mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-08-01 10:06:53 +03:00
Fix some X509 macro names
For some reason, during the great renaming, some names that should have been prefixed with MBEDTLS_X509_ have only been prefixed with MBEDTLS_
This commit is contained in:
Manuel Pégourié-Gonnard
@ -702,15 +702,15 @@
|
||||
#define ASN1_UTC_TIME MBEDTLS_ASN1_UTC_TIME
|
||||
#define ASN1_UTF8_STRING MBEDTLS_ASN1_UTF8_STRING
|
||||
#define BADCERT_CN_MISMATCH MBEDTLS_X509_BADCERT_CN_MISMATCH
|
||||
#define BADCERT_EXPIRED MBEDTLS_BADCERT_EXPIRED
|
||||
#define BADCERT_EXPIRED MBEDTLS_X509_BADCERT_EXPIRED
|
||||
#define BADCERT_FUTURE MBEDTLS_X509_BADCERT_FUTURE
|
||||
#define BADCERT_MISSING MBEDTLS_BADCERT_MISSING
|
||||
#define BADCERT_MISSING MBEDTLS_X509_BADCERT_MISSING
|
||||
#define BADCERT_NOT_TRUSTED MBEDTLS_X509_BADCERT_NOT_TRUSTED
|
||||
#define BADCERT_OTHER MBEDTLS_BADCERT_OTHER
|
||||
#define BADCERT_OTHER MBEDTLS_X509_BADCERT_OTHER
|
||||
#define BADCERT_REVOKED MBEDTLS_X509_BADCERT_REVOKED
|
||||
#define BADCERT_SKIP_VERIFY MBEDTLS_BADCERT_SKIP_VERIFY
|
||||
#define BADCERT_SKIP_VERIFY MBEDTLS_X509_BADCERT_SKIP_VERIFY
|
||||
#define BADCRL_EXPIRED MBEDTLS_X509_BADCRL_EXPIRED
|
||||
#define BADCRL_FUTURE MBEDTLS_BADCRL_FUTURE
|
||||
#define BADCRL_FUTURE MBEDTLS_X509_BADCRL_FUTURE
|
||||
#define BADCRL_NOT_TRUSTED MBEDTLS_X509_BADCRL_NOT_TRUSTED
|
||||
#define BLOWFISH_BLOCKSIZE MBEDTLS_BLOWFISH_BLOCKSIZE
|
||||
#define BLOWFISH_DECRYPT MBEDTLS_BLOWFISH_DECRYPT
|
||||
@ -745,29 +745,29 @@
|
||||
#define ENTROPY_MIN_PLATFORM MBEDTLS_ENTROPY_MIN_PLATFORM
|
||||
#define ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_SOURCE_MANUAL
|
||||
#define EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER
|
||||
#define EXT_BASIC_CONSTRAINTS MBEDTLS_EXT_BASIC_CONSTRAINTS
|
||||
#define EXT_BASIC_CONSTRAINTS MBEDTLS_X509_EXT_BASIC_CONSTRAINTS
|
||||
#define EXT_CERTIFICATE_POLICIES MBEDTLS_X509_EXT_CERTIFICATE_POLICIES
|
||||
#define EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_EXT_CRL_DISTRIBUTION_POINTS
|
||||
#define EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS
|
||||
#define EXT_EXTENDED_KEY_USAGE MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE
|
||||
#define EXT_FRESHEST_CRL MBEDTLS_EXT_FRESHEST_CRL
|
||||
#define EXT_FRESHEST_CRL MBEDTLS_X509_EXT_FRESHEST_CRL
|
||||
#define EXT_INIHIBIT_ANYPOLICY MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY
|
||||
#define EXT_ISSUER_ALT_NAME MBEDTLS_EXT_ISSUER_ALT_NAME
|
||||
#define EXT_ISSUER_ALT_NAME MBEDTLS_X509_EXT_ISSUER_ALT_NAME
|
||||
#define EXT_KEY_USAGE MBEDTLS_X509_EXT_KEY_USAGE
|
||||
#define EXT_NAME_CONSTRAINTS MBEDTLS_EXT_NAME_CONSTRAINTS
|
||||
#define EXT_NAME_CONSTRAINTS MBEDTLS_X509_EXT_NAME_CONSTRAINTS
|
||||
#define EXT_NS_CERT_TYPE MBEDTLS_X509_EXT_NS_CERT_TYPE
|
||||
#define EXT_POLICY_CONSTRAINTS MBEDTLS_EXT_POLICY_CONSTRAINTS
|
||||
#define EXT_POLICY_CONSTRAINTS MBEDTLS_X509_EXT_POLICY_CONSTRAINTS
|
||||
#define EXT_POLICY_MAPPINGS MBEDTLS_X509_EXT_POLICY_MAPPINGS
|
||||
#define EXT_SUBJECT_ALT_NAME MBEDTLS_EXT_SUBJECT_ALT_NAME
|
||||
#define EXT_SUBJECT_ALT_NAME MBEDTLS_X509_EXT_SUBJECT_ALT_NAME
|
||||
#define EXT_SUBJECT_DIRECTORY_ATTRS MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS
|
||||
#define EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_EXT_SUBJECT_KEY_IDENTIFIER
|
||||
#define EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER
|
||||
#define GCM_DECRYPT MBEDTLS_GCM_DECRYPT
|
||||
#define GCM_ENCRYPT MBEDTLS_GCM_ENCRYPT
|
||||
#define KU_CRL_SIGN MBEDTLS_X509_KU_CRL_SIGN
|
||||
#define KU_DATA_ENCIPHERMENT MBEDTLS_KU_DATA_ENCIPHERMENT
|
||||
#define KU_DATA_ENCIPHERMENT MBEDTLS_X509_KU_DATA_ENCIPHERMENT
|
||||
#define KU_DIGITAL_SIGNATURE MBEDTLS_X509_KU_DIGITAL_SIGNATURE
|
||||
#define KU_KEY_AGREEMENT MBEDTLS_KU_KEY_AGREEMENT
|
||||
#define KU_KEY_AGREEMENT MBEDTLS_X509_KU_KEY_AGREEMENT
|
||||
#define KU_KEY_CERT_SIGN MBEDTLS_X509_KU_KEY_CERT_SIGN
|
||||
#define KU_KEY_ENCIPHERMENT MBEDTLS_KU_KEY_ENCIPHERMENT
|
||||
#define KU_KEY_ENCIPHERMENT MBEDTLS_X509_KU_KEY_ENCIPHERMENT
|
||||
#define KU_NON_REPUDIATION MBEDTLS_X509_KU_NON_REPUDIATION
|
||||
#define LN_2_DIV_LN_10_SCALE100 MBEDTLS_LN_2_DIV_LN_10_SCALE100
|
||||
#define MD_CONTEXT_T_INIT MBEDTLS_MD_CONTEXT_T_INIT
|
||||
@ -779,13 +779,13 @@
|
||||
#define NET_PROTO_TCP MBEDTLS_NET_PROTO_TCP
|
||||
#define NET_PROTO_UDP MBEDTLS_NET_PROTO_UDP
|
||||
#define NS_CERT_TYPE_EMAIL MBEDTLS_X509_NS_CERT_TYPE_EMAIL
|
||||
#define NS_CERT_TYPE_EMAIL_CA MBEDTLS_NS_CERT_TYPE_EMAIL_CA
|
||||
#define NS_CERT_TYPE_EMAIL_CA MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA
|
||||
#define NS_CERT_TYPE_OBJECT_SIGNING MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING
|
||||
#define NS_CERT_TYPE_OBJECT_SIGNING_CA MBEDTLS_NS_CERT_TYPE_OBJECT_SIGNING_CA
|
||||
#define NS_CERT_TYPE_OBJECT_SIGNING_CA MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA
|
||||
#define NS_CERT_TYPE_RESERVED MBEDTLS_X509_NS_CERT_TYPE_RESERVED
|
||||
#define NS_CERT_TYPE_SSL_CA MBEDTLS_NS_CERT_TYPE_SSL_CA
|
||||
#define NS_CERT_TYPE_SSL_CA MBEDTLS_X509_NS_CERT_TYPE_SSL_CA
|
||||
#define NS_CERT_TYPE_SSL_CLIENT MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT
|
||||
#define NS_CERT_TYPE_SSL_SERVER MBEDTLS_NS_CERT_TYPE_SSL_SERVER
|
||||
#define NS_CERT_TYPE_SSL_SERVER MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER
|
||||
#define OID_ANSI_X9_62 MBEDTLS_OID_ANSI_X9_62
|
||||
#define OID_ANSI_X9_62_FIELD_TYPE MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE
|
||||
#define OID_ANSI_X9_62_PRIME_FIELD MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD
|
||||
|
||||
@ -83,20 +83,20 @@
|
||||
* \{
|
||||
*/
|
||||
/* Reminder: update x509_crt_verify_strings[] in library/x509_crt.c */
|
||||
#define MBEDTLS_BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */
|
||||
#define MBEDTLS_X509_BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */
|
||||
#define MBEDTLS_X509_BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */
|
||||
#define MBEDTLS_X509_BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */
|
||||
#define MBEDTLS_X509_BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */
|
||||
#define MBEDTLS_X509_BADCRL_NOT_TRUSTED 0x10 /**< The CRL is not correctly signed by the trusted CA. */
|
||||
#define MBEDTLS_X509_BADCRL_EXPIRED 0x20 /**< The CRL is expired. */
|
||||
#define MBEDTLS_BADCERT_MISSING 0x40 /**< Certificate was missing. */
|
||||
#define MBEDTLS_BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */
|
||||
#define MBEDTLS_BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */
|
||||
#define MBEDTLS_X509_BADCERT_MISSING 0x40 /**< Certificate was missing. */
|
||||
#define MBEDTLS_X509_BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */
|
||||
#define MBEDTLS_X509_BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */
|
||||
#define MBEDTLS_X509_BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */
|
||||
#define MBEDTLS_BADCRL_FUTURE 0x0400 /**< The CRL is from the future */
|
||||
#define MBEDTLS_BADCERT_KEY_USAGE 0x0800 /**< Usage does not match the keyUsage extension. */
|
||||
#define MBEDTLS_BADCERT_EXT_KEY_USAGE 0x1000 /**< Usage does not match the extendedKeyUsage extension. */
|
||||
#define MBEDTLS_BADCERT_NS_CERT_TYPE 0x2000 /**< Usage does not match the nsCertType extension. */
|
||||
#define MBEDTLS_X509_BADCRL_FUTURE 0x0400 /**< The CRL is from the future */
|
||||
#define MBEDTLS_X509_BADCERT_KEY_USAGE 0x0800 /**< Usage does not match the keyUsage extension. */
|
||||
#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE 0x1000 /**< Usage does not match the extendedKeyUsage extension. */
|
||||
#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE 0x2000 /**< Usage does not match the nsCertType extension. */
|
||||
/* \} name */
|
||||
/* \} addtogroup x509_module */
|
||||
|
||||
@ -105,9 +105,9 @@
|
||||
*/
|
||||
#define MBEDTLS_X509_KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
|
||||
#define MBEDTLS_X509_KU_NON_REPUDIATION (0x40) /* bit 1 */
|
||||
#define MBEDTLS_KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
|
||||
#define MBEDTLS_KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
|
||||
#define MBEDTLS_KU_KEY_AGREEMENT (0x08) /* bit 4 */
|
||||
#define MBEDTLS_X509_KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
|
||||
#define MBEDTLS_X509_KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
|
||||
#define MBEDTLS_X509_KU_KEY_AGREEMENT (0x08) /* bit 4 */
|
||||
#define MBEDTLS_X509_KU_KEY_CERT_SIGN (0x04) /* bit 5 */
|
||||
#define MBEDTLS_X509_KU_CRL_SIGN (0x02) /* bit 6 */
|
||||
|
||||
@ -117,13 +117,13 @@
|
||||
*/
|
||||
|
||||
#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */
|
||||
#define MBEDTLS_NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
|
||||
#define MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
|
||||
#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */
|
||||
#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */
|
||||
#define MBEDTLS_X509_NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */
|
||||
#define MBEDTLS_NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
|
||||
#define MBEDTLS_NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
|
||||
#define MBEDTLS_NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
|
||||
#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
|
||||
#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
|
||||
#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
|
||||
|
||||
/*
|
||||
* X.509 extension types
|
||||
@ -132,20 +132,20 @@
|
||||
* different for writing certificates or reading CRLs or CSRs.
|
||||
*/
|
||||
#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
|
||||
#define MBEDTLS_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
|
||||
#define MBEDTLS_X509_EXT_KEY_USAGE (1 << 2) /* Parsed but not used */
|
||||
#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
|
||||
#define MBEDTLS_X509_EXT_KEY_USAGE (1 << 2)
|
||||
#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES (1 << 3)
|
||||
#define MBEDTLS_X509_EXT_POLICY_MAPPINGS (1 << 4)
|
||||
#define MBEDTLS_EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */
|
||||
#define MBEDTLS_EXT_ISSUER_ALT_NAME (1 << 6)
|
||||
#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */
|
||||
#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME (1 << 6)
|
||||
#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
|
||||
#define MBEDTLS_EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */
|
||||
#define MBEDTLS_EXT_NAME_CONSTRAINTS (1 << 9)
|
||||
#define MBEDTLS_EXT_POLICY_CONSTRAINTS (1 << 10)
|
||||
#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE (1 << 11) /* Parsed but not used */
|
||||
#define MBEDTLS_EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
|
||||
#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */
|
||||
#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS (1 << 9)
|
||||
#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS (1 << 10)
|
||||
#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE (1 << 11)
|
||||
#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
|
||||
#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13)
|
||||
#define MBEDTLS_EXT_FRESHEST_CRL (1 << 14)
|
||||
#define MBEDTLS_X509_EXT_FRESHEST_CRL (1 << 14)
|
||||
|
||||
#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */
|
||||
|
||||
|
||||
@ -279,7 +279,7 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
|
||||
* \brief Check usage of certificate against keyUsage extension.
|
||||
*
|
||||
* \param crt Leaf certificate used.
|
||||
* \param usage Intended usage(s) (eg MBEDTLS_KU_KEY_ENCIPHERMENT before using the
|
||||
* \param usage Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT before using the
|
||||
* certificate to perform an RSA key exchange).
|
||||
*
|
||||
* \return 0 is these uses of the certificate are allowed,
|
||||
|
||||
Reference in New Issue
Block a user