Add len constants to certs.c

parent 5cbb60bf
......@@ -6,6 +6,8 @@ Features
* Support for DTLS 1.0 and 1.2 (RFC 6347).
API Changes
* Test certificates in cert.s are no longer guaranteed to be nul-terminated
strings; use the new *_len variables instead of strlen().
* md_init_ctx() is deprecated in favour of md_setup(), that adds a third
argument (allowing memory savings if HMAC is not used)
* Removed individual mdX_hmac and shaX_hmac functions (use generic
......
......@@ -24,47 +24,72 @@
#ifndef POLARSSL_CERTS_H
#define POLARSSL_CERTS_H
#include <stddef.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Concatenation of all available CA certificates */
extern const char test_ca_list[];
extern const char test_ca_list[];
extern const size_t test_ca_list_len;
/*
* Convenience for users who just want a certificate:
* RSA by default, or ECDSA if RSA is not available
*/
extern const char *test_ca_crt;
extern const char *test_ca_key;
extern const char *test_ca_pwd;
extern const char *test_srv_crt;
extern const char *test_srv_key;
extern const char *test_cli_crt;
extern const char *test_cli_key;
extern const char * test_ca_crt;
extern const size_t test_ca_crt_len;
extern const char * test_ca_key;
extern const size_t test_ca_key_len;
extern const char * test_ca_pwd;
extern const size_t test_ca_pwd_len;
extern const char * test_srv_crt;
extern const size_t test_srv_crt_len;
extern const char * test_srv_key;
extern const size_t test_srv_key_len;
extern const char * test_cli_crt;
extern const size_t test_cli_crt_len;
extern const char * test_cli_key;
extern const size_t test_cli_key_len;
#if defined(POLARSSL_ECDSA_C)
extern const char test_ca_crt_ec[];
extern const char test_ca_key_ec[];
extern const char test_ca_pwd_ec[];
extern const char test_srv_crt_ec[];
extern const char test_srv_key_ec[];
extern const char test_cli_crt_ec[];
extern const char test_cli_key_ec[];
extern const char test_ca_crt_ec[];
extern const size_t test_ca_crt_ec_len;
extern const char test_ca_key_ec[];
extern const size_t test_ca_key_ec_len;
extern const char test_ca_pwd_ec[];
extern const size_t test_ca_pwd_ec_len;
extern const char test_srv_crt_ec[];
extern const size_t test_srv_crt_ec_len;
extern const char test_srv_key_ec[];
extern const size_t test_srv_key_ec_len;
extern const char test_cli_crt_ec[];
extern const size_t test_cli_crt_ec_len;
extern const char test_cli_key_ec[];
extern const size_t test_cli_key_ec_len;
#endif
#if defined(POLARSSL_RSA_C)
extern const char test_ca_crt_rsa[];
extern const char test_ca_key_rsa[];
extern const char test_ca_pwd_rsa[];
extern const char test_srv_crt_rsa[];
extern const char test_srv_key_rsa[];
extern const char test_cli_crt_rsa[];
extern const char test_cli_key_rsa[];
extern const char test_ca_crt_rsa[];
extern const size_t test_ca_crt_rsa_len;
extern const char test_ca_key_rsa[];
extern const size_t test_ca_key_rsa_len;
extern const char test_ca_pwd_rsa[];
extern const size_t test_ca_pwd_rsa_len;
extern const char test_srv_crt_rsa[];
extern const size_t test_srv_crt_rsa_len;
extern const char test_srv_key_rsa[];
extern const size_t test_srv_key_rsa_len;
extern const char test_cli_crt_rsa[];
extern const size_t test_cli_crt_rsa_len;
extern const char test_cli_key_rsa[];
extern const size_t test_cli_key_rsa_len;
#endif
#if defined(POLARSSL_DHM_C)
extern const char test_dhm_params[];
extern const char test_dhm_params[];
extern const size_t test_dhm_params_len;
#endif
#ifdef __cplusplus
......
......@@ -26,6 +26,8 @@
#include POLARSSL_CONFIG_FILE
#endif
#include "mbedtls/certs.h"
#if defined(POLARSSL_CERTS_C)
#if defined(POLARSSL_ECDSA_C)
......@@ -105,6 +107,14 @@ const char test_cli_key_ec[] =
"AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n"
"wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n"
"-----END EC PRIVATE KEY-----\r\n";
const size_t test_ca_crt_ec_len = sizeof( test_ca_crt_ec );
const size_t test_ca_key_ec_len = sizeof( test_ca_key_ec );
const size_t test_ca_pwd_ec_len = sizeof( test_ca_pwd_ec ) - 1;
const size_t test_srv_crt_ec_len = sizeof( test_srv_crt_ec );
const size_t test_srv_key_ec_len = sizeof( test_srv_key_ec );
const size_t test_cli_crt_ec_len = sizeof( test_cli_crt_ec );
const size_t test_cli_key_ec_len = sizeof( test_cli_key_ec );
#else
#define TEST_CA_CRT_EC
#endif /* POLARSSL_ECDSA_C */
......@@ -219,7 +229,6 @@ const char test_srv_key_rsa[] =
"TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"
"-----END RSA PRIVATE KEY-----\r\n";
const char test_cli_crt_rsa[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
......@@ -270,6 +279,14 @@ const char test_cli_key_rsa[] =
"bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n"
"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"
"-----END RSA PRIVATE KEY-----\r\n";
const size_t test_ca_crt_rsa_len = sizeof( test_ca_crt_rsa );
const size_t test_ca_key_rsa_len = sizeof( test_ca_key_rsa );
const size_t test_ca_pwd_rsa_len = sizeof( test_ca_pwd_rsa ) - 1;
const size_t test_srv_crt_rsa_len = sizeof( test_srv_crt_rsa );
const size_t test_srv_key_rsa_len = sizeof( test_srv_key_rsa );
const size_t test_cli_crt_rsa_len = sizeof( test_cli_crt_rsa );
const size_t test_cli_key_rsa_len = sizeof( test_cli_key_rsa );
#else
#define TEST_CA_CRT_RSA
#endif /* POLARSSL_RSA_C */
......@@ -281,27 +298,43 @@ const char test_dhm_params[] =
"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n"
"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
"-----END DH PARAMETERS-----\r\n";
const size_t test_dhm_params_len = sizeof( test_dhm_params );
#endif
/* Concatenation of all available CA certificates */
const char test_ca_list[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC;
const size_t test_ca_list_len = sizeof( test_ca_list );
#if defined(POLARSSL_RSA_C)
const char *test_ca_crt = test_ca_crt_rsa;
const char *test_ca_key = test_ca_key_rsa;
const char *test_ca_pwd = test_ca_pwd_rsa;
const char *test_ca_crt = test_ca_crt_rsa;
const char *test_ca_key = test_ca_key_rsa;
const char *test_ca_pwd = test_ca_pwd_rsa;
const char *test_srv_crt = test_srv_crt_rsa;
const char *test_srv_key = test_srv_key_rsa;
const char *test_cli_crt = test_cli_crt_rsa;
const char *test_cli_key = test_cli_key_rsa;
const size_t test_ca_crt_len = test_ca_crt_rsa_len;
const size_t test_ca_key_len = test_ca_key_rsa_len;
const size_t test_ca_pwd_len = test_ca_pwd_rsa_len;
const size_t test_srv_crt_len = test_srv_crt_rsa_len;
const size_t test_srv_key_len = test_srv_key_rsa_len;
const size_t test_cli_crt_len = test_cli_crt_rsa_len;
const size_t test_cli_key_len = test_cli_key_rsa_len;
#else /* ! POLARSSL_RSA_C, so POLARSSL_ECDSA_C */
const char *test_ca_crt = test_ca_crt_ec;
const char *test_ca_key = test_ca_key_ec;
const char *test_ca_pwd = test_ca_pwd_ec;
const char *test_ca_crt = test_ca_crt_ec;
const char *test_ca_key = test_ca_key_ec;
const char *test_ca_pwd = test_ca_pwd_ec;
const char *test_srv_crt = test_srv_crt_ec;
const char *test_srv_key = test_srv_key_ec;
const char *test_cli_crt = test_cli_crt_ec;
const char *test_cli_key = test_cli_key_ec;
const size_t test_ca_crt_len = test_ca_crt_ec_len;
const size_t test_ca_key_len = test_ca_key_ec_len;
const size_t test_ca_pwd_len = test_ca_pwd_ec_len;
const size_t test_srv_crt_len = test_srv_crt_ec_len;
const size_t test_srv_key_len = test_srv_key_ec_len;
const size_t test_cli_crt_len = test_cli_crt_ec_len;
const size_t test_cli_key_len = test_cli_key_ec_len;
#endif /* POLARSSL_RSA_C */
#endif /* POLARSSL_CERTS_C */
......@@ -130,7 +130,7 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_CERTS_C)
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_list,
strlen( test_ca_list ) );
test_ca_list_len );
#else
ret = 1;
polarssl_printf("POLARSSL_CERTS_C not defined.");
......
......@@ -128,7 +128,7 @@ int main( void )
* server and CA certificates, as well as pk_parse_keyfile().
*/
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
strlen( test_srv_crt ) );
test_srv_crt_len );
if( ret != 0 )
{
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
......@@ -136,7 +136,7 @@ int main( void )
}
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_list,
strlen( test_ca_list ) );
test_ca_list_len );
if( ret != 0 )
{
printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
......@@ -144,7 +144,7 @@ int main( void )
}
ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
strlen( test_srv_key ), NULL, 0 );
test_srv_key_len, NULL, 0 );
if( ret != 0 )
{
printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
......
......@@ -121,7 +121,7 @@ int main( void )
#if defined(POLARSSL_CERTS_C)
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_list,
strlen( test_ca_list ) );
test_ca_list_len );
#else
ret = 1;
polarssl_printf("POLARSSL_CERTS_C not defined.");
......
......@@ -947,7 +947,7 @@ int main( int argc, char *argv[] )
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_list,
strlen( test_ca_list ) );
test_ca_list_len );
#else
{
ret = 1;
......@@ -980,7 +980,7 @@ int main( int argc, char *argv[] )
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt,
strlen( test_cli_crt ) );
test_cli_crt_len );
#else
{
ret = 1;
......@@ -1003,7 +1003,7 @@ int main( int argc, char *argv[] )
#endif
#if defined(POLARSSL_CERTS_C)
ret = pk_parse_key( &pkey, (const unsigned char *) test_cli_key,
strlen( test_cli_key ), NULL, 0 );
test_cli_key_len, NULL, 0 );
#else
{
ret = 1;
......
......@@ -154,7 +154,7 @@ int main( void )
* server and CA certificates, as well as pk_parse_keyfile().
*/
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
strlen( test_srv_crt ) );
test_srv_crt_len );
if( ret != 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
......@@ -162,7 +162,7 @@ int main( void )
}
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_list,
strlen( test_ca_list ) );
test_ca_list_len );
if( ret != 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
......@@ -170,7 +170,7 @@ int main( void )
}
ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
strlen( test_srv_key ), NULL, 0 );
test_srv_key_len, NULL, 0 );
if( ret != 0 )
{
polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
......
......@@ -508,7 +508,7 @@ int main( int argc, char *argv[] )
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_list,
strlen( test_ca_list ) );
test_ca_list_len );
#else
{
ret = 1;
......@@ -538,7 +538,7 @@ int main( int argc, char *argv[] )
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt,
strlen( test_cli_crt ) );
test_cli_crt_len );
#else
{
ret = -1;
......@@ -558,7 +558,7 @@ int main( int argc, char *argv[] )
#endif
#if defined(POLARSSL_CERTS_C)
ret = pk_parse_key( &pkey, (const unsigned char *) test_cli_key,
strlen( test_cli_key ), NULL, 0 );
test_cli_key_len, NULL, 0 );
#else
{
ret = -1;
......
......@@ -417,7 +417,7 @@ int main( void )
* server and CA certificates, as well as pk_parse_keyfile().
*/
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
strlen( test_srv_crt ) );
test_srv_crt_len );
if( ret != 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
......@@ -425,7 +425,7 @@ int main( void )
}
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_list,
strlen( test_ca_list ) );
test_ca_list_len );
if( ret != 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
......@@ -434,7 +434,7 @@ int main( void )
pk_init( &pkey );
ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
strlen( test_srv_key ), NULL, 0 );
test_srv_key_len, NULL, 0 );
if( ret != 0 )
{
polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
......
......@@ -132,7 +132,7 @@ int main( void )
* server and CA certificates, as well as pk_parse_keyfile().
*/
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_srv_crt,
strlen( test_srv_crt ) );
test_srv_crt_len );
if( ret != 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
......@@ -140,7 +140,7 @@ int main( void )
}
ret = x509_crt_parse( &srvcert, (const unsigned char *) test_ca_list,
strlen( test_ca_list ) );
test_ca_list_len );
if( ret != 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse returned %d\n\n", ret );
......@@ -148,7 +148,7 @@ int main( void )
}
ret = pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
strlen( test_srv_key ), NULL, 0 );
test_srv_key_len, NULL, 0 );
if( ret != 0 )
{
polarssl_printf( " failed\n ! pk_parse_key returned %d\n\n", ret );
......
......@@ -1328,7 +1328,7 @@ int main( int argc, char *argv[] )
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_list,
strlen( test_ca_list ) );
test_ca_list_len );
#else
{
ret = 1;
......@@ -1416,14 +1416,14 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_RSA_C)
if( ( ret = x509_crt_parse( &srvcert,
(const unsigned char *) test_srv_crt_rsa,
strlen( test_srv_crt_rsa ) ) ) != 0 )
test_srv_crt_rsa_len ) ) != 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
goto exit;
}
if( ( ret = pk_parse_key( &pkey,
(const unsigned char *) test_srv_key_rsa,
strlen( test_srv_key_rsa ), NULL, 0 ) ) != 0 )
test_srv_key_rsa_len, NULL, 0 ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_parse_key returned -0x%x\n\n", -ret );
goto exit;
......@@ -1433,14 +1433,14 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_ECDSA_C)
if( ( ret = x509_crt_parse( &srvcert2,
(const unsigned char *) test_srv_crt_ec,
strlen( test_srv_crt_ec ) ) ) != 0 )
test_srv_crt_ec_len ) ) != 0 )
{
polarssl_printf( " failed\n ! x509_crt_parse2 returned -0x%x\n\n", -ret );
goto exit;
}
if( ( ret = pk_parse_key( &pkey2,
(const unsigned char *) test_srv_key_ec,
strlen( test_srv_key_ec ), NULL, 0 ) ) != 0 )
test_srv_key_ec_len, NULL, 0 ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n", -ret );
goto exit;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment