39 #if defined(POLARSSL_X509_CRL_PARSE_C)
43 #if defined(POLARSSL_PEM_PARSE_C)
47 #if defined(POLARSSL_MEMORY_C)
50 #define polarssl_malloc malloc
51 #define polarssl_free free
56 #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
63 #if defined(POLARSSL_FS_IO) || defined(EFIX64) || defined(EFI32)
70 static int x509_crl_get_version(
unsigned char **p,
71 const unsigned char *end,
93 static int x509_get_crl_ext(
unsigned char **p,
94 const unsigned char *end,
128 static int x509_get_crl_entry_ext(
unsigned char **p,
129 const unsigned char *end,
159 if( end != *p + ext->
len )
182 static int x509_get_entries(
unsigned char **p,
183 const unsigned char *end,
202 end = *p + entry_len;
207 const unsigned char *end2;
216 cur_entry->
raw.
p = *p;
217 cur_entry->
raw.
len = len2;
226 if( ( ret = x509_get_crl_entry_ext( p, end2, &cur_entry->
entry_ext ) ) != 0 )
233 if( cur_entry->
next == NULL )
236 cur_entry = cur_entry->
next;
251 unsigned char *p, *end;
253 #if defined(POLARSSL_PEM_PARSE_C)
263 if( crl == NULL || buf == NULL )
276 if( crl->
next == NULL )
286 #if defined(POLARSSL_PEM_PARSE_C)
288 ret = pem_read_buffer( &pem,
289 "-----BEGIN X509 CRL-----",
290 "-----END X509 CRL-----",
291 buf, NULL, 0, &use_len );
325 memcpy( p, buf, buflen );
347 if( len != (
size_t) ( end - p ) )
375 if( ( ret = x509_crl_get_version( &p, end, &crl->
version ) ) != 0 ||
447 if( ( ret = x509_get_entries( &p, end, &crl->
entry ) ) != 0 )
459 ret = x509_get_crl_ext( &p, end, &crl->
crl_ext );
511 if( crl->
next == NULL )
526 #if defined(POLARSSL_FS_IO)
541 memset( buf, 0, n + 1 );
548 #if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
552 #if !defined vsnprintf
553 #define vsnprintf _vsnprintf
563 static int compat_snprintf(
char *str,
size_t size,
const char *format, ...)
568 va_start( ap, format );
570 res = vsnprintf( str, size, format, ap );
576 return( (
int) size + 20 );
581 #define snprintf compat_snprintf
584 #define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
586 #define SAFE_SNPRINTF() \
591 if ( (unsigned int) ret > n ) { \
593 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
596 n -= (unsigned int) ret; \
597 p += (unsigned int) ret; \
603 #define BEFORE_COLON 14
608 int x509_crl_info(
char *buf,
size_t size,
const char *prefix,
620 ret = snprintf( p, n,
"%sCRL version : %d",
624 ret = snprintf( p, n,
"\n%sissuer name : ", prefix );
629 ret = snprintf( p, n,
"\n%sthis update : " \
630 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
636 ret = snprintf( p, n,
"\n%snext update : " \
637 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
645 ret = snprintf( p, n,
"\n%sRevoked certificates:",
649 while( entry != NULL && entry->
raw.
len != 0 )
651 ret = snprintf( p, n,
"\n%sserial number: ",
658 ret = snprintf( p, n,
" revocation date: " \
659 "%04d-%02d-%02d %02d:%02d:%02d",
668 ret = snprintf( p, n,
"\n%ssigned using : ", prefix );
673 ret = snprintf( p, n,
"???" );
675 ret = snprintf( p, n,
"%s", desc );
678 ret = snprintf( p, n,
"\n" );
681 return( (
int) ( size - n ) );
710 while( name_cur != NULL )
713 name_cur = name_cur->
next;
714 memset( name_prv, 0,
sizeof(
x509_name ) );
719 while( entry_cur != NULL )
721 entry_prv = entry_cur;
722 entry_cur = entry_cur->
next;
727 if( crl_cur->
raw.
p != NULL )
729 memset( crl_cur->
raw.
p, 0, crl_cur->
raw.
len );
733 crl_cur = crl_cur->
next;
735 while( crl_cur != NULL );
741 crl_cur = crl_cur->
next;
743 memset( crl_prv, 0,
sizeof(
x509_crl ) );
747 while( crl_cur != NULL );
void x509_crl_init(x509_crl *crl)
Initialize a CRL (chain)
void *(* polarssl_malloc)(size_t len)
int x509_get_name(unsigned char **p, const unsigned char *end, x509_name *cur)
#define POLARSSL_ERR_X509_INVALID_DATE
The date tag or value is invalid.
int x509_get_serial(unsigned char **p, const unsigned char *end, x509_buf *serial)
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH
Actual length differs from expected length.
Certificate revocation list entry.
#define POLARSSL_ERR_X509_INVALID_FORMAT
The CRT/CRL/CSR format is invalid, e.g.
int asn1_get_int(unsigned char **p, const unsigned char *end, int *val)
Retrieve an integer ASN.1 tag and its value.
int x509_get_alg_null(unsigned char **p, const unsigned char *end, x509_buf *alg)
Configuration options (set of defines)
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
Signature algorithm (oid) is unsupported.
int x509_get_sig(unsigned char **p, const unsigned char *end, x509_buf *sig)
#define POLARSSL_ERR_X509_UNKNOWN_VERSION
CRT/CRL/CSR has an unsupported version number.
x509_name issuer
The parsed issuer data (named information object).
int x509_crl_parse_file(x509_crl *chain, const char *path)
Load one or more CRLs and add them to the chained list.
Object Identifier (OID) database.
int x509_crl_parse(x509_crl *chain, const unsigned char *buf, size_t buflen)
Parse one or more CRLs and add them to the chained list.
int x509_crl_info(char *buf, size_t size, const char *prefix, const x509_crl *crl)
Returns an informational string about the CRL.
x509_crl_entry entry
The CRL entries containing the certificate revocation times for this CA.
int x509_get_time(unsigned char **p, const unsigned char *end, x509_time *time)
Privacy Enhanced Mail (PEM) decoding.
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
void x509_crl_free(x509_crl *crl)
Unallocate all CRL data.
void(* polarssl_free)(void *ptr)
unsigned char * p
ASN1 data, e.g.
int oid_get_sig_alg_desc(const asn1_buf *oid, const char **desc)
Translate SignatureAlgorithm OID into description.
x509_buf tbs
The raw certificate body (DER).
struct _x509_crl_entry * next
md_type_t sig_md
Internal representation of the MD algorithm of the signature algorithm, e.g.
int x509_get_sig_alg(const x509_buf *sig_oid, md_type_t *md_alg, pk_type_t *pk_alg)
#define POLARSSL_ERR_ASN1_OUT_OF_DATA
Out of data when parsing an ASN1 data structure.
int x509_load_file(const char *path, unsigned char **buf, size_t *n)
Container for a sequence or list of 'named' ASN.1 data items.
Type-length-value structure that allows for ASN1 using DER.
pk_type_t sig_pk
< Internal representation of the Public Key algorithm of the signature algorithm, e...
size_t len
ASN1 length, e.g.
X.509 certificate revocation list parsing.
int asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag)
Get the tag and length of the tag.
int x509_get_ext(unsigned char **p, const unsigned char *end, x509_buf *ext, int tag)
#define POLARSSL_ERR_X509_INVALID_VERSION
The CRT/CRL/CSR version element is invalid.
Certificate revocation list structure.
struct _asn1_named_data * next
The next entry in the sequence.
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS
The extension tag or value is invalid.
#define POLARSSL_ERR_X509_BAD_INPUT_DATA
Input invalid.
x509_buf raw
The raw certificate data (DER).
#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT
No PEM header or footer found.
x509_time revocation_date
x509_buf issuer_raw
The raw issuer data (DER).
#define POLARSSL_ERR_X509_MALLOC_FAILED
Allocation of memory failed.
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG
ASN1 tag was of an unexpected value.
int x509_serial_gets(char *buf, size_t size, const x509_buf *serial)
Store the certificate serial in printable form into buf; no more than size characters will be written...
#define POLARSSL_ERR_X509_SIG_MISMATCH
Signature algorithms do not match.