X509CRL(const std::string& crlstr) { if (crlstr.empty()) return; int ret = mbedtls_x509_crl_parse(get(), reinterpret_cast<const unsigned char*>(crlstr.c_str()), crlstr.size()+1); ThrowOnError(ret, "Unable to load CRL"); }
int x509crl::parse(State & state, mbedtls_x509_crl * certificate){ Stack * stack = state.stack; if (stack->is<LUA_TSTRING>(1)){ const std::string data = stack->toLString(1); stack->push<int>(mbedtls_x509_crl_parse(certificate, reinterpret_cast<const unsigned char*>(data.c_str()), data.length())); return 1; } return 0; }
result_t X509Crl::load(exlib::string pemCrl) { int32_t ret; ret = mbedtls_x509_crl_parse(&m_crl, (const unsigned char *)pemCrl.c_str(), pemCrl.length() + 1); if (ret != 0) return CHECK_ERROR(_ssl::setError(ret)); return 0; }
result_t X509Crl::load(Buffer_base *derCrl) { int32_t ret; exlib::string crl; derCrl->toString(crl); ret = mbedtls_x509_crl_parse(&m_crl, (const unsigned char *)crl.c_str(), crl.length() + 1); if (ret != 0) return CHECK_ERROR(_ssl::setError(ret)); return 0; }
/* * Load one or more CRLs and add them to the chained list */ int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path) { int ret; size_t n; unsigned char *buf; if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) return (ret); ret = mbedtls_x509_crl_parse(chain, buf, n); mbedtls_zeroize(buf, n); mbedtls_free(buf); return (ret); }
result_t X509Crl::loadFile(exlib::string filename) { result_t hr; exlib::string data; int32_t ret; hr = fs_base::ac_readTextFile(filename, data); if (hr < 0) return hr; ret = mbedtls_x509_crl_parse(&m_crl, (const unsigned char *)data.c_str(), data.length() + 1); if (ret != 0) return CHECK_ERROR(_ssl::setError(ret)); return 0; }
UA_StatusCode UA_CertificateVerification_Trustlist(UA_CertificateVerification *cv, const UA_ByteString *certificateTrustList, size_t certificateTrustListSize, const UA_ByteString *certificateRevocationList, size_t certificateRevocationListSize) { CertInfo *ci = (CertInfo*)UA_malloc(sizeof(CertInfo)); if(!ci) return UA_STATUSCODE_BADOUTOFMEMORY; mbedtls_x509_crt_init(&ci->certificateTrustList); mbedtls_x509_crl_init(&ci->certificateRevocationList); cv->context = (void*)ci; if(certificateTrustListSize > 0) cv->verifyCertificate = certificateVerification_verify; else cv->verifyCertificate = verifyCertificateAllowAll; cv->deleteMembers = certificateVerification_deleteMembers; cv->verifyApplicationURI = certificateVerification_verifyApplicationURI; int err = 0; for(size_t i = 0; i < certificateTrustListSize; i++) { err = mbedtls_x509_crt_parse(&ci->certificateTrustList, certificateTrustList[i].data, certificateTrustList[i].length); if(err) goto error; } for(size_t i = 0; i < certificateRevocationListSize; i++) { err = mbedtls_x509_crl_parse(&ci->certificateRevocationList, certificateRevocationList[i].data, certificateRevocationList[i].length); if(err) goto error; } return UA_STATUSCODE_GOOD; error: certificateVerification_deleteMembers(cv); return UA_STATUSCODE_BADINTERNALERROR; }