From 004da8ff52a9284ed65e0987c990493badc51bbc Mon Sep 17 00:00:00 2001 From: Todd A Ouska Date: Fri, 3 Jun 2011 13:01:45 -0700 Subject: [PATCH] fix asn public interface, some potential collisions --- .gitignore | 2 + configure.in | 15 +++++- ctaocrypt/include/ctc_asn.h | 55 ++++++------------- ctaocrypt/include/ctc_asn_public.h | 78 +++++++++++++++++++-------- ctaocrypt/include/ctc_random.h | 1 - ctaocrypt/include/ctc_rsa.h | 11 ++-- ctaocrypt/src/asn.c | 62 +++++++++++----------- ctaocrypt/test/test.c | 84 +++++++++++++++++------------- 8 files changed, 174 insertions(+), 134 deletions(-) diff --git a/.gitignore b/.gitignore index 31a7342cc..1417eb838 100644 --- a/.gitignore +++ b/.gitignore @@ -6,7 +6,9 @@ *sh *.cache .dirstamp +*.user config* +*Debug/ ctc_config* stamp* libtool.m4 diff --git a/configure.in b/configure.in index 53edd66f5..c433e79ee 100644 --- a/configure.in +++ b/configure.in @@ -7,7 +7,7 @@ AC_CANONICAL_SYSTEM AM_INIT_AUTOMAKE(subdir-objects) #shared library versioning -CYASSL_LIBRARY_VERSION=2:0:0 +CYASSL_LIBRARY_VERSION=2:1:0 # | | | # +------+ | +---+ # | | | @@ -367,6 +367,19 @@ fi AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"]) +# Test certs, use internal cert functions for extra testing +AC_ARG_ENABLE(testcert, + [ --enable-testcert Enable Test Cert (default: disabled)], + [ ENABLED_TESTCERT=$enableval ], + [ ENABLED_TESTCERT=no ] + ) + +if test "$ENABLED_TESTCERT" = "yes" +then + CFLAGS="$CFLAGS -DCYASSL_TEST_CERT" +fi + + # LIBZ trylibzdir="" AC_ARG_WITH(libz, diff --git a/ctaocrypt/include/ctc_asn.h b/ctaocrypt/include/ctc_asn.h index b207140f4..1a7a2ee62 100644 --- a/ctaocrypt/include/ctc_asn.h +++ b/ctaocrypt/include/ctc_asn.h @@ -42,7 +42,6 @@ enum { ISSUER = 0, SUBJECT = 1, - SERIAL_SIZE = 8, EXTERNAL_SERIAL_SIZE = 32, BEFORE = 0, @@ -170,20 +169,16 @@ enum KDF_Sum { }; -/* Certificate file Type */ -enum CertType { - CERT_TYPE = 0, - PRIVATEKEY_TYPE, - CA_TYPE -}; - - enum VerifyType { NO_VERIFY = 0, VERIFY = 1 }; +typedef struct DecodedCert DecodedCert; +typedef struct Signer Signer; + + struct DecodedCert { byte* publicKey; word32 pubKeySize; @@ -237,6 +232,18 @@ struct Signer { }; +/* not for public consumption but may use for testing sometimes */ +#ifdef CYASSL_TEST_CERT + #define CYASSL_TEST_API CYASSL_API +#else + #define CYASSL_TEST_API CYASSL_LOCAL +#endif + +CYASSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, void*); +CYASSL_TEST_API void FreeDecodedCert(DecodedCert*); +CYASSL_TEST_API int ParseCert(DecodedCert*, word32, int type, int verify, + Signer* signer); + CYASSL_LOCAL int ParseCertRelative(DecodedCert*, word32, int type, int verify, Signer* signer); @@ -265,7 +272,6 @@ CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int); #ifdef CYASSL_CERT_GEN enum cert_enums { - NAME_SIZE = 64, NAME_ENTRIES = 8, JOINT_LEN = 2, EMAIL_JOINT_LEN = 9, @@ -274,35 +280,6 @@ enum cert_enums { }; -typedef struct CertName { - char country[NAME_SIZE]; - char state[NAME_SIZE]; - char locality[NAME_SIZE]; - char sur[NAME_SIZE]; - char org[NAME_SIZE]; - char unit[NAME_SIZE]; - char commonName[NAME_SIZE]; - char email[NAME_SIZE]; /* !!!! email has to be last !!!! */ -} CertName; - - -/* for user to fill for certificate generation */ -struct Cert { - int version; /* x509 version */ - byte serial[SERIAL_SIZE]; /* serial number */ - int sigType; /* signature algo type */ - CertName issuer; /* issuer info */ - int daysValid; /* validity days */ - int selfSigned; /* self signed flag */ - CertName subject; /* subject info */ - /* internal use only */ - int bodySz; /* pre sign total size */ - int keyType; /* public key type of subject */ -}; - - - - #endif /* CYASSL_CERT_GEN */ diff --git a/ctaocrypt/include/ctc_asn_public.h b/ctaocrypt/include/ctc_asn_public.h index d5dbc8eac..e0e301c04 100644 --- a/ctaocrypt/include/ctc_asn_public.h +++ b/ctaocrypt/include/ctc_asn_public.h @@ -24,31 +24,58 @@ #define CTAO_CRYPT_ASN_PUBLIC_H #include "ctc_types.h" +#ifdef CYASSL_CERT_GEN + #include "ctc_rsa.h" +#endif + #ifdef __cplusplus extern "C" { #endif -/* forward declarations */ -typedef struct DecodedCert DecodedCert; -typedef struct Cert Cert; -typedef struct Signer Signer; -#ifndef CTC_RSA_KEY_DEFINED - typedef struct RsaKey RsaKey; -#endif -#ifndef CTC_RNG_DEFINED - typedef struct RNG RNG; -#endif -CYASSL_API void InitDecodedCert(DecodedCert*, byte*, void*); -CYASSL_API void FreeDecodedCert(DecodedCert*); -CYASSL_API int ParseCert(DecodedCert*, word32, int type, int verify, - Signer* signer); +/* Certificate file Type */ +enum CertType { + CERT_TYPE = 0, + PRIVATEKEY_TYPE, + CA_TYPE +}; + +#ifdef CYASSL_CERT_GEN + +enum Ctc_Misc { + CTC_NAME_SIZE = 64, + CTC_SERIAL_SIZE = 8 +}; + +typedef struct CertName { + char country[CTC_NAME_SIZE]; + char state[CTC_NAME_SIZE]; + char locality[CTC_NAME_SIZE]; + char sur[CTC_NAME_SIZE]; + char org[CTC_NAME_SIZE]; + char unit[CTC_NAME_SIZE]; + char commonName[CTC_NAME_SIZE]; + char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */ +} CertName; + + +/* for user to fill for certificate generation */ +typedef struct Cert { + int version; /* x509 version */ + byte serial[CTC_SERIAL_SIZE]; /* serial number */ + int sigType; /* signature algo type */ + CertName issuer; /* issuer info */ + int daysValid; /* validity days */ + int selfSigned; /* self signed flag */ + CertName subject; /* subject info */ + /* internal use only */ + int bodySz; /* pre sign total size */ + int keyType; /* public key type of subject */ +} Cert; + + -#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) -CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output, - word32 outputSz, int type); -#endif /* Initialize and Set Certficate defaults: version = 3 (0x2) @@ -66,9 +93,18 @@ CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); CYASSL_API int SetIssuer(Cert*, const char*); -#ifdef HAVE_NTRU -CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, - const byte* ntruKey, word16 keySz, RNG*); + + #ifdef HAVE_NTRU + CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, + const byte* ntruKey, word16 keySz, RNG*); + #endif + +#endif /* CYASSL_CERT_GEN */ + + +#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) + CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output, + word32 outputSz, int type); #endif diff --git a/ctaocrypt/include/ctc_random.h b/ctaocrypt/include/ctc_random.h index 05d03ec40..121fd24ce 100644 --- a/ctaocrypt/include/ctc_random.h +++ b/ctaocrypt/include/ctc_random.h @@ -59,7 +59,6 @@ typedef struct RNG { Arc4 cipher; } RNG; -#define CTC_RNG_DEFINED /* redeclare guard */ CYASSL_API int InitRng(RNG*); CYASSL_API void RNG_GenerateBlock(RNG*, byte*, word32 sz); diff --git a/ctaocrypt/include/ctc_rsa.h b/ctaocrypt/include/ctc_rsa.h index afb5656a0..138346ad9 100644 --- a/ctaocrypt/include/ctc_rsa.h +++ b/ctaocrypt/include/ctc_rsa.h @@ -44,8 +44,6 @@ typedef struct RsaKey { void* heap; /* for user memory overrides */ } RsaKey; -#define CTC_RSA_KEY_DEFINED /* redeclare guard */ - CYASSL_API void InitRsaKey(RsaKey* key, void*); CYASSL_API void FreeRsaKey(RsaKey* key); @@ -64,15 +62,16 @@ CYASSL_API int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen, RsaKey* key); CYASSL_API int RsaEncryptSize(RsaKey* key); +CYASSL_API int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, + word32); +CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, + word32); #ifdef CYASSL_KEY_GEN CYASSL_API int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng); CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen); #endif -CYASSL_API int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, - word32); -CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, - word32); + #ifdef __cplusplus } /* extern "C" */ diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 5f0404dcb..d32a1431c 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -2420,7 +2420,7 @@ void InitCert(Cert* cert) cert->selfSigned = 1; cert->bodySz = 0; cert->keyType = RSA_KEY; - XMEMSET(cert->serial, 0, SERIAL_SIZE); + XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE); cert->issuer.country[0] = '\0'; cert->issuer.state[0] = '\0'; @@ -2446,7 +2446,7 @@ void InitCert(Cert* cert) typedef struct DerCert { byte size[MAX_LENGTH_SZ]; /* length encoded */ byte version[MAX_VERSION_SZ]; /* version encoded */ - byte serial[SERIAL_SIZE + MAX_LENGTH_SZ]; /* serial number encoded */ + byte serial[CTC_SERIAL_SIZE + MAX_LENGTH_SZ]; /* serial number encoded */ byte sigAlgo[MAX_ALGO_SZ]; /* signature algo encoded */ byte issuer[ASN_NAME_MAX]; /* issuer encoded */ byte subject[ASN_NAME_MAX]; /* subject encoded */ @@ -2478,10 +2478,10 @@ static int SetSerial(const byte* serial, byte* output) int length = 0; output[length++] = ASN_INTEGER; - length += SetLength(SERIAL_SIZE, &output[length]); - XMEMCPY(&output[length], serial, SERIAL_SIZE); + length += SetLength(CTC_SERIAL_SIZE, &output[length]); + XMEMCPY(&output[length], serial, CTC_SERIAL_SIZE); - return length + SERIAL_SIZE; + return length + CTC_SERIAL_SIZE; } @@ -2657,7 +2657,7 @@ typedef struct EncodedName { int totalLen; /* total encodeding length */ int type; /* type of name */ int used; /* are we actually using this one */ - byte encoded[NAME_SIZE * 2]; /* encoding */ + byte encoded[CTC_NAME_SIZE * 2]; /* encoding */ } EncodedName; @@ -2853,7 +2853,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng, der->versionSz = SetMyVersion(cert->version, der->version, TRUE); /* serial number */ - RNG_GenerateBlock(rng, cert->serial, SERIAL_SIZE); + RNG_GenerateBlock(rng, cert->serial, CTC_SERIAL_SIZE); cert->serial[0] = 0x01; /* ensure positive */ der->serialSz = SetSerial(cert->serial, der->serial); @@ -3086,51 +3086,51 @@ int SetIssuer(Cert* cert, const char* issuerCertFile) return ret; if (decoded.subjectCN) { - sz = (decoded.subjectCNLen < NAME_SIZE) ? decoded.subjectCNLen : - NAME_SIZE - 1; - strncpy(cert->issuer.commonName, decoded.subjectCN, NAME_SIZE); + sz = (decoded.subjectCNLen < CTC_NAME_SIZE) ? decoded.subjectCNLen : + CTC_NAME_SIZE - 1; + strncpy(cert->issuer.commonName, decoded.subjectCN, CTC_NAME_SIZE); cert->issuer.commonName[sz] = 0; } if (decoded.subjectC) { - sz = (decoded.subjectCLen < NAME_SIZE) ? decoded.subjectCLen : - NAME_SIZE - 1; - strncpy(cert->issuer.country, decoded.subjectC, NAME_SIZE); + sz = (decoded.subjectCLen < CTC_NAME_SIZE) ? decoded.subjectCLen : + CTC_NAME_SIZE - 1; + strncpy(cert->issuer.country, decoded.subjectC, CTC_NAME_SIZE); cert->issuer.country[sz] = 0; } if (decoded.subjectST) { - sz = (decoded.subjectSTLen < NAME_SIZE) ? decoded.subjectSTLen : - NAME_SIZE - 1; - strncpy(cert->issuer.state, decoded.subjectST, NAME_SIZE); + sz = (decoded.subjectSTLen < CTC_NAME_SIZE) ? decoded.subjectSTLen : + CTC_NAME_SIZE - 1; + strncpy(cert->issuer.state, decoded.subjectST, CTC_NAME_SIZE); cert->issuer.state[sz] = 0; } if (decoded.subjectL) { - sz = (decoded.subjectLLen < NAME_SIZE) ? decoded.subjectLLen : - NAME_SIZE - 1; - strncpy(cert->issuer.locality, decoded.subjectL, NAME_SIZE); + sz = (decoded.subjectLLen < CTC_NAME_SIZE) ? decoded.subjectLLen : + CTC_NAME_SIZE - 1; + strncpy(cert->issuer.locality, decoded.subjectL, CTC_NAME_SIZE); cert->issuer.locality[sz] = 0; } if (decoded.subjectO) { - sz = (decoded.subjectOLen < NAME_SIZE) ? decoded.subjectOLen : - NAME_SIZE - 1; - strncpy(cert->issuer.org, decoded.subjectO, NAME_SIZE); + sz = (decoded.subjectOLen < CTC_NAME_SIZE) ? decoded.subjectOLen : + CTC_NAME_SIZE - 1; + strncpy(cert->issuer.org, decoded.subjectO, CTC_NAME_SIZE); cert->issuer.org[sz] = 0; } if (decoded.subjectOU) { - sz = (decoded.subjectOULen < NAME_SIZE) ? decoded.subjectOULen : - NAME_SIZE - 1; - strncpy(cert->issuer.unit, decoded.subjectOU, NAME_SIZE); + sz = (decoded.subjectOULen < CTC_NAME_SIZE) ? decoded.subjectOULen : + CTC_NAME_SIZE - 1; + strncpy(cert->issuer.unit, decoded.subjectOU, CTC_NAME_SIZE); cert->issuer.unit[sz] = 0; } if (decoded.subjectSN) { - sz = (decoded.subjectSNLen < NAME_SIZE) ? decoded.subjectSNLen : - NAME_SIZE - 1; - strncpy(cert->issuer.sur, decoded.subjectSN, NAME_SIZE); + sz = (decoded.subjectSNLen < CTC_NAME_SIZE) ? decoded.subjectSNLen : + CTC_NAME_SIZE - 1; + strncpy(cert->issuer.sur, decoded.subjectSN, CTC_NAME_SIZE); cert->issuer.sur[sz] = 0; } if (decoded.subjectEmail) { - sz = (decoded.subjectEmailLen < NAME_SIZE) ? decoded.subjectEmailLen : - NAME_SIZE - 1; - strncpy(cert->issuer.email, decoded.subjectEmail, NAME_SIZE); + sz = (decoded.subjectEmailLen < CTC_NAME_SIZE) ? + decoded.subjectEmailLen : CTC_NAME_SIZE - 1; + strncpy(cert->issuer.email, decoded.subjectEmail, CTC_NAME_SIZE); cert->issuer.email[sz] = 0; } diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index 827909a98..a8408700c 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -5,6 +5,11 @@ #include #include +#ifdef CYASSL_TEST_CERT + #include "ctc_asn.h" +#else + #include "ctc_asn_public.h" +#endif #include "ctc_md5.h" #include "ctc_md4.h" #include "ctc_sha.h" @@ -13,7 +18,7 @@ #include "ctc_arc4.h" #include "ctc_random.h" #include "ctc_coding.h" -#include "ctc_asn.h" +#include "ctc_rsa.h" #include "ctc_des3.h" #include "ctc_aes.h" #include "ctc_hmac.h" @@ -1081,7 +1086,9 @@ int rsa_test() word32 inLen = (word32)strlen((char*)in); byte out[256]; byte plain[256]; +#ifdef CYASSL_TEST_CERT DecodedCert cert; +#endif FILE* file = fopen(clientKey, "rb"), * file2; @@ -1115,12 +1122,14 @@ int rsa_test() bytes2 = fread(tmp2, 1, sizeof(tmp2), file2); +#ifdef CYASSL_TEST_CERT InitDecodedCert(&cert, (byte*)&tmp2, 0); ret = ParseCert(&cert, (word32)bytes2, CERT_TYPE, NO_VERIFY, 0); if (ret != 0) return -48; FreeDecodedCert(&cert); +#endif fclose(file2); fclose(file); @@ -1179,31 +1188,35 @@ int rsa_test() Cert myCert; byte derCert[4096]; byte pem[4096]; - DecodedCert decode; FILE* derFile; FILE* pemFile; int certSz; int pemSz; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif InitCert(&myCert); - strncpy(myCert.subject.country, "US", NAME_SIZE); - strncpy(myCert.subject.state, "OR", NAME_SIZE); - strncpy(myCert.subject.locality, "Portland", NAME_SIZE); - strncpy(myCert.subject.org, "yaSSL", NAME_SIZE); - strncpy(myCert.subject.unit, "Development", NAME_SIZE); - strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE); - strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE); + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); certSz = MakeSelfCert(&myCert, derCert, sizeof(derCert), &key, &rng); if (certSz < 0) return -401; +#ifdef CYASSL_TEST_CERT InitDecodedCert(&decode, derCert, 0); ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0); if (ret != 0) return -402; - + FreeDecodedCert(&decode); +#endif derFile = fopen("./cert.der", "wb"); if (!derFile) return -403; @@ -1220,7 +1233,6 @@ int rsa_test() ret = fwrite(pem, pemSz, 1, pemFile); fclose(pemFile); - FreeDecodedCert(&decode); } /* CA style */ @@ -1229,7 +1241,6 @@ int rsa_test() Cert myCert; byte derCert[4096]; byte pem[4096]; - DecodedCert decode; FILE* derFile; FILE* pemFile; int certSz; @@ -1237,6 +1248,9 @@ int rsa_test() byte tmp[2048]; size_t bytes; word32 idx = 0; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif FILE* file = fopen(caKeyFile, "rb"); @@ -1251,13 +1265,13 @@ int rsa_test() InitCert(&myCert); - strncpy(myCert.subject.country, "US", NAME_SIZE); - strncpy(myCert.subject.state, "OR", NAME_SIZE); - strncpy(myCert.subject.locality, "Portland", NAME_SIZE); - strncpy(myCert.subject.org, "yaSSL", NAME_SIZE); - strncpy(myCert.subject.unit, "Development", NAME_SIZE); - strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE); - strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE); + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); ret = SetIssuer(&myCert, caCertFile); if (ret < 0) @@ -1272,10 +1286,13 @@ int rsa_test() return -408; +#ifdef CYASSL_TEST_CERT InitDecodedCert(&decode, derCert, 0); ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0); if (ret != 0) return -409; + FreeDecodedCert(&decode); +#endif derFile = fopen("./othercert.der", "wb"); if (!derFile) @@ -1292,9 +1309,6 @@ int rsa_test() return -412; ret = fwrite(pem, pemSz, 1, pemFile); fclose(pemFile); - - FreeDecodedCert(&decode); - } #ifdef HAVE_NTRU { @@ -1302,7 +1316,6 @@ int rsa_test() Cert myCert; byte derCert[4096]; byte pem[4096]; - DecodedCert decode; FILE* derFile; FILE* pemFile; FILE* caFile; @@ -1312,6 +1325,9 @@ int rsa_test() byte tmp[2048]; size_t bytes; word32 idx = 0; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif byte public_key[557]; /* sized for EES401EP2 */ word16 public_key_len; /* no. of octets in public key */ @@ -1352,13 +1368,13 @@ int rsa_test() InitCert(&myCert); - strncpy(myCert.subject.country, "US", NAME_SIZE); - strncpy(myCert.subject.state, "OR", NAME_SIZE); - strncpy(myCert.subject.locality, "Portland", NAME_SIZE); - strncpy(myCert.subject.org, "yaSSL", NAME_SIZE); - strncpy(myCert.subject.unit, "Development", NAME_SIZE); - strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE); - strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE); + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); ret = SetIssuer(&myCert, caCertFile); if (ret < 0) @@ -1374,11 +1390,13 @@ int rsa_test() return -457; +#ifdef CYASSL_TEST_CERT InitDecodedCert(&decode, derCert, 0); ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0); if (ret != 0) return -458; - + FreeDecodedCert(&decode); +#endif derFile = fopen("./ntru-cert.der", "wb"); if (!derFile) return -459; @@ -1400,10 +1418,6 @@ int rsa_test() return -462; ret = fwrite(private_key, private_key_len, 1, ntruPrivFile); fclose(ntruPrivFile); - - - - FreeDecodedCert(&decode); } #endif /* HAVE_NTRU */ #endif /* CYASSL_CERT_GEN */