Commit ce7c6fd4 authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard
Browse files

Fix dependencies

parent b7de86d8
......@@ -2102,6 +2102,11 @@
#error "POLARSSL_RSA_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_PKCS1_V21) )
#error "POLARSSL_RSASSA_PSS_CERTIFICATES defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites"
......
......@@ -256,9 +256,11 @@ int x509_get_alg_null( unsigned char **p, const unsigned char *end,
x509_buf *alg );
int x509_get_alg( unsigned char **p, const unsigned char *end,
x509_buf *alg, x509_buf *params );
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
int x509_get_rsassa_pss_params( const x509_buf *params,
md_type_t *md_alg, md_type_t *mgf_md,
int *salt_len, int *trailer_field );
#endif
int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig );
int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
pk_type_t *pk_alg );
......
......@@ -132,6 +132,7 @@ int x509_get_alg( unsigned char **p, const unsigned char *end,
return( 0 );
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
/*
* HashAlgorithm ::= AlgorithmIdentifier
*
......@@ -324,6 +325,7 @@ int x509_get_rsassa_pss_params( const x509_buf *params,
return( 0 );
}
#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */
/*
* AttributeTypeAndValue ::= SEQUENCE {
......
......@@ -596,7 +596,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 ||
( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 ||
( ret = x509_get_alg( &p, end, &crt->sig_oid1,
&crt->sig_params ) ) != 0 )
&sig_params ) ) != 0 )
{
x509_crt_free( crt );
return( ret );
......@@ -617,22 +617,26 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
return( ret );
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS )
{
int salt_len, trailer_field;
md_type_t mgf_md;
/* Make sure params are valid */
ret = x509_get_rsassa_pss_params( &crt->sig_params,
ret = x509_get_rsassa_pss_params( &sig_params,
&crt->sig_md, &mgf_md, &salt_len, &trailer_field );
if( ret != 0 )
return( ret );
memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) );
}
else
#endif
{
/* Make sure parameters were absent or NULL */
if( ( crt->sig_params.tag != ASN1_NULL && crt->sig_params.tag != 0 ) ||
crt->sig_params.len != 0 )
/* Make sure parameters are absent or NULL */
if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) ||
sig_params.len != 0 )
return( POLARSSL_ERR_X509_INVALID_ALG );
}
......@@ -763,9 +767,13 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
}
if( crt->sig_oid1.len != crt->sig_oid2.len ||
memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 ||
memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
||
crt->sig_params.len != sig_params.len ||
memcmp( crt->sig_params.p, sig_params.p, sig_params.len ) != 0 )
memcmp( crt->sig_params.p, sig_params.p, sig_params.len ) != 0
#endif
)
{
x509_crt_free( crt );
return( POLARSSL_ERR_X509_SIG_MISMATCH );
......@@ -1185,6 +1193,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
ret = snprintf( p, n, "%s", desc );
SAFE_SNPRINTF();
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS )
{
md_type_t md_alg, mgf_md;
......@@ -1204,6 +1213,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
salt_len, trailer_field );
SAFE_SNPRINTF();
}
#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */
if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON,
pk_get_name( &crt->pk ) ) ) != 0 )
......
......@@ -43,23 +43,23 @@ depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n"
X509 Certificate information RSA-PSS, SHA1 Digest
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C
x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA, 1)\nRSA key size \: 1024 bits\n"
X509 Certificate information RSA-PSS, SHA224 Digest
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C
x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2, 1)\nRSA key size \: 1024 bits\n"
X509 Certificate information RSA-PSS, SHA256 Digest
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C
x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE, 1)\nRSA key size \: 1024 bits\n"
X509 Certificate information RSA-PSS, SHA384 Digest
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C
x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE, 1)\nRSA key size \: 1024 bits\n"
X509 Certificate information RSA-PSS, SHA512 Digest
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C
x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE, 1)\nRSA key size \: 1024 bits\n"
X509 Certificate information EC, SHA1 Digest
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment