<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/> <meta http-equiv="X-UA-Compatible" content="IE=9"/> <meta name="generator" content="Doxygen 1.8.5"/> <title>PolarSSL v1.3.8: x509_crt.c Source File</title> <link href="tabs.css" rel="stylesheet" type="text/css"/> <script type="text/javascript" src="jquery.js"></script> <script type="text/javascript" src="dynsections.js"></script> <link href="doxygen.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="top"><!-- do not remove this div, it is closed by doxygen! --> <div id="titlearea"> <table cellspacing="0" cellpadding="0"> <tbody> <tr style="height: 56px;"> <td style="padding-left: 0.5em;"> <div id="projectname">PolarSSL v1.3.8 </div> </td> </tr> </tbody> </table> </div> <!-- end header part --> <!-- Generated by Doxygen 1.8.5 --> <div id="navrow1" class="tabs"> <ul class="tablist"> <li><a href="index.html"><span>Main Page</span></a></li> <li><a href="modules.html"><span>Modules</span></a></li> <li><a href="annotated.html"><span>Data Structures</span></a></li> <li class="current"><a href="files.html"><span>Files</span></a></li> </ul> </div> <div id="navrow2" class="tabs2"> <ul class="tablist"> <li><a href="files.html"><span>File List</span></a></li> <li><a href="globals.html"><span>Globals</span></a></li> </ul> </div> <div id="nav-path" class="navpath"> <ul> <li class="navelem"><a class="el" href="dir_4478130ea462cc4195c75f9e6ba20061.html">library</a></li> </ul> </div> </div><!-- top --> <div class="header"> <div class="headertitle"> <div class="title">x509_crt.c</div> </div> </div><!--header--> <div class="contents"> <a href="x509__crt_8c.html">Go to the documentation of this file.</a><div class="fragment"><div class="line"><a name="l00001"></a><span class="lineno"> 1</span> <span class="comment">/*</span></div> <div class="line"><a name="l00002"></a><span class="lineno"> 2</span> <span class="comment"> * X.509 certificate parsing and verification</span></div> <div class="line"><a name="l00003"></a><span class="lineno"> 3</span> <span class="comment"> *</span></div> <div class="line"><a name="l00004"></a><span class="lineno"> 4</span> <span class="comment"> * Copyright (C) 2006-2014, Brainspark B.V.</span></div> <div class="line"><a name="l00005"></a><span class="lineno"> 5</span> <span class="comment"> *</span></div> <div class="line"><a name="l00006"></a><span class="lineno"> 6</span> <span class="comment"> * This file is part of PolarSSL (http://www.polarssl.org)</span></div> <div class="line"><a name="l00007"></a><span class="lineno"> 7</span> <span class="comment"> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org></span></div> <div class="line"><a name="l00008"></a><span class="lineno"> 8</span> <span class="comment"> *</span></div> <div class="line"><a name="l00009"></a><span class="lineno"> 9</span> <span class="comment"> * All rights reserved.</span></div> <div class="line"><a name="l00010"></a><span class="lineno"> 10</span> <span class="comment"> *</span></div> <div class="line"><a name="l00011"></a><span class="lineno"> 11</span> <span class="comment"> * This program is free software; you can redistribute it and/or modify</span></div> <div class="line"><a name="l00012"></a><span class="lineno"> 12</span> <span class="comment"> * it under the terms of the GNU General Public License as published by</span></div> <div class="line"><a name="l00013"></a><span class="lineno"> 13</span> <span class="comment"> * the Free Software Foundation; either version 2 of the License, or</span></div> <div class="line"><a name="l00014"></a><span class="lineno"> 14</span> <span class="comment"> * (at your option) any later version.</span></div> <div class="line"><a name="l00015"></a><span class="lineno"> 15</span> <span class="comment"> *</span></div> <div class="line"><a name="l00016"></a><span class="lineno"> 16</span> <span class="comment"> * This program is distributed in the hope that it will be useful,</span></div> <div class="line"><a name="l00017"></a><span class="lineno"> 17</span> <span class="comment"> * but WITHOUT ANY WARRANTY; without even the implied warranty of</span></div> <div class="line"><a name="l00018"></a><span class="lineno"> 18</span> <span class="comment"> * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the</span></div> <div class="line"><a name="l00019"></a><span class="lineno"> 19</span> <span class="comment"> * GNU General Public License for more details.</span></div> <div class="line"><a name="l00020"></a><span class="lineno"> 20</span> <span class="comment"> *</span></div> <div class="line"><a name="l00021"></a><span class="lineno"> 21</span> <span class="comment"> * You should have received a copy of the GNU General Public License along</span></div> <div class="line"><a name="l00022"></a><span class="lineno"> 22</span> <span class="comment"> * with this program; if not, write to the Free Software Foundation, Inc.,</span></div> <div class="line"><a name="l00023"></a><span class="lineno"> 23</span> <span class="comment"> * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.</span></div> <div class="line"><a name="l00024"></a><span class="lineno"> 24</span> <span class="comment"> */</span></div> <div class="line"><a name="l00025"></a><span class="lineno"> 25</span> <span class="comment">/*</span></div> <div class="line"><a name="l00026"></a><span class="lineno"> 26</span> <span class="comment"> * The ITU-T X.509 standard defines a certificate format for PKI.</span></div> <div class="line"><a name="l00027"></a><span class="lineno"> 27</span> <span class="comment"> *</span></div> <div class="line"><a name="l00028"></a><span class="lineno"> 28</span> <span class="comment"> * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)</span></div> <div class="line"><a name="l00029"></a><span class="lineno"> 29</span> <span class="comment"> * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)</span></div> <div class="line"><a name="l00030"></a><span class="lineno"> 30</span> <span class="comment"> * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)</span></div> <div class="line"><a name="l00031"></a><span class="lineno"> 31</span> <span class="comment"> *</span></div> <div class="line"><a name="l00032"></a><span class="lineno"> 32</span> <span class="comment"> * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf</span></div> <div class="line"><a name="l00033"></a><span class="lineno"> 33</span> <span class="comment"> * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf</span></div> <div class="line"><a name="l00034"></a><span class="lineno"> 34</span> <span class="comment"> */</span></div> <div class="line"><a name="l00035"></a><span class="lineno"> 35</span> </div> <div class="line"><a name="l00036"></a><span class="lineno"> 36</span> <span class="preprocessor">#if !defined(POLARSSL_CONFIG_FILE)</span></div> <div class="line"><a name="l00037"></a><span class="lineno"> 37</span> <span class="preprocessor"></span><span class="preprocessor">#include "<a class="code" href="config_8h.html">polarssl/config.h</a>"</span></div> <div class="line"><a name="l00038"></a><span class="lineno"> 38</span> <span class="preprocessor">#else</span></div> <div class="line"><a name="l00039"></a><span class="lineno"> 39</span> <span class="preprocessor"></span><span class="preprocessor">#include POLARSSL_CONFIG_FILE</span></div> <div class="line"><a name="l00040"></a><span class="lineno"> 40</span> <span class="preprocessor"></span><span class="preprocessor">#endif</span></div> <div class="line"><a name="l00041"></a><span class="lineno"> 41</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00042"></a><span class="lineno"> 42</span> <span class="preprocessor">#if defined(POLARSSL_X509_CRT_PARSE_C)</span></div> <div class="line"><a name="l00043"></a><span class="lineno"> 43</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00044"></a><span class="lineno"> 44</span> <span class="preprocessor">#include "<a class="code" href="x509__crt_8h.html">polarssl/x509_crt.h</a>"</span></div> <div class="line"><a name="l00045"></a><span class="lineno"> 45</span> <span class="preprocessor">#include "<a class="code" href="oid_8h.html">polarssl/oid.h</a>"</span></div> <div class="line"><a name="l00046"></a><span class="lineno"> 46</span> <span class="preprocessor">#if defined(POLARSSL_PEM_PARSE_C)</span></div> <div class="line"><a name="l00047"></a><span class="lineno"> 47</span> <span class="preprocessor"></span><span class="preprocessor">#include "<a class="code" href="pem_8h.html">polarssl/pem.h</a>"</span></div> <div class="line"><a name="l00048"></a><span class="lineno"> 48</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00049"></a><span class="lineno"> 49</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00050"></a><span class="lineno"> 50</span> <span class="preprocessor">#if defined(POLARSSL_PLATFORM_C)</span></div> <div class="line"><a name="l00051"></a><span class="lineno"> 51</span> <span class="preprocessor"></span><span class="preprocessor">#include "<a class="code" href="platform_8h.html">polarssl/platform.h</a>"</span></div> <div class="line"><a name="l00052"></a><span class="lineno"> 52</span> <span class="preprocessor">#else</span></div> <div class="line"><a name="l00053"></a><span class="lineno"> 53</span> <span class="preprocessor"></span><span class="preprocessor">#define polarssl_malloc malloc</span></div> <div class="line"><a name="l00054"></a><span class="lineno"> 54</span> <span class="preprocessor"></span><span class="preprocessor">#define polarssl_free free</span></div> <div class="line"><a name="l00055"></a><span class="lineno"> 55</span> <span class="preprocessor"></span><span class="preprocessor">#endif</span></div> <div class="line"><a name="l00056"></a><span class="lineno"> 56</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00057"></a><span class="lineno"> 57</span> <span class="preprocessor">#if defined(POLARSSL_THREADING_C)</span></div> <div class="line"><a name="l00058"></a><span class="lineno"> 58</span> <span class="preprocessor"></span><span class="preprocessor">#include "<a class="code" href="threading_8h.html">polarssl/threading.h</a>"</span></div> <div class="line"><a name="l00059"></a><span class="lineno"> 59</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00060"></a><span class="lineno"> 60</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00061"></a><span class="lineno"> 61</span> <span class="preprocessor">#include <string.h></span></div> <div class="line"><a name="l00062"></a><span class="lineno"> 62</span> <span class="preprocessor">#include <stdlib.h></span></div> <div class="line"><a name="l00063"></a><span class="lineno"> 63</span> <span class="preprocessor">#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)</span></div> <div class="line"><a name="l00064"></a><span class="lineno"> 64</span> <span class="preprocessor"></span><span class="preprocessor">#include <windows.h></span></div> <div class="line"><a name="l00065"></a><span class="lineno"> 65</span> <span class="preprocessor">#else</span></div> <div class="line"><a name="l00066"></a><span class="lineno"> 66</span> <span class="preprocessor"></span><span class="preprocessor">#include <time.h></span></div> <div class="line"><a name="l00067"></a><span class="lineno"> 67</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00068"></a><span class="lineno"> 68</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00069"></a><span class="lineno"> 69</span> <span class="preprocessor">#if defined(EFIX64) || defined(EFI32)</span></div> <div class="line"><a name="l00070"></a><span class="lineno"> 70</span> <span class="preprocessor"></span><span class="preprocessor">#include <stdio.h></span></div> <div class="line"><a name="l00071"></a><span class="lineno"> 71</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00072"></a><span class="lineno"> 72</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00073"></a><span class="lineno"> 73</span> <span class="preprocessor">#if defined(POLARSSL_FS_IO)</span></div> <div class="line"><a name="l00074"></a><span class="lineno"> 74</span> <span class="preprocessor"></span><span class="preprocessor">#include <stdio.h></span></div> <div class="line"><a name="l00075"></a><span class="lineno"> 75</span> <span class="preprocessor">#if !defined(_WIN32) || defined(EFIX64) || defined(EFI32)</span></div> <div class="line"><a name="l00076"></a><span class="lineno"> 76</span> <span class="preprocessor"></span><span class="preprocessor">#include <sys/types.h></span></div> <div class="line"><a name="l00077"></a><span class="lineno"> 77</span> <span class="preprocessor">#include <sys/stat.h></span></div> <div class="line"><a name="l00078"></a><span class="lineno"> 78</span> <span class="preprocessor">#include <dirent.h></span></div> <div class="line"><a name="l00079"></a><span class="lineno"> 79</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00080"></a><span class="lineno"> 80</span> <span class="preprocessor"></span><span class="preprocessor">#endif</span></div> <div class="line"><a name="l00081"></a><span class="lineno"> 81</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00082"></a><span class="lineno"> 82</span> <span class="comment">/* Implementation that should never be optimized out by the compiler */</span></div> <div class="line"><a name="l00083"></a><span class="lineno"> 83</span> <span class="keyword">static</span> <span class="keywordtype">void</span> polarssl_zeroize( <span class="keywordtype">void</span> *v, <span class="keywordtype">size_t</span> n ) {</div> <div class="line"><a name="l00084"></a><span class="lineno"> 84</span>  <span class="keyword">volatile</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *p = v; <span class="keywordflow">while</span>( n-- ) *p++ = 0;</div> <div class="line"><a name="l00085"></a><span class="lineno"> 85</span> }</div> <div class="line"><a name="l00086"></a><span class="lineno"> 86</span> </div> <div class="line"><a name="l00087"></a><span class="lineno"> 87</span> <span class="comment">/*</span></div> <div class="line"><a name="l00088"></a><span class="lineno"> 88</span> <span class="comment"> * Version ::= INTEGER { v1(0), v2(1), v3(2) }</span></div> <div class="line"><a name="l00089"></a><span class="lineno"> 89</span> <span class="comment"> */</span></div> <div class="line"><a name="l00090"></a><span class="lineno"> 90</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_get_version( <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **p,</div> <div class="line"><a name="l00091"></a><span class="lineno"> 91</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end,</div> <div class="line"><a name="l00092"></a><span class="lineno"> 92</span>  <span class="keywordtype">int</span> *ver )</div> <div class="line"><a name="l00093"></a><span class="lineno"> 93</span> {</div> <div class="line"><a name="l00094"></a><span class="lineno"> 94</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00095"></a><span class="lineno"> 95</span>  <span class="keywordtype">size_t</span> len;</div> <div class="line"><a name="l00096"></a><span class="lineno"> 96</span> </div> <div class="line"><a name="l00097"></a><span class="lineno"> 97</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( p, end, &len,</div> <div class="line"><a name="l00098"></a><span class="lineno"> 98</span>  <a class="code" href="group__asn1__module.html#gab1f89bc6e469d46d5293f724d317d1d7">ASN1_CONTEXT_SPECIFIC</a> | <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | 0 ) ) != 0 )</div> <div class="line"><a name="l00099"></a><span class="lineno"> 99</span>  {</div> <div class="line"><a name="l00100"></a><span class="lineno"> 100</span>  <span class="keywordflow">if</span>( ret == <a class="code" href="group__asn1__module.html#ga171798e67a7a1024ab5e1c12c73f0537">POLARSSL_ERR_ASN1_UNEXPECTED_TAG</a> )</div> <div class="line"><a name="l00101"></a><span class="lineno"> 101</span>  {</div> <div class="line"><a name="l00102"></a><span class="lineno"> 102</span>  *ver = 0;</div> <div class="line"><a name="l00103"></a><span class="lineno"> 103</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00104"></a><span class="lineno"> 104</span>  }</div> <div class="line"><a name="l00105"></a><span class="lineno"> 105</span> </div> <div class="line"><a name="l00106"></a><span class="lineno"> 106</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00107"></a><span class="lineno"> 107</span>  }</div> <div class="line"><a name="l00108"></a><span class="lineno"> 108</span> </div> <div class="line"><a name="l00109"></a><span class="lineno"> 109</span>  end = *p + len;</div> <div class="line"><a name="l00110"></a><span class="lineno"> 110</span> </div> <div class="line"><a name="l00111"></a><span class="lineno"> 111</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#ac1ec6c9510754709ffbe5ed9b746d009">asn1_get_int</a>( p, end, ver ) ) != 0 )</div> <div class="line"><a name="l00112"></a><span class="lineno"> 112</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga7fb5d1b9bb950f41cf57a6e156a318ff">POLARSSL_ERR_X509_INVALID_VERSION</a> + ret );</div> <div class="line"><a name="l00113"></a><span class="lineno"> 113</span> </div> <div class="line"><a name="l00114"></a><span class="lineno"> 114</span>  <span class="keywordflow">if</span>( *p != end )</div> <div class="line"><a name="l00115"></a><span class="lineno"> 115</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga7fb5d1b9bb950f41cf57a6e156a318ff">POLARSSL_ERR_X509_INVALID_VERSION</a> +</div> <div class="line"><a name="l00116"></a><span class="lineno"> 116</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00117"></a><span class="lineno"> 117</span> </div> <div class="line"><a name="l00118"></a><span class="lineno"> 118</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00119"></a><span class="lineno"> 119</span> }</div> <div class="line"><a name="l00120"></a><span class="lineno"> 120</span> </div> <div class="line"><a name="l00121"></a><span class="lineno"> 121</span> <span class="comment">/*</span></div> <div class="line"><a name="l00122"></a><span class="lineno"> 122</span> <span class="comment"> * Validity ::= SEQUENCE {</span></div> <div class="line"><a name="l00123"></a><span class="lineno"> 123</span> <span class="comment"> * notBefore Time,</span></div> <div class="line"><a name="l00124"></a><span class="lineno"> 124</span> <span class="comment"> * notAfter Time }</span></div> <div class="line"><a name="l00125"></a><span class="lineno"> 125</span> <span class="comment"> */</span></div> <div class="line"><a name="l00126"></a><span class="lineno"> 126</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_get_dates( <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **p,</div> <div class="line"><a name="l00127"></a><span class="lineno"> 127</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end,</div> <div class="line"><a name="l00128"></a><span class="lineno"> 128</span>  <a class="code" href="struct__x509__time.html">x509_time</a> *from,</div> <div class="line"><a name="l00129"></a><span class="lineno"> 129</span>  <a class="code" href="struct__x509__time.html">x509_time</a> *to )</div> <div class="line"><a name="l00130"></a><span class="lineno"> 130</span> {</div> <div class="line"><a name="l00131"></a><span class="lineno"> 131</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00132"></a><span class="lineno"> 132</span>  <span class="keywordtype">size_t</span> len;</div> <div class="line"><a name="l00133"></a><span class="lineno"> 133</span> </div> <div class="line"><a name="l00134"></a><span class="lineno"> 134</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( p, end, &len,</div> <div class="line"><a name="l00135"></a><span class="lineno"> 135</span>  <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | <a class="code" href="group__asn1__module.html#ga9321fc9f2a5ef4103008fbe5c4b230df">ASN1_SEQUENCE</a> ) ) != 0 )</div> <div class="line"><a name="l00136"></a><span class="lineno"> 136</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga4c0033b4b5ea413f79b133b9172d967b">POLARSSL_ERR_X509_INVALID_DATE</a> + ret );</div> <div class="line"><a name="l00137"></a><span class="lineno"> 137</span> </div> <div class="line"><a name="l00138"></a><span class="lineno"> 138</span>  end = *p + len;</div> <div class="line"><a name="l00139"></a><span class="lineno"> 139</span> </div> <div class="line"><a name="l00140"></a><span class="lineno"> 140</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="x509_8h.html#ace702be6b8cff538d3bfef72d2591741">x509_get_time</a>( p, end, from ) ) != 0 )</div> <div class="line"><a name="l00141"></a><span class="lineno"> 141</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00142"></a><span class="lineno"> 142</span> </div> <div class="line"><a name="l00143"></a><span class="lineno"> 143</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="x509_8h.html#ace702be6b8cff538d3bfef72d2591741">x509_get_time</a>( p, end, to ) ) != 0 )</div> <div class="line"><a name="l00144"></a><span class="lineno"> 144</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00145"></a><span class="lineno"> 145</span> </div> <div class="line"><a name="l00146"></a><span class="lineno"> 146</span>  <span class="keywordflow">if</span>( *p != end )</div> <div class="line"><a name="l00147"></a><span class="lineno"> 147</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga4c0033b4b5ea413f79b133b9172d967b">POLARSSL_ERR_X509_INVALID_DATE</a> +</div> <div class="line"><a name="l00148"></a><span class="lineno"> 148</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00149"></a><span class="lineno"> 149</span> </div> <div class="line"><a name="l00150"></a><span class="lineno"> 150</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00151"></a><span class="lineno"> 151</span> }</div> <div class="line"><a name="l00152"></a><span class="lineno"> 152</span> </div> <div class="line"><a name="l00153"></a><span class="lineno"> 153</span> <span class="comment">/*</span></div> <div class="line"><a name="l00154"></a><span class="lineno"> 154</span> <span class="comment"> * X.509 v2/v3 unique identifier (not parsed)</span></div> <div class="line"><a name="l00155"></a><span class="lineno"> 155</span> <span class="comment"> */</span></div> <div class="line"><a name="l00156"></a><span class="lineno"> 156</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_get_uid( <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **p,</div> <div class="line"><a name="l00157"></a><span class="lineno"> 157</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end,</div> <div class="line"><a name="l00158"></a><span class="lineno"> 158</span>  <a class="code" href="struct__asn1__buf.html">x509_buf</a> *uid, <span class="keywordtype">int</span> n )</div> <div class="line"><a name="l00159"></a><span class="lineno"> 159</span> {</div> <div class="line"><a name="l00160"></a><span class="lineno"> 160</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00161"></a><span class="lineno"> 161</span> </div> <div class="line"><a name="l00162"></a><span class="lineno"> 162</span>  <span class="keywordflow">if</span>( *p == end )</div> <div class="line"><a name="l00163"></a><span class="lineno"> 163</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00164"></a><span class="lineno"> 164</span> </div> <div class="line"><a name="l00165"></a><span class="lineno"> 165</span>  uid-><a class="code" href="struct__asn1__buf.html#a15a91b2c0722fdcdec3b930ab2750261">tag</a> = **p;</div> <div class="line"><a name="l00166"></a><span class="lineno"> 166</span> </div> <div class="line"><a name="l00167"></a><span class="lineno"> 167</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( p, end, &uid-><a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a>,</div> <div class="line"><a name="l00168"></a><span class="lineno"> 168</span>  <a class="code" href="group__asn1__module.html#gab1f89bc6e469d46d5293f724d317d1d7">ASN1_CONTEXT_SPECIFIC</a> | <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | n ) ) != 0 )</div> <div class="line"><a name="l00169"></a><span class="lineno"> 169</span>  {</div> <div class="line"><a name="l00170"></a><span class="lineno"> 170</span>  <span class="keywordflow">if</span>( ret == <a class="code" href="group__asn1__module.html#ga171798e67a7a1024ab5e1c12c73f0537">POLARSSL_ERR_ASN1_UNEXPECTED_TAG</a> )</div> <div class="line"><a name="l00171"></a><span class="lineno"> 171</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00172"></a><span class="lineno"> 172</span> </div> <div class="line"><a name="l00173"></a><span class="lineno"> 173</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00174"></a><span class="lineno"> 174</span>  }</div> <div class="line"><a name="l00175"></a><span class="lineno"> 175</span> </div> <div class="line"><a name="l00176"></a><span class="lineno"> 176</span>  uid-><a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> = *p;</div> <div class="line"><a name="l00177"></a><span class="lineno"> 177</span>  *p += uid-><a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a>;</div> <div class="line"><a name="l00178"></a><span class="lineno"> 178</span> </div> <div class="line"><a name="l00179"></a><span class="lineno"> 179</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00180"></a><span class="lineno"> 180</span> }</div> <div class="line"><a name="l00181"></a><span class="lineno"> 181</span> </div> <div class="line"><a name="l00182"></a><span class="lineno"> 182</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_get_basic_constraints( <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **p,</div> <div class="line"><a name="l00183"></a><span class="lineno"> 183</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end,</div> <div class="line"><a name="l00184"></a><span class="lineno"> 184</span>  <span class="keywordtype">int</span> *ca_istrue,</div> <div class="line"><a name="l00185"></a><span class="lineno"> 185</span>  <span class="keywordtype">int</span> *max_pathlen )</div> <div class="line"><a name="l00186"></a><span class="lineno"> 186</span> {</div> <div class="line"><a name="l00187"></a><span class="lineno"> 187</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00188"></a><span class="lineno"> 188</span>  <span class="keywordtype">size_t</span> len;</div> <div class="line"><a name="l00189"></a><span class="lineno"> 189</span> </div> <div class="line"><a name="l00190"></a><span class="lineno"> 190</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00191"></a><span class="lineno"> 191</span> <span class="comment"> * BasicConstraints ::= SEQUENCE {</span></div> <div class="line"><a name="l00192"></a><span class="lineno"> 192</span> <span class="comment"> * cA BOOLEAN DEFAULT FALSE,</span></div> <div class="line"><a name="l00193"></a><span class="lineno"> 193</span> <span class="comment"> * pathLenConstraint INTEGER (0..MAX) OPTIONAL }</span></div> <div class="line"><a name="l00194"></a><span class="lineno"> 194</span> <span class="comment"> */</span></div> <div class="line"><a name="l00195"></a><span class="lineno"> 195</span>  *ca_istrue = 0; <span class="comment">/* DEFAULT FALSE */</span></div> <div class="line"><a name="l00196"></a><span class="lineno"> 196</span>  *max_pathlen = 0; <span class="comment">/* endless */</span></div> <div class="line"><a name="l00197"></a><span class="lineno"> 197</span> </div> <div class="line"><a name="l00198"></a><span class="lineno"> 198</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( p, end, &len,</div> <div class="line"><a name="l00199"></a><span class="lineno"> 199</span>  <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | <a class="code" href="group__asn1__module.html#ga9321fc9f2a5ef4103008fbe5c4b230df">ASN1_SEQUENCE</a> ) ) != 0 )</div> <div class="line"><a name="l00200"></a><span class="lineno"> 200</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00201"></a><span class="lineno"> 201</span> </div> <div class="line"><a name="l00202"></a><span class="lineno"> 202</span>  <span class="keywordflow">if</span>( *p == end )</div> <div class="line"><a name="l00203"></a><span class="lineno"> 203</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00204"></a><span class="lineno"> 204</span> </div> <div class="line"><a name="l00205"></a><span class="lineno"> 205</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#a099cac848d0bbdc60dd440153e794a1c">asn1_get_bool</a>( p, end, ca_istrue ) ) != 0 )</div> <div class="line"><a name="l00206"></a><span class="lineno"> 206</span>  {</div> <div class="line"><a name="l00207"></a><span class="lineno"> 207</span>  <span class="keywordflow">if</span>( ret == <a class="code" href="group__asn1__module.html#ga171798e67a7a1024ab5e1c12c73f0537">POLARSSL_ERR_ASN1_UNEXPECTED_TAG</a> )</div> <div class="line"><a name="l00208"></a><span class="lineno"> 208</span>  ret = <a class="code" href="asn1_8h.html#ac1ec6c9510754709ffbe5ed9b746d009">asn1_get_int</a>( p, end, ca_istrue );</div> <div class="line"><a name="l00209"></a><span class="lineno"> 209</span> </div> <div class="line"><a name="l00210"></a><span class="lineno"> 210</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l00211"></a><span class="lineno"> 211</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00212"></a><span class="lineno"> 212</span> </div> <div class="line"><a name="l00213"></a><span class="lineno"> 213</span>  <span class="keywordflow">if</span>( *ca_istrue != 0 )</div> <div class="line"><a name="l00214"></a><span class="lineno"> 214</span>  *ca_istrue = 1;</div> <div class="line"><a name="l00215"></a><span class="lineno"> 215</span>  }</div> <div class="line"><a name="l00216"></a><span class="lineno"> 216</span> </div> <div class="line"><a name="l00217"></a><span class="lineno"> 217</span>  <span class="keywordflow">if</span>( *p == end )</div> <div class="line"><a name="l00218"></a><span class="lineno"> 218</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00219"></a><span class="lineno"> 219</span> </div> <div class="line"><a name="l00220"></a><span class="lineno"> 220</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#ac1ec6c9510754709ffbe5ed9b746d009">asn1_get_int</a>( p, end, max_pathlen ) ) != 0 )</div> <div class="line"><a name="l00221"></a><span class="lineno"> 221</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00222"></a><span class="lineno"> 222</span> </div> <div class="line"><a name="l00223"></a><span class="lineno"> 223</span>  <span class="keywordflow">if</span>( *p != end )</div> <div class="line"><a name="l00224"></a><span class="lineno"> 224</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00225"></a><span class="lineno"> 225</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00226"></a><span class="lineno"> 226</span> </div> <div class="line"><a name="l00227"></a><span class="lineno"> 227</span>  (*max_pathlen)++;</div> <div class="line"><a name="l00228"></a><span class="lineno"> 228</span> </div> <div class="line"><a name="l00229"></a><span class="lineno"> 229</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00230"></a><span class="lineno"> 230</span> }</div> <div class="line"><a name="l00231"></a><span class="lineno"> 231</span> </div> <div class="line"><a name="l00232"></a><span class="lineno"> 232</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_get_ns_cert_type( <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **p,</div> <div class="line"><a name="l00233"></a><span class="lineno"> 233</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end,</div> <div class="line"><a name="l00234"></a><span class="lineno"> 234</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *ns_cert_type)</div> <div class="line"><a name="l00235"></a><span class="lineno"> 235</span> {</div> <div class="line"><a name="l00236"></a><span class="lineno"> 236</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00237"></a><span class="lineno"> 237</span>  <a class="code" href="struct__asn1__bitstring.html">x509_bitstring</a> bs = { 0, 0, NULL };</div> <div class="line"><a name="l00238"></a><span class="lineno"> 238</span> </div> <div class="line"><a name="l00239"></a><span class="lineno"> 239</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#a8cb7d558ab80268d8a01ad05c2a7804a">asn1_get_bitstring</a>( p, end, &bs ) ) != 0 )</div> <div class="line"><a name="l00240"></a><span class="lineno"> 240</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00241"></a><span class="lineno"> 241</span> </div> <div class="line"><a name="l00242"></a><span class="lineno"> 242</span>  <span class="keywordflow">if</span>( bs.<a class="code" href="struct__asn1__bitstring.html#a031738b1889cd7c0e1b7c11fb958b174">len</a> != 1 )</div> <div class="line"><a name="l00243"></a><span class="lineno"> 243</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00244"></a><span class="lineno"> 244</span>  <a class="code" href="group__asn1__module.html#ga05662cd7f7290c3de3e74598f0a60b7e">POLARSSL_ERR_ASN1_INVALID_LENGTH</a> );</div> <div class="line"><a name="l00245"></a><span class="lineno"> 245</span> </div> <div class="line"><a name="l00246"></a><span class="lineno"> 246</span>  <span class="comment">/* Get actual bitstring */</span></div> <div class="line"><a name="l00247"></a><span class="lineno"> 247</span>  *ns_cert_type = *bs.<a class="code" href="struct__asn1__bitstring.html#aab51c5966b17778a743e4189e9b7ee65">p</a>;</div> <div class="line"><a name="l00248"></a><span class="lineno"> 248</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00249"></a><span class="lineno"> 249</span> }</div> <div class="line"><a name="l00250"></a><span class="lineno"> 250</span> </div> <div class="line"><a name="l00251"></a><span class="lineno"> 251</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_get_key_usage( <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **p,</div> <div class="line"><a name="l00252"></a><span class="lineno"> 252</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end,</div> <div class="line"><a name="l00253"></a><span class="lineno"> 253</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *key_usage)</div> <div class="line"><a name="l00254"></a><span class="lineno"> 254</span> {</div> <div class="line"><a name="l00255"></a><span class="lineno"> 255</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00256"></a><span class="lineno"> 256</span>  <a class="code" href="struct__asn1__bitstring.html">x509_bitstring</a> bs = { 0, 0, NULL };</div> <div class="line"><a name="l00257"></a><span class="lineno"> 257</span> </div> <div class="line"><a name="l00258"></a><span class="lineno"> 258</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#a8cb7d558ab80268d8a01ad05c2a7804a">asn1_get_bitstring</a>( p, end, &bs ) ) != 0 )</div> <div class="line"><a name="l00259"></a><span class="lineno"> 259</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00260"></a><span class="lineno"> 260</span> </div> <div class="line"><a name="l00261"></a><span class="lineno"> 261</span>  <span class="keywordflow">if</span>( bs.<a class="code" href="struct__asn1__bitstring.html#a031738b1889cd7c0e1b7c11fb958b174">len</a> < 1 )</div> <div class="line"><a name="l00262"></a><span class="lineno"> 262</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00263"></a><span class="lineno"> 263</span>  <a class="code" href="group__asn1__module.html#ga05662cd7f7290c3de3e74598f0a60b7e">POLARSSL_ERR_ASN1_INVALID_LENGTH</a> );</div> <div class="line"><a name="l00264"></a><span class="lineno"> 264</span> </div> <div class="line"><a name="l00265"></a><span class="lineno"> 265</span>  <span class="comment">/* Get actual bitstring */</span></div> <div class="line"><a name="l00266"></a><span class="lineno"> 266</span>  *key_usage = *bs.<a class="code" href="struct__asn1__bitstring.html#aab51c5966b17778a743e4189e9b7ee65">p</a>;</div> <div class="line"><a name="l00267"></a><span class="lineno"> 267</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00268"></a><span class="lineno"> 268</span> }</div> <div class="line"><a name="l00269"></a><span class="lineno"> 269</span> </div> <div class="line"><a name="l00270"></a><span class="lineno"> 270</span> <span class="comment">/*</span></div> <div class="line"><a name="l00271"></a><span class="lineno"> 271</span> <span class="comment"> * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId</span></div> <div class="line"><a name="l00272"></a><span class="lineno"> 272</span> <span class="comment"> *</span></div> <div class="line"><a name="l00273"></a><span class="lineno"> 273</span> <span class="comment"> * KeyPurposeId ::= OBJECT IDENTIFIER</span></div> <div class="line"><a name="l00274"></a><span class="lineno"> 274</span> <span class="comment"> */</span></div> <div class="line"><a name="l00275"></a><span class="lineno"> 275</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_get_ext_key_usage( <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **p,</div> <div class="line"><a name="l00276"></a><span class="lineno"> 276</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end,</div> <div class="line"><a name="l00277"></a><span class="lineno"> 277</span>  <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *ext_key_usage)</div> <div class="line"><a name="l00278"></a><span class="lineno"> 278</span> {</div> <div class="line"><a name="l00279"></a><span class="lineno"> 279</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00280"></a><span class="lineno"> 280</span> </div> <div class="line"><a name="l00281"></a><span class="lineno"> 281</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#aff5e02b8136105bacb05e350678bad0d">asn1_get_sequence_of</a>( p, end, ext_key_usage, <a class="code" href="group__asn1__module.html#ga3fef844d0ea67080b66b3a4d5f0a9ec8">ASN1_OID</a> ) ) != 0 )</div> <div class="line"><a name="l00282"></a><span class="lineno"> 282</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00283"></a><span class="lineno"> 283</span> </div> <div class="line"><a name="l00284"></a><span class="lineno"> 284</span>  <span class="comment">/* Sequence length must be >= 1 */</span></div> <div class="line"><a name="l00285"></a><span class="lineno"> 285</span>  <span class="keywordflow">if</span>( ext_key_usage-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> == NULL )</div> <div class="line"><a name="l00286"></a><span class="lineno"> 286</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00287"></a><span class="lineno"> 287</span>  <a class="code" href="group__asn1__module.html#ga05662cd7f7290c3de3e74598f0a60b7e">POLARSSL_ERR_ASN1_INVALID_LENGTH</a> );</div> <div class="line"><a name="l00288"></a><span class="lineno"> 288</span> </div> <div class="line"><a name="l00289"></a><span class="lineno"> 289</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00290"></a><span class="lineno"> 290</span> }</div> <div class="line"><a name="l00291"></a><span class="lineno"> 291</span> </div> <div class="line"><a name="l00292"></a><span class="lineno"> 292</span> <span class="comment">/*</span></div> <div class="line"><a name="l00293"></a><span class="lineno"> 293</span> <span class="comment"> * SubjectAltName ::= GeneralNames</span></div> <div class="line"><a name="l00294"></a><span class="lineno"> 294</span> <span class="comment"> *</span></div> <div class="line"><a name="l00295"></a><span class="lineno"> 295</span> <span class="comment"> * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName</span></div> <div class="line"><a name="l00296"></a><span class="lineno"> 296</span> <span class="comment"> *</span></div> <div class="line"><a name="l00297"></a><span class="lineno"> 297</span> <span class="comment"> * GeneralName ::= CHOICE {</span></div> <div class="line"><a name="l00298"></a><span class="lineno"> 298</span> <span class="comment"> * otherName [0] OtherName,</span></div> <div class="line"><a name="l00299"></a><span class="lineno"> 299</span> <span class="comment"> * rfc822Name [1] IA5String,</span></div> <div class="line"><a name="l00300"></a><span class="lineno"> 300</span> <span class="comment"> * dNSName [2] IA5String,</span></div> <div class="line"><a name="l00301"></a><span class="lineno"> 301</span> <span class="comment"> * x400Address [3] ORAddress,</span></div> <div class="line"><a name="l00302"></a><span class="lineno"> 302</span> <span class="comment"> * directoryName [4] Name,</span></div> <div class="line"><a name="l00303"></a><span class="lineno"> 303</span> <span class="comment"> * ediPartyName [5] EDIPartyName,</span></div> <div class="line"><a name="l00304"></a><span class="lineno"> 304</span> <span class="comment"> * uniformResourceIdentifier [6] IA5String,</span></div> <div class="line"><a name="l00305"></a><span class="lineno"> 305</span> <span class="comment"> * iPAddress [7] OCTET STRING,</span></div> <div class="line"><a name="l00306"></a><span class="lineno"> 306</span> <span class="comment"> * registeredID [8] OBJECT IDENTIFIER }</span></div> <div class="line"><a name="l00307"></a><span class="lineno"> 307</span> <span class="comment"> *</span></div> <div class="line"><a name="l00308"></a><span class="lineno"> 308</span> <span class="comment"> * OtherName ::= SEQUENCE {</span></div> <div class="line"><a name="l00309"></a><span class="lineno"> 309</span> <span class="comment"> * type-id OBJECT IDENTIFIER,</span></div> <div class="line"><a name="l00310"></a><span class="lineno"> 310</span> <span class="comment"> * value [0] EXPLICIT ANY DEFINED BY type-id }</span></div> <div class="line"><a name="l00311"></a><span class="lineno"> 311</span> <span class="comment"> *</span></div> <div class="line"><a name="l00312"></a><span class="lineno"> 312</span> <span class="comment"> * EDIPartyName ::= SEQUENCE {</span></div> <div class="line"><a name="l00313"></a><span class="lineno"> 313</span> <span class="comment"> * nameAssigner [0] DirectoryString OPTIONAL,</span></div> <div class="line"><a name="l00314"></a><span class="lineno"> 314</span> <span class="comment"> * partyName [1] DirectoryString }</span></div> <div class="line"><a name="l00315"></a><span class="lineno"> 315</span> <span class="comment"> *</span></div> <div class="line"><a name="l00316"></a><span class="lineno"> 316</span> <span class="comment"> * NOTE: PolarSSL only parses and uses dNSName at this point.</span></div> <div class="line"><a name="l00317"></a><span class="lineno"> 317</span> <span class="comment"> */</span></div> <div class="line"><a name="l00318"></a><span class="lineno"> 318</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_get_subject_alt_name( <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **p,</div> <div class="line"><a name="l00319"></a><span class="lineno"> 319</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end,</div> <div class="line"><a name="l00320"></a><span class="lineno"> 320</span>  <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *subject_alt_name )</div> <div class="line"><a name="l00321"></a><span class="lineno"> 321</span> {</div> <div class="line"><a name="l00322"></a><span class="lineno"> 322</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00323"></a><span class="lineno"> 323</span>  <span class="keywordtype">size_t</span> len, tag_len;</div> <div class="line"><a name="l00324"></a><span class="lineno"> 324</span>  <a class="code" href="struct__asn1__buf.html">asn1_buf</a> *buf;</div> <div class="line"><a name="l00325"></a><span class="lineno"> 325</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> tag;</div> <div class="line"><a name="l00326"></a><span class="lineno"> 326</span>  <a class="code" href="struct__asn1__sequence.html">asn1_sequence</a> *cur = subject_alt_name;</div> <div class="line"><a name="l00327"></a><span class="lineno"> 327</span> </div> <div class="line"><a name="l00328"></a><span class="lineno"> 328</span>  <span class="comment">/* Get main sequence tag */</span></div> <div class="line"><a name="l00329"></a><span class="lineno"> 329</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( p, end, &len,</div> <div class="line"><a name="l00330"></a><span class="lineno"> 330</span>  <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | <a class="code" href="group__asn1__module.html#ga9321fc9f2a5ef4103008fbe5c4b230df">ASN1_SEQUENCE</a> ) ) != 0 )</div> <div class="line"><a name="l00331"></a><span class="lineno"> 331</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00332"></a><span class="lineno"> 332</span> </div> <div class="line"><a name="l00333"></a><span class="lineno"> 333</span>  <span class="keywordflow">if</span>( *p + len != end )</div> <div class="line"><a name="l00334"></a><span class="lineno"> 334</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00335"></a><span class="lineno"> 335</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00336"></a><span class="lineno"> 336</span> </div> <div class="line"><a name="l00337"></a><span class="lineno"> 337</span>  <span class="keywordflow">while</span>( *p < end )</div> <div class="line"><a name="l00338"></a><span class="lineno"> 338</span>  {</div> <div class="line"><a name="l00339"></a><span class="lineno"> 339</span>  <span class="keywordflow">if</span>( ( end - *p ) < 1 )</div> <div class="line"><a name="l00340"></a><span class="lineno"> 340</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00341"></a><span class="lineno"> 341</span>  <a class="code" href="group__asn1__module.html#ga0274145c2843f1d22cf7ca9b7ed37bab">POLARSSL_ERR_ASN1_OUT_OF_DATA</a> );</div> <div class="line"><a name="l00342"></a><span class="lineno"> 342</span> </div> <div class="line"><a name="l00343"></a><span class="lineno"> 343</span>  tag = **p;</div> <div class="line"><a name="l00344"></a><span class="lineno"> 344</span>  (*p)++;</div> <div class="line"><a name="l00345"></a><span class="lineno"> 345</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#acebb8b02851a2f8dfa866d1b8e7f2ebd">asn1_get_len</a>( p, end, &tag_len ) ) != 0 )</div> <div class="line"><a name="l00346"></a><span class="lineno"> 346</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00347"></a><span class="lineno"> 347</span> </div> <div class="line"><a name="l00348"></a><span class="lineno"> 348</span>  <span class="keywordflow">if</span>( ( tag & <a class="code" href="group__asn1__module.html#gab1f89bc6e469d46d5293f724d317d1d7">ASN1_CONTEXT_SPECIFIC</a> ) != ASN1_CONTEXT_SPECIFIC )</div> <div class="line"><a name="l00349"></a><span class="lineno"> 349</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00350"></a><span class="lineno"> 350</span>  <a class="code" href="group__asn1__module.html#ga171798e67a7a1024ab5e1c12c73f0537">POLARSSL_ERR_ASN1_UNEXPECTED_TAG</a> );</div> <div class="line"><a name="l00351"></a><span class="lineno"> 351</span> </div> <div class="line"><a name="l00352"></a><span class="lineno"> 352</span>  <span class="comment">/* Skip everything but DNS name */</span></div> <div class="line"><a name="l00353"></a><span class="lineno"> 353</span>  <span class="keywordflow">if</span>( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) )</div> <div class="line"><a name="l00354"></a><span class="lineno"> 354</span>  {</div> <div class="line"><a name="l00355"></a><span class="lineno"> 355</span>  *p += tag_len;</div> <div class="line"><a name="l00356"></a><span class="lineno"> 356</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l00357"></a><span class="lineno"> 357</span>  }</div> <div class="line"><a name="l00358"></a><span class="lineno"> 358</span> </div> <div class="line"><a name="l00359"></a><span class="lineno"> 359</span>  <span class="comment">/* Allocate and assign next pointer */</span></div> <div class="line"><a name="l00360"></a><span class="lineno"> 360</span>  <span class="keywordflow">if</span>( cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> != NULL )</div> <div class="line"><a name="l00361"></a><span class="lineno"> 361</span>  {</div> <div class="line"><a name="l00362"></a><span class="lineno"> 362</span>  cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a> = (<a class="code" href="struct__asn1__sequence.html">asn1_sequence</a> *) <a class="code" href="test__suite__aes_8cbc_8c.html#a2a0cfb9e59f28e2a1a5fd1880fb20d4b">polarssl_malloc</a>(</div> <div class="line"><a name="l00363"></a><span class="lineno"> 363</span>  <span class="keyword">sizeof</span>( <a class="code" href="struct__asn1__sequence.html">asn1_sequence</a> ) );</div> <div class="line"><a name="l00364"></a><span class="lineno"> 364</span> </div> <div class="line"><a name="l00365"></a><span class="lineno"> 365</span>  <span class="keywordflow">if</span>( cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a> == NULL )</div> <div class="line"><a name="l00366"></a><span class="lineno"> 366</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00367"></a><span class="lineno"> 367</span>  <a class="code" href="group__asn1__module.html#ga37e8d5745c2724e7330566921ca16fec">POLARSSL_ERR_ASN1_MALLOC_FAILED</a> );</div> <div class="line"><a name="l00368"></a><span class="lineno"> 368</span> </div> <div class="line"><a name="l00369"></a><span class="lineno"> 369</span>  memset( cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a>, 0, <span class="keyword">sizeof</span>( <a class="code" href="struct__asn1__sequence.html">asn1_sequence</a> ) );</div> <div class="line"><a name="l00370"></a><span class="lineno"> 370</span>  cur = cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a>;</div> <div class="line"><a name="l00371"></a><span class="lineno"> 371</span>  }</div> <div class="line"><a name="l00372"></a><span class="lineno"> 372</span> </div> <div class="line"><a name="l00373"></a><span class="lineno"> 373</span>  buf = &(cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>);</div> <div class="line"><a name="l00374"></a><span class="lineno"> 374</span>  buf-><a class="code" href="struct__asn1__buf.html#a15a91b2c0722fdcdec3b930ab2750261">tag</a> = tag;</div> <div class="line"><a name="l00375"></a><span class="lineno"> 375</span>  buf-><a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> = *p;</div> <div class="line"><a name="l00376"></a><span class="lineno"> 376</span>  buf-><a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> = tag_len;</div> <div class="line"><a name="l00377"></a><span class="lineno"> 377</span>  *p += buf-><a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a>;</div> <div class="line"><a name="l00378"></a><span class="lineno"> 378</span>  }</div> <div class="line"><a name="l00379"></a><span class="lineno"> 379</span> </div> <div class="line"><a name="l00380"></a><span class="lineno"> 380</span>  <span class="comment">/* Set final sequence entry's next pointer to NULL */</span></div> <div class="line"><a name="l00381"></a><span class="lineno"> 381</span>  cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a> = NULL;</div> <div class="line"><a name="l00382"></a><span class="lineno"> 382</span> </div> <div class="line"><a name="l00383"></a><span class="lineno"> 383</span>  <span class="keywordflow">if</span>( *p != end )</div> <div class="line"><a name="l00384"></a><span class="lineno"> 384</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00385"></a><span class="lineno"> 385</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00386"></a><span class="lineno"> 386</span> </div> <div class="line"><a name="l00387"></a><span class="lineno"> 387</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00388"></a><span class="lineno"> 388</span> }</div> <div class="line"><a name="l00389"></a><span class="lineno"> 389</span> </div> <div class="line"><a name="l00390"></a><span class="lineno"> 390</span> <span class="comment">/*</span></div> <div class="line"><a name="l00391"></a><span class="lineno"> 391</span> <span class="comment"> * X.509 v3 extensions</span></div> <div class="line"><a name="l00392"></a><span class="lineno"> 392</span> <span class="comment"> *</span></div> <div class="line"><a name="l00393"></a><span class="lineno"> 393</span> <span class="comment"> * TODO: Perform all of the basic constraints tests required by the RFC</span></div> <div class="line"><a name="l00394"></a><span class="lineno"> 394</span> <span class="comment"> * TODO: Set values for undetected extensions to a sane default?</span></div> <div class="line"><a name="l00395"></a><span class="lineno"> 395</span> <span class="comment"> *</span></div> <div class="line"><a name="l00396"></a><span class="lineno"> 396</span> <span class="comment"> */</span></div> <div class="line"><a name="l00397"></a><span class="lineno"> 397</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_get_crt_ext( <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> **p,</div> <div class="line"><a name="l00398"></a><span class="lineno"> 398</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end,</div> <div class="line"><a name="l00399"></a><span class="lineno"> 399</span>  <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt )</div> <div class="line"><a name="l00400"></a><span class="lineno"> 400</span> {</div> <div class="line"><a name="l00401"></a><span class="lineno"> 401</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00402"></a><span class="lineno"> 402</span>  <span class="keywordtype">size_t</span> len;</div> <div class="line"><a name="l00403"></a><span class="lineno"> 403</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *end_ext_data, *end_ext_octet;</div> <div class="line"><a name="l00404"></a><span class="lineno"> 404</span> </div> <div class="line"><a name="l00405"></a><span class="lineno"> 405</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="x509_8h.html#a883f07d87bb5745b334dce6018828536">x509_get_ext</a>( p, end, &crt-><a class="code" href="struct__x509__crt.html#a1308156c29933fc016e4848b10ca78de">v3_ext</a>, 3 ) ) != 0 )</div> <div class="line"><a name="l00406"></a><span class="lineno"> 406</span>  {</div> <div class="line"><a name="l00407"></a><span class="lineno"> 407</span>  <span class="keywordflow">if</span>( ret == <a class="code" href="group__asn1__module.html#ga171798e67a7a1024ab5e1c12c73f0537">POLARSSL_ERR_ASN1_UNEXPECTED_TAG</a> )</div> <div class="line"><a name="l00408"></a><span class="lineno"> 408</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00409"></a><span class="lineno"> 409</span> </div> <div class="line"><a name="l00410"></a><span class="lineno"> 410</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00411"></a><span class="lineno"> 411</span>  }</div> <div class="line"><a name="l00412"></a><span class="lineno"> 412</span> </div> <div class="line"><a name="l00413"></a><span class="lineno"> 413</span>  <span class="keywordflow">while</span>( *p < end )</div> <div class="line"><a name="l00414"></a><span class="lineno"> 414</span>  {</div> <div class="line"><a name="l00415"></a><span class="lineno"> 415</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00416"></a><span class="lineno"> 416</span> <span class="comment"> * Extension ::= SEQUENCE {</span></div> <div class="line"><a name="l00417"></a><span class="lineno"> 417</span> <span class="comment"> * extnID OBJECT IDENTIFIER,</span></div> <div class="line"><a name="l00418"></a><span class="lineno"> 418</span> <span class="comment"> * critical BOOLEAN DEFAULT FALSE,</span></div> <div class="line"><a name="l00419"></a><span class="lineno"> 419</span> <span class="comment"> * extnValue OCTET STRING }</span></div> <div class="line"><a name="l00420"></a><span class="lineno"> 420</span> <span class="comment"> */</span></div> <div class="line"><a name="l00421"></a><span class="lineno"> 421</span>  <a class="code" href="struct__asn1__buf.html">x509_buf</a> extn_oid = {0, 0, NULL};</div> <div class="line"><a name="l00422"></a><span class="lineno"> 422</span>  <span class="keywordtype">int</span> is_critical = 0; <span class="comment">/* DEFAULT FALSE */</span></div> <div class="line"><a name="l00423"></a><span class="lineno"> 423</span>  <span class="keywordtype">int</span> ext_type = 0;</div> <div class="line"><a name="l00424"></a><span class="lineno"> 424</span> </div> <div class="line"><a name="l00425"></a><span class="lineno"> 425</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( p, end, &len,</div> <div class="line"><a name="l00426"></a><span class="lineno"> 426</span>  <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | <a class="code" href="group__asn1__module.html#ga9321fc9f2a5ef4103008fbe5c4b230df">ASN1_SEQUENCE</a> ) ) != 0 )</div> <div class="line"><a name="l00427"></a><span class="lineno"> 427</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00428"></a><span class="lineno"> 428</span> </div> <div class="line"><a name="l00429"></a><span class="lineno"> 429</span>  end_ext_data = *p + len;</div> <div class="line"><a name="l00430"></a><span class="lineno"> 430</span> </div> <div class="line"><a name="l00431"></a><span class="lineno"> 431</span>  <span class="comment">/* Get extension ID */</span></div> <div class="line"><a name="l00432"></a><span class="lineno"> 432</span>  extn_oid.<a class="code" href="struct__asn1__buf.html#a15a91b2c0722fdcdec3b930ab2750261">tag</a> = **p;</div> <div class="line"><a name="l00433"></a><span class="lineno"> 433</span> </div> <div class="line"><a name="l00434"></a><span class="lineno"> 434</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( p, end, &extn_oid.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a>, <a class="code" href="group__asn1__module.html#ga3fef844d0ea67080b66b3a4d5f0a9ec8">ASN1_OID</a> ) ) != 0 )</div> <div class="line"><a name="l00435"></a><span class="lineno"> 435</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00436"></a><span class="lineno"> 436</span> </div> <div class="line"><a name="l00437"></a><span class="lineno"> 437</span>  extn_oid.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> = *p;</div> <div class="line"><a name="l00438"></a><span class="lineno"> 438</span>  *p += extn_oid.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a>;</div> <div class="line"><a name="l00439"></a><span class="lineno"> 439</span> </div> <div class="line"><a name="l00440"></a><span class="lineno"> 440</span>  <span class="keywordflow">if</span>( ( end - *p ) < 1 )</div> <div class="line"><a name="l00441"></a><span class="lineno"> 441</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00442"></a><span class="lineno"> 442</span>  <a class="code" href="group__asn1__module.html#ga0274145c2843f1d22cf7ca9b7ed37bab">POLARSSL_ERR_ASN1_OUT_OF_DATA</a> );</div> <div class="line"><a name="l00443"></a><span class="lineno"> 443</span> </div> <div class="line"><a name="l00444"></a><span class="lineno"> 444</span>  <span class="comment">/* Get optional critical */</span></div> <div class="line"><a name="l00445"></a><span class="lineno"> 445</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#a099cac848d0bbdc60dd440153e794a1c">asn1_get_bool</a>( p, end_ext_data, &is_critical ) ) != 0 &&</div> <div class="line"><a name="l00446"></a><span class="lineno"> 446</span>  ( ret != <a class="code" href="group__asn1__module.html#ga171798e67a7a1024ab5e1c12c73f0537">POLARSSL_ERR_ASN1_UNEXPECTED_TAG</a> ) )</div> <div class="line"><a name="l00447"></a><span class="lineno"> 447</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00448"></a><span class="lineno"> 448</span> </div> <div class="line"><a name="l00449"></a><span class="lineno"> 449</span>  <span class="comment">/* Data should be octet string type */</span></div> <div class="line"><a name="l00450"></a><span class="lineno"> 450</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( p, end_ext_data, &len,</div> <div class="line"><a name="l00451"></a><span class="lineno"> 451</span>  <a class="code" href="group__asn1__module.html#gae251e2c2d40228a89468f3f939a18585">ASN1_OCTET_STRING</a> ) ) != 0 )</div> <div class="line"><a name="l00452"></a><span class="lineno"> 452</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> + ret );</div> <div class="line"><a name="l00453"></a><span class="lineno"> 453</span> </div> <div class="line"><a name="l00454"></a><span class="lineno"> 454</span>  end_ext_octet = *p + len;</div> <div class="line"><a name="l00455"></a><span class="lineno"> 455</span> </div> <div class="line"><a name="l00456"></a><span class="lineno"> 456</span>  <span class="keywordflow">if</span>( end_ext_octet != end_ext_data )</div> <div class="line"><a name="l00457"></a><span class="lineno"> 457</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00458"></a><span class="lineno"> 458</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00459"></a><span class="lineno"> 459</span> </div> <div class="line"><a name="l00460"></a><span class="lineno"> 460</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00461"></a><span class="lineno"> 461</span> <span class="comment"> * Detect supported extensions</span></div> <div class="line"><a name="l00462"></a><span class="lineno"> 462</span> <span class="comment"> */</span></div> <div class="line"><a name="l00463"></a><span class="lineno"> 463</span>  ret = <a class="code" href="oid_8h.html#af297567147812e85f74a06306ef49f1a">oid_get_x509_ext_type</a>( &extn_oid, &ext_type );</div> <div class="line"><a name="l00464"></a><span class="lineno"> 464</span> </div> <div class="line"><a name="l00465"></a><span class="lineno"> 465</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l00466"></a><span class="lineno"> 466</span>  {</div> <div class="line"><a name="l00467"></a><span class="lineno"> 467</span>  <span class="comment">/* No parser found, skip extension */</span></div> <div class="line"><a name="l00468"></a><span class="lineno"> 468</span>  *p = end_ext_octet;</div> <div class="line"><a name="l00469"></a><span class="lineno"> 469</span> </div> <div class="line"><a name="l00470"></a><span class="lineno"> 470</span> <span class="preprocessor">#if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)</span></div> <div class="line"><a name="l00471"></a><span class="lineno"> 471</span> <span class="preprocessor"></span> <span class="keywordflow">if</span>( is_critical )</div> <div class="line"><a name="l00472"></a><span class="lineno"> 472</span>  {</div> <div class="line"><a name="l00473"></a><span class="lineno"> 473</span>  <span class="comment">/* Data is marked as critical: fail */</span></div> <div class="line"><a name="l00474"></a><span class="lineno"> 474</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00475"></a><span class="lineno"> 475</span>  <a class="code" href="group__asn1__module.html#ga171798e67a7a1024ab5e1c12c73f0537">POLARSSL_ERR_ASN1_UNEXPECTED_TAG</a> );</div> <div class="line"><a name="l00476"></a><span class="lineno"> 476</span>  }</div> <div class="line"><a name="l00477"></a><span class="lineno"> 477</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00478"></a><span class="lineno"> 478</span> <span class="preprocessor"></span> <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l00479"></a><span class="lineno"> 479</span>  }</div> <div class="line"><a name="l00480"></a><span class="lineno"> 480</span> </div> <div class="line"><a name="l00481"></a><span class="lineno"> 481</span>  crt-><a class="code" href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">ext_types</a> |= ext_type;</div> <div class="line"><a name="l00482"></a><span class="lineno"> 482</span> </div> <div class="line"><a name="l00483"></a><span class="lineno"> 483</span>  <span class="keywordflow">switch</span>( ext_type )</div> <div class="line"><a name="l00484"></a><span class="lineno"> 484</span>  {</div> <div class="line"><a name="l00485"></a><span class="lineno"> 485</span>  <span class="keywordflow">case</span> <a class="code" href="x509_8h.html#a7813d9ed1f4ee1f122782d31f459d989">EXT_BASIC_CONSTRAINTS</a>:</div> <div class="line"><a name="l00486"></a><span class="lineno"> 486</span>  <span class="comment">/* Parse basic constraints */</span></div> <div class="line"><a name="l00487"></a><span class="lineno"> 487</span>  <span class="keywordflow">if</span>( ( ret = x509_get_basic_constraints( p, end_ext_octet,</div> <div class="line"><a name="l00488"></a><span class="lineno"> 488</span>  &crt-><a class="code" href="struct__x509__crt.html#aaadc9927dbde5bbb5f5659a926c4699b">ca_istrue</a>, &crt-><a class="code" href="struct__x509__crt.html#a03e290fdd84042c87f3fdb1f67175679">max_pathlen</a> ) ) != 0 )</div> <div class="line"><a name="l00489"></a><span class="lineno"> 489</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00490"></a><span class="lineno"> 490</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l00491"></a><span class="lineno"> 491</span> </div> <div class="line"><a name="l00492"></a><span class="lineno"> 492</span>  <span class="keywordflow">case</span> <a class="code" href="x509_8h.html#ac59433ad6f1280708a8409937133d4c1">EXT_KEY_USAGE</a>:</div> <div class="line"><a name="l00493"></a><span class="lineno"> 493</span>  <span class="comment">/* Parse key usage */</span></div> <div class="line"><a name="l00494"></a><span class="lineno"> 494</span>  <span class="keywordflow">if</span>( ( ret = x509_get_key_usage( p, end_ext_octet,</div> <div class="line"><a name="l00495"></a><span class="lineno"> 495</span>  &crt-><a class="code" href="struct__x509__crt.html#a4b931af913d6313b1ee5b709eb8e3a7f">key_usage</a> ) ) != 0 )</div> <div class="line"><a name="l00496"></a><span class="lineno"> 496</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00497"></a><span class="lineno"> 497</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l00498"></a><span class="lineno"> 498</span> </div> <div class="line"><a name="l00499"></a><span class="lineno"> 499</span>  <span class="keywordflow">case</span> <a class="code" href="x509_8h.html#a97bef6a8c3abaf7755b95d997f9af98e">EXT_EXTENDED_KEY_USAGE</a>:</div> <div class="line"><a name="l00500"></a><span class="lineno"> 500</span>  <span class="comment">/* Parse extended key usage */</span></div> <div class="line"><a name="l00501"></a><span class="lineno"> 501</span>  <span class="keywordflow">if</span>( ( ret = x509_get_ext_key_usage( p, end_ext_octet,</div> <div class="line"><a name="l00502"></a><span class="lineno"> 502</span>  &crt-><a class="code" href="struct__x509__crt.html#ae97d80b0f4a8c36bae7424c07a492c39">ext_key_usage</a> ) ) != 0 )</div> <div class="line"><a name="l00503"></a><span class="lineno"> 503</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00504"></a><span class="lineno"> 504</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l00505"></a><span class="lineno"> 505</span> </div> <div class="line"><a name="l00506"></a><span class="lineno"> 506</span>  <span class="keywordflow">case</span> <a class="code" href="x509_8h.html#aa86a67d1a8363fd5bbdaba523163a269">EXT_SUBJECT_ALT_NAME</a>:</div> <div class="line"><a name="l00507"></a><span class="lineno"> 507</span>  <span class="comment">/* Parse subject alt name */</span></div> <div class="line"><a name="l00508"></a><span class="lineno"> 508</span>  <span class="keywordflow">if</span>( ( ret = x509_get_subject_alt_name( p, end_ext_octet,</div> <div class="line"><a name="l00509"></a><span class="lineno"> 509</span>  &crt-><a class="code" href="struct__x509__crt.html#af96ed7e509440ffce0cbf87735afa4b9">subject_alt_names</a> ) ) != 0 )</div> <div class="line"><a name="l00510"></a><span class="lineno"> 510</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00511"></a><span class="lineno"> 511</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l00512"></a><span class="lineno"> 512</span> </div> <div class="line"><a name="l00513"></a><span class="lineno"> 513</span>  <span class="keywordflow">case</span> <a class="code" href="x509_8h.html#ab82dcddf27656a1bc2efacc9589838db">EXT_NS_CERT_TYPE</a>:</div> <div class="line"><a name="l00514"></a><span class="lineno"> 514</span>  <span class="comment">/* Parse netscape certificate type */</span></div> <div class="line"><a name="l00515"></a><span class="lineno"> 515</span>  <span class="keywordflow">if</span>( ( ret = x509_get_ns_cert_type( p, end_ext_octet,</div> <div class="line"><a name="l00516"></a><span class="lineno"> 516</span>  &crt-><a class="code" href="struct__x509__crt.html#a6702ec42d12762793f79f18cd1697e7a">ns_cert_type</a> ) ) != 0 )</div> <div class="line"><a name="l00517"></a><span class="lineno"> 517</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00518"></a><span class="lineno"> 518</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l00519"></a><span class="lineno"> 519</span> </div> <div class="line"><a name="l00520"></a><span class="lineno"> 520</span>  <span class="keywordflow">default</span>:</div> <div class="line"><a name="l00521"></a><span class="lineno"> 521</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaa1ff85472d1f06bac7aadef70dbc404f">POLARSSL_ERR_X509_FEATURE_UNAVAILABLE</a> );</div> <div class="line"><a name="l00522"></a><span class="lineno"> 522</span>  }</div> <div class="line"><a name="l00523"></a><span class="lineno"> 523</span>  }</div> <div class="line"><a name="l00524"></a><span class="lineno"> 524</span> </div> <div class="line"><a name="l00525"></a><span class="lineno"> 525</span>  <span class="keywordflow">if</span>( *p != end )</div> <div class="line"><a name="l00526"></a><span class="lineno"> 526</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a> +</div> <div class="line"><a name="l00527"></a><span class="lineno"> 527</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00528"></a><span class="lineno"> 528</span> </div> <div class="line"><a name="l00529"></a><span class="lineno"> 529</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00530"></a><span class="lineno"> 530</span> }</div> <div class="line"><a name="l00531"></a><span class="lineno"> 531</span> </div> <div class="line"><a name="l00532"></a><span class="lineno"> 532</span> <span class="comment">/*</span></div> <div class="line"><a name="l00533"></a><span class="lineno"> 533</span> <span class="comment"> * Parse and fill a single X.509 certificate in DER format</span></div> <div class="line"><a name="l00534"></a><span class="lineno"> 534</span> <span class="comment"> */</span></div> <div class="line"><a name="l00535"></a><span class="lineno"> 535</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_crt_parse_der_core( <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt, <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *buf,</div> <div class="line"><a name="l00536"></a><span class="lineno"> 536</span>  <span class="keywordtype">size_t</span> buflen )</div> <div class="line"><a name="l00537"></a><span class="lineno"> 537</span> {</div> <div class="line"><a name="l00538"></a><span class="lineno"> 538</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00539"></a><span class="lineno"> 539</span>  <span class="keywordtype">size_t</span> len;</div> <div class="line"><a name="l00540"></a><span class="lineno"> 540</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *p, *end, *crt_end;</div> <div class="line"><a name="l00541"></a><span class="lineno"> 541</span>  <a class="code" href="struct__asn1__buf.html">x509_buf</a> sig_params1, sig_params2;</div> <div class="line"><a name="l00542"></a><span class="lineno"> 542</span> </div> <div class="line"><a name="l00543"></a><span class="lineno"> 543</span>  memset( &sig_params1, 0, <span class="keyword">sizeof</span>( <a class="code" href="struct__asn1__buf.html">x509_buf</a> ) );</div> <div class="line"><a name="l00544"></a><span class="lineno"> 544</span>  memset( &sig_params2, 0, <span class="keyword">sizeof</span>( <a class="code" href="struct__asn1__buf.html">x509_buf</a> ) );</div> <div class="line"><a name="l00545"></a><span class="lineno"> 545</span> </div> <div class="line"><a name="l00546"></a><span class="lineno"> 546</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00547"></a><span class="lineno"> 547</span> <span class="comment"> * Check for valid input</span></div> <div class="line"><a name="l00548"></a><span class="lineno"> 548</span> <span class="comment"> */</span></div> <div class="line"><a name="l00549"></a><span class="lineno"> 549</span>  <span class="keywordflow">if</span>( crt == NULL || buf == NULL )</div> <div class="line"><a name="l00550"></a><span class="lineno"> 550</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga59ea8fbabf8eae3f006824230bc27d6c">POLARSSL_ERR_X509_BAD_INPUT_DATA</a> );</div> <div class="line"><a name="l00551"></a><span class="lineno"> 551</span> </div> <div class="line"><a name="l00552"></a><span class="lineno"> 552</span>  p = (<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *) <a class="code" href="test__suite__aes_8cbc_8c.html#a2a0cfb9e59f28e2a1a5fd1880fb20d4b">polarssl_malloc</a>( len = buflen );</div> <div class="line"><a name="l00553"></a><span class="lineno"> 553</span> </div> <div class="line"><a name="l00554"></a><span class="lineno"> 554</span>  <span class="keywordflow">if</span>( p == NULL )</div> <div class="line"><a name="l00555"></a><span class="lineno"> 555</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga60a90a6a7f6ee7a23c186d6870d8e4c8">POLARSSL_ERR_X509_MALLOC_FAILED</a> );</div> <div class="line"><a name="l00556"></a><span class="lineno"> 556</span> </div> <div class="line"><a name="l00557"></a><span class="lineno"> 557</span>  memcpy( p, buf, buflen );</div> <div class="line"><a name="l00558"></a><span class="lineno"> 558</span> </div> <div class="line"><a name="l00559"></a><span class="lineno"> 559</span>  crt-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> = p;</div> <div class="line"><a name="l00560"></a><span class="lineno"> 560</span>  crt-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> = len;</div> <div class="line"><a name="l00561"></a><span class="lineno"> 561</span>  end = p + len;</div> <div class="line"><a name="l00562"></a><span class="lineno"> 562</span> </div> <div class="line"><a name="l00563"></a><span class="lineno"> 563</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00564"></a><span class="lineno"> 564</span> <span class="comment"> * Certificate ::= SEQUENCE {</span></div> <div class="line"><a name="l00565"></a><span class="lineno"> 565</span> <span class="comment"> * tbsCertificate TBSCertificate,</span></div> <div class="line"><a name="l00566"></a><span class="lineno"> 566</span> <span class="comment"> * signatureAlgorithm AlgorithmIdentifier,</span></div> <div class="line"><a name="l00567"></a><span class="lineno"> 567</span> <span class="comment"> * signatureValue BIT STRING }</span></div> <div class="line"><a name="l00568"></a><span class="lineno"> 568</span> <span class="comment"> */</span></div> <div class="line"><a name="l00569"></a><span class="lineno"> 569</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( &p, end, &len,</div> <div class="line"><a name="l00570"></a><span class="lineno"> 570</span>  <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | <a class="code" href="group__asn1__module.html#ga9321fc9f2a5ef4103008fbe5c4b230df">ASN1_SEQUENCE</a> ) ) != 0 )</div> <div class="line"><a name="l00571"></a><span class="lineno"> 571</span>  {</div> <div class="line"><a name="l00572"></a><span class="lineno"> 572</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00573"></a><span class="lineno"> 573</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gabbb0baf5d3e9281b059e3177138f4eaf">POLARSSL_ERR_X509_INVALID_FORMAT</a> );</div> <div class="line"><a name="l00574"></a><span class="lineno"> 574</span>  }</div> <div class="line"><a name="l00575"></a><span class="lineno"> 575</span> </div> <div class="line"><a name="l00576"></a><span class="lineno"> 576</span>  <span class="keywordflow">if</span>( len > (<span class="keywordtype">size_t</span>) ( end - p ) )</div> <div class="line"><a name="l00577"></a><span class="lineno"> 577</span>  {</div> <div class="line"><a name="l00578"></a><span class="lineno"> 578</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00579"></a><span class="lineno"> 579</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gabbb0baf5d3e9281b059e3177138f4eaf">POLARSSL_ERR_X509_INVALID_FORMAT</a> +</div> <div class="line"><a name="l00580"></a><span class="lineno"> 580</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00581"></a><span class="lineno"> 581</span>  }</div> <div class="line"><a name="l00582"></a><span class="lineno"> 582</span>  crt_end = p + len;</div> <div class="line"><a name="l00583"></a><span class="lineno"> 583</span> </div> <div class="line"><a name="l00584"></a><span class="lineno"> 584</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00585"></a><span class="lineno"> 585</span> <span class="comment"> * TBSCertificate ::= SEQUENCE {</span></div> <div class="line"><a name="l00586"></a><span class="lineno"> 586</span> <span class="comment"> */</span></div> <div class="line"><a name="l00587"></a><span class="lineno"> 587</span>  crt-><a class="code" href="struct__x509__crt.html#aa3e2e8dba6eedabdac8a59711f466925">tbs</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> = p;</div> <div class="line"><a name="l00588"></a><span class="lineno"> 588</span> </div> <div class="line"><a name="l00589"></a><span class="lineno"> 589</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( &p, end, &len,</div> <div class="line"><a name="l00590"></a><span class="lineno"> 590</span>  <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | <a class="code" href="group__asn1__module.html#ga9321fc9f2a5ef4103008fbe5c4b230df">ASN1_SEQUENCE</a> ) ) != 0 )</div> <div class="line"><a name="l00591"></a><span class="lineno"> 591</span>  {</div> <div class="line"><a name="l00592"></a><span class="lineno"> 592</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00593"></a><span class="lineno"> 593</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gabbb0baf5d3e9281b059e3177138f4eaf">POLARSSL_ERR_X509_INVALID_FORMAT</a> + ret );</div> <div class="line"><a name="l00594"></a><span class="lineno"> 594</span>  }</div> <div class="line"><a name="l00595"></a><span class="lineno"> 595</span> </div> <div class="line"><a name="l00596"></a><span class="lineno"> 596</span>  end = p + len;</div> <div class="line"><a name="l00597"></a><span class="lineno"> 597</span>  crt-><a class="code" href="struct__x509__crt.html#aa3e2e8dba6eedabdac8a59711f466925">tbs</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> = end - crt-><a class="code" href="struct__x509__crt.html#aa3e2e8dba6eedabdac8a59711f466925">tbs</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>;</div> <div class="line"><a name="l00598"></a><span class="lineno"> 598</span> </div> <div class="line"><a name="l00599"></a><span class="lineno"> 599</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00600"></a><span class="lineno"> 600</span> <span class="comment"> * Version ::= INTEGER { v1(0), v2(1), v3(2) }</span></div> <div class="line"><a name="l00601"></a><span class="lineno"> 601</span> <span class="comment"> *</span></div> <div class="line"><a name="l00602"></a><span class="lineno"> 602</span> <span class="comment"> * CertificateSerialNumber ::= INTEGER</span></div> <div class="line"><a name="l00603"></a><span class="lineno"> 603</span> <span class="comment"> *</span></div> <div class="line"><a name="l00604"></a><span class="lineno"> 604</span> <span class="comment"> * signature AlgorithmIdentifier</span></div> <div class="line"><a name="l00605"></a><span class="lineno"> 605</span> <span class="comment"> */</span></div> <div class="line"><a name="l00606"></a><span class="lineno"> 606</span>  <span class="keywordflow">if</span>( ( ret = x509_get_version( &p, end, &crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> ) ) != 0 ||</div> <div class="line"><a name="l00607"></a><span class="lineno"> 607</span>  ( ret = <a class="code" href="x509_8h.html#af42889af2745403af6f110aef5e4c1aa">x509_get_serial</a>( &p, end, &crt-><a class="code" href="struct__x509__crt.html#a43b8188727039be4f27d17817b3c73ad">serial</a> ) ) != 0 ||</div> <div class="line"><a name="l00608"></a><span class="lineno"> 608</span>  ( ret = <a class="code" href="x509_8h.html#a159024a3c36c9088b4af1437f937f4fe">x509_get_alg</a>( &p, end, &crt-><a class="code" href="struct__x509__crt.html#afec19cd95389ad573eadb39b7ab83e0f">sig_oid1</a>,</div> <div class="line"><a name="l00609"></a><span class="lineno"> 609</span>  &sig_params1 ) ) != 0 )</div> <div class="line"><a name="l00610"></a><span class="lineno"> 610</span>  {</div> <div class="line"><a name="l00611"></a><span class="lineno"> 611</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00612"></a><span class="lineno"> 612</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00613"></a><span class="lineno"> 613</span>  }</div> <div class="line"><a name="l00614"></a><span class="lineno"> 614</span> </div> <div class="line"><a name="l00615"></a><span class="lineno"> 615</span>  crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a>++;</div> <div class="line"><a name="l00616"></a><span class="lineno"> 616</span> </div> <div class="line"><a name="l00617"></a><span class="lineno"> 617</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> > 3 )</div> <div class="line"><a name="l00618"></a><span class="lineno"> 618</span>  {</div> <div class="line"><a name="l00619"></a><span class="lineno"> 619</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00620"></a><span class="lineno"> 620</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga04dc192b55781ef24910bd1dfa53e6f3">POLARSSL_ERR_X509_UNKNOWN_VERSION</a> );</div> <div class="line"><a name="l00621"></a><span class="lineno"> 621</span>  }</div> <div class="line"><a name="l00622"></a><span class="lineno"> 622</span> </div> <div class="line"><a name="l00623"></a><span class="lineno"> 623</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="x509_8h.html#acb386c6cbfb8bd9160b34ad6a0430a87">x509_get_sig_alg</a>( &crt-><a class="code" href="struct__x509__crt.html#afec19cd95389ad573eadb39b7ab83e0f">sig_oid1</a>, &sig_params1,</div> <div class="line"><a name="l00624"></a><span class="lineno"> 624</span>  &crt-><a class="code" href="struct__x509__crt.html#a78d84128bb696cbe73587fd855ce1254">sig_md</a>, &crt-><a class="code" href="struct__x509__crt.html#a3a7645927022ef6460a93586c88945e3">sig_pk</a>,</div> <div class="line"><a name="l00625"></a><span class="lineno"> 625</span>  &crt-><a class="code" href="struct__x509__crt.html#a40a7d7d028348b4add2f43378ba93ade">sig_opts</a> ) ) != 0 )</div> <div class="line"><a name="l00626"></a><span class="lineno"> 626</span>  {</div> <div class="line"><a name="l00627"></a><span class="lineno"> 627</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00628"></a><span class="lineno"> 628</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00629"></a><span class="lineno"> 629</span>  }</div> <div class="line"><a name="l00630"></a><span class="lineno"> 630</span> </div> <div class="line"><a name="l00631"></a><span class="lineno"> 631</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00632"></a><span class="lineno"> 632</span> <span class="comment"> * issuer Name</span></div> <div class="line"><a name="l00633"></a><span class="lineno"> 633</span> <span class="comment"> */</span></div> <div class="line"><a name="l00634"></a><span class="lineno"> 634</span>  crt-><a class="code" href="struct__x509__crt.html#af204d5c32f4b72b959feec1d249459da">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> = p;</div> <div class="line"><a name="l00635"></a><span class="lineno"> 635</span> </div> <div class="line"><a name="l00636"></a><span class="lineno"> 636</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( &p, end, &len,</div> <div class="line"><a name="l00637"></a><span class="lineno"> 637</span>  <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | <a class="code" href="group__asn1__module.html#ga9321fc9f2a5ef4103008fbe5c4b230df">ASN1_SEQUENCE</a> ) ) != 0 )</div> <div class="line"><a name="l00638"></a><span class="lineno"> 638</span>  {</div> <div class="line"><a name="l00639"></a><span class="lineno"> 639</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00640"></a><span class="lineno"> 640</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gabbb0baf5d3e9281b059e3177138f4eaf">POLARSSL_ERR_X509_INVALID_FORMAT</a> + ret );</div> <div class="line"><a name="l00641"></a><span class="lineno"> 641</span>  }</div> <div class="line"><a name="l00642"></a><span class="lineno"> 642</span> </div> <div class="line"><a name="l00643"></a><span class="lineno"> 643</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="x509_8h.html#adda289450390e9ed0090e7c0ec6fa299">x509_get_name</a>( &p, p + len, &crt-><a class="code" href="struct__x509__crt.html#a06648e31fe4adffdca0995568ce6aab9">issuer</a> ) ) != 0 )</div> <div class="line"><a name="l00644"></a><span class="lineno"> 644</span>  {</div> <div class="line"><a name="l00645"></a><span class="lineno"> 645</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00646"></a><span class="lineno"> 646</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00647"></a><span class="lineno"> 647</span>  }</div> <div class="line"><a name="l00648"></a><span class="lineno"> 648</span> </div> <div class="line"><a name="l00649"></a><span class="lineno"> 649</span>  crt-><a class="code" href="struct__x509__crt.html#af204d5c32f4b72b959feec1d249459da">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> = p - crt-><a class="code" href="struct__x509__crt.html#af204d5c32f4b72b959feec1d249459da">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>;</div> <div class="line"><a name="l00650"></a><span class="lineno"> 650</span> </div> <div class="line"><a name="l00651"></a><span class="lineno"> 651</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00652"></a><span class="lineno"> 652</span> <span class="comment"> * Validity ::= SEQUENCE {</span></div> <div class="line"><a name="l00653"></a><span class="lineno"> 653</span> <span class="comment"> * notBefore Time,</span></div> <div class="line"><a name="l00654"></a><span class="lineno"> 654</span> <span class="comment"> * notAfter Time }</span></div> <div class="line"><a name="l00655"></a><span class="lineno"> 655</span> <span class="comment"> *</span></div> <div class="line"><a name="l00656"></a><span class="lineno"> 656</span> <span class="comment"> */</span></div> <div class="line"><a name="l00657"></a><span class="lineno"> 657</span>  <span class="keywordflow">if</span>( ( ret = x509_get_dates( &p, end, &crt-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a>,</div> <div class="line"><a name="l00658"></a><span class="lineno"> 658</span>  &crt-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a> ) ) != 0 )</div> <div class="line"><a name="l00659"></a><span class="lineno"> 659</span>  {</div> <div class="line"><a name="l00660"></a><span class="lineno"> 660</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00661"></a><span class="lineno"> 661</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00662"></a><span class="lineno"> 662</span>  }</div> <div class="line"><a name="l00663"></a><span class="lineno"> 663</span> </div> <div class="line"><a name="l00664"></a><span class="lineno"> 664</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00665"></a><span class="lineno"> 665</span> <span class="comment"> * subject Name</span></div> <div class="line"><a name="l00666"></a><span class="lineno"> 666</span> <span class="comment"> */</span></div> <div class="line"><a name="l00667"></a><span class="lineno"> 667</span>  crt-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> = p;</div> <div class="line"><a name="l00668"></a><span class="lineno"> 668</span> </div> <div class="line"><a name="l00669"></a><span class="lineno"> 669</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a>( &p, end, &len,</div> <div class="line"><a name="l00670"></a><span class="lineno"> 670</span>  <a class="code" href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a> | <a class="code" href="group__asn1__module.html#ga9321fc9f2a5ef4103008fbe5c4b230df">ASN1_SEQUENCE</a> ) ) != 0 )</div> <div class="line"><a name="l00671"></a><span class="lineno"> 671</span>  {</div> <div class="line"><a name="l00672"></a><span class="lineno"> 672</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00673"></a><span class="lineno"> 673</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gabbb0baf5d3e9281b059e3177138f4eaf">POLARSSL_ERR_X509_INVALID_FORMAT</a> + ret );</div> <div class="line"><a name="l00674"></a><span class="lineno"> 674</span>  }</div> <div class="line"><a name="l00675"></a><span class="lineno"> 675</span> </div> <div class="line"><a name="l00676"></a><span class="lineno"> 676</span>  <span class="keywordflow">if</span>( len && ( ret = <a class="code" href="x509_8h.html#adda289450390e9ed0090e7c0ec6fa299">x509_get_name</a>( &p, p + len, &crt-><a class="code" href="struct__x509__crt.html#aaa20d3625961655031604d587d40ad9f">subject</a> ) ) != 0 )</div> <div class="line"><a name="l00677"></a><span class="lineno"> 677</span>  {</div> <div class="line"><a name="l00678"></a><span class="lineno"> 678</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00679"></a><span class="lineno"> 679</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00680"></a><span class="lineno"> 680</span>  }</div> <div class="line"><a name="l00681"></a><span class="lineno"> 681</span> </div> <div class="line"><a name="l00682"></a><span class="lineno"> 682</span>  crt-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> = p - crt-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>;</div> <div class="line"><a name="l00683"></a><span class="lineno"> 683</span> </div> <div class="line"><a name="l00684"></a><span class="lineno"> 684</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00685"></a><span class="lineno"> 685</span> <span class="comment"> * SubjectPublicKeyInfo</span></div> <div class="line"><a name="l00686"></a><span class="lineno"> 686</span> <span class="comment"> */</span></div> <div class="line"><a name="l00687"></a><span class="lineno"> 687</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="pk_8h.html#a8601c6b94a0baaa878cddf8b251d229d">pk_parse_subpubkey</a>( &p, end, &crt-><a class="code" href="struct__x509__crt.html#a25d579cf750491647545181f6a859668">pk</a> ) ) != 0 )</div> <div class="line"><a name="l00688"></a><span class="lineno"> 688</span>  {</div> <div class="line"><a name="l00689"></a><span class="lineno"> 689</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00690"></a><span class="lineno"> 690</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00691"></a><span class="lineno"> 691</span>  }</div> <div class="line"><a name="l00692"></a><span class="lineno"> 692</span> </div> <div class="line"><a name="l00693"></a><span class="lineno"> 693</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00694"></a><span class="lineno"> 694</span> <span class="comment"> * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,</span></div> <div class="line"><a name="l00695"></a><span class="lineno"> 695</span> <span class="comment"> * -- If present, version shall be v2 or v3</span></div> <div class="line"><a name="l00696"></a><span class="lineno"> 696</span> <span class="comment"> * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,</span></div> <div class="line"><a name="l00697"></a><span class="lineno"> 697</span> <span class="comment"> * -- If present, version shall be v2 or v3</span></div> <div class="line"><a name="l00698"></a><span class="lineno"> 698</span> <span class="comment"> * extensions [3] EXPLICIT Extensions OPTIONAL</span></div> <div class="line"><a name="l00699"></a><span class="lineno"> 699</span> <span class="comment"> * -- If present, version shall be v3</span></div> <div class="line"><a name="l00700"></a><span class="lineno"> 700</span> <span class="comment"> */</span></div> <div class="line"><a name="l00701"></a><span class="lineno"> 701</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> == 2 || crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> == 3 )</div> <div class="line"><a name="l00702"></a><span class="lineno"> 702</span>  {</div> <div class="line"><a name="l00703"></a><span class="lineno"> 703</span>  ret = x509_get_uid( &p, end, &crt-><a class="code" href="struct__x509__crt.html#af0c0fa4b6a5febff1837802277442c40">issuer_id</a>, 1 );</div> <div class="line"><a name="l00704"></a><span class="lineno"> 704</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l00705"></a><span class="lineno"> 705</span>  {</div> <div class="line"><a name="l00706"></a><span class="lineno"> 706</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00707"></a><span class="lineno"> 707</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00708"></a><span class="lineno"> 708</span>  }</div> <div class="line"><a name="l00709"></a><span class="lineno"> 709</span>  }</div> <div class="line"><a name="l00710"></a><span class="lineno"> 710</span> </div> <div class="line"><a name="l00711"></a><span class="lineno"> 711</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> == 2 || crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> == 3 )</div> <div class="line"><a name="l00712"></a><span class="lineno"> 712</span>  {</div> <div class="line"><a name="l00713"></a><span class="lineno"> 713</span>  ret = x509_get_uid( &p, end, &crt-><a class="code" href="struct__x509__crt.html#a02b5906534bd0dd7d27e84215e885888">subject_id</a>, 2 );</div> <div class="line"><a name="l00714"></a><span class="lineno"> 714</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l00715"></a><span class="lineno"> 715</span>  {</div> <div class="line"><a name="l00716"></a><span class="lineno"> 716</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00717"></a><span class="lineno"> 717</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00718"></a><span class="lineno"> 718</span>  }</div> <div class="line"><a name="l00719"></a><span class="lineno"> 719</span>  }</div> <div class="line"><a name="l00720"></a><span class="lineno"> 720</span> </div> <div class="line"><a name="l00721"></a><span class="lineno"> 721</span> <span class="preprocessor">#if !defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)</span></div> <div class="line"><a name="l00722"></a><span class="lineno"> 722</span> <span class="preprocessor"></span> <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> == 3 )</div> <div class="line"><a name="l00723"></a><span class="lineno"> 723</span>  {</div> <div class="line"><a name="l00724"></a><span class="lineno"> 724</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00725"></a><span class="lineno"> 725</span> <span class="preprocessor"></span> ret = x509_get_crt_ext( &p, end, crt );</div> <div class="line"><a name="l00726"></a><span class="lineno"> 726</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l00727"></a><span class="lineno"> 727</span>  {</div> <div class="line"><a name="l00728"></a><span class="lineno"> 728</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00729"></a><span class="lineno"> 729</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00730"></a><span class="lineno"> 730</span>  }</div> <div class="line"><a name="l00731"></a><span class="lineno"> 731</span> <span class="preprocessor">#if !defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)</span></div> <div class="line"><a name="l00732"></a><span class="lineno"> 732</span> <span class="preprocessor"></span> }</div> <div class="line"><a name="l00733"></a><span class="lineno"> 733</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00734"></a><span class="lineno"> 734</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00735"></a><span class="lineno"> 735</span>  <span class="keywordflow">if</span>( p != end )</div> <div class="line"><a name="l00736"></a><span class="lineno"> 736</span>  {</div> <div class="line"><a name="l00737"></a><span class="lineno"> 737</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00738"></a><span class="lineno"> 738</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gabbb0baf5d3e9281b059e3177138f4eaf">POLARSSL_ERR_X509_INVALID_FORMAT</a> +</div> <div class="line"><a name="l00739"></a><span class="lineno"> 739</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00740"></a><span class="lineno"> 740</span>  }</div> <div class="line"><a name="l00741"></a><span class="lineno"> 741</span> </div> <div class="line"><a name="l00742"></a><span class="lineno"> 742</span>  end = crt_end;</div> <div class="line"><a name="l00743"></a><span class="lineno"> 743</span> </div> <div class="line"><a name="l00744"></a><span class="lineno"> 744</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00745"></a><span class="lineno"> 745</span> <span class="comment"> * }</span></div> <div class="line"><a name="l00746"></a><span class="lineno"> 746</span> <span class="comment"> * -- end of TBSCertificate</span></div> <div class="line"><a name="l00747"></a><span class="lineno"> 747</span> <span class="comment"> *</span></div> <div class="line"><a name="l00748"></a><span class="lineno"> 748</span> <span class="comment"> * signatureAlgorithm AlgorithmIdentifier,</span></div> <div class="line"><a name="l00749"></a><span class="lineno"> 749</span> <span class="comment"> * signatureValue BIT STRING</span></div> <div class="line"><a name="l00750"></a><span class="lineno"> 750</span> <span class="comment"> */</span></div> <div class="line"><a name="l00751"></a><span class="lineno"> 751</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="x509_8h.html#a159024a3c36c9088b4af1437f937f4fe">x509_get_alg</a>( &p, end, &crt-><a class="code" href="struct__x509__crt.html#adced3d7dd1364a295d7a1ac853487f4e">sig_oid2</a>, &sig_params2 ) ) != 0 )</div> <div class="line"><a name="l00752"></a><span class="lineno"> 752</span>  {</div> <div class="line"><a name="l00753"></a><span class="lineno"> 753</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00754"></a><span class="lineno"> 754</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00755"></a><span class="lineno"> 755</span>  }</div> <div class="line"><a name="l00756"></a><span class="lineno"> 756</span> </div> <div class="line"><a name="l00757"></a><span class="lineno"> 757</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#afec19cd95389ad573eadb39b7ab83e0f">sig_oid1</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> != crt-><a class="code" href="struct__x509__crt.html#adced3d7dd1364a295d7a1ac853487f4e">sig_oid2</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ||</div> <div class="line"><a name="l00758"></a><span class="lineno"> 758</span>  memcmp( crt-><a class="code" href="struct__x509__crt.html#afec19cd95389ad573eadb39b7ab83e0f">sig_oid1</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, crt-><a class="code" href="struct__x509__crt.html#adced3d7dd1364a295d7a1ac853487f4e">sig_oid2</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, crt-><a class="code" href="struct__x509__crt.html#afec19cd95389ad573eadb39b7ab83e0f">sig_oid1</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) != 0 ||</div> <div class="line"><a name="l00759"></a><span class="lineno"> 759</span>  sig_params1.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> != sig_params2.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ||</div> <div class="line"><a name="l00760"></a><span class="lineno"> 760</span>  memcmp( sig_params1.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, sig_params2.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, sig_params1.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) != 0 )</div> <div class="line"><a name="l00761"></a><span class="lineno"> 761</span>  {</div> <div class="line"><a name="l00762"></a><span class="lineno"> 762</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00763"></a><span class="lineno"> 763</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gac00b6c62043eca7ddf8809888961454b">POLARSSL_ERR_X509_SIG_MISMATCH</a> );</div> <div class="line"><a name="l00764"></a><span class="lineno"> 764</span>  }</div> <div class="line"><a name="l00765"></a><span class="lineno"> 765</span> </div> <div class="line"><a name="l00766"></a><span class="lineno"> 766</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="x509_8h.html#afef25b57c521744eb0edcb08e38521c5">x509_get_sig</a>( &p, end, &crt-><a class="code" href="struct__x509__crt.html#ac879cafb84baa4067fc5b267b04874a7">sig</a> ) ) != 0 )</div> <div class="line"><a name="l00767"></a><span class="lineno"> 767</span>  {</div> <div class="line"><a name="l00768"></a><span class="lineno"> 768</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00769"></a><span class="lineno"> 769</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00770"></a><span class="lineno"> 770</span>  }</div> <div class="line"><a name="l00771"></a><span class="lineno"> 771</span> </div> <div class="line"><a name="l00772"></a><span class="lineno"> 772</span>  <span class="keywordflow">if</span>( p != end )</div> <div class="line"><a name="l00773"></a><span class="lineno"> 773</span>  {</div> <div class="line"><a name="l00774"></a><span class="lineno"> 774</span>  <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( crt );</div> <div class="line"><a name="l00775"></a><span class="lineno"> 775</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#gabbb0baf5d3e9281b059e3177138f4eaf">POLARSSL_ERR_X509_INVALID_FORMAT</a> +</div> <div class="line"><a name="l00776"></a><span class="lineno"> 776</span>  <a class="code" href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a> );</div> <div class="line"><a name="l00777"></a><span class="lineno"> 777</span>  }</div> <div class="line"><a name="l00778"></a><span class="lineno"> 778</span> </div> <div class="line"><a name="l00779"></a><span class="lineno"> 779</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00780"></a><span class="lineno"> 780</span> }</div> <div class="line"><a name="l00781"></a><span class="lineno"> 781</span> </div> <div class="line"><a name="l00782"></a><span class="lineno"> 782</span> <span class="comment">/*</span></div> <div class="line"><a name="l00783"></a><span class="lineno"> 783</span> <span class="comment"> * Parse one X.509 certificate in DER format from a buffer and add them to a</span></div> <div class="line"><a name="l00784"></a><span class="lineno"> 784</span> <span class="comment"> * chained list</span></div> <div class="line"><a name="l00785"></a><span class="lineno"> 785</span> <span class="comment"> */</span></div> <div class="line"><a name="l00786"></a><span class="lineno"> 786</span> <span class="keywordtype">int</span> <a class="code" href="group__x509__module.html#ga2d8d1c87fa24f176a160041f11ad3c72">x509_crt_parse_der</a>( <a class="code" href="struct__x509__crt.html">x509_crt</a> *chain, <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *buf,</div> <div class="line"><a name="l00787"></a><span class="lineno"> 787</span>  <span class="keywordtype">size_t</span> buflen )</div> <div class="line"><a name="l00788"></a><span class="lineno"> 788</span> {</div> <div class="line"><a name="l00789"></a><span class="lineno"> 789</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00790"></a><span class="lineno"> 790</span>  <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt = chain, *prev = NULL;</div> <div class="line"><a name="l00791"></a><span class="lineno"> 791</span> </div> <div class="line"><a name="l00792"></a><span class="lineno"> 792</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00793"></a><span class="lineno"> 793</span> <span class="comment"> * Check for valid input</span></div> <div class="line"><a name="l00794"></a><span class="lineno"> 794</span> <span class="comment"> */</span></div> <div class="line"><a name="l00795"></a><span class="lineno"> 795</span>  <span class="keywordflow">if</span>( crt == NULL || buf == NULL )</div> <div class="line"><a name="l00796"></a><span class="lineno"> 796</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga59ea8fbabf8eae3f006824230bc27d6c">POLARSSL_ERR_X509_BAD_INPUT_DATA</a> );</div> <div class="line"><a name="l00797"></a><span class="lineno"> 797</span> </div> <div class="line"><a name="l00798"></a><span class="lineno"> 798</span>  <span class="keywordflow">while</span>( crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> != 0 && crt-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a> != NULL )</div> <div class="line"><a name="l00799"></a><span class="lineno"> 799</span>  {</div> <div class="line"><a name="l00800"></a><span class="lineno"> 800</span>  prev = crt;</div> <div class="line"><a name="l00801"></a><span class="lineno"> 801</span>  crt = crt-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a>;</div> <div class="line"><a name="l00802"></a><span class="lineno"> 802</span>  }</div> <div class="line"><a name="l00803"></a><span class="lineno"> 803</span> </div> <div class="line"><a name="l00804"></a><span class="lineno"> 804</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00805"></a><span class="lineno"> 805</span> <span class="comment"> * Add new certificate on the end of the chain if needed.</span></div> <div class="line"><a name="l00806"></a><span class="lineno"> 806</span> <span class="comment"> */</span></div> <div class="line"><a name="l00807"></a><span class="lineno"> 807</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> != 0 && crt-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a> == NULL )</div> <div class="line"><a name="l00808"></a><span class="lineno"> 808</span>  {</div> <div class="line"><a name="l00809"></a><span class="lineno"> 809</span>  crt-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a> = (<a class="code" href="struct__x509__crt.html">x509_crt</a> *) <a class="code" href="test__suite__aes_8cbc_8c.html#a2a0cfb9e59f28e2a1a5fd1880fb20d4b">polarssl_malloc</a>( <span class="keyword">sizeof</span>( <a class="code" href="struct__x509__crt.html">x509_crt</a> ) );</div> <div class="line"><a name="l00810"></a><span class="lineno"> 810</span> </div> <div class="line"><a name="l00811"></a><span class="lineno"> 811</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a> == NULL )</div> <div class="line"><a name="l00812"></a><span class="lineno"> 812</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga60a90a6a7f6ee7a23c186d6870d8e4c8">POLARSSL_ERR_X509_MALLOC_FAILED</a> );</div> <div class="line"><a name="l00813"></a><span class="lineno"> 813</span> </div> <div class="line"><a name="l00814"></a><span class="lineno"> 814</span>  prev = crt;</div> <div class="line"><a name="l00815"></a><span class="lineno"> 815</span>  crt = crt-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a>;</div> <div class="line"><a name="l00816"></a><span class="lineno"> 816</span>  <a class="code" href="group__x509__module.html#ga27ba872627e98561bd04b0fd3aca1297">x509_crt_init</a>( crt );</div> <div class="line"><a name="l00817"></a><span class="lineno"> 817</span>  }</div> <div class="line"><a name="l00818"></a><span class="lineno"> 818</span> </div> <div class="line"><a name="l00819"></a><span class="lineno"> 819</span>  <span class="keywordflow">if</span>( ( ret = x509_crt_parse_der_core( crt, buf, buflen ) ) != 0 )</div> <div class="line"><a name="l00820"></a><span class="lineno"> 820</span>  {</div> <div class="line"><a name="l00821"></a><span class="lineno"> 821</span>  <span class="keywordflow">if</span>( prev )</div> <div class="line"><a name="l00822"></a><span class="lineno"> 822</span>  prev->next = NULL;</div> <div class="line"><a name="l00823"></a><span class="lineno"> 823</span> </div> <div class="line"><a name="l00824"></a><span class="lineno"> 824</span>  <span class="keywordflow">if</span>( crt != chain )</div> <div class="line"><a name="l00825"></a><span class="lineno"> 825</span>  <a class="code" href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a>( crt );</div> <div class="line"><a name="l00826"></a><span class="lineno"> 826</span> </div> <div class="line"><a name="l00827"></a><span class="lineno"> 827</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00828"></a><span class="lineno"> 828</span>  }</div> <div class="line"><a name="l00829"></a><span class="lineno"> 829</span> </div> <div class="line"><a name="l00830"></a><span class="lineno"> 830</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l00831"></a><span class="lineno"> 831</span> }</div> <div class="line"><a name="l00832"></a><span class="lineno"> 832</span> </div> <div class="line"><a name="l00833"></a><span class="lineno"> 833</span> <span class="comment">/*</span></div> <div class="line"><a name="l00834"></a><span class="lineno"> 834</span> <span class="comment"> * Parse one or more PEM certificates from a buffer and add them to the chained</span></div> <div class="line"><a name="l00835"></a><span class="lineno"> 835</span> <span class="comment"> * list</span></div> <div class="line"><a name="l00836"></a><span class="lineno"> 836</span> <span class="comment"> */</span></div> <div class="line"><a name="l00837"></a><span class="lineno"> 837</span> <span class="keywordtype">int</span> <a class="code" href="group__x509__module.html#gafc724dee6827c47fed1eec64bb13727b">x509_crt_parse</a>( <a class="code" href="struct__x509__crt.html">x509_crt</a> *chain, <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *buf, <span class="keywordtype">size_t</span> buflen )</div> <div class="line"><a name="l00838"></a><span class="lineno"> 838</span> {</div> <div class="line"><a name="l00839"></a><span class="lineno"> 839</span>  <span class="keywordtype">int</span> success = 0, first_error = 0, total_failed = 0;</div> <div class="line"><a name="l00840"></a><span class="lineno"> 840</span>  <span class="keywordtype">int</span> buf_format = <a class="code" href="x509_8h.html#a6ca31be06f89a3f5c8abc93654460a77">X509_FORMAT_DER</a>;</div> <div class="line"><a name="l00841"></a><span class="lineno"> 841</span> </div> <div class="line"><a name="l00842"></a><span class="lineno"> 842</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00843"></a><span class="lineno"> 843</span> <span class="comment"> * Check for valid input</span></div> <div class="line"><a name="l00844"></a><span class="lineno"> 844</span> <span class="comment"> */</span></div> <div class="line"><a name="l00845"></a><span class="lineno"> 845</span>  <span class="keywordflow">if</span>( chain == NULL || buf == NULL )</div> <div class="line"><a name="l00846"></a><span class="lineno"> 846</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga59ea8fbabf8eae3f006824230bc27d6c">POLARSSL_ERR_X509_BAD_INPUT_DATA</a> );</div> <div class="line"><a name="l00847"></a><span class="lineno"> 847</span> </div> <div class="line"><a name="l00848"></a><span class="lineno"> 848</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00849"></a><span class="lineno"> 849</span> <span class="comment"> * Determine buffer content. Buffer contains either one DER certificate or</span></div> <div class="line"><a name="l00850"></a><span class="lineno"> 850</span> <span class="comment"> * one or more PEM certificates.</span></div> <div class="line"><a name="l00851"></a><span class="lineno"> 851</span> <span class="comment"> */</span></div> <div class="line"><a name="l00852"></a><span class="lineno"> 852</span> <span class="preprocessor">#if defined(POLARSSL_PEM_PARSE_C)</span></div> <div class="line"><a name="l00853"></a><span class="lineno"> 853</span> <span class="preprocessor"></span> <span class="keywordflow">if</span>( strstr( (<span class="keyword">const</span> <span class="keywordtype">char</span> *) buf, <span class="stringliteral">"-----BEGIN CERTIFICATE-----"</span> ) != NULL )</div> <div class="line"><a name="l00854"></a><span class="lineno"> 854</span>  buf_format = <a class="code" href="x509_8h.html#ae61b2a208043d2d1cfdfea019a15c59b">X509_FORMAT_PEM</a>;</div> <div class="line"><a name="l00855"></a><span class="lineno"> 855</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00856"></a><span class="lineno"> 856</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00857"></a><span class="lineno"> 857</span>  <span class="keywordflow">if</span>( buf_format == <a class="code" href="x509_8h.html#a6ca31be06f89a3f5c8abc93654460a77">X509_FORMAT_DER</a> )</div> <div class="line"><a name="l00858"></a><span class="lineno"> 858</span>  <span class="keywordflow">return</span> <a class="code" href="group__x509__module.html#ga2d8d1c87fa24f176a160041f11ad3c72">x509_crt_parse_der</a>( chain, buf, buflen );</div> <div class="line"><a name="l00859"></a><span class="lineno"> 859</span> </div> <div class="line"><a name="l00860"></a><span class="lineno"> 860</span> <span class="preprocessor">#if defined(POLARSSL_PEM_PARSE_C)</span></div> <div class="line"><a name="l00861"></a><span class="lineno"> 861</span> <span class="preprocessor"></span> <span class="keywordflow">if</span>( buf_format == <a class="code" href="x509_8h.html#ae61b2a208043d2d1cfdfea019a15c59b">X509_FORMAT_PEM</a> )</div> <div class="line"><a name="l00862"></a><span class="lineno"> 862</span>  {</div> <div class="line"><a name="l00863"></a><span class="lineno"> 863</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00864"></a><span class="lineno"> 864</span>  pem_context pem;</div> <div class="line"><a name="l00865"></a><span class="lineno"> 865</span> </div> <div class="line"><a name="l00866"></a><span class="lineno"> 866</span>  <span class="keywordflow">while</span>( buflen > 0 )</div> <div class="line"><a name="l00867"></a><span class="lineno"> 867</span>  {</div> <div class="line"><a name="l00868"></a><span class="lineno"> 868</span>  <span class="keywordtype">size_t</span> use_len;</div> <div class="line"><a name="l00869"></a><span class="lineno"> 869</span>  pem_init( &pem );</div> <div class="line"><a name="l00870"></a><span class="lineno"> 870</span> </div> <div class="line"><a name="l00871"></a><span class="lineno"> 871</span>  ret = pem_read_buffer( &pem,</div> <div class="line"><a name="l00872"></a><span class="lineno"> 872</span>  <span class="stringliteral">"-----BEGIN CERTIFICATE-----"</span>,</div> <div class="line"><a name="l00873"></a><span class="lineno"> 873</span>  <span class="stringliteral">"-----END CERTIFICATE-----"</span>,</div> <div class="line"><a name="l00874"></a><span class="lineno"> 874</span>  buf, NULL, 0, &use_len );</div> <div class="line"><a name="l00875"></a><span class="lineno"> 875</span> </div> <div class="line"><a name="l00876"></a><span class="lineno"> 876</span>  <span class="keywordflow">if</span>( ret == 0 )</div> <div class="line"><a name="l00877"></a><span class="lineno"> 877</span>  {</div> <div class="line"><a name="l00878"></a><span class="lineno"> 878</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00879"></a><span class="lineno"> 879</span> <span class="comment"> * Was PEM encoded</span></div> <div class="line"><a name="l00880"></a><span class="lineno"> 880</span> <span class="comment"> */</span></div> <div class="line"><a name="l00881"></a><span class="lineno"> 881</span>  buflen -= use_len;</div> <div class="line"><a name="l00882"></a><span class="lineno"> 882</span>  buf += use_len;</div> <div class="line"><a name="l00883"></a><span class="lineno"> 883</span>  }</div> <div class="line"><a name="l00884"></a><span class="lineno"> 884</span>  <span class="keywordflow">else</span> <span class="keywordflow">if</span>( ret == <a class="code" href="pem_8h.html#ae178eb5fe3590fc7bb43c16ba1874c2f">POLARSSL_ERR_PEM_BAD_INPUT_DATA</a> )</div> <div class="line"><a name="l00885"></a><span class="lineno"> 885</span>  {</div> <div class="line"><a name="l00886"></a><span class="lineno"> 886</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00887"></a><span class="lineno"> 887</span>  }</div> <div class="line"><a name="l00888"></a><span class="lineno"> 888</span>  <span class="keywordflow">else</span> <span class="keywordflow">if</span>( ret != <a class="code" href="pem_8h.html#aba55809b3ae6781d4ab92ccdfbe54a9c">POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT</a> )</div> <div class="line"><a name="l00889"></a><span class="lineno"> 889</span>  {</div> <div class="line"><a name="l00890"></a><span class="lineno"> 890</span>  pem_free( &pem );</div> <div class="line"><a name="l00891"></a><span class="lineno"> 891</span> </div> <div class="line"><a name="l00892"></a><span class="lineno"> 892</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00893"></a><span class="lineno"> 893</span> <span class="comment"> * PEM header and footer were found</span></div> <div class="line"><a name="l00894"></a><span class="lineno"> 894</span> <span class="comment"> */</span></div> <div class="line"><a name="l00895"></a><span class="lineno"> 895</span>  buflen -= use_len;</div> <div class="line"><a name="l00896"></a><span class="lineno"> 896</span>  buf += use_len;</div> <div class="line"><a name="l00897"></a><span class="lineno"> 897</span> </div> <div class="line"><a name="l00898"></a><span class="lineno"> 898</span>  <span class="keywordflow">if</span>( first_error == 0 )</div> <div class="line"><a name="l00899"></a><span class="lineno"> 899</span>  first_error = ret;</div> <div class="line"><a name="l00900"></a><span class="lineno"> 900</span> </div> <div class="line"><a name="l00901"></a><span class="lineno"> 901</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l00902"></a><span class="lineno"> 902</span>  }</div> <div class="line"><a name="l00903"></a><span class="lineno"> 903</span>  <span class="keywordflow">else</span></div> <div class="line"><a name="l00904"></a><span class="lineno"> 904</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l00905"></a><span class="lineno"> 905</span> </div> <div class="line"><a name="l00906"></a><span class="lineno"> 906</span>  ret = <a class="code" href="group__x509__module.html#ga2d8d1c87fa24f176a160041f11ad3c72">x509_crt_parse_der</a>( chain, pem.buf, pem.buflen );</div> <div class="line"><a name="l00907"></a><span class="lineno"> 907</span> </div> <div class="line"><a name="l00908"></a><span class="lineno"> 908</span>  pem_free( &pem );</div> <div class="line"><a name="l00909"></a><span class="lineno"> 909</span> </div> <div class="line"><a name="l00910"></a><span class="lineno"> 910</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l00911"></a><span class="lineno"> 911</span>  {</div> <div class="line"><a name="l00912"></a><span class="lineno"> 912</span>  <span class="comment">/*</span></div> <div class="line"><a name="l00913"></a><span class="lineno"> 913</span> <span class="comment"> * Quit parsing on a memory error</span></div> <div class="line"><a name="l00914"></a><span class="lineno"> 914</span> <span class="comment"> */</span></div> <div class="line"><a name="l00915"></a><span class="lineno"> 915</span>  <span class="keywordflow">if</span>( ret == <a class="code" href="group__x509__module.html#ga60a90a6a7f6ee7a23c186d6870d8e4c8">POLARSSL_ERR_X509_MALLOC_FAILED</a> )</div> <div class="line"><a name="l00916"></a><span class="lineno"> 916</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00917"></a><span class="lineno"> 917</span> </div> <div class="line"><a name="l00918"></a><span class="lineno"> 918</span>  <span class="keywordflow">if</span>( first_error == 0 )</div> <div class="line"><a name="l00919"></a><span class="lineno"> 919</span>  first_error = ret;</div> <div class="line"><a name="l00920"></a><span class="lineno"> 920</span> </div> <div class="line"><a name="l00921"></a><span class="lineno"> 921</span>  total_failed++;</div> <div class="line"><a name="l00922"></a><span class="lineno"> 922</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l00923"></a><span class="lineno"> 923</span>  }</div> <div class="line"><a name="l00924"></a><span class="lineno"> 924</span> </div> <div class="line"><a name="l00925"></a><span class="lineno"> 925</span>  success = 1;</div> <div class="line"><a name="l00926"></a><span class="lineno"> 926</span>  }</div> <div class="line"><a name="l00927"></a><span class="lineno"> 927</span>  }</div> <div class="line"><a name="l00928"></a><span class="lineno"> 928</span> <span class="preprocessor">#endif </span><span class="comment">/* POLARSSL_PEM_PARSE_C */</span><span class="preprocessor"></span></div> <div class="line"><a name="l00929"></a><span class="lineno"> 929</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00930"></a><span class="lineno"> 930</span>  <span class="keywordflow">if</span>( success )</div> <div class="line"><a name="l00931"></a><span class="lineno"> 931</span>  <span class="keywordflow">return</span>( total_failed );</div> <div class="line"><a name="l00932"></a><span class="lineno"> 932</span>  <span class="keywordflow">else</span> <span class="keywordflow">if</span>( first_error )</div> <div class="line"><a name="l00933"></a><span class="lineno"> 933</span>  <span class="keywordflow">return</span>( first_error );</div> <div class="line"><a name="l00934"></a><span class="lineno"> 934</span>  <span class="keywordflow">else</span></div> <div class="line"><a name="l00935"></a><span class="lineno"> 935</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga2a86f0efb25d083307eadf96585d4222">POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT</a> );</div> <div class="line"><a name="l00936"></a><span class="lineno"> 936</span> }</div> <div class="line"><a name="l00937"></a><span class="lineno"> 937</span> </div> <div class="line"><a name="l00938"></a><span class="lineno"> 938</span> <span class="preprocessor">#if defined(POLARSSL_FS_IO)</span></div> <div class="line"><a name="l00939"></a><span class="lineno"> 939</span> <span class="preprocessor"></span><span class="comment">/*</span></div> <div class="line"><a name="l00940"></a><span class="lineno"> 940</span> <span class="comment"> * Load one or more certificates and add them to the chained list</span></div> <div class="line"><a name="l00941"></a><span class="lineno"> 941</span> <span class="comment"> */</span></div> <div class="line"><a name="l00942"></a><span class="lineno"> 942</span> <span class="keywordtype">int</span> <a class="code" href="group__x509__module.html#ga2f937df6c64b400210dbeb5ad26cc8c2">x509_crt_parse_file</a>( <a class="code" href="struct__x509__crt.html">x509_crt</a> *chain, <span class="keyword">const</span> <span class="keywordtype">char</span> *path )</div> <div class="line"><a name="l00943"></a><span class="lineno"> 943</span> {</div> <div class="line"><a name="l00944"></a><span class="lineno"> 944</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l00945"></a><span class="lineno"> 945</span>  <span class="keywordtype">size_t</span> n;</div> <div class="line"><a name="l00946"></a><span class="lineno"> 946</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *buf;</div> <div class="line"><a name="l00947"></a><span class="lineno"> 947</span> </div> <div class="line"><a name="l00948"></a><span class="lineno"> 948</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="x509_8h.html#a13d8b17b30fcdaa5038082b89e72957a">x509_load_file</a>( path, &buf, &n ) ) != 0 )</div> <div class="line"><a name="l00949"></a><span class="lineno"> 949</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00950"></a><span class="lineno"> 950</span> </div> <div class="line"><a name="l00951"></a><span class="lineno"> 951</span>  ret = <a class="code" href="group__x509__module.html#gafc724dee6827c47fed1eec64bb13727b">x509_crt_parse</a>( chain, buf, n );</div> <div class="line"><a name="l00952"></a><span class="lineno"> 952</span> </div> <div class="line"><a name="l00953"></a><span class="lineno"> 953</span>  polarssl_zeroize( buf, n + 1 );</div> <div class="line"><a name="l00954"></a><span class="lineno"> 954</span>  <a class="code" href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a>( buf );</div> <div class="line"><a name="l00955"></a><span class="lineno"> 955</span> </div> <div class="line"><a name="l00956"></a><span class="lineno"> 956</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l00957"></a><span class="lineno"> 957</span> }</div> <div class="line"><a name="l00958"></a><span class="lineno"> 958</span> </div> <div class="line"><a name="l00959"></a><span class="lineno"> 959</span> <span class="preprocessor">#if defined(POLARSSL_THREADING_PTHREAD)</span></div> <div class="line"><a name="l00960"></a><span class="lineno"> 960</span> <span class="preprocessor"></span><span class="keyword">static</span> threading_mutex_t readdir_mutex = PTHREAD_MUTEX_INITIALIZER;</div> <div class="line"><a name="l00961"></a><span class="lineno"> 961</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l00962"></a><span class="lineno"> 962</span> <span class="preprocessor"></span></div> <div class="line"><a name="l00963"></a><span class="lineno"> 963</span> <span class="keywordtype">int</span> <a class="code" href="group__x509__module.html#ga34939a983156816784e3d1a64fe0bac9">x509_crt_parse_path</a>( <a class="code" href="struct__x509__crt.html">x509_crt</a> *chain, <span class="keyword">const</span> <span class="keywordtype">char</span> *path )</div> <div class="line"><a name="l00964"></a><span class="lineno"> 964</span> {</div> <div class="line"><a name="l00965"></a><span class="lineno"> 965</span>  <span class="keywordtype">int</span> ret = 0;</div> <div class="line"><a name="l00966"></a><span class="lineno"> 966</span> <span class="preprocessor">#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)</span></div> <div class="line"><a name="l00967"></a><span class="lineno"> 967</span> <span class="preprocessor"></span> <span class="keywordtype">int</span> w_ret;</div> <div class="line"><a name="l00968"></a><span class="lineno"> 968</span>  WCHAR szDir[MAX_PATH];</div> <div class="line"><a name="l00969"></a><span class="lineno"> 969</span>  <span class="keywordtype">char</span> filename[MAX_PATH];</div> <div class="line"><a name="l00970"></a><span class="lineno"> 970</span>  <span class="keywordtype">char</span> *p;</div> <div class="line"><a name="l00971"></a><span class="lineno"> 971</span>  <span class="keywordtype">int</span> len = (int) strlen( path );</div> <div class="line"><a name="l00972"></a><span class="lineno"> 972</span> </div> <div class="line"><a name="l00973"></a><span class="lineno"> 973</span>  WIN32_FIND_DATAW file_data;</div> <div class="line"><a name="l00974"></a><span class="lineno"> 974</span>  HANDLE hFind;</div> <div class="line"><a name="l00975"></a><span class="lineno"> 975</span> </div> <div class="line"><a name="l00976"></a><span class="lineno"> 976</span>  <span class="keywordflow">if</span>( len > MAX_PATH - 3 )</div> <div class="line"><a name="l00977"></a><span class="lineno"> 977</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga59ea8fbabf8eae3f006824230bc27d6c">POLARSSL_ERR_X509_BAD_INPUT_DATA</a> );</div> <div class="line"><a name="l00978"></a><span class="lineno"> 978</span> </div> <div class="line"><a name="l00979"></a><span class="lineno"> 979</span>  memset( szDir, 0, <span class="keyword">sizeof</span>(szDir) );</div> <div class="line"><a name="l00980"></a><span class="lineno"> 980</span>  memset( filename, 0, MAX_PATH );</div> <div class="line"><a name="l00981"></a><span class="lineno"> 981</span>  memcpy( filename, path, len );</div> <div class="line"><a name="l00982"></a><span class="lineno"> 982</span>  filename[len++] = <span class="charliteral">'\\'</span>;</div> <div class="line"><a name="l00983"></a><span class="lineno"> 983</span>  p = filename + len;</div> <div class="line"><a name="l00984"></a><span class="lineno"> 984</span>  filename[len++] = <span class="charliteral">'*'</span>;</div> <div class="line"><a name="l00985"></a><span class="lineno"> 985</span> </div> <div class="line"><a name="l00986"></a><span class="lineno"> 986</span>  w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir,</div> <div class="line"><a name="l00987"></a><span class="lineno"> 987</span>  MAX_PATH - 3 );</div> <div class="line"><a name="l00988"></a><span class="lineno"> 988</span> </div> <div class="line"><a name="l00989"></a><span class="lineno"> 989</span>  hFind = FindFirstFileW( szDir, &file_data );</div> <div class="line"><a name="l00990"></a><span class="lineno"> 990</span>  <span class="keywordflow">if</span>( hFind == INVALID_HANDLE_VALUE )</div> <div class="line"><a name="l00991"></a><span class="lineno"> 991</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga87e65fdadeba914a5555ef09ab35c48b">POLARSSL_ERR_X509_FILE_IO_ERROR</a> );</div> <div class="line"><a name="l00992"></a><span class="lineno"> 992</span> </div> <div class="line"><a name="l00993"></a><span class="lineno"> 993</span>  len = MAX_PATH - len;</div> <div class="line"><a name="l00994"></a><span class="lineno"> 994</span>  <span class="keywordflow">do</span></div> <div class="line"><a name="l00995"></a><span class="lineno"> 995</span>  {</div> <div class="line"><a name="l00996"></a><span class="lineno"> 996</span>  memset( p, 0, len );</div> <div class="line"><a name="l00997"></a><span class="lineno"> 997</span> </div> <div class="line"><a name="l00998"></a><span class="lineno"> 998</span>  <span class="keywordflow">if</span>( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )</div> <div class="line"><a name="l00999"></a><span class="lineno"> 999</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l01000"></a><span class="lineno"> 1000</span> </div> <div class="line"><a name="l01001"></a><span class="lineno"> 1001</span>  w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,</div> <div class="line"><a name="l01002"></a><span class="lineno"> 1002</span>  lstrlenW( file_data.cFileName ),</div> <div class="line"><a name="l01003"></a><span class="lineno"> 1003</span>  p, len - 1,</div> <div class="line"><a name="l01004"></a><span class="lineno"> 1004</span>  NULL, NULL );</div> <div class="line"><a name="l01005"></a><span class="lineno"> 1005</span> </div> <div class="line"><a name="l01006"></a><span class="lineno"> 1006</span>  w_ret = <a class="code" href="group__x509__module.html#ga2f937df6c64b400210dbeb5ad26cc8c2">x509_crt_parse_file</a>( chain, filename );</div> <div class="line"><a name="l01007"></a><span class="lineno"> 1007</span>  <span class="keywordflow">if</span>( w_ret < 0 )</div> <div class="line"><a name="l01008"></a><span class="lineno"> 1008</span>  ret++;</div> <div class="line"><a name="l01009"></a><span class="lineno"> 1009</span>  <span class="keywordflow">else</span></div> <div class="line"><a name="l01010"></a><span class="lineno"> 1010</span>  ret += w_ret;</div> <div class="line"><a name="l01011"></a><span class="lineno"> 1011</span>  }</div> <div class="line"><a name="l01012"></a><span class="lineno"> 1012</span>  <span class="keywordflow">while</span>( FindNextFileW( hFind, &file_data ) != 0 );</div> <div class="line"><a name="l01013"></a><span class="lineno"> 1013</span> </div> <div class="line"><a name="l01014"></a><span class="lineno"> 1014</span>  <span class="keywordflow">if</span>( GetLastError() != ERROR_NO_MORE_FILES )</div> <div class="line"><a name="l01015"></a><span class="lineno"> 1015</span>  ret = <a class="code" href="group__x509__module.html#ga87e65fdadeba914a5555ef09ab35c48b">POLARSSL_ERR_X509_FILE_IO_ERROR</a>;</div> <div class="line"><a name="l01016"></a><span class="lineno"> 1016</span> </div> <div class="line"><a name="l01017"></a><span class="lineno"> 1017</span>  FindClose( hFind );</div> <div class="line"><a name="l01018"></a><span class="lineno"> 1018</span> <span class="preprocessor">#else </span><span class="comment">/* _WIN32 */</span><span class="preprocessor"></span></div> <div class="line"><a name="l01019"></a><span class="lineno"> 1019</span> <span class="preprocessor"></span> <span class="keywordtype">int</span> t_ret;</div> <div class="line"><a name="l01020"></a><span class="lineno"> 1020</span>  <span class="keyword">struct </span>stat sb;</div> <div class="line"><a name="l01021"></a><span class="lineno"> 1021</span>  <span class="keyword">struct </span>dirent *entry;</div> <div class="line"><a name="l01022"></a><span class="lineno"> 1022</span>  <span class="keywordtype">char</span> entry_name[255];</div> <div class="line"><a name="l01023"></a><span class="lineno"> 1023</span>  DIR *dir = opendir( path );</div> <div class="line"><a name="l01024"></a><span class="lineno"> 1024</span> </div> <div class="line"><a name="l01025"></a><span class="lineno"> 1025</span>  <span class="keywordflow">if</span>( dir == NULL )</div> <div class="line"><a name="l01026"></a><span class="lineno"> 1026</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga87e65fdadeba914a5555ef09ab35c48b">POLARSSL_ERR_X509_FILE_IO_ERROR</a> );</div> <div class="line"><a name="l01027"></a><span class="lineno"> 1027</span> </div> <div class="line"><a name="l01028"></a><span class="lineno"> 1028</span> <span class="preprocessor">#if defined(POLARSSL_THREADING_PTHREAD)</span></div> <div class="line"><a name="l01029"></a><span class="lineno"> 1029</span> <span class="preprocessor"></span> <span class="keywordflow">if</span>( ( ret = <a class="code" href="threading_8h.html#a20d968ec5d48ea16cfab980204e3cb90">polarssl_mutex_lock</a>( &readdir_mutex ) ) != 0 )</div> <div class="line"><a name="l01030"></a><span class="lineno"> 1030</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01031"></a><span class="lineno"> 1031</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l01032"></a><span class="lineno"> 1032</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01033"></a><span class="lineno"> 1033</span>  <span class="keywordflow">while</span>( ( entry = readdir( dir ) ) != NULL )</div> <div class="line"><a name="l01034"></a><span class="lineno"> 1034</span>  {</div> <div class="line"><a name="l01035"></a><span class="lineno"> 1035</span>  snprintf( entry_name, <span class="keyword">sizeof</span> entry_name, <span class="stringliteral">"%s/%s"</span>, path, entry->d_name );</div> <div class="line"><a name="l01036"></a><span class="lineno"> 1036</span> </div> <div class="line"><a name="l01037"></a><span class="lineno"> 1037</span>  <span class="keywordflow">if</span>( stat( entry_name, &sb ) == -1 )</div> <div class="line"><a name="l01038"></a><span class="lineno"> 1038</span>  {</div> <div class="line"><a name="l01039"></a><span class="lineno"> 1039</span>  closedir( dir );</div> <div class="line"><a name="l01040"></a><span class="lineno"> 1040</span>  ret = <a class="code" href="group__x509__module.html#ga87e65fdadeba914a5555ef09ab35c48b">POLARSSL_ERR_X509_FILE_IO_ERROR</a>;</div> <div class="line"><a name="l01041"></a><span class="lineno"> 1041</span>  <span class="keywordflow">goto</span> cleanup;</div> <div class="line"><a name="l01042"></a><span class="lineno"> 1042</span>  }</div> <div class="line"><a name="l01043"></a><span class="lineno"> 1043</span> </div> <div class="line"><a name="l01044"></a><span class="lineno"> 1044</span>  <span class="keywordflow">if</span>( !S_ISREG( sb.st_mode ) )</div> <div class="line"><a name="l01045"></a><span class="lineno"> 1045</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l01046"></a><span class="lineno"> 1046</span> </div> <div class="line"><a name="l01047"></a><span class="lineno"> 1047</span>  <span class="comment">// Ignore parse errors</span></div> <div class="line"><a name="l01048"></a><span class="lineno"> 1048</span>  <span class="comment">//</span></div> <div class="line"><a name="l01049"></a><span class="lineno"> 1049</span>  t_ret = <a class="code" href="group__x509__module.html#ga2f937df6c64b400210dbeb5ad26cc8c2">x509_crt_parse_file</a>( chain, entry_name );</div> <div class="line"><a name="l01050"></a><span class="lineno"> 1050</span>  <span class="keywordflow">if</span>( t_ret < 0 )</div> <div class="line"><a name="l01051"></a><span class="lineno"> 1051</span>  ret++;</div> <div class="line"><a name="l01052"></a><span class="lineno"> 1052</span>  <span class="keywordflow">else</span></div> <div class="line"><a name="l01053"></a><span class="lineno"> 1053</span>  ret += t_ret;</div> <div class="line"><a name="l01054"></a><span class="lineno"> 1054</span>  }</div> <div class="line"><a name="l01055"></a><span class="lineno"> 1055</span>  closedir( dir );</div> <div class="line"><a name="l01056"></a><span class="lineno"> 1056</span> </div> <div class="line"><a name="l01057"></a><span class="lineno"> 1057</span> cleanup:</div> <div class="line"><a name="l01058"></a><span class="lineno"> 1058</span> <span class="preprocessor">#if defined(POLARSSL_THREADING_PTHREAD)</span></div> <div class="line"><a name="l01059"></a><span class="lineno"> 1059</span> <span class="preprocessor"></span> <span class="keywordflow">if</span>( <a class="code" href="threading_8h.html#a3f71f2d457fdf4f03268eb731abf3a98">polarssl_mutex_unlock</a>( &readdir_mutex ) != 0 )</div> <div class="line"><a name="l01060"></a><span class="lineno"> 1060</span>  ret = <a class="code" href="threading_8h.html#afea02eb560c790911a89035bbcc909ad">POLARSSL_ERR_THREADING_MUTEX_ERROR</a>;</div> <div class="line"><a name="l01061"></a><span class="lineno"> 1061</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l01062"></a><span class="lineno"> 1062</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01063"></a><span class="lineno"> 1063</span> <span class="preprocessor">#endif </span><span class="comment">/* _WIN32 */</span><span class="preprocessor"></span></div> <div class="line"><a name="l01064"></a><span class="lineno"> 1064</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01065"></a><span class="lineno"> 1065</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01066"></a><span class="lineno"> 1066</span> }</div> <div class="line"><a name="l01067"></a><span class="lineno"> 1067</span> <span class="preprocessor">#endif </span><span class="comment">/* POLARSSL_FS_IO */</span><span class="preprocessor"></span></div> <div class="line"><a name="l01068"></a><span class="lineno"> 1068</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01069"></a><span class="lineno"> 1069</span> <span class="preprocessor">#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \</span></div> <div class="line"><a name="l01070"></a><span class="lineno"> 1070</span> <span class="preprocessor"> !defined(EFI32)</span></div> <div class="line"><a name="l01071"></a><span class="lineno"> 1071</span> <span class="preprocessor"></span><span class="preprocessor">#include <stdarg.h></span></div> <div class="line"><a name="l01072"></a><span class="lineno"> 1072</span> </div> <div class="line"><a name="l01073"></a><span class="lineno"> 1073</span> <span class="preprocessor">#if !defined vsnprintf</span></div> <div class="line"><a name="l01074"></a><span class="lineno"> 1074</span> <span class="preprocessor"></span><span class="preprocessor">#define vsnprintf _vsnprintf</span></div> <div class="line"><a name="l01075"></a><span class="lineno"> 1075</span> <span class="preprocessor"></span><span class="preprocessor">#endif // vsnprintf</span></div> <div class="line"><a name="l01076"></a><span class="lineno"> 1076</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01077"></a><span class="lineno"> 1077</span> <span class="comment">/*</span></div> <div class="line"><a name="l01078"></a><span class="lineno"> 1078</span> <span class="comment"> * Windows _snprintf and _vsnprintf are not compatible to linux versions.</span></div> <div class="line"><a name="l01079"></a><span class="lineno"> 1079</span> <span class="comment"> * Result value is not size of buffer needed, but -1 if no fit is possible.</span></div> <div class="line"><a name="l01080"></a><span class="lineno"> 1080</span> <span class="comment"> *</span></div> <div class="line"><a name="l01081"></a><span class="lineno"> 1081</span> <span class="comment"> * This fuction tries to 'fix' this by at least suggesting enlarging the</span></div> <div class="line"><a name="l01082"></a><span class="lineno"> 1082</span> <span class="comment"> * size by 20.</span></div> <div class="line"><a name="l01083"></a><span class="lineno"> 1083</span> <span class="comment"> */</span></div> <div class="line"><a name="l01084"></a><span class="lineno"> 1084</span> <span class="keyword">static</span> <span class="keywordtype">int</span> compat_snprintf( <span class="keywordtype">char</span> *str, <span class="keywordtype">size_t</span> size, <span class="keyword">const</span> <span class="keywordtype">char</span> *format, ... )</div> <div class="line"><a name="l01085"></a><span class="lineno"> 1085</span> {</div> <div class="line"><a name="l01086"></a><span class="lineno"> 1086</span>  va_list ap;</div> <div class="line"><a name="l01087"></a><span class="lineno"> 1087</span>  <span class="keywordtype">int</span> res = -1;</div> <div class="line"><a name="l01088"></a><span class="lineno"> 1088</span> </div> <div class="line"><a name="l01089"></a><span class="lineno"> 1089</span>  va_start( ap, format );</div> <div class="line"><a name="l01090"></a><span class="lineno"> 1090</span> </div> <div class="line"><a name="l01091"></a><span class="lineno"> 1091</span>  res = vsnprintf( str, size, format, ap );</div> <div class="line"><a name="l01092"></a><span class="lineno"> 1092</span> </div> <div class="line"><a name="l01093"></a><span class="lineno"> 1093</span>  va_end( ap );</div> <div class="line"><a name="l01094"></a><span class="lineno"> 1094</span> </div> <div class="line"><a name="l01095"></a><span class="lineno"> 1095</span>  <span class="comment">// No quick fix possible</span></div> <div class="line"><a name="l01096"></a><span class="lineno"> 1096</span>  <span class="keywordflow">if</span>( res < 0 )</div> <div class="line"><a name="l01097"></a><span class="lineno"> 1097</span>  <span class="keywordflow">return</span>( (<span class="keywordtype">int</span>) size + 20 );</div> <div class="line"><a name="l01098"></a><span class="lineno"> 1098</span> </div> <div class="line"><a name="l01099"></a><span class="lineno"> 1099</span>  <span class="keywordflow">return</span>( res );</div> <div class="line"><a name="l01100"></a><span class="lineno"> 1100</span> }</div> <div class="line"><a name="l01101"></a><span class="lineno"> 1101</span> </div> <div class="line"><a name="l01102"></a><span class="lineno"> 1102</span> <span class="preprocessor">#define snprintf compat_snprintf</span></div> <div class="line"><a name="l01103"></a><span class="lineno"> 1103</span> <span class="preprocessor"></span><span class="preprocessor">#endif </span><span class="comment">/* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */</span><span class="preprocessor"></span></div> <div class="line"><a name="l01104"></a><span class="lineno"> 1104</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01105"></a><span class="lineno"> 1105</span> <span class="preprocessor">#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2</span></div> <div class="line"><a name="l01106"></a><span class="lineno"> 1106</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01107"></a><span class="lineno"> 1107</span> <span class="preprocessor">#define SAFE_SNPRINTF() \</span></div> <div class="line"><a name="l01108"></a><span class="lineno"> 1108</span> <span class="preprocessor">{ \</span></div> <div class="line"><a name="l01109"></a><span class="lineno"> 1109</span> <span class="preprocessor"> if( ret == -1 ) \</span></div> <div class="line"><a name="l01110"></a><span class="lineno"> 1110</span> <span class="preprocessor"> return( -1 ); \</span></div> <div class="line"><a name="l01111"></a><span class="lineno"> 1111</span> <span class="preprocessor"> \</span></div> <div class="line"><a name="l01112"></a><span class="lineno"> 1112</span> <span class="preprocessor"> if( (unsigned int) ret > n ) { \</span></div> <div class="line"><a name="l01113"></a><span class="lineno"> 1113</span> <span class="preprocessor"> p[n - 1] = '\0'; \</span></div> <div class="line"><a name="l01114"></a><span class="lineno"> 1114</span> <span class="preprocessor"> return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); \</span></div> <div class="line"><a name="l01115"></a><span class="lineno"> 1115</span> <span class="preprocessor"> } \</span></div> <div class="line"><a name="l01116"></a><span class="lineno"> 1116</span> <span class="preprocessor"> \</span></div> <div class="line"><a name="l01117"></a><span class="lineno"> 1117</span> <span class="preprocessor"> n -= (unsigned int) ret; \</span></div> <div class="line"><a name="l01118"></a><span class="lineno"> 1118</span> <span class="preprocessor"> p += (unsigned int) ret; \</span></div> <div class="line"><a name="l01119"></a><span class="lineno"> 1119</span> <span class="preprocessor">}</span></div> <div class="line"><a name="l01120"></a><span class="lineno"> 1120</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01121"></a><span class="lineno"> 1121</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_info_subject_alt_name( <span class="keywordtype">char</span> **buf, <span class="keywordtype">size_t</span> *size,</div> <div class="line"><a name="l01122"></a><span class="lineno"> 1122</span>  <span class="keyword">const</span> <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *subject_alt_name )</div> <div class="line"><a name="l01123"></a><span class="lineno"> 1123</span> {</div> <div class="line"><a name="l01124"></a><span class="lineno"> 1124</span>  <span class="keywordtype">size_t</span> i;</div> <div class="line"><a name="l01125"></a><span class="lineno"> 1125</span>  <span class="keywordtype">size_t</span> n = *size;</div> <div class="line"><a name="l01126"></a><span class="lineno"> 1126</span>  <span class="keywordtype">char</span> *p = *buf;</div> <div class="line"><a name="l01127"></a><span class="lineno"> 1127</span>  <span class="keyword">const</span> <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *cur = subject_alt_name;</div> <div class="line"><a name="l01128"></a><span class="lineno"> 1128</span>  <span class="keyword">const</span> <span class="keywordtype">char</span> *sep = <span class="stringliteral">""</span>;</div> <div class="line"><a name="l01129"></a><span class="lineno"> 1129</span>  <span class="keywordtype">size_t</span> sep_len = 0;</div> <div class="line"><a name="l01130"></a><span class="lineno"> 1130</span> </div> <div class="line"><a name="l01131"></a><span class="lineno"> 1131</span>  <span class="keywordflow">while</span>( cur != NULL )</div> <div class="line"><a name="l01132"></a><span class="lineno"> 1132</span>  {</div> <div class="line"><a name="l01133"></a><span class="lineno"> 1133</span>  <span class="keywordflow">if</span>( cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> + sep_len >= n )</div> <div class="line"><a name="l01134"></a><span class="lineno"> 1134</span>  {</div> <div class="line"><a name="l01135"></a><span class="lineno"> 1135</span>  *p = <span class="charliteral">'\0'</span>;</div> <div class="line"><a name="l01136"></a><span class="lineno"> 1136</span>  <span class="keywordflow">return</span>( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL );</div> <div class="line"><a name="l01137"></a><span class="lineno"> 1137</span>  }</div> <div class="line"><a name="l01138"></a><span class="lineno"> 1138</span> </div> <div class="line"><a name="l01139"></a><span class="lineno"> 1139</span>  n -= cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> + sep_len;</div> <div class="line"><a name="l01140"></a><span class="lineno"> 1140</span>  <span class="keywordflow">for</span>( i = 0; i < sep_len; i++ )</div> <div class="line"><a name="l01141"></a><span class="lineno"> 1141</span>  *p++ = sep[i];</div> <div class="line"><a name="l01142"></a><span class="lineno"> 1142</span>  <span class="keywordflow">for</span>( i = 0; i < cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a>; i++ )</div> <div class="line"><a name="l01143"></a><span class="lineno"> 1143</span>  *p++ = cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>[i];</div> <div class="line"><a name="l01144"></a><span class="lineno"> 1144</span> </div> <div class="line"><a name="l01145"></a><span class="lineno"> 1145</span>  sep = <span class="stringliteral">", "</span>;</div> <div class="line"><a name="l01146"></a><span class="lineno"> 1146</span>  sep_len = 2;</div> <div class="line"><a name="l01147"></a><span class="lineno"> 1147</span> </div> <div class="line"><a name="l01148"></a><span class="lineno"> 1148</span>  cur = cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a>;</div> <div class="line"><a name="l01149"></a><span class="lineno"> 1149</span>  }</div> <div class="line"><a name="l01150"></a><span class="lineno"> 1150</span> </div> <div class="line"><a name="l01151"></a><span class="lineno"> 1151</span>  *p = <span class="charliteral">'\0'</span>;</div> <div class="line"><a name="l01152"></a><span class="lineno"> 1152</span> </div> <div class="line"><a name="l01153"></a><span class="lineno"> 1153</span>  *size = n;</div> <div class="line"><a name="l01154"></a><span class="lineno"> 1154</span>  *buf = p;</div> <div class="line"><a name="l01155"></a><span class="lineno"> 1155</span> </div> <div class="line"><a name="l01156"></a><span class="lineno"> 1156</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01157"></a><span class="lineno"> 1157</span> }</div> <div class="line"><a name="l01158"></a><span class="lineno"> 1158</span> </div> <div class="line"><a name="l01159"></a><span class="lineno"> 1159</span> <span class="preprocessor">#define PRINT_ITEM(i) \</span></div> <div class="line"><a name="l01160"></a><span class="lineno"> 1160</span> <span class="preprocessor"> { \</span></div> <div class="line"><a name="l01161"></a><span class="lineno"> 1161</span> <span class="preprocessor"> ret = snprintf( p, n, "%s" i, sep ); \</span></div> <div class="line"><a name="l01162"></a><span class="lineno"> 1162</span> <span class="preprocessor"> SAFE_SNPRINTF(); \</span></div> <div class="line"><a name="l01163"></a><span class="lineno"> 1163</span> <span class="preprocessor"> sep = ", "; \</span></div> <div class="line"><a name="l01164"></a><span class="lineno"> 1164</span> <span class="preprocessor"> }</span></div> <div class="line"><a name="l01165"></a><span class="lineno"> 1165</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01166"></a><span class="lineno"> 1166</span> <span class="preprocessor">#define CERT_TYPE(type,name) \</span></div> <div class="line"><a name="l01167"></a><span class="lineno"> 1167</span> <span class="preprocessor"> if( ns_cert_type & type ) \</span></div> <div class="line"><a name="l01168"></a><span class="lineno"> 1168</span> <span class="preprocessor"> PRINT_ITEM( name );</span></div> <div class="line"><a name="l01169"></a><span class="lineno"> 1169</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01170"></a><span class="lineno"> 1170</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_info_cert_type( <span class="keywordtype">char</span> **buf, <span class="keywordtype">size_t</span> *size,</div> <div class="line"><a name="l01171"></a><span class="lineno"> 1171</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> ns_cert_type )</div> <div class="line"><a name="l01172"></a><span class="lineno"> 1172</span> {</div> <div class="line"><a name="l01173"></a><span class="lineno"> 1173</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l01174"></a><span class="lineno"> 1174</span>  <span class="keywordtype">size_t</span> n = *size;</div> <div class="line"><a name="l01175"></a><span class="lineno"> 1175</span>  <span class="keywordtype">char</span> *p = *buf;</div> <div class="line"><a name="l01176"></a><span class="lineno"> 1176</span>  <span class="keyword">const</span> <span class="keywordtype">char</span> *sep = <span class="stringliteral">""</span>;</div> <div class="line"><a name="l01177"></a><span class="lineno"> 1177</span> </div> <div class="line"><a name="l01178"></a><span class="lineno"> 1178</span>  CERT_TYPE( <a class="code" href="x509_8h.html#a1720f538cb0b7efa97d134ac6692192a">NS_CERT_TYPE_SSL_CLIENT</a>, <span class="stringliteral">"SSL Client"</span> );</div> <div class="line"><a name="l01179"></a><span class="lineno"> 1179</span>  CERT_TYPE( <a class="code" href="x509_8h.html#a725ac67650ba113b8a8938e1f9cdb073">NS_CERT_TYPE_SSL_SERVER</a>, <span class="stringliteral">"SSL Server"</span> );</div> <div class="line"><a name="l01180"></a><span class="lineno"> 1180</span>  CERT_TYPE( <a class="code" href="x509_8h.html#aa06876013b3e2b9098529e18e17e96e9">NS_CERT_TYPE_EMAIL</a>, <span class="stringliteral">"Email"</span> );</div> <div class="line"><a name="l01181"></a><span class="lineno"> 1181</span>  CERT_TYPE( <a class="code" href="x509_8h.html#ab74494b8a65972aebb605bdd9680d545">NS_CERT_TYPE_OBJECT_SIGNING</a>, <span class="stringliteral">"Object Signing"</span> );</div> <div class="line"><a name="l01182"></a><span class="lineno"> 1182</span>  CERT_TYPE( <a class="code" href="x509_8h.html#a387e2b15df37666dfd95646bf647dae1">NS_CERT_TYPE_RESERVED</a>, <span class="stringliteral">"Reserved"</span> );</div> <div class="line"><a name="l01183"></a><span class="lineno"> 1183</span>  CERT_TYPE( <a class="code" href="x509_8h.html#a9f5cdaf33a0371bdd6893f7c36acf8ef">NS_CERT_TYPE_SSL_CA</a>, <span class="stringliteral">"SSL CA"</span> );</div> <div class="line"><a name="l01184"></a><span class="lineno"> 1184</span>  CERT_TYPE( <a class="code" href="x509_8h.html#a62f25762eb59728f92b07d61ae2057a5">NS_CERT_TYPE_EMAIL_CA</a>, <span class="stringliteral">"Email CA"</span> );</div> <div class="line"><a name="l01185"></a><span class="lineno"> 1185</span>  CERT_TYPE( <a class="code" href="x509_8h.html#a57c9011afb5ab5f02020e1e31b43b871">NS_CERT_TYPE_OBJECT_SIGNING_CA</a>, <span class="stringliteral">"Object Signing CA"</span> );</div> <div class="line"><a name="l01186"></a><span class="lineno"> 1186</span> </div> <div class="line"><a name="l01187"></a><span class="lineno"> 1187</span>  *size = n;</div> <div class="line"><a name="l01188"></a><span class="lineno"> 1188</span>  *buf = p;</div> <div class="line"><a name="l01189"></a><span class="lineno"> 1189</span> </div> <div class="line"><a name="l01190"></a><span class="lineno"> 1190</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01191"></a><span class="lineno"> 1191</span> }</div> <div class="line"><a name="l01192"></a><span class="lineno"> 1192</span> </div> <div class="line"><a name="l01193"></a><span class="lineno"> 1193</span> <span class="preprocessor">#define KEY_USAGE(code,name) \</span></div> <div class="line"><a name="l01194"></a><span class="lineno"> 1194</span> <span class="preprocessor"> if( key_usage & code ) \</span></div> <div class="line"><a name="l01195"></a><span class="lineno"> 1195</span> <span class="preprocessor"> PRINT_ITEM( name );</span></div> <div class="line"><a name="l01196"></a><span class="lineno"> 1196</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01197"></a><span class="lineno"> 1197</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_info_key_usage( <span class="keywordtype">char</span> **buf, <span class="keywordtype">size_t</span> *size,</div> <div class="line"><a name="l01198"></a><span class="lineno"> 1198</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> key_usage )</div> <div class="line"><a name="l01199"></a><span class="lineno"> 1199</span> {</div> <div class="line"><a name="l01200"></a><span class="lineno"> 1200</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l01201"></a><span class="lineno"> 1201</span>  <span class="keywordtype">size_t</span> n = *size;</div> <div class="line"><a name="l01202"></a><span class="lineno"> 1202</span>  <span class="keywordtype">char</span> *p = *buf;</div> <div class="line"><a name="l01203"></a><span class="lineno"> 1203</span>  <span class="keyword">const</span> <span class="keywordtype">char</span> *sep = <span class="stringliteral">""</span>;</div> <div class="line"><a name="l01204"></a><span class="lineno"> 1204</span> </div> <div class="line"><a name="l01205"></a><span class="lineno"> 1205</span>  KEY_USAGE( <a class="code" href="x509_8h.html#a34abc95bf0fa471e18d1dd3b295492f6">KU_DIGITAL_SIGNATURE</a>, <span class="stringliteral">"Digital Signature"</span> );</div> <div class="line"><a name="l01206"></a><span class="lineno"> 1206</span>  KEY_USAGE( <a class="code" href="x509_8h.html#aa97f2a6fc340bc3a22004fe7a245a1c6">KU_NON_REPUDIATION</a>, <span class="stringliteral">"Non Repudiation"</span> );</div> <div class="line"><a name="l01207"></a><span class="lineno"> 1207</span>  KEY_USAGE( <a class="code" href="x509_8h.html#a64f1e2e3dd57557fdad2ca9c07f63ec4">KU_KEY_ENCIPHERMENT</a>, <span class="stringliteral">"Key Encipherment"</span> );</div> <div class="line"><a name="l01208"></a><span class="lineno"> 1208</span>  KEY_USAGE( <a class="code" href="x509_8h.html#a5d7af2d0048312e611b8af54eabd064a">KU_DATA_ENCIPHERMENT</a>, <span class="stringliteral">"Data Encipherment"</span> );</div> <div class="line"><a name="l01209"></a><span class="lineno"> 1209</span>  KEY_USAGE( <a class="code" href="x509_8h.html#a349ec0e59749ed5ca9ac9e030c06049f">KU_KEY_AGREEMENT</a>, <span class="stringliteral">"Key Agreement"</span> );</div> <div class="line"><a name="l01210"></a><span class="lineno"> 1210</span>  KEY_USAGE( <a class="code" href="x509_8h.html#a5da71e896dc465af98e4004ea40eb230">KU_KEY_CERT_SIGN</a>, <span class="stringliteral">"Key Cert Sign"</span> );</div> <div class="line"><a name="l01211"></a><span class="lineno"> 1211</span>  KEY_USAGE( <a class="code" href="x509_8h.html#a14185258174d3ae78dbccd55de36b0a8">KU_CRL_SIGN</a>, <span class="stringliteral">"CRL Sign"</span> );</div> <div class="line"><a name="l01212"></a><span class="lineno"> 1212</span> </div> <div class="line"><a name="l01213"></a><span class="lineno"> 1213</span>  *size = n;</div> <div class="line"><a name="l01214"></a><span class="lineno"> 1214</span>  *buf = p;</div> <div class="line"><a name="l01215"></a><span class="lineno"> 1215</span> </div> <div class="line"><a name="l01216"></a><span class="lineno"> 1216</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01217"></a><span class="lineno"> 1217</span> }</div> <div class="line"><a name="l01218"></a><span class="lineno"> 1218</span> </div> <div class="line"><a name="l01219"></a><span class="lineno"> 1219</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_info_ext_key_usage( <span class="keywordtype">char</span> **buf, <span class="keywordtype">size_t</span> *size,</div> <div class="line"><a name="l01220"></a><span class="lineno"> 1220</span>  <span class="keyword">const</span> <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *extended_key_usage )</div> <div class="line"><a name="l01221"></a><span class="lineno"> 1221</span> {</div> <div class="line"><a name="l01222"></a><span class="lineno"> 1222</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l01223"></a><span class="lineno"> 1223</span>  <span class="keyword">const</span> <span class="keywordtype">char</span> *desc;</div> <div class="line"><a name="l01224"></a><span class="lineno"> 1224</span>  <span class="keywordtype">size_t</span> n = *size;</div> <div class="line"><a name="l01225"></a><span class="lineno"> 1225</span>  <span class="keywordtype">char</span> *p = *buf;</div> <div class="line"><a name="l01226"></a><span class="lineno"> 1226</span>  <span class="keyword">const</span> <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *cur = extended_key_usage;</div> <div class="line"><a name="l01227"></a><span class="lineno"> 1227</span>  <span class="keyword">const</span> <span class="keywordtype">char</span> *sep = <span class="stringliteral">""</span>;</div> <div class="line"><a name="l01228"></a><span class="lineno"> 1228</span> </div> <div class="line"><a name="l01229"></a><span class="lineno"> 1229</span>  <span class="keywordflow">while</span>( cur != NULL )</div> <div class="line"><a name="l01230"></a><span class="lineno"> 1230</span>  {</div> <div class="line"><a name="l01231"></a><span class="lineno"> 1231</span>  <span class="keywordflow">if</span>( <a class="code" href="oid_8h.html#adc2234768fe23ece20c660f57e977f6f">oid_get_extended_key_usage</a>( &cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>, &desc ) != 0 )</div> <div class="line"><a name="l01232"></a><span class="lineno"> 1232</span>  desc = <span class="stringliteral">"???"</span>;</div> <div class="line"><a name="l01233"></a><span class="lineno"> 1233</span> </div> <div class="line"><a name="l01234"></a><span class="lineno"> 1234</span>  ret = snprintf( p, n, <span class="stringliteral">"%s%s"</span>, sep, desc );</div> <div class="line"><a name="l01235"></a><span class="lineno"> 1235</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01236"></a><span class="lineno"> 1236</span> </div> <div class="line"><a name="l01237"></a><span class="lineno"> 1237</span>  sep = <span class="stringliteral">", "</span>;</div> <div class="line"><a name="l01238"></a><span class="lineno"> 1238</span> </div> <div class="line"><a name="l01239"></a><span class="lineno"> 1239</span>  cur = cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a>;</div> <div class="line"><a name="l01240"></a><span class="lineno"> 1240</span>  }</div> <div class="line"><a name="l01241"></a><span class="lineno"> 1241</span> </div> <div class="line"><a name="l01242"></a><span class="lineno"> 1242</span>  *size = n;</div> <div class="line"><a name="l01243"></a><span class="lineno"> 1243</span>  *buf = p;</div> <div class="line"><a name="l01244"></a><span class="lineno"> 1244</span> </div> <div class="line"><a name="l01245"></a><span class="lineno"> 1245</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01246"></a><span class="lineno"> 1246</span> }</div> <div class="line"><a name="l01247"></a><span class="lineno"> 1247</span> </div> <div class="line"><a name="l01248"></a><span class="lineno"> 1248</span> <span class="comment">/*</span></div> <div class="line"><a name="l01249"></a><span class="lineno"> 1249</span> <span class="comment"> * Return an informational string about the certificate.</span></div> <div class="line"><a name="l01250"></a><span class="lineno"> 1250</span> <span class="comment"> */</span></div> <div class="line"><a name="l01251"></a><span class="lineno"> 1251</span> <span class="preprocessor">#define BEFORE_COLON 18</span></div> <div class="line"><a name="l01252"></a><span class="lineno"> 1252</span> <span class="preprocessor"></span><span class="preprocessor">#define BC "18"</span></div> <div class="line"><a name="l01253"></a><span class="lineno"> 1253</span> <span class="preprocessor"></span><span class="keywordtype">int</span> <a class="code" href="group__x509__module.html#ga81299c99c393f6f58eff0471efb65ef7">x509_crt_info</a>( <span class="keywordtype">char</span> *buf, <span class="keywordtype">size_t</span> size, <span class="keyword">const</span> <span class="keywordtype">char</span> *prefix,</div> <div class="line"><a name="l01254"></a><span class="lineno"> 1254</span>  <span class="keyword">const</span> <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt )</div> <div class="line"><a name="l01255"></a><span class="lineno"> 1255</span> {</div> <div class="line"><a name="l01256"></a><span class="lineno"> 1256</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l01257"></a><span class="lineno"> 1257</span>  <span class="keywordtype">size_t</span> n;</div> <div class="line"><a name="l01258"></a><span class="lineno"> 1258</span>  <span class="keywordtype">char</span> *p;</div> <div class="line"><a name="l01259"></a><span class="lineno"> 1259</span>  <span class="keywordtype">char</span> key_size_str[BEFORE_COLON];</div> <div class="line"><a name="l01260"></a><span class="lineno"> 1260</span> </div> <div class="line"><a name="l01261"></a><span class="lineno"> 1261</span>  p = buf;</div> <div class="line"><a name="l01262"></a><span class="lineno"> 1262</span>  n = size;</div> <div class="line"><a name="l01263"></a><span class="lineno"> 1263</span> </div> <div class="line"><a name="l01264"></a><span class="lineno"> 1264</span>  ret = snprintf( p, n, <span class="stringliteral">"%scert. version : %d\n"</span>,</div> <div class="line"><a name="l01265"></a><span class="lineno"> 1265</span>  prefix, crt-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> );</div> <div class="line"><a name="l01266"></a><span class="lineno"> 1266</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01267"></a><span class="lineno"> 1267</span>  ret = snprintf( p, n, <span class="stringliteral">"%sserial number : "</span>,</div> <div class="line"><a name="l01268"></a><span class="lineno"> 1268</span>  prefix );</div> <div class="line"><a name="l01269"></a><span class="lineno"> 1269</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01270"></a><span class="lineno"> 1270</span> </div> <div class="line"><a name="l01271"></a><span class="lineno"> 1271</span>  ret = <a class="code" href="x509_8h.html#acd36d794a8edbbf66fe2e267d8804854">x509_serial_gets</a>( p, n, &crt-><a class="code" href="struct__x509__crt.html#a43b8188727039be4f27d17817b3c73ad">serial</a> );</div> <div class="line"><a name="l01272"></a><span class="lineno"> 1272</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01273"></a><span class="lineno"> 1273</span> </div> <div class="line"><a name="l01274"></a><span class="lineno"> 1274</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%sissuer name : "</span>, prefix );</div> <div class="line"><a name="l01275"></a><span class="lineno"> 1275</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01276"></a><span class="lineno"> 1276</span>  ret = <a class="code" href="x509_8h.html#a4efdfbe50891c916ade3170b91faeebc">x509_dn_gets</a>( p, n, &crt-><a class="code" href="struct__x509__crt.html#a06648e31fe4adffdca0995568ce6aab9">issuer</a> );</div> <div class="line"><a name="l01277"></a><span class="lineno"> 1277</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01278"></a><span class="lineno"> 1278</span> </div> <div class="line"><a name="l01279"></a><span class="lineno"> 1279</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%ssubject name : "</span>, prefix );</div> <div class="line"><a name="l01280"></a><span class="lineno"> 1280</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01281"></a><span class="lineno"> 1281</span>  ret = <a class="code" href="x509_8h.html#a4efdfbe50891c916ade3170b91faeebc">x509_dn_gets</a>( p, n, &crt-><a class="code" href="struct__x509__crt.html#aaa20d3625961655031604d587d40ad9f">subject</a> );</div> <div class="line"><a name="l01282"></a><span class="lineno"> 1282</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01283"></a><span class="lineno"> 1283</span> </div> <div class="line"><a name="l01284"></a><span class="lineno"> 1284</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%sissued on : "</span> \</div> <div class="line"><a name="l01285"></a><span class="lineno"> 1285</span>  <span class="stringliteral">"%04d-%02d-%02d %02d:%02d:%02d"</span>, prefix,</div> <div class="line"><a name="l01286"></a><span class="lineno"> 1286</span>  crt-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a>.<a class="code" href="struct__x509__time.html#a26ed64caf8b2d05ecb82c0ed68113bc5">year</a>, crt-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a>.<a class="code" href="struct__x509__time.html#aa89934c680dcbbb1a74a6ff3f83da264">mon</a>,</div> <div class="line"><a name="l01287"></a><span class="lineno"> 1287</span>  crt-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a>.<a class="code" href="struct__x509__time.html#a20c84d21414653a33595ea4563c49b46">day</a>, crt-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a>.<a class="code" href="struct__x509__time.html#a52a420b0bb4513b257c239f967187d97">hour</a>,</div> <div class="line"><a name="l01288"></a><span class="lineno"> 1288</span>  crt-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a>.<a class="code" href="struct__x509__time.html#a7ef645e874ef1dac4767713f131f6425">min</a>, crt-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a>.<a class="code" href="struct__x509__time.html#a61b09ab58c9d829c4a258ac1a63fff3d">sec</a> );</div> <div class="line"><a name="l01289"></a><span class="lineno"> 1289</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01290"></a><span class="lineno"> 1290</span> </div> <div class="line"><a name="l01291"></a><span class="lineno"> 1291</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%sexpires on : "</span> \</div> <div class="line"><a name="l01292"></a><span class="lineno"> 1292</span>  <span class="stringliteral">"%04d-%02d-%02d %02d:%02d:%02d"</span>, prefix,</div> <div class="line"><a name="l01293"></a><span class="lineno"> 1293</span>  crt-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a>.<a class="code" href="struct__x509__time.html#a26ed64caf8b2d05ecb82c0ed68113bc5">year</a>, crt-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a>.<a class="code" href="struct__x509__time.html#aa89934c680dcbbb1a74a6ff3f83da264">mon</a>,</div> <div class="line"><a name="l01294"></a><span class="lineno"> 1294</span>  crt-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a>.<a class="code" href="struct__x509__time.html#a20c84d21414653a33595ea4563c49b46">day</a>, crt-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a>.<a class="code" href="struct__x509__time.html#a52a420b0bb4513b257c239f967187d97">hour</a>,</div> <div class="line"><a name="l01295"></a><span class="lineno"> 1295</span>  crt-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a>.<a class="code" href="struct__x509__time.html#a7ef645e874ef1dac4767713f131f6425">min</a>, crt-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a>.<a class="code" href="struct__x509__time.html#a61b09ab58c9d829c4a258ac1a63fff3d">sec</a> );</div> <div class="line"><a name="l01296"></a><span class="lineno"> 1296</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01297"></a><span class="lineno"> 1297</span> </div> <div class="line"><a name="l01298"></a><span class="lineno"> 1298</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%ssigned using : "</span>, prefix );</div> <div class="line"><a name="l01299"></a><span class="lineno"> 1299</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01300"></a><span class="lineno"> 1300</span> </div> <div class="line"><a name="l01301"></a><span class="lineno"> 1301</span>  ret = <a class="code" href="x509_8h.html#ab5d6d2b4ddcd6caf33c2cb05af506ff5">x509_sig_alg_gets</a>( p, n, &crt-><a class="code" href="struct__x509__crt.html#afec19cd95389ad573eadb39b7ab83e0f">sig_oid1</a>, crt-><a class="code" href="struct__x509__crt.html#a3a7645927022ef6460a93586c88945e3">sig_pk</a>,</div> <div class="line"><a name="l01302"></a><span class="lineno"> 1302</span>  crt-><a class="code" href="struct__x509__crt.html#a78d84128bb696cbe73587fd855ce1254">sig_md</a>, crt-><a class="code" href="struct__x509__crt.html#a40a7d7d028348b4add2f43378ba93ade">sig_opts</a> );</div> <div class="line"><a name="l01303"></a><span class="lineno"> 1303</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01304"></a><span class="lineno"> 1304</span> </div> <div class="line"><a name="l01305"></a><span class="lineno"> 1305</span>  <span class="comment">/* Key size */</span></div> <div class="line"><a name="l01306"></a><span class="lineno"> 1306</span>  <span class="keywordflow">if</span>( ( ret = <a class="code" href="x509_8h.html#a1e7659be2b5cf7fb32709dbe72f0cf45">x509_key_size_helper</a>( key_size_str, BEFORE_COLON,</div> <div class="line"><a name="l01307"></a><span class="lineno"> 1307</span>  <a class="code" href="pk_8h.html#a8c98e8c088dce6f72b4c8825d6f19160">pk_get_name</a>( &crt-><a class="code" href="struct__x509__crt.html#a25d579cf750491647545181f6a859668">pk</a> ) ) ) != 0 )</div> <div class="line"><a name="l01308"></a><span class="lineno"> 1308</span>  {</div> <div class="line"><a name="l01309"></a><span class="lineno"> 1309</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01310"></a><span class="lineno"> 1310</span>  }</div> <div class="line"><a name="l01311"></a><span class="lineno"> 1311</span> </div> <div class="line"><a name="l01312"></a><span class="lineno"> 1312</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%s%-"</span> BC <span class="stringliteral">"s: %d bits"</span>, prefix, key_size_str,</div> <div class="line"><a name="l01313"></a><span class="lineno"> 1313</span>  (<span class="keywordtype">int</span>) <a class="code" href="pk_8h.html#aba04299e090477925590c9e70b4b5a52">pk_get_size</a>( &crt-><a class="code" href="struct__x509__crt.html#a25d579cf750491647545181f6a859668">pk</a> ) );</div> <div class="line"><a name="l01314"></a><span class="lineno"> 1314</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01315"></a><span class="lineno"> 1315</span> </div> <div class="line"><a name="l01316"></a><span class="lineno"> 1316</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01317"></a><span class="lineno"> 1317</span> <span class="comment"> * Optional extensions</span></div> <div class="line"><a name="l01318"></a><span class="lineno"> 1318</span> <span class="comment"> */</span></div> <div class="line"><a name="l01319"></a><span class="lineno"> 1319</span> </div> <div class="line"><a name="l01320"></a><span class="lineno"> 1320</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">ext_types</a> & <a class="code" href="x509_8h.html#a7813d9ed1f4ee1f122782d31f459d989">EXT_BASIC_CONSTRAINTS</a> )</div> <div class="line"><a name="l01321"></a><span class="lineno"> 1321</span>  {</div> <div class="line"><a name="l01322"></a><span class="lineno"> 1322</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%sbasic constraints : CA=%s"</span>, prefix,</div> <div class="line"><a name="l01323"></a><span class="lineno"> 1323</span>  crt-><a class="code" href="struct__x509__crt.html#aaadc9927dbde5bbb5f5659a926c4699b">ca_istrue</a> ? <span class="stringliteral">"true"</span> : <span class="stringliteral">"false"</span> );</div> <div class="line"><a name="l01324"></a><span class="lineno"> 1324</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01325"></a><span class="lineno"> 1325</span> </div> <div class="line"><a name="l01326"></a><span class="lineno"> 1326</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a03e290fdd84042c87f3fdb1f67175679">max_pathlen</a> > 0 )</div> <div class="line"><a name="l01327"></a><span class="lineno"> 1327</span>  {</div> <div class="line"><a name="l01328"></a><span class="lineno"> 1328</span>  ret = snprintf( p, n, <span class="stringliteral">", max_pathlen=%d"</span>, crt-><a class="code" href="struct__x509__crt.html#a03e290fdd84042c87f3fdb1f67175679">max_pathlen</a> - 1 );</div> <div class="line"><a name="l01329"></a><span class="lineno"> 1329</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01330"></a><span class="lineno"> 1330</span>  }</div> <div class="line"><a name="l01331"></a><span class="lineno"> 1331</span>  }</div> <div class="line"><a name="l01332"></a><span class="lineno"> 1332</span> </div> <div class="line"><a name="l01333"></a><span class="lineno"> 1333</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">ext_types</a> & <a class="code" href="x509_8h.html#aa86a67d1a8363fd5bbdaba523163a269">EXT_SUBJECT_ALT_NAME</a> )</div> <div class="line"><a name="l01334"></a><span class="lineno"> 1334</span>  {</div> <div class="line"><a name="l01335"></a><span class="lineno"> 1335</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%ssubject alt name : "</span>, prefix );</div> <div class="line"><a name="l01336"></a><span class="lineno"> 1336</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01337"></a><span class="lineno"> 1337</span> </div> <div class="line"><a name="l01338"></a><span class="lineno"> 1338</span>  <span class="keywordflow">if</span>( ( ret = x509_info_subject_alt_name( &p, &n,</div> <div class="line"><a name="l01339"></a><span class="lineno"> 1339</span>  &crt-><a class="code" href="struct__x509__crt.html#af96ed7e509440ffce0cbf87735afa4b9">subject_alt_names</a> ) ) != 0 )</div> <div class="line"><a name="l01340"></a><span class="lineno"> 1340</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01341"></a><span class="lineno"> 1341</span>  }</div> <div class="line"><a name="l01342"></a><span class="lineno"> 1342</span> </div> <div class="line"><a name="l01343"></a><span class="lineno"> 1343</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">ext_types</a> & <a class="code" href="x509_8h.html#ab82dcddf27656a1bc2efacc9589838db">EXT_NS_CERT_TYPE</a> )</div> <div class="line"><a name="l01344"></a><span class="lineno"> 1344</span>  {</div> <div class="line"><a name="l01345"></a><span class="lineno"> 1345</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%scert. type : "</span>, prefix );</div> <div class="line"><a name="l01346"></a><span class="lineno"> 1346</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01347"></a><span class="lineno"> 1347</span> </div> <div class="line"><a name="l01348"></a><span class="lineno"> 1348</span>  <span class="keywordflow">if</span>( ( ret = x509_info_cert_type( &p, &n, crt-><a class="code" href="struct__x509__crt.html#a6702ec42d12762793f79f18cd1697e7a">ns_cert_type</a> ) ) != 0 )</div> <div class="line"><a name="l01349"></a><span class="lineno"> 1349</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01350"></a><span class="lineno"> 1350</span>  }</div> <div class="line"><a name="l01351"></a><span class="lineno"> 1351</span> </div> <div class="line"><a name="l01352"></a><span class="lineno"> 1352</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">ext_types</a> & <a class="code" href="x509_8h.html#ac59433ad6f1280708a8409937133d4c1">EXT_KEY_USAGE</a> )</div> <div class="line"><a name="l01353"></a><span class="lineno"> 1353</span>  {</div> <div class="line"><a name="l01354"></a><span class="lineno"> 1354</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%skey usage : "</span>, prefix );</div> <div class="line"><a name="l01355"></a><span class="lineno"> 1355</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01356"></a><span class="lineno"> 1356</span> </div> <div class="line"><a name="l01357"></a><span class="lineno"> 1357</span>  <span class="keywordflow">if</span>( ( ret = x509_info_key_usage( &p, &n, crt-><a class="code" href="struct__x509__crt.html#a4b931af913d6313b1ee5b709eb8e3a7f">key_usage</a> ) ) != 0 )</div> <div class="line"><a name="l01358"></a><span class="lineno"> 1358</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01359"></a><span class="lineno"> 1359</span>  }</div> <div class="line"><a name="l01360"></a><span class="lineno"> 1360</span> </div> <div class="line"><a name="l01361"></a><span class="lineno"> 1361</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">ext_types</a> & <a class="code" href="x509_8h.html#a97bef6a8c3abaf7755b95d997f9af98e">EXT_EXTENDED_KEY_USAGE</a> )</div> <div class="line"><a name="l01362"></a><span class="lineno"> 1362</span>  {</div> <div class="line"><a name="l01363"></a><span class="lineno"> 1363</span>  ret = snprintf( p, n, <span class="stringliteral">"\n%sext key usage : "</span>, prefix );</div> <div class="line"><a name="l01364"></a><span class="lineno"> 1364</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01365"></a><span class="lineno"> 1365</span> </div> <div class="line"><a name="l01366"></a><span class="lineno"> 1366</span>  <span class="keywordflow">if</span>( ( ret = x509_info_ext_key_usage( &p, &n,</div> <div class="line"><a name="l01367"></a><span class="lineno"> 1367</span>  &crt-><a class="code" href="struct__x509__crt.html#ae97d80b0f4a8c36bae7424c07a492c39">ext_key_usage</a> ) ) != 0 )</div> <div class="line"><a name="l01368"></a><span class="lineno"> 1368</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01369"></a><span class="lineno"> 1369</span>  }</div> <div class="line"><a name="l01370"></a><span class="lineno"> 1370</span> </div> <div class="line"><a name="l01371"></a><span class="lineno"> 1371</span>  ret = snprintf( p, n, <span class="stringliteral">"\n"</span> );</div> <div class="line"><a name="l01372"></a><span class="lineno"> 1372</span>  SAFE_SNPRINTF();</div> <div class="line"><a name="l01373"></a><span class="lineno"> 1373</span> </div> <div class="line"><a name="l01374"></a><span class="lineno"> 1374</span>  <span class="keywordflow">return</span>( (<span class="keywordtype">int</span>) ( size - n ) );</div> <div class="line"><a name="l01375"></a><span class="lineno"> 1375</span> }</div> <div class="line"><a name="l01376"></a><span class="lineno"> 1376</span> </div> <div class="line"><a name="l01377"></a><span class="lineno"> 1377</span> <span class="preprocessor">#if defined(POLARSSL_X509_CHECK_KEY_USAGE)</span></div> <div class="line"><a name="l01378"></a><span class="lineno"> 1378</span> <span class="preprocessor"></span><span class="keywordtype">int</span> <a class="code" href="group__x509__module.html#ga166632ed129cf4900d1d911adaa8ae74">x509_crt_check_key_usage</a>( <span class="keyword">const</span> <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt, <span class="keywordtype">int</span> usage )</div> <div class="line"><a name="l01379"></a><span class="lineno"> 1379</span> {</div> <div class="line"><a name="l01380"></a><span class="lineno"> 1380</span>  <span class="keywordflow">if</span>( ( crt-><a class="code" href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">ext_types</a> & <a class="code" href="x509_8h.html#ac59433ad6f1280708a8409937133d4c1">EXT_KEY_USAGE</a> ) != 0 &&</div> <div class="line"><a name="l01381"></a><span class="lineno"> 1381</span>  ( crt-><a class="code" href="struct__x509__crt.html#a4b931af913d6313b1ee5b709eb8e3a7f">key_usage</a> & usage ) != usage )</div> <div class="line"><a name="l01382"></a><span class="lineno"> 1382</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga59ea8fbabf8eae3f006824230bc27d6c">POLARSSL_ERR_X509_BAD_INPUT_DATA</a> );</div> <div class="line"><a name="l01383"></a><span class="lineno"> 1383</span> </div> <div class="line"><a name="l01384"></a><span class="lineno"> 1384</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01385"></a><span class="lineno"> 1385</span> }</div> <div class="line"><a name="l01386"></a><span class="lineno"> 1386</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l01387"></a><span class="lineno"> 1387</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01388"></a><span class="lineno"> 1388</span> <span class="preprocessor">#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE)</span></div> <div class="line"><a name="l01389"></a><span class="lineno"> 1389</span> <span class="preprocessor"></span><span class="keywordtype">int</span> <a class="code" href="group__x509__module.html#gad0a4670e68ac4ce67dd163907880b513">x509_crt_check_extended_key_usage</a>( <span class="keyword">const</span> <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt,</div> <div class="line"><a name="l01390"></a><span class="lineno"> 1390</span>  <span class="keyword">const</span> <span class="keywordtype">char</span> *usage_oid,</div> <div class="line"><a name="l01391"></a><span class="lineno"> 1391</span>  <span class="keywordtype">size_t</span> usage_len )</div> <div class="line"><a name="l01392"></a><span class="lineno"> 1392</span> {</div> <div class="line"><a name="l01393"></a><span class="lineno"> 1393</span>  <span class="keyword">const</span> <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *cur;</div> <div class="line"><a name="l01394"></a><span class="lineno"> 1394</span> </div> <div class="line"><a name="l01395"></a><span class="lineno"> 1395</span>  <span class="comment">/* Extension is not mandatory, absent means no restriction */</span></div> <div class="line"><a name="l01396"></a><span class="lineno"> 1396</span>  <span class="keywordflow">if</span>( ( crt-><a class="code" href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">ext_types</a> & <a class="code" href="x509_8h.html#a97bef6a8c3abaf7755b95d997f9af98e">EXT_EXTENDED_KEY_USAGE</a> ) == 0 )</div> <div class="line"><a name="l01397"></a><span class="lineno"> 1397</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01398"></a><span class="lineno"> 1398</span> </div> <div class="line"><a name="l01399"></a><span class="lineno"> 1399</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01400"></a><span class="lineno"> 1400</span> <span class="comment"> * Look for the requested usage (or wildcard ANY) in our list</span></div> <div class="line"><a name="l01401"></a><span class="lineno"> 1401</span> <span class="comment"> */</span></div> <div class="line"><a name="l01402"></a><span class="lineno"> 1402</span>  <span class="keywordflow">for</span>( cur = &crt-><a class="code" href="struct__x509__crt.html#ae97d80b0f4a8c36bae7424c07a492c39">ext_key_usage</a>; cur != NULL; cur = cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a> )</div> <div class="line"><a name="l01403"></a><span class="lineno"> 1403</span>  {</div> <div class="line"><a name="l01404"></a><span class="lineno"> 1404</span>  <span class="keyword">const</span> <a class="code" href="struct__asn1__buf.html">x509_buf</a> *cur_oid = &cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>;</div> <div class="line"><a name="l01405"></a><span class="lineno"> 1405</span> </div> <div class="line"><a name="l01406"></a><span class="lineno"> 1406</span>  <span class="keywordflow">if</span>( cur_oid-><a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> == usage_len &&</div> <div class="line"><a name="l01407"></a><span class="lineno"> 1407</span>  memcmp( cur_oid-><a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, usage_oid, usage_len ) == 0 )</div> <div class="line"><a name="l01408"></a><span class="lineno"> 1408</span>  {</div> <div class="line"><a name="l01409"></a><span class="lineno"> 1409</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01410"></a><span class="lineno"> 1410</span>  }</div> <div class="line"><a name="l01411"></a><span class="lineno"> 1411</span> </div> <div class="line"><a name="l01412"></a><span class="lineno"> 1412</span>  <span class="keywordflow">if</span>( <a class="code" href="asn1_8h.html#a068fd58b6b0011021a516695ff14a41e">OID_CMP</a>( <a class="code" href="oid_8h.html#aa782cdcc5b462cfbf093f08e782fbb00">OID_ANY_EXTENDED_KEY_USAGE</a>, cur_oid ) )</div> <div class="line"><a name="l01413"></a><span class="lineno"> 1413</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01414"></a><span class="lineno"> 1414</span>  }</div> <div class="line"><a name="l01415"></a><span class="lineno"> 1415</span> </div> <div class="line"><a name="l01416"></a><span class="lineno"> 1416</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga59ea8fbabf8eae3f006824230bc27d6c">POLARSSL_ERR_X509_BAD_INPUT_DATA</a> );</div> <div class="line"><a name="l01417"></a><span class="lineno"> 1417</span> }</div> <div class="line"><a name="l01418"></a><span class="lineno"> 1418</span> <span class="preprocessor">#endif </span><span class="comment">/* POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE */</span><span class="preprocessor"></span></div> <div class="line"><a name="l01419"></a><span class="lineno"> 1419</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01420"></a><span class="lineno"> 1420</span> <span class="preprocessor">#if defined(POLARSSL_X509_CRL_PARSE_C)</span></div> <div class="line"><a name="l01421"></a><span class="lineno"> 1421</span> <span class="preprocessor"></span><span class="comment">/*</span></div> <div class="line"><a name="l01422"></a><span class="lineno"> 1422</span> <span class="comment"> * Return 1 if the certificate is revoked, or 0 otherwise.</span></div> <div class="line"><a name="l01423"></a><span class="lineno"> 1423</span> <span class="comment"> */</span></div> <div class="line"><a name="l01424"></a><span class="lineno"> 1424</span> <span class="keywordtype">int</span> <a class="code" href="group__x509__module.html#ga4479c58d8c7274c50d940d2ea2dfd765">x509_crt_revoked</a>( <span class="keyword">const</span> <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt, <span class="keyword">const</span> <a class="code" href="struct__x509__crl.html">x509_crl</a> *crl )</div> <div class="line"><a name="l01425"></a><span class="lineno"> 1425</span> {</div> <div class="line"><a name="l01426"></a><span class="lineno"> 1426</span>  <span class="keyword">const</span> <a class="code" href="struct__x509__crl__entry.html">x509_crl_entry</a> *cur = &crl-><a class="code" href="struct__x509__crl.html#a06f3146c9c0b4c32e2a1971b165eb4a3">entry</a>;</div> <div class="line"><a name="l01427"></a><span class="lineno"> 1427</span> </div> <div class="line"><a name="l01428"></a><span class="lineno"> 1428</span>  <span class="keywordflow">while</span>( cur != NULL && cur-><a class="code" href="struct__x509__crl__entry.html#ad17fe768696e8b50898b356ac00d0f3d">serial</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> != 0 )</div> <div class="line"><a name="l01429"></a><span class="lineno"> 1429</span>  {</div> <div class="line"><a name="l01430"></a><span class="lineno"> 1430</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a43b8188727039be4f27d17817b3c73ad">serial</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> == cur-><a class="code" href="struct__x509__crl__entry.html#ad17fe768696e8b50898b356ac00d0f3d">serial</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> &&</div> <div class="line"><a name="l01431"></a><span class="lineno"> 1431</span>  memcmp( crt-><a class="code" href="struct__x509__crt.html#a43b8188727039be4f27d17817b3c73ad">serial</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, cur-><a class="code" href="struct__x509__crl__entry.html#ad17fe768696e8b50898b356ac00d0f3d">serial</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, crt-><a class="code" href="struct__x509__crt.html#a43b8188727039be4f27d17817b3c73ad">serial</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) == 0 )</div> <div class="line"><a name="l01432"></a><span class="lineno"> 1432</span>  {</div> <div class="line"><a name="l01433"></a><span class="lineno"> 1433</span>  <span class="keywordflow">if</span>( <a class="code" href="x509_8h.html#a0409eb86cad22e4ecf3b31585bd1aca8">x509_time_expired</a>( &cur-><a class="code" href="struct__x509__crl__entry.html#a16ec0e54f263806453827429b0a2e30b">revocation_date</a> ) )</div> <div class="line"><a name="l01434"></a><span class="lineno"> 1434</span>  <span class="keywordflow">return</span>( 1 );</div> <div class="line"><a name="l01435"></a><span class="lineno"> 1435</span>  }</div> <div class="line"><a name="l01436"></a><span class="lineno"> 1436</span> </div> <div class="line"><a name="l01437"></a><span class="lineno"> 1437</span>  cur = cur-><a class="code" href="struct__x509__crl__entry.html#a0312630b0187919a5d7da80e94d97de8">next</a>;</div> <div class="line"><a name="l01438"></a><span class="lineno"> 1438</span>  }</div> <div class="line"><a name="l01439"></a><span class="lineno"> 1439</span> </div> <div class="line"><a name="l01440"></a><span class="lineno"> 1440</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01441"></a><span class="lineno"> 1441</span> }</div> <div class="line"><a name="l01442"></a><span class="lineno"> 1442</span> </div> <div class="line"><a name="l01443"></a><span class="lineno"> 1443</span> <span class="comment">/*</span></div> <div class="line"><a name="l01444"></a><span class="lineno"> 1444</span> <span class="comment"> * Check that the given certificate is valid according to the CRL.</span></div> <div class="line"><a name="l01445"></a><span class="lineno"> 1445</span> <span class="comment"> */</span></div> <div class="line"><a name="l01446"></a><span class="lineno"> 1446</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_crt_verifycrl( <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt, <a class="code" href="struct__x509__crt.html">x509_crt</a> *ca,</div> <div class="line"><a name="l01447"></a><span class="lineno"> 1447</span>  <a class="code" href="struct__x509__crl.html">x509_crl</a> *crl_list)</div> <div class="line"><a name="l01448"></a><span class="lineno"> 1448</span> {</div> <div class="line"><a name="l01449"></a><span class="lineno"> 1449</span>  <span class="keywordtype">int</span> flags = 0;</div> <div class="line"><a name="l01450"></a><span class="lineno"> 1450</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> hash[<a class="code" href="md_8h.html#a38c76a15d6a3874f898f3dc60750dde1">POLARSSL_MD_MAX_SIZE</a>];</div> <div class="line"><a name="l01451"></a><span class="lineno"> 1451</span>  <span class="keyword">const</span> <a class="code" href="structmd__info__t.html">md_info_t</a> *md_info;</div> <div class="line"><a name="l01452"></a><span class="lineno"> 1452</span> </div> <div class="line"><a name="l01453"></a><span class="lineno"> 1453</span>  <span class="keywordflow">if</span>( ca == NULL )</div> <div class="line"><a name="l01454"></a><span class="lineno"> 1454</span>  <span class="keywordflow">return</span>( flags );</div> <div class="line"><a name="l01455"></a><span class="lineno"> 1455</span> </div> <div class="line"><a name="l01456"></a><span class="lineno"> 1456</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01457"></a><span class="lineno"> 1457</span> <span class="comment"> * TODO: What happens if no CRL is present?</span></div> <div class="line"><a name="l01458"></a><span class="lineno"> 1458</span> <span class="comment"> * Suggestion: Revocation state should be unknown if no CRL is present.</span></div> <div class="line"><a name="l01459"></a><span class="lineno"> 1459</span> <span class="comment"> * For backwards compatibility this is not yet implemented.</span></div> <div class="line"><a name="l01460"></a><span class="lineno"> 1460</span> <span class="comment"> */</span></div> <div class="line"><a name="l01461"></a><span class="lineno"> 1461</span> </div> <div class="line"><a name="l01462"></a><span class="lineno"> 1462</span>  <span class="keywordflow">while</span>( crl_list != NULL )</div> <div class="line"><a name="l01463"></a><span class="lineno"> 1463</span>  {</div> <div class="line"><a name="l01464"></a><span class="lineno"> 1464</span>  <span class="keywordflow">if</span>( crl_list-><a class="code" href="struct__x509__crl.html#a47cdae3f7ed31cfd0528c73310cd1412">version</a> == 0 ||</div> <div class="line"><a name="l01465"></a><span class="lineno"> 1465</span>  crl_list-><a class="code" href="struct__x509__crl.html#aa41cf6526c4ca720ee917471fb54d346">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> != ca-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ||</div> <div class="line"><a name="l01466"></a><span class="lineno"> 1466</span>  memcmp( crl_list-><a class="code" href="struct__x509__crl.html#aa41cf6526c4ca720ee917471fb54d346">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, ca-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>,</div> <div class="line"><a name="l01467"></a><span class="lineno"> 1467</span>  crl_list-><a class="code" href="struct__x509__crl.html#aa41cf6526c4ca720ee917471fb54d346">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) != 0 )</div> <div class="line"><a name="l01468"></a><span class="lineno"> 1468</span>  {</div> <div class="line"><a name="l01469"></a><span class="lineno"> 1469</span>  crl_list = crl_list-><a class="code" href="struct__x509__crl.html#a956a33ee49181d79dc5bfd5261355a52">next</a>;</div> <div class="line"><a name="l01470"></a><span class="lineno"> 1470</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l01471"></a><span class="lineno"> 1471</span>  }</div> <div class="line"><a name="l01472"></a><span class="lineno"> 1472</span> </div> <div class="line"><a name="l01473"></a><span class="lineno"> 1473</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01474"></a><span class="lineno"> 1474</span> <span class="comment"> * Check if the CA is configured to sign CRLs</span></div> <div class="line"><a name="l01475"></a><span class="lineno"> 1475</span> <span class="comment"> */</span></div> <div class="line"><a name="l01476"></a><span class="lineno"> 1476</span> <span class="preprocessor">#if defined(POLARSSL_X509_CHECK_KEY_USAGE)</span></div> <div class="line"><a name="l01477"></a><span class="lineno"> 1477</span> <span class="preprocessor"></span> <span class="keywordflow">if</span>( <a class="code" href="group__x509__module.html#ga166632ed129cf4900d1d911adaa8ae74">x509_crt_check_key_usage</a>( ca, <a class="code" href="x509_8h.html#a14185258174d3ae78dbccd55de36b0a8">KU_CRL_SIGN</a> ) != 0 )</div> <div class="line"><a name="l01478"></a><span class="lineno"> 1478</span>  {</div> <div class="line"><a name="l01479"></a><span class="lineno"> 1479</span>  flags |= <a class="code" href="group__x509__module.html#gad3e80bd3df035edaa81dcd44da586153">BADCRL_NOT_TRUSTED</a>;</div> <div class="line"><a name="l01480"></a><span class="lineno"> 1480</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01481"></a><span class="lineno"> 1481</span>  }</div> <div class="line"><a name="l01482"></a><span class="lineno"> 1482</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l01483"></a><span class="lineno"> 1483</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01484"></a><span class="lineno"> 1484</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01485"></a><span class="lineno"> 1485</span> <span class="comment"> * Check if CRL is correctly signed by the trusted CA</span></div> <div class="line"><a name="l01486"></a><span class="lineno"> 1486</span> <span class="comment"> */</span></div> <div class="line"><a name="l01487"></a><span class="lineno"> 1487</span>  md_info = <a class="code" href="md_8h.html#a622c94870533dc68f54b8df520d2c6d9">md_info_from_type</a>( crl_list-><a class="code" href="struct__x509__crl.html#adb786e7c2d7eeb628167691d541b19e2">sig_md</a> );</div> <div class="line"><a name="l01488"></a><span class="lineno"> 1488</span>  <span class="keywordflow">if</span>( md_info == NULL )</div> <div class="line"><a name="l01489"></a><span class="lineno"> 1489</span>  {</div> <div class="line"><a name="l01490"></a><span class="lineno"> 1490</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01491"></a><span class="lineno"> 1491</span> <span class="comment"> * Cannot check 'unknown' hash</span></div> <div class="line"><a name="l01492"></a><span class="lineno"> 1492</span> <span class="comment"> */</span></div> <div class="line"><a name="l01493"></a><span class="lineno"> 1493</span>  flags |= <a class="code" href="group__x509__module.html#gad3e80bd3df035edaa81dcd44da586153">BADCRL_NOT_TRUSTED</a>;</div> <div class="line"><a name="l01494"></a><span class="lineno"> 1494</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01495"></a><span class="lineno"> 1495</span>  }</div> <div class="line"><a name="l01496"></a><span class="lineno"> 1496</span> </div> <div class="line"><a name="l01497"></a><span class="lineno"> 1497</span>  <a class="code" href="md_8h.html#aae13853f5988bdef5c27ee475ba1295f">md</a>( md_info, crl_list-><a class="code" href="struct__x509__crl.html#a90385547ab0d79a86ac1af2ed65c2a95">tbs</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, crl_list-><a class="code" href="struct__x509__crl.html#a90385547ab0d79a86ac1af2ed65c2a95">tbs</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a>, hash );</div> <div class="line"><a name="l01498"></a><span class="lineno"> 1498</span> </div> <div class="line"><a name="l01499"></a><span class="lineno"> 1499</span>  <span class="keywordflow">if</span>( <a class="code" href="pk_8h.html#a3a3c4fb7fad1c9097df161208d81b097">pk_verify_ext</a>( crl_list-><a class="code" href="struct__x509__crl.html#a1a2a731912111c297251e9952ac08c79">sig_pk</a>, crl_list-><a class="code" href="struct__x509__crl.html#a275c3b9b762b987eebf2728e7037e369">sig_opts</a>, &ca-><a class="code" href="struct__x509__crt.html#a25d579cf750491647545181f6a859668">pk</a>,</div> <div class="line"><a name="l01500"></a><span class="lineno"> 1500</span>  crl_list-><a class="code" href="struct__x509__crl.html#adb786e7c2d7eeb628167691d541b19e2">sig_md</a>, hash, md_info-><a class="code" href="structmd__info__t.html#aedb1e12797791c9b7f5545bda6e3172d">size</a>,</div> <div class="line"><a name="l01501"></a><span class="lineno"> 1501</span>  crl_list-><a class="code" href="struct__x509__crl.html#a8dbbb135e7819c854ea3c344a42a7400">sig</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, crl_list-><a class="code" href="struct__x509__crl.html#a8dbbb135e7819c854ea3c344a42a7400">sig</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) != 0 )</div> <div class="line"><a name="l01502"></a><span class="lineno"> 1502</span>  {</div> <div class="line"><a name="l01503"></a><span class="lineno"> 1503</span>  flags |= <a class="code" href="group__x509__module.html#gad3e80bd3df035edaa81dcd44da586153">BADCRL_NOT_TRUSTED</a>;</div> <div class="line"><a name="l01504"></a><span class="lineno"> 1504</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01505"></a><span class="lineno"> 1505</span>  }</div> <div class="line"><a name="l01506"></a><span class="lineno"> 1506</span> </div> <div class="line"><a name="l01507"></a><span class="lineno"> 1507</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01508"></a><span class="lineno"> 1508</span> <span class="comment"> * Check for validity of CRL (Do not drop out)</span></div> <div class="line"><a name="l01509"></a><span class="lineno"> 1509</span> <span class="comment"> */</span></div> <div class="line"><a name="l01510"></a><span class="lineno"> 1510</span>  <span class="keywordflow">if</span>( <a class="code" href="x509_8h.html#a0409eb86cad22e4ecf3b31585bd1aca8">x509_time_expired</a>( &crl_list-><a class="code" href="struct__x509__crl.html#a6398306fdb9fae8043cfe7e677fb3293">next_update</a> ) )</div> <div class="line"><a name="l01511"></a><span class="lineno"> 1511</span>  flags |= <a class="code" href="group__x509__module.html#gad5d4bfa3090cb468e734596094f39a1f">BADCRL_EXPIRED</a>;</div> <div class="line"><a name="l01512"></a><span class="lineno"> 1512</span> </div> <div class="line"><a name="l01513"></a><span class="lineno"> 1513</span>  <span class="keywordflow">if</span>( <a class="code" href="x509_8h.html#a3ce3d173dfc128c33f1df4e3250821d2">x509_time_future</a>( &crl_list-><a class="code" href="struct__x509__crl.html#a6cb016be83c6ecb607d15030e83b23d0">this_update</a> ) )</div> <div class="line"><a name="l01514"></a><span class="lineno"> 1514</span>  flags |= <a class="code" href="group__x509__module.html#ga8dbe1ef936bb47a2f13759e7e4380be0">BADCRL_FUTURE</a>;</div> <div class="line"><a name="l01515"></a><span class="lineno"> 1515</span> </div> <div class="line"><a name="l01516"></a><span class="lineno"> 1516</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01517"></a><span class="lineno"> 1517</span> <span class="comment"> * Check if certificate is revoked</span></div> <div class="line"><a name="l01518"></a><span class="lineno"> 1518</span> <span class="comment"> */</span></div> <div class="line"><a name="l01519"></a><span class="lineno"> 1519</span>  <span class="keywordflow">if</span>( <a class="code" href="group__x509__module.html#ga4479c58d8c7274c50d940d2ea2dfd765">x509_crt_revoked</a>( crt, crl_list ) )</div> <div class="line"><a name="l01520"></a><span class="lineno"> 1520</span>  {</div> <div class="line"><a name="l01521"></a><span class="lineno"> 1521</span>  flags |= <a class="code" href="group__x509__module.html#ga4ecb1ad0da0f9d6bb0017e091ea4ee2a">BADCERT_REVOKED</a>;</div> <div class="line"><a name="l01522"></a><span class="lineno"> 1522</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01523"></a><span class="lineno"> 1523</span>  }</div> <div class="line"><a name="l01524"></a><span class="lineno"> 1524</span> </div> <div class="line"><a name="l01525"></a><span class="lineno"> 1525</span>  crl_list = crl_list-><a class="code" href="struct__x509__crl.html#a956a33ee49181d79dc5bfd5261355a52">next</a>;</div> <div class="line"><a name="l01526"></a><span class="lineno"> 1526</span>  }</div> <div class="line"><a name="l01527"></a><span class="lineno"> 1527</span>  <span class="keywordflow">return</span>( flags );</div> <div class="line"><a name="l01528"></a><span class="lineno"> 1528</span> }</div> <div class="line"><a name="l01529"></a><span class="lineno"> 1529</span> <span class="preprocessor">#endif </span><span class="comment">/* POLARSSL_X509_CRL_PARSE_C */</span><span class="preprocessor"></span></div> <div class="line"><a name="l01530"></a><span class="lineno"> 1530</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01531"></a><span class="lineno"> 1531</span> <span class="comment">// Equal == 0, inequal == 1</span></div> <div class="line"><a name="l01532"></a><span class="lineno"> 1532</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_name_cmp( <span class="keyword">const</span> <span class="keywordtype">void</span> *s1, <span class="keyword">const</span> <span class="keywordtype">void</span> *s2, <span class="keywordtype">size_t</span> len )</div> <div class="line"><a name="l01533"></a><span class="lineno"> 1533</span> {</div> <div class="line"><a name="l01534"></a><span class="lineno"> 1534</span>  <span class="keywordtype">size_t</span> i;</div> <div class="line"><a name="l01535"></a><span class="lineno"> 1535</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> diff;</div> <div class="line"><a name="l01536"></a><span class="lineno"> 1536</span>  <span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *n1 = s1, *n2 = s2;</div> <div class="line"><a name="l01537"></a><span class="lineno"> 1537</span> </div> <div class="line"><a name="l01538"></a><span class="lineno"> 1538</span>  <span class="keywordflow">for</span>( i = 0; i < len; i++ )</div> <div class="line"><a name="l01539"></a><span class="lineno"> 1539</span>  {</div> <div class="line"><a name="l01540"></a><span class="lineno"> 1540</span>  diff = n1[i] ^ n2[i];</div> <div class="line"><a name="l01541"></a><span class="lineno"> 1541</span> </div> <div class="line"><a name="l01542"></a><span class="lineno"> 1542</span>  <span class="keywordflow">if</span>( diff == 0 )</div> <div class="line"><a name="l01543"></a><span class="lineno"> 1543</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l01544"></a><span class="lineno"> 1544</span> </div> <div class="line"><a name="l01545"></a><span class="lineno"> 1545</span>  <span class="keywordflow">if</span>( diff == 32 &&</div> <div class="line"><a name="l01546"></a><span class="lineno"> 1546</span>  ( ( n1[i] >= <span class="charliteral">'a'</span> && n1[i] <= <span class="charliteral">'z'</span> ) ||</div> <div class="line"><a name="l01547"></a><span class="lineno"> 1547</span>  ( n1[i] >= <span class="charliteral">'A'</span> && n1[i] <= <span class="charliteral">'Z'</span> ) ) )</div> <div class="line"><a name="l01548"></a><span class="lineno"> 1548</span>  {</div> <div class="line"><a name="l01549"></a><span class="lineno"> 1549</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l01550"></a><span class="lineno"> 1550</span>  }</div> <div class="line"><a name="l01551"></a><span class="lineno"> 1551</span> </div> <div class="line"><a name="l01552"></a><span class="lineno"> 1552</span>  <span class="keywordflow">return</span>( 1 );</div> <div class="line"><a name="l01553"></a><span class="lineno"> 1553</span>  }</div> <div class="line"><a name="l01554"></a><span class="lineno"> 1554</span> </div> <div class="line"><a name="l01555"></a><span class="lineno"> 1555</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01556"></a><span class="lineno"> 1556</span> }</div> <div class="line"><a name="l01557"></a><span class="lineno"> 1557</span> </div> <div class="line"><a name="l01558"></a><span class="lineno"> 1558</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_wildcard_verify( <span class="keyword">const</span> <span class="keywordtype">char</span> *cn, <a class="code" href="struct__asn1__buf.html">x509_buf</a> *name )</div> <div class="line"><a name="l01559"></a><span class="lineno"> 1559</span> {</div> <div class="line"><a name="l01560"></a><span class="lineno"> 1560</span>  <span class="keywordtype">size_t</span> i;</div> <div class="line"><a name="l01561"></a><span class="lineno"> 1561</span>  <span class="keywordtype">size_t</span> cn_idx = 0, cn_len = strlen( cn );</div> <div class="line"><a name="l01562"></a><span class="lineno"> 1562</span> </div> <div class="line"><a name="l01563"></a><span class="lineno"> 1563</span>  <span class="keywordflow">if</span>( name-><a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> < 3 || name-><a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>[0] != <span class="charliteral">'*'</span> || name-><a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>[1] != <span class="charliteral">'.'</span> )</div> <div class="line"><a name="l01564"></a><span class="lineno"> 1564</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01565"></a><span class="lineno"> 1565</span> </div> <div class="line"><a name="l01566"></a><span class="lineno"> 1566</span>  <span class="keywordflow">for</span>( i = 0; i < cn_len; ++i )</div> <div class="line"><a name="l01567"></a><span class="lineno"> 1567</span>  {</div> <div class="line"><a name="l01568"></a><span class="lineno"> 1568</span>  <span class="keywordflow">if</span>( cn[i] == <span class="charliteral">'.'</span> )</div> <div class="line"><a name="l01569"></a><span class="lineno"> 1569</span>  {</div> <div class="line"><a name="l01570"></a><span class="lineno"> 1570</span>  cn_idx = i;</div> <div class="line"><a name="l01571"></a><span class="lineno"> 1571</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01572"></a><span class="lineno"> 1572</span>  }</div> <div class="line"><a name="l01573"></a><span class="lineno"> 1573</span>  }</div> <div class="line"><a name="l01574"></a><span class="lineno"> 1574</span> </div> <div class="line"><a name="l01575"></a><span class="lineno"> 1575</span>  <span class="keywordflow">if</span>( cn_idx == 0 )</div> <div class="line"><a name="l01576"></a><span class="lineno"> 1576</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01577"></a><span class="lineno"> 1577</span> </div> <div class="line"><a name="l01578"></a><span class="lineno"> 1578</span>  <span class="keywordflow">if</span>( cn_len - cn_idx == name-><a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> - 1 &&</div> <div class="line"><a name="l01579"></a><span class="lineno"> 1579</span>  x509_name_cmp( name-><a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> + 1, cn + cn_idx, name-><a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> - 1 ) == 0 )</div> <div class="line"><a name="l01580"></a><span class="lineno"> 1580</span>  {</div> <div class="line"><a name="l01581"></a><span class="lineno"> 1581</span>  <span class="keywordflow">return</span>( 1 );</div> <div class="line"><a name="l01582"></a><span class="lineno"> 1582</span>  }</div> <div class="line"><a name="l01583"></a><span class="lineno"> 1583</span> </div> <div class="line"><a name="l01584"></a><span class="lineno"> 1584</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01585"></a><span class="lineno"> 1585</span> }</div> <div class="line"><a name="l01586"></a><span class="lineno"> 1586</span> </div> <div class="line"><a name="l01587"></a><span class="lineno"> 1587</span> <span class="comment">/*</span></div> <div class="line"><a name="l01588"></a><span class="lineno"> 1588</span> <span class="comment"> * Check if 'parent' is a suitable parent (signing CA) for 'child'.</span></div> <div class="line"><a name="l01589"></a><span class="lineno"> 1589</span> <span class="comment"> * Return 0 if yes, -1 if not.</span></div> <div class="line"><a name="l01590"></a><span class="lineno"> 1590</span> <span class="comment"> *</span></div> <div class="line"><a name="l01591"></a><span class="lineno"> 1591</span> <span class="comment"> * top means parent is a locally-trusted certificate</span></div> <div class="line"><a name="l01592"></a><span class="lineno"> 1592</span> <span class="comment"> * bottom means child is the end entity cert</span></div> <div class="line"><a name="l01593"></a><span class="lineno"> 1593</span> <span class="comment"> */</span></div> <div class="line"><a name="l01594"></a><span class="lineno"> 1594</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_crt_check_parent( <span class="keyword">const</span> <a class="code" href="struct__x509__crt.html">x509_crt</a> *child,</div> <div class="line"><a name="l01595"></a><span class="lineno"> 1595</span>  <span class="keyword">const</span> <a class="code" href="struct__x509__crt.html">x509_crt</a> *parent,</div> <div class="line"><a name="l01596"></a><span class="lineno"> 1596</span>  <span class="keywordtype">int</span> top, <span class="keywordtype">int</span> bottom )</div> <div class="line"><a name="l01597"></a><span class="lineno"> 1597</span> {</div> <div class="line"><a name="l01598"></a><span class="lineno"> 1598</span>  <span class="keywordtype">int</span> need_ca_bit;</div> <div class="line"><a name="l01599"></a><span class="lineno"> 1599</span> </div> <div class="line"><a name="l01600"></a><span class="lineno"> 1600</span>  <span class="comment">/* Parent must be the issuer */</span></div> <div class="line"><a name="l01601"></a><span class="lineno"> 1601</span>  <span class="keywordflow">if</span>( child-><a class="code" href="struct__x509__crt.html#af204d5c32f4b72b959feec1d249459da">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> != parent-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ||</div> <div class="line"><a name="l01602"></a><span class="lineno"> 1602</span>  memcmp( child-><a class="code" href="struct__x509__crt.html#af204d5c32f4b72b959feec1d249459da">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, parent-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>,</div> <div class="line"><a name="l01603"></a><span class="lineno"> 1603</span>  child-><a class="code" href="struct__x509__crt.html#af204d5c32f4b72b959feec1d249459da">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) != 0 )</div> <div class="line"><a name="l01604"></a><span class="lineno"> 1604</span>  {</div> <div class="line"><a name="l01605"></a><span class="lineno"> 1605</span>  <span class="keywordflow">return</span>( -1 );</div> <div class="line"><a name="l01606"></a><span class="lineno"> 1606</span>  }</div> <div class="line"><a name="l01607"></a><span class="lineno"> 1607</span> </div> <div class="line"><a name="l01608"></a><span class="lineno"> 1608</span>  <span class="comment">/* Parent must have the basicConstraints CA bit set as a general rule */</span></div> <div class="line"><a name="l01609"></a><span class="lineno"> 1609</span>  need_ca_bit = 1;</div> <div class="line"><a name="l01610"></a><span class="lineno"> 1610</span> </div> <div class="line"><a name="l01611"></a><span class="lineno"> 1611</span>  <span class="comment">/* Exception: v1/v2 certificates that are locally trusted. */</span></div> <div class="line"><a name="l01612"></a><span class="lineno"> 1612</span>  <span class="keywordflow">if</span>( top && parent-><a class="code" href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">version</a> < 3 )</div> <div class="line"><a name="l01613"></a><span class="lineno"> 1613</span>  need_ca_bit = 0;</div> <div class="line"><a name="l01614"></a><span class="lineno"> 1614</span> </div> <div class="line"><a name="l01615"></a><span class="lineno"> 1615</span>  <span class="comment">/* Exception: self-signed end-entity certs that are locally trusted. */</span></div> <div class="line"><a name="l01616"></a><span class="lineno"> 1616</span>  <span class="keywordflow">if</span>( top && bottom &&</div> <div class="line"><a name="l01617"></a><span class="lineno"> 1617</span>  child-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> == parent-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> &&</div> <div class="line"><a name="l01618"></a><span class="lineno"> 1618</span>  memcmp( child-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, parent-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, child-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) == 0 )</div> <div class="line"><a name="l01619"></a><span class="lineno"> 1619</span>  {</div> <div class="line"><a name="l01620"></a><span class="lineno"> 1620</span>  need_ca_bit = 0;</div> <div class="line"><a name="l01621"></a><span class="lineno"> 1621</span>  }</div> <div class="line"><a name="l01622"></a><span class="lineno"> 1622</span> </div> <div class="line"><a name="l01623"></a><span class="lineno"> 1623</span>  <span class="keywordflow">if</span>( need_ca_bit && ! parent-><a class="code" href="struct__x509__crt.html#aaadc9927dbde5bbb5f5659a926c4699b">ca_istrue</a> )</div> <div class="line"><a name="l01624"></a><span class="lineno"> 1624</span>  <span class="keywordflow">return</span>( -1 );</div> <div class="line"><a name="l01625"></a><span class="lineno"> 1625</span> </div> <div class="line"><a name="l01626"></a><span class="lineno"> 1626</span> <span class="preprocessor">#if defined(POLARSSL_X509_CHECK_KEY_USAGE)</span></div> <div class="line"><a name="l01627"></a><span class="lineno"> 1627</span> <span class="preprocessor"></span> <span class="keywordflow">if</span>( need_ca_bit &&</div> <div class="line"><a name="l01628"></a><span class="lineno"> 1628</span>  <a class="code" href="group__x509__module.html#ga166632ed129cf4900d1d911adaa8ae74">x509_crt_check_key_usage</a>( parent, <a class="code" href="x509_8h.html#a5da71e896dc465af98e4004ea40eb230">KU_KEY_CERT_SIGN</a> ) != 0 )</div> <div class="line"><a name="l01629"></a><span class="lineno"> 1629</span>  {</div> <div class="line"><a name="l01630"></a><span class="lineno"> 1630</span>  <span class="keywordflow">return</span>( -1 );</div> <div class="line"><a name="l01631"></a><span class="lineno"> 1631</span>  }</div> <div class="line"><a name="l01632"></a><span class="lineno"> 1632</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l01633"></a><span class="lineno"> 1633</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01634"></a><span class="lineno"> 1634</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01635"></a><span class="lineno"> 1635</span> }</div> <div class="line"><a name="l01636"></a><span class="lineno"> 1636</span> </div> <div class="line"><a name="l01637"></a><span class="lineno"> 1637</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_crt_verify_top(</div> <div class="line"><a name="l01638"></a><span class="lineno"> 1638</span>  <a class="code" href="struct__x509__crt.html">x509_crt</a> *child, <a class="code" href="struct__x509__crt.html">x509_crt</a> *trust_ca,</div> <div class="line"><a name="l01639"></a><span class="lineno"> 1639</span>  <a class="code" href="struct__x509__crl.html">x509_crl</a> *ca_crl, <span class="keywordtype">int</span> path_cnt, <span class="keywordtype">int</span> *flags,</div> <div class="line"><a name="l01640"></a><span class="lineno"> 1640</span>  <span class="keywordtype">int</span> (*f_vrfy)(<span class="keywordtype">void</span> *, <a class="code" href="struct__x509__crt.html">x509_crt</a> *, <span class="keywordtype">int</span>, <span class="keywordtype">int</span> *),</div> <div class="line"><a name="l01641"></a><span class="lineno"> 1641</span>  <span class="keywordtype">void</span> *p_vrfy )</div> <div class="line"><a name="l01642"></a><span class="lineno"> 1642</span> {</div> <div class="line"><a name="l01643"></a><span class="lineno"> 1643</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l01644"></a><span class="lineno"> 1644</span>  <span class="keywordtype">int</span> ca_flags = 0, check_path_cnt = path_cnt + 1;</div> <div class="line"><a name="l01645"></a><span class="lineno"> 1645</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> hash[<a class="code" href="md_8h.html#a38c76a15d6a3874f898f3dc60750dde1">POLARSSL_MD_MAX_SIZE</a>];</div> <div class="line"><a name="l01646"></a><span class="lineno"> 1646</span>  <span class="keyword">const</span> <a class="code" href="structmd__info__t.html">md_info_t</a> *md_info;</div> <div class="line"><a name="l01647"></a><span class="lineno"> 1647</span> </div> <div class="line"><a name="l01648"></a><span class="lineno"> 1648</span>  <span class="keywordflow">if</span>( <a class="code" href="x509_8h.html#a0409eb86cad22e4ecf3b31585bd1aca8">x509_time_expired</a>( &child-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a> ) )</div> <div class="line"><a name="l01649"></a><span class="lineno"> 1649</span>  *flags |= <a class="code" href="group__x509__module.html#ga64e936014215ef18f026ff101b6f8369">BADCERT_EXPIRED</a>;</div> <div class="line"><a name="l01650"></a><span class="lineno"> 1650</span> </div> <div class="line"><a name="l01651"></a><span class="lineno"> 1651</span>  <span class="keywordflow">if</span>( <a class="code" href="x509_8h.html#a3ce3d173dfc128c33f1df4e3250821d2">x509_time_future</a>( &child-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a> ) )</div> <div class="line"><a name="l01652"></a><span class="lineno"> 1652</span>  *flags |= <a class="code" href="group__x509__module.html#ga277aa22d31ad26e5256ec96e589bd5b9">BADCERT_FUTURE</a>;</div> <div class="line"><a name="l01653"></a><span class="lineno"> 1653</span> </div> <div class="line"><a name="l01654"></a><span class="lineno"> 1654</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01655"></a><span class="lineno"> 1655</span> <span class="comment"> * Child is the top of the chain. Check against the trust_ca list.</span></div> <div class="line"><a name="l01656"></a><span class="lineno"> 1656</span> <span class="comment"> */</span></div> <div class="line"><a name="l01657"></a><span class="lineno"> 1657</span>  *flags |= <a class="code" href="group__x509__module.html#ga71c9686585580f77964a3653e147ad0a">BADCERT_NOT_TRUSTED</a>;</div> <div class="line"><a name="l01658"></a><span class="lineno"> 1658</span> </div> <div class="line"><a name="l01659"></a><span class="lineno"> 1659</span>  md_info = <a class="code" href="md_8h.html#a622c94870533dc68f54b8df520d2c6d9">md_info_from_type</a>( child-><a class="code" href="struct__x509__crt.html#a78d84128bb696cbe73587fd855ce1254">sig_md</a> );</div> <div class="line"><a name="l01660"></a><span class="lineno"> 1660</span>  <span class="keywordflow">if</span>( md_info == NULL )</div> <div class="line"><a name="l01661"></a><span class="lineno"> 1661</span>  {</div> <div class="line"><a name="l01662"></a><span class="lineno"> 1662</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01663"></a><span class="lineno"> 1663</span> <span class="comment"> * Cannot check 'unknown', no need to try any CA</span></div> <div class="line"><a name="l01664"></a><span class="lineno"> 1664</span> <span class="comment"> */</span></div> <div class="line"><a name="l01665"></a><span class="lineno"> 1665</span>  trust_ca = NULL;</div> <div class="line"><a name="l01666"></a><span class="lineno"> 1666</span>  }</div> <div class="line"><a name="l01667"></a><span class="lineno"> 1667</span>  <span class="keywordflow">else</span></div> <div class="line"><a name="l01668"></a><span class="lineno"> 1668</span>  <a class="code" href="md_8h.html#aae13853f5988bdef5c27ee475ba1295f">md</a>( md_info, child-><a class="code" href="struct__x509__crt.html#aa3e2e8dba6eedabdac8a59711f466925">tbs</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, child-><a class="code" href="struct__x509__crt.html#aa3e2e8dba6eedabdac8a59711f466925">tbs</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a>, hash );</div> <div class="line"><a name="l01669"></a><span class="lineno"> 1669</span> </div> <div class="line"><a name="l01670"></a><span class="lineno"> 1670</span>  <span class="keywordflow">for</span>( <span class="comment">/* trust_ca */</span> ; trust_ca != NULL; trust_ca = trust_ca-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a> )</div> <div class="line"><a name="l01671"></a><span class="lineno"> 1671</span>  {</div> <div class="line"><a name="l01672"></a><span class="lineno"> 1672</span>  <span class="keywordflow">if</span>( x509_crt_check_parent( child, trust_ca, 1, path_cnt == 0 ) != 0 )</div> <div class="line"><a name="l01673"></a><span class="lineno"> 1673</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l01674"></a><span class="lineno"> 1674</span> </div> <div class="line"><a name="l01675"></a><span class="lineno"> 1675</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01676"></a><span class="lineno"> 1676</span> <span class="comment"> * Reduce path_len to check against if top of the chain is</span></div> <div class="line"><a name="l01677"></a><span class="lineno"> 1677</span> <span class="comment"> * the same as the trusted CA</span></div> <div class="line"><a name="l01678"></a><span class="lineno"> 1678</span> <span class="comment"> */</span></div> <div class="line"><a name="l01679"></a><span class="lineno"> 1679</span>  <span class="keywordflow">if</span>( child-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> == trust_ca-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> &&</div> <div class="line"><a name="l01680"></a><span class="lineno"> 1680</span>  memcmp( child-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, trust_ca-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>,</div> <div class="line"><a name="l01681"></a><span class="lineno"> 1681</span>  child-><a class="code" href="struct__x509__crt.html#af204d5c32f4b72b959feec1d249459da">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) == 0 )</div> <div class="line"><a name="l01682"></a><span class="lineno"> 1682</span>  {</div> <div class="line"><a name="l01683"></a><span class="lineno"> 1683</span>  check_path_cnt--;</div> <div class="line"><a name="l01684"></a><span class="lineno"> 1684</span>  }</div> <div class="line"><a name="l01685"></a><span class="lineno"> 1685</span> </div> <div class="line"><a name="l01686"></a><span class="lineno"> 1686</span>  <span class="keywordflow">if</span>( trust_ca-><a class="code" href="struct__x509__crt.html#a03e290fdd84042c87f3fdb1f67175679">max_pathlen</a> > 0 &&</div> <div class="line"><a name="l01687"></a><span class="lineno"> 1687</span>  trust_ca-><a class="code" href="struct__x509__crt.html#a03e290fdd84042c87f3fdb1f67175679">max_pathlen</a> < check_path_cnt )</div> <div class="line"><a name="l01688"></a><span class="lineno"> 1688</span>  {</div> <div class="line"><a name="l01689"></a><span class="lineno"> 1689</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l01690"></a><span class="lineno"> 1690</span>  }</div> <div class="line"><a name="l01691"></a><span class="lineno"> 1691</span> </div> <div class="line"><a name="l01692"></a><span class="lineno"> 1692</span>  <span class="keywordflow">if</span>( <a class="code" href="pk_8h.html#a3a3c4fb7fad1c9097df161208d81b097">pk_verify_ext</a>( child-><a class="code" href="struct__x509__crt.html#a3a7645927022ef6460a93586c88945e3">sig_pk</a>, child-><a class="code" href="struct__x509__crt.html#a40a7d7d028348b4add2f43378ba93ade">sig_opts</a>, &trust_ca-><a class="code" href="struct__x509__crt.html#a25d579cf750491647545181f6a859668">pk</a>,</div> <div class="line"><a name="l01693"></a><span class="lineno"> 1693</span>  child-><a class="code" href="struct__x509__crt.html#a78d84128bb696cbe73587fd855ce1254">sig_md</a>, hash, md_info-><a class="code" href="structmd__info__t.html#aedb1e12797791c9b7f5545bda6e3172d">size</a>,</div> <div class="line"><a name="l01694"></a><span class="lineno"> 1694</span>  child-><a class="code" href="struct__x509__crt.html#ac879cafb84baa4067fc5b267b04874a7">sig</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, child-><a class="code" href="struct__x509__crt.html#ac879cafb84baa4067fc5b267b04874a7">sig</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) != 0 )</div> <div class="line"><a name="l01695"></a><span class="lineno"> 1695</span>  {</div> <div class="line"><a name="l01696"></a><span class="lineno"> 1696</span>  <span class="keywordflow">continue</span>;</div> <div class="line"><a name="l01697"></a><span class="lineno"> 1697</span>  }</div> <div class="line"><a name="l01698"></a><span class="lineno"> 1698</span> </div> <div class="line"><a name="l01699"></a><span class="lineno"> 1699</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01700"></a><span class="lineno"> 1700</span> <span class="comment"> * Top of chain is signed by a trusted CA</span></div> <div class="line"><a name="l01701"></a><span class="lineno"> 1701</span> <span class="comment"> */</span></div> <div class="line"><a name="l01702"></a><span class="lineno"> 1702</span>  *flags &= ~<a class="code" href="group__x509__module.html#ga71c9686585580f77964a3653e147ad0a">BADCERT_NOT_TRUSTED</a>;</div> <div class="line"><a name="l01703"></a><span class="lineno"> 1703</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01704"></a><span class="lineno"> 1704</span>  }</div> <div class="line"><a name="l01705"></a><span class="lineno"> 1705</span> </div> <div class="line"><a name="l01706"></a><span class="lineno"> 1706</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01707"></a><span class="lineno"> 1707</span> <span class="comment"> * If top of chain is not the same as the trusted CA send a verify request</span></div> <div class="line"><a name="l01708"></a><span class="lineno"> 1708</span> <span class="comment"> * to the callback for any issues with validity and CRL presence for the</span></div> <div class="line"><a name="l01709"></a><span class="lineno"> 1709</span> <span class="comment"> * trusted CA certificate.</span></div> <div class="line"><a name="l01710"></a><span class="lineno"> 1710</span> <span class="comment"> */</span></div> <div class="line"><a name="l01711"></a><span class="lineno"> 1711</span>  <span class="keywordflow">if</span>( trust_ca != NULL &&</div> <div class="line"><a name="l01712"></a><span class="lineno"> 1712</span>  ( child-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> != trust_ca-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ||</div> <div class="line"><a name="l01713"></a><span class="lineno"> 1713</span>  memcmp( child-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, trust_ca-><a class="code" href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">subject_raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>,</div> <div class="line"><a name="l01714"></a><span class="lineno"> 1714</span>  child-><a class="code" href="struct__x509__crt.html#af204d5c32f4b72b959feec1d249459da">issuer_raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) != 0 ) )</div> <div class="line"><a name="l01715"></a><span class="lineno"> 1715</span>  {</div> <div class="line"><a name="l01716"></a><span class="lineno"> 1716</span> <span class="preprocessor">#if defined(POLARSSL_X509_CRL_PARSE_C)</span></div> <div class="line"><a name="l01717"></a><span class="lineno"> 1717</span> <span class="preprocessor"></span> <span class="comment">/* Check trusted CA's CRL for the chain's top crt */</span></div> <div class="line"><a name="l01718"></a><span class="lineno"> 1718</span>  *flags |= x509_crt_verifycrl( child, trust_ca, ca_crl );</div> <div class="line"><a name="l01719"></a><span class="lineno"> 1719</span> <span class="preprocessor">#else</span></div> <div class="line"><a name="l01720"></a><span class="lineno"> 1720</span> <span class="preprocessor"></span> ((void) ca_crl);</div> <div class="line"><a name="l01721"></a><span class="lineno"> 1721</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l01722"></a><span class="lineno"> 1722</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01723"></a><span class="lineno"> 1723</span>  <span class="keywordflow">if</span>( <a class="code" href="x509_8h.html#a0409eb86cad22e4ecf3b31585bd1aca8">x509_time_expired</a>( &trust_ca-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a> ) )</div> <div class="line"><a name="l01724"></a><span class="lineno"> 1724</span>  ca_flags |= <a class="code" href="group__x509__module.html#ga64e936014215ef18f026ff101b6f8369">BADCERT_EXPIRED</a>;</div> <div class="line"><a name="l01725"></a><span class="lineno"> 1725</span> </div> <div class="line"><a name="l01726"></a><span class="lineno"> 1726</span>  <span class="keywordflow">if</span>( <a class="code" href="x509_8h.html#a3ce3d173dfc128c33f1df4e3250821d2">x509_time_future</a>( &trust_ca-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a> ) )</div> <div class="line"><a name="l01727"></a><span class="lineno"> 1727</span>  ca_flags |= <a class="code" href="group__x509__module.html#ga277aa22d31ad26e5256ec96e589bd5b9">BADCERT_FUTURE</a>;</div> <div class="line"><a name="l01728"></a><span class="lineno"> 1728</span> </div> <div class="line"><a name="l01729"></a><span class="lineno"> 1729</span>  <span class="keywordflow">if</span>( NULL != f_vrfy )</div> <div class="line"><a name="l01730"></a><span class="lineno"> 1730</span>  {</div> <div class="line"><a name="l01731"></a><span class="lineno"> 1731</span>  <span class="keywordflow">if</span>( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1,</div> <div class="line"><a name="l01732"></a><span class="lineno"> 1732</span>  &ca_flags ) ) != 0 )</div> <div class="line"><a name="l01733"></a><span class="lineno"> 1733</span>  {</div> <div class="line"><a name="l01734"></a><span class="lineno"> 1734</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01735"></a><span class="lineno"> 1735</span>  }</div> <div class="line"><a name="l01736"></a><span class="lineno"> 1736</span>  }</div> <div class="line"><a name="l01737"></a><span class="lineno"> 1737</span>  }</div> <div class="line"><a name="l01738"></a><span class="lineno"> 1738</span> </div> <div class="line"><a name="l01739"></a><span class="lineno"> 1739</span>  <span class="comment">/* Call callback on top cert */</span></div> <div class="line"><a name="l01740"></a><span class="lineno"> 1740</span>  <span class="keywordflow">if</span>( NULL != f_vrfy )</div> <div class="line"><a name="l01741"></a><span class="lineno"> 1741</span>  {</div> <div class="line"><a name="l01742"></a><span class="lineno"> 1742</span>  <span class="keywordflow">if</span>( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )</div> <div class="line"><a name="l01743"></a><span class="lineno"> 1743</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01744"></a><span class="lineno"> 1744</span>  }</div> <div class="line"><a name="l01745"></a><span class="lineno"> 1745</span> </div> <div class="line"><a name="l01746"></a><span class="lineno"> 1746</span>  *flags |= ca_flags;</div> <div class="line"><a name="l01747"></a><span class="lineno"> 1747</span> </div> <div class="line"><a name="l01748"></a><span class="lineno"> 1748</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01749"></a><span class="lineno"> 1749</span> }</div> <div class="line"><a name="l01750"></a><span class="lineno"> 1750</span> </div> <div class="line"><a name="l01751"></a><span class="lineno"> 1751</span> <span class="keyword">static</span> <span class="keywordtype">int</span> x509_crt_verify_child(</div> <div class="line"><a name="l01752"></a><span class="lineno"> 1752</span>  <a class="code" href="struct__x509__crt.html">x509_crt</a> *child, <a class="code" href="struct__x509__crt.html">x509_crt</a> *parent, <a class="code" href="struct__x509__crt.html">x509_crt</a> *trust_ca,</div> <div class="line"><a name="l01753"></a><span class="lineno"> 1753</span>  <a class="code" href="struct__x509__crl.html">x509_crl</a> *ca_crl, <span class="keywordtype">int</span> path_cnt, <span class="keywordtype">int</span> *flags,</div> <div class="line"><a name="l01754"></a><span class="lineno"> 1754</span>  <span class="keywordtype">int</span> (*f_vrfy)(<span class="keywordtype">void</span> *, <a class="code" href="struct__x509__crt.html">x509_crt</a> *, <span class="keywordtype">int</span>, <span class="keywordtype">int</span> *),</div> <div class="line"><a name="l01755"></a><span class="lineno"> 1755</span>  <span class="keywordtype">void</span> *p_vrfy )</div> <div class="line"><a name="l01756"></a><span class="lineno"> 1756</span> {</div> <div class="line"><a name="l01757"></a><span class="lineno"> 1757</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l01758"></a><span class="lineno"> 1758</span>  <span class="keywordtype">int</span> parent_flags = 0;</div> <div class="line"><a name="l01759"></a><span class="lineno"> 1759</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> hash[<a class="code" href="md_8h.html#a38c76a15d6a3874f898f3dc60750dde1">POLARSSL_MD_MAX_SIZE</a>];</div> <div class="line"><a name="l01760"></a><span class="lineno"> 1760</span>  <a class="code" href="struct__x509__crt.html">x509_crt</a> *grandparent;</div> <div class="line"><a name="l01761"></a><span class="lineno"> 1761</span>  <span class="keyword">const</span> <a class="code" href="structmd__info__t.html">md_info_t</a> *md_info;</div> <div class="line"><a name="l01762"></a><span class="lineno"> 1762</span> </div> <div class="line"><a name="l01763"></a><span class="lineno"> 1763</span>  <span class="keywordflow">if</span>( <a class="code" href="x509_8h.html#a0409eb86cad22e4ecf3b31585bd1aca8">x509_time_expired</a>( &child-><a class="code" href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">valid_to</a> ) )</div> <div class="line"><a name="l01764"></a><span class="lineno"> 1764</span>  *flags |= <a class="code" href="group__x509__module.html#ga64e936014215ef18f026ff101b6f8369">BADCERT_EXPIRED</a>;</div> <div class="line"><a name="l01765"></a><span class="lineno"> 1765</span> </div> <div class="line"><a name="l01766"></a><span class="lineno"> 1766</span>  <span class="keywordflow">if</span>( <a class="code" href="x509_8h.html#a3ce3d173dfc128c33f1df4e3250821d2">x509_time_future</a>( &child-><a class="code" href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">valid_from</a> ) )</div> <div class="line"><a name="l01767"></a><span class="lineno"> 1767</span>  *flags |= <a class="code" href="group__x509__module.html#ga277aa22d31ad26e5256ec96e589bd5b9">BADCERT_FUTURE</a>;</div> <div class="line"><a name="l01768"></a><span class="lineno"> 1768</span> </div> <div class="line"><a name="l01769"></a><span class="lineno"> 1769</span>  md_info = <a class="code" href="md_8h.html#a622c94870533dc68f54b8df520d2c6d9">md_info_from_type</a>( child-><a class="code" href="struct__x509__crt.html#a78d84128bb696cbe73587fd855ce1254">sig_md</a> );</div> <div class="line"><a name="l01770"></a><span class="lineno"> 1770</span>  <span class="keywordflow">if</span>( md_info == NULL )</div> <div class="line"><a name="l01771"></a><span class="lineno"> 1771</span>  {</div> <div class="line"><a name="l01772"></a><span class="lineno"> 1772</span>  <span class="comment">/*</span></div> <div class="line"><a name="l01773"></a><span class="lineno"> 1773</span> <span class="comment"> * Cannot check 'unknown' hash</span></div> <div class="line"><a name="l01774"></a><span class="lineno"> 1774</span> <span class="comment"> */</span></div> <div class="line"><a name="l01775"></a><span class="lineno"> 1775</span>  *flags |= <a class="code" href="group__x509__module.html#ga71c9686585580f77964a3653e147ad0a">BADCERT_NOT_TRUSTED</a>;</div> <div class="line"><a name="l01776"></a><span class="lineno"> 1776</span>  }</div> <div class="line"><a name="l01777"></a><span class="lineno"> 1777</span>  <span class="keywordflow">else</span></div> <div class="line"><a name="l01778"></a><span class="lineno"> 1778</span>  {</div> <div class="line"><a name="l01779"></a><span class="lineno"> 1779</span>  <a class="code" href="md_8h.html#aae13853f5988bdef5c27ee475ba1295f">md</a>( md_info, child-><a class="code" href="struct__x509__crt.html#aa3e2e8dba6eedabdac8a59711f466925">tbs</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, child-><a class="code" href="struct__x509__crt.html#aa3e2e8dba6eedabdac8a59711f466925">tbs</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a>, hash );</div> <div class="line"><a name="l01780"></a><span class="lineno"> 1780</span> </div> <div class="line"><a name="l01781"></a><span class="lineno"> 1781</span>  <span class="keywordflow">if</span>( <a class="code" href="pk_8h.html#a3a3c4fb7fad1c9097df161208d81b097">pk_verify_ext</a>( child-><a class="code" href="struct__x509__crt.html#a3a7645927022ef6460a93586c88945e3">sig_pk</a>, child-><a class="code" href="struct__x509__crt.html#a40a7d7d028348b4add2f43378ba93ade">sig_opts</a>, &parent-><a class="code" href="struct__x509__crt.html#a25d579cf750491647545181f6a859668">pk</a>,</div> <div class="line"><a name="l01782"></a><span class="lineno"> 1782</span>  child-><a class="code" href="struct__x509__crt.html#a78d84128bb696cbe73587fd855ce1254">sig_md</a>, hash, md_info-><a class="code" href="structmd__info__t.html#aedb1e12797791c9b7f5545bda6e3172d">size</a>,</div> <div class="line"><a name="l01783"></a><span class="lineno"> 1783</span>  child-><a class="code" href="struct__x509__crt.html#ac879cafb84baa4067fc5b267b04874a7">sig</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, child-><a class="code" href="struct__x509__crt.html#ac879cafb84baa4067fc5b267b04874a7">sig</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> ) != 0 )</div> <div class="line"><a name="l01784"></a><span class="lineno"> 1784</span>  {</div> <div class="line"><a name="l01785"></a><span class="lineno"> 1785</span>  *flags |= <a class="code" href="group__x509__module.html#ga71c9686585580f77964a3653e147ad0a">BADCERT_NOT_TRUSTED</a>;</div> <div class="line"><a name="l01786"></a><span class="lineno"> 1786</span>  }</div> <div class="line"><a name="l01787"></a><span class="lineno"> 1787</span>  }</div> <div class="line"><a name="l01788"></a><span class="lineno"> 1788</span> </div> <div class="line"><a name="l01789"></a><span class="lineno"> 1789</span> <span class="preprocessor">#if defined(POLARSSL_X509_CRL_PARSE_C)</span></div> <div class="line"><a name="l01790"></a><span class="lineno"> 1790</span> <span class="preprocessor"></span> <span class="comment">/* Check trusted CA's CRL for the given crt */</span></div> <div class="line"><a name="l01791"></a><span class="lineno"> 1791</span>  *flags |= x509_crt_verifycrl(child, parent, ca_crl);</div> <div class="line"><a name="l01792"></a><span class="lineno"> 1792</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l01793"></a><span class="lineno"> 1793</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01794"></a><span class="lineno"> 1794</span>  <span class="comment">/* Look for a grandparent upwards the chain */</span></div> <div class="line"><a name="l01795"></a><span class="lineno"> 1795</span>  <span class="keywordflow">for</span>( grandparent = parent-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a>;</div> <div class="line"><a name="l01796"></a><span class="lineno"> 1796</span>  grandparent != NULL;</div> <div class="line"><a name="l01797"></a><span class="lineno"> 1797</span>  grandparent = grandparent-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a> )</div> <div class="line"><a name="l01798"></a><span class="lineno"> 1798</span>  {</div> <div class="line"><a name="l01799"></a><span class="lineno"> 1799</span>  <span class="keywordflow">if</span>( x509_crt_check_parent( parent, grandparent,</div> <div class="line"><a name="l01800"></a><span class="lineno"> 1800</span>  0, path_cnt == 0 ) == 0 )</div> <div class="line"><a name="l01801"></a><span class="lineno"> 1801</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01802"></a><span class="lineno"> 1802</span>  }</div> <div class="line"><a name="l01803"></a><span class="lineno"> 1803</span> </div> <div class="line"><a name="l01804"></a><span class="lineno"> 1804</span>  <span class="comment">/* Is our parent part of the chain or at the top? */</span></div> <div class="line"><a name="l01805"></a><span class="lineno"> 1805</span>  <span class="keywordflow">if</span>( grandparent != NULL )</div> <div class="line"><a name="l01806"></a><span class="lineno"> 1806</span>  {</div> <div class="line"><a name="l01807"></a><span class="lineno"> 1807</span>  ret = x509_crt_verify_child( parent, grandparent, trust_ca, ca_crl,</div> <div class="line"><a name="l01808"></a><span class="lineno"> 1808</span>  path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );</div> <div class="line"><a name="l01809"></a><span class="lineno"> 1809</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l01810"></a><span class="lineno"> 1810</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01811"></a><span class="lineno"> 1811</span>  }</div> <div class="line"><a name="l01812"></a><span class="lineno"> 1812</span>  <span class="keywordflow">else</span></div> <div class="line"><a name="l01813"></a><span class="lineno"> 1813</span>  {</div> <div class="line"><a name="l01814"></a><span class="lineno"> 1814</span>  ret = x509_crt_verify_top( parent, trust_ca, ca_crl,</div> <div class="line"><a name="l01815"></a><span class="lineno"> 1815</span>  path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );</div> <div class="line"><a name="l01816"></a><span class="lineno"> 1816</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l01817"></a><span class="lineno"> 1817</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01818"></a><span class="lineno"> 1818</span>  }</div> <div class="line"><a name="l01819"></a><span class="lineno"> 1819</span> </div> <div class="line"><a name="l01820"></a><span class="lineno"> 1820</span>  <span class="comment">/* child is verified to be a child of the parent, call verify callback */</span></div> <div class="line"><a name="l01821"></a><span class="lineno"> 1821</span>  <span class="keywordflow">if</span>( NULL != f_vrfy )</div> <div class="line"><a name="l01822"></a><span class="lineno"> 1822</span>  <span class="keywordflow">if</span>( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )</div> <div class="line"><a name="l01823"></a><span class="lineno"> 1823</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01824"></a><span class="lineno"> 1824</span> </div> <div class="line"><a name="l01825"></a><span class="lineno"> 1825</span>  *flags |= parent_flags;</div> <div class="line"><a name="l01826"></a><span class="lineno"> 1826</span> </div> <div class="line"><a name="l01827"></a><span class="lineno"> 1827</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01828"></a><span class="lineno"> 1828</span> }</div> <div class="line"><a name="l01829"></a><span class="lineno"> 1829</span> </div> <div class="line"><a name="l01830"></a><span class="lineno"> 1830</span> <span class="comment">/*</span></div> <div class="line"><a name="l01831"></a><span class="lineno"> 1831</span> <span class="comment"> * Verify the certificate validity</span></div> <div class="line"><a name="l01832"></a><span class="lineno"> 1832</span> <span class="comment"> */</span></div> <div class="line"><a name="l01833"></a><span class="lineno"> 1833</span> <span class="keywordtype">int</span> <a class="code" href="group__x509__module.html#gaceaeaa6cd00a5c20e71a9a11122d58df">x509_crt_verify</a>( <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt,</div> <div class="line"><a name="l01834"></a><span class="lineno"> 1834</span>  <a class="code" href="struct__x509__crt.html">x509_crt</a> *trust_ca,</div> <div class="line"><a name="l01835"></a><span class="lineno"> 1835</span>  <a class="code" href="struct__x509__crl.html">x509_crl</a> *ca_crl,</div> <div class="line"><a name="l01836"></a><span class="lineno"> 1836</span>  <span class="keyword">const</span> <span class="keywordtype">char</span> *cn, <span class="keywordtype">int</span> *flags,</div> <div class="line"><a name="l01837"></a><span class="lineno"> 1837</span>  <span class="keywordtype">int</span> (*f_vrfy)(<span class="keywordtype">void</span> *, <a class="code" href="struct__x509__crt.html">x509_crt</a> *, <span class="keywordtype">int</span>, <span class="keywordtype">int</span> *),</div> <div class="line"><a name="l01838"></a><span class="lineno"> 1838</span>  <span class="keywordtype">void</span> *p_vrfy )</div> <div class="line"><a name="l01839"></a><span class="lineno"> 1839</span> {</div> <div class="line"><a name="l01840"></a><span class="lineno"> 1840</span>  <span class="keywordtype">size_t</span> cn_len;</div> <div class="line"><a name="l01841"></a><span class="lineno"> 1841</span>  <span class="keywordtype">int</span> ret;</div> <div class="line"><a name="l01842"></a><span class="lineno"> 1842</span>  <span class="keywordtype">int</span> pathlen = 0;</div> <div class="line"><a name="l01843"></a><span class="lineno"> 1843</span>  <a class="code" href="struct__x509__crt.html">x509_crt</a> *parent;</div> <div class="line"><a name="l01844"></a><span class="lineno"> 1844</span>  <a class="code" href="struct__asn1__named__data.html">x509_name</a> *name;</div> <div class="line"><a name="l01845"></a><span class="lineno"> 1845</span>  <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *cur = NULL;</div> <div class="line"><a name="l01846"></a><span class="lineno"> 1846</span> </div> <div class="line"><a name="l01847"></a><span class="lineno"> 1847</span>  *flags = 0;</div> <div class="line"><a name="l01848"></a><span class="lineno"> 1848</span> </div> <div class="line"><a name="l01849"></a><span class="lineno"> 1849</span>  <span class="keywordflow">if</span>( cn != NULL )</div> <div class="line"><a name="l01850"></a><span class="lineno"> 1850</span>  {</div> <div class="line"><a name="l01851"></a><span class="lineno"> 1851</span>  name = &crt-><a class="code" href="struct__x509__crt.html#aaa20d3625961655031604d587d40ad9f">subject</a>;</div> <div class="line"><a name="l01852"></a><span class="lineno"> 1852</span>  cn_len = strlen( cn );</div> <div class="line"><a name="l01853"></a><span class="lineno"> 1853</span> </div> <div class="line"><a name="l01854"></a><span class="lineno"> 1854</span>  <span class="keywordflow">if</span>( crt-><a class="code" href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">ext_types</a> & <a class="code" href="x509_8h.html#aa86a67d1a8363fd5bbdaba523163a269">EXT_SUBJECT_ALT_NAME</a> )</div> <div class="line"><a name="l01855"></a><span class="lineno"> 1855</span>  {</div> <div class="line"><a name="l01856"></a><span class="lineno"> 1856</span>  cur = &crt-><a class="code" href="struct__x509__crt.html#af96ed7e509440ffce0cbf87735afa4b9">subject_alt_names</a>;</div> <div class="line"><a name="l01857"></a><span class="lineno"> 1857</span> </div> <div class="line"><a name="l01858"></a><span class="lineno"> 1858</span>  <span class="keywordflow">while</span>( cur != NULL )</div> <div class="line"><a name="l01859"></a><span class="lineno"> 1859</span>  {</div> <div class="line"><a name="l01860"></a><span class="lineno"> 1860</span>  <span class="keywordflow">if</span>( cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> == cn_len &&</div> <div class="line"><a name="l01861"></a><span class="lineno"> 1861</span>  x509_name_cmp( cn, cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, cn_len ) == 0 )</div> <div class="line"><a name="l01862"></a><span class="lineno"> 1862</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01863"></a><span class="lineno"> 1863</span> </div> <div class="line"><a name="l01864"></a><span class="lineno"> 1864</span>  <span class="keywordflow">if</span>( cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> > 2 &&</div> <div class="line"><a name="l01865"></a><span class="lineno"> 1865</span>  memcmp( cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, <span class="stringliteral">"*."</span>, 2 ) == 0 &&</div> <div class="line"><a name="l01866"></a><span class="lineno"> 1866</span>  x509_wildcard_verify( cn, &cur-><a class="code" href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">buf</a> ) )</div> <div class="line"><a name="l01867"></a><span class="lineno"> 1867</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01868"></a><span class="lineno"> 1868</span> </div> <div class="line"><a name="l01869"></a><span class="lineno"> 1869</span>  cur = cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a>;</div> <div class="line"><a name="l01870"></a><span class="lineno"> 1870</span>  }</div> <div class="line"><a name="l01871"></a><span class="lineno"> 1871</span> </div> <div class="line"><a name="l01872"></a><span class="lineno"> 1872</span>  <span class="keywordflow">if</span>( cur == NULL )</div> <div class="line"><a name="l01873"></a><span class="lineno"> 1873</span>  *flags |= <a class="code" href="group__x509__module.html#gacfafc04b8cd60bd1819cf41bc78a24de">BADCERT_CN_MISMATCH</a>;</div> <div class="line"><a name="l01874"></a><span class="lineno"> 1874</span>  }</div> <div class="line"><a name="l01875"></a><span class="lineno"> 1875</span>  <span class="keywordflow">else</span></div> <div class="line"><a name="l01876"></a><span class="lineno"> 1876</span>  {</div> <div class="line"><a name="l01877"></a><span class="lineno"> 1877</span>  <span class="keywordflow">while</span>( name != NULL )</div> <div class="line"><a name="l01878"></a><span class="lineno"> 1878</span>  {</div> <div class="line"><a name="l01879"></a><span class="lineno"> 1879</span>  <span class="keywordflow">if</span>( <a class="code" href="asn1_8h.html#a068fd58b6b0011021a516695ff14a41e">OID_CMP</a>( <a class="code" href="oid_8h.html#a5c2207a76142b3c4e5ef1986d8c39a9c">OID_AT_CN</a>, &name-><a class="code" href="struct__asn1__named__data.html#a95593059f3ed1b21f4ae6b04ed3e01dd">oid</a> ) )</div> <div class="line"><a name="l01880"></a><span class="lineno"> 1880</span>  {</div> <div class="line"><a name="l01881"></a><span class="lineno"> 1881</span>  <span class="keywordflow">if</span>( name-><a class="code" href="struct__asn1__named__data.html#af1175e54f92e9aaa85fb7a6a27a5511e">val</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> == cn_len &&</div> <div class="line"><a name="l01882"></a><span class="lineno"> 1882</span>  x509_name_cmp( name-><a class="code" href="struct__asn1__named__data.html#af1175e54f92e9aaa85fb7a6a27a5511e">val</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, cn, cn_len ) == 0 )</div> <div class="line"><a name="l01883"></a><span class="lineno"> 1883</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01884"></a><span class="lineno"> 1884</span> </div> <div class="line"><a name="l01885"></a><span class="lineno"> 1885</span>  <span class="keywordflow">if</span>( name-><a class="code" href="struct__asn1__named__data.html#af1175e54f92e9aaa85fb7a6a27a5511e">val</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> > 2 &&</div> <div class="line"><a name="l01886"></a><span class="lineno"> 1886</span>  memcmp( name-><a class="code" href="struct__asn1__named__data.html#af1175e54f92e9aaa85fb7a6a27a5511e">val</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, <span class="stringliteral">"*."</span>, 2 ) == 0 &&</div> <div class="line"><a name="l01887"></a><span class="lineno"> 1887</span>  x509_wildcard_verify( cn, &name-><a class="code" href="struct__asn1__named__data.html#af1175e54f92e9aaa85fb7a6a27a5511e">val</a> ) )</div> <div class="line"><a name="l01888"></a><span class="lineno"> 1888</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01889"></a><span class="lineno"> 1889</span>  }</div> <div class="line"><a name="l01890"></a><span class="lineno"> 1890</span> </div> <div class="line"><a name="l01891"></a><span class="lineno"> 1891</span>  name = name-><a class="code" href="struct__asn1__named__data.html#a58d2c1bba1746711bac4f41a74f5333c">next</a>;</div> <div class="line"><a name="l01892"></a><span class="lineno"> 1892</span>  }</div> <div class="line"><a name="l01893"></a><span class="lineno"> 1893</span> </div> <div class="line"><a name="l01894"></a><span class="lineno"> 1894</span>  <span class="keywordflow">if</span>( name == NULL )</div> <div class="line"><a name="l01895"></a><span class="lineno"> 1895</span>  *flags |= <a class="code" href="group__x509__module.html#gacfafc04b8cd60bd1819cf41bc78a24de">BADCERT_CN_MISMATCH</a>;</div> <div class="line"><a name="l01896"></a><span class="lineno"> 1896</span>  }</div> <div class="line"><a name="l01897"></a><span class="lineno"> 1897</span>  }</div> <div class="line"><a name="l01898"></a><span class="lineno"> 1898</span> </div> <div class="line"><a name="l01899"></a><span class="lineno"> 1899</span>  <span class="comment">/* Look for a parent upwards the chain */</span></div> <div class="line"><a name="l01900"></a><span class="lineno"> 1900</span>  <span class="keywordflow">for</span>( parent = crt-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a>; parent != NULL; parent = parent-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a> )</div> <div class="line"><a name="l01901"></a><span class="lineno"> 1901</span>  {</div> <div class="line"><a name="l01902"></a><span class="lineno"> 1902</span>  <span class="keywordflow">if</span>( x509_crt_check_parent( crt, parent, 0, pathlen == 0 ) == 0 )</div> <div class="line"><a name="l01903"></a><span class="lineno"> 1903</span>  <span class="keywordflow">break</span>;</div> <div class="line"><a name="l01904"></a><span class="lineno"> 1904</span>  }</div> <div class="line"><a name="l01905"></a><span class="lineno"> 1905</span> </div> <div class="line"><a name="l01906"></a><span class="lineno"> 1906</span>  <span class="comment">/* Are we part of the chain or at the top? */</span></div> <div class="line"><a name="l01907"></a><span class="lineno"> 1907</span>  <span class="keywordflow">if</span>( parent != NULL )</div> <div class="line"><a name="l01908"></a><span class="lineno"> 1908</span>  {</div> <div class="line"><a name="l01909"></a><span class="lineno"> 1909</span>  ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl,</div> <div class="line"><a name="l01910"></a><span class="lineno"> 1910</span>  pathlen, flags, f_vrfy, p_vrfy );</div> <div class="line"><a name="l01911"></a><span class="lineno"> 1911</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l01912"></a><span class="lineno"> 1912</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01913"></a><span class="lineno"> 1913</span>  }</div> <div class="line"><a name="l01914"></a><span class="lineno"> 1914</span>  <span class="keywordflow">else</span></div> <div class="line"><a name="l01915"></a><span class="lineno"> 1915</span>  {</div> <div class="line"><a name="l01916"></a><span class="lineno"> 1916</span>  ret = x509_crt_verify_top( crt, trust_ca, ca_crl,</div> <div class="line"><a name="l01917"></a><span class="lineno"> 1917</span>  pathlen, flags, f_vrfy, p_vrfy );</div> <div class="line"><a name="l01918"></a><span class="lineno"> 1918</span>  <span class="keywordflow">if</span>( ret != 0 )</div> <div class="line"><a name="l01919"></a><span class="lineno"> 1919</span>  <span class="keywordflow">return</span>( ret );</div> <div class="line"><a name="l01920"></a><span class="lineno"> 1920</span>  }</div> <div class="line"><a name="l01921"></a><span class="lineno"> 1921</span> </div> <div class="line"><a name="l01922"></a><span class="lineno"> 1922</span>  <span class="keywordflow">if</span>( *flags != 0 )</div> <div class="line"><a name="l01923"></a><span class="lineno"> 1923</span>  <span class="keywordflow">return</span>( <a class="code" href="group__x509__module.html#ga2712a2708993f706e6c3f3716ec1f275">POLARSSL_ERR_X509_CERT_VERIFY_FAILED</a> );</div> <div class="line"><a name="l01924"></a><span class="lineno"> 1924</span> </div> <div class="line"><a name="l01925"></a><span class="lineno"> 1925</span>  <span class="keywordflow">return</span>( 0 );</div> <div class="line"><a name="l01926"></a><span class="lineno"> 1926</span> }</div> <div class="line"><a name="l01927"></a><span class="lineno"> 1927</span> </div> <div class="line"><a name="l01928"></a><span class="lineno"> 1928</span> <span class="comment">/*</span></div> <div class="line"><a name="l01929"></a><span class="lineno"> 1929</span> <span class="comment"> * Initialize a certificate chain</span></div> <div class="line"><a name="l01930"></a><span class="lineno"> 1930</span> <span class="comment"> */</span></div> <div class="line"><a name="l01931"></a><span class="lineno"> 1931</span> <span class="keywordtype">void</span> <a class="code" href="group__x509__module.html#ga27ba872627e98561bd04b0fd3aca1297">x509_crt_init</a>( <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt )</div> <div class="line"><a name="l01932"></a><span class="lineno"> 1932</span> {</div> <div class="line"><a name="l01933"></a><span class="lineno"> 1933</span>  memset( crt, 0, <span class="keyword">sizeof</span>(<a class="code" href="struct__x509__crt.html">x509_crt</a>) );</div> <div class="line"><a name="l01934"></a><span class="lineno"> 1934</span> }</div> <div class="line"><a name="l01935"></a><span class="lineno"> 1935</span> </div> <div class="line"><a name="l01936"></a><span class="lineno"> 1936</span> <span class="comment">/*</span></div> <div class="line"><a name="l01937"></a><span class="lineno"> 1937</span> <span class="comment"> * Unallocate all certificate data</span></div> <div class="line"><a name="l01938"></a><span class="lineno"> 1938</span> <span class="comment"> */</span></div> <div class="line"><a name="l01939"></a><span class="lineno"> 1939</span> <span class="keywordtype">void</span> <a class="code" href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a>( <a class="code" href="struct__x509__crt.html">x509_crt</a> *crt )</div> <div class="line"><a name="l01940"></a><span class="lineno"> 1940</span> {</div> <div class="line"><a name="l01941"></a><span class="lineno"> 1941</span>  <a class="code" href="struct__x509__crt.html">x509_crt</a> *cert_cur = crt;</div> <div class="line"><a name="l01942"></a><span class="lineno"> 1942</span>  <a class="code" href="struct__x509__crt.html">x509_crt</a> *cert_prv;</div> <div class="line"><a name="l01943"></a><span class="lineno"> 1943</span>  <a class="code" href="struct__asn1__named__data.html">x509_name</a> *name_cur;</div> <div class="line"><a name="l01944"></a><span class="lineno"> 1944</span>  <a class="code" href="struct__asn1__named__data.html">x509_name</a> *name_prv;</div> <div class="line"><a name="l01945"></a><span class="lineno"> 1945</span>  <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *seq_cur;</div> <div class="line"><a name="l01946"></a><span class="lineno"> 1946</span>  <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> *seq_prv;</div> <div class="line"><a name="l01947"></a><span class="lineno"> 1947</span> </div> <div class="line"><a name="l01948"></a><span class="lineno"> 1948</span>  <span class="keywordflow">if</span>( crt == NULL )</div> <div class="line"><a name="l01949"></a><span class="lineno"> 1949</span>  <span class="keywordflow">return</span>;</div> <div class="line"><a name="l01950"></a><span class="lineno"> 1950</span> </div> <div class="line"><a name="l01951"></a><span class="lineno"> 1951</span>  <span class="keywordflow">do</span></div> <div class="line"><a name="l01952"></a><span class="lineno"> 1952</span>  {</div> <div class="line"><a name="l01953"></a><span class="lineno"> 1953</span>  <a class="code" href="pk_8h.html#a7b5e20233f984cf440379b41b9961911">pk_free</a>( &cert_cur-><a class="code" href="struct__x509__crt.html#a25d579cf750491647545181f6a859668">pk</a> );</div> <div class="line"><a name="l01954"></a><span class="lineno"> 1954</span> </div> <div class="line"><a name="l01955"></a><span class="lineno"> 1955</span> <span class="preprocessor">#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)</span></div> <div class="line"><a name="l01956"></a><span class="lineno"> 1956</span> <span class="preprocessor"></span> <a class="code" href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a>( cert_cur-><a class="code" href="struct__x509__crt.html#a40a7d7d028348b4add2f43378ba93ade">sig_opts</a> );</div> <div class="line"><a name="l01957"></a><span class="lineno"> 1957</span> <span class="preprocessor">#endif</span></div> <div class="line"><a name="l01958"></a><span class="lineno"> 1958</span> <span class="preprocessor"></span></div> <div class="line"><a name="l01959"></a><span class="lineno"> 1959</span>  name_cur = cert_cur-><a class="code" href="struct__x509__crt.html#a06648e31fe4adffdca0995568ce6aab9">issuer</a>.<a class="code" href="struct__asn1__named__data.html#a58d2c1bba1746711bac4f41a74f5333c">next</a>;</div> <div class="line"><a name="l01960"></a><span class="lineno"> 1960</span>  <span class="keywordflow">while</span>( name_cur != NULL )</div> <div class="line"><a name="l01961"></a><span class="lineno"> 1961</span>  {</div> <div class="line"><a name="l01962"></a><span class="lineno"> 1962</span>  name_prv = name_cur;</div> <div class="line"><a name="l01963"></a><span class="lineno"> 1963</span>  name_cur = name_cur-><a class="code" href="struct__asn1__named__data.html#a58d2c1bba1746711bac4f41a74f5333c">next</a>;</div> <div class="line"><a name="l01964"></a><span class="lineno"> 1964</span>  polarssl_zeroize( name_prv, <span class="keyword">sizeof</span>( <a class="code" href="struct__asn1__named__data.html">x509_name</a> ) );</div> <div class="line"><a name="l01965"></a><span class="lineno"> 1965</span>  <a class="code" href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a>( name_prv );</div> <div class="line"><a name="l01966"></a><span class="lineno"> 1966</span>  }</div> <div class="line"><a name="l01967"></a><span class="lineno"> 1967</span> </div> <div class="line"><a name="l01968"></a><span class="lineno"> 1968</span>  name_cur = cert_cur-><a class="code" href="struct__x509__crt.html#aaa20d3625961655031604d587d40ad9f">subject</a>.<a class="code" href="struct__asn1__named__data.html#a58d2c1bba1746711bac4f41a74f5333c">next</a>;</div> <div class="line"><a name="l01969"></a><span class="lineno"> 1969</span>  <span class="keywordflow">while</span>( name_cur != NULL )</div> <div class="line"><a name="l01970"></a><span class="lineno"> 1970</span>  {</div> <div class="line"><a name="l01971"></a><span class="lineno"> 1971</span>  name_prv = name_cur;</div> <div class="line"><a name="l01972"></a><span class="lineno"> 1972</span>  name_cur = name_cur-><a class="code" href="struct__asn1__named__data.html#a58d2c1bba1746711bac4f41a74f5333c">next</a>;</div> <div class="line"><a name="l01973"></a><span class="lineno"> 1973</span>  polarssl_zeroize( name_prv, <span class="keyword">sizeof</span>( <a class="code" href="struct__asn1__named__data.html">x509_name</a> ) );</div> <div class="line"><a name="l01974"></a><span class="lineno"> 1974</span>  <a class="code" href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a>( name_prv );</div> <div class="line"><a name="l01975"></a><span class="lineno"> 1975</span>  }</div> <div class="line"><a name="l01976"></a><span class="lineno"> 1976</span> </div> <div class="line"><a name="l01977"></a><span class="lineno"> 1977</span>  seq_cur = cert_cur-><a class="code" href="struct__x509__crt.html#ae97d80b0f4a8c36bae7424c07a492c39">ext_key_usage</a>.<a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a>;</div> <div class="line"><a name="l01978"></a><span class="lineno"> 1978</span>  <span class="keywordflow">while</span>( seq_cur != NULL )</div> <div class="line"><a name="l01979"></a><span class="lineno"> 1979</span>  {</div> <div class="line"><a name="l01980"></a><span class="lineno"> 1980</span>  seq_prv = seq_cur;</div> <div class="line"><a name="l01981"></a><span class="lineno"> 1981</span>  seq_cur = seq_cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a>;</div> <div class="line"><a name="l01982"></a><span class="lineno"> 1982</span>  polarssl_zeroize( seq_prv, <span class="keyword">sizeof</span>( <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> ) );</div> <div class="line"><a name="l01983"></a><span class="lineno"> 1983</span>  <a class="code" href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a>( seq_prv );</div> <div class="line"><a name="l01984"></a><span class="lineno"> 1984</span>  }</div> <div class="line"><a name="l01985"></a><span class="lineno"> 1985</span> </div> <div class="line"><a name="l01986"></a><span class="lineno"> 1986</span>  seq_cur = cert_cur-><a class="code" href="struct__x509__crt.html#af96ed7e509440ffce0cbf87735afa4b9">subject_alt_names</a>.<a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a>;</div> <div class="line"><a name="l01987"></a><span class="lineno"> 1987</span>  <span class="keywordflow">while</span>( seq_cur != NULL )</div> <div class="line"><a name="l01988"></a><span class="lineno"> 1988</span>  {</div> <div class="line"><a name="l01989"></a><span class="lineno"> 1989</span>  seq_prv = seq_cur;</div> <div class="line"><a name="l01990"></a><span class="lineno"> 1990</span>  seq_cur = seq_cur-><a class="code" href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">next</a>;</div> <div class="line"><a name="l01991"></a><span class="lineno"> 1991</span>  polarssl_zeroize( seq_prv, <span class="keyword">sizeof</span>( <a class="code" href="struct__asn1__sequence.html">x509_sequence</a> ) );</div> <div class="line"><a name="l01992"></a><span class="lineno"> 1992</span>  <a class="code" href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a>( seq_prv );</div> <div class="line"><a name="l01993"></a><span class="lineno"> 1993</span>  }</div> <div class="line"><a name="l01994"></a><span class="lineno"> 1994</span> </div> <div class="line"><a name="l01995"></a><span class="lineno"> 1995</span>  <span class="keywordflow">if</span>( cert_cur-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> != NULL )</div> <div class="line"><a name="l01996"></a><span class="lineno"> 1996</span>  {</div> <div class="line"><a name="l01997"></a><span class="lineno"> 1997</span>  polarssl_zeroize( cert_cur-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a>, cert_cur-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">len</a> );</div> <div class="line"><a name="l01998"></a><span class="lineno"> 1998</span>  <a class="code" href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a>( cert_cur-><a class="code" href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">raw</a>.<a class="code" href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">p</a> );</div> <div class="line"><a name="l01999"></a><span class="lineno"> 1999</span>  }</div> <div class="line"><a name="l02000"></a><span class="lineno"> 2000</span> </div> <div class="line"><a name="l02001"></a><span class="lineno"> 2001</span>  cert_cur = cert_cur-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a>;</div> <div class="line"><a name="l02002"></a><span class="lineno"> 2002</span>  }</div> <div class="line"><a name="l02003"></a><span class="lineno"> 2003</span>  <span class="keywordflow">while</span>( cert_cur != NULL );</div> <div class="line"><a name="l02004"></a><span class="lineno"> 2004</span> </div> <div class="line"><a name="l02005"></a><span class="lineno"> 2005</span>  cert_cur = crt;</div> <div class="line"><a name="l02006"></a><span class="lineno"> 2006</span>  <span class="keywordflow">do</span></div> <div class="line"><a name="l02007"></a><span class="lineno"> 2007</span>  {</div> <div class="line"><a name="l02008"></a><span class="lineno"> 2008</span>  cert_prv = cert_cur;</div> <div class="line"><a name="l02009"></a><span class="lineno"> 2009</span>  cert_cur = cert_cur-><a class="code" href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">next</a>;</div> <div class="line"><a name="l02010"></a><span class="lineno"> 2010</span> </div> <div class="line"><a name="l02011"></a><span class="lineno"> 2011</span>  polarssl_zeroize( cert_prv, <span class="keyword">sizeof</span>( <a class="code" href="struct__x509__crt.html">x509_crt</a> ) );</div> <div class="line"><a name="l02012"></a><span class="lineno"> 2012</span>  <span class="keywordflow">if</span>( cert_prv != crt )</div> <div class="line"><a name="l02013"></a><span class="lineno"> 2013</span>  <a class="code" href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a>( cert_prv );</div> <div class="line"><a name="l02014"></a><span class="lineno"> 2014</span>  }</div> <div class="line"><a name="l02015"></a><span class="lineno"> 2015</span>  <span class="keywordflow">while</span>( cert_cur != NULL );</div> <div class="line"><a name="l02016"></a><span class="lineno"> 2016</span> }</div> <div class="line"><a name="l02017"></a><span class="lineno"> 2017</span> </div> <div class="line"><a name="l02018"></a><span class="lineno"> 2018</span> <span class="preprocessor">#endif </span><span class="comment">/* POLARSSL_X509_CRT_PARSE_C */</span><span class="preprocessor"></span></div> <div class="ttc" id="md_8h_html_aae13853f5988bdef5c27ee475ba1295f"><div class="ttname"><a href="md_8h.html#aae13853f5988bdef5c27ee475ba1295f">md</a></div><div class="ttdeci">int md(const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output)</div><div class="ttdoc">Output = message_digest( input buffer ) </div></div> <div class="ttc" id="struct__x509__crl_html_a8dbbb135e7819c854ea3c344a42a7400"><div class="ttname"><a href="struct__x509__crl.html#a8dbbb135e7819c854ea3c344a42a7400">_x509_crl::sig</a></div><div class="ttdeci">x509_buf sig</div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00093">x509_crl.h:93</a></div></div> <div class="ttc" id="x509_8h_html_a0409eb86cad22e4ecf3b31585bd1aca8"><div class="ttname"><a href="x509_8h.html#a0409eb86cad22e4ecf3b31585bd1aca8">x509_time_expired</a></div><div class="ttdeci">int x509_time_expired(const x509_time *time)</div><div class="ttdoc">Check a given x509_time against the system time and check if it is not expired. </div></div> <div class="ttc" id="asn1_8h_html_aff5e02b8136105bacb05e350678bad0d"><div class="ttname"><a href="asn1_8h.html#aff5e02b8136105bacb05e350678bad0d">asn1_get_sequence_of</a></div><div class="ttdeci">int asn1_get_sequence_of(unsigned char **p, const unsigned char *end, asn1_sequence *cur, int tag)</div><div class="ttdoc">Parses and splits an ASN.1 &quot;SEQUENCE OF &lt;tag&gt;&quot; Updated the pointer to immediately behind the full seq...</div></div> <div class="ttc" id="struct__x509__crt_html_af96ed7e509440ffce0cbf87735afa4b9"><div class="ttname"><a href="struct__x509__crt.html#af96ed7e509440ffce0cbf87735afa4b9">_x509_crt::subject_alt_names</a></div><div class="ttdeci">x509_sequence subject_alt_names</div><div class="ttdoc">Optional list of Subject Alternative Names (Only dNSName supported). </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00080">x509_crt.h:80</a></div></div> <div class="ttc" id="x509_8h_html_a6ca31be06f89a3f5c8abc93654460a77"><div class="ttname"><a href="x509_8h.html#a6ca31be06f89a3f5c8abc93654460a77">X509_FORMAT_DER</a></div><div class="ttdeci">#define X509_FORMAT_DER</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00143">x509.h:143</a></div></div> <div class="ttc" id="x509_8h_html_aa97f2a6fc340bc3a22004fe7a245a1c6"><div class="ttname"><a href="x509_8h.html#aa97f2a6fc340bc3a22004fe7a245a1c6">KU_NON_REPUDIATION</a></div><div class="ttdeci">#define KU_NON_REPUDIATION</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00094">x509.h:94</a></div></div> <div class="ttc" id="group__asn1__module_html_ga3fef844d0ea67080b66b3a4d5f0a9ec8"><div class="ttname"><a href="group__asn1__module.html#ga3fef844d0ea67080b66b3a4d5f0a9ec8">ASN1_OID</a></div><div class="ttdeci">#define ASN1_OID</div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00080">asn1.h:80</a></div></div> <div class="ttc" id="x509_8h_html_ac59433ad6f1280708a8409937133d4c1"><div class="ttname"><a href="x509_8h.html#ac59433ad6f1280708a8409937133d4c1">EXT_KEY_USAGE</a></div><div class="ttdeci">#define EXT_KEY_USAGE</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00123">x509.h:123</a></div></div> <div class="ttc" id="threading_8h_html_a20d968ec5d48ea16cfab980204e3cb90"><div class="ttname"><a href="threading_8h.html#a20d968ec5d48ea16cfab980204e3cb90">polarssl_mutex_lock</a></div><div class="ttdeci">int(* polarssl_mutex_lock)(threading_mutex_t *mutex)</div></div> <div class="ttc" id="struct__x509__time_html_a61b09ab58c9d829c4a258ac1a63fff3d"><div class="ttname"><a href="struct__x509__time.html#a61b09ab58c9d829c4a258ac1a63fff3d">_x509_time::sec</a></div><div class="ttdeci">int sec</div><div class="ttdoc">Time. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00184">x509.h:184</a></div></div> <div class="ttc" id="x509_8h_html_adda289450390e9ed0090e7c0ec6fa299"><div class="ttname"><a href="x509_8h.html#adda289450390e9ed0090e7c0ec6fa299">x509_get_name</a></div><div class="ttdeci">int x509_get_name(unsigned char **p, const unsigned char *end, x509_name *cur)</div></div> <div class="ttc" id="group__x509__module_html_ga4c0033b4b5ea413f79b133b9172d967b"><div class="ttname"><a href="group__x509__module.html#ga4c0033b4b5ea413f79b133b9172d967b">POLARSSL_ERR_X509_INVALID_DATE</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_INVALID_DATE</div><div class="ttdoc">The date tag or value is invalid. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00059">x509.h:59</a></div></div> <div class="ttc" id="struct__x509__crl_html_a47cdae3f7ed31cfd0528c73310cd1412"><div class="ttname"><a href="struct__x509__crl.html#a47cdae3f7ed31cfd0528c73310cd1412">_x509_crl::version</a></div><div class="ttdeci">int version</div><div class="ttdoc">CRL version (1=v1, 2=v2) </div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00078">x509_crl.h:78</a></div></div> <div class="ttc" id="struct__asn1__sequence_html_a0b83ba95e1aa990bde524d6b7e5bac92"><div class="ttname"><a href="struct__asn1__sequence.html#a0b83ba95e1aa990bde524d6b7e5bac92">_asn1_sequence::buf</a></div><div class="ttdeci">asn1_buf buf</div><div class="ttdoc">Buffer containing the given ASN.1 item. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00148">asn1.h:148</a></div></div> <div class="ttc" id="x509_8h_html_af42889af2745403af6f110aef5e4c1aa"><div class="ttname"><a href="x509_8h.html#af42889af2745403af6f110aef5e4c1aa">x509_get_serial</a></div><div class="ttdeci">int x509_get_serial(unsigned char **p, const unsigned char *end, x509_buf *serial)</div></div> <div class="ttc" id="struct__x509__crt_html_a6d19509e8967a010100917d08ba597a3"><div class="ttname"><a href="struct__x509__crt.html#a6d19509e8967a010100917d08ba597a3">_x509_crt::raw</a></div><div class="ttdeci">x509_buf raw</div><div class="ttdoc">The raw certificate data (DER). </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00059">x509_crt.h:59</a></div></div> <div class="ttc" id="struct__x509__crl_html_a6398306fdb9fae8043cfe7e677fb3293"><div class="ttname"><a href="struct__x509__crl.html#a6398306fdb9fae8043cfe7e677fb3293">_x509_crl::next_update</a></div><div class="ttdeci">x509_time next_update</div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00086">x509_crl.h:86</a></div></div> <div class="ttc" id="group__asn1__module_html_gaffc1c105d348cf2be47a2c8d6ab5ef63"><div class="ttname"><a href="group__asn1__module.html#gaffc1c105d348cf2be47a2c8d6ab5ef63">POLARSSL_ERR_ASN1_LENGTH_MISMATCH</a></div><div class="ttdeci">#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH</div><div class="ttdoc">Actual length differs from expected length. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00057">asn1.h:57</a></div></div> <div class="ttc" id="struct__x509__crt_html_a2d2e1fe30a2a7b0206118f8db3f3ffa3"><div class="ttname"><a href="struct__x509__crt.html#a2d2e1fe30a2a7b0206118f8db3f3ffa3">_x509_crt::ext_types</a></div><div class="ttdeci">int ext_types</div><div class="ttdoc">Bit string containing detected and parsed extensions. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00082">x509_crt.h:82</a></div></div> <div class="ttc" id="struct__x509__crl__entry_html"><div class="ttname"><a href="struct__x509__crl__entry.html">_x509_crl_entry</a></div><div class="ttdoc">Certificate revocation list entry. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00055">x509_crl.h:55</a></div></div> <div class="ttc" id="test__suite__aes_8cbc_8c_html_a2a0cfb9e59f28e2a1a5fd1880fb20d4b"><div class="ttname"><a href="test__suite__aes_8cbc_8c.html#a2a0cfb9e59f28e2a1a5fd1880fb20d4b">polarssl_malloc</a></div><div class="ttdeci">#define polarssl_malloc</div><div class="ttdef"><b>Definition:</b> <a href="test__suite__aes_8cbc_8c_source.html#l00310">test_suite_aes.cbc.c:310</a></div></div> <div class="ttc" id="pk_8h_html_aba04299e090477925590c9e70b4b5a52"><div class="ttname"><a href="pk_8h.html#aba04299e090477925590c9e70b4b5a52">pk_get_size</a></div><div class="ttdeci">size_t pk_get_size(const pk_context *ctx)</div><div class="ttdoc">Get the size in bits of the underlying key. </div></div> <div class="ttc" id="oid_8h_html_aa782cdcc5b462cfbf093f08e782fbb00"><div class="ttname"><a href="oid_8h.html#aa782cdcc5b462cfbf093f08e782fbb00">OID_ANY_EXTENDED_KEY_USAGE</a></div><div class="ttdeci">#define OID_ANY_EXTENDED_KEY_USAGE</div><div class="ttdoc">anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } </div><div class="ttdef"><b>Definition:</b> <a href="oid_8h_source.html#l00173">oid.h:173</a></div></div> <div class="ttc" id="struct__x509__crt_html_a40a7d7d028348b4add2f43378ba93ade"><div class="ttname"><a href="struct__x509__crt.html#a40a7d7d028348b4add2f43378ba93ade">_x509_crt::sig_opts</a></div><div class="ttdeci">void * sig_opts</div><div class="ttdoc">Signature options to be passed to pk_verify_ext(), e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00096">x509_crt.h:96</a></div></div> <div class="ttc" id="test__suite__aes_8cbc_8c_html_a3c8219c194813f302bf78fe73566cb2d"><div class="ttname"><a href="test__suite__aes_8cbc_8c.html#a3c8219c194813f302bf78fe73566cb2d">polarssl_free</a></div><div class="ttdeci">#define polarssl_free</div><div class="ttdef"><b>Definition:</b> <a href="test__suite__aes_8cbc_8c_source.html#l00311">test_suite_aes.cbc.c:311</a></div></div> <div class="ttc" id="group__x509__module_html_ga2a86f0efb25d083307eadf96585d4222"><div class="ttname"><a href="group__x509__module.html#ga2a86f0efb25d083307eadf96585d4222">POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT</div><div class="ttdoc">Format not recognized as DER or PEM. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00066">x509.h:66</a></div></div> <div class="ttc" id="x509_8h_html_a7813d9ed1f4ee1f122782d31f459d989"><div class="ttname"><a href="x509_8h.html#a7813d9ed1f4ee1f122782d31f459d989">EXT_BASIC_CONSTRAINTS</a></div><div class="ttdeci">#define EXT_BASIC_CONSTRAINTS</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00129">x509.h:129</a></div></div> <div class="ttc" id="struct__x509__crt_html_a6702ec42d12762793f79f18cd1697e7a"><div class="ttname"><a href="struct__x509__crt.html#a6702ec42d12762793f79f18cd1697e7a">_x509_crt::ns_cert_type</a></div><div class="ttdeci">unsigned char ns_cert_type</div><div class="ttdoc">Optional Netscape certificate type extension value: See the values in x509.h. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00090">x509_crt.h:90</a></div></div> <div class="ttc" id="x509_8h_html_acb386c6cbfb8bd9160b34ad6a0430a87"><div class="ttname"><a href="x509_8h.html#acb386c6cbfb8bd9160b34ad6a0430a87">x509_get_sig_alg</a></div><div class="ttdeci">int x509_get_sig_alg(const x509_buf *sig_oid, const x509_buf *sig_params, md_type_t *md_alg, pk_type_t *pk_alg, void **sig_opts)</div></div> <div class="ttc" id="x509_8h_html_a5d7af2d0048312e611b8af54eabd064a"><div class="ttname"><a href="x509_8h.html#a5d7af2d0048312e611b8af54eabd064a">KU_DATA_ENCIPHERMENT</a></div><div class="ttdeci">#define KU_DATA_ENCIPHERMENT</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00096">x509.h:96</a></div></div> <div class="ttc" id="struct__x509__crt_html_af204d5c32f4b72b959feec1d249459da"><div class="ttname"><a href="struct__x509__crt.html#af204d5c32f4b72b959feec1d249459da">_x509_crt::issuer_raw</a></div><div class="ttdeci">x509_buf issuer_raw</div><div class="ttdoc">The raw issuer data (DER). </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00066">x509_crt.h:66</a></div></div> <div class="ttc" id="group__x509__module_html_gabbb0baf5d3e9281b059e3177138f4eaf"><div class="ttname"><a href="group__x509__module.html#gabbb0baf5d3e9281b059e3177138f4eaf">POLARSSL_ERR_X509_INVALID_FORMAT</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_INVALID_FORMAT</div><div class="ttdoc">The CRT/CRL/CSR format is invalid, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00054">x509.h:54</a></div></div> <div class="ttc" id="x509_8h_html_a1e7659be2b5cf7fb32709dbe72f0cf45"><div class="ttname"><a href="x509_8h.html#a1e7659be2b5cf7fb32709dbe72f0cf45">x509_key_size_helper</a></div><div class="ttdeci">int x509_key_size_helper(char *buf, size_t size, const char *name)</div></div> <div class="ttc" id="x509_8h_html_ab74494b8a65972aebb605bdd9680d545"><div class="ttname"><a href="x509_8h.html#ab74494b8a65972aebb605bdd9680d545">NS_CERT_TYPE_OBJECT_SIGNING</a></div><div class="ttdeci">#define NS_CERT_TYPE_OBJECT_SIGNING</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00109">x509.h:109</a></div></div> <div class="ttc" id="struct__x509__crl_html_a956a33ee49181d79dc5bfd5261355a52"><div class="ttname"><a href="struct__x509__crl.html#a956a33ee49181d79dc5bfd5261355a52">_x509_crl::next</a></div><div class="ttdeci">struct _x509_crl * next</div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00098">x509_crl.h:98</a></div></div> <div class="ttc" id="asn1_8h_html_ac1ec6c9510754709ffbe5ed9b746d009"><div class="ttname"><a href="asn1_8h.html#ac1ec6c9510754709ffbe5ed9b746d009">asn1_get_int</a></div><div class="ttdeci">int asn1_get_int(unsigned char **p, const unsigned char *end, int *val)</div><div class="ttdoc">Retrieve an integer ASN.1 tag and its value. </div></div> <div class="ttc" id="struct__asn1__bitstring_html_a031738b1889cd7c0e1b7c11fb958b174"><div class="ttname"><a href="struct__asn1__bitstring.html#a031738b1889cd7c0e1b7c11fb958b174">_asn1_bitstring::len</a></div><div class="ttdeci">size_t len</div><div class="ttdoc">ASN1 length, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00137">asn1.h:137</a></div></div> <div class="ttc" id="struct__x509__crl_html_a275c3b9b762b987eebf2728e7037e369"><div class="ttname"><a href="struct__x509__crl.html#a275c3b9b762b987eebf2728e7037e369">_x509_crl::sig_opts</a></div><div class="ttdeci">void * sig_opts</div><div class="ttdoc">Signature options to be passed to pk_verify_ext(), e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00096">x509_crl.h:96</a></div></div> <div class="ttc" id="struct__x509__time_html"><div class="ttname"><a href="struct__x509__time.html">_x509_time</a></div><div class="ttdoc">Container for date and time (precision in seconds). </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00181">x509.h:181</a></div></div> <div class="ttc" id="group__x509__module_html_gafc724dee6827c47fed1eec64bb13727b"><div class="ttname"><a href="group__x509__module.html#gafc724dee6827c47fed1eec64bb13727b">x509_crt_parse</a></div><div class="ttdeci">int x509_crt_parse(x509_crt *chain, const unsigned char *buf, size_t buflen)</div><div class="ttdoc">Parse one or more certificates and add them to the chained list. </div></div> <div class="ttc" id="group__asn1__module_html_ga9321fc9f2a5ef4103008fbe5c4b230df"><div class="ttname"><a href="group__asn1__module.html#ga9321fc9f2a5ef4103008fbe5c4b230df">ASN1_SEQUENCE</a></div><div class="ttdeci">#define ASN1_SEQUENCE</div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00082">asn1.h:82</a></div></div> <div class="ttc" id="struct__x509__crt_html_adced3d7dd1364a295d7a1ac853487f4e"><div class="ttname"><a href="struct__x509__crt.html#adced3d7dd1364a295d7a1ac853487f4e">_x509_crt::sig_oid2</a></div><div class="ttdeci">x509_buf sig_oid2</div><div class="ttdoc">Signature algorithm. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00092">x509_crt.h:92</a></div></div> <div class="ttc" id="oid_8h_html_af297567147812e85f74a06306ef49f1a"><div class="ttname"><a href="oid_8h.html#af297567147812e85f74a06306ef49f1a">oid_get_x509_ext_type</a></div><div class="ttdeci">int oid_get_x509_ext_type(const asn1_buf *oid, int *ext_type)</div><div class="ttdoc">Translate an X.509 extension OID into local values. </div></div> <div class="ttc" id="group__x509__module_html_ga63b4c873caf7b95bd4b081e476a60f1a"><div class="ttname"><a href="group__x509__module.html#ga63b4c873caf7b95bd4b081e476a60f1a">x509_crt_free</a></div><div class="ttdeci">void x509_crt_free(x509_crt *crt)</div><div class="ttdoc">Unallocate all certificate data. </div></div> <div class="ttc" id="config_8h_html"><div class="ttname"><a href="config_8h.html">config.h</a></div><div class="ttdoc">Configuration options (set of defines) </div></div> <div class="ttc" id="asn1_8h_html_a068fd58b6b0011021a516695ff14a41e"><div class="ttname"><a href="asn1_8h.html#a068fd58b6b0011021a516695ff14a41e">OID_CMP</a></div><div class="ttdeci">#define OID_CMP(oid_str, oid_buf)</div><div class="ttdoc">Compares an asn1_buf structure to a reference OID. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00108">asn1.h:108</a></div></div> <div class="ttc" id="struct__x509__crt_html_aa3e2e8dba6eedabdac8a59711f466925"><div class="ttname"><a href="struct__x509__crt.html#aa3e2e8dba6eedabdac8a59711f466925">_x509_crt::tbs</a></div><div class="ttdeci">x509_buf tbs</div><div class="ttdoc">The raw certificate body (DER). </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00060">x509_crt.h:60</a></div></div> <div class="ttc" id="struct__x509__crt_html_a43b8188727039be4f27d17817b3c73ad"><div class="ttname"><a href="struct__x509__crt.html#a43b8188727039be4f27d17817b3c73ad">_x509_crt::serial</a></div><div class="ttdeci">x509_buf serial</div><div class="ttdoc">Unique id for certificate issued by a specific CA. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00063">x509_crt.h:63</a></div></div> <div class="ttc" id="struct__x509__crt_html_a78d84128bb696cbe73587fd855ce1254"><div class="ttname"><a href="struct__x509__crt.html#a78d84128bb696cbe73587fd855ce1254">_x509_crt::sig_md</a></div><div class="ttdeci">md_type_t sig_md</div><div class="ttdoc">Internal representation of the MD algorithm of the signature algorithm, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00094">x509_crt.h:94</a></div></div> <div class="ttc" id="x509_8h_html_a57c9011afb5ab5f02020e1e31b43b871"><div class="ttname"><a href="x509_8h.html#a57c9011afb5ab5f02020e1e31b43b871">NS_CERT_TYPE_OBJECT_SIGNING_CA</a></div><div class="ttdeci">#define NS_CERT_TYPE_OBJECT_SIGNING_CA</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00113">x509.h:113</a></div></div> <div class="ttc" id="struct__x509__crt_html_aaadc9927dbde5bbb5f5659a926c4699b"><div class="ttname"><a href="struct__x509__crt.html#aaadc9927dbde5bbb5f5659a926c4699b">_x509_crt::ca_istrue</a></div><div class="ttdeci">int ca_istrue</div><div class="ttdoc">Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise...</div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00083">x509_crt.h:83</a></div></div> <div class="ttc" id="group__asn1__module_html_ga799d7b17a9532e1dadc8355f04477e27"><div class="ttname"><a href="group__asn1__module.html#ga799d7b17a9532e1dadc8355f04477e27">ASN1_CONSTRUCTED</a></div><div class="ttdeci">#define ASN1_CONSTRUCTED</div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00092">asn1.h:92</a></div></div> <div class="ttc" id="group__x509__module_html_ga2d8d1c87fa24f176a160041f11ad3c72"><div class="ttname"><a href="group__x509__module.html#ga2d8d1c87fa24f176a160041f11ad3c72">x509_crt_parse_der</a></div><div class="ttdeci">int x509_crt_parse_der(x509_crt *chain, const unsigned char *buf, size_t buflen)</div><div class="ttdoc">Parse a single DER formatted certificate and add it to the chained list. </div></div> <div class="ttc" id="platform_8h_html"><div class="ttname"><a href="platform_8h.html">platform.h</a></div><div class="ttdoc">PolarSSL Platform abstraction layer. </div></div> <div class="ttc" id="struct__x509__crt_html_a03e290fdd84042c87f3fdb1f67175679"><div class="ttname"><a href="struct__x509__crt.html#a03e290fdd84042c87f3fdb1f67175679">_x509_crt::max_pathlen</a></div><div class="ttdeci">int max_pathlen</div><div class="ttdoc">Optional Basic Constraint extension value: The maximum path length to the root certificate. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00084">x509_crt.h:84</a></div></div> <div class="ttc" id="x509_8h_html_afef25b57c521744eb0edcb08e38521c5"><div class="ttname"><a href="x509_8h.html#afef25b57c521744eb0edcb08e38521c5">x509_get_sig</a></div><div class="ttdeci">int x509_get_sig(unsigned char **p, const unsigned char *end, x509_buf *sig)</div></div> <div class="ttc" id="pk_8h_html_a8c98e8c088dce6f72b4c8825d6f19160"><div class="ttname"><a href="pk_8h.html#a8c98e8c088dce6f72b4c8825d6f19160">pk_get_name</a></div><div class="ttdeci">const char * pk_get_name(const pk_context *ctx)</div><div class="ttdoc">Access the type name. </div></div> <div class="ttc" id="group__x509__module_html_gad3e80bd3df035edaa81dcd44da586153"><div class="ttname"><a href="group__x509__module.html#gad3e80bd3df035edaa81dcd44da586153">BADCRL_NOT_TRUSTED</a></div><div class="ttdeci">#define BADCRL_NOT_TRUSTED</div><div class="ttdoc">CRL is not correctly signed by the trusted CA. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00080">x509.h:80</a></div></div> <div class="ttc" id="group__asn1__module_html_ga05662cd7f7290c3de3e74598f0a60b7e"><div class="ttname"><a href="group__asn1__module.html#ga05662cd7f7290c3de3e74598f0a60b7e">POLARSSL_ERR_ASN1_INVALID_LENGTH</a></div><div class="ttdeci">#define POLARSSL_ERR_ASN1_INVALID_LENGTH</div><div class="ttdoc">Error when trying to determine the length or invalid length. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00056">asn1.h:56</a></div></div> <div class="ttc" id="struct__asn1__bitstring_html"><div class="ttname"><a href="struct__asn1__bitstring.html">_asn1_bitstring</a></div><div class="ttdoc">Container for ASN1 bit strings. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00135">asn1.h:135</a></div></div> <div class="ttc" id="group__x509__module_html_ga04dc192b55781ef24910bd1dfa53e6f3"><div class="ttname"><a href="group__x509__module.html#ga04dc192b55781ef24910bd1dfa53e6f3">POLARSSL_ERR_X509_UNKNOWN_VERSION</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_UNKNOWN_VERSION</div><div class="ttdoc">CRT/CRL/CSR has an unsupported version number. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00062">x509.h:62</a></div></div> <div class="ttc" id="oid_8h_html"><div class="ttname"><a href="oid_8h.html">oid.h</a></div><div class="ttdoc">Object Identifier (OID) database. </div></div> <div class="ttc" id="struct__x509__crl__entry_html_ad17fe768696e8b50898b356ac00d0f3d"><div class="ttname"><a href="struct__x509__crl__entry.html#ad17fe768696e8b50898b356ac00d0f3d">_x509_crl_entry::serial</a></div><div class="ttdeci">x509_buf serial</div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00059">x509_crl.h:59</a></div></div> <div class="ttc" id="oid_8h_html_a5c2207a76142b3c4e5ef1986d8c39a9c"><div class="ttname"><a href="oid_8h.html#a5c2207a76142b3c4e5ef1986d8c39a9c">OID_AT_CN</a></div><div class="ttdeci">#define OID_AT_CN</div><div class="ttdoc">id-at-commonName AttributeType:= {id-at 3} </div><div class="ttdef"><b>Definition:</b> <a href="oid_8h_source.html#l00111">oid.h:111</a></div></div> <div class="ttc" id="x509_8h_html_a159024a3c36c9088b4af1437f937f4fe"><div class="ttname"><a href="x509_8h.html#a159024a3c36c9088b4af1437f937f4fe">x509_get_alg</a></div><div class="ttdeci">int x509_get_alg(unsigned char **p, const unsigned char *end, x509_buf *alg, x509_buf *params)</div></div> <div class="ttc" id="struct__x509__crt_html_af82d5afa90c69fdfd87696951c0eaeb9"><div class="ttname"><a href="struct__x509__crt.html#af82d5afa90c69fdfd87696951c0eaeb9">_x509_crt::next</a></div><div class="ttdeci">struct _x509_crt * next</div><div class="ttdoc">Next certificate in the CA-chain. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00098">x509_crt.h:98</a></div></div> <div class="ttc" id="group__x509__module_html_ga166632ed129cf4900d1d911adaa8ae74"><div class="ttname"><a href="group__x509__module.html#ga166632ed129cf4900d1d911adaa8ae74">x509_crt_check_key_usage</a></div><div class="ttdeci">int x509_crt_check_key_usage(const x509_crt *crt, int usage)</div><div class="ttdoc">Check usage of certificate against keyUsage extension. </div></div> <div class="ttc" id="pk_8h_html_a3a3c4fb7fad1c9097df161208d81b097"><div class="ttname"><a href="pk_8h.html#a3a3c4fb7fad1c9097df161208d81b097">pk_verify_ext</a></div><div class="ttdeci">int pk_verify_ext(pk_type_t type, const void *options, pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len)</div><div class="ttdoc">Verify signature, with options. </div></div> <div class="ttc" id="struct__x509__crl_html_a06f3146c9c0b4c32e2a1971b165eb4a3"><div class="ttname"><a href="struct__x509__crl.html#a06f3146c9c0b4c32e2a1971b165eb4a3">_x509_crl::entry</a></div><div class="ttdeci">x509_crl_entry entry</div><div class="ttdoc">The CRL entries containing the certificate revocation times for this CA. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00088">x509_crl.h:88</a></div></div> <div class="ttc" id="struct__asn1__named__data_html_af1175e54f92e9aaa85fb7a6a27a5511e"><div class="ttname"><a href="struct__asn1__named__data.html#af1175e54f92e9aaa85fb7a6a27a5511e">_asn1_named_data::val</a></div><div class="ttdeci">asn1_buf val</div><div class="ttdoc">The named value. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00159">asn1.h:159</a></div></div> <div class="ttc" id="struct__x509__time_html_a52a420b0bb4513b257c239f967187d97"><div class="ttname"><a href="struct__x509__time.html#a52a420b0bb4513b257c239f967187d97">_x509_time::hour</a></div><div class="ttdeci">int hour</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00184">x509.h:184</a></div></div> <div class="ttc" id="struct__x509__time_html_aa89934c680dcbbb1a74a6ff3f83da264"><div class="ttname"><a href="struct__x509__time.html#aa89934c680dcbbb1a74a6ff3f83da264">_x509_time::mon</a></div><div class="ttdeci">int mon</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00183">x509.h:183</a></div></div> <div class="ttc" id="struct__asn1__sequence_html"><div class="ttname"><a href="struct__asn1__sequence.html">_asn1_sequence</a></div><div class="ttdoc">Container for a sequence of ASN.1 items. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00146">asn1.h:146</a></div></div> <div class="ttc" id="x509_8h_html_a387e2b15df37666dfd95646bf647dae1"><div class="ttname"><a href="x509_8h.html#a387e2b15df37666dfd95646bf647dae1">NS_CERT_TYPE_RESERVED</a></div><div class="ttdeci">#define NS_CERT_TYPE_RESERVED</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00110">x509.h:110</a></div></div> <div class="ttc" id="md_8h_html_a622c94870533dc68f54b8df520d2c6d9"><div class="ttname"><a href="md_8h.html#a622c94870533dc68f54b8df520d2c6d9">md_info_from_type</a></div><div class="ttdeci">const md_info_t * md_info_from_type(md_type_t md_type)</div><div class="ttdoc">Returns the message digest information associated with the given digest type. </div></div> <div class="ttc" id="x509_8h_html_ace702be6b8cff538d3bfef72d2591741"><div class="ttname"><a href="x509_8h.html#ace702be6b8cff538d3bfef72d2591741">x509_get_time</a></div><div class="ttdeci">int x509_get_time(unsigned char **p, const unsigned char *end, x509_time *time)</div></div> <div class="ttc" id="group__x509__module_html_ga64e936014215ef18f026ff101b6f8369"><div class="ttname"><a href="group__x509__module.html#ga64e936014215ef18f026ff101b6f8369">BADCERT_EXPIRED</a></div><div class="ttdeci">#define BADCERT_EXPIRED</div><div class="ttdoc">The certificate validity has expired. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00076">x509.h:76</a></div></div> <div class="ttc" id="group__x509__module_html_ga277aa22d31ad26e5256ec96e589bd5b9"><div class="ttname"><a href="group__x509__module.html#ga277aa22d31ad26e5256ec96e589bd5b9">BADCERT_FUTURE</a></div><div class="ttdeci">#define BADCERT_FUTURE</div><div class="ttdoc">The certificate validity starts in the future. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00085">x509.h:85</a></div></div> <div class="ttc" id="struct__asn1__bitstring_html_aab51c5966b17778a743e4189e9b7ee65"><div class="ttname"><a href="struct__asn1__bitstring.html#aab51c5966b17778a743e4189e9b7ee65">_asn1_bitstring::p</a></div><div class="ttdeci">unsigned char * p</div><div class="ttdoc">Raw ASN1 data for the bit string. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00139">asn1.h:139</a></div></div> <div class="ttc" id="threading_8h_html"><div class="ttname"><a href="threading_8h.html">threading.h</a></div><div class="ttdoc">Threading abstraction layer. </div></div> <div class="ttc" id="group__x509__module_html_ga2712a2708993f706e6c3f3716ec1f275"><div class="ttname"><a href="group__x509__module.html#ga2712a2708993f706e6c3f3716ec1f275">POLARSSL_ERR_X509_CERT_VERIFY_FAILED</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED</div><div class="ttdoc">Certificate verification failed, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00065">x509.h:65</a></div></div> <div class="ttc" id="struct__x509__crt_html"><div class="ttname"><a href="struct__x509__crt.html">_x509_crt</a></div><div class="ttdoc">Container for an X.509 certificate. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00057">x509_crt.h:57</a></div></div> <div class="ttc" id="pem_8h_html"><div class="ttname"><a href="pem_8h.html">pem.h</a></div><div class="ttdoc">Privacy Enhanced Mail (PEM) decoding. </div></div> <div class="ttc" id="struct__x509__crt_html_a6327ca2c2b95bfead7ac5ef37832f59b"><div class="ttname"><a href="struct__x509__crt.html#a6327ca2c2b95bfead7ac5ef37832f59b">_x509_crt::valid_from</a></div><div class="ttdeci">x509_time valid_from</div><div class="ttdoc">Start time of certificate validity. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00072">x509_crt.h:72</a></div></div> <div class="ttc" id="x509_8h_html_a4efdfbe50891c916ade3170b91faeebc"><div class="ttname"><a href="x509_8h.html#a4efdfbe50891c916ade3170b91faeebc">x509_dn_gets</a></div><div class="ttdeci">int x509_dn_gets(char *buf, size_t size, const x509_name *dn)</div><div class="ttdoc">Store the certificate DN in printable form into buf; no more than size characters will be written...</div></div> <div class="ttc" id="struct__asn1__named__data_html_a95593059f3ed1b21f4ae6b04ed3e01dd"><div class="ttname"><a href="struct__asn1__named__data.html#a95593059f3ed1b21f4ae6b04ed3e01dd">_asn1_named_data::oid</a></div><div class="ttdeci">asn1_buf oid</div><div class="ttdoc">The object identifier. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00158">asn1.h:158</a></div></div> <div class="ttc" id="x509_8h_html_aa06876013b3e2b9098529e18e17e96e9"><div class="ttname"><a href="x509_8h.html#aa06876013b3e2b9098529e18e17e96e9">NS_CERT_TYPE_EMAIL</a></div><div class="ttdeci">#define NS_CERT_TYPE_EMAIL</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00108">x509.h:108</a></div></div> <div class="ttc" id="struct__x509__crt_html_ae97d80b0f4a8c36bae7424c07a492c39"><div class="ttname"><a href="struct__x509__crt.html#ae97d80b0f4a8c36bae7424c07a492c39">_x509_crt::ext_key_usage</a></div><div class="ttdeci">x509_sequence ext_key_usage</div><div class="ttdoc">Optional list of extended key usage OIDs. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00088">x509_crt.h:88</a></div></div> <div class="ttc" id="group__x509__module_html_ga27ba872627e98561bd04b0fd3aca1297"><div class="ttname"><a href="group__x509__module.html#ga27ba872627e98561bd04b0fd3aca1297">x509_crt_init</a></div><div class="ttdeci">void x509_crt_init(x509_crt *crt)</div><div class="ttdoc">Initialize a certificate (chain) </div></div> <div class="ttc" id="struct__asn1__buf_html_a5ba4fb2a65b60d2e7fa3737f93e3158e"><div class="ttname"><a href="struct__asn1__buf.html#a5ba4fb2a65b60d2e7fa3737f93e3158e">_asn1_buf::p</a></div><div class="ttdeci">unsigned char * p</div><div class="ttdoc">ASN1 data, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00128">asn1.h:128</a></div></div> <div class="ttc" id="struct__x509__crt_html_aaa20d3625961655031604d587d40ad9f"><div class="ttname"><a href="struct__x509__crt.html#aaa20d3625961655031604d587d40ad9f">_x509_crt::subject</a></div><div class="ttdeci">x509_name subject</div><div class="ttdoc">The parsed subject data (named information object). </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00070">x509_crt.h:70</a></div></div> <div class="ttc" id="x509_8h_html_ab82dcddf27656a1bc2efacc9589838db"><div class="ttname"><a href="x509_8h.html#ab82dcddf27656a1bc2efacc9589838db">EXT_NS_CERT_TYPE</a></div><div class="ttdeci">#define EXT_NS_CERT_TYPE</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00137">x509.h:137</a></div></div> <div class="ttc" id="group__x509__module_html_gaceaeaa6cd00a5c20e71a9a11122d58df"><div class="ttname"><a href="group__x509__module.html#gaceaeaa6cd00a5c20e71a9a11122d58df">x509_crt_verify</a></div><div class="ttdeci">int x509_crt_verify(x509_crt *crt, x509_crt *trust_ca, x509_crl *ca_crl, const char *cn, int *flags, int(*f_vrfy)(void *, x509_crt *, int, int *), void *p_vrfy)</div><div class="ttdoc">Verify the certificate signature. </div></div> <div class="ttc" id="struct__x509__crl_html_a90385547ab0d79a86ac1af2ed65c2a95"><div class="ttname"><a href="struct__x509__crl.html#a90385547ab0d79a86ac1af2ed65c2a95">_x509_crl::tbs</a></div><div class="ttdeci">x509_buf tbs</div><div class="ttdoc">The raw certificate body (DER). </div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00076">x509_crl.h:76</a></div></div> <div class="ttc" id="asn1_8h_html_a099cac848d0bbdc60dd440153e794a1c"><div class="ttname"><a href="asn1_8h.html#a099cac848d0bbdc60dd440153e794a1c">asn1_get_bool</a></div><div class="ttdeci">int asn1_get_bool(unsigned char **p, const unsigned char *end, int *val)</div><div class="ttdoc">Retrieve a boolean ASN.1 tag and its value. </div></div> <div class="ttc" id="struct__x509__crt_html_a03898cad1ed7f09b1032f3a7b4ff515a"><div class="ttname"><a href="struct__x509__crt.html#a03898cad1ed7f09b1032f3a7b4ff515a">_x509_crt::valid_to</a></div><div class="ttdeci">x509_time valid_to</div><div class="ttdoc">End time of certificate validity. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00073">x509_crt.h:73</a></div></div> <div class="ttc" id="struct__x509__crl__entry_html_a0312630b0187919a5d7da80e94d97de8"><div class="ttname"><a href="struct__x509__crl__entry.html#a0312630b0187919a5d7da80e94d97de8">_x509_crl_entry::next</a></div><div class="ttdeci">struct _x509_crl_entry * next</div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00065">x509_crl.h:65</a></div></div> <div class="ttc" id="struct__x509__crl_html_adb786e7c2d7eeb628167691d541b19e2"><div class="ttname"><a href="struct__x509__crl.html#adb786e7c2d7eeb628167691d541b19e2">_x509_crl::sig_md</a></div><div class="ttdeci">md_type_t sig_md</div><div class="ttdoc">Internal representation of the MD algorithm of the signature algorithm, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00094">x509_crl.h:94</a></div></div> <div class="ttc" id="x509__crt_8h_html"><div class="ttname"><a href="x509__crt_8h.html">x509_crt.h</a></div><div class="ttdoc">X.509 certificate parsing and writing. </div></div> <div class="ttc" id="x509_8h_html_a9f5cdaf33a0371bdd6893f7c36acf8ef"><div class="ttname"><a href="x509_8h.html#a9f5cdaf33a0371bdd6893f7c36acf8ef">NS_CERT_TYPE_SSL_CA</a></div><div class="ttdeci">#define NS_CERT_TYPE_SSL_CA</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00111">x509.h:111</a></div></div> <div class="ttc" id="struct__x509__time_html_a20c84d21414653a33595ea4563c49b46"><div class="ttname"><a href="struct__x509__time.html#a20c84d21414653a33595ea4563c49b46">_x509_time::day</a></div><div class="ttdeci">int day</div><div class="ttdoc">Date. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00183">x509.h:183</a></div></div> <div class="ttc" id="struct__x509__crt_html_afec19cd95389ad573eadb39b7ab83e0f"><div class="ttname"><a href="struct__x509__crt.html#afec19cd95389ad573eadb39b7ab83e0f">_x509_crt::sig_oid1</a></div><div class="ttdeci">x509_buf sig_oid1</div><div class="ttdoc">Signature algorithm, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00064">x509_crt.h:64</a></div></div> <div class="ttc" id="struct__asn1__buf_html_a15a91b2c0722fdcdec3b930ab2750261"><div class="ttname"><a href="struct__asn1__buf.html#a15a91b2c0722fdcdec3b930ab2750261">_asn1_buf::tag</a></div><div class="ttdeci">int tag</div><div class="ttdoc">ASN1 type, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00126">asn1.h:126</a></div></div> <div class="ttc" id="x509_8h_html_a349ec0e59749ed5ca9ac9e030c06049f"><div class="ttname"><a href="x509_8h.html#a349ec0e59749ed5ca9ac9e030c06049f">KU_KEY_AGREEMENT</a></div><div class="ttdeci">#define KU_KEY_AGREEMENT</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00097">x509.h:97</a></div></div> <div class="ttc" id="group__asn1__module_html_ga0274145c2843f1d22cf7ca9b7ed37bab"><div class="ttname"><a href="group__asn1__module.html#ga0274145c2843f1d22cf7ca9b7ed37bab">POLARSSL_ERR_ASN1_OUT_OF_DATA</a></div><div class="ttdeci">#define POLARSSL_ERR_ASN1_OUT_OF_DATA</div><div class="ttdoc">Out of data when parsing an ASN1 data structure. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00054">asn1.h:54</a></div></div> <div class="ttc" id="x509_8h_html_ab5d6d2b4ddcd6caf33c2cb05af506ff5"><div class="ttname"><a href="x509_8h.html#ab5d6d2b4ddcd6caf33c2cb05af506ff5">x509_sig_alg_gets</a></div><div class="ttdeci">int x509_sig_alg_gets(char *buf, size_t size, const x509_buf *sig_oid, pk_type_t pk_alg, md_type_t md_alg, const void *sig_opts)</div></div> <div class="ttc" id="x509_8h_html_a97bef6a8c3abaf7755b95d997f9af98e"><div class="ttname"><a href="x509_8h.html#a97bef6a8c3abaf7755b95d997f9af98e">EXT_EXTENDED_KEY_USAGE</a></div><div class="ttdeci">#define EXT_EXTENDED_KEY_USAGE</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00132">x509.h:132</a></div></div> <div class="ttc" id="pk_8h_html_a8601c6b94a0baaa878cddf8b251d229d"><div class="ttname"><a href="pk_8h.html#a8601c6b94a0baaa878cddf8b251d229d">pk_parse_subpubkey</a></div><div class="ttdeci">int pk_parse_subpubkey(unsigned char **p, const unsigned char *end, pk_context *pk)</div><div class="ttdoc">Parse a SubjectPublicKeyInfo DER structure. </div></div> <div class="ttc" id="x509_8h_html_a13d8b17b30fcdaa5038082b89e72957a"><div class="ttname"><a href="x509_8h.html#a13d8b17b30fcdaa5038082b89e72957a">x509_load_file</a></div><div class="ttdeci">int x509_load_file(const char *path, unsigned char **buf, size_t *n)</div></div> <div class="ttc" id="group__asn1__module_html_ga37e8d5745c2724e7330566921ca16fec"><div class="ttname"><a href="group__asn1__module.html#ga37e8d5745c2724e7330566921ca16fec">POLARSSL_ERR_ASN1_MALLOC_FAILED</a></div><div class="ttdeci">#define POLARSSL_ERR_ASN1_MALLOC_FAILED</div><div class="ttdoc">Memory allocation failed. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00059">asn1.h:59</a></div></div> <div class="ttc" id="group__asn1__module_html_gab1f89bc6e469d46d5293f724d317d1d7"><div class="ttname"><a href="group__asn1__module.html#gab1f89bc6e469d46d5293f724d317d1d7">ASN1_CONTEXT_SPECIFIC</a></div><div class="ttdeci">#define ASN1_CONTEXT_SPECIFIC</div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00093">asn1.h:93</a></div></div> <div class="ttc" id="group__x509__module_html_ga71c9686585580f77964a3653e147ad0a"><div class="ttname"><a href="group__x509__module.html#ga71c9686585580f77964a3653e147ad0a">BADCERT_NOT_TRUSTED</a></div><div class="ttdeci">#define BADCERT_NOT_TRUSTED</div><div class="ttdoc">The certificate is not correctly signed by the trusted CA. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00079">x509.h:79</a></div></div> <div class="ttc" id="group__x509__module_html_ga87e65fdadeba914a5555ef09ab35c48b"><div class="ttname"><a href="group__x509__module.html#ga87e65fdadeba914a5555ef09ab35c48b">POLARSSL_ERR_X509_FILE_IO_ERROR</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_FILE_IO_ERROR</div><div class="ttdoc">Read/write of file failed. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00069">x509.h:69</a></div></div> <div class="ttc" id="group__x509__module_html_ga4479c58d8c7274c50d940d2ea2dfd765"><div class="ttname"><a href="group__x509__module.html#ga4479c58d8c7274c50d940d2ea2dfd765">x509_crt_revoked</a></div><div class="ttdeci">int x509_crt_revoked(const x509_crt *crt, const x509_crl *crl)</div><div class="ttdoc">Verify the certificate revocation status. </div></div> <div class="ttc" id="struct__x509__crl_html_a6cb016be83c6ecb607d15030e83b23d0"><div class="ttname"><a href="struct__x509__crl.html#a6cb016be83c6ecb607d15030e83b23d0">_x509_crl::this_update</a></div><div class="ttdeci">x509_time this_update</div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00085">x509_crl.h:85</a></div></div> <div class="ttc" id="struct__asn1__named__data_html"><div class="ttname"><a href="struct__asn1__named__data.html">_asn1_named_data</a></div><div class="ttdoc">Container for a sequence or list of &#39;named&#39; ASN.1 data items. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00156">asn1.h:156</a></div></div> <div class="ttc" id="struct__asn1__buf_html"><div class="ttname"><a href="struct__asn1__buf.html">_asn1_buf</a></div><div class="ttdoc">Type-length-value structure that allows for ASN1 using DER. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00124">asn1.h:124</a></div></div> <div class="ttc" id="struct__x509__crl_html_a1a2a731912111c297251e9952ac08c79"><div class="ttname"><a href="struct__x509__crl.html#a1a2a731912111c297251e9952ac08c79">_x509_crl::sig_pk</a></div><div class="ttdeci">pk_type_t sig_pk</div><div class="ttdoc">Internal representation of the Public Key algorithm of the signature algorithm, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00095">x509_crl.h:95</a></div></div> <div class="ttc" id="struct__asn1__buf_html_a44f95c5d0e831dfbb20ce2ac70cb6831"><div class="ttname"><a href="struct__asn1__buf.html#a44f95c5d0e831dfbb20ce2ac70cb6831">_asn1_buf::len</a></div><div class="ttdeci">size_t len</div><div class="ttdoc">ASN1 length, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00127">asn1.h:127</a></div></div> <div class="ttc" id="group__x509__module_html_ga8dbe1ef936bb47a2f13759e7e4380be0"><div class="ttname"><a href="group__x509__module.html#ga8dbe1ef936bb47a2f13759e7e4380be0">BADCRL_FUTURE</a></div><div class="ttdeci">#define BADCRL_FUTURE</div><div class="ttdoc">The CRL is from the future. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00086">x509.h:86</a></div></div> <div class="ttc" id="struct__x509__crt_html_a06648e31fe4adffdca0995568ce6aab9"><div class="ttname"><a href="struct__x509__crt.html#a06648e31fe4adffdca0995568ce6aab9">_x509_crt::issuer</a></div><div class="ttdeci">x509_name issuer</div><div class="ttdoc">The parsed issuer data (named information object). </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00069">x509_crt.h:69</a></div></div> <div class="ttc" id="x509_8h_html_ae61b2a208043d2d1cfdfea019a15c59b"><div class="ttname"><a href="x509_8h.html#ae61b2a208043d2d1cfdfea019a15c59b">X509_FORMAT_PEM</a></div><div class="ttdeci">#define X509_FORMAT_PEM</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00144">x509.h:144</a></div></div> <div class="ttc" id="pk_8h_html_a7b5e20233f984cf440379b41b9961911"><div class="ttname"><a href="pk_8h.html#a7b5e20233f984cf440379b41b9961911">pk_free</a></div><div class="ttdeci">void pk_free(pk_context *ctx)</div><div class="ttdoc">Free a pk_context. </div></div> <div class="ttc" id="md_8h_html_a38c76a15d6a3874f898f3dc60750dde1"><div class="ttname"><a href="md_8h.html#a38c76a15d6a3874f898f3dc60750dde1">POLARSSL_MD_MAX_SIZE</a></div><div class="ttdeci">#define POLARSSL_MD_MAX_SIZE</div><div class="ttdef"><b>Definition:</b> <a href="md_8h_source.html#l00067">md.h:67</a></div></div> <div class="ttc" id="threading_8h_html_a3f71f2d457fdf4f03268eb731abf3a98"><div class="ttname"><a href="threading_8h.html#a3f71f2d457fdf4f03268eb731abf3a98">polarssl_mutex_unlock</a></div><div class="ttdeci">int(* polarssl_mutex_unlock)(threading_mutex_t *mutex)</div></div> <div class="ttc" id="struct__x509__time_html_a26ed64caf8b2d05ecb82c0ed68113bc5"><div class="ttname"><a href="struct__x509__time.html#a26ed64caf8b2d05ecb82c0ed68113bc5">_x509_time::year</a></div><div class="ttdeci">int year</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00183">x509.h:183</a></div></div> <div class="ttc" id="x509_8h_html_a62f25762eb59728f92b07d61ae2057a5"><div class="ttname"><a href="x509_8h.html#a62f25762eb59728f92b07d61ae2057a5">NS_CERT_TYPE_EMAIL_CA</a></div><div class="ttdeci">#define NS_CERT_TYPE_EMAIL_CA</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00112">x509.h:112</a></div></div> <div class="ttc" id="group__x509__module_html_ga4ecb1ad0da0f9d6bb0017e091ea4ee2a"><div class="ttname"><a href="group__x509__module.html#ga4ecb1ad0da0f9d6bb0017e091ea4ee2a">BADCERT_REVOKED</a></div><div class="ttdeci">#define BADCERT_REVOKED</div><div class="ttdoc">The certificate has been revoked (is on a CRL). </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00077">x509.h:77</a></div></div> <div class="ttc" id="group__x509__module_html_gad5d4bfa3090cb468e734596094f39a1f"><div class="ttname"><a href="group__x509__module.html#gad5d4bfa3090cb468e734596094f39a1f">BADCRL_EXPIRED</a></div><div class="ttdeci">#define BADCRL_EXPIRED</div><div class="ttdoc">CRL is expired. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00081">x509.h:81</a></div></div> <div class="ttc" id="asn1_8h_html_acebb8b02851a2f8dfa866d1b8e7f2ebd"><div class="ttname"><a href="asn1_8h.html#acebb8b02851a2f8dfa866d1b8e7f2ebd">asn1_get_len</a></div><div class="ttdeci">int asn1_get_len(unsigned char **p, const unsigned char *end, size_t *len)</div><div class="ttdoc">Get the length of an ASN.1 element. </div></div> <div class="ttc" id="group__x509__module_html_gaa1ff85472d1f06bac7aadef70dbc404f"><div class="ttname"><a href="group__x509__module.html#gaa1ff85472d1f06bac7aadef70dbc404f">POLARSSL_ERR_X509_FEATURE_UNAVAILABLE</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE</div><div class="ttdoc">Unavailable feature, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00052">x509.h:52</a></div></div> <div class="ttc" id="asn1_8h_html_af7d10ad8e91ae5cb4a78f7d7dc1a8ac6"><div class="ttname"><a href="asn1_8h.html#af7d10ad8e91ae5cb4a78f7d7dc1a8ac6">asn1_get_tag</a></div><div class="ttdeci">int asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag)</div><div class="ttdoc">Get the tag and length of the tag. </div></div> <div class="ttc" id="x509_8h_html_a34abc95bf0fa471e18d1dd3b295492f6"><div class="ttname"><a href="x509_8h.html#a34abc95bf0fa471e18d1dd3b295492f6">KU_DIGITAL_SIGNATURE</a></div><div class="ttdeci">#define KU_DIGITAL_SIGNATURE</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00093">x509.h:93</a></div></div> <div class="ttc" id="x509_8h_html_a883f07d87bb5745b334dce6018828536"><div class="ttname"><a href="x509_8h.html#a883f07d87bb5745b334dce6018828536">x509_get_ext</a></div><div class="ttdeci">int x509_get_ext(unsigned char **p, const unsigned char *end, x509_buf *ext, int tag)</div></div> <div class="ttc" id="x509_8h_html_a725ac67650ba113b8a8938e1f9cdb073"><div class="ttname"><a href="x509_8h.html#a725ac67650ba113b8a8938e1f9cdb073">NS_CERT_TYPE_SSL_SERVER</a></div><div class="ttdeci">#define NS_CERT_TYPE_SSL_SERVER</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00107">x509.h:107</a></div></div> <div class="ttc" id="group__x509__module_html_ga7fb5d1b9bb950f41cf57a6e156a318ff"><div class="ttname"><a href="group__x509__module.html#ga7fb5d1b9bb950f41cf57a6e156a318ff">POLARSSL_ERR_X509_INVALID_VERSION</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_INVALID_VERSION</div><div class="ttdoc">The CRT/CRL/CSR version element is invalid. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00055">x509.h:55</a></div></div> <div class="ttc" id="struct__x509__crl_html"><div class="ttname"><a href="struct__x509__crl.html">_x509_crl</a></div><div class="ttdoc">Certificate revocation list structure. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00073">x509_crl.h:73</a></div></div> <div class="ttc" id="asn1_8h_html_a8cb7d558ab80268d8a01ad05c2a7804a"><div class="ttname"><a href="asn1_8h.html#a8cb7d558ab80268d8a01ad05c2a7804a">asn1_get_bitstring</a></div><div class="ttdeci">int asn1_get_bitstring(unsigned char **p, const unsigned char *end, asn1_bitstring *bs)</div><div class="ttdoc">Retrieve a bitstring ASN.1 tag and its value. </div></div> <div class="ttc" id="struct__x509__crt_html_a25d579cf750491647545181f6a859668"><div class="ttname"><a href="struct__x509__crt.html#a25d579cf750491647545181f6a859668">_x509_crt::pk</a></div><div class="ttdeci">pk_context pk</div><div class="ttdoc">Container for the public key context. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00075">x509_crt.h:75</a></div></div> <div class="ttc" id="threading_8h_html_afea02eb560c790911a89035bbcc909ad"><div class="ttname"><a href="threading_8h.html#afea02eb560c790911a89035bbcc909ad">POLARSSL_ERR_THREADING_MUTEX_ERROR</a></div><div class="ttdeci">#define POLARSSL_ERR_THREADING_MUTEX_ERROR</div><div class="ttdoc">Locking / unlocking / free failed with error code. </div><div class="ttdef"><b>Definition:</b> <a href="threading_8h_source.html#l00044">threading.h:44</a></div></div> <div class="ttc" id="struct__x509__time_html_a7ef645e874ef1dac4767713f131f6425"><div class="ttname"><a href="struct__x509__time.html#a7ef645e874ef1dac4767713f131f6425">_x509_time::min</a></div><div class="ttdeci">int min</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00184">x509.h:184</a></div></div> <div class="ttc" id="struct__asn1__named__data_html_a58d2c1bba1746711bac4f41a74f5333c"><div class="ttname"><a href="struct__asn1__named__data.html#a58d2c1bba1746711bac4f41a74f5333c">_asn1_named_data::next</a></div><div class="ttdeci">struct _asn1_named_data * next</div><div class="ttdoc">The next entry in the sequence. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00160">asn1.h:160</a></div></div> <div class="ttc" id="structmd__info__t_html_aedb1e12797791c9b7f5545bda6e3172d"><div class="ttname"><a href="structmd__info__t.html#aedb1e12797791c9b7f5545bda6e3172d">md_info_t::size</a></div><div class="ttdeci">int size</div><div class="ttdoc">Output length of the digest function. </div><div class="ttdef"><b>Definition:</b> <a href="md_8h_source.html#l00082">md.h:82</a></div></div> <div class="ttc" id="struct__x509__crt_html_af0c0fa4b6a5febff1837802277442c40"><div class="ttname"><a href="struct__x509__crt.html#af0c0fa4b6a5febff1837802277442c40">_x509_crt::issuer_id</a></div><div class="ttdeci">x509_buf issuer_id</div><div class="ttdoc">Optional X.509 v2/v3 issuer unique identifier. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00077">x509_crt.h:77</a></div></div> <div class="ttc" id="group__x509__module_html_gaefb797397f3fc132f0d825b77b10ff47"><div class="ttname"><a href="group__x509__module.html#gaefb797397f3fc132f0d825b77b10ff47">POLARSSL_ERR_X509_INVALID_EXTENSIONS</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_INVALID_EXTENSIONS</div><div class="ttdoc">The extension tag or value is invalid. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00061">x509.h:61</a></div></div> <div class="ttc" id="group__asn1__module_html_gae251e2c2d40228a89468f3f939a18585"><div class="ttname"><a href="group__asn1__module.html#gae251e2c2d40228a89468f3f939a18585">ASN1_OCTET_STRING</a></div><div class="ttdeci">#define ASN1_OCTET_STRING</div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00078">asn1.h:78</a></div></div> <div class="ttc" id="x509_8h_html_a3ce3d173dfc128c33f1df4e3250821d2"><div class="ttname"><a href="x509_8h.html#a3ce3d173dfc128c33f1df4e3250821d2">x509_time_future</a></div><div class="ttdeci">int x509_time_future(const x509_time *time)</div><div class="ttdoc">Check a given x509_time against the system time and check if it is not from the future. </div></div> <div class="ttc" id="group__x509__module_html_ga34939a983156816784e3d1a64fe0bac9"><div class="ttname"><a href="group__x509__module.html#ga34939a983156816784e3d1a64fe0bac9">x509_crt_parse_path</a></div><div class="ttdeci">int x509_crt_parse_path(x509_crt *chain, const char *path)</div><div class="ttdoc">Load one or more certificate files from a path and add them to the chained list. </div></div> <div class="ttc" id="struct__x509__crt_html_a1308156c29933fc016e4848b10ca78de"><div class="ttname"><a href="struct__x509__crt.html#a1308156c29933fc016e4848b10ca78de">_x509_crt::v3_ext</a></div><div class="ttdeci">x509_buf v3_ext</div><div class="ttdoc">Optional X.509 v3 extensions. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00079">x509_crt.h:79</a></div></div> <div class="ttc" id="group__x509__module_html_ga59ea8fbabf8eae3f006824230bc27d6c"><div class="ttname"><a href="group__x509__module.html#ga59ea8fbabf8eae3f006824230bc27d6c">POLARSSL_ERR_X509_BAD_INPUT_DATA</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_BAD_INPUT_DATA</div><div class="ttdoc">Input invalid. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00067">x509.h:67</a></div></div> <div class="ttc" id="struct__x509__crt_html_a02b5906534bd0dd7d27e84215e885888"><div class="ttname"><a href="struct__x509__crt.html#a02b5906534bd0dd7d27e84215e885888">_x509_crt::subject_id</a></div><div class="ttdeci">x509_buf subject_id</div><div class="ttdoc">Optional X.509 v2/v3 subject unique identifier. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00078">x509_crt.h:78</a></div></div> <div class="ttc" id="x509_8h_html_a5da71e896dc465af98e4004ea40eb230"><div class="ttname"><a href="x509_8h.html#a5da71e896dc465af98e4004ea40eb230">KU_KEY_CERT_SIGN</a></div><div class="ttdeci">#define KU_KEY_CERT_SIGN</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00098">x509.h:98</a></div></div> <div class="ttc" id="group__x509__module_html_gacfafc04b8cd60bd1819cf41bc78a24de"><div class="ttname"><a href="group__x509__module.html#gacfafc04b8cd60bd1819cf41bc78a24de">BADCERT_CN_MISMATCH</a></div><div class="ttdeci">#define BADCERT_CN_MISMATCH</div><div class="ttdoc">The certificate Common Name (CN) does not match with the expected CN. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00078">x509.h:78</a></div></div> <div class="ttc" id="struct__x509__crt_html_a5cc6318c8e0977a1d49fc80facc164ae"><div class="ttname"><a href="struct__x509__crt.html#a5cc6318c8e0977a1d49fc80facc164ae">_x509_crt::version</a></div><div class="ttdeci">int version</div><div class="ttdoc">The X.509 version. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00062">x509_crt.h:62</a></div></div> <div class="ttc" id="pem_8h_html_aba55809b3ae6781d4ab92ccdfbe54a9c"><div class="ttname"><a href="pem_8h.html#aba55809b3ae6781d4ab92ccdfbe54a9c">POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT</a></div><div class="ttdeci">#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT</div><div class="ttdoc">No PEM header or footer found. </div><div class="ttdef"><b>Definition:</b> <a href="pem_8h_source.html#l00038">pem.h:38</a></div></div> <div class="ttc" id="struct__x509__crt_html_a3a7645927022ef6460a93586c88945e3"><div class="ttname"><a href="struct__x509__crt.html#a3a7645927022ef6460a93586c88945e3">_x509_crt::sig_pk</a></div><div class="ttdeci">pk_type_t sig_pk</div><div class="ttdoc">Internal representation of the Public Key algorithm of the signature algorithm, e.g. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00095">x509_crt.h:95</a></div></div> <div class="ttc" id="struct__x509__crl__entry_html_a16ec0e54f263806453827429b0a2e30b"><div class="ttname"><a href="struct__x509__crl__entry.html#a16ec0e54f263806453827429b0a2e30b">_x509_crl_entry::revocation_date</a></div><div class="ttdeci">x509_time revocation_date</div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00061">x509_crl.h:61</a></div></div> <div class="ttc" id="struct__x509__crl_html_aa41cf6526c4ca720ee917471fb54d346"><div class="ttname"><a href="struct__x509__crl.html#aa41cf6526c4ca720ee917471fb54d346">_x509_crl::issuer_raw</a></div><div class="ttdeci">x509_buf issuer_raw</div><div class="ttdoc">The raw issuer data (DER). </div><div class="ttdef"><b>Definition:</b> <a href="x509__crl_8h_source.html#l00081">x509_crl.h:81</a></div></div> <div class="ttc" id="group__x509__module_html_ga81299c99c393f6f58eff0471efb65ef7"><div class="ttname"><a href="group__x509__module.html#ga81299c99c393f6f58eff0471efb65ef7">x509_crt_info</a></div><div class="ttdeci">int x509_crt_info(char *buf, size_t size, const char *prefix, const x509_crt *crt)</div><div class="ttdoc">Returns an informational string about the certificate. </div></div> <div class="ttc" id="x509_8h_html_a1720f538cb0b7efa97d134ac6692192a"><div class="ttname"><a href="x509_8h.html#a1720f538cb0b7efa97d134ac6692192a">NS_CERT_TYPE_SSL_CLIENT</a></div><div class="ttdeci">#define NS_CERT_TYPE_SSL_CLIENT</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00106">x509.h:106</a></div></div> <div class="ttc" id="group__x509__module_html_ga60a90a6a7f6ee7a23c186d6870d8e4c8"><div class="ttname"><a href="group__x509__module.html#ga60a90a6a7f6ee7a23c186d6870d8e4c8">POLARSSL_ERR_X509_MALLOC_FAILED</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_MALLOC_FAILED</div><div class="ttdoc">Allocation of memory failed. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00068">x509.h:68</a></div></div> <div class="ttc" id="pem_8h_html_ae178eb5fe3590fc7bb43c16ba1874c2f"><div class="ttname"><a href="pem_8h.html#ae178eb5fe3590fc7bb43c16ba1874c2f">POLARSSL_ERR_PEM_BAD_INPUT_DATA</a></div><div class="ttdeci">#define POLARSSL_ERR_PEM_BAD_INPUT_DATA</div><div class="ttdoc">Bad input parameters to function. </div><div class="ttdef"><b>Definition:</b> <a href="pem_8h_source.html#l00046">pem.h:46</a></div></div> <div class="ttc" id="struct__x509__crt_html_a4b931af913d6313b1ee5b709eb8e3a7f"><div class="ttname"><a href="struct__x509__crt.html#a4b931af913d6313b1ee5b709eb8e3a7f">_x509_crt::key_usage</a></div><div class="ttdeci">unsigned char key_usage</div><div class="ttdoc">Optional key usage extension value: See the values in x509.h. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00086">x509_crt.h:86</a></div></div> <div class="ttc" id="struct__x509__crt_html_a9d565e1b087066b8e9cb293bf8b9562a"><div class="ttname"><a href="struct__x509__crt.html#a9d565e1b087066b8e9cb293bf8b9562a">_x509_crt::subject_raw</a></div><div class="ttdeci">x509_buf subject_raw</div><div class="ttdoc">The raw subject data (DER). </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00067">x509_crt.h:67</a></div></div> <div class="ttc" id="group__x509__module_html_gad0a4670e68ac4ce67dd163907880b513"><div class="ttname"><a href="group__x509__module.html#gad0a4670e68ac4ce67dd163907880b513">x509_crt_check_extended_key_usage</a></div><div class="ttdeci">int x509_crt_check_extended_key_usage(const x509_crt *crt, const char *usage_oid, size_t usage_len)</div><div class="ttdoc">Check usage of certificate against extentedJeyUsage. </div></div> <div class="ttc" id="structmd__info__t_html"><div class="ttname"><a href="structmd__info__t.html">md_info_t</a></div><div class="ttdoc">Message digest information. </div><div class="ttdef"><b>Definition:</b> <a href="md_8h_source.html#l00074">md.h:74</a></div></div> <div class="ttc" id="oid_8h_html_adc2234768fe23ece20c660f57e977f6f"><div class="ttname"><a href="oid_8h.html#adc2234768fe23ece20c660f57e977f6f">oid_get_extended_key_usage</a></div><div class="ttdeci">int oid_get_extended_key_usage(const asn1_buf *oid, const char **desc)</div><div class="ttdoc">Translate Extended Key Usage OID into description. </div></div> <div class="ttc" id="group__asn1__module_html_ga171798e67a7a1024ab5e1c12c73f0537"><div class="ttname"><a href="group__asn1__module.html#ga171798e67a7a1024ab5e1c12c73f0537">POLARSSL_ERR_ASN1_UNEXPECTED_TAG</a></div><div class="ttdeci">#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG</div><div class="ttdoc">ASN1 tag was of an unexpected value. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00055">asn1.h:55</a></div></div> <div class="ttc" id="x509_8h_html_a64f1e2e3dd57557fdad2ca9c07f63ec4"><div class="ttname"><a href="x509_8h.html#a64f1e2e3dd57557fdad2ca9c07f63ec4">KU_KEY_ENCIPHERMENT</a></div><div class="ttdeci">#define KU_KEY_ENCIPHERMENT</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00095">x509.h:95</a></div></div> <div class="ttc" id="x509_8h_html_acd36d794a8edbbf66fe2e267d8804854"><div class="ttname"><a href="x509_8h.html#acd36d794a8edbbf66fe2e267d8804854">x509_serial_gets</a></div><div class="ttdeci">int x509_serial_gets(char *buf, size_t size, const x509_buf *serial)</div><div class="ttdoc">Store the certificate serial in printable form into buf; no more than size characters will be written...</div></div> <div class="ttc" id="group__x509__module_html_gac00b6c62043eca7ddf8809888961454b"><div class="ttname"><a href="group__x509__module.html#gac00b6c62043eca7ddf8809888961454b">POLARSSL_ERR_X509_SIG_MISMATCH</a></div><div class="ttdeci">#define POLARSSL_ERR_X509_SIG_MISMATCH</div><div class="ttdoc">Signature algorithms do not match. </div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00064">x509.h:64</a></div></div> <div class="ttc" id="struct__asn1__sequence_html_af3dd863f47dffb72a582eda2d819e6e1"><div class="ttname"><a href="struct__asn1__sequence.html#af3dd863f47dffb72a582eda2d819e6e1">_asn1_sequence::next</a></div><div class="ttdeci">struct _asn1_sequence * next</div><div class="ttdoc">The next entry in the sequence. </div><div class="ttdef"><b>Definition:</b> <a href="asn1_8h_source.html#l00149">asn1.h:149</a></div></div> <div class="ttc" id="group__x509__module_html_ga2f937df6c64b400210dbeb5ad26cc8c2"><div class="ttname"><a href="group__x509__module.html#ga2f937df6c64b400210dbeb5ad26cc8c2">x509_crt_parse_file</a></div><div class="ttdeci">int x509_crt_parse_file(x509_crt *chain, const char *path)</div><div class="ttdoc">Load one or more certificates and add them to the chained list. </div></div> <div class="ttc" id="struct__x509__crt_html_ac879cafb84baa4067fc5b267b04874a7"><div class="ttname"><a href="struct__x509__crt.html#ac879cafb84baa4067fc5b267b04874a7">_x509_crt::sig</a></div><div class="ttdeci">x509_buf sig</div><div class="ttdoc">Signature: hash of the tbs part signed with the private key. </div><div class="ttdef"><b>Definition:</b> <a href="x509__crt_8h_source.html#l00093">x509_crt.h:93</a></div></div> <div class="ttc" id="x509_8h_html_aa86a67d1a8363fd5bbdaba523163a269"><div class="ttname"><a href="x509_8h.html#aa86a67d1a8363fd5bbdaba523163a269">EXT_SUBJECT_ALT_NAME</a></div><div class="ttdeci">#define EXT_SUBJECT_ALT_NAME</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00126">x509.h:126</a></div></div> <div class="ttc" id="x509_8h_html_a14185258174d3ae78dbccd55de36b0a8"><div class="ttname"><a href="x509_8h.html#a14185258174d3ae78dbccd55de36b0a8">KU_CRL_SIGN</a></div><div class="ttdeci">#define KU_CRL_SIGN</div><div class="ttdef"><b>Definition:</b> <a href="x509_8h_source.html#l00099">x509.h:99</a></div></div> </div><!-- fragment --></div><!-- contents --> <!-- start footer part --> <hr class="footer"/><address class="footer"><small> Generated on Thu Jul 31 2014 11:35:55 for PolarSSL v1.3.8 by  <a href="http://www.doxygen.org/index.html"> <img class="footer" src="doxygen.png" alt="doxygen"/> </a> 1.8.5 </small></address> </body> </html>