );
#if defined(_WIN32)
polarssl_printf( " + Press Enter to exit this program.\n" );
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_X509_CSR_PARSE_C &&
POLARSSL_FS_IO */
#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C &&
MBEDTLS_FS_IO */