Lines Matching +full:- +full:p
5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
8 * The ITU-T X.509 standard defines a certificate format for PKI.
14 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
15 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
51 static int x509_crl_get_version(unsigned char **p, in x509_crl_get_version() argument
57 if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) { in x509_crl_get_version()
73 * list of extensions is well-formed and abort on critical extensions (that
76 static int x509_get_crl_ext(unsigned char **p, in x509_get_crl_ext() argument
82 if (*p == end) { in x509_get_crl_ext()
88 * -- if present, version MUST be v2 in x509_get_crl_ext()
90 if ((ret = mbedtls_x509_get_ext(p, end, ext, 0)) != 0) { in x509_get_crl_ext()
94 end = ext->p + ext->len; in x509_get_crl_ext()
96 while (*p < end) { in x509_get_crl_ext()
108 if ((ret = mbedtls_asn1_get_tag(p, end, &len, in x509_get_crl_ext()
113 end_ext_data = *p + len; in x509_get_crl_ext()
116 if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, in x509_get_crl_ext()
120 *p += len; in x509_get_crl_ext()
123 if ((ret = mbedtls_asn1_get_bool(p, end_ext_data, in x509_get_crl_ext()
130 if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, in x509_get_crl_ext()
136 *p += len; in x509_get_crl_ext()
137 if (*p != end_ext_data) { in x509_get_crl_ext()
149 if (*p != end) { in x509_get_crl_ext()
160 static int x509_get_crl_entry_ext(unsigned char **p, in x509_get_crl_entry_ext() argument
168 if (end <= *p) { in x509_get_crl_entry_ext()
172 ext->tag = **p; in x509_get_crl_entry_ext()
173 ext->p = *p; in x509_get_crl_entry_ext()
176 * Get CRL-entry extension sequence header in x509_get_crl_entry_ext()
177 * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2 in x509_get_crl_entry_ext()
179 if ((ret = mbedtls_asn1_get_tag(p, end, &ext->len, in x509_get_crl_entry_ext()
182 ext->p = NULL; in x509_get_crl_entry_ext()
188 end = *p + ext->len; in x509_get_crl_entry_ext()
190 if (end != *p + ext->len) { in x509_get_crl_entry_ext()
195 while (*p < end) { in x509_get_crl_entry_ext()
196 if ((ret = mbedtls_asn1_get_tag(p, end, &len, in x509_get_crl_entry_ext()
201 *p += len; in x509_get_crl_entry_ext()
204 if (*p != end) { in x509_get_crl_entry_ext()
215 static int x509_get_entries(unsigned char **p, in x509_get_entries() argument
223 if (*p == end) { in x509_get_entries()
227 if ((ret = mbedtls_asn1_get_tag(p, end, &entry_len, in x509_get_entries()
236 end = *p + entry_len; in x509_get_entries()
238 while (*p < end) { in x509_get_entries()
242 cur_entry->raw.tag = **p; in x509_get_entries()
243 if ((ret = mbedtls_asn1_get_tag(p, end, &len2, in x509_get_entries()
248 cur_entry->raw.p = *p; in x509_get_entries()
249 cur_entry->raw.len = len2; in x509_get_entries()
250 end2 = *p + len2; in x509_get_entries()
252 if ((ret = mbedtls_x509_get_serial(p, end2, &cur_entry->serial)) != 0) { in x509_get_entries()
256 if ((ret = mbedtls_x509_get_time(p, end2, in x509_get_entries()
257 &cur_entry->revocation_date)) != 0) { in x509_get_entries()
261 if ((ret = x509_get_crl_entry_ext(p, end2, in x509_get_entries()
262 &cur_entry->entry_ext)) != 0) { in x509_get_entries()
266 if (*p < end) { in x509_get_entries()
267 cur_entry->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crl_entry)); in x509_get_entries()
269 if (cur_entry->next == NULL) { in x509_get_entries()
273 cur_entry = cur_entry->next; in x509_get_entries()
288 unsigned char *p = NULL, *end = NULL; in mbedtls_x509_crl_parse_der() local
306 while (crl->version != 0 && crl->next != NULL) { in mbedtls_x509_crl_parse_der()
307 crl = crl->next; in mbedtls_x509_crl_parse_der()
310 if (crl->version != 0 && crl->next == NULL) { in mbedtls_x509_crl_parse_der()
311 crl->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crl)); in mbedtls_x509_crl_parse_der()
313 if (crl->next == NULL) { in mbedtls_x509_crl_parse_der()
318 mbedtls_x509_crl_init(crl->next); in mbedtls_x509_crl_parse_der()
319 crl = crl->next; in mbedtls_x509_crl_parse_der()
323 * Copy raw DER-encoded CRL in mbedtls_x509_crl_parse_der()
329 p = mbedtls_calloc(1, buflen); in mbedtls_x509_crl_parse_der()
330 if (p == NULL) { in mbedtls_x509_crl_parse_der()
334 memcpy(p, buf, buflen); in mbedtls_x509_crl_parse_der()
336 crl->raw.p = p; in mbedtls_x509_crl_parse_der()
337 crl->raw.len = buflen; in mbedtls_x509_crl_parse_der()
339 end = p + buflen; in mbedtls_x509_crl_parse_der()
347 if ((ret = mbedtls_asn1_get_tag(&p, end, &len, in mbedtls_x509_crl_parse_der()
353 if (len != (size_t) (end - p)) { in mbedtls_x509_crl_parse_der()
362 crl->tbs.p = p; in mbedtls_x509_crl_parse_der()
364 if ((ret = mbedtls_asn1_get_tag(&p, end, &len, in mbedtls_x509_crl_parse_der()
370 end = p + len; in mbedtls_x509_crl_parse_der()
371 crl->tbs.len = (size_t) (end - crl->tbs.p); in mbedtls_x509_crl_parse_der()
375 * -- if present, MUST be v2 in mbedtls_x509_crl_parse_der()
379 if ((ret = x509_crl_get_version(&p, end, &crl->version)) != 0 || in mbedtls_x509_crl_parse_der()
380 (ret = mbedtls_x509_get_alg(&p, end, &crl->sig_oid, &sig_params1)) != 0) { in mbedtls_x509_crl_parse_der()
385 if (crl->version < 0 || crl->version > 1) { in mbedtls_x509_crl_parse_der()
390 crl->version++; in mbedtls_x509_crl_parse_der()
392 if ((ret = mbedtls_x509_get_sig_alg(&crl->sig_oid, &sig_params1, in mbedtls_x509_crl_parse_der()
393 &crl->sig_md, &crl->sig_pk, in mbedtls_x509_crl_parse_der()
394 &crl->sig_opts)) != 0) { in mbedtls_x509_crl_parse_der()
402 crl->issuer_raw.p = p; in mbedtls_x509_crl_parse_der()
404 if ((ret = mbedtls_asn1_get_tag(&p, end, &len, in mbedtls_x509_crl_parse_der()
410 if ((ret = mbedtls_x509_get_name(&p, p + len, &crl->issuer)) != 0) { in mbedtls_x509_crl_parse_der()
415 crl->issuer_raw.len = (size_t) (p - crl->issuer_raw.p); in mbedtls_x509_crl_parse_der()
421 if ((ret = mbedtls_x509_get_time(&p, end, &crl->this_update)) != 0) { in mbedtls_x509_crl_parse_der()
426 if ((ret = mbedtls_x509_get_time(&p, end, &crl->next_update)) != 0) { in mbedtls_x509_crl_parse_der()
441 * -- if present, MUST be v2 in mbedtls_x509_crl_parse_der()
444 if ((ret = x509_get_entries(&p, end, &crl->entry)) != 0) { in mbedtls_x509_crl_parse_der()
451 * -- if present, MUST be v2 in mbedtls_x509_crl_parse_der()
453 if (crl->version == 2) { in mbedtls_x509_crl_parse_der()
454 ret = x509_get_crl_ext(&p, end, &crl->crl_ext); in mbedtls_x509_crl_parse_der()
462 if (p != end) { in mbedtls_x509_crl_parse_der()
468 end = crl->raw.p + crl->raw.len; in mbedtls_x509_crl_parse_der()
474 if ((ret = mbedtls_x509_get_alg(&p, end, &sig_oid2, &sig_params2)) != 0) { in mbedtls_x509_crl_parse_der()
479 if (crl->sig_oid.len != sig_oid2.len || in mbedtls_x509_crl_parse_der()
480 memcmp(crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len) != 0 || in mbedtls_x509_crl_parse_der()
483 memcmp(sig_params1.p, sig_params2.p, sig_params1.len) != 0)) { in mbedtls_x509_crl_parse_der()
488 if ((ret = mbedtls_x509_get_sig(&p, end, &crl->sig)) != 0) { in mbedtls_x509_crl_parse_der()
493 if (p != end) { in mbedtls_x509_crl_parse_der()
520 // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated in mbedtls_x509_crl_parse()
522 if (buflen == 0 || buf[buflen - 1] != '\0') { in mbedtls_x509_crl_parse()
526 "-----BEGIN X509 CRL-----", in mbedtls_x509_crl_parse()
527 "-----END X509 CRL-----", in mbedtls_x509_crl_parse()
537 buflen -= use_len; in mbedtls_x509_crl_parse()
599 char *p; in mbedtls_x509_crl_info() local
602 p = buf; in mbedtls_x509_crl_info()
605 ret = mbedtls_snprintf(p, n, "%sCRL version : %d", in mbedtls_x509_crl_info()
606 prefix, crl->version); in mbedtls_x509_crl_info()
609 ret = mbedtls_snprintf(p, n, "\n%sissuer name : ", prefix); in mbedtls_x509_crl_info()
611 ret = mbedtls_x509_dn_gets(p, n, &crl->issuer); in mbedtls_x509_crl_info()
614 ret = mbedtls_snprintf(p, n, "\n%sthis update : " \ in mbedtls_x509_crl_info()
615 "%04d-%02d-%02d %02d:%02d:%02d", prefix, in mbedtls_x509_crl_info()
616 crl->this_update.year, crl->this_update.mon, in mbedtls_x509_crl_info()
617 crl->this_update.day, crl->this_update.hour, in mbedtls_x509_crl_info()
618 crl->this_update.min, crl->this_update.sec); in mbedtls_x509_crl_info()
621 ret = mbedtls_snprintf(p, n, "\n%snext update : " \ in mbedtls_x509_crl_info()
622 "%04d-%02d-%02d %02d:%02d:%02d", prefix, in mbedtls_x509_crl_info()
623 crl->next_update.year, crl->next_update.mon, in mbedtls_x509_crl_info()
624 crl->next_update.day, crl->next_update.hour, in mbedtls_x509_crl_info()
625 crl->next_update.min, crl->next_update.sec); in mbedtls_x509_crl_info()
628 entry = &crl->entry; in mbedtls_x509_crl_info()
630 ret = mbedtls_snprintf(p, n, "\n%sRevoked certificates:", in mbedtls_x509_crl_info()
634 while (entry != NULL && entry->raw.len != 0) { in mbedtls_x509_crl_info()
635 ret = mbedtls_snprintf(p, n, "\n%sserial number: ", in mbedtls_x509_crl_info()
639 ret = mbedtls_x509_serial_gets(p, n, &entry->serial); in mbedtls_x509_crl_info()
642 ret = mbedtls_snprintf(p, n, " revocation date: " \ in mbedtls_x509_crl_info()
643 "%04d-%02d-%02d %02d:%02d:%02d", in mbedtls_x509_crl_info()
644 entry->revocation_date.year, entry->revocation_date.mon, in mbedtls_x509_crl_info()
645 entry->revocation_date.day, entry->revocation_date.hour, in mbedtls_x509_crl_info()
646 entry->revocation_date.min, entry->revocation_date.sec); in mbedtls_x509_crl_info()
649 entry = entry->next; in mbedtls_x509_crl_info()
652 ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix); in mbedtls_x509_crl_info()
655 ret = mbedtls_x509_sig_alg_gets(p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md, in mbedtls_x509_crl_info()
656 crl->sig_opts); in mbedtls_x509_crl_info()
659 ret = mbedtls_snprintf(p, n, "\n"); in mbedtls_x509_crl_info()
662 return (int) (size - n); in mbedtls_x509_crl_info()
686 mbedtls_free(crl_cur->sig_opts); in mbedtls_x509_crl_free()
689 mbedtls_asn1_free_named_data_list_shallow(crl_cur->issuer.next); in mbedtls_x509_crl_free()
691 entry_cur = crl_cur->entry.next; in mbedtls_x509_crl_free()
694 entry_cur = entry_cur->next; in mbedtls_x509_crl_free()
699 if (crl_cur->raw.p != NULL) { in mbedtls_x509_crl_free()
700 mbedtls_zeroize_and_free(crl_cur->raw.p, crl_cur->raw.len); in mbedtls_x509_crl_free()
704 crl_cur = crl_cur->next; in mbedtls_x509_crl_free()