lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge pull request #3419 from ndilieto/development

Browse Source 
Pass "certificate policies" extension to callback
This commit is contained in:
Gilles Peskine
2020-06-23 09:35:45 +02:00
committed by GitHub
parent e81dc00df4 511bc8c57b
commit dda104558b
5 changed files with 120 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
include/mbedtls/x509_crt.h
View File

@ -308,7 +308,11 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
*
* Callbacks of this type are passed to and used by the
* mbedtls_x509_crt_parse_der_with_ext_cb() routine when
* it encounters an unsupported extension.
* it encounters either an unsupported extension or a
* "certificate policies" extension containing any
* unsupported certificate policies.
* Future versions of the library may invoke the callback
* in other cases, if and when the need arises.
*
* \param p_ctx An opaque context passed to the callback.
* \param crt The certificate being parsed.
@ -360,7 +364,9 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
* mbedtls_x509_crt_parse_der(), and/or
* mbedtls_x509_crt_parse_der_nocopy()
* but it calls the callback with every unsupported
* certificate extension.
* certificate extension and additionally the
* "certificate policies" extension if it contains any
* unsupported certificate policies.
* The callback must return a negative error code if it
* does not know how to handle such an extension.
* When the callback fails to parse a critical extension
@ -368,6 +374,8 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
* When the callback fails to parse a non critical extension
* mbedtls_x509_crt_parse_der_with_ext_cb() simply skips
* the extension and continues parsing.
* Future versions of the library may invoke the callback
* in other cases, if and when the need arises.
*
* \return \c 0 if successful.
* \return A negative error code on failure.