yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 17:55:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move key_usage to more that 8 bits

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-03-27 16:50:00 +01:00
parent 1022fed36e
commit 1d0ca1a336
3 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -6,6 +6,7 @@ Features
* Support for DTLS 1.0 and 1.2 (RFC 6347). * Support for DTLS 1.0 and 1.2 (RFC 6347).
API Changes API Changes
* Last argument of x509_crt_check_key_usage() changed from int to unsigned.
* test_ca_list (from certs.h) is renamed to test_cas_pem and is only * test_ca_list (from certs.h) is renamed to test_cas_pem and is only
available if POLARSSL_PEM_PARSE_C is defined (it never worked without). available if POLARSSL_PEM_PARSE_C is defined (it never worked without).
* Test certificates in certs.c are no longer guaranteed to be nul-terminated * Test certificates in certs.c are no longer guaranteed to be nul-terminated
@ -33,6 +34,7 @@ New deprecations
Semi-API changes (technically public, morally private) Semi-API changes (technically public, morally private)
* Change md_info_t into an opaque structure (use md_get_xxx() accessors). * Change md_info_t into an opaque structure (use md_get_xxx() accessors).
* Remove sig_oid2 and rename sig_oid1 to sig_oid in x509_crt and x509_crl. * Remove sig_oid2 and rename sig_oid1 to sig_oid in x509_crt and x509_crl.
* x509_crt.key_usage changed from unsigned char to unsigned int.
Changes Changes
* Support for receiving SSLv2 ClientHello is now disabled by default at * Support for receiving SSLv2 ClientHello is now disabled by default at

4
include/mbedtls/x509_crt.h
View File

@ -79,7 +79,7 @@ typedef struct _x509_crt
int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */ int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */
unsigned char key_usage; /**< Optional key usage extension value: See the values in x509.h */ unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */
x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
@ -261,7 +261,7 @@ int x509_crt_verify( x509_crt *crt,
* (intermediate) CAs the keyUsage extension is automatically * (intermediate) CAs the keyUsage extension is automatically
* checked by \c x509_crt_verify(). * checked by \c x509_crt_verify().
*/ */
int x509_crt_check_key_usage( const x509_crt *crt, int usage ); int x509_crt_check_key_usage( const x509_crt *crt, unsigned int usage );
#endif /* POLARSSL_X509_CHECK_KEY_USAGE) */ #endif /* POLARSSL_X509_CHECK_KEY_USAGE) */
#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) #if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE)

4
library/x509_crt.c
View File

@ -247,7 +247,7 @@ static int x509_get_ns_cert_type( unsigned char **p,
static int x509_get_key_usage( unsigned char **p, static int x509_get_key_usage( unsigned char **p,
const unsigned char *end, const unsigned char *end,
unsigned char *key_usage) unsigned int *key_usage)
{ {
int ret; int ret;
x509_bitstring bs = { 0, 0, NULL }; x509_bitstring bs = { 0, 0, NULL };
@ -1381,7 +1381,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
} }
#if defined(POLARSSL_X509_CHECK_KEY_USAGE) #if defined(POLARSSL_X509_CHECK_KEY_USAGE)
int x509_crt_check_key_usage( const x509_crt *crt, int usage ) int x509_crt_check_key_usage( const x509_crt *crt, unsigned int usage )
{ {
if( ( crt->ext_types & EXT_KEY_USAGE ) != 0 && if( ( crt->ext_types & EXT_KEY_USAGE ) != 0 &&
( crt->key_usage & usage ) != usage ) ( crt->key_usage & usage ) != usage )