Remove MBEDTLS_OID_X509_EXT_xxx constants
They're just aliases for the corresponding MBEDTLS_X509_EXT_xxx. We don't
need separate names.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 18df19c..9d988a1 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -167,26 +167,23 @@
*
* Comments refer to the status for using certificates. Status can be
* different for writing certificates or reading CRLs or CSRs.
- *
- * Those are defined in oid.h as oid.c needs them in a data structure. Since
- * these were previously defined here, let's have aliases for compatibility.
*/
-#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER
-#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER
-#define MBEDTLS_X509_EXT_KEY_USAGE MBEDTLS_OID_X509_EXT_KEY_USAGE
-#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES
-#define MBEDTLS_X509_EXT_POLICY_MAPPINGS MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS
-#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME /* Supported (DNS) */
-#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME
-#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS
-#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS /* Supported */
-#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS
-#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS
-#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE
-#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS
-#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY
-#define MBEDTLS_X509_EXT_FRESHEST_CRL MBEDTLS_OID_X509_EXT_FRESHEST_CRL
-#define MBEDTLS_X509_EXT_NS_CERT_TYPE MBEDTLS_OID_X509_EXT_NS_CERT_TYPE
+#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
+#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
+#define MBEDTLS_X509_EXT_KEY_USAGE (1 << 2)
+#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES (1 << 3)
+#define MBEDTLS_X509_EXT_POLICY_MAPPINGS (1 << 4)
+#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */
+#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME (1 << 6)
+#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
+#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */
+#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS (1 << 9)
+#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS (1 << 10)
+#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE (1 << 11)
+#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
+#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13)
+#define MBEDTLS_X509_EXT_FRESHEST_CRL (1 << 14)
+#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16)
/*
* Storage format identifiers
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 5528763..0b0e8d1 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1015,7 +1015,7 @@
}
break;
- case MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES:
+ case MBEDTLS_X509_EXT_CERTIFICATE_POLICIES:
/* Parse certificate policies type */
if ((ret = x509_get_certificate_policies(p, end_ext_octet,
&crt->certificate_policies)) != 0) {
@@ -1866,7 +1866,7 @@
}
}
- if (crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES) {
+ if (crt->ext_types & MBEDTLS_X509_EXT_CERTIFICATE_POLICIES) {
ret = mbedtls_snprintf(p, n, "\n%scertificate policies : ", prefix);
MBEDTLS_X509_SAFE_SNPRINTF;
diff --git a/library/x509_oid.c b/library/x509_oid.c
index f5eb8fe..0a5da54 100644
--- a/library/x509_oid.c
+++ b/library/x509_oid.c
@@ -273,47 +273,47 @@
OID_DESCRIPTOR(MBEDTLS_OID_BASIC_CONSTRAINTS,
"id-ce-basicConstraints",
"Basic Constraints"),
- MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS,
+ MBEDTLS_X509_EXT_BASIC_CONSTRAINTS,
},
{
OID_DESCRIPTOR(MBEDTLS_OID_KEY_USAGE, "id-ce-keyUsage", "Key Usage"),
- MBEDTLS_OID_X509_EXT_KEY_USAGE,
+ MBEDTLS_X509_EXT_KEY_USAGE,
},
{
OID_DESCRIPTOR(MBEDTLS_OID_EXTENDED_KEY_USAGE,
"id-ce-extKeyUsage",
"Extended Key Usage"),
- MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE,
+ MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE,
},
{
OID_DESCRIPTOR(MBEDTLS_OID_SUBJECT_ALT_NAME,
"id-ce-subjectAltName",
"Subject Alt Name"),
- MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME,
+ MBEDTLS_X509_EXT_SUBJECT_ALT_NAME,
},
{
OID_DESCRIPTOR(MBEDTLS_OID_NS_CERT_TYPE,
"id-netscape-certtype",
"Netscape Certificate Type"),
- MBEDTLS_OID_X509_EXT_NS_CERT_TYPE,
+ MBEDTLS_X509_EXT_NS_CERT_TYPE,
},
{
OID_DESCRIPTOR(MBEDTLS_OID_CERTIFICATE_POLICIES,
"id-ce-certificatePolicies",
"Certificate Policies"),
- MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES,
+ MBEDTLS_X509_EXT_CERTIFICATE_POLICIES,
},
{
OID_DESCRIPTOR(MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER,
"id-ce-subjectKeyIdentifier",
"Subject Key Identifier"),
- MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER,
+ MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER,
},
{
OID_DESCRIPTOR(MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER,
"id-ce-authorityKeyIdentifier",
"Authority Key Identifier"),
- MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER,
+ MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER,
},
{
NULL_OID_DESCRIPTOR,
diff --git a/library/x509_oid.h b/library/x509_oid.h
index 2416d0b..5b12677 100644
--- a/library/x509_oid.h
+++ b/library/x509_oid.h
@@ -13,6 +13,7 @@
#include "mbedtls/asn1.h"
#include "mbedtls/pk.h"
+#include "mbedtls/x509.h"
#include <stddef.h>
@@ -23,28 +24,6 @@
/** output buffer is too small */
#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B
-/* This is for the benefit of X.509, but defined here in order to avoid
- * having a "backwards" include of x.509.h here */
-/*
- * X.509 extension types (internal, arbitrary values for bitsets)
- */
-#define MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
-#define MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
-#define MBEDTLS_OID_X509_EXT_KEY_USAGE (1 << 2)
-#define MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES (1 << 3)
-#define MBEDTLS_OID_X509_EXT_POLICY_MAPPINGS (1 << 4)
-#define MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME (1 << 5)
-#define MBEDTLS_OID_X509_EXT_ISSUER_ALT_NAME (1 << 6)
-#define MBEDTLS_OID_X509_EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
-#define MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS (1 << 8)
-#define MBEDTLS_OID_X509_EXT_NAME_CONSTRAINTS (1 << 9)
-#define MBEDTLS_OID_X509_EXT_POLICY_CONSTRAINTS (1 << 10)
-#define MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE (1 << 11)
-#define MBEDTLS_OID_X509_EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
-#define MBEDTLS_OID_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13)
-#define MBEDTLS_OID_X509_EXT_FRESHEST_CRL (1 << 14)
-#define MBEDTLS_OID_X509_EXT_NS_CERT_TYPE (1 << 16)
-
/*
* Maximum number of OID components allowed
*/
diff --git a/tests/suites/test_suite_x509_oid.data b/tests/suites/test_suite_x509_oid.data
index 3f58b18..09bd652 100644
--- a/tests/suites/test_suite_x509_oid.data
+++ b/tests/suites/test_suite_x509_oid.data
@@ -35,22 +35,22 @@
oid_get_extended_key_usage:"551D23":""
OID get x509 extension - id-ce-basicConstraints
-oid_get_x509_extension:"551D13":MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS
+oid_get_x509_extension:"551D13":MBEDTLS_X509_EXT_BASIC_CONSTRAINTS
OID get x509 extension - id-ce-keyUsage
-oid_get_x509_extension:"551D0F":MBEDTLS_OID_X509_EXT_KEY_USAGE
+oid_get_x509_extension:"551D0F":MBEDTLS_X509_EXT_KEY_USAGE
OID get x509 extension - id-ce-extKeyUsage
-oid_get_x509_extension:"551D25":MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE
+oid_get_x509_extension:"551D25":MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE
OID get x509 extension - id-ce-subjectAltName
-oid_get_x509_extension:"551D11":MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME
+oid_get_x509_extension:"551D11":MBEDTLS_X509_EXT_SUBJECT_ALT_NAME
OID get x509 extension - id-netscape-certtype
-oid_get_x509_extension:"6086480186F8420101":MBEDTLS_OID_X509_EXT_NS_CERT_TYPE
+oid_get_x509_extension:"6086480186F8420101":MBEDTLS_X509_EXT_NS_CERT_TYPE
OID get x509 extension - id-ce-certificatePolicies
-oid_get_x509_extension:"551D20":MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES
+oid_get_x509_extension:"551D20":MBEDTLS_X509_EXT_CERTIFICATE_POLICIES
OID get x509 extension - invalid oid
oid_get_x509_extension:"5533445566":0