Make use of CRT acquire/release in mbedtls_x509_crt_check_key_usage

This commit is contained in:
Hanno Becker 2019-02-25 13:55:33 +00:00
parent 43bf900018
commit 45eedf1ace

View file

@ -1958,8 +1958,8 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
#endif /* !MBEDTLS_X509_REMOVE_INFO */ #endif /* !MBEDTLS_X509_REMOVE_INFO */
#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) #if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, static int x509_crt_check_key_usage_frame( const mbedtls_x509_crt_frame *crt,
unsigned int usage ) unsigned int usage )
{ {
unsigned int usage_must, usage_may; unsigned int usage_must, usage_may;
unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY
@ -1980,6 +1980,21 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
return( 0 ); return( 0 );
} }
int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
unsigned int usage )
{
int ret;
mbedtls_x509_crt_frame *frame;
ret = x509_crt_frame_acquire( crt, (mbedtls_x509_crt_frame**) &frame );
if( ret != 0 )
return( MBEDTLS_ERR_X509_FATAL_ERROR );
ret = x509_crt_check_key_usage_frame( frame, usage );
x509_crt_frame_release( crt, (mbedtls_x509_crt_frame*) frame );
return( ret );
}
#endif #endif
#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)