• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  *  Root CA reading application
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6  */
7 
8 #if !defined(MBEDTLS_CONFIG_FILE)
9 #include "mbedtls/config.h"
10 #else
11 #include MBEDTLS_CONFIG_FILE
12 #endif
13 
14 #include "mbedtls/platform.h"
15 
16 #if !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) ||  \
17     !defined(MBEDTLS_TIMING_C)
main(void)18 int main(void)
19 {
20     mbedtls_printf("MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or "
21                    "MBEDTLS_TIMING_C not defined.\n");
22     mbedtls_exit(0);
23 }
24 #else
25 
26 #include "mbedtls/error.h"
27 #include "mbedtls/timing.h"
28 #include "mbedtls/x509_crt.h"
29 
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
33 
34 #define DFL_ITERATIONS          1
35 #define DFL_PRIME_CACHE         1
36 
37 #define USAGE \
38     "\n usage: load_roots param=<>... [--] FILE...\n"   \
39     "\n acceptable parameters:\n"                       \
40     "    iterations=%%d        Iteration count (not including cache priming); default: 1\n"  \
41     "    prime=%%d             Prime the disk read cache? Default: 1 (yes)\n"  \
42     "\n"
43 
44 
45 /*
46  * global options
47  */
48 struct options {
49     const char **filenames;     /* NULL-terminated list of file names */
50     unsigned iterations;        /* Number of iterations to time */
51     int prime_cache;            /* Prime the disk read cache? */
52 } opt;
53 
54 
read_certificates(const char * const * filenames)55 int read_certificates(const char *const *filenames)
56 {
57     mbedtls_x509_crt cas;
58     int ret = 0;
59     const char *const *cur;
60 
61     mbedtls_x509_crt_init(&cas);
62 
63     for (cur = filenames; *cur != NULL; cur++) {
64         ret = mbedtls_x509_crt_parse_file(&cas, *cur);
65         if (ret != 0) {
66 #if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
67             char error_message[200];
68             mbedtls_strerror(ret, error_message, sizeof(error_message));
69             printf("\n%s: -0x%04x (%s)\n",
70                    *cur, (unsigned) -ret, error_message);
71 #else
72             printf("\n%s: -0x%04x\n",
73                    *cur, (unsigned) -ret);
74 #endif
75             goto exit;
76         }
77     }
78 
79 exit:
80     mbedtls_x509_crt_free(&cas);
81     return ret == 0;
82 }
83 
main(int argc,char * argv[])84 int main(int argc, char *argv[])
85 {
86     int exit_code = MBEDTLS_EXIT_FAILURE;
87     unsigned i, j;
88     struct mbedtls_timing_hr_time timer;
89     unsigned long ms;
90 
91 #if defined(MBEDTLS_USE_PSA_CRYPTO)
92     psa_status_t status = psa_crypto_init();
93     if (status != PSA_SUCCESS) {
94         mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
95                         (int) status);
96         goto exit;
97     }
98 #endif /* MBEDTLS_USE_PSA_CRYPTO */
99 
100     if (argc <= 1) {
101         mbedtls_printf(USAGE);
102         goto exit;
103     }
104 
105     opt.filenames = NULL;
106     opt.iterations = DFL_ITERATIONS;
107     opt.prime_cache = DFL_PRIME_CACHE;
108 
109     for (i = 1; i < (unsigned) argc; i++) {
110         char *p = argv[i];
111         char *q = NULL;
112 
113         if (strcmp(p, "--") == 0) {
114             break;
115         }
116         if ((q = strchr(p, '=')) == NULL) {
117             break;
118         }
119         *q++ = '\0';
120 
121         for (j = 0; p + j < q; j++) {
122             if (argv[i][j] >= 'A' && argv[i][j] <= 'Z') {
123                 argv[i][j] |= 0x20;
124             }
125         }
126 
127         if (strcmp(p, "iterations") == 0) {
128             opt.iterations = atoi(q);
129         } else if (strcmp(p, "prime") == 0) {
130             opt.iterations = atoi(q) != 0;
131         } else {
132             mbedtls_printf("Unknown option: %s\n", p);
133             mbedtls_printf(USAGE);
134             goto exit;
135         }
136     }
137 
138     opt.filenames = (const char **) argv + i;
139     if (*opt.filenames == 0) {
140         mbedtls_printf("Missing list of certificate files to parse\n");
141         goto exit;
142     }
143 
144     mbedtls_printf("Parsing %u certificates", argc - i);
145     if (opt.prime_cache) {
146         if (!read_certificates(opt.filenames)) {
147             goto exit;
148         }
149         mbedtls_printf(" ");
150     }
151 
152     (void) mbedtls_timing_get_timer(&timer, 1);
153     for (i = 1; i <= opt.iterations; i++) {
154         if (!read_certificates(opt.filenames)) {
155             goto exit;
156         }
157         mbedtls_printf(".");
158     }
159     ms = mbedtls_timing_get_timer(&timer, 0);
160     mbedtls_printf("\n%u iterations -> %lu ms\n", opt.iterations, ms);
161     exit_code = MBEDTLS_EXIT_SUCCESS;
162 
163 exit:
164 #if defined(MBEDTLS_USE_PSA_CRYPTO)
165     mbedtls_psa_crypto_free();
166 #endif /* MBEDTLS_USE_PSA_CRYPTO */
167     mbedtls_exit(exit_code);
168 }
169 #endif /* necessary configuration */
170