mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 14:05:28 +00:00
Extract name checking to separate function
Just copy-paste and unindent
This commit is contained in:
parent
6368612a8f
commit
1300e99eb1
|
@ -2154,52 +2154,16 @@ callback:
|
|||
}
|
||||
|
||||
/*
|
||||
* Verify the certificate validity
|
||||
* Verify the requested CN - only call this if cn is not NULL!
|
||||
*/
|
||||
int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
|
||||
mbedtls_x509_crt *trust_ca,
|
||||
mbedtls_x509_crl *ca_crl,
|
||||
const char *cn, uint32_t *flags,
|
||||
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||
void *p_vrfy )
|
||||
static void x509_crt_verify_name( mbedtls_x509_crt *crt,
|
||||
const char *cn,
|
||||
uint32_t *flags )
|
||||
{
|
||||
return( mbedtls_x509_crt_verify_with_profile( crt, trust_ca, ca_crl,
|
||||
&mbedtls_x509_crt_profile_default, cn, flags, f_vrfy, p_vrfy ) );
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Verify the certificate validity, with profile
|
||||
*
|
||||
* This function only checks the requested CN (if any) and then delegates
|
||||
* chain building/verification to verify_chain(). Before that, it checks the
|
||||
* key size of the EE certificate, as verify_chain() will only verify that of
|
||||
* parent certificates.
|
||||
*/
|
||||
int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
|
||||
mbedtls_x509_crt *trust_ca,
|
||||
mbedtls_x509_crl *ca_crl,
|
||||
const mbedtls_x509_crt_profile *profile,
|
||||
const char *cn, uint32_t *flags,
|
||||
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||
void *p_vrfy )
|
||||
{
|
||||
size_t cn_len;
|
||||
int ret;
|
||||
mbedtls_x509_name *name;
|
||||
mbedtls_x509_sequence *cur = NULL;
|
||||
mbedtls_pk_type_t pk_type;
|
||||
size_t cn_len;
|
||||
|
||||
*flags = 0;
|
||||
|
||||
if( profile == NULL )
|
||||
{
|
||||
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( cn != NULL )
|
||||
{
|
||||
name = &crt->subject;
|
||||
cn_len = strlen( cn );
|
||||
|
||||
|
@ -2250,6 +2214,51 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
|
|||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Verify the certificate validity
|
||||
*/
|
||||
int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
|
||||
mbedtls_x509_crt *trust_ca,
|
||||
mbedtls_x509_crl *ca_crl,
|
||||
const char *cn, uint32_t *flags,
|
||||
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||
void *p_vrfy )
|
||||
{
|
||||
return( mbedtls_x509_crt_verify_with_profile( crt, trust_ca, ca_crl,
|
||||
&mbedtls_x509_crt_profile_default, cn, flags, f_vrfy, p_vrfy ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Verify the certificate validity, with profile
|
||||
*
|
||||
* This function only checks the requested CN (if any) and then delegates
|
||||
* chain building/verification to verify_chain(). Before that, it checks the
|
||||
* key size of the EE certificate, as verify_chain() will only verify that of
|
||||
* parent certificates.
|
||||
*/
|
||||
int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
|
||||
mbedtls_x509_crt *trust_ca,
|
||||
mbedtls_x509_crl *ca_crl,
|
||||
const mbedtls_x509_crt_profile *profile,
|
||||
const char *cn, uint32_t *flags,
|
||||
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||
void *p_vrfy )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_pk_type_t pk_type;
|
||||
|
||||
*flags = 0;
|
||||
|
||||
if( profile == NULL )
|
||||
{
|
||||
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* check name if requested */
|
||||
if( cn != NULL )
|
||||
x509_crt_verify_name( crt, cn, flags );
|
||||
|
||||
/* Check the type and size of the key */
|
||||
pk_type = mbedtls_pk_get_type( &crt->pk );
|
||||
|
||||
|
|
Loading…
Reference in a new issue