Limited implementation of the cert_verify #203
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Partial implementation of #202.
@quinnj Please review. Few questions:
mbedtls_x509_crt_verify
may be needed. The current implementation does not provide the intermediate steps to fix errors in case of failure.MbedTLS
APIs do not expose the v3 extensions properly. We will need to expose the full ASN.1 module if we need to expose APIs for extracting theCRLDistributionPoint
or any such APIs.