Improve documentation of mbedtls_x509_get_ext() - Explain the use of explicit ASN.1 tagging for the extensions structuree - Remove misleading comment which suggests that mbedtls_x509_get_ext() also parsed the header of the first extension, which is not the case.

commit: 3cddba887a1e293d79c98da41f366c69883c8bfc [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Mon Feb 11 14:33:36 2019 +0000
committer: Hanno Becker <hanno.becker@arm.com> Tue Jun 04 13:59:55 2019 +0100
tree: 9524732aff31cc3e98b147f138300beca733607f
parent: d57a3a6a4f2b52129f7cb17b27c1b76802504ec8 [diff]
diff --git a/library/x509.c b/library/x509.c
index 2239f3b..2e0b0e8 100644
--- a/library/x509.c
+++ b/library/x509.c

@@ -713,6 +713,9 @@
     int ret;
     size_t len;
 
+    /* Extension structure use EXPLICIT tagging. That is, the actual
+     * `Extensions` structure is wrapped by a tag-length pair using
+     * the respective context-specific tag. */
     ret = mbedtls_asn1_get_tag( p, end, &ext->len,
               MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag );
     if( ret != 0 )
@@ -724,11 +727,6 @@
 
     /*
      * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
-     *
-     * Extension  ::=  SEQUENCE  {
-     *      extnID      OBJECT IDENTIFIER,
-     *      critical    BOOLEAN DEFAULT FALSE,
-     *      extnValue   OCTET STRING  }
      */
     if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
commit	3cddba887a1e293d79c98da41f366c69883c8bfc	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Mon Feb 11 14:33:36 2019 +0000
committer	Hanno Becker <hanno.becker@arm.com>	Tue Jun 04 13:59:55 2019 +0100
tree	9524732aff31cc3e98b147f138300beca733607f
parent	d57a3a6a4f2b52129f7cb17b27c1b76802504ec8 [diff]