Improve documentation of mbedtls_x509_get_ext() - Explain the use of explicit ASN.1 tagging for the extensions structuree - Remove misleading comment which suggests that mbedtls_x509_get_ext() also parsed the header of the first extension, which is not the case.

commit: c24e0195138a8f617b0ca84eaa422b82dca21d04 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Mon Feb 11 14:33:36 2019 +0000
committer: Hanno Becker <hanno.becker@arm.com> Tue Jun 04 14:03:27 2019 +0100
tree: 5c8b7de0fbd2bff117426adb3dae01ae8155f892
parent: 53526c70ff8b57658dfdb573f4cc76b06e089388 [diff]
diff --git a/library/x509.c b/library/x509.c
index 1fbce91..59b6ba3 100644
--- a/library/x509.c
+++ b/library/x509.c

@@ -709,6 +709,9 @@
     int ret;
     size_t len;
 
+    /* Extension structure use EXPLICIT tagging. That is, the actual
+     * `Extensions` structure is wrapped by a tag-length pair using
+     * the respective context-specific tag. */
     ret = mbedtls_asn1_get_tag( p, end, &ext->len,
               MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag );
     if( ret != 0 )
@@ -720,11 +723,6 @@
 
     /*
      * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
-     *
-     * Extension  ::=  SEQUENCE  {
-     *      extnID      OBJECT IDENTIFIER,
-     *      critical    BOOLEAN DEFAULT FALSE,
-     *      extnValue   OCTET STRING  }
      */
     if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
commit	c24e0195138a8f617b0ca84eaa422b82dca21d04	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Mon Feb 11 14:33:36 2019 +0000
committer	Hanno Becker <hanno.becker@arm.com>	Tue Jun 04 14:03:27 2019 +0100
tree	5c8b7de0fbd2bff117426adb3dae01ae8155f892
parent	53526c70ff8b57658dfdb573f4cc76b06e089388 [diff]