/* * Unallocate all CSR data */ void x509_csr_free( x509_csr *csr ) { x509_name *name_cur; x509_name *name_prv; if( csr == NULL ) return; pk_free( &csr->pk ); #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) polarssl_free( csr->sig_opts ); #endif name_cur = csr->subject.next; while( name_cur != NULL ) { name_prv = name_cur; name_cur = name_cur->next; polarssl_zeroize( name_prv, sizeof( x509_name ) ); polarssl_free( name_prv ); } if( csr->raw.p != NULL ) { polarssl_zeroize( csr->raw.p, csr->raw.len ); polarssl_free( csr->raw.p ); } polarssl_zeroize( csr, sizeof( x509_csr ) ); }
/* * Unallocate all CSR data */ void x509_csr_free( x509_csr *csr ) { x509_name *name_cur; x509_name *name_prv; if( csr == NULL ) return; pk_free( &csr->pk ); name_cur = csr->subject.next; while( name_cur != NULL ) { name_prv = name_cur; name_cur = name_cur->next; memset( name_prv, 0, sizeof( x509_name ) ); polarssl_free( name_prv ); } if( csr->raw.p != NULL ) { memset( csr->raw.p, 0, csr->raw.len ); polarssl_free( csr->raw.p ); } memset( csr, 0, sizeof( x509_csr ) ); }
/* * Unallocate all CRL data */ void x509_crl_free( x509_crl *crl ) { x509_crl *crl_cur = crl; x509_crl *crl_prv; x509_name *name_cur; x509_name *name_prv; x509_crl_entry *entry_cur; x509_crl_entry *entry_prv; if( crl == NULL ) return; do { #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) polarssl_free( crl_cur->sig_opts ); #endif name_cur = crl_cur->issuer.next; while( name_cur != NULL ) { name_prv = name_cur; name_cur = name_cur->next; polarssl_zeroize( name_prv, sizeof( x509_name ) ); polarssl_free( name_prv ); } entry_cur = crl_cur->entry.next; while( entry_cur != NULL ) { entry_prv = entry_cur; entry_cur = entry_cur->next; polarssl_zeroize( entry_prv, sizeof( x509_crl_entry ) ); polarssl_free( entry_prv ); } if( crl_cur->raw.p != NULL ) { polarssl_zeroize( crl_cur->raw.p, crl_cur->raw.len ); polarssl_free( crl_cur->raw.p ); } crl_cur = crl_cur->next; } while( crl_cur != NULL ); crl_cur = crl; do { crl_prv = crl_cur; crl_cur = crl_cur->next; polarssl_zeroize( crl_prv, sizeof( x509_crl ) ); if( crl_prv != crl ) polarssl_free( crl_prv ); } while( crl_cur != NULL ); }
void asn1_free_named_data( asn1_named_data *cur ) { if( cur == NULL ) return; polarssl_free( cur->oid.p ); polarssl_free( cur->val.p ); memset( cur, 0, sizeof( asn1_named_data ) ); }
/* * Unallocate all CRL data */ void x509_crl_free( x509_crl *crl ) { x509_crl *crl_cur = crl; x509_crl *crl_prv; x509_name *name_cur; x509_name *name_prv; x509_crl_entry *entry_cur; x509_crl_entry *entry_prv; if( crl == NULL ) return; do { name_cur = crl_cur->issuer.next; while( name_cur != NULL ) { name_prv = name_cur; name_cur = name_cur->next; memset( name_prv, 0, sizeof( x509_name ) ); polarssl_free( name_prv ); } entry_cur = crl_cur->entry.next; while( entry_cur != NULL ) { entry_prv = entry_cur; entry_cur = entry_cur->next; memset( entry_prv, 0, sizeof( x509_crl_entry ) ); polarssl_free( entry_prv ); } if( crl_cur->raw.p != NULL ) { memset( crl_cur->raw.p, 0, crl_cur->raw.len ); polarssl_free( crl_cur->raw.p ); } crl_cur = crl_cur->next; } while( crl_cur != NULL ); crl_cur = crl; do { crl_prv = crl_cur; crl_cur = crl_cur->next; memset( crl_prv, 0, sizeof( x509_crl ) ); if( crl_prv != crl ) polarssl_free( crl_prv ); } while( crl_cur != NULL ); }
void debug_print_msg_free( const ssl_context *ssl, int level, const char *file, int line, char *text ) { if( text != NULL ) debug_print_msg( ssl, level, file, line, text ); #if defined(POLARSSL_THREADING_C) polarssl_free( text ); #endif }
void asn1_free_named_data_list( asn1_named_data **head ) { asn1_named_data *cur; while( ( cur = *head ) != NULL ) { *head = cur->next; asn1_free_named_data( cur ); polarssl_free( cur ); } }
asn1_named_data *asn1_store_named_data( asn1_named_data **head, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len ) { asn1_named_data *cur; if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) { // Add new entry if not present yet based on OID // if( ( cur = polarssl_malloc( sizeof(asn1_named_data) ) ) == NULL ) return( NULL ); memset( cur, 0, sizeof(asn1_named_data) ); cur->oid.len = oid_len; cur->oid.p = polarssl_malloc( oid_len ); if( cur->oid.p == NULL ) { polarssl_free( cur ); return( NULL ); } cur->val.len = val_len; cur->val.p = polarssl_malloc( val_len ); if( cur->val.p == NULL ) { polarssl_free( cur->oid.p ); polarssl_free( cur ); return( NULL ); } memcpy( cur->oid.p, oid, oid_len ); cur->next = *head; *head = cur; } else if( cur->val.len < val_len ) { // Enlarge existing value buffer if needed // polarssl_free( cur->val.p ); cur->val.p = NULL; cur->val.len = val_len; cur->val.p = polarssl_malloc( val_len ); if( cur->val.p == NULL ) { polarssl_free( cur->oid.p ); polarssl_free( cur ); return( NULL ); } } if( val != NULL ) memcpy( cur->val.p, val, val_len ); return( cur ); }
void ssl_cache_free( ssl_cache_context *cache ) { ssl_cache_entry *cur, *prv; cur = cache->chain; while( cur != NULL ) { prv = cur; cur = cur->next; ssl_session_free( &prv->session ); #if defined(POLARSSL_X509_CRT_PARSE_C) polarssl_free( prv->peer_cert.p ); #endif /* POLARSSL_X509_CRT_PARSE_C */ polarssl_free( prv ); } #if defined(POLARSSL_THREADING_C) polarssl_mutex_free( &cache->mutex ); #endif }
/* * Load one or more CRLs and add them to the chained list */ int x509_crl_parse_file( x509_crl *chain, const char *path ) { int ret; size_t n; unsigned char *buf; if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); ret = x509_crl_parse( chain, buf, n ); polarssl_zeroize( buf, n + 1 ); polarssl_free( buf ); return( ret ); }
/* * Load and parse a public key */ int pk_parse_public_keyfile( pk_context *ctx, const char *path ) { int ret; size_t n; unsigned char *buf; if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); ret = pk_parse_public_key( ctx, buf, n ); polarssl_zeroize( buf, n + 1 ); polarssl_free( buf ); return( ret ); }
/* * Load a CSR into the structure */ int x509_csr_parse_file( x509_csr *csr, const char *path ) { int ret; size_t n; unsigned char *buf; if ( ( ret = x509_load_file( path, &buf, &n ) ) != 0 ) return( ret ); ret = x509_csr_parse( csr, buf, n ); memset( buf, 0, n + 1 ); polarssl_free( buf ); return( ret ); }
int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) { int ret = 1; unsigned char *cert_blob = NULL; size_t cert_blob_size = 0; if( cert == NULL ) { ret = 2; goto cleanup; } if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, NULL, &cert_blob_size ) != CKR_OK ) { ret = 3; goto cleanup; } cert_blob = polarssl_malloc( cert_blob_size ); if( NULL == cert_blob ) { ret = 4; goto cleanup; } if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, cert_blob, &cert_blob_size ) != CKR_OK ) { ret = 5; goto cleanup; } if( 0 != x509_crt_parse( cert, cert_blob, cert_blob_size ) ) { ret = 6; goto cleanup; } ret = 0; cleanup: if( NULL != cert_blob ) polarssl_free( cert_blob ); return( ret ); }
/* * Parse one X.509 certificate in DER format from a buffer and add them to a * chained list */ int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf, size_t buflen ) { int ret; x509_crt *crt = chain, *prev = NULL; /* * Check for valid input */ if( crt == NULL || buf == NULL ) return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); while( crt->version != 0 && crt->next != NULL ) { prev = crt; crt = crt->next; } /* * Add new certificate on the end of the chain if needed. */ if ( crt->version != 0 && crt->next == NULL) { crt->next = (x509_crt *) polarssl_malloc( sizeof( x509_crt ) ); if( crt->next == NULL ) return( POLARSSL_ERR_X509_MALLOC_FAILED ); prev = crt; crt = crt->next; x509_crt_init( crt ); } if( ( ret = x509_crt_parse_der_core( crt, buf, buflen ) ) != 0 ) { if( prev ) prev->next = NULL; if( crt != chain ) polarssl_free( crt ); return( ret ); } return( 0 ); }
/* * Get signature algorithm from alg OID and optional parameters */ int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, md_type_t *md_alg, pk_type_t *pk_alg, void **sig_opts ) { int ret; if( *sig_opts != NULL ) return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); if( ( ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + ret ); #if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) if( *pk_alg == POLARSSL_PK_RSASSA_PSS ) { pk_rsassa_pss_options *pss_opts; pss_opts = polarssl_malloc( sizeof( pk_rsassa_pss_options ) ); if( pss_opts == NULL ) return( POLARSSL_ERR_X509_MALLOC_FAILED ); ret = x509_get_rsassa_pss_params( sig_params, md_alg, &pss_opts->mgf1_hash_id, &pss_opts->expected_salt_len ); if( ret != 0 ) { polarssl_free( pss_opts ); return( ret ); } *sig_opts = (void *) pss_opts; } else #endif /* POLARSSL_X509_RSASSA_PSS_SUPPORT */ { /* Make sure parameters are absent or NULL */ if( ( sig_params->tag != ASN1_NULL && sig_params->tag != 0 ) || sig_params->len != 0 ) return( POLARSSL_ERR_X509_INVALID_ALG ); } return( 0 ); }
/* * Load and parse a private key */ int pk_parse_keyfile( pk_context *ctx, const char *path, const char *pwd ) { int ret; size_t n; unsigned char *buf; if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); if( pwd == NULL ) ret = pk_parse_key( ctx, buf, n, NULL, 0 ); else ret = pk_parse_key( ctx, buf, n, (const unsigned char *) pwd, strlen( pwd ) ); polarssl_zeroize( buf, n + 1 ); polarssl_free( buf ); return( ret ); }
/* * Load all data from a file into a given buffer. */ int x509_load_file( const char *path, unsigned char **buf, size_t *n ) { FILE *f; long size; if( ( f = fopen( path, "rb" ) ) == NULL ) return( POLARSSL_ERR_X509_FILE_IO_ERROR ); fseek( f, 0, SEEK_END ); if( ( size = ftell( f ) ) == -1 ) { fclose( f ); return( POLARSSL_ERR_X509_FILE_IO_ERROR ); } fseek( f, 0, SEEK_SET ); *n = (size_t) size; if( *n + 1 == 0 || ( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL ) { fclose( f ); return( POLARSSL_ERR_X509_MALLOC_FAILED ); } if( fread( *buf, 1, *n, f ) != *n ) { fclose( f ); polarssl_free( *buf ); return( POLARSSL_ERR_X509_FILE_IO_ERROR ); } fclose( f ); (*buf)[*n] = '\0'; return( 0 ); }
static void ecdsa_free_wrap( void *ctx ) { ecdsa_free( (ecdsa_context *) ctx ); polarssl_free( ctx ); }
static void sha512_ctx_free( void *ctx ) { sha512_free( (sha512_context *) ctx ); polarssl_free( ctx ); }
static void ripemd160_ctx_free( void *ctx ) { ripemd160_free( (ripemd160_context *) ctx ); polarssl_free( ctx ); }
static void aes_ctx_free( void *ctx ) { aes_free( (aes_context *) ctx ); polarssl_free( ctx ); }
static void blowfish_ctx_free( void *ctx ) { blowfish_free( (blowfish_context *) ctx ); polarssl_free( ctx ); }
static void rsa_alt_free_wrap( void *ctx ) { polarssl_free( ctx ); }
static void camellia_ctx_free( void *ctx ) { camellia_free( (camellia_context *) ctx ); polarssl_free( ctx ); }
static void md5_ctx_free( void *ctx ) { polarssl_zeroize( ctx, sizeof( md5_context ) ); polarssl_free( ctx ); }
static void des3_ctx_free( void *ctx ) { des3_free( (des3_context *) ctx ); polarssl_free( ctx ); }
static void sha384_ctx_free( void *ctx ) { polarssl_zeroize( ctx, sizeof( sha512_context ) ); polarssl_free( ctx ); }
static void ccm_ctx_free( void *ctx ) { ccm_free( ctx ); polarssl_free( ctx ); }
static void arc4_ctx_free( void *ctx ) { arc4_free( (arc4_context *) ctx ); polarssl_free( ctx ); }
static void eckey_free_wrap( void *ctx ) { ecp_keypair_free( (ecp_keypair *) ctx ); polarssl_free( ctx ); }