Move common functions for crt/csr parsing to x509.c
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index abd36b8..aa1cd08 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -250,6 +250,56 @@
}
mbedtls_x509_time;
+/**
+ * From RFC 5280 section 4.2.1.6:
+ * OtherName ::= SEQUENCE {
+ * type-id OBJECT IDENTIFIER,
+ * value [0] EXPLICIT ANY DEFINED BY type-id }
+ *
+ * Future versions of the library may add new fields to this structure or
+ * to its embedded union and structure.
+ */
+typedef struct mbedtls_x509_san_other_name {
+ /**
+ * The type_id is an OID as defined in RFC 5280.
+ * To check the value of the type id, you should use
+ * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf.
+ */
+ mbedtls_x509_buf type_id; /**< The type id. */
+ union {
+ /**
+ * From RFC 4108 section 5:
+ * HardwareModuleName ::= SEQUENCE {
+ * hwType OBJECT IDENTIFIER,
+ * hwSerialNum OCTET STRING }
+ */
+ struct {
+ mbedtls_x509_buf oid; /**< The object identifier. */
+ mbedtls_x509_buf val; /**< The named value. */
+ }
+ hardware_module_name;
+ }
+ value;
+}
+mbedtls_x509_san_other_name;
+
+/**
+ * A structure for holding the parsed Subject Alternative Name,
+ * according to type.
+ *
+ * Future versions of the library may add new fields to this structure or
+ * to its embedded union and structure.
+ */
+typedef struct mbedtls_x509_subject_alternative_name {
+ int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
+ union {
+ mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
+ mbedtls_x509_buf unstructured_name; /**< The buffer for the un constructed types. Only dnsName currently supported */
+ }
+ san; /**< A union of the supported SAN types */
+}
+mbedtls_x509_subject_alternative_name;
+
/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */
/**
@@ -326,6 +376,36 @@
*/
int mbedtls_x509_time_is_future(const mbedtls_x509_time *from);
+/**
+ * \brief This function parses an item in the SubjectAlternativeNames
+ * extension.
+ *
+ * \param san_buf The buffer holding the raw data item of the subject
+ * alternative name.
+ * \param san The target structure to populate with the parsed presentation
+ * of the subject alternative name encoded in \p san_raw.
+ *
+ * \note Only "dnsName" and "otherName" of type hardware_module_name
+ * as defined in RFC 4180 is supported.
+ *
+ * \note This function should be called on a single raw data of
+ * subject alternative name. For example, after successful
+ * certificate parsing, one must iterate on every item in the
+ * \p crt->subject_alt_names sequence, and pass it to
+ * this function.
+ *
+ * \warning The target structure contains pointers to the raw data of the
+ * parsed certificate, and its lifetime is restricted by the
+ * lifetime of the certificate.
+ *
+ * \return \c 0 on success
+ * \return #MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE for an unsupported
+ * SAN type.
+ * \return Another negative value for any other failure.
+ */
+int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
+ mbedtls_x509_subject_alternative_name *san);
+
/** \} addtogroup x509_module */
/*
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 661f8aa..2060835 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -103,56 +103,6 @@
mbedtls_x509_crt;
/**
- * From RFC 5280 section 4.2.1.6:
- * OtherName ::= SEQUENCE {
- * type-id OBJECT IDENTIFIER,
- * value [0] EXPLICIT ANY DEFINED BY type-id }
- *
- * Future versions of the library may add new fields to this structure or
- * to its embedded union and structure.
- */
-typedef struct mbedtls_x509_san_other_name {
- /**
- * The type_id is an OID as defined in RFC 5280.
- * To check the value of the type id, you should use
- * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf.
- */
- mbedtls_x509_buf type_id; /**< The type id. */
- union {
- /**
- * From RFC 4108 section 5:
- * HardwareModuleName ::= SEQUENCE {
- * hwType OBJECT IDENTIFIER,
- * hwSerialNum OCTET STRING }
- */
- struct {
- mbedtls_x509_buf oid; /**< The object identifier. */
- mbedtls_x509_buf val; /**< The named value. */
- }
- hardware_module_name;
- }
- value;
-}
-mbedtls_x509_san_other_name;
-
-/**
- * A structure for holding the parsed Subject Alternative Name,
- * according to type.
- *
- * Future versions of the library may add new fields to this structure or
- * to its embedded union and structure.
- */
-typedef struct mbedtls_x509_subject_alternative_name {
- int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
- union {
- mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
- mbedtls_x509_buf unstructured_name; /**< The buffer for the un constructed types. Only dnsName currently supported */
- }
- san; /**< A union of the supported SAN types */
-}
-mbedtls_x509_subject_alternative_name;
-
-/**
* Build flag from an algorithm/curve identifier (pk, md, ecp)
* Since 0 is always XXX_NONE, ignore it.
*/
@@ -589,36 +539,6 @@
int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
#endif /* MBEDTLS_FS_IO */
-/**
- * \brief This function parses an item in the SubjectAlternativeNames
- * extension.
- *
- * \param san_buf The buffer holding the raw data item of the subject
- * alternative name.
- * \param san The target structure to populate with the parsed presentation
- * of the subject alternative name encoded in \p san_raw.
- *
- * \note Only "dnsName" and "otherName" of type hardware_module_name
- * as defined in RFC 4180 is supported.
- *
- * \note This function should be called on a single raw data of
- * subject alternative name. For example, after successful
- * certificate parsing, one must iterate on every item in the
- * \p crt->subject_alt_names sequence, and pass it to
- * this function.
- *
- * \warning The target structure contains pointers to the raw data of the
- * parsed certificate, and its lifetime is restricted by the
- * lifetime of the certificate.
- *
- * \return \c 0 on success
- * \return #MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE for an unsupported
- * SAN type.
- * \return Another negative value for any other failure.
- */
-int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
- mbedtls_x509_subject_alternative_name *san);
-
#if !defined(MBEDTLS_X509_REMOVE_INFO)
/**
* \brief Returns an informational string about the