lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity

Fix some X509 macro names

Browse Source 
For some reason, during the great renaming, some names that should have been
prefixed with MBEDTLS_X509_ have only been prefixed with MBEDTLS_
This commit is contained in:
Manuel Pégourié-Gonnard
2015-04-20 12:19:02 +01:00
parent e75fa70b36
commit e6028c93f5
13 changed files with 143 additions and 143 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
library/oid.c
View File

@@ -261,7 +261,7 @@ static const oid_x509_ext_t oid_x509_ext[] =
{
{
{ ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" },
MBEDTLS_EXT_BASIC_CONSTRAINTS,
MBEDTLS_X509_EXT_BASIC_CONSTRAINTS,
},
{
{ ADD_LEN( MBEDTLS_OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" },
@@ -273,7 +273,7 @@ static const oid_x509_ext_t oid_x509_ext[] =
},
{
{ ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" },
MBEDTLS_EXT_SUBJECT_ALT_NAME,
MBEDTLS_X509_EXT_SUBJECT_ALT_NAME,
},
{
{ ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" },

14
library/ssl_tls.c
View File

@@ -3852,7 +3852,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
( ssl->authmode == MBEDTLS_SSL_VERIFY_NONE ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) )
{
ssl->session_negotiate->verify_result = MBEDTLS_BADCERT_SKIP_VERIFY;
ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
ssl->state++;
return( 0 );
@@ -3882,7 +3882,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) );
ssl->session_negotiate->verify_result = MBEDTLS_BADCERT_MISSING;
ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
if( ssl->authmode == MBEDTLS_SSL_VERIFY_OPTIONAL )
return( 0 );
else
@@ -3903,7 +3903,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) );
ssl->session_negotiate->verify_result = MBEDTLS_BADCERT_MISSING;
ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
if( ssl->authmode == MBEDTLS_SSL_VERIFY_REQUIRED )
return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE );
else
@@ -6817,7 +6817,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
{
case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
usage = MBEDTLS_KU_KEY_ENCIPHERMENT;
usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
break;
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
@@ -6828,7 +6828,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
usage = MBEDTLS_KU_KEY_AGREEMENT;
usage = MBEDTLS_X509_KU_KEY_AGREEMENT;
break;
/* Don't use default: we want warnings when adding new values */
@@ -6847,7 +6847,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
if( mbedtls_x509_crt_check_key_usage( cert, usage ) != 0 )
{
*flags |= MBEDTLS_BADCERT_KEY_USAGE;
*flags |= MBEDTLS_X509_BADCERT_KEY_USAGE;
ret = -1;
}
#else
@@ -6868,7 +6868,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
if( mbedtls_x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 )
{
*flags |= MBEDTLS_BADCERT_EXT_KEY_USAGE;
*flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE;
ret = -1;
}
#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */

48
library/x509_crt.c
View File

@@ -485,7 +485,7 @@ static int x509_get_crt_ext( unsigned char **p,
switch( ext_type )
{
case MBEDTLS_EXT_BASIC_CONSTRAINTS:
case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS:
/* Parse basic constraints */
if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
&crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
@@ -506,7 +506,7 @@ static int x509_get_crt_ext( unsigned char **p,
return( ret );
break;
case MBEDTLS_EXT_SUBJECT_ALT_NAME:
case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME:
/* Parse subject alt name */
if( ( ret = x509_get_subject_alt_name( p, end_ext_octet,
&crt->subject_alt_names ) ) != 0 )
@@ -1182,13 +1182,13 @@ static int x509_info_cert_type( char **buf, size_t *size,
const char *sep = "";
CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client" );
CERT_TYPE( MBEDTLS_NS_CERT_TYPE_SSL_SERVER, "SSL Server" );
CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server" );
CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email" );
CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing" );
CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved" );
CERT_TYPE( MBEDTLS_NS_CERT_TYPE_SSL_CA, "SSL CA" );
CERT_TYPE( MBEDTLS_NS_CERT_TYPE_EMAIL_CA, "Email CA" );
CERT_TYPE( MBEDTLS_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA" );
CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA" );
CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA" );
CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA" );
*size = n;
*buf = p;
@@ -1210,9 +1210,9 @@ static int x509_info_key_usage( char **buf, size_t *size,
KEY_USAGE( MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature" );
KEY_USAGE( MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation" );
KEY_USAGE( MBEDTLS_KU_KEY_ENCIPHERMENT, "Key Encipherment" );
KEY_USAGE( MBEDTLS_KU_DATA_ENCIPHERMENT, "Data Encipherment" );
KEY_USAGE( MBEDTLS_KU_KEY_AGREEMENT, "Key Agreement" );
KEY_USAGE( MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment" );
KEY_USAGE( MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment" );
KEY_USAGE( MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement" );
KEY_USAGE( MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign" );
KEY_USAGE( MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign" );
@@ -1323,7 +1323,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
* Optional extensions
*/
if( crt->ext_types & MBEDTLS_EXT_BASIC_CONSTRAINTS )
if( crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS )
{
ret = mbedtls_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix,
crt->ca_istrue ? "true" : "false" );
@@ -1336,7 +1336,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
}
}
if( crt->ext_types & MBEDTLS_EXT_SUBJECT_ALT_NAME )
if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
{
ret = mbedtls_snprintf( p, n, "\n%ssubject alt name : ", prefix );
SAFE_SNPRINTF();
@@ -1386,20 +1386,20 @@ struct x509_crt_verify_string {
};
static const struct x509_crt_verify_string x509_crt_verify_strings[] = {
{ MBEDTLS_BADCERT_EXPIRED, "The certificate validity has expired" },
{ MBEDTLS_X509_BADCERT_EXPIRED, "The certificate validity has expired" },
{ MBEDTLS_X509_BADCERT_REVOKED, "The certificate has been revoked (is on a CRL)" },
{ MBEDTLS_X509_BADCERT_CN_MISMATCH, "The certificate Common Name (CN) does not match with the expected CN" },
{ MBEDTLS_X509_BADCERT_NOT_TRUSTED, "The certificate is not correctly signed by the trusted CA" },
{ MBEDTLS_X509_BADCRL_NOT_TRUSTED, "The CRL is not correctly signed by the trusted CA" },
{ MBEDTLS_X509_BADCRL_EXPIRED, "The CRL is expired" },
{ MBEDTLS_BADCERT_MISSING, "Certificate was missing" },
{ MBEDTLS_BADCERT_SKIP_VERIFY, "Certificate verification was skipped" },
{ MBEDTLS_BADCERT_OTHER, "Other reason (can be used by verify callback)" },
{ MBEDTLS_X509_BADCERT_MISSING, "Certificate was missing" },
{ MBEDTLS_X509_BADCERT_SKIP_VERIFY, "Certificate verification was skipped" },
{ MBEDTLS_X509_BADCERT_OTHER, "Other reason (can be used by verify callback)" },
{ MBEDTLS_X509_BADCERT_FUTURE, "The certificate validity starts in the future" },
{ MBEDTLS_BADCRL_FUTURE, "The CRL is from the future" },
{ MBEDTLS_BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" },
{ MBEDTLS_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" },
{ MBEDTLS_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" },
{ MBEDTLS_X509_BADCRL_FUTURE, "The CRL is from the future" },
{ MBEDTLS_X509_BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" },
{ MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" },
{ MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" },
{ 0, NULL }
};
@@ -1568,7 +1568,7 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
flags |= MBEDTLS_X509_BADCRL_EXPIRED;
if( mbedtls_x509_time_future( &crl_list->this_update ) )
flags |= MBEDTLS_BADCRL_FUTURE;
flags |= MBEDTLS_X509_BADCRL_FUTURE;
/*
* Check if certificate is revoked
@@ -1773,7 +1773,7 @@ static int x509_crt_verify_top(
const mbedtls_md_info_t *md_info;
if( mbedtls_x509_time_expired( &child->valid_to ) )
*flags |= MBEDTLS_BADCERT_EXPIRED;
*flags |= MBEDTLS_X509_BADCERT_EXPIRED;
if( mbedtls_x509_time_future( &child->valid_from ) )
*flags |= MBEDTLS_X509_BADCERT_FUTURE;
@@ -1848,7 +1848,7 @@ static int x509_crt_verify_top(
#endif
if( mbedtls_x509_time_expired( &trust_ca->valid_to ) )
ca_flags |= MBEDTLS_BADCERT_EXPIRED;
ca_flags |= MBEDTLS_X509_BADCERT_EXPIRED;
if( mbedtls_x509_time_future( &trust_ca->valid_from ) )
ca_flags |= MBEDTLS_X509_BADCERT_FUTURE;
@@ -1895,7 +1895,7 @@ static int x509_crt_verify_child(
}
if( mbedtls_x509_time_expired( &child->valid_to ) )
*flags |= MBEDTLS_BADCERT_EXPIRED;
*flags |= MBEDTLS_X509_BADCERT_EXPIRED;
if( mbedtls_x509_time_future( &child->valid_from ) )
*flags |= MBEDTLS_X509_BADCERT_FUTURE;
@@ -1985,7 +1985,7 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
name = &crt->subject;
cn_len = strlen( cn );
if( crt->ext_types & MBEDTLS_EXT_SUBJECT_ALT_NAME )
if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
{
cur = &crt->subject_alt_names;