mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-29 11:41:15 +03:00
Merge pull request #6171 from mprse/md_x509_test
Driver-only hashes: X.509
This commit is contained in:
Gilles Peskine
GitHub
@ -90,6 +90,9 @@
|
||||
#define MBEDTLS_OR_PSA_HELPERS_H
|
||||
|
||||
#include "common.h"
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
#include "psa/crypto.h"
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_C */
|
||||
|
||||
/*
|
||||
* Hashes
|
||||
|
||||
@ -329,7 +329,6 @@ FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certi
|
||||
FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description)
|
||||
#endif /* MBEDTLS_X509_REMOVE_INFO */
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
/*
|
||||
* For SignatureAlgorithmIdentifier
|
||||
*/
|
||||
@ -342,80 +341,80 @@ typedef struct {
|
||||
static const oid_sig_alg_t oid_sig_alg[] =
|
||||
{
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5" ),
|
||||
MBEDTLS_MD_MD5, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_MD5_C */
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA1, "sha-1WithRSAEncryption", "RSA with SHA1" ),
|
||||
MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA224, "sha224WithRSAEncryption", "RSA with SHA-224" ),
|
||||
MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA256, "sha256WithRSAEncryption", "RSA with SHA-256" ),
|
||||
MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA384, "sha384WithRSAEncryption", "RSA with SHA-384" ),
|
||||
MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA384_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA512, "sha512WithRSAEncryption", "RSA with SHA-512" ),
|
||||
MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_RSA_SHA_OBS, "sha-1WithRSAEncryption", "RSA with SHA1" ),
|
||||
MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
#if defined(MBEDTLS_ECDSA_C)
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA1, "ecdsa-with-SHA1", "ECDSA with SHA1" ),
|
||||
MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA224, "ecdsa-with-SHA224", "ECDSA with SHA224" ),
|
||||
MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA256, "ecdsa-with-SHA256", "ECDSA with SHA256" ),
|
||||
MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384" ),
|
||||
MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA384_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512" ),
|
||||
MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */
|
||||
#endif /* MBEDTLS_ECDSA_C */
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
{
|
||||
@ -437,7 +436,6 @@ FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg
|
||||
|
||||
FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg)
|
||||
FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg)
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
/*
|
||||
* For PublicKeyInfo (PKCS1, RFC 5480)
|
||||
@ -650,7 +648,6 @@ FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
|
||||
FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
|
||||
FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg)
|
||||
|
||||
#if defined(MBEDTLS_MD_C)
|
||||
/*
|
||||
* For HMAC digestAlgorithm
|
||||
*/
|
||||
@ -661,36 +658,36 @@ typedef struct {
|
||||
|
||||
static const oid_md_hmac_t oid_md_hmac[] =
|
||||
{
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA1, "hmacSHA1", "HMAC-SHA-1" ),
|
||||
MBEDTLS_MD_SHA1,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA224, "hmacSHA224", "HMAC-SHA-224" ),
|
||||
MBEDTLS_MD_SHA224,
|
||||
},
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA256, "hmacSHA256", "HMAC-SHA-256" ),
|
||||
MBEDTLS_MD_SHA256,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA256_C */
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA384, "hmacSHA384", "HMAC-SHA-384" ),
|
||||
MBEDTLS_MD_SHA384,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA384_C */
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
|
||||
{
|
||||
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA512, "hmacSHA512", "HMAC-SHA-512" ),
|
||||
MBEDTLS_MD_SHA512,
|
||||
},
|
||||
#endif /* MBEDTLS_SHA512_C */
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */
|
||||
{
|
||||
NULL_OID_DESCRIPTOR,
|
||||
MBEDTLS_MD_NONE,
|
||||
@ -699,7 +696,6 @@ static const oid_md_hmac_t oid_md_hmac[] =
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac)
|
||||
FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac)
|
||||
#endif /* MBEDTLS_MD_C */
|
||||
|
||||
#if defined(MBEDTLS_PKCS12_C)
|
||||
/*
|
||||
|
||||
116
library/pem.c
116
library/pem.c
@ -29,6 +29,7 @@
|
||||
#include "mbedtls/cipher.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "hash_info.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
@ -40,14 +41,25 @@
|
||||
#define mbedtls_free free
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
#include "psa/crypto.h"
|
||||
#endif
|
||||
|
||||
#include "legacy_or_psa.h"
|
||||
|
||||
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#define PEM_RFC1421
|
||||
#endif /* MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
void mbedtls_pem_init( mbedtls_pem_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( mbedtls_pem_context ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#if defined(PEM_RFC1421)
|
||||
/*
|
||||
* Read a 16-byte hex string and convert it to binary
|
||||
*/
|
||||
@ -73,6 +85,7 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv,
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
static int pem_pbkdf1( unsigned char *key, size_t keylen,
|
||||
unsigned char *iv,
|
||||
const unsigned char *pwd, size_t pwdlen )
|
||||
@ -130,6 +143,84 @@ exit:
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#else
|
||||
static int pem_pbkdf1( unsigned char *key, size_t keylen,
|
||||
unsigned char *iv,
|
||||
const unsigned char *pwd, size_t pwdlen )
|
||||
{
|
||||
unsigned char md5sum[16];
|
||||
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
|
||||
size_t output_length = 0;
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
|
||||
if( ( status = psa_hash_setup( &operation, PSA_ALG_MD5 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, pwd, pwdlen ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, iv, 8 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_finish( &operation, md5sum,
|
||||
PSA_HASH_LENGTH( PSA_ALG_MD5 ),
|
||||
&output_length ) ) != PSA_SUCCESS )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( status = psa_hash_abort( &operation ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
/*
|
||||
* key[ 0..15] = MD5(pwd || IV)
|
||||
*/
|
||||
if( keylen <= 16 )
|
||||
{
|
||||
memcpy( key, md5sum, keylen );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
memcpy( key, md5sum, 16 );
|
||||
|
||||
/*
|
||||
* key[16..23] = MD5(key[ 0..15] || pwd || IV])
|
||||
*/
|
||||
if( ( status = psa_hash_setup( &operation, PSA_ALG_MD5 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, md5sum, 16 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, pwd, pwdlen ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_update( &operation, iv, 8 ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
if( ( status = psa_hash_finish( &operation, md5sum,
|
||||
PSA_HASH_LENGTH( PSA_ALG_MD5 ),
|
||||
&output_length ) ) != PSA_SUCCESS )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( status = psa_hash_abort( &operation ) ) != PSA_SUCCESS )
|
||||
goto exit;
|
||||
|
||||
size_t use_len = 16;
|
||||
if( keylen < 32 )
|
||||
use_len = keylen - 16;
|
||||
|
||||
memcpy( key + 16, md5sum, use_len );
|
||||
|
||||
exit:
|
||||
mbedtls_platform_zeroize( md5sum, 16 );
|
||||
|
||||
return( mbedtls_md_error_from_psa ( status ) );
|
||||
}
|
||||
#endif /* MBEDTLS_MD5_C */
|
||||
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
/*
|
||||
@ -219,8 +310,7 @@ exit:
|
||||
}
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
|
||||
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
#endif /* PEM_RFC1421 */
|
||||
|
||||
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
|
||||
const unsigned char *data, const unsigned char *pwd,
|
||||
@ -230,15 +320,13 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
||||
size_t len;
|
||||
unsigned char *buf;
|
||||
const unsigned char *s1, *s2, *end;
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#if defined(PEM_RFC1421)
|
||||
unsigned char pem_iv[16];
|
||||
mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE;
|
||||
#else
|
||||
((void) pwd);
|
||||
((void) pwdlen);
|
||||
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
#endif /* PEM_RFC1421 */
|
||||
|
||||
if( ctx == NULL )
|
||||
return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA );
|
||||
@ -270,8 +358,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
||||
|
||||
if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
|
||||
{
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#if defined(PEM_RFC1421)
|
||||
enc++;
|
||||
|
||||
s1 += 22;
|
||||
@ -333,8 +420,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
||||
else return( MBEDTLS_ERR_PEM_INVALID_DATA );
|
||||
#else
|
||||
return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
|
||||
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
#endif /* PEM_RFC1421 */
|
||||
}
|
||||
|
||||
if( s1 >= s2 )
|
||||
@ -357,8 +443,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
||||
|
||||
if( enc != 0 )
|
||||
{
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
#if defined(PEM_RFC1421)
|
||||
if( pwd == NULL )
|
||||
{
|
||||
mbedtls_platform_zeroize( buf, len );
|
||||
@ -406,8 +491,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
||||
mbedtls_platform_zeroize( buf, len );
|
||||
mbedtls_free( buf );
|
||||
return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
|
||||
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
|
||||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
#endif /* PEM_RFC1421 */
|
||||
}
|
||||
|
||||
ctx->buf = buf;
|
||||
|
||||
@ -62,6 +62,8 @@
|
||||
#include <time.h>
|
||||
#endif
|
||||
|
||||
#include "legacy_or_psa.h"
|
||||
|
||||
#define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); }
|
||||
#define CHECK_RANGE(min, max, val) \
|
||||
do \
|
||||
@ -138,31 +140,31 @@ static inline const char* md_type_to_string( mbedtls_md_type_t md_alg )
|
||||
{
|
||||
switch( md_alg )
|
||||
{
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_MD5:
|
||||
return( "MD5" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA1:
|
||||
return( "SHA1" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA224_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA224:
|
||||
return( "SHA224" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA256_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA256:
|
||||
return( "SHA256" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA384_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA384:
|
||||
return( "SHA384" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_SHA512:
|
||||
return( "SHA512" );
|
||||
#endif
|
||||
#if defined(MBEDTLS_RIPEMD160_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA)
|
||||
case MBEDTLS_MD_RIPEMD160:
|
||||
return( "RIPEMD160" );
|
||||
#endif
|
||||
|
||||
@ -46,6 +46,8 @@
|
||||
#include "hash_info.h"
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#include "legacy_or_psa.h"
|
||||
|
||||
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
|
||||
@ -172,7 +174,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
|
||||
is_ca, buf + sizeof(buf) - len, len ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
|
||||
static int mbedtls_x509write_crt_set_key_identifier( mbedtls_x509write_cert *ctx,
|
||||
int is_ca,
|
||||
unsigned char tag )
|
||||
@ -254,7 +256,7 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
|
||||
1,
|
||||
(MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0) );
|
||||
}
|
||||
#endif /* MBEDTLS_SHA1_C */
|
||||
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
|
||||
|
||||
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
|
||||
unsigned int key_usage )
|
||||
|
||||
Reference in New Issue
Block a user