Change X.509 verify flags to uint32_t

include/mbedtls/ssl.h

@@ -590,7 +590,7 @@ struct mbedtls_ssl_session
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
     mbedtls_x509_crt *peer_cert;        /*!< peer X.509 cert chain */
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
-    int verify_result;          /*!<  verification result     */
+    uint32_t verify_result;          /*!<  verification result     */
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
     unsigned char *ticket;      /*!< RFC 5077 session ticket */
@@ -823,7 +823,7 @@ typedef struct
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
     /** Callback to customize X.509 certificate chain verification          */
-    int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *);
+    int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *);
     void *p_vrfy;                   /*!< context for X.509 verify calllback */
 #endif
 
@@ -1242,7 +1242,7 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
  * \param p_vrfy   verification parameter
  */
 void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
+                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
                      void *p_vrfy );
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
@@ -2107,7 +2107,7 @@ size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl );
  *                 a combination of BADCERT_xxx and BADCRL_xxx flags, see
  *                 x509.h
  */
-int mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl );
+uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl );
 
 /**
  * \brief          Return the name of the current ciphersuite
@@ -2424,7 +2424,7 @@ static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
 int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
                           const mbedtls_ssl_ciphersuite_t *ciphersuite,
                           int cert_endpoint,
-                          int *flags );
+                          uint32_t *flags );
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
 void mbedtls_ssl_write_version( int major, int minor, int transport,

include/mbedtls/x509_crt.h

@@ -214,22 +214,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
  *                 case of an error.
  */
 int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
-                          int flags );
-
-/**
- * \brief          Returns an informational string about the
- *                 verification status of a certificate.
- *
- * \param buf      Buffer to write to
- * \param size     Maximum size of buffer
- * \param prefix   A line prefix
- * \param flags    Verification flags created by mbedtls_x509_crt_verify()
- *
- * \return         The amount of data written to the buffer, or -1 in
- *                 case of an error.
- */
-int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
-                          int flags );
+                          uint32_t flags );
 
 /**
  * \brief          Verify the certificate signature
@@ -270,8 +255,8 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
 int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
                      mbedtls_x509_crt *trust_ca,
                      mbedtls_x509_crl *ca_crl,
-                     const char *cn, int *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
+                     const char *cn, uint32_t *flags,
+                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
                      void *p_vrfy );
 
 #if defined(MBEDTLS_X509_CHECK_KEY_USAGE)