27 #ifndef POLARSSL_COMPAT_1_2_H
28 #define POLARSSL_COMPAT_1_2_H
30 #if !defined(POLARSSL_CONFIG_FILE)
33 #include POLARSSL_CONFIG_FILE
37 #define SHOW_PROTOTYPE_CHANGE_WARNINGS
39 #if defined(_MSC_VER) && !defined(inline)
40 #define inline _inline
42 #if defined(__ARMCC_VERSION) && !defined(inline)
43 #define inline __inline
49 #undef SHOW_PROTOTYPE_CHANGE_WARNINGS
52 #if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
53 #warning "You can disable these warnings by commenting SHOW_PROTOTYPE_CHANGE_WARNINGS in compat-1.2.h"
56 #if defined(POLARSSL_SHA256_C)
57 #define POLARSSL_SHA2_C
75 static inline int sha2_file(
const char *path,
unsigned char output[32],
int is224 ) {
78 static inline void sha2(
const unsigned char *input,
size_t ilen,
79 unsigned char output[32],
int is224 ) {
80 sha256( input, ilen, output, is224 );
83 size_t keylen,
int is224 ) {
95 static inline void sha2_hmac(
const unsigned char *key,
size_t keylen,
96 const unsigned char *input,
size_t ilen,
97 unsigned char output[32],
int is224 ) {
98 sha256_hmac( key, keylen, input, ilen, output, is224 );
105 #if defined(POLARSSL_SHA512_C)
106 #define POLARSSL_SHA4_C
124 static inline int sha4_file(
const char *path,
unsigned char output[64],
int is384 ) {
127 static inline void sha4(
const unsigned char *input,
size_t ilen,
128 unsigned char output[32],
int is384 ) {
129 sha512( input, ilen, output, is384 );
132 size_t keylen,
int is384 ) {
144 static inline void sha4_hmac(
const unsigned char *key,
size_t keylen,
145 const unsigned char *input,
size_t ilen,
146 unsigned char output[64],
int is384 ) {
147 sha512_hmac( key, keylen, input, ilen, output, is384 );
154 #if defined(POLARSSL_CIPHER_C)
155 #if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
156 #warning "cipher_reset() prototype changed. Manual change required if used"
160 #if defined(POLARSSL_RSA_C)
161 #define SIG_RSA_RAW POLARSSL_MD_NONE
162 #define SIG_RSA_MD2 POLARSSL_MD_MD2
163 #define SIG_RSA_MD4 POLARSSL_MD_MD4
164 #define SIG_RSA_MD5 POLARSSL_MD_MD5
165 #define SIG_RSA_SHA1 POLARSSL_MD_SHA1
166 #define SIG_RSA_SHA224 POLARSSL_MD_SHA224
167 #define SIG_RSA_SHA256 POLARSSL_MD_SHA256
168 #define SIG_RSA_SHA384 POLARSSL_MD_SHA384
169 #define SIG_RSA_SHA512 POLARSSL_MD_SHA512
170 #if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
171 #warning "rsa_pkcs1_verify() prototype changed. Manual change required if used"
172 #warning "rsa_pkcs1_decrypt() prototype changed. Manual change required if used"
176 #if defined(POLARSSL_DHM_C)
177 #if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
178 #warning "dhm_calc_secret() prototype changed. Manual change required if used"
182 #if defined(POLARSSL_GCM_C)
183 #if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
184 #warning "gcm_init() prototype changed. Manual change required if used"
188 #if defined(POLARSSL_SSL_CLI_C)
189 #if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
190 #warning "ssl_set_own_cert() prototype changed. Change to ssl_set_own_cert_rsa(). Manual change required if used"
194 #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
197 #define POLARSSL_ERR_X509_CERT_INVALID_FORMAT POLARSSL_ERR_X509_INVALID_FORMAT
198 #define POLARSSL_ERR_X509_CERT_INVALID_VERSION POLARSSL_ERR_X509_INVALID_VERSION
199 #define POLARSSL_ERR_X509_CERT_INVALID_ALG POLARSSL_ERR_X509_INVALID_ALG
200 #define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
201 #define POLARSSL_ERR_X509_CERT_INVALID_NAME POLARSSL_ERR_X509_INVALID_NAME
202 #define POLARSSL_ERR_X509_CERT_INVALID_DATE POLARSSL_ERR_X509_INVALID_DATE
203 #define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS POLARSSL_ERR_X509_INVALID_EXTENSIONS
204 #define POLARSSL_ERR_X509_CERT_SIG_MISMATCH POLARSSL_ERR_X509_SIG_MISMATCH
205 #define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE POLARSSL_ERR_X509_INVALID_SIGNATURE
206 #define POLARSSL_ERR_X509_CERT_INVALID_SERIAL POLARSSL_ERR_X509_INVALID_SERIAL
207 #define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION POLARSSL_ERR_X509_UNKNOWN_VERSION
220 #if defined(POLARSSL_X509_CRT_PARSE_C)
221 #define POLARSSL_X509_PARSE_C
243 x509_crl *ca_crl,
const char *cn,
int *flags,
244 int (*f_vrfy)(
void *,
x509_cert *,
int,
int *),
246 return x509_crt_verify( crt, trust_ca, ca_crl, cn, flags, f_vrfy, p_vrfy );
256 #if defined(POLARSSL_X509_CRL_PARSE_C)
257 #define POLARSSL_X509_PARSE_C
271 #if defined(POLARSSL_X509_CSR_PARSE_C)
272 #define POLARSSL_X509_PARSE_C
286 #if defined(POLARSSL_SSL_TLS_C)
289 #define ssl_default_ciphersuites ssl_list_ciphersuites()
292 #if defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_RSA_C)
296 #define POLARSSL_ERR_X509_PASSWORD_MISMATCH POLARSSL_ERR_PK_PASSWORD_MISMATCH
297 #define POLARSSL_ERR_X509_KEY_INVALID_FORMAT POLARSSL_ERR_PK_KEY_INVALID_FORMAT
298 #define POLARSSL_ERR_X509_UNKNOWN_PK_ALG POLARSSL_ERR_PK_UNKNOWN_PK_ALG
299 #define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY POLARSSL_ERR_PK_INVALID_PUBKEY
301 #if defined(POLARSSL_FS_IO)
335 const unsigned char *pwd,
size_t pwdlen ) {
351 const unsigned char *key,
size_t keylen )
368 #if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_RSA_C)
374 if( ( ret =
rsa_copy(
pk_rsa( ctx ), rsa ) ) != 0 )
return( ret );
383 if( ( ret =
rsa_copy(
pk_rsa( ctx ), rsa ) ) != 0 )
return( ret );
void sha256_hmac_update(sha256_context *ctx, const unsigned char *input, size_t ilen)
SHA-256 HMAC process buffer.
void sha512_hmac_update(sha512_context *ctx, const unsigned char *input, size_t ilen)
SHA-512 HMAC process buffer.
int x509_time_expired(const x509_time *time)
Check a given x509_time against the system time and check if it is not expired.
static void sha4_hmac_reset(sha512_context *ctx)
static void sha2_update(sha256_context *ctx, const unsigned char *input, size_t ilen)
int pk_write_key_der(pk_context *ctx, unsigned char *buf, size_t size)
Write a private key to a PKCS#1 or SEC1 DER structure Note: data is written at the end of the buffer!...
const pk_info_t * pk_info_from_type(pk_type_t pk_type)
Return information associated with the given PK type.
static void sha4_update(sha512_context *ctx, const unsigned char *input, size_t ilen)
int rsa_copy(rsa_context *dst, const rsa_context *src)
Copy the components of an RSA context.
int sha256_file(const char *path, unsigned char output[32], int is224)
Output = SHA-256( file contents )
void sha256_update(sha256_context *ctx, const unsigned char *input, size_t ilen)
SHA-256 process buffer.
void sha256(const unsigned char *input, size_t ilen, unsigned char output[32], int is224)
Output = SHA-256( input buffer )
static int x509parse_crt(x509_cert *chain, const unsigned char *buf, size_t buflen)
sha256_context sha2_context
static int x509parse_verify(x509_cert *crt, x509_cert *trust_ca, x509_crl *ca_crl, const char *cn, int *flags, int(*f_vrfy)(void *, x509_cert *, int, int *), void *p_vrfy)
static void sha2(const unsigned char *input, size_t ilen, unsigned char output[32], int is224)
static void sha4_starts(sha512_context *ctx, int is384)
static int x509_write_key_der(unsigned char *buf, size_t len, rsa_context *rsa)
void sha256_hmac(const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char output[32], int is224)
Output = HMAC-SHA-256( hmac key, input buffer )
Container for date and time (precision in seconds).
static int x509parse_crlfile(x509_crl *chain, const char *path)
static void sha2_starts(sha256_context *ctx, int is224)
int x509_crt_parse(x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse one or more certificates and add them to the chained list.
void x509_crt_free(x509_crt *crt)
Unallocate all certificate data.
Configuration options (set of defines)
static int x509parse_keyfile(rsa_context *rsa, const char *path, const char *pwd)
sha512_context sha4_context
int x509_crt_parse_der(x509_crt *chain, const unsigned char *buf, size_t buflen)
Parse a single DER formatted certificate and add it to the chained list.
static void sha2_hmac_reset(sha256_context *ctx)
static int x509parse_time_expired(const x509_time *time)
SSL Ciphersuites for PolarSSL.
static int x509parse_public_keyfile(rsa_context *rsa, const char *path)
int x509_crl_parse_file(x509_crl *chain, const char *path)
Load one or more CRLs and add them to the chained list.
Public Key abstraction layer.
int x509_crl_parse(x509_crl *chain, const unsigned char *buf, size_t buflen)
Parse one or more CRLs and add them to the chained list.
int x509_crl_info(char *buf, size_t size, const char *prefix, const x509_crl *crl)
Returns an informational string about the CRL.
void sha256_hmac_finish(sha256_context *ctx, unsigned char output[32])
SHA-256 HMAC final digest.
static int x509parse_crtfile(x509_cert *chain, const char *path)
static void x509_free(x509_cert *crt)
void rsa_free(rsa_context *ctx)
Free the components of an RSA key.
static int x509parse_dn_gets(char *buf, size_t size, const x509_name *dn)
int pk_write_pubkey_der(pk_context *ctx, unsigned char *buf, size_t size)
Write a public key to a SubjectPublicKeyInfo DER structure Note: data is written at the end of the bu...
static int x509parse_csrfile(x509_csr *csr, const char *path)
void sha256_hmac_starts(sha256_context *ctx, const unsigned char *key, size_t keylen, int is224)
SHA-256 HMAC context setup.
Container for an X.509 certificate.
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
static int x509parse_csr_info(char *buf, size_t size, const char *prefix, const x509_csr *csr)
static int x509parse_revoked(const x509_cert *crt, const x509_crl *crl)
static int x509parse_crtpath(x509_cert *chain, const char *path)
int sha256_self_test(int verbose)
Checkup routine.
void sha256_starts(sha256_context *ctx, int is224)
SHA-256 context setup.
static int x509parse_public_key(rsa_context *rsa, const unsigned char *key, size_t keylen)
static int sha4_self_test(int verbose)
SHA-512 context structure.
static int sha2_file(const char *path, unsigned char output[32], int is224)
void sha512_hmac_finish(sha512_context *ctx, unsigned char output[64])
SHA-512 HMAC final digest.
static int sha2_self_test(int verbose)
X.509 certificate signing request parsing and writing.
void sha512_starts(sha512_context *ctx, int is384)
SHA-512 context setup.
int sha512_self_test(int verbose)
Checkup routine.
int x509_crt_verify(x509_crt *crt, x509_crt *trust_ca, x509_crl *ca_crl, const char *cn, int *flags, int(*f_vrfy)(void *, x509_crt *, int, int *), void *p_vrfy)
Verify the certificate signature.
static int sha4_file(const char *path, unsigned char output[64], int is384)
static void sha2_finish(sha256_context *ctx, unsigned char output[32])
int pk_can_do(pk_context *ctx, pk_type_t type)
Tell if a context can do the operation given by type.
void sha512(const unsigned char *input, size_t ilen, unsigned char output[64], int is384)
Output = SHA-512( input buffer )
int sha512_file(const char *path, unsigned char output[64], int is384)
Output = SHA-512( file contents )
X.509 certificate parsing and writing.
static int x509parse_csr(x509_csr *csr, const unsigned char *buf, size_t buflen)
int pk_parse_public_keyfile(pk_context *ctx, const char *path)
Load and parse a public key.
static int x509parse_serial_gets(char *buf, size_t size, const x509_buf *serial)
static void sha2_hmac_update(sha256_context *ctx, const unsigned char *input, size_t ilen)
X.509 generic defines and structures.
static void sha4_finish(sha512_context *ctx, unsigned char output[64])
int pk_init_ctx(pk_context *ctx, const pk_info_t *info)
Initialize a PK context with the information given and allocates the type-specific PK subcontext...
void sha512_hmac(const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char output[64], int is384)
Output = HMAC-SHA-512( hmac key, input buffer )
static void sha4_hmac_starts(sha512_context *ctx, const unsigned char *key, size_t keylen, int is384)
void sha256_hmac_reset(sha256_context *ctx)
SHA-256 HMAC context reset.
void sha512_finish(sha512_context *ctx, unsigned char output[64])
SHA-512 final digest.
int x509_crt_revoked(const x509_crt *crt, const x509_crl *crl)
Verify the certificate revocation status.
static int x509parse_key(rsa_context *rsa, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen)
int x509_csr_parse(x509_csr *csr, const unsigned char *buf, size_t buflen)
Load a Certificate Signing Request (CSR)
static void sha2_hmac(const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char output[32], int is224)
Container for a sequence or list of 'named' ASN.1 data items.
Type-length-value structure that allows for ASN1 using DER.
The RSA public-key cryptosystem.
static int x509_write_pubkey_der(unsigned char *buf, size_t len, rsa_context *rsa)
#define pk_rsa(pk)
Quick access to an RSA context inside a PK context.
#define POLARSSL_ERR_PK_TYPE_MISMATCH
Type mismatch, eg attempt to encrypt with an ECDSA key.
void pk_free(pk_context *ctx)
Free a pk_context.
static int x509parse_crl_info(char *buf, size_t size, const char *prefix, const x509_crl *crl)
int pk_parse_public_key(pk_context *ctx, const unsigned char *key, size_t keylen)
Parse a public key.
static void sha4(const unsigned char *input, size_t ilen, unsigned char output[32], int is384)
static int x509parse_crt_der(x509_cert *chain, const unsigned char *buf, size_t buflen)
X.509 certificate revocation list parsing.
static void sha2_hmac_finish(sha256_context *ctx, unsigned char output[32])
void pk_init(pk_context *ctx)
Initialize a pk_context (as NONE)
static int x509parse_cert_info(char *buf, size_t size, const char *prefix, const x509_cert *crt)
Certificate revocation list structure.
SHA-384 and SHA-512 cryptographic hash function.
int x509_csr_info(char *buf, size_t size, const char *prefix, const x509_csr *csr)
Returns an informational string about the CSR.
int pk_parse_key(pk_context *ctx, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen)
Parse a private key.
void sha256_finish(sha256_context *ctx, unsigned char output[32])
SHA-256 final digest.
void sha512_hmac_starts(sha512_context *ctx, const unsigned char *key, size_t keylen, int is384)
SHA-512 HMAC context setup.
int x509_crt_parse_path(x509_crt *chain, const char *path)
Load one or more certificate files from a path and add them to the chained list.
Certificate Signing Request (CSR) structure.
void sha512_hmac_reset(sha512_context *ctx)
SHA-512 HMAC context reset.
static void sha4_hmac_finish(sha512_context *ctx, unsigned char output[64])
static void sha2_hmac_starts(sha256_context *ctx, const unsigned char *key, size_t keylen, int is224)
SHA-256 context structure.
int x509_csr_parse_file(x509_csr *csr, const char *path)
Load a Certificate Signing Request (CSR)
int pk_parse_keyfile(pk_context *ctx, const char *path, const char *password)
Load and parse a private key.
int x509_crt_info(char *buf, size_t size, const char *prefix, const x509_crt *crt)
Returns an informational string about the certificate.
static void sha4_hmac(const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char output[64], int is384)
SHA-224 and SHA-256 cryptographic hash function.
void sha512_update(sha512_context *ctx, const unsigned char *input, size_t ilen)
SHA-512 process buffer.
static int x509parse_crl(x509_crl *chain, const unsigned char *buf, size_t buflen)
int x509_serial_gets(char *buf, size_t size, const x509_buf *serial)
Store the certificate serial in printable form into buf; no more than size characters will be written...
static void sha4_hmac_update(sha512_context *ctx, const unsigned char *input, size_t ilen)
int x509_crt_parse_file(x509_crt *chain, const char *path)
Load one or more certificates and add them to the chained list.