예제 #1
0
 X509CRL(const std::string& crlstr)
 {
     if (crlstr.empty())
         return;
     int ret = mbedtls_x509_crl_parse(get(), reinterpret_cast<const unsigned char*>(crlstr.c_str()), crlstr.size()+1);
     ThrowOnError(ret, "Unable to load CRL");
 }
예제 #2
0
	int x509crl::parse(State & state, mbedtls_x509_crl * certificate){
		Stack * stack = state.stack;
		if (stack->is<LUA_TSTRING>(1)){
			const std::string data = stack->toLString(1);
			stack->push<int>(mbedtls_x509_crl_parse(certificate, reinterpret_cast<const unsigned char*>(data.c_str()), data.length()));
			return 1;
		}
		return 0;
	}
예제 #3
0
파일: X509Crl.cpp 프로젝트: ngot/fibjs 
result_t X509Crl::load(exlib::string pemCrl)
{
    int32_t ret;

    ret = mbedtls_x509_crl_parse(&m_crl, (const unsigned char *)pemCrl.c_str(),
                                 pemCrl.length() + 1);
    if (ret != 0)
        return CHECK_ERROR(_ssl::setError(ret));

    return 0;
}
예제 #4
0
파일: X509Crl.cpp 프로젝트: ngot/fibjs 
result_t X509Crl::load(Buffer_base *derCrl)
{
    int32_t ret;

    exlib::string crl;
    derCrl->toString(crl);

    ret = mbedtls_x509_crl_parse(&m_crl, (const unsigned char *)crl.c_str(),
                                 crl.length() + 1);
    if (ret != 0)
        return CHECK_ERROR(_ssl::setError(ret));

    return 0;
}
예제 #5
0
/*
 * Load one or more CRLs and add them to the chained list
 */
int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path) {
    int ret;
    size_t n;
    unsigned char *buf;

    if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0)
        return (ret);

    ret = mbedtls_x509_crl_parse(chain, buf, n);

    mbedtls_zeroize(buf, n);
    mbedtls_free(buf);

    return (ret);
}
예제 #6
0
파일: X509Crl.cpp 프로젝트: ngot/fibjs 
result_t X509Crl::loadFile(exlib::string filename)
{
    result_t hr;
    exlib::string data;
    int32_t ret;

    hr = fs_base::ac_readTextFile(filename, data);
    if (hr < 0)
        return hr;

    ret = mbedtls_x509_crl_parse(&m_crl, (const unsigned char *)data.c_str(),
                                 data.length() + 1);
    if (ret != 0)
        return CHECK_ERROR(_ssl::setError(ret));

    return 0;
}
예제 #7
0
UA_StatusCode
UA_CertificateVerification_Trustlist(UA_CertificateVerification *cv,
                                     const UA_ByteString *certificateTrustList,
                                     size_t certificateTrustListSize,
                                     const UA_ByteString *certificateRevocationList,
                                     size_t certificateRevocationListSize) {
    CertInfo *ci = (CertInfo*)UA_malloc(sizeof(CertInfo));
    if(!ci)
        return UA_STATUSCODE_BADOUTOFMEMORY;
    mbedtls_x509_crt_init(&ci->certificateTrustList);
    mbedtls_x509_crl_init(&ci->certificateRevocationList);

    cv->context = (void*)ci;
    if(certificateTrustListSize > 0)
        cv->verifyCertificate = certificateVerification_verify;
    else
        cv->verifyCertificate = verifyCertificateAllowAll;
    cv->deleteMembers = certificateVerification_deleteMembers;
    cv->verifyApplicationURI = certificateVerification_verifyApplicationURI;

    int err = 0;
    for(size_t i = 0; i < certificateTrustListSize; i++) {
        err = mbedtls_x509_crt_parse(&ci->certificateTrustList,
                                     certificateTrustList[i].data,
                                     certificateTrustList[i].length);
        if(err)
            goto error;
    }
    for(size_t i = 0; i < certificateRevocationListSize; i++) {
        err = mbedtls_x509_crl_parse(&ci->certificateRevocationList,
                                     certificateRevocationList[i].data,
                                     certificateRevocationList[i].length);
        if(err)
            goto error;
    }

    return UA_STATUSCODE_GOOD;
error:
    certificateVerification_deleteMembers(cv);
    return UA_STATUSCODE_BADINTERNALERROR;
}