Give x509_{sequence|name}_free() external linkage
With the introduction of `mbedtls_x509_crt_get_{issuer|name}()`,
users need an easy way of freeing the dynamic name structures these
functions return.
To that end, this commit renames `x509_{sequence|name}_free()`
to `mbedtls_x509_{sequence|name}_free()` and gives them external linkage.
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 583bc12..2a9ce99 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -278,6 +278,26 @@
*/
int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
+/**
+ * \brief Free a dynamic linked list presentation of an X.509 name
+ * as returned e.g. by mbedtls_x509_crt_get_subject().
+ *
+ * \param name The address of the first name component. This may
+ * be \c NULL, in which case this functions returns
+ * immediately.
+ */
+void mbedtls_x509_name_free( mbedtls_x509_name *name );
+
+/**
+ * \brief Free a dynamic linked list presentation of an X.509 sequence
+ * as returned e.g. by mbedtls_x509_crt_get_subject_alt_name().
+ *
+ * \param seq The address of the first sequence component. This may
+ * be \c NULL, in which case this functions returns
+ * immediately.
+ */
+void mbedtls_x509_sequence_free( mbedtls_x509_sequence *seq );
+
#if defined(MBEDTLS_SELF_TEST)
/**
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index ca93e1a..ad6140c 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -720,7 +720,8 @@
*
* \return \c 0 on success. In this case, the user takes ownership
* of the name context, and is responsible for freeing it
- * once it's no longer needed.
+ * through a call to mbedtls_x509_name_free() once it's no
+ * longer needed.
* \return A negative error code on failure.
*/
int mbedtls_x509_crt_get_subject( mbedtls_x509_crt const *crt,
@@ -744,7 +745,8 @@
*
* \return \c 0 on success. In this case, the user takes ownership
* of the name context, and is responsible for freeing it
- * once it's no longer needed.
+ * through a call to mbedtls_x509_name_free() once it's no
+ * longer needed.
* \return A negative error code on failure.
*/
int mbedtls_x509_crt_get_issuer( mbedtls_x509_crt const *crt,
diff --git a/library/x509.c b/library/x509.c
index 72cadd0..55726da 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -1194,6 +1194,28 @@
}
#endif /* MBEDTLS_HAVE_TIME_DATE */
+void mbedtls_x509_name_free( mbedtls_x509_name *name )
+{
+ while( name != NULL )
+ {
+ mbedtls_x509_name *next = name->next;
+ mbedtls_platform_zeroize( name, sizeof( *name ) );
+ mbedtls_free( name );
+ name = next;
+ }
+}
+
+void mbedtls_x509_sequence_free( mbedtls_x509_sequence *seq )
+{
+ while( seq != NULL )
+ {
+ mbedtls_x509_sequence *next = seq->next;
+ mbedtls_platform_zeroize( seq, sizeof( *seq ) );
+ mbedtls_free( seq );
+ seq = next;
+ }
+}
+
#if defined(MBEDTLS_SELF_TEST)
#include "mbedtls/x509_crt.h"
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 643b561..46f139f 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -90,9 +90,6 @@
static int x509_crt_ext_key_usage_from_frame( mbedtls_x509_crt_frame *frame,
mbedtls_x509_sequence *ext_key_usage );
-static void x509_free_sequence( mbedtls_x509_sequence *seq );
-static void x509_free_name( mbedtls_x509_name *name );
-
int mbedtls_x509_crt_cache_provide_frame( mbedtls_x509_crt const *crt )
{
mbedtls_x509_crt_cache *cache = crt->cache;
@@ -2225,10 +2222,10 @@
mbedtls_x509_crt_pk_release( (mbedtls_x509_crt*) crt_raw, pk );
x509_crt_free_sig_info( &sig_info );
- x509_free_name( issuer.next );
- x509_free_name( subject.next );
- x509_free_sequence( ext_key_usage.next );
- x509_free_sequence( subject_alt_names.next );
+ mbedtls_x509_name_free( issuer.next );
+ mbedtls_x509_name_free( subject.next );
+ mbedtls_x509_sequence_free( ext_key_usage.next );
+ mbedtls_x509_sequence_free( subject_alt_names.next );
return( ret );
}
@@ -3445,28 +3442,6 @@
* Unallocate all certificate data
*/
-static void x509_free_sequence( mbedtls_x509_sequence *seq )
-{
- while( seq != NULL )
- {
- mbedtls_x509_sequence *next = seq->next;
- mbedtls_platform_zeroize( seq, sizeof( *seq ) );
- mbedtls_free( seq );
- seq = next;
- }
-}
-
-static void x509_free_name( mbedtls_x509_name *name )
-{
- while( name != NULL )
- {
- mbedtls_x509_name *next = name->next;
- mbedtls_platform_zeroize( name, sizeof( *name ) );
- mbedtls_free( name );
- name = next;
- }
-}
-
void mbedtls_x509_crt_free( mbedtls_x509_crt *crt )
{
mbedtls_x509_crt *cert_cur = crt;
@@ -3487,10 +3462,10 @@
mbedtls_free( cert_cur->sig_opts );
#endif
- x509_free_name( cert_cur->issuer.next );
- x509_free_name( cert_cur->subject.next );
- x509_free_sequence( cert_cur->ext_key_usage.next );
- x509_free_sequence( cert_cur->subject_alt_names.next );
+ mbedtls_x509_name_free( cert_cur->issuer.next );
+ mbedtls_x509_name_free( cert_cur->subject.next );
+ mbedtls_x509_sequence_free( cert_cur->ext_key_usage.next );
+ mbedtls_x509_sequence_free( cert_cur->subject_alt_names.next );
#endif /* !MBEDTLS_X509_ON_DEMAND_PARSING */
if( cert_cur->raw.p != NULL && cert_cur->own_buffer )