Moved PKCS#12 PBE functions to cipher / md layer where possible
The 3-key and 2-key Triple DES PBE functions have been replaced with a single pkcs12_pbe() function that handles both situations (and more). In addition this allows for some PASSWORD_MISMATCH checking (cherry picked from commit 14a222cef2699bd3da884662f7e56e097a12b1a0)
This commit is contained in:
parent
0e34235644
commit
38b50d73a1
@ -76,7 +76,7 @@
|
|||||||
* High-level module nr (3 bits - 0x1...-0x8...)
|
* High-level module nr (3 bits - 0x1...-0x8...)
|
||||||
* Name ID Nr of Errors
|
* Name ID Nr of Errors
|
||||||
* PEM 1 9
|
* PEM 1 9
|
||||||
* PKCS#12 1 3 (Started from top)
|
* PKCS#12 1 4 (Started from top)
|
||||||
* X509 2 23
|
* X509 2 23
|
||||||
* DHM 3 6
|
* DHM 3 6
|
||||||
* PKCS5 3 4 (Started from top)
|
* PKCS5 3 4 (Started from top)
|
||||||
|
@ -30,18 +30,20 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
#include "md.h"
|
#include "md.h"
|
||||||
|
#include "cipher.h"
|
||||||
#include "asn1.h"
|
#include "asn1.h"
|
||||||
|
|
||||||
#define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */
|
#define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */
|
||||||
#define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */
|
#define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */
|
||||||
#define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */
|
#define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */
|
||||||
|
#define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */
|
||||||
|
|
||||||
#define PKCS12_DERIVE_KEY 1 /*< encryption/decryption key */
|
#define PKCS12_DERIVE_KEY 1 /*< encryption/decryption key */
|
||||||
#define PKCS12_DERIVE_IV 2 /*< initialization vector */
|
#define PKCS12_DERIVE_IV 2 /*< initialization vector */
|
||||||
#define PKCS12_DERIVE_MAC_KEY 3 /*< integrity / MAC key */
|
#define PKCS12_DERIVE_MAC_KEY 3 /*< integrity / MAC key */
|
||||||
|
|
||||||
|
#define PKCS12_PBE_DECRYPT 0
|
||||||
#define PKCS12_PBE_ENCRYPT 1
|
#define PKCS12_PBE_ENCRYPT 1
|
||||||
#define PKCS12_PBE_DECRYPT 2
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* PKCS#12 PBE types
|
* PKCS#12 PBE types
|
||||||
@ -66,6 +68,8 @@ extern "C" {
|
|||||||
* \param input the input data
|
* \param input the input data
|
||||||
* \param len data length
|
* \param len data length
|
||||||
* \param output the output buffer
|
* \param output the output buffer
|
||||||
|
*
|
||||||
|
* \return 0 if successful, or a PolarSSL error code
|
||||||
*/
|
*/
|
||||||
int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
|
int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
|
||||||
const unsigned char *pwd, size_t pwdlen,
|
const unsigned char *pwd, size_t pwdlen,
|
||||||
@ -74,34 +78,22 @@ int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief PKCS12 Password Based function (encryption / decryption)
|
* \brief PKCS12 Password Based function (encryption / decryption)
|
||||||
* for pbeWithSHAAnd3-KeyTripleDES-CBC
|
* for cipher-based and md-based PBE's
|
||||||
*
|
*
|
||||||
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
|
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
|
||||||
* \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT
|
* \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT
|
||||||
|
* \param cipher_type the cipher used
|
||||||
|
* \param md_type the md used
|
||||||
* \param pwd the password used (may be NULL if no password is used)
|
* \param pwd the password used (may be NULL if no password is used)
|
||||||
* \param pwdlen length of the password (may be 0)
|
* \param pwdlen length of the password (may be 0)
|
||||||
* \param input the input data
|
* \param input the input data
|
||||||
* \param len data length
|
* \param len data length
|
||||||
* \param output the output buffer
|
* \param output the output buffer
|
||||||
*/
|
|
||||||
int pkcs12_pbe_sha1_des3_ede_cbc( asn1_buf *pbe_params, int mode,
|
|
||||||
const unsigned char *pwd, size_t pwdlen,
|
|
||||||
const unsigned char *input, size_t len,
|
|
||||||
unsigned char *output );
|
|
||||||
|
|
||||||
/**
|
|
||||||
* \brief PKCS12 Password Based function (encryption / decryption)
|
|
||||||
* for pbeWithSHAAnd2-KeyTripleDES-CBC
|
|
||||||
*
|
*
|
||||||
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
|
* \return 0 if successful, or a PolarSSL error code
|
||||||
* \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT
|
|
||||||
* \param pwd the password used (may be NULL if no password is used)
|
|
||||||
* \param pwdlen length of the password (may be 0)
|
|
||||||
* \param input the input data
|
|
||||||
* \param len data length
|
|
||||||
* \param output the output buffer
|
|
||||||
*/
|
*/
|
||||||
int pkcs12_pbe_sha1_des2_ede_cbc( asn1_buf *pbe_params, int mode,
|
int pkcs12_pbe( asn1_buf *pbe_params, int mode,
|
||||||
|
cipher_type_t cipher_type, md_type_t md_type,
|
||||||
const unsigned char *pwd, size_t pwdlen,
|
const unsigned char *pwd, size_t pwdlen,
|
||||||
const unsigned char *input, size_t len,
|
const unsigned char *input, size_t len,
|
||||||
unsigned char *output );
|
unsigned char *output );
|
||||||
|
@ -248,6 +248,8 @@ void error_strerror( int ret, char *buf, size_t buflen )
|
|||||||
snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" );
|
snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" );
|
||||||
if( use_ret == -(POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT) )
|
if( use_ret == -(POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT) )
|
||||||
snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" );
|
snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" );
|
||||||
|
if( use_ret == -(POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH) )
|
||||||
|
snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" );
|
||||||
#endif /* POLARSSL_PKCS12_C */
|
#endif /* POLARSSL_PKCS12_C */
|
||||||
|
|
||||||
#if defined(POLARSSL_PKCS5_C)
|
#if defined(POLARSSL_PKCS5_C)
|
||||||
|
@ -35,6 +35,7 @@
|
|||||||
|
|
||||||
#include "polarssl/pkcs12.h"
|
#include "polarssl/pkcs12.h"
|
||||||
#include "polarssl/asn1.h"
|
#include "polarssl/asn1.h"
|
||||||
|
#include "polarssl/cipher.h"
|
||||||
|
|
||||||
#if defined(POLARSSL_ARC4_C)
|
#if defined(POLARSSL_ARC4_C)
|
||||||
#include "polarssl/arc4.h"
|
#include "polarssl/arc4.h"
|
||||||
@ -82,7 +83,7 @@ static int pkcs12_parse_pbe_params( unsigned char **p,
|
|||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params,
|
static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params, md_type_t md_type,
|
||||||
const unsigned char *pwd, size_t pwdlen,
|
const unsigned char *pwd, size_t pwdlen,
|
||||||
unsigned char *key, size_t keylen,
|
unsigned char *key, size_t keylen,
|
||||||
unsigned char *iv, size_t ivlen )
|
unsigned char *iv, size_t ivlen )
|
||||||
@ -106,7 +107,7 @@ static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params,
|
|||||||
unipwd[i * 2 + 1] = pwd[i];
|
unipwd[i * 2 + 1] = pwd[i];
|
||||||
|
|
||||||
if( ( ret = pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2,
|
if( ( ret = pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2,
|
||||||
salt.p, salt.len, POLARSSL_MD_SHA1,
|
salt.p, salt.len, md_type,
|
||||||
PKCS12_DERIVE_KEY, iterations ) ) != 0 )
|
PKCS12_DERIVE_KEY, iterations ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
@ -116,7 +117,7 @@ static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params,
|
|||||||
return( 0 );
|
return( 0 );
|
||||||
|
|
||||||
if( ( ret = pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2,
|
if( ( ret = pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2,
|
||||||
salt.p, salt.len, POLARSSL_MD_SHA1,
|
salt.p, salt.len, md_type,
|
||||||
PKCS12_DERIVE_IV, iterations ) ) != 0 )
|
PKCS12_DERIVE_IV, iterations ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
@ -144,7 +145,8 @@ int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
|
|||||||
arc4_context ctx;
|
arc4_context ctx;
|
||||||
((void) mode);
|
((void) mode);
|
||||||
|
|
||||||
if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, pwd, pwdlen,
|
if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, POLARSSL_MD_SHA1,
|
||||||
|
pwd, pwdlen,
|
||||||
key, 16, NULL, 0 ) ) != 0 )
|
key, 16, NULL, 0 ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
@ -158,86 +160,51 @@ int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
|
|||||||
#endif /* POLARSSL_ARC4_C */
|
#endif /* POLARSSL_ARC4_C */
|
||||||
}
|
}
|
||||||
|
|
||||||
int pkcs12_pbe_sha1_des2_ede_cbc( asn1_buf *pbe_params, int mode,
|
int pkcs12_pbe( asn1_buf *pbe_params, int mode,
|
||||||
|
cipher_type_t cipher_type, md_type_t md_type,
|
||||||
const unsigned char *pwd, size_t pwdlen,
|
const unsigned char *pwd, size_t pwdlen,
|
||||||
const unsigned char *data, size_t len,
|
const unsigned char *data, size_t len,
|
||||||
unsigned char *output )
|
unsigned char *output )
|
||||||
{
|
{
|
||||||
#if !defined(POLARSSL_DES_C)
|
int ret, keylen = 0;
|
||||||
((void) pbe_params);
|
unsigned char key[32];
|
||||||
((void) mode);
|
unsigned char iv[16];
|
||||||
((void) pwd);
|
const cipher_info_t *cipher_info;
|
||||||
((void) pwdlen);
|
cipher_context_t cipher_ctx;
|
||||||
((void) data);
|
size_t olen = 0;
|
||||||
((void) len);
|
|
||||||
((void) output);
|
|
||||||
return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE );
|
|
||||||
#else
|
|
||||||
int ret;
|
|
||||||
unsigned char key[16];
|
|
||||||
unsigned char iv[8];
|
|
||||||
des3_context ctx;
|
|
||||||
|
|
||||||
if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, pwd, pwdlen,
|
cipher_info = cipher_info_from_type( cipher_type );
|
||||||
key, 16, iv, 8 ) ) != 0 )
|
if( cipher_info == NULL )
|
||||||
|
return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE );
|
||||||
|
|
||||||
|
keylen = cipher_info->key_length / 8;
|
||||||
|
|
||||||
|
if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, md_type, pwd, pwdlen,
|
||||||
|
key, keylen,
|
||||||
|
iv, cipher_info->iv_size ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( mode == PKCS12_PBE_ENCRYPT )
|
if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 )
|
||||||
{
|
return( ret );
|
||||||
des3_set2key_enc( &ctx, key );
|
|
||||||
des3_crypt_cbc( &ctx, DES_ENCRYPT, len, iv, data, output );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
des3_set2key_dec( &ctx, key );
|
|
||||||
des3_crypt_cbc( &ctx, DES_DECRYPT, len, iv, data, output );
|
|
||||||
}
|
|
||||||
|
|
||||||
return( 0 );
|
if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 )
|
||||||
#endif /* POLARSSL_DES_C */
|
return( ret );
|
||||||
}
|
|
||||||
|
|
||||||
int pkcs12_pbe_sha1_des3_ede_cbc( asn1_buf *pbe_params, int mode,
|
if( ( ret = cipher_reset( &cipher_ctx, iv ) ) != 0 )
|
||||||
const unsigned char *pwd, size_t pwdlen,
|
return( ret );
|
||||||
const unsigned char *data, size_t len,
|
|
||||||
unsigned char *output )
|
|
||||||
{
|
|
||||||
#if !defined(POLARSSL_DES_C)
|
|
||||||
((void) pbe_params);
|
|
||||||
((void) mode);
|
|
||||||
((void) pwd);
|
|
||||||
((void) pwdlen);
|
|
||||||
((void) data);
|
|
||||||
((void) len);
|
|
||||||
((void) output);
|
|
||||||
return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE );
|
|
||||||
#else
|
|
||||||
int ret;
|
|
||||||
unsigned char key[24];
|
|
||||||
unsigned char iv[8];
|
|
||||||
des3_context ctx;
|
|
||||||
|
|
||||||
if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, pwd, pwdlen,
|
if( ( ret = cipher_update( &cipher_ctx, data, len,
|
||||||
key, 24, iv, 8 ) ) != 0 )
|
output, &olen ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( mode == PKCS12_PBE_ENCRYPT )
|
if( ( ret = cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 )
|
||||||
{
|
return( POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH );
|
||||||
des3_set3key_enc( &ctx, key );
|
|
||||||
des3_crypt_cbc( &ctx, DES_ENCRYPT, len, iv, data, output );
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
des3_set3key_dec( &ctx, key );
|
|
||||||
des3_crypt_cbc( &ctx, DES_DECRYPT, len, iv, data, output );
|
|
||||||
}
|
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
#endif /* POLARSSL_DES_C */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
|
static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
|
||||||
|
@ -62,10 +62,12 @@
|
|||||||
#include "polarssl/sha4.h"
|
#include "polarssl/sha4.h"
|
||||||
#endif
|
#endif
|
||||||
#include "polarssl/dhm.h"
|
#include "polarssl/dhm.h"
|
||||||
#include "polarssl/pkcs12.h"
|
|
||||||
#if defined(POLARSSL_PKCS5_C)
|
#if defined(POLARSSL_PKCS5_C)
|
||||||
#include "polarssl/pkcs5.h"
|
#include "polarssl/pkcs5.h"
|
||||||
#endif
|
#endif
|
||||||
|
#if defined(POLARSSL_PKCS12_C)
|
||||||
|
#include "polarssl/pkcs12.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
@ -2253,23 +2255,28 @@ static int x509parse_key_pkcs8_encrypted_der(
|
|||||||
/*
|
/*
|
||||||
* Decrypt EncryptedData with appropriate PDE
|
* Decrypt EncryptedData with appropriate PDE
|
||||||
*/
|
*/
|
||||||
|
#if defined(POLARSSL_PKCS12_C)
|
||||||
if( OID_CMP( OID_PKCS12_PBE_SHA1_DES3_EDE_CBC, &pbe_alg_oid ) )
|
if( OID_CMP( OID_PKCS12_PBE_SHA1_DES3_EDE_CBC, &pbe_alg_oid ) )
|
||||||
{
|
{
|
||||||
if( ( ret = pkcs12_pbe_sha1_des3_ede_cbc( &pbe_params,
|
if( ( ret = pkcs12_pbe( &pbe_params, PKCS12_PBE_DECRYPT,
|
||||||
PKCS12_PBE_DECRYPT,
|
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1,
|
||||||
pwd, pwdlen,
|
pwd, pwdlen, p, len, buf ) ) != 0 )
|
||||||
p, len, buf ) ) != 0 )
|
|
||||||
{
|
{
|
||||||
|
if( ret == POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH )
|
||||||
|
return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
|
||||||
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if( OID_CMP( OID_PKCS12_PBE_SHA1_DES2_EDE_CBC, &pbe_alg_oid ) )
|
else if( OID_CMP( OID_PKCS12_PBE_SHA1_DES2_EDE_CBC, &pbe_alg_oid ) )
|
||||||
{
|
{
|
||||||
if( ( ret = pkcs12_pbe_sha1_des2_ede_cbc( &pbe_params,
|
if( ( ret = pkcs12_pbe( &pbe_params, PKCS12_PBE_DECRYPT,
|
||||||
PKCS12_PBE_DECRYPT,
|
POLARSSL_CIPHER_DES_EDE_CBC, POLARSSL_MD_SHA1,
|
||||||
pwd, pwdlen,
|
pwd, pwdlen, p, len, buf ) ) != 0 )
|
||||||
p, len, buf ) ) != 0 )
|
|
||||||
{
|
{
|
||||||
|
if( ret == POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH )
|
||||||
|
return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
|
||||||
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -2282,9 +2289,17 @@ static int x509parse_key_pkcs8_encrypted_der(
|
|||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Best guess for password mismatch when using RC4. If first tag is
|
||||||
|
// not ASN1_CONSTRUCTED | ASN1_SEQUENCE
|
||||||
|
//
|
||||||
|
if( *buf != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) )
|
||||||
|
return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
#endif /* POLARSSL_PKCS12_C */
|
||||||
#if defined(POLARSSL_PKCS5_C)
|
#if defined(POLARSSL_PKCS5_C)
|
||||||
else if( OID_CMP( OID_PKCS5_PBES2, &pbe_alg_oid ) )
|
if( OID_CMP( OID_PKCS5_PBES2, &pbe_alg_oid ) )
|
||||||
{
|
{
|
||||||
if( ( ret = pkcs5_pbes2( &pbe_params, PKCS5_DECRYPT, pwd, pwdlen,
|
if( ( ret = pkcs5_pbes2( &pbe_params, PKCS5_DECRYPT, pwd, pwdlen,
|
||||||
p, len, buf ) ) != 0 )
|
p, len, buf ) ) != 0 )
|
||||||
@ -2295,8 +2310,8 @@ static int x509parse_key_pkcs8_encrypted_der(
|
|||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif /* POLARSSL_PKCS5_C */
|
|
||||||
else
|
else
|
||||||
|
#endif /* POLARSSL_PKCS5_C */
|
||||||
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
|
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
|
||||||
|
|
||||||
return x509parse_key_pkcs8_unencrypted_der( rsa, buf, len );
|
return x509parse_key_pkcs8_unencrypted_der( rsa, buf, len );
|
||||||
|
@ -118,6 +118,14 @@ X509 Parse Key #10 (PKCS#8 encrypted SHA1-3DES)
|
|||||||
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_3des.key":"PolarSSLTest":0
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_3des.key":"PolarSSLTest":0
|
||||||
|
|
||||||
|
X509 Parse Key #10.1 (PKCS#8 encrypted SHA1-3DES, wrong PW)
|
||||||
|
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_3des.key":"PolarSSLTes":POLARSSL_ERR_X509_PASSWORD_MISMATCH
|
||||||
|
|
||||||
|
X509 Parse Key #10.2 (PKCS#8 encrypted SHA1-3DES, no PW)
|
||||||
|
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_3des.key":"":POLARSSL_ERR_X509_PASSWORD_REQUIRED
|
||||||
|
|
||||||
X509 Parse Key #11 (PKCS#8 encrypted SHA1-3DES DER)
|
X509 Parse Key #11 (PKCS#8 encrypted SHA1-3DES DER)
|
||||||
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_FS_IO
|
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_FS_IO
|
||||||
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_3des.der":"PolarSSLTest":0
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_3des.der":"PolarSSLTest":0
|
||||||
@ -126,10 +134,26 @@ X509 Parse Key #12 (PKCS#8 encrypted SHA1-2DES)
|
|||||||
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_2des.key":"PolarSSLTest":0
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_2des.key":"PolarSSLTest":0
|
||||||
|
|
||||||
|
X509 Parse Key #12.1 (PKCS#8 encrypted SHA1-2DES, wrong PW)
|
||||||
|
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_2des.key":"PolarSLTest":POLARSSL_ERR_X509_PASSWORD_MISMATCH
|
||||||
|
|
||||||
|
X509 Parse Key #12.2 (PKCS#8 encrypted SHA1-2DES, no PW)
|
||||||
|
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_2des.key":"":POLARSSL_ERR_X509_PASSWORD_REQUIRED
|
||||||
|
|
||||||
X509 Parse Key #13 (PKCS#8 encrypted SHA1-RC4-128)
|
X509 Parse Key #13 (PKCS#8 encrypted SHA1-RC4-128)
|
||||||
depends_on:POLARSSL_ARC4_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
depends_on:POLARSSL_ARC4_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_rc4_128.key":"PolarSSLTest":0
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_rc4_128.key":"PolarSSLTest":0
|
||||||
|
|
||||||
|
X509 Parse Key #13.1 (PKCS#8 encrypted SHA1-RC4-128, wrong PW)
|
||||||
|
depends_on:POLARSSL_ARC4_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_rc4_128.key":"PolarSSLTe":POLARSSL_ERR_X509_PASSWORD_MISMATCH
|
||||||
|
|
||||||
|
X509 Parse Key #13.2 (PKCS#8 encrypted SHA1-RC4-128, no PW)
|
||||||
|
depends_on:POLARSSL_ARC4_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
|
x509parse_keyfile:"data_files/pkcs8_pbe_sha1_rc4_128.key":"":POLARSSL_ERR_X509_PASSWORD_REQUIRED
|
||||||
|
|
||||||
X509 Parse Key #14 (PKCS#8 encrypted v2 PBDFK2 3DES)
|
X509 Parse Key #14 (PKCS#8 encrypted v2 PBDFK2 3DES)
|
||||||
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
depends_on:POLARSSL_DES_C:POLARSSL_SHA1_C:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||||
x509parse_keyfile:"data_files/pkcs8_pbes2_pbkdf2_3des.key":"PolarSSLTest":0
|
x509parse_keyfile:"data_files/pkcs8_pbes2_pbkdf2_3des.key":"PolarSSLTest":0
|
||||||
|
Loading…
Reference in New Issue
Block a user