mirror of
https://github.com/cuberite/polarssl.git
synced 2025-10-27 01:34:25 -04:00
Merge pull request #5504 from gstrauss/mbedtls_pem_get_der
Add accessor to get der from mbedtls_pem_context
This commit is contained in:
Gilles Peskine
GitHub
commit
bebeae9428
2
ChangeLog.d/mbedtls_pem_get_der.txt
Normal file
2
ChangeLog.d/mbedtls_pem_get_der.txt
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
Features
|
||||||
|
* Add accessor to get the raw buffer pointer from a PEM context.
|
||||||
@ -27,6 +27,11 @@
|
|||||||
|
|
||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
|
|
||||||
|
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
|
||||||
|
!defined(inline) && !defined(__cplusplus)
|
||||||
|
#define inline __inline
|
||||||
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \name PEM Error codes
|
* \name PEM Error codes
|
||||||
* These error codes are returned in case of errors reading the
|
* These error codes are returned in case of errors reading the
|
||||||
@ -96,6 +101,10 @@ void mbedtls_pem_init( mbedtls_pem_context *ctx );
|
|||||||
* the decrypted text starts with an ASN.1 sequence of
|
* the decrypted text starts with an ASN.1 sequence of
|
||||||
* appropriate length
|
* appropriate length
|
||||||
*
|
*
|
||||||
|
* \note \c mbedtls_pem_free must be called on PEM context before
|
||||||
|
* the PEM context can be reused in another call to
|
||||||
|
* \c mbedtls_pem_read_buffer
|
||||||
|
*
|
||||||
* \return 0 on success, or a specific PEM error code
|
* \return 0 on success, or a specific PEM error code
|
||||||
*/
|
*/
|
||||||
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
|
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
|
||||||
@ -103,6 +112,25 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||||||
const unsigned char *pwd,
|
const unsigned char *pwd,
|
||||||
size_t pwdlen, size_t *use_len );
|
size_t pwdlen, size_t *use_len );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Get the pointer to the decoded binary data in a PEM context.
|
||||||
|
*
|
||||||
|
* \param ctx PEM context to access.
|
||||||
|
* \param buflen On success, this will contain the length of the binary data.
|
||||||
|
* This must be a valid (non-null) pointer.
|
||||||
|
*
|
||||||
|
* \return A pointer to the decoded binary data.
|
||||||
|
*
|
||||||
|
* \note The returned pointer remains valid only until \p ctx is
|
||||||
|
modified or freed.
|
||||||
|
*/
|
||||||
|
static inline const unsigned char *mbedtls_pem_get_buffer( mbedtls_pem_context *ctx, size_t *buflen )
|
||||||
|
{
|
||||||
|
*buflen = ctx->MBEDTLS_PRIVATE(buflen);
|
||||||
|
return( ctx->MBEDTLS_PRIVATE(buf) );
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief PEM context memory freeing
|
* \brief PEM context memory freeing
|
||||||
*
|
*
|
||||||
|
|||||||
@ -16,23 +16,26 @@ mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102
|
|||||||
PEM write (exactly two lines + 1)
|
PEM write (exactly two lines + 1)
|
||||||
mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
|
mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
|
||||||
|
|
||||||
|
PEM read (unencrypted, valid)
|
||||||
|
mbedtls_pem_read_buffer:"^":"$":"^\nTWJlZCBUTFM=\n$":"":0:"4d62656420544c53"
|
||||||
|
|
||||||
PEM read (DES-EDE3-CBC + invalid iv)
|
PEM read (DES-EDE3-CBC + invalid iv)
|
||||||
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV
|
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:""
|
||||||
|
|
||||||
PEM read (DES-CBC + invalid iv)
|
PEM read (DES-CBC + invalid iv)
|
||||||
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV
|
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:""
|
||||||
|
|
||||||
PEM read (unknown encryption algorithm)
|
PEM read (unknown encryption algorithm)
|
||||||
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG
|
mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG:""
|
||||||
|
|
||||||
PEM read (malformed PEM DES-CBC)
|
PEM read (malformed PEM DES-CBC)
|
||||||
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||||
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
|
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:""
|
||||||
|
|
||||||
PEM read (malformed PEM DES-EDE3-CBC)
|
PEM read (malformed PEM DES-EDE3-CBC)
|
||||||
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||||
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
|
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:""
|
||||||
|
|
||||||
PEM read (malformed PEM AES-128-CBC)
|
PEM read (malformed PEM AES-128-CBC)
|
||||||
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
|
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
|
||||||
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,AA94892A169FA426AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
|
mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,AA94892A169FA426AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:""
|
||||||
|
|||||||
@ -34,18 +34,26 @@ exit:
|
|||||||
|
|
||||||
/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */
|
/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */
|
||||||
void mbedtls_pem_read_buffer( char *header, char *footer, char *data,
|
void mbedtls_pem_read_buffer( char *header, char *footer, char *data,
|
||||||
char *pwd, int res )
|
char *pwd, int res, data_t *out )
|
||||||
{
|
{
|
||||||
mbedtls_pem_context ctx;
|
mbedtls_pem_context ctx;
|
||||||
int ret;
|
int ret;
|
||||||
size_t use_len = 0;
|
size_t use_len = 0;
|
||||||
size_t pwd_len = strlen( pwd );
|
size_t pwd_len = strlen( pwd );
|
||||||
|
const unsigned char *buf;
|
||||||
|
|
||||||
mbedtls_pem_init( &ctx );
|
mbedtls_pem_init( &ctx );
|
||||||
|
|
||||||
ret = mbedtls_pem_read_buffer( &ctx, header, footer, (unsigned char *)data,
|
ret = mbedtls_pem_read_buffer( &ctx, header, footer, (unsigned char *)data,
|
||||||
(unsigned char *)pwd, pwd_len, &use_len );
|
(unsigned char *)pwd, pwd_len, &use_len );
|
||||||
TEST_ASSERT( ret == res );
|
TEST_ASSERT( ret == res );
|
||||||
|
if( ret != 0 )
|
||||||
|
goto exit;
|
||||||
|
|
||||||
|
use_len = 0;
|
||||||
|
buf = mbedtls_pem_get_buffer( &ctx, &use_len );
|
||||||
|
TEST_EQUAL( use_len, out->len );
|
||||||
|
TEST_ASSERT( memcmp( out->x, buf, out->len ) == 0 );
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
mbedtls_pem_free( &ctx );
|
mbedtls_pem_free( &ctx );
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user