mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 12:25:39 +01:00
Move key_usage to more that 8 bits
This commit is contained in:
parent
1022fed36e
commit
1d0ca1a336
@ -6,6 +6,7 @@ Features
|
||||
* Support for DTLS 1.0 and 1.2 (RFC 6347).
|
||||
|
||||
API Changes
|
||||
* Last argument of x509_crt_check_key_usage() changed from int to unsigned.
|
||||
* test_ca_list (from certs.h) is renamed to test_cas_pem and is only
|
||||
available if POLARSSL_PEM_PARSE_C is defined (it never worked without).
|
||||
* Test certificates in certs.c are no longer guaranteed to be nul-terminated
|
||||
@ -33,6 +34,7 @@ New deprecations
|
||||
Semi-API changes (technically public, morally private)
|
||||
* Change md_info_t into an opaque structure (use md_get_xxx() accessors).
|
||||
* Remove sig_oid2 and rename sig_oid1 to sig_oid in x509_crt and x509_crl.
|
||||
* x509_crt.key_usage changed from unsigned char to unsigned int.
|
||||
|
||||
Changes
|
||||
* Support for receiving SSLv2 ClientHello is now disabled by default at
|
||||
|
@ -79,7 +79,7 @@ typedef struct _x509_crt
|
||||
int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
|
||||
int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */
|
||||
|
||||
unsigned char key_usage; /**< Optional key usage extension value: See the values in x509.h */
|
||||
unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */
|
||||
|
||||
x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
|
||||
|
||||
@ -261,7 +261,7 @@ int x509_crt_verify( x509_crt *crt,
|
||||
* (intermediate) CAs the keyUsage extension is automatically
|
||||
* checked by \c x509_crt_verify().
|
||||
*/
|
||||
int x509_crt_check_key_usage( const x509_crt *crt, int usage );
|
||||
int x509_crt_check_key_usage( const x509_crt *crt, unsigned int usage );
|
||||
#endif /* POLARSSL_X509_CHECK_KEY_USAGE) */
|
||||
|
||||
#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE)
|
||||
|
@ -247,7 +247,7 @@ static int x509_get_ns_cert_type( unsigned char **p,
|
||||
|
||||
static int x509_get_key_usage( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
unsigned char *key_usage)
|
||||
unsigned int *key_usage)
|
||||
{
|
||||
int ret;
|
||||
x509_bitstring bs = { 0, 0, NULL };
|
||||
@ -1381,7 +1381,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_X509_CHECK_KEY_USAGE)
|
||||
int x509_crt_check_key_usage( const x509_crt *crt, int usage )
|
||||
int x509_crt_check_key_usage( const x509_crt *crt, unsigned int usage )
|
||||
{
|
||||
if( ( crt->ext_types & EXT_KEY_USAGE ) != 0 &&
|
||||
( crt->key_usage & usage ) != usage )
|
||||
|
Loading…
Reference in New Issue
Block a user