lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Merge pull request #6171 from mprse/md_x509_test

Browse Source 
Driver-only hashes: X.509
This commit is contained in:
Gilles Peskine
2022-08-22 17:18:47 +02:00
committed by GitHub
parent beb4fc0723 07c0f12302
commit 03f1c39ac7
20 changed files with 848 additions and 754 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
include/mbedtls/check_config.h
View File

@ -890,13 +890,15 @@
#if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ #if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \ !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \
!defined(MBEDTLS_PK_PARSE_C) ) !defined(MBEDTLS_PK_PARSE_C) || \
( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) )
#error "MBEDTLS_X509_USE_C defined, but not all prerequisites" #error "MBEDTLS_X509_USE_C defined, but not all prerequisites"
#endif #endif
#if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ #if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \ !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \
!defined(MBEDTLS_PK_WRITE_C) ) !defined(MBEDTLS_PK_PARSE_C) || \
( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) )
#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites" #error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites"
#endif #endif

13
include/mbedtls/mbedtls_config.h
View File

@ -3118,8 +3118,11 @@
* library/x509_crt.c * library/x509_crt.c
* library/x509_csr.c * library/x509_csr.c
* *
* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
* MBEDTLS_PK_PARSE_C * (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
*
* \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init()
* before doing any X.509 operation.
* *
* This module is required for the X.509 parsing modules. * This module is required for the X.509 parsing modules.
*/ */
@ -3176,7 +3179,11 @@
* *
* Module: library/x509_create.c * Module: library/x509_create.c
* *
* Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
* (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
*
* \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init()
* before doing any X.509 create operation.
* *
* This module is the basis for creating X.509 certificates and CSRs. * This module is the basis for creating X.509 certificates and CSRs.
*/ */

4
include/mbedtls/oid.h
View File

@ -34,9 +34,7 @@
#include "mbedtls/cipher.h" #include "mbedtls/cipher.h"
#endif #endif
#if defined(MBEDTLS_MD_C)
#include "mbedtls/md.h" #include "mbedtls/md.h"
#endif
/** OID is not found. */ /** OID is not found. */
#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E #define MBEDTLS_ERR_OID_NOT_FOUND -0x002E
@ -519,7 +517,6 @@ int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
const char **oid, size_t *olen ); const char **oid, size_t *olen );
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_MD_C)
/** /**
* \brief Translate SignatureAlgorithm OID into md_type and pk_type * \brief Translate SignatureAlgorithm OID into md_type and pk_type
* *
@ -564,7 +561,6 @@ int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac ); int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac );
#endif /* MBEDTLS_MD_C */
/** /**
* \brief Translate hash algorithm OID into md_type * \brief Translate hash algorithm OID into md_type

4
include/mbedtls/x509_crt.h
View File

@ -1108,7 +1108,7 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
int is_ca, int max_pathlen ); int is_ca, int max_pathlen );
#if defined(MBEDTLS_SHA1_C) #if defined(MBEDTLS_SHA1_C) || ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
/** /**
* \brief Set the subjectKeyIdentifier extension for a CRT * \brief Set the subjectKeyIdentifier extension for a CRT
* Requires that mbedtls_x509write_crt_set_subject_key() has been * Requires that mbedtls_x509write_crt_set_subject_key() has been
@ -1130,7 +1130,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
#endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_SHA1_C || (MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_1)*/
/** /**
* \brief Set the Key Usage Extension flags * \brief Set the Key Usage Extension flags

3
library/legacy_or_psa.h
View File

@ -90,6 +90,9 @@
#define MBEDTLS_OR_PSA_HELPERS_H #define MBEDTLS_OR_PSA_HELPERS_H
#include "common.h" #include "common.h"
#if defined(MBEDTLS_PSA_CRYPTO_C)
#include "psa/crypto.h"
#endif /* MBEDTLS_PSA_CRYPTO_C */
/* /*
* Hashes * Hashes

68
library/oid.c
View File

@ -329,7 +329,6 @@ FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certi
FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description) FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description)
#endif /* MBEDTLS_X509_REMOVE_INFO */ #endif /* MBEDTLS_X509_REMOVE_INFO */
#if defined(MBEDTLS_MD_C)
/* /*
* For SignatureAlgorithmIdentifier * For SignatureAlgorithmIdentifier
*/ */
@ -342,80 +341,80 @@ typedef struct {
static const oid_sig_alg_t oid_sig_alg[] = static const oid_sig_alg_t oid_sig_alg[] =
{ {
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
#if defined(MBEDTLS_MD5_C) #if defined(MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5" ), OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5" ),
MBEDTLS_MD_MD5, MBEDTLS_PK_RSA, MBEDTLS_MD_MD5, MBEDTLS_PK_RSA,
}, },
#endif /* MBEDTLS_MD5_C */ #endif /* MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA1_C) #if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA1, "sha-1WithRSAEncryption", "RSA with SHA1" ), OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA1, "sha-1WithRSAEncryption", "RSA with SHA1" ),
MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
}, },
#endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA224_C) #if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA224, "sha224WithRSAEncryption", "RSA with SHA-224" ), OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA224, "sha224WithRSAEncryption", "RSA with SHA-224" ),
MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA, MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA,
}, },
#endif #endif /* MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA256, "sha256WithRSAEncryption", "RSA with SHA-256" ), OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA256, "sha256WithRSAEncryption", "RSA with SHA-256" ),
MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA, MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA,
}, },
#endif /* MBEDTLS_SHA256_C */ #endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA384, "sha384WithRSAEncryption", "RSA with SHA-384" ), OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA384, "sha384WithRSAEncryption", "RSA with SHA-384" ),
MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA, MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA,
}, },
#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA512, "sha512WithRSAEncryption", "RSA with SHA-512" ), OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA512, "sha512WithRSAEncryption", "RSA with SHA-512" ),
MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA, MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA,
}, },
#endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA1_C) #if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_RSA_SHA_OBS, "sha-1WithRSAEncryption", "RSA with SHA1" ), OID_DESCRIPTOR( MBEDTLS_OID_RSA_SHA_OBS, "sha-1WithRSAEncryption", "RSA with SHA1" ),
MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
}, },
#endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
#if defined(MBEDTLS_SHA1_C) #if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA1, "ecdsa-with-SHA1", "ECDSA with SHA1" ), OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA1, "ecdsa-with-SHA1", "ECDSA with SHA1" ),
MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA, MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA,
}, },
#endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA224_C) #if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA224, "ecdsa-with-SHA224", "ECDSA with SHA224" ), OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA224, "ecdsa-with-SHA224", "ECDSA with SHA224" ),
MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA, MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA,
}, },
#endif #endif
#if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA256, "ecdsa-with-SHA256", "ECDSA with SHA256" ), OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA256, "ecdsa-with-SHA256", "ECDSA with SHA256" ),
MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA,
}, },
#endif /* MBEDTLS_SHA256_C */ #endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384" ), OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384" ),
MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA, MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA,
}, },
#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512" ), OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512" ),
MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA, MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA,
}, },
#endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */
#endif /* MBEDTLS_ECDSA_C */ #endif /* MBEDTLS_ECDSA_C */
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
{ {
@ -437,7 +436,6 @@ FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg
FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg) FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg)
FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg) FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg)
#endif /* MBEDTLS_MD_C */
/* /*
* For PublicKeyInfo (PKCS1, RFC 5480) * For PublicKeyInfo (PKCS1, RFC 5480)
@ -650,7 +648,6 @@ FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg) FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg) FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg)
#if defined(MBEDTLS_MD_C)
/* /*
* For HMAC digestAlgorithm * For HMAC digestAlgorithm
*/ */
@ -661,36 +658,36 @@ typedef struct {
static const oid_md_hmac_t oid_md_hmac[] = static const oid_md_hmac_t oid_md_hmac[] =
{ {
#if defined(MBEDTLS_SHA1_C) #if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA1, "hmacSHA1", "HMAC-SHA-1" ), OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA1, "hmacSHA1", "HMAC-SHA-1" ),
MBEDTLS_MD_SHA1, MBEDTLS_MD_SHA1,
}, },
#endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA224_C) #if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA224, "hmacSHA224", "HMAC-SHA-224" ), OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA224, "hmacSHA224", "HMAC-SHA-224" ),
MBEDTLS_MD_SHA224, MBEDTLS_MD_SHA224,
}, },
#endif #endif
#if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA256, "hmacSHA256", "HMAC-SHA-256" ), OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA256, "hmacSHA256", "HMAC-SHA-256" ),
MBEDTLS_MD_SHA256, MBEDTLS_MD_SHA256,
}, },
#endif /* MBEDTLS_SHA256_C */ #endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA384, "hmacSHA384", "HMAC-SHA-384" ), OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA384, "hmacSHA384", "HMAC-SHA-384" ),
MBEDTLS_MD_SHA384, MBEDTLS_MD_SHA384,
}, },
#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA)
{ {
OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA512, "hmacSHA512", "HMAC-SHA-512" ), OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA512, "hmacSHA512", "HMAC-SHA-512" ),
MBEDTLS_MD_SHA512, MBEDTLS_MD_SHA512,
}, },
#endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */
{ {
NULL_OID_DESCRIPTOR, NULL_OID_DESCRIPTOR,
MBEDTLS_MD_NONE, MBEDTLS_MD_NONE,
@ -699,7 +696,6 @@ static const oid_md_hmac_t oid_md_hmac[] =
FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac) FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac)
FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac) FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac)
#endif /* MBEDTLS_MD_C */
#if defined(MBEDTLS_PKCS12_C) #if defined(MBEDTLS_PKCS12_C)
/* /*

116
library/pem.c
View File

@ -29,6 +29,7 @@
#include "mbedtls/cipher.h" #include "mbedtls/cipher.h"
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "hash_info.h"
#include <string.h> #include <string.h>
@ -40,14 +41,25 @@
#define mbedtls_free free #define mbedtls_free free
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#endif
#include "legacy_or_psa.h"
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
#define PEM_RFC1421
#endif /* MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_CIPHER_MODE_CBC &&
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
#if defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
void mbedtls_pem_init( mbedtls_pem_context *ctx ) void mbedtls_pem_init( mbedtls_pem_context *ctx )
{ {
memset( ctx, 0, sizeof( mbedtls_pem_context ) ); memset( ctx, 0, sizeof( mbedtls_pem_context ) );
} }
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ #if defined(PEM_RFC1421)
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
/* /*
* Read a 16-byte hex string and convert it to binary * Read a 16-byte hex string and convert it to binary
*/ */
@ -73,6 +85,7 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv,
return( 0 ); return( 0 );
} }
#if defined(MBEDTLS_MD5_C)
static int pem_pbkdf1( unsigned char *key, size_t keylen, static int pem_pbkdf1( unsigned char *key, size_t keylen,
unsigned char *iv, unsigned char *iv,
const unsigned char *pwd, size_t pwdlen ) const unsigned char *pwd, size_t pwdlen )
@ -130,6 +143,84 @@ exit:
return( ret ); return( ret );
} }
#else
static int pem_pbkdf1( unsigned char *key, size_t keylen,
unsigned char *iv,
const unsigned char *pwd, size_t pwdlen )
{
unsigned char md5sum[16];
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
size_t output_length = 0;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
if( ( status = psa_hash_setup( &operation, PSA_ALG_MD5 ) ) != PSA_SUCCESS )
goto exit;
if( ( status = psa_hash_update( &operation, pwd, pwdlen ) ) != PSA_SUCCESS )
goto exit;
if( ( status = psa_hash_update( &operation, iv, 8 ) ) != PSA_SUCCESS )
goto exit;
if( ( status = psa_hash_finish( &operation, md5sum,
PSA_HASH_LENGTH( PSA_ALG_MD5 ),
&output_length ) ) != PSA_SUCCESS )
{
goto exit;
}
if( ( status = psa_hash_abort( &operation ) ) != PSA_SUCCESS )
goto exit;
/*
* key[ 0..15] = MD5(pwd || IV)
*/
if( keylen <= 16 )
{
memcpy( key, md5sum, keylen );
goto exit;
}
memcpy( key, md5sum, 16 );
/*
* key[16..23] = MD5(key[ 0..15] || pwd || IV])
*/
if( ( status = psa_hash_setup( &operation, PSA_ALG_MD5 ) ) != PSA_SUCCESS )
goto exit;
if( ( status = psa_hash_update( &operation, md5sum, 16 ) ) != PSA_SUCCESS )
goto exit;
if( ( status = psa_hash_update( &operation, pwd, pwdlen ) ) != PSA_SUCCESS )
goto exit;
if( ( status = psa_hash_update( &operation, iv, 8 ) ) != PSA_SUCCESS )
goto exit;
if( ( status = psa_hash_finish( &operation, md5sum,
PSA_HASH_LENGTH( PSA_ALG_MD5 ),
&output_length ) ) != PSA_SUCCESS )
{
goto exit;
}
if( ( status = psa_hash_abort( &operation ) ) != PSA_SUCCESS )
goto exit;
size_t use_len = 16;
if( keylen < 32 )
use_len = keylen - 16;
memcpy( key + 16, md5sum, use_len );
exit:
mbedtls_platform_zeroize( md5sum, 16 );
return( mbedtls_md_error_from_psa ( status ) );
}
#endif /* MBEDTLS_MD5_C */
#if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_DES_C)
/* /*
@ -219,8 +310,7 @@ exit:
} }
#endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_AES_C */
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && #endif /* PEM_RFC1421 */
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
const unsigned char *data, const unsigned char *pwd, const unsigned char *data, const unsigned char *pwd,
@ -230,15 +320,13 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
size_t len; size_t len;
unsigned char *buf; unsigned char *buf;
const unsigned char *s1, *s2, *end; const unsigned char *s1, *s2, *end;
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ #if defined(PEM_RFC1421)
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
unsigned char pem_iv[16]; unsigned char pem_iv[16];
mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE; mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE;
#else #else
((void) pwd); ((void) pwd);
((void) pwdlen); ((void) pwdlen);
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && #endif /* PEM_RFC1421 */
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
if( ctx == NULL ) if( ctx == NULL )
return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA );
@ -270,8 +358,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 ) if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
{ {
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ #if defined(PEM_RFC1421)
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
enc++; enc++;
s1 += 22; s1 += 22;
@ -333,8 +420,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
else return( MBEDTLS_ERR_PEM_INVALID_DATA ); else return( MBEDTLS_ERR_PEM_INVALID_DATA );
#else #else
return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && #endif /* PEM_RFC1421 */
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
} }
if( s1 >= s2 ) if( s1 >= s2 )
@ -357,8 +443,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
if( enc != 0 ) if( enc != 0 )
{ {
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ #if defined(PEM_RFC1421)
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
if( pwd == NULL ) if( pwd == NULL )
{ {
mbedtls_platform_zeroize( buf, len ); mbedtls_platform_zeroize( buf, len );
@ -406,8 +491,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
mbedtls_platform_zeroize( buf, len ); mbedtls_platform_zeroize( buf, len );
mbedtls_free( buf ); mbedtls_free( buf );
return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && #endif /* PEM_RFC1421 */
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
} }
ctx->buf = buf; ctx->buf = buf;

16
library/x509.c
View File

@ -62,6 +62,8 @@
#include <time.h> #include <time.h>
#endif #endif
#include "legacy_or_psa.h"
#define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); } #define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); }
#define CHECK_RANGE(min, max, val) \ #define CHECK_RANGE(min, max, val) \
do \ do \
@ -138,31 +140,31 @@ static inline const char* md_type_to_string( mbedtls_md_type_t md_alg )
{ {
switch( md_alg ) switch( md_alg )
{ {
#if defined(MBEDTLS_MD5_C) #if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA)
case MBEDTLS_MD_MD5: case MBEDTLS_MD_MD5:
return( "MD5" ); return( "MD5" );
#endif #endif
#if defined(MBEDTLS_SHA1_C) #if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA)
case MBEDTLS_MD_SHA1: case MBEDTLS_MD_SHA1:
return( "SHA1" ); return( "SHA1" );
#endif #endif
#if defined(MBEDTLS_SHA224_C) #if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA)
case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA224:
return( "SHA224" ); return( "SHA224" );
#endif #endif
#if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA)
case MBEDTLS_MD_SHA256: case MBEDTLS_MD_SHA256:
return( "SHA256" ); return( "SHA256" );
#endif #endif
#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA)
case MBEDTLS_MD_SHA384: case MBEDTLS_MD_SHA384:
return( "SHA384" ); return( "SHA384" );
#endif #endif
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return( "SHA512" ); return( "SHA512" );
#endif #endif
#if defined(MBEDTLS_RIPEMD160_C) #if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA)
case MBEDTLS_MD_RIPEMD160: case MBEDTLS_MD_RIPEMD160:
return( "RIPEMD160" ); return( "RIPEMD160" );
#endif #endif

6
library/x509write_crt.c
View File

@ -46,6 +46,8 @@
#include "hash_info.h" #include "hash_info.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#include "legacy_or_psa.h"
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ) void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
{ {
memset( ctx, 0, sizeof( mbedtls_x509write_cert ) ); memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
@ -172,7 +174,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
is_ca, buf + sizeof(buf) - len, len ) ); is_ca, buf + sizeof(buf) - len, len ) );
} }
#if defined(MBEDTLS_SHA1_C) #if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
static int mbedtls_x509write_crt_set_key_identifier( mbedtls_x509write_cert *ctx, static int mbedtls_x509write_crt_set_key_identifier( mbedtls_x509write_cert *ctx,
int is_ca, int is_ca,
unsigned char tag ) unsigned char tag )
@ -254,7 +256,7 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
1, 1,
(MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0) ); (MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0) );
} }
#endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
unsigned int key_usage ) unsigned int key_usage )

8
tests/scripts/all.sh
View File

@ -1876,14 +1876,6 @@ component_test_psa_crypto_config_accel_hash_use_psa () {
scripts/config.py unset MBEDTLS_PKCS12_C scripts/config.py unset MBEDTLS_PKCS12_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_DETERMINISTIC_ECDSA scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
# X.509 currently depends on MD_C
scripts/config.py unset MBEDTLS_X509_CREATE_C
scripts/config.py unset MBEDTLS_X509_CRL_PARSE_C
scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C
scripts/config.py unset MBEDTLS_X509_CRT_WRITE_C
scripts/config.py unset MBEDTLS_X509_CSR_PARSE_C
scripts/config.py unset MBEDTLS_X509_CSR_WRITE_C
scripts/config.py unset MBEDTLS_X509_USE_C
# TLS currently depends on MD_C # TLS currently depends on MD_C
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED

14
tests/suites/test_suite_oid.data
View File

@ -59,31 +59,31 @@ OID get x509 extension - wrong oid - id-ce
oid_get_x509_extension:"551D":0 oid_get_x509_extension:"551D":0
OID hash id - id-md5 OID hash id - id-md5
depends_on:MBEDTLS_MD5_C depends_on:MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
oid_get_md_alg_id:"2A864886f70d0205":MBEDTLS_MD_MD5 oid_get_md_alg_id:"2A864886f70d0205":MBEDTLS_MD_MD5
OID hash id - id-sha1 OID hash id - id-sha1
depends_on:MBEDTLS_SHA1_C depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
oid_get_md_alg_id:"2b0e03021a":MBEDTLS_MD_SHA1 oid_get_md_alg_id:"2b0e03021a":MBEDTLS_MD_SHA1
OID hash id - id-sha224 OID hash id - id-sha224
depends_on:MBEDTLS_SHA224_C depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
oid_get_md_alg_id:"608648016503040204":MBEDTLS_MD_SHA224 oid_get_md_alg_id:"608648016503040204":MBEDTLS_MD_SHA224
OID hash id - id-sha256 OID hash id - id-sha256
depends_on:MBEDTLS_SHA256_C depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
oid_get_md_alg_id:"608648016503040201":MBEDTLS_MD_SHA256 oid_get_md_alg_id:"608648016503040201":MBEDTLS_MD_SHA256
OID hash id - id-sha384 OID hash id - id-sha384
depends_on:MBEDTLS_SHA384_C depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
oid_get_md_alg_id:"608648016503040202":MBEDTLS_MD_SHA384 oid_get_md_alg_id:"608648016503040202":MBEDTLS_MD_SHA384
OID hash id - id-sha512 OID hash id - id-sha512
depends_on:MBEDTLS_SHA512_C depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512 oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512
OID hash id - id-ripemd160 OID hash id - id-ripemd160
depends_on:MBEDTLS_RIPEMD160_C depends_on:MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160 oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160
OID hash id - invalid oid OID hash id - invalid oid

3
tests/suites/test_suite_oid.function
View File

@ -3,6 +3,7 @@
#include "mbedtls/asn1.h" #include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h" #include "mbedtls/asn1write.h"
#include "string.h" #include "string.h"
#include "legacy_or_psa.h"
/* END_HEADER */ /* END_HEADER */
/* BEGIN_DEPENDENCIES /* BEGIN_DEPENDENCIES
@ -82,7 +83,7 @@ void oid_get_x509_extension( data_t *oid, int exp_type )
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD_C */ /* BEGIN_CASE */
void oid_get_md_alg_id( data_t *oid, int exp_md_id ) void oid_get_md_alg_id( data_t *oid, int exp_md_id )
{ {
mbedtls_asn1_buf md_oid = { 0, 0, NULL }; mbedtls_asn1_buf md_oid = { 0, 0, NULL };

9
tests/suites/test_suite_pem.data
View File

@ -20,22 +20,25 @@ PEM read (unencrypted, valid)
mbedtls_pem_read_buffer:"^":"$":"^\nTWJlZCBUTFM=\n$":"":0:"4d62656420544c53" mbedtls_pem_read_buffer:"^":"$":"^\nTWJlZCBUTFM=\n$":"":0:"4d62656420544c53"
PEM read (DES-EDE3-CBC + invalid iv) PEM read (DES-EDE3-CBC + invalid iv)
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:"" mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:""
PEM read (DES-CBC + invalid iv) PEM read (DES-CBC + invalid iv)
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:"" mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:""
PEM read (unknown encryption algorithm) PEM read (unknown encryption algorithm)
depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG:"" mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG:""
PEM read (malformed PEM DES-CBC) PEM read (malformed PEM DES-CBC)
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:"" mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:""
PEM read (malformed PEM DES-EDE3-CBC) PEM read (malformed PEM DES-EDE3-CBC)
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:"" mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:""
PEM read (malformed PEM AES-128-CBC) PEM read (malformed PEM AES-128-CBC)
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,AA94892A169FA426AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:"" mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,AA94892A169FA426AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:""

4
tests/suites/test_suite_pem.function
View File

@ -3,6 +3,8 @@
#include "mbedtls/pem.h" #include "mbedtls/pem.h"
#include "mbedtls/des.h" #include "mbedtls/des.h"
#include "mbedtls/aes.h" #include "mbedtls/aes.h"
#include "legacy_or_psa.h"
/* END_HEADER */ /* END_HEADER */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */
@ -32,7 +34,7 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C */
void mbedtls_pem_read_buffer( char *header, char *footer, char *data, void mbedtls_pem_read_buffer( char *header, char *footer, char *data,
char *pwd, int res, data_t *out ) char *pwd, int res, data_t *out )
{ {

40
tests/suites/test_suite_pkparse.data
View File

@ -1,77 +1,77 @@
Parse RSA Key #1 (No password when required) Parse RSA Key #1 (No password when required)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
pk_parse_keyfile_rsa:"data_files/test-ca.key":"NULL":MBEDTLS_ERR_PK_PASSWORD_REQUIRED pk_parse_keyfile_rsa:"data_files/test-ca.key":"NULL":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #2 (Correct password) Parse RSA Key #2 (Correct password)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLTest":0 pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLTest":0
Parse RSA Key #3 (Wrong password) Parse RSA Key #3 (Wrong password)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C
pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLWRONG":MBEDTLS_ERR_PK_PASSWORD_MISMATCH pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLWRONG":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #4 (DES Encrypted) Parse RSA Key #4 (DES Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_des.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_des.pem":"testkey":0
Parse RSA Key #5 (3DES Encrypted) Parse RSA Key #5 (3DES Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_3des.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_3des.pem":"testkey":0
Parse RSA Key #6 (AES-128 Encrypted) Parse RSA Key #6 (AES-128 Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes128.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes128.pem":"testkey":0
Parse RSA Key #7 (AES-192 Encrypted) Parse RSA Key #7 (AES-192 Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes192.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes192.pem":"testkey":0
Parse RSA Key #8 (AES-256 Encrypted) Parse RSA Key #8 (AES-256 Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes256.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes256.pem":"testkey":0
Parse RSA Key #9 (2048-bit, DES Encrypted) Parse RSA Key #9 (2048-bit, DES Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_des.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_des.pem":"testkey":0
Parse RSA Key #10 (2048-bit, 3DES Encrypted) Parse RSA Key #10 (2048-bit, 3DES Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_3des.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_3des.pem":"testkey":0
Parse RSA Key #11 (2048-bit, AES-128 Encrypted) Parse RSA Key #11 (2048-bit, AES-128 Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes128.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes128.pem":"testkey":0
Parse RSA Key #12 (2048-bit, AES-192 Encrypted) Parse RSA Key #12 (2048-bit, AES-192 Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes192.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes192.pem":"testkey":0
Parse RSA Key #13 (2048-bit, AES-256 Encrypted) Parse RSA Key #13 (2048-bit, AES-256 Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes256.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes256.pem":"testkey":0
Parse RSA Key #14 (4096-bit, DES Encrypted) Parse RSA Key #14 (4096-bit, DES Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_des.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_des.pem":"testkey":0
Parse RSA Key #15 (4096-bit, 3DES Encrypted) Parse RSA Key #15 (4096-bit, 3DES Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_3des.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_3des.pem":"testkey":0
Parse RSA Key #16 (4096-bit, AES-128 Encrypted) Parse RSA Key #16 (4096-bit, AES-128 Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes128.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes128.pem":"testkey":0
Parse RSA Key #17 (4096-bit, AES-192 Encrypted) Parse RSA Key #17 (4096-bit, AES-192 Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes192.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes192.pem":"testkey":0
Parse RSA Key #18 (4096-bit, AES-256 Encrypted) Parse RSA Key #18 (4096-bit, AES-256 Encrypted)
depends_on:MBEDTLS_MD5_C:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes256.pem":"testkey":0 pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes256.pem":"testkey":0
Parse RSA Key #19 (PKCS#8 wrapped) Parse RSA Key #19 (PKCS#8 wrapped)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C
pk_parse_keyfile_rsa:"data_files/format_gen.key":"":0 pk_parse_keyfile_rsa:"data_files/format_gen.key":"":0
Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES) Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES)
@ -949,7 +949,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pem":"NULL":0 pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pem":"NULL":0
Parse EC Key #3 (SEC1 PEM encrypted) Parse EC Key #3 (SEC1 PEM encrypted)
depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pw.pem":"polar":0 pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pw.pem":"polar":0
Parse EC Key #4 (PKCS8 DER) Parse EC Key #4 (PKCS8 DER)

1
tests/suites/test_suite_pkparse.function
View File

@ -2,6 +2,7 @@
#include "mbedtls/pk.h" #include "mbedtls/pk.h"
#include "mbedtls/pem.h" #include "mbedtls/pem.h"
#include "mbedtls/oid.h" #include "mbedtls/oid.h"
#include "legacy_or_psa.h"
/* END_HEADER */ /* END_HEADER */
/* BEGIN_DEPENDENCIES /* BEGIN_DEPENDENCIES

1210
tests/suites/test_suite_x509parse.data
View File

File diff suppressed because it is too large Load Diff

2
tests/suites/test_suite_x509parse.function
View File

@ -10,6 +10,8 @@
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "string.h" #include "string.h"
#include "legacy_or_psa.h"
#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 #if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19
#error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \ #error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \
than the current threshold 19. To test larger values, please \ than the current threshold 19. To test larger values, please \

70
tests/suites/test_suite_x509write.data
View File

@ -1,141 +1,141 @@
Certificate Request check Server1 SHA1 Certificate Request check Server1 SHA1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0
Certificate Request check Server1 SHA224 Certificate Request check Server1 SHA224
depends_on:MBEDTLS_SHA224_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0
Certificate Request check Server1 SHA256 Certificate Request check Server1 SHA256
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0
Certificate Request check Server1 SHA384 Certificate Request check Server1 SHA384
depends_on:MBEDTLS_SHA384_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0
Certificate Request check Server1 SHA512 Certificate Request check Server1 SHA512
depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0
Certificate Request check Server1 MD5 Certificate Request check Server1 MD5
depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0 x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0
Certificate Request check Server1 key_usage Certificate Request check Server1 key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0 x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0
Certificate Request check opaque Server1 key_usage Certificate Request check opaque Server1 key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check_opaque:"data_files/server1.key":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 x509_csr_check_opaque:"data_files/server1.key":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
Certificate Request check Server1 key_usage empty Certificate Request check Server1 key_usage empty
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0 x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0
Certificate Request check Server1 ns_cert_type Certificate Request check Server1 ns_cert_type
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
Certificate Request check Server1 ns_cert_type empty Certificate Request check Server1 ns_cert_type empty
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1 x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1
Certificate Request check Server1 key_usage + ns_cert_type Certificate Request check Server1 key_usage + ns_cert_type
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1
Certificate Request check Server5 ECDSA, key_usage Certificate Request check Server5 ECDSA, key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0 x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0
Certificate Request check opaque Server5 ECDSA, key_usage Certificate Request check opaque Server5 ECDSA, key_usage
depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
Certificate write check Server1 SHA1 Certificate write check Server1 SHA1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, not before 1970 Certificate write check Server1 SHA1, not before 1970
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, not after 2050 Certificate write check Server1 SHA1, not after 2050
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, not before 1970, not after 2050 Certificate write check Server1 SHA1, not before 1970, not after 2050
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, not before 2050, not after 2059 Certificate write check Server1 SHA1, not before 2050, not after 2059
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20500210144406":"20590210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20500210144406":"20590210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, key_usage Certificate write check Server1 SHA1, key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, ns_cert_type Certificate write check Server1 SHA1, ns_cert_type
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, version 1 Certificate write check Server1 SHA1, version 1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, CA Certificate write check Server1 SHA1, CA
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":0:1:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":0:1:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, RSA_ALT Certificate write check Server1 SHA1, RSA_ALT
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, RSA_ALT, key_usage Certificate write check Server1 SHA1, RSA_ALT, key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, RSA_ALT, version 1 Certificate write check Server1 SHA1, RSA_ALT, version 1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, RSA_ALT, CA Certificate write check Server1 SHA1, RSA_ALT, CA
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, Opaque Certificate write check Server1 SHA1, Opaque
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":2:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":2:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, Opaque, key_usage Certificate write check Server1 SHA1, Opaque, key_usage
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":2:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":2:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, Opaque, ns_cert_type Certificate write check Server1 SHA1, Opaque, ns_cert_type
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":2:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":2:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, Opaque, version 1 Certificate write check Server1 SHA1, Opaque, version 1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":2:0:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":2:0:"data_files/test-ca.crt"
Certificate write check Server1 SHA1, Opaque, CA Certificate write check Server1 SHA1, Opaque, CA
depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C:MBEDTLS_USE_PSA_CRYPTO depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO
x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":2:1:"data_files/test-ca.crt" x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":2:1:"data_files/test-ca.crt"
Certificate write check Server5 ECDSA Certificate write check Server5 ECDSA
depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED
x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:0:0:1:-1:"data_files/server5.crt":0:0:"data_files/test-ca2.crt" x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:0:0:1:-1:"data_files/server5.crt":0:0:"data_files/test-ca2.crt"
Certificate write check Server5 ECDSA, Opaque Certificate write check Server5 ECDSA, Opaque
depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO
x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:0:0:1:-1:"":2:0:"data_files/test-ca2.crt" x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:0:0:1:-1:"":2:0:"data_files/test-ca2.crt"
X509 String to Names #1 X509 String to Names #1

3
tests/suites/test_suite_x509write.function
View File

@ -7,6 +7,7 @@
#include "mbedtls/rsa.h" #include "mbedtls/rsa.h"
#include "hash_info.h" #include "hash_info.h"
#include "legacy_or_psa.h"
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen, int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen,
@ -231,7 +232,7 @@ exit:
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void x509_crt_check( char *subject_key_file, char *subject_pwd, void x509_crt_check( char *subject_key_file, char *subject_pwd,
char *subject_name, char *issuer_key_file, char *subject_name, char *issuer_key_file,
char *issuer_pwd, char *issuer_name, char *issuer_pwd, char *issuer_name,