static int _gnutls_global_init(unsigned constructor)
{
int ret = 0, res;
int level;
const char* e;
if (!constructor) {
GNUTLS_STATIC_MUTEX_LOCK(global_init_mutex);
}
_gnutls_init++;
if (_gnutls_init > 1) {
if (_gnutls_init == 2 && _gnutls_init_ret == 0) {
/* some applications may close the urandom fd
* before calling gnutls_global_init(). in that
* case reopen it */
ret = _gnutls_rnd_check();
if (ret < 0) {
gnutls_assert();
goto out;
}
}
ret = _gnutls_init_ret;
goto out;
}
_gnutls_switch_lib_state(LIB_STATE_INIT);
e = secure_getenv("GNUTLS_DEBUG_LEVEL");
if (e != NULL) {
level = atoi(e);
gnutls_global_set_log_level(level);
if (_gnutls_log_func == NULL)
gnutls_global_set_log_function(default_log_func);
_gnutls_debug_log("Enabled GnuTLS "VERSION" logging...\n");
}
#ifdef HAVE_DCGETTEXT
bindtextdomain(PACKAGE, LOCALEDIR);
#endif
res = gnutls_crypto_init();
if (res != 0) {
gnutls_assert();
ret = GNUTLS_E_CRYPTO_INIT_FAILED;
goto out;
}
ret = _gnutls_system_key_init();
if (ret != 0) {
gnutls_assert();
}
/* initialize ASN.1 parser
*/
if (asn1_check_version(GNUTLS_MIN_LIBTASN1_VERSION) == NULL) {
gnutls_assert();
_gnutls_debug_log
("Checking for libtasn1 failed: %s < %s\n",
asn1_check_version(NULL),
GNUTLS_MIN_LIBTASN1_VERSION);
ret = GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
goto out;
}
_gnutls_pkix1_asn = ASN1_TYPE_EMPTY;
res = asn1_array2tree(pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(res);
goto out;
}
res = asn1_array2tree(gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(res);
goto out;
}
/* Initialize the random generator */
ret = _gnutls_rnd_preinit();
if (ret < 0) {
gnutls_assert();
goto out;
}
/* Initialize the default TLS extensions */
ret = _gnutls_ext_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_mutex_init(&_gnutls_file_mutex);
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_mutex_init(&_gnutls_pkcs11_mutex);
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_system_global_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
#ifndef _WIN32
ret = _gnutls_register_fork_handler();
if (ret < 0) {
gnutls_assert();
goto out;
}
#endif
#ifdef ENABLE_FIPS140
res = _gnutls_fips_mode_enabled();
/* res == 1 -> fips140-2 mode enabled
* res == 2 -> only self checks performed - but no failure
* res == not in fips140 mode
*/
if (res != 0) {
_gnutls_debug_log("FIPS140-2 mode: %d\n", res);
_gnutls_priority_update_fips();
/* first round of self checks, these are done on the
* nettle algorithms which are used internally */
ret = _gnutls_fips_perform_self_checks1();
if (res != 2) {
if (ret < 0) {
gnutls_assert();
goto out;
}
}
}
#endif
_gnutls_register_accel_crypto();
_gnutls_cryptodev_init();
_gnutls_load_system_priorities();
#ifdef ENABLE_FIPS140
/* These self tests are performed on the overriden algorithms
* (e.g., AESNI overriden AES). They are after _gnutls_register_accel_crypto()
* intentionally */
if (res != 0) {
ret = _gnutls_fips_perform_self_checks2();
if (res != 2) {
if (ret < 0) {
gnutls_assert();
goto out;
}
}
_gnutls_fips_mode_reset_zombie();
}
#endif
_gnutls_switch_lib_state(LIB_STATE_OPERATIONAL);
ret = 0;
out:
_gnutls_init_ret = ret;
if (!constructor) {
GNUTLS_STATIC_MUTEX_UNLOCK(global_init_mutex);
}
return ret;
}
/**
* gnutls_global_init:
*
* This function initializes the global data to defaults. Every
* gnutls application has a global data which holds common parameters
* shared by gnutls session structures. You should call
* gnutls_global_deinit() when gnutls usage is no longer needed
*
* Note that this function will also initialize libgcrypt, if it has
* not been initialized before. Thus if you want to manually
* initialize libgcrypt you must do it before calling this function.
* This is useful in cases you want to disable libgcrypt's internal
* lockings etc.
*
* This function increment a global counter, so that
* gnutls_global_deinit() only releases resources when it has been
* called as many times as gnutls_global_init(). This is useful when
* GnuTLS is used by more than one library in an application. This
* function can be called many times, but will only do something the
* first time.
*
* Note! This function is not thread safe. If two threads call this
* function simultaneously, they can cause a race between checking
* the global counter and incrementing it, causing both threads to
* execute the library initialization code. That would lead to a
* memory leak. To handle this, your application could invoke this
* function after aquiring a thread mutex. To ignore the potential
* memory leak is also an option.
*
* Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned,
* otherwise an error code is returned.
**/
int
gnutls_global_init (void)
{
int result = 0;
int res;
if (_gnutls_init++)
goto out;
if (gl_sockets_startup (SOCKETS_1_1))
return GNUTLS_E_LIBRARY_VERSION_MISMATCH;
bindtextdomain (PACKAGE, LOCALEDIR);
/* Initialize libgcrypt if it hasn't already been initialized. */
if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P) == 0)
{
const char *p;
p = gcry_check_version (GNUTLS_MIN_LIBGCRYPT_VERSION);
if (p == NULL)
{
gnutls_assert ();
_gnutls_debug_log ("Checking for libgcrypt failed: %s < %s\n",
gcry_check_version (NULL),
GNUTLS_MIN_LIBGCRYPT_VERSION);
return GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY;
}
/* for gcrypt in order to be able to allocate memory */
gcry_control (GCRYCTL_DISABLE_SECMEM, NULL, 0);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
}
/* initialize ASN.1 parser
* This should not deal with files in the final
* version.
*/
if (asn1_check_version (GNUTLS_MIN_LIBTASN1_VERSION) == NULL)
{
gnutls_assert ();
_gnutls_debug_log ("Checking for libtasn1 failed: %s < %s\n",
asn1_check_version (NULL),
GNUTLS_MIN_LIBTASN1_VERSION);
return GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
}
res = asn1_array2tree (pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS)
{
result = _gnutls_asn2err (res);
goto out;
}
res = asn1_array2tree (gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS)
{
asn1_delete_structure (&_gnutls_pkix1_asn);
result = _gnutls_asn2err (res);
goto out;
}
/* Initialize the random generator */
result = _gnutls_rnd_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
/* Initialize the default TLS extensions */
result = _gnutls_ext_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
_gnutls_cryptodev_init ();
out:
return result;
}
/**
* gnutls_global_init:
*
* This function performs any required precalculations, detects
* the supported CPU capabilities and initializes the underlying
* cryptographic backend. In order to free any resources
* taken by this call you should gnutls_global_deinit()
* when gnutls usage is no longer needed.
*
* This function increments a global counter, so that
* gnutls_global_deinit() only releases resources when it has been
* called as many times as gnutls_global_init(). This is useful when
* GnuTLS is used by more than one library in an application. This
* function can be called many times, but will only do something the
* first time.
*
* Since GnuTLS 3.3.0 this function is only required in systems that
* do not support library constructors and static linking. This
* function also became thread safe.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
* otherwise a negative error code is returned.
**/
int gnutls_global_init(void)
{
int ret = 0, res;
int level;
const char* e;
GNUTLS_STATIC_MUTEX_LOCK(global_init_mutex);
_gnutls_init++;
if (_gnutls_init > 1) {
ret = 0;
goto out;
}
_gnutls_switch_lib_state(LIB_STATE_INIT);
e = getenv("GNUTLS_DEBUG_LEVEL");
if (e != NULL) {
level = atoi(e);
gnutls_global_set_log_level(level);
if (_gnutls_log_func == NULL)
gnutls_global_set_log_function(default_log_func);
_gnutls_debug_log("Enabled GnuTLS logging...\n");
}
bindtextdomain(PACKAGE, LOCALEDIR);
res = gnutls_crypto_init();
if (res != 0) {
gnutls_assert();
ret = GNUTLS_E_CRYPTO_INIT_FAILED;
goto out;
}
/* initialize ASN.1 parser
*/
if (asn1_check_version(GNUTLS_MIN_LIBTASN1_VERSION) == NULL) {
gnutls_assert();
_gnutls_debug_log
("Checking for libtasn1 failed: %s < %s\n",
asn1_check_version(NULL),
GNUTLS_MIN_LIBTASN1_VERSION);
ret = GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
goto out;
}
res = asn1_array2tree(pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS) {
ret = _gnutls_asn2err(res);
goto out;
}
res = asn1_array2tree(gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS) {
ret = _gnutls_asn2err(res);
goto out;
}
/* Initialize the random generator */
ret = _gnutls_rnd_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
/* Initialize the default TLS extensions */
ret = _gnutls_ext_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_mutex_init(&_gnutls_file_mutex);
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_mutex_init(&_gnutls_pkcs11_mutex);
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_system_global_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
_gnutls_register_accel_crypto();
_gnutls_cryptodev_init();
#ifdef ENABLE_FIPS140
/* Perform FIPS140 checks last, so that all modules
* have been loaded */
res = _gnutls_fips_mode_enabled();
/* res == 1 -> fips140-2 mode enabled
* res == 2 -> only self checks performed - but no failure
* res == not in fips140 mode
*/
if (res != 0) {
_gnutls_priority_update_fips();
ret = _gnutls_fips_perform_self_checks();
if (res != 2) {
if (ret < 0) {
gnutls_assert();
goto out;
}
}
}
#endif
_gnutls_switch_lib_state(LIB_STATE_OPERATIONAL);
ret = 0;
out:
GNUTLS_STATIC_MUTEX_UNLOCK(global_init_mutex);
return ret;
}
int
main (int argc, char *argv[])
{
int result;
char buffer[5 * 1024];
char buffer2[5 * 1024];
asn1_node definitions = NULL;
asn1_node asn1_element = NULL, cpy_node = NULL;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
FILE *out, *fd;
int start, end;
ssize_t size;
int size2;
const char *treefile = getenv ("ASN1PKIX");
const char *derfile = getenv ("ASN1CRLDER");
int verbose = 0;
if (argc > 1)
verbose = 1;
if (!treefile)
treefile = "pkix.asn";
if (!derfile)
derfile = "crl.der";
if (verbose)
{
printf ("\n\n/****************************************/\n");
printf ("/* Test sequence : Test_indefinite */\n");
printf ("/****************************************/\n\n");
printf ("ASN1TREE: %s\n", treefile);
}
/* Check version */
if (asn1_check_version ("0.3.3") == NULL)
printf ("\nLibrary version check ERROR:\n actual version: %s\n\n",
asn1_check_version (NULL));
result = asn1_parser2tree (treefile, &definitions, errorDescription);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("ErrorDescription = %s\n\n", errorDescription);
exit (1);
}
out = stdout;
fd = fopen (derfile, "rb");
if (fd == NULL)
{
printf ("Cannot read file %s\n", derfile);
exit (1);
}
size = fread (buffer, 1, sizeof (buffer), fd);
if (size <= 0)
{
printf ("Cannot read from file %s\n", derfile);
exit (1);
}
fclose (fd);
result =
asn1_create_element (definitions, "PKIX1.CertificateList", &asn1_element);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot create CRL element\n");
exit (1);
}
result = asn1_der_decoding (&asn1_element, buffer, size, errorDescription);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot decode DER data (size %ld)\n", (long) size);
exit (1);
}
/* test asn1_copy_node */
result =
asn1_create_element (definitions, "PKIX1.CertificateList", &cpy_node);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot create CRL element\n");
exit (1);
}
result = asn1_copy_node(cpy_node, "", asn1_element, "");
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot copy node\n");
exit (1);
}
/* test whether the copied node encodes the same */
size2 = sizeof(buffer2);
result = asn1_der_coding (cpy_node, "", buffer2, &size2, NULL);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot encode data (size %ld)\n", (long) size);
exit (1);
}
if (size2 != size || memcmp(buffer, buffer2, size) != 0)
{
printf("DER encoded data differ!\n");
exit(1);
}
asn1_delete_structure (&cpy_node);
/* Test asn1_dup_node */
cpy_node = asn1_dup_node(asn1_element, "");
if (cpy_node == NULL)
{
printf ("Cannot copy node (dup_node)\n");
exit (1);
}
/* test whether the copied node encodes the same */
size2 = sizeof(buffer2);
result = asn1_der_coding (cpy_node, "", buffer2, &size2, NULL);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot encode data (size %ld)\n", (long) size);
exit (1);
}
if (size2 != size || memcmp(buffer, buffer2, size) != 0)
{
printf("DER encoded data differ!\n");
exit(1);
}
result = asn1_der_decoding_startEnd (asn1_element, buffer, size, "tbsCertList.issuer", &start, &end);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot find start End\n");
exit (1);
}
if (start != 24 && end != 291)
{
printf("Error in start and end values for issuer. Have: %d..%d\n", start, end);
exit(1);
}
result = asn1_der_decoding_startEnd (asn1_element, buffer, size, "signature", &start, &end);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot find start End\n");
exit (1);
}
if (start != 372 && end != 503)
{
printf("Error in start and end values for signature. Have: %d..%d\n", start, end);
exit(1);
}
/* Clear the definition structures */
asn1_delete_structure (&asn1_element);
asn1_delete_structure (&cpy_node);
asn1_delete_structure (&definitions);
if (out != stdout)
fclose (out);
exit (0);
}
/**
* gnutls_global_init - This function initializes the global data to defaults.
*
* This function initializes the global data to defaults.
* Every gnutls application has a global data which holds common parameters
* shared by gnutls session structures.
* You must call gnutls_global_deinit() when gnutls usage is no longer needed
* Returns zero on success.
*
* Note that this function will also initialize libgcrypt, if it has not
* been initialized before. Thus if you want to manually initialize libgcrypt
* you must do it before calling this function. This is useful in cases you
* want to disable libgcrypt's internal lockings etc.
*
* This function increment a global counter, so that
* gnutls_global_deinit() only releases resources when it has been
* called as many times as gnutls_global_init(). This is useful when
* GnuTLS is used by more than one library in an application. This
* function can be called many times, but will only do something the
* first time.
*
* Note! This function is not thread safe. If two threads call this
* function simultaneously, they can cause a race between checking
* the global counter and incrementing it, causing both threads to
* execute the library initialization code. That would lead to a
* memory leak. To handle this, your application could invoke this
* function after aquiring a thread mutex. To ignore the potential
* memory leak is also an option.
*
**/
int
gnutls_global_init (void)
{
int result = 0;
int res;
char c;
if (_gnutls_init++)
goto out;
#if HAVE_WINSOCK
{
WORD requested;
WSADATA data;
int err;
requested = MAKEWORD (1, 1);
err = WSAStartup (requested, &data);
if (err != 0)
{
_gnutls_debug_log ("WSAStartup failed: %d.\n", err);
return GNUTLS_E_LIBRARY_VERSION_MISMATCH;
}
if (data.wVersion < requested)
{
_gnutls_debug_log ("WSAStartup version check failed (%d < %d).\n",
data.wVersion, requested);
WSACleanup ();
return GNUTLS_E_LIBRARY_VERSION_MISMATCH;
}
}
#endif
bindtextdomain (PACKAGE, LOCALEDIR);
if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P) == 0)
{
const char *p;
p = strchr (GNUTLS_GCRYPT_VERSION, ':');
if (p == NULL)
p = GNUTLS_GCRYPT_VERSION;
else
p++;
if (gcry_check_version (p) == NULL)
{
gnutls_assert ();
_gnutls_debug_log ("Checking for libgcrypt failed '%s'\n", p);
return GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY;
}
/* for gcrypt in order to be able to allocate memory */
gcry_set_allocation_handler (gnutls_malloc, gnutls_secure_malloc,
_gnutls_is_secure_memory, gnutls_realloc,
gnutls_free);
/* gcry_control (GCRYCTL_DISABLE_INTERNAL_LOCKING, NULL, 0); */
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
#ifdef DEBUG
/* applications may want to override that, so we only use
* it in debugging mode.
*/
gcry_set_log_handler (_gnutls_gcry_log_handler, NULL);
#endif
}
if (gc_init () != GC_OK)
{
gnutls_assert ();
_gnutls_debug_log ("Initializing crypto backend failed\n");
return GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY;
}
/* for gcrypt in order to be able to allocate memory */
gc_set_allocators (gnutls_malloc, gnutls_secure_malloc,
_gnutls_is_secure_memory, gnutls_realloc, gnutls_free);
#ifdef DEBUG
gnutls_global_set_log_function (dlog);
#endif
/* initialize parser
* This should not deal with files in the final
* version.
*/
if (asn1_check_version (GNUTLS_LIBTASN1_VERSION) == NULL)
{
gnutls_assert ();
return GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
}
res = asn1_array2tree (pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS)
{
result = _gnutls_asn2err (res);
goto out;
}
res = asn1_array2tree (gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS)
{
asn1_delete_structure (&_gnutls_pkix1_asn);
result = _gnutls_asn2err (res);
goto out;
}
/* Initialize the gcrypt (if used random generator) */
gc_pseudo_random (&c, 1);
out:
return result;
}
int
main (int argc, char *argv[])
{
int result, verbose = 0;
asn1_node definitions = NULL;
asn1_node asn1_element = NULL;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
const char *treefile = getenv ("ASN1SETOF");
unsigned i;
if (argc > 1)
verbose = 1;
if (!treefile)
treefile = "setof.asn";
if (verbose != 0)
{
printf ("\n\n/****************************************/\n");
printf ("/* Test sequence : coding-decoding */\n");
printf ("/****************************************/\n\n");
}
/* Check version */
if (asn1_check_version ("0.3.3") == NULL)
printf ("\nLibrary version check ERROR:\n actual version: %s\n\n",
asn1_check_version (NULL));
result = asn1_parser2tree (treefile, &definitions, errorDescription);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("ErrorDescription = %s\n\n", errorDescription);
exit (1);
}
result = asn1_create_element (definitions, "TEST.Set", &asn1_element);
if (result != ASN1_SUCCESS)
{
fprintf (stderr, "asn1_create_element(): ");
asn1_perror (result);
exit (1);
}
result = asn1_write_value (asn1_element, "", "NEW", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "?LAST.val", "\x00\x02", 2);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "", "NEW", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "?LAST.val", "\x00\x01\x00\x00", 4);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "", "NEW", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "?LAST.val", "\x00\x00\x00\x00", 4);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "", "NEW", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "?LAST.val", "\x00\x00\x00\x02", 4);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "", "NEW", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "?LAST.val", "\x00\x00\x00\x01", 4);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "", "NEW", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "?LAST.val", "\x01\x00\x00\x00", 4);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "", "NEW", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "?LAST.val", "\x01\x01\x00\x00", 4);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "", "NEW", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "?LAST.val", "\x05", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "", "NEW", 1);
assert(result == ASN1_SUCCESS);
result = asn1_write_value (asn1_element, "?LAST.val", "\x01", 1);
assert(result == ASN1_SUCCESS);
/* Clear the definition structures */
result = asn1_der_coding (asn1_element, "", data, &data_size, NULL);
if (result != ASN1_SUCCESS)
{
fprintf (stderr, "Encoding error.\n");
asn1_perror (result);
exit (1);
}
asn1_delete_structure (&asn1_element);
asn1_delete_structure (&definitions);
if (data_size != sizeof(expected_der) || memcmp(data, expected_der, data_size) != 0)
{
fprintf(stderr, "encoded data differ to expected [%d - %d]!\n", data_size, (int)sizeof(expected_der));
printf("static unsigned char got[] = {\n");
for (i=0;i<(unsigned)data_size;i++) {
printf("0x%.2x, ", (unsigned)data[i]);
if ((i+1) % 8 == 0)
printf("\n");
}
printf("};\n");
printf("static unsigned char expected[] = {\n");
for (i=0;i<(unsigned)sizeof(expected_der);i++) {
printf("0x%.2x, ", (unsigned)expected_der[i]);
if ((i+1) % 8 == 0)
printf("\n");
}
printf("};\n");
exit(1);
}
if (verbose)
printf ("Success\n");
exit (0);
}
/**
* gnutls_global_init:
*
* This function performs any required precalculations, detects
* the supported CPU capabilities and initializes the underlying
* cryptographic backend. In order to free any resources
* taken by this call you should gnutls_global_deinit()
* when gnutls usage is no longer needed.
*
* This function increments a global counter, so that
* gnutls_global_deinit() only releases resources when it has been
* called as many times as gnutls_global_init(). This is useful when
* GnuTLS is used by more than one library in an application. This
* function can be called many times, but will only do something the
* first time.
*
* Note! This function is not thread safe. If two threads call this
* function simultaneously, they can cause a race between checking
* the global counter and incrementing it, causing both threads to
* execute the library initialization code. That would lead to a
* memory leak. To handle this, your application could invoke this
* function after aquiring a thread mutex. To ignore the potential
* memory leak is also an option.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
* otherwise a negative error code is returned.
**/
int
gnutls_global_init (void)
{
int result = 0;
int res;
if (_gnutls_init++)
goto out;
if (gl_sockets_startup (SOCKETS_1_1))
return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
bindtextdomain (PACKAGE, LOCALEDIR);
res = gnutls_crypto_init ();
if (res != 0)
{
gnutls_assert ();
return GNUTLS_E_CRYPTO_INIT_FAILED;
}
_gnutls_register_accel_crypto();
/* initialize ASN.1 parser
* This should not deal with files in the final
* version.
*/
if (asn1_check_version (GNUTLS_MIN_LIBTASN1_VERSION) == NULL)
{
gnutls_assert ();
_gnutls_debug_log ("Checking for libtasn1 failed: %s < %s\n",
asn1_check_version (NULL),
GNUTLS_MIN_LIBTASN1_VERSION);
return GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
}
res = asn1_array2tree (pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS)
{
result = _gnutls_asn2err (res);
goto out;
}
res = asn1_array2tree (gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS)
{
result = _gnutls_asn2err (res);
goto out;
}
/* Initialize the random generator */
result = _gnutls_rnd_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
/* Initialize the default TLS extensions */
result = _gnutls_ext_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
result = gnutls_mutex_init(&_gnutls_file_mutex);
if (result < 0)
{
gnutls_assert();
goto out;
}
result = gnutls_system_global_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
#ifdef ENABLE_PKCS11
gnutls_pkcs11_init (GNUTLS_PKCS11_FLAG_AUTO, NULL);
#endif
_gnutls_cryptodev_init ();
out:
return result;
}
int
main (int argc, char *argv[])
{
asn1_retCode result;
ASN1_TYPE definitions = ASN1_TYPE_EMPTY;
ASN1_TYPE asn1_element = ASN1_TYPE_EMPTY;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
const char *treefile = getenv ("ASN1ENCODING");
if (!treefile)
treefile = "Test_encoding.asn";
printf ("\n\n/****************************************/\n");
printf ("/* Test sequence : coding-decoding */\n");
printf ("/****************************************/\n\n");
/* Check version */
if (asn1_check_version ("0.3.3") == NULL)
printf ("\nLibrary version check ERROR:\n actual version: %s\n\n",
asn1_check_version (NULL));
result = asn1_parser2tree (treefile, &definitions, errorDescription);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("ErrorDescription = %s\n\n", errorDescription);
exit (1);
}
result = asn1_create_element (definitions, "TEST_TREE.Koko", &asn1_element);
if (result != ASN1_SUCCESS)
{
fprintf (stderr, "asn1_create_element(): ");
asn1_perror (result);
exit (1);
}
result = asn1_write_value (asn1_element, "seqint", "NEW", 1);
if (result != ASN1_SUCCESS)
{
fprintf (stderr, "asn1_write_value(): seqint ");
asn1_perror (result);
exit (1);
}
result = asn1_write_value (asn1_element, "seqint.?LAST", "1234", 0);
if (result != ASN1_SUCCESS)
{
fprintf (stderr, "asn1_write_value(): seqint.?LAST ");
asn1_perror (result);
exit (1);
}
result = asn1_write_value (asn1_element, "int", "\x0f\xff\x01", 3);
if (result != ASN1_SUCCESS)
{
fprintf (stderr, "asn1_write_value(): int ");
asn1_perror (result);
exit (1);
}
result = asn1_write_value (asn1_element, "str", "string", 6);
if (result != ASN1_SUCCESS)
{
fprintf (stderr, "asn1_write_value(): str ");
asn1_perror (result);
exit (1);
}
/* Clear the definition structures */
asn1_delete_structure (&definitions);
result = asn1_der_coding (asn1_element, "", data, &data_size, NULL);
if (result != ASN1_SUCCESS)
{
fprintf (stderr, "Encoding error.\n");
asn1_perror (result);
exit (1);
}
result = asn1_der_decoding (&asn1_element, data, data_size, NULL);
if (result != ASN1_SUCCESS)
{
fprintf (stderr, "Decoding error.\n");
asn1_perror (result);
exit (1);
}
asn1_delete_structure (&asn1_element);
printf ("Success\n");
exit (0);
}
int
main (int argc, char *argv[])
{
asn1_retCode result;
char buffer[10 * 1024];
ASN1_TYPE definitions = ASN1_TYPE_EMPTY;
ASN1_TYPE asn1_element = ASN1_TYPE_EMPTY;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
FILE *out, *fd;
ssize_t size;
const char *treefile = getenv ("ASN1PKIX");
const char *indeffile = getenv ("ASN1INDEF");
if (!treefile)
treefile = "pkix.asn";
if (!indeffile)
indeffile = "TestIndef.p12";
printf ("\n\n/****************************************/\n");
printf ("/* Test sequence : Test_indefinite */\n");
printf ("/****************************************/\n\n");
printf ("ASN1TREE: %s\n", treefile);
/* Check version */
if (asn1_check_version ("0.2.11") == NULL)
printf ("\nLibrary version check ERROR:\n actual version: %s\n\n",
asn1_check_version (NULL));
result = asn1_parser2tree (treefile, &definitions, errorDescription);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("ErrorDescription = %s\n\n", errorDescription);
exit (1);
}
out = stdout;
fd = fopen (indeffile, "rb");
if (fd == NULL)
{
printf ("Cannot read file %s\n", indeffile);
exit (1);
}
size = fread (buffer, 1, sizeof (buffer), fd);
if (size <= 0)
{
printf ("Cannot read from file %s\n", indeffile);
exit (1);
}
fclose (fd);
result =
asn1_create_element (definitions, "PKIX1.pkcs-12-PFX", &asn1_element);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot create PKCS12 element\n");
exit (1);
}
result = asn1_der_decoding (&asn1_element, buffer, size, errorDescription);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("Cannot decode BER data (size %d)\n", size);
exit (1);
}
/* Clear the definition structures */
asn1_delete_structure (&definitions);
asn1_delete_structure (&asn1_element);
if (out != stdout)
fclose (out);
exit (0);
}
