verify: break out build_chain recursion.

Crate-internal consumers of `build_chain` always pass `0` as the sub CA count, only the `verify_cert.rs` internal recursion changes this parameter. This commit separates the external interface from the internal recursion to remove one extra parameter from an already complicated interface.
briansmith · Jun 15, 2023 · f0259b9 · f0259b9
1 parent 9d9b212
commit f0259b9
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/src/end_entity.rs b/src/end_entity.rs
@@ -100,7 +100,6 @@ impl<'a> EndEntityCert<'a> {
             },
             &self.inner,
             time,
-            0,
         )
     }
 
@@ -131,7 +130,6 @@ impl<'a> EndEntityCert<'a> {
             },
             &self.inner,
             time,
-            0,
         )
     }
 

diff --git a/src/verify_cert.rs b/src/verify_cert.rs
@@ -24,7 +24,11 @@ pub(crate) struct ChainOptions<'a> {
     pub(crate) intermediate_certs: &'a [&'a [u8]],
 }
 
-pub(crate) fn build_chain(
+pub(crate) fn build_chain(opts: &ChainOptions, cert: &Cert, time: time::Time) -> Result<(), Error> {
+    build_chain_inner(opts, cert, time, 0)
+}
+
+fn build_chain_inner(
     opts: &ChainOptions,
     cert: &Cert,
     time: time::Time,
@@ -128,7 +132,7 @@ pub(crate) fn build_chain(
             UsedAsCa::Yes => sub_ca_count + 1,
         };
 
-        build_chain(opts, &potential_issuer, time, next_sub_ca_count)
+        build_chain_inner(opts, &potential_issuer, time, next_sub_ca_count)
     })
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -100,7 +100,6 @@ impl<'a> EndEntityCert<'a> { @@
                 },
                 &self.inner,
                 time,
-,
             )
         }
@@ Expand Down Expand Up / @@ -131,7 +130,6 @@ impl<'a> EndEntityCert<'a> { @@
                 },
                 &self.inner,
                 time,
-,
             )
         }
@@ Expand Down @@