Use platform layer in programs for consistency.
This commit is contained in:
Rich Evans
Paul Bakker
parent
e94e6e5b9c
commit
f90016aade
48 changed files with 1572 additions and 1145 deletions
|
|
@ -26,6 +26,15 @@
|
|||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_fprintf fprintf
|
||||
#define polarssl_malloc malloc
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
|
||||
|
|
@ -36,7 +45,7 @@ int main( int argc, char *argv[] )
|
|||
((void) argc);
|
||||
((void) argv);
|
||||
|
||||
printf("POLARSSL_RSA_C and/or POLARSSL_X509_CRT_PARSE_C "
|
||||
polarssl_printf("POLARSSL_RSA_C and/or POLARSSL_X509_CRT_PARSE_C "
|
||||
"POLARSSL_FS_IO and/or POLARSSL_X509_CRL_PARSE_C "
|
||||
"not defined.\n");
|
||||
return( 0 );
|
||||
|
|
@ -93,7 +102,7 @@ int main( int argc, char *argv[] )
|
|||
/*
|
||||
* 1.1. Load the trusted CA
|
||||
*/
|
||||
printf( "\n . Loading the CA root certificate ..." );
|
||||
polarssl_printf( "\n . Loading the CA root certificate ..." );
|
||||
fflush( stdout );
|
||||
|
||||
/*
|
||||
|
|
@ -103,32 +112,32 @@ int main( int argc, char *argv[] )
|
|||
ret = x509_crt_parse_file( &cacert, "ssl/test-ca/test-ca.crt" );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||
polarssl_printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
printf( " ok\n" );
|
||||
polarssl_printf( " ok\n" );
|
||||
|
||||
x509_crt_info( buf, 1024, "CRT: ", &cacert );
|
||||
printf("%s\n", buf );
|
||||
polarssl_printf("%s\n", buf );
|
||||
|
||||
/*
|
||||
* 1.2. Load the CRL
|
||||
*/
|
||||
printf( " . Loading the CRL ..." );
|
||||
polarssl_printf( " . Loading the CRL ..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crl_parse_file( &crl, "ssl/test-ca/crl.pem" );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
|
||||
polarssl_printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
printf( " ok\n" );
|
||||
polarssl_printf( " ok\n" );
|
||||
|
||||
x509_crl_info( buf, 1024, "CRL: ", &crl );
|
||||
printf("%s\n", buf );
|
||||
polarssl_printf("%s\n", buf );
|
||||
|
||||
for( i = 0; i < MAX_CLIENT_CERTS; i++ )
|
||||
{
|
||||
|
|
@ -145,22 +154,22 @@ int main( int argc, char *argv[] )
|
|||
|
||||
snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
|
||||
|
||||
printf( " . Loading the client certificate %s...", name );
|
||||
polarssl_printf( " . Loading the client certificate %s...", name );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crt_parse_file( &clicert, name );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||
polarssl_printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
printf( " ok\n" );
|
||||
polarssl_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.4. Verify certificate validity with CA certificate
|
||||
*/
|
||||
printf( " . Verify the client certificate with CA certificate..." );
|
||||
polarssl_printf( " . Verify the client certificate with CA certificate..." );
|
||||
fflush( stdout );
|
||||
|
||||
ret = x509_crt_verify( &clicert, &cacert, &crl, NULL, &flags, NULL,
|
||||
|
|
@ -170,53 +179,53 @@ int main( int argc, char *argv[] )
|
|||
if( ret == POLARSSL_ERR_X509_CERT_VERIFY_FAILED )
|
||||
{
|
||||
if( flags & BADCERT_CN_MISMATCH )
|
||||
printf( " CN_MISMATCH " );
|
||||
polarssl_printf( " CN_MISMATCH " );
|
||||
if( flags & BADCERT_EXPIRED )
|
||||
printf( " EXPIRED " );
|
||||
polarssl_printf( " EXPIRED " );
|
||||
if( flags & BADCERT_REVOKED )
|
||||
printf( " REVOKED " );
|
||||
polarssl_printf( " REVOKED " );
|
||||
if( flags & BADCERT_NOT_TRUSTED )
|
||||
printf( " NOT_TRUSTED " );
|
||||
polarssl_printf( " NOT_TRUSTED " );
|
||||
if( flags & BADCRL_NOT_TRUSTED )
|
||||
printf( " CRL_NOT_TRUSTED " );
|
||||
polarssl_printf( " CRL_NOT_TRUSTED " );
|
||||
if( flags & BADCRL_EXPIRED )
|
||||
printf( " CRL_EXPIRED " );
|
||||
polarssl_printf( " CRL_EXPIRED " );
|
||||
} else {
|
||||
printf( " failed\n ! x509_crt_verify returned %d\n\n", ret );
|
||||
polarssl_printf( " failed\n ! x509_crt_verify returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
|
||||
printf( " ok\n" );
|
||||
polarssl_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.5. Load own private key
|
||||
*/
|
||||
snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]);
|
||||
|
||||
printf( " . Loading the client private key %s...", name );
|
||||
polarssl_printf( " . Loading the client private key %s...", name );
|
||||
fflush( stdout );
|
||||
|
||||
ret = pk_parse_keyfile( &pk, name, NULL );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! pk_parse_keyfile returned %d\n\n", ret );
|
||||
polarssl_printf( " failed\n ! pk_parse_keyfile returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
printf( " ok\n" );
|
||||
polarssl_printf( " ok\n" );
|
||||
|
||||
/*
|
||||
* 1.6. Verify certificate validity with private key
|
||||
*/
|
||||
printf( " . Verify the client certificate with private key..." );
|
||||
polarssl_printf( " . Verify the client certificate with private key..." );
|
||||
fflush( stdout );
|
||||
|
||||
|
||||
/* EC NOT IMPLEMENTED YET */
|
||||
if( ! pk_can_do( &clicert.pk, POLARSSL_PK_RSA ) )
|
||||
{
|
||||
printf( " failed\n ! certificate's key is not RSA\n\n" );
|
||||
polarssl_printf( " failed\n ! certificate's key is not RSA\n\n" );
|
||||
ret = POLARSSL_ERR_X509_FEATURE_UNAVAILABLE;
|
||||
goto exit;
|
||||
}
|
||||
|
|
@ -224,25 +233,25 @@ int main( int argc, char *argv[] )
|
|||
ret = mpi_cmp_mpi(&pk_rsa( pk )->N, &pk_rsa( clicert.pk )->N);
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! mpi_cmp_mpi for N returned %d\n\n", ret );
|
||||
polarssl_printf( " failed\n ! mpi_cmp_mpi for N returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = mpi_cmp_mpi(&pk_rsa( pk )->E, &pk_rsa( clicert.pk )->E);
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! mpi_cmp_mpi for E returned %d\n\n", ret );
|
||||
polarssl_printf( " failed\n ! mpi_cmp_mpi for E returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = rsa_check_privkey( pk_rsa( pk ) );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! rsa_check_privkey returned %d\n\n", ret );
|
||||
polarssl_printf( " failed\n ! rsa_check_privkey returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
printf( " ok\n" );
|
||||
polarssl_printf( " ok\n" );
|
||||
|
||||
x509_crt_free( &clicert );
|
||||
pk_free( &pk );
|
||||
|
|
@ -253,7 +262,7 @@ exit:
|
|||
x509_crl_free( &crl );
|
||||
|
||||
#if defined(_WIN32)
|
||||
printf( " + Press Enter to exit this program.\n" );
|
||||
polarssl_printf( " + Press Enter to exit this program.\n" );
|
||||
fflush( stdout ); getchar();
|
||||
#endif
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue