From 45eedf1ace042c55ea940aa17b827d0c8be9d0cb Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 25 Feb 2019 13:55:33 +0000 Subject: [PATCH] Make use of CRT acquire/release in mbedtls_x509_crt_check_key_usage --- library/x509_crt.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/library/x509_crt.c b/library/x509_crt.c index 95cea46f8..aa82c2cb2 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1958,8 +1958,8 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, #endif /* !MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) -int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, - unsigned int usage ) +static int x509_crt_check_key_usage_frame( const mbedtls_x509_crt_frame *crt, + unsigned int usage ) { unsigned int usage_must, usage_may; unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY @@ -1980,6 +1980,21 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, return( 0 ); } + +int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, + unsigned int usage ) +{ + int ret; + mbedtls_x509_crt_frame *frame; + ret = x509_crt_frame_acquire( crt, (mbedtls_x509_crt_frame**) &frame ); + if( ret != 0 ) + return( MBEDTLS_ERR_X509_FATAL_ERROR ); + + ret = x509_crt_check_key_usage_frame( frame, usage ); + x509_crt_frame_release( crt, (mbedtls_x509_crt_frame*) frame ); + + return( ret ); +} #endif #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)