commit 1747304a7a3e86706261ad96447feb1b496ae490
author Andrzej Kurek <andrzej.kurek@arm.com> Sun Apr 30 14:11:23 2023 -0400
committer David Horstmann <david.horstmann@arm.com> Thu Jun 01 18:20:24 2023 +0100
tree 00a09542ec9727e1b976093cff0038b8388c4f64
parent 805a0a2d0662d2cde414d1f413c45a355bc23458

Update the descriptions of SANs

All of them are listed, so the previous description was wrong.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

include/mbedtls/x509.h

diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 7faf176..6f3b555 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -304,7 +304,7 @@
 typedef struct mbedtls_x509_subject_alternative_name {
     int type;                              /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
     union {
-        mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
+        mbedtls_x509_san_other_name other_name;
         mbedtls_x509_name directory_name;
         mbedtls_x509_buf unstructured_name; /**< The buffer for the unstructured types. rfc822Name, dnsName and uniformResourceIdentifier are currently supported. */
     }
@@ -401,7 +401,8 @@
  *                 of the subject alternative name encoded in \p san_raw.
  *
  * \note           Supported GeneralName types, as defined in RFC 5280:
- *                 "rfc822Name", "dnsName", "uniformResourceIdentifier" and "hardware_module_name"
+ *                 "rfc822Name", "dnsName", "directoryName",
+ *                 "uniformResourceIdentifier" and "hardware_module_name"
  *                 of type "otherName", as defined in RFC 4108.
  *
  * \note           This function should be called on a single raw data of

include/mbedtls/x509_crt.h

diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index e1b4aa2..803ef73 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -75,7 +75,7 @@
     mbedtls_x509_buf issuer_id;         /**< Optional X.509 v2/v3 issuer unique identifier. */
     mbedtls_x509_buf subject_id;        /**< Optional X.509 v2/v3 subject unique identifier. */
     mbedtls_x509_buf v3_ext;            /**< Optional X.509 v3 extensions.  */
-    mbedtls_x509_sequence subject_alt_names;    /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName, uniformResourceIdentifier, DirectoryName and OtherName are listed). */
+    mbedtls_x509_sequence subject_alt_names; /**< Optional list of raw entries of Subject Alternative Names extension. These can be later parsed by mbedtls_x509_parse_subject_alt_name. */
     mbedtls_x509_buf subject_key_id;    /**< Optional X.509 v3 extension subject key identifier. */
     mbedtls_x509_authority authority_key_id;    /**< Optional X.509 v3 extension authority key identifier. */
 

include/mbedtls/x509_csr.h

diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index f3f9e13..76e0238 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -60,7 +60,7 @@
 
     unsigned int key_usage;     /**< Optional key usage extension value: See the values in x509.h */
     unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */
-    mbedtls_x509_sequence subject_alt_names;    /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName and OtherName are listed). */
+    mbedtls_x509_sequence subject_alt_names; /**< Optional list of raw entries of Subject Alternative Names extension. These can be later parsed by mbedtls_x509_parse_subject_alt_name. */
 
     int MBEDTLS_PRIVATE(ext_types);              /**< Bit string containing detected and parsed extensions */