Const-correct and document more X509 functions.
Change-Id: I89f9ee74cf7ba8080d29e8637cd94fbd587dee34
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44052
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index f207a25..cc27acb 100644
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -189,45 +189,46 @@
return OBJ_obj2nid(crl->sig_alg->algorithm);
}
-const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *x)
+const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *revoked)
{
- return x->revocationDate;
+ return revoked->revocationDate;
}
-int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
+int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked, const ASN1_TIME *tm)
{
ASN1_TIME *in;
- if (x == NULL)
+ if (revoked == NULL)
return (0);
- in = x->revocationDate;
+ in = revoked->revocationDate;
if (in != tm) {
in = ASN1_STRING_dup(tm);
if (in != NULL) {
- ASN1_TIME_free(x->revocationDate);
- x->revocationDate = in;
+ ASN1_TIME_free(revoked->revocationDate);
+ revoked->revocationDate = in;
}
}
return (in != NULL);
}
-const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *x)
+const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *revoked)
{
- return x->serialNumber;
+ return revoked->serialNumber;
}
-int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
+int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
+ const ASN1_INTEGER *serial)
{
ASN1_INTEGER *in;
- if (x == NULL)
+ if (revoked == NULL)
return (0);
- in = x->serialNumber;
+ in = revoked->serialNumber;
if (in != serial) {
in = ASN1_INTEGER_dup(serial);
if (in != NULL) {
- ASN1_INTEGER_free(x->serialNumber);
- x->serialNumber = in;
+ ASN1_INTEGER_free(revoked->serialNumber);
+ revoked->serialNumber = in;
}
}
return (in != NULL);
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 1f31312..7fd3a27 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -1163,14 +1163,25 @@
// instead.
OPENSSL_EXPORT int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
+// X509_REVOKED_get0_serialNumber returns the serial number of the certificate
+// revoked by |revoked|.
OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
- const X509_REVOKED *x);
-OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *x,
- ASN1_INTEGER *serial);
+ const X509_REVOKED *revoked);
+
+// X509_REVOKED_set_serialNumber sets |revoked|'s serial number to |serial|. It
+// returns one on success or zero on error.
+OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
+ const ASN1_INTEGER *serial);
+
+// X509_REVOKED_get0_revocationDate returns the revocation time of the
+// certificate revoked by |revoked|.
OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
- const X509_REVOKED *x);
-OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r,
- ASN1_TIME *tm);
+ const X509_REVOKED *revoked);
+
+// X509_REVOKED_set_revocationDate sets |revoked|'s revocation time to |tm|. It
+// returns one on success or zero on error.
+OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked,
+ const ASN1_TIME *tm);
// X509_REVOKED_get0_extensions returns |r|'s extensions.
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(