Split numeric string conversions out of the OID module #9379
Labels
component-crypto
Crypto primitives and low-level interfaces
component-x509
size-xs
Estimated task size: extra small (a few hours at most)
The OID module (
oid.h
,oid.c
) has three parts:mbedtls_oid_get_numeric_string
for the sake ofmbedtls_x509_dn_gets
(guarded byMBEDTLS_X509_USE_C
),mbedtls_x509_info_subject_alt_name
(guarded by ``MBEDTLS_X509_USE_C&& more
), and `mbedtls_oid_from_numeric_string` for the sake of `mbedtls_x509_string_to_names` guarded by `MBEDTLS_X509_CREATE_C`.The OID module is in the crypto library because a small part of it is used by crypto, but most of it is only useful for X.509, and we have had complaints about code size (example). The goal of this task is to to move the binary-string conversions to the X.509 module. We should do that before the files move to separate repositories.
x509.h
.mbedtls_oid_get_numeric_string
tox509.c
and its unit tests totest_suite_x509parse.*
.mbedtls_oid_from_numeric_string
tox509_create.c
and its unit tests totest_suite_x509write.*
.(In other words, move these two functions together with the X.509 code that is their sole user.)
This will leave the OID module as a binary-internal conversion module. There will be later tasks to split crypto vs non-crypto OIDs, but that code is likely to be heavily rewritten, so it doesn't matter if it happens after the repo split.
The text was updated successfully, but these errors were encountered: