Change X.509 verify flags to uint32_t
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 7d22b48..5d04497 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -850,7 +850,7 @@
{
mbedtls_ssl_key_cert *cur, *list, *fallback = NULL;
mbedtls_pk_type_t pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
- int flags;
+ uint32_t flags;
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
if( ssl->handshake->sni_key_cert != NULL )
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6918e4b..73c3a74 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5219,7 +5219,7 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
conf->f_vrfy = f_vrfy;
@@ -5682,7 +5682,7 @@
return( ssl->in_offt == NULL ? 0 : ssl->in_msglen );
}
-int mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl )
+uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl )
{
if( ssl->session != NULL )
return( ssl->session->verify_result );
@@ -6828,7 +6828,7 @@
int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
const mbedtls_ssl_ciphersuite_t *ciphersuite,
int cert_endpoint,
- int *flags )
+ uint32_t *flags )
{
int ret = 0;
#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
diff --git a/library/x509.c b/library/x509.c
index 2205400..55daf74 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -998,7 +998,7 @@
{
#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA1_C)
int ret;
- int flags;
+ uint32_t flags;
mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert;
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 6aab3bf..4ebae77 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1408,7 +1408,7 @@
};
int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
- int flags )
+ uint32_t flags )
{
int ret;
const struct x509_crt_verify_string *cur;
@@ -1767,12 +1767,13 @@
static int x509_crt_verify_top(
mbedtls_x509_crt *child, mbedtls_x509_crt *trust_ca,
- mbedtls_x509_crl *ca_crl, int path_cnt, int *flags,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
+ mbedtls_x509_crl *ca_crl, int path_cnt, uint32_t *flags,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
int ret;
- int ca_flags = 0, check_path_cnt = path_cnt + 1;
+ uint32_t ca_flags = 0;
+ int check_path_cnt = path_cnt + 1;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
const mbedtls_md_info_t *md_info;
@@ -1881,12 +1882,12 @@
static int x509_crt_verify_child(
mbedtls_x509_crt *child, mbedtls_x509_crt *parent, mbedtls_x509_crt *trust_ca,
- mbedtls_x509_crl *ca_crl, int path_cnt, int *flags,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
+ mbedtls_x509_crl *ca_crl, int path_cnt, uint32_t *flags,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
int ret;
- int parent_flags = 0;
+ uint32_t parent_flags = 0;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
mbedtls_x509_crt *grandparent;
const mbedtls_md_info_t *md_info;
@@ -1971,8 +1972,8 @@
int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl,
- const char *cn, int *flags,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
+ const char *cn, uint32_t *flags,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
size_t cn_len;