lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Remove MBEDTLS_OID_X509_EXT_xxx constants

Browse Source 
They're just aliases for the corresponding MBEDTLS_X509_EXT_xxx. We don't
need separate names.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2025-04-09 21:51:46 +02:00
parent b7ef4df001
commit 32a1112e88
5 changed files with 33 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
include/mbedtls/x509.h
View File

@ -167,26 +167,23 @@
* *
* Comments refer to the status for using certificates. Status can be * Comments refer to the status for using certificates. Status can be
* different for writing certificates or reading CRLs or CSRs. * different for writing certificates or reading CRLs or CSRs.
*
* Those are defined in oid.h as oid.c needs them in a data structure. Since
* these were previously defined here, let's have aliases for compatibility.
*/ */
#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER #define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER #define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
#define MBEDTLS_X509_EXT_KEY_USAGE MBEDTLS_OID_X509_EXT_KEY_USAGE #define MBEDTLS_X509_EXT_KEY_USAGE (1 << 2)
#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES #define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES (1 << 3)
#define MBEDTLS_X509_EXT_POLICY_MAPPINGS MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS #define MBEDTLS_X509_EXT_POLICY_MAPPINGS (1 << 4)
#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME /* Supported (DNS) */ #define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */
#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME #define MBEDTLS_X509_EXT_ISSUER_ALT_NAME (1 << 6)
#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS #define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS /* Supported */ #define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */
#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS #define MBEDTLS_X509_EXT_NAME_CONSTRAINTS (1 << 9)
#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS #define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS (1 << 10)
#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE #define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE (1 << 11)
#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS #define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY #define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13)
#define MBEDTLS_X509_EXT_FRESHEST_CRL MBEDTLS_OID_X509_EXT_FRESHEST_CRL #define MBEDTLS_X509_EXT_FRESHEST_CRL (1 << 14)
#define MBEDTLS_X509_EXT_NS_CERT_TYPE MBEDTLS_OID_X509_EXT_NS_CERT_TYPE #define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16)
/* /*
* Storage format identifiers * Storage format identifiers

4
library/x509_crt.c
View File

@ -1015,7 +1015,7 @@ static int x509_get_crt_ext(unsigned char **p,
} }
break; break;
case MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES: case MBEDTLS_X509_EXT_CERTIFICATE_POLICIES:
/* Parse certificate policies type */ /* Parse certificate policies type */
if ((ret = x509_get_certificate_policies(p, end_ext_octet, if ((ret = x509_get_certificate_policies(p, end_ext_octet,
&crt->certificate_policies)) != 0) { &crt->certificate_policies)) != 0) {
@ -1866,7 +1866,7 @@ int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix,
} }
} }
if (crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES) { if (crt->ext_types & MBEDTLS_X509_EXT_CERTIFICATE_POLICIES) {
ret = mbedtls_snprintf(p, n, "\n%scertificate policies : ", prefix); ret = mbedtls_snprintf(p, n, "\n%scertificate policies : ", prefix);
MBEDTLS_X509_SAFE_SNPRINTF; MBEDTLS_X509_SAFE_SNPRINTF;

16
library/x509_oid.c
View File

@ -273,47 +273,47 @@ static const oid_x509_ext_t oid_x509_ext[] =
OID_DESCRIPTOR(MBEDTLS_OID_BASIC_CONSTRAINTS, OID_DESCRIPTOR(MBEDTLS_OID_BASIC_CONSTRAINTS,
"id-ce-basicConstraints", "id-ce-basicConstraints",
"Basic Constraints"), "Basic Constraints"),
MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS, MBEDTLS_X509_EXT_BASIC_CONSTRAINTS,
}, },
{ {
OID_DESCRIPTOR(MBEDTLS_OID_KEY_USAGE, "id-ce-keyUsage", "Key Usage"), OID_DESCRIPTOR(MBEDTLS_OID_KEY_USAGE, "id-ce-keyUsage", "Key Usage"),
MBEDTLS_OID_X509_EXT_KEY_USAGE, MBEDTLS_X509_EXT_KEY_USAGE,
}, },
{ {
OID_DESCRIPTOR(MBEDTLS_OID_EXTENDED_KEY_USAGE, OID_DESCRIPTOR(MBEDTLS_OID_EXTENDED_KEY_USAGE,
"id-ce-extKeyUsage", "id-ce-extKeyUsage",
"Extended Key Usage"), "Extended Key Usage"),
MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE, MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE,
}, },
{ {
OID_DESCRIPTOR(MBEDTLS_OID_SUBJECT_ALT_NAME, OID_DESCRIPTOR(MBEDTLS_OID_SUBJECT_ALT_NAME,
"id-ce-subjectAltName", "id-ce-subjectAltName",
"Subject Alt Name"), "Subject Alt Name"),
MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME, MBEDTLS_X509_EXT_SUBJECT_ALT_NAME,
}, },
{ {
OID_DESCRIPTOR(MBEDTLS_OID_NS_CERT_TYPE, OID_DESCRIPTOR(MBEDTLS_OID_NS_CERT_TYPE,
"id-netscape-certtype", "id-netscape-certtype",
"Netscape Certificate Type"), "Netscape Certificate Type"),
MBEDTLS_OID_X509_EXT_NS_CERT_TYPE, MBEDTLS_X509_EXT_NS_CERT_TYPE,
}, },
{ {
OID_DESCRIPTOR(MBEDTLS_OID_CERTIFICATE_POLICIES, OID_DESCRIPTOR(MBEDTLS_OID_CERTIFICATE_POLICIES,
"id-ce-certificatePolicies", "id-ce-certificatePolicies",
"Certificate Policies"), "Certificate Policies"),
MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES, MBEDTLS_X509_EXT_CERTIFICATE_POLICIES,
}, },
{ {
OID_DESCRIPTOR(MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER, OID_DESCRIPTOR(MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER,
"id-ce-subjectKeyIdentifier", "id-ce-subjectKeyIdentifier",
"Subject Key Identifier"), "Subject Key Identifier"),
MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER, MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER,
}, },
{ {
OID_DESCRIPTOR(MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER, OID_DESCRIPTOR(MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER,
"id-ce-authorityKeyIdentifier", "id-ce-authorityKeyIdentifier",
"Authority Key Identifier"), "Authority Key Identifier"),
MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER, MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER,
}, },
{ {
NULL_OID_DESCRIPTOR, NULL_OID_DESCRIPTOR,

23
library/x509_oid.h
View File

@ -13,6 +13,7 @@
#include "mbedtls/asn1.h" #include "mbedtls/asn1.h"
#include "mbedtls/pk.h" #include "mbedtls/pk.h"
#include "mbedtls/x509.h"
#include <stddef.h> #include <stddef.h>
@ -23,28 +24,6 @@
/** output buffer is too small */ /** output buffer is too small */
#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B #define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B
/* This is for the benefit of X.509, but defined here in order to avoid
* having a "backwards" include of x.509.h here */
/*
* X.509 extension types (internal, arbitrary values for bitsets)
*/
#define MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
#define MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
#define MBEDTLS_OID_X509_EXT_KEY_USAGE (1 << 2)
#define MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES (1 << 3)
#define MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS (1 << 4)
#define MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME (1 << 5)
#define MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME (1 << 6)
#define MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
#define MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS (1 << 8)
#define MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS (1 << 9)
#define MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS (1 << 10)
#define MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE (1 << 11)
#define MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
#define MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13)
#define MBEDTLS_OID_X509_EXT_FRESHEST_CRL (1 << 14)
#define MBEDTLS_OID_X509_EXT_NS_CERT_TYPE (1 << 16)
/* /*
* Maximum number of OID components allowed * Maximum number of OID components allowed
*/ */

12
tests/suites/test_suite_x509_oid.data
View File

@ -35,22 +35,22 @@ OID get Ext Key Usage wrong oid - id-ce-authorityKeyIdentifier
oid_get_extended_key_usage:"551D23":"" oid_get_extended_key_usage:"551D23":""
OID get x509 extension - id-ce-basicConstraints OID get x509 extension - id-ce-basicConstraints
oid_get_x509_extension:"551D13":MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS oid_get_x509_extension:"551D13":MBEDTLS_X509_EXT_BASIC_CONSTRAINTS
OID get x509 extension - id-ce-keyUsage OID get x509 extension - id-ce-keyUsage
oid_get_x509_extension:"551D0F":MBEDTLS_OID_X509_EXT_KEY_USAGE oid_get_x509_extension:"551D0F":MBEDTLS_X509_EXT_KEY_USAGE
OID get x509 extension - id-ce-extKeyUsage OID get x509 extension - id-ce-extKeyUsage
oid_get_x509_extension:"551D25":MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE oid_get_x509_extension:"551D25":MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE
OID get x509 extension - id-ce-subjectAltName OID get x509 extension - id-ce-subjectAltName
oid_get_x509_extension:"551D11":MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME oid_get_x509_extension:"551D11":MBEDTLS_X509_EXT_SUBJECT_ALT_NAME
OID get x509 extension - id-netscape-certtype OID get x509 extension - id-netscape-certtype
oid_get_x509_extension:"6086480186F8420101":MBEDTLS_OID_X509_EXT_NS_CERT_TYPE oid_get_x509_extension:"6086480186F8420101":MBEDTLS_X509_EXT_NS_CERT_TYPE
OID get x509 extension - id-ce-certificatePolicies OID get x509 extension - id-ce-certificatePolicies
oid_get_x509_extension:"551D20":MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES oid_get_x509_extension:"551D20":MBEDTLS_X509_EXT_CERTIFICATE_POLICIES
OID get x509 extension - invalid oid OID get x509 extension - invalid oid
oid_get_x509_extension:"5533445566":0 oid_get_x509_extension:"5533445566":0