mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-01 12:32:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow read-only access to lists of certificates, CRL, CRL entries

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-08-31 23:18:07 +02:00
parent 2e9d65f928
commit ca939959e4
6 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
include/mbedtls/x509_crl.h
View File

@ -63,7 +63,10 @@ typedef struct mbedtls_x509_crl_entry
* `entry_ext.p == NULL`. */
mbedtls_x509_buf entry_ext;
struct mbedtls_x509_crl_entry *MBEDTLS_PRIVATE(next);
/** Next element in the linked list of entries.
* \p NULL indicates the end of the list.
* Do not modify this field directly. */
struct mbedtls_x509_crl_entry *next;
}
mbedtls_x509_crl_entry;
@ -96,7 +99,10 @@ typedef struct mbedtls_x509_crl
mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
struct mbedtls_x509_crl *MBEDTLS_PRIVATE(next);
/** Next element in the linked list of CRL.
* \p NULL indicates the end of the list.
* Do not modify this field directly. */
struct mbedtls_x509_crl *next;
}
mbedtls_x509_crl;

5
include/mbedtls/x509_crt.h
View File

@ -95,7 +95,10 @@ typedef struct mbedtls_x509_crt
mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
struct mbedtls_x509_crt *MBEDTLS_PRIVATE(next); /**< Next certificate in the CA-chain. */
/** Next certificate in the linked list that constitutes the CA chain.
* \p NULL indicates the end of the list.
* Do not modify this field directly. */
struct mbedtls_x509_crt *next;
}
mbedtls_x509_crt;

2
programs/ssl/dtls_server.c
View File

@ -226,7 +226,7 @@ int main( void )
mbedtls_ssl_cache_set );
#endif
mbedtls_ssl_conf_ca_chain( &conf, srvcert.MBEDTLS_PRIVATE(next), NULL );
mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );

2
programs/ssl/ssl_fork_server.c
View File

@ -190,7 +190,7 @@ int main( void )
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_ca_chain( &conf, srvcert.MBEDTLS_PRIVATE(next), NULL );
mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );

2
programs/ssl/ssl_server.c
View File

@ -212,7 +212,7 @@ int main( void )
mbedtls_ssl_cache_set );
#endif
mbedtls_ssl_conf_ca_chain( &conf, srvcert.MBEDTLS_PRIVATE(next), NULL );
mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );

2
programs/x509/cert_app.c
View File

@ -331,7 +331,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( "%s\n", buf );
cur = cur->MBEDTLS_PRIVATE(next);
cur = cur->next;
}
/*