Skip to content

Add public alt-name list APIs#10768

Open
Frauschi wants to merge 1 commit into
wolfSSL:masterfrom
Frauschi:altNames_API
Open

Add public alt-name list APIs#10768
Frauschi wants to merge 1 commit into
wolfSSL:masterfrom
Frauschi:altNames_API

Conversation

@Frauschi

@Frauschi Frauschi commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

Promotes wolfSSL's internal SAN-list helpers to a public wc_ API so apps can build SAN entries, encode them, and attach them to a Cert before signing without using internal functions.

New functions

Function Purpose
wc_SetDNSEntry() Append a typed alt-name entry (DNS, IP, RFC822, URI, …) to a DNS_entry list.
wc_FlattenAltNames() Encode a list into a DER GeneralNames SEQUENCE (general buffer primitive).
wc_SetAltNamesFromList() Encode a list straight into cert->altNames/altNamesSz - mirrors wc_SetAltNamesBuffer.

Notes

  • Prototypes live in asn.h (they use the DNS_entry type) and share the WOLFSSL_ASN_API export gate (WOLFSSL_PUBLIC_ASN/OPENSSL_EXTRA/…); doxygen documents this.
  • Guarded by WOLFSSL_CERT_GEN && WOLFSSL_ALT_NAMES.

Testing

Adds flattenAltNames_test covering success, NULL-list, NULL-output, BUFFER_E, and the Cert paths. Builds clean and passes under --enable-all.

Used in wolfCert.

@Frauschi Frauschi self-assigned this Jun 24, 2026
@Frauschi Frauschi marked this pull request as ready for review June 24, 2026 15:21
@github-actions

github-actions Bot commented Jun 24, 2026

Copy link
Copy Markdown

retest this please

@github-actions

github-actions Bot commented Jun 24, 2026
edited
Loading

Copy link
Copy Markdown

MemBrowse Memory Report

gcc-arm-cortex-m0plus

  • FLASH: .text +12 B (+0.0%, 63,507 B / 262,144 B, total: 24% used)

gcc-arm-cortex-m3

  • FLASH: .text +4 B (+0.0%, 121,413 B / 262,144 B, total: 46% used)

gcc-arm-cortex-m4-openssl-compat

  • FLASH: .text +64 B (+0.0%, 768,196 B / 1,048,576 B, total: 73% used)

linuxkm-pie

  • Data: __patchable_function_entries +24 B (+0.1%, 24,312 B)

linuxkm-standard

  • Data: __patchable_function_entries +32 B (+0.1%, 46,048 B)

stm32-sim-stm32h753

@Frauschi
asn: add public alt-name list APIs
5fbf3d2 
Expose the internal SAN-list helpers as public wc_ APIs so callers can build a
DNS_entry list, encode it into a DER GeneralNames SEQUENCE, and populate a Cert
directly:

- wc_SetDNSEntry()         - append a typed alt-name entry to a list
- wc_FlattenAltNames()     - encode a list into a buffer (thin wrapper)
- wc_SetAltNamesFromList() - encode a list straight into cert->altNames/Sz

Declarations live in asn.h (they use the DNS_entry type) and are gated by the
existing WOLFSSL_ASN_API export macro; doxygen notes the WOLFSSL_PUBLIC_ASN/
OPENSSL_EXTRA export requirement. Adds a wolfCrypt test covering the success,
NULL-list, NULL-output, BUFFER_E, and Cert paths.
@Frauschi Frauschi assigned wolfSSL-Bot and unassigned Frauschi Jun 25, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Frauschi @wolfSSL-Bot