Document and test flags in x509_verify

This commit is contained in:
Janos Follath 2019-04-05 16:45:01 +01:00
parent d7ecbd6914
commit 846ae7a70d
2 changed files with 9 additions and 0 deletions

View file

@ -425,6 +425,8 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
* \param cn The expected Common Name. This may be \c NULL if the
* CN need not be verified.
* \param flags The address at which to store the result of the verification.
* If the verification couldn't be completed, the flag value is
* set to (uint32_t) -1.
* \param f_vrfy The verification callback to use. See the documentation
* of mbedtls_x509_crt_verify() for more information.
* \param p_vrfy The context to be passed to \p f_vrfy.
@ -464,6 +466,8 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
* \param cn The expected Common Name. This may be \c NULL if the
* CN need not be verified.
* \param flags The address at which to store the result of the verification.
* If the verification couldn't be completed, the flag value is
* set to (uint32_t) -1.
* \param f_vrfy The verification callback to use. See the documentation
* of mbedtls_x509_crt_verify() for more information.
* \param p_vrfy The context to be passed to \p f_vrfy.
@ -500,6 +504,8 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
* \param cn The expected Common Name. This may be \c NULL if the
* CN need not be verified.
* \param flags The address at which to store the result of the verification.
* If the verification couldn't be completed, the flag value is
* set to (uint32_t) -1.
* \param f_vrfy The verification callback to use. See the documentation
* of mbedtls_x509_crt_verify() for more information.
* \param p_vrfy The context to be passed to \p f_vrfy.
@ -568,6 +574,8 @@ typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx,
* \param cn The expected Common Name. This may be \c NULL if the
* CN need not be verified.
* \param flags The address at which to store the result of the verification.
* If the verification couldn't be completed, the flag value is
* set to (uint32_t) -1.
* \param f_vrfy The verification callback to use. See the documentation
* of mbedtls_x509_crt_verify() for more information.
* \param p_vrfy The context to be passed to \p f_vrfy.

View file

@ -482,6 +482,7 @@ void x509_verify_ca_cb_failure( char *crt_file, char *ca_file, char *name,
NULL, NULL );
TEST_ASSERT( ret == exp_ret );
TEST_ASSERT( flags == (uint32_t)( -1 ) );
exit:
mbedtls_x509_crt_free( &crt );
mbedtls_x509_crt_free( &ca );