Make many fields of X.509 structures public

The structures mbedtls_x509_time, mbedtls_x509_crl_entry, mbedtls_x509_crl, mbedtls_x509_crt, mbedtls_x509_san_other_name, mbedtls_x509_subject_alternative_name, mbedtls_x509_csr are designed to expose the result of parsing X.509 data. Document many of their fields as being publicly readable. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-08-01 10:06:53 +03:00 · 2021-08-04 21:56:10 +02:00
parent b89d9c0599
commit 842edf474c
5 changed files with 83 additions and 59 deletions
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@ -514,7 +514,7 @@ int main( int argc, char *argv[] )
        }

        ret = mbedtls_x509_dn_gets( issuer_name, sizeof(issuer_name),
-                                 &issuer_crt.MBEDTLS_PRIVATE(subject) );
+                                 &issuer_crt.subject );
        if( ret < 0 )
        {
            mbedtls_strerror( ret, buf, 1024 );
@ -548,7 +548,7 @@ int main( int argc, char *argv[] )
        }

        ret = mbedtls_x509_dn_gets( subject_name, sizeof(subject_name),
-                                 &csr.MBEDTLS_PRIVATE(subject) );
+                                 &csr.subject );
        if( ret < 0 )
        {
            mbedtls_strerror( ret, buf, 1024 );
@ -558,7 +558,7 @@ int main( int argc, char *argv[] )
        }

        opt.subject_name = subject_name;
-        subject_key = &csr.MBEDTLS_PRIVATE(pk);
+        subject_key = &csr.pk;

        mbedtls_printf( " ok\n" );
    }
@ -602,7 +602,7 @@ int main( int argc, char *argv[] )
    //
    if( strlen( opt.issuer_crt ) )
    {
-        if( mbedtls_pk_check_pair( &issuer_crt.MBEDTLS_PRIVATE(pk), issuer_key,
+        if( mbedtls_pk_check_pair( &issuer_crt.pk, issuer_key,
                                   mbedtls_ctr_drbg_random, &ctr_drbg ) != 0 )
        {
            mbedtls_printf( " failed\n  !  issuer_key does not match "