TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7a05fab716d798275f8815faa193e080773fde19^! / . / include / mbedtls
commit7a05fab716d798275f8815faa193e080773fde19[log] [tgz]
authorAndrzej Kurek <andrzej.kurek@arm.com>Mon Feb 13 10:03:07 2023 -0500
committerAndrzej Kurek <andrzej.kurek@arm.com>Mon Feb 13 10:03:07 2023 -0500
tree918fa090356f8de111e77c0b5d19a2c1ff545f85
parentdaa65956c3aabf67146a8535cf1ce081bb878dc0 [diff]
Added the uniformResourceIdentifier subtype for the subjectAltName.

Co-authored-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index aa1cd08..bf1f94a 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h

@@ -294,7 +294,7 @@
     int type;                              /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
     union {
         mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
-        mbedtls_x509_buf   unstructured_name; /**< The buffer for the un constructed types. Only dnsName currently supported */
+        mbedtls_x509_buf   unstructured_name; /**< The buffer for the unconstructed types. Only dnsName and uniformResourceIdentifier currently supported */ */
     }
     san; /**< A union of the supported SAN types */
 }
@@ -385,8 +385,8 @@
  * \param san      The target structure to populate with the parsed presentation
  *                 of the subject alternative name encoded in \p san_raw.
  *
- * \note           Only "dnsName" and "otherName" of type hardware_module_name
- *                 as defined in RFC 4180 is supported.
+ * \note           Only "dnsName", "uniformResourceIdentifier" and "otherName",
+ *                 as defined in RFC 5280, is supported.
  *
  * \note           This function should be called on a single raw data of
  *                 subject alternative name. For example, after successful

diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 187e60a..036282f 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h

@@ -76,7 +76,7 @@
     mbedtls_x509_buf issuer_id;         /**< Optional X.509 v2/v3 issuer unique identifier. */
     mbedtls_x509_buf subject_id;        /**< Optional X.509 v2/v3 subject unique identifier. */
     mbedtls_x509_buf v3_ext;            /**< Optional X.509 v3 extensions.  */
-    mbedtls_x509_sequence subject_alt_names;    /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName and OtherName are listed). */
+    mbedtls_x509_sequence subject_alt_names;    /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName, uniformResourceIdentifier and OtherName are listed). */
 
     mbedtls_x509_sequence certificate_policies; /**< Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed). */