rustls · djc · Jul 31, 2023 · Jul 31, 2023 · Jul 31, 2023 · Jul 31, 2023
diff --git a/src/calendar.rs b/src/calendar.rs
diff --git a/src/cert.rs b/src/cert.rs
@@ -116,7 +116,7 @@ impl<'a> Cert<'a> {
                             der::Tag::Sequence,
                             Error::BadDer,
                             |extension| {
-                                remember_cert_extension(&mut cert, &Extension::parse(extension)?)
+                                remember_cert_extension(&mut cert, &Extension::from_der(extension)?)
                             },
                         )
                     },
@@ -165,7 +165,7 @@ fn version3(input: &mut untrusted::Reader) -> Result<(), Error> {
         der::Tag::ContextSpecificConstructed0,
         Error::UnsupportedCertVersion,
         |input| {
-            let version = der::small_nonnegative_integer(input)?;
+            let version = u8::from_der(input)?;
             if version != 2 {
                 // v3
                 return Err(Error::UnsupportedCertVersion);

diff --git a/src/crl.rs b/src/crl.rs
@@ -277,7 +277,7 @@ impl<'a> FromDer<'a> for BorrowedCertRevocationList<'a> {
             //   extensions in all CRLs issued.
             // As a result of the above we parse this as a required section, not OPTIONAL.
             // NOTE: Encoded value of version 2 is 1.
-            if der::small_nonnegative_integer(tbs_cert_list)? != 1 {
+            if u8::from_der(tbs_cert_list)? != 1 {
                 return Err(Error::UnsupportedCrlVersion);
             }
 
@@ -298,13 +298,13 @@ impl<'a> FromDer<'a> for BorrowedCertRevocationList<'a> {
             //    encoded as UTCTime or GeneralizedTime.
             // We do not presently enforce the correct choice of UTCTime or GeneralizedTime based on
             // whether the date is post 2050.
-            der::time_choice(tbs_cert_list)?;
+            Time::from_der(tbs_cert_list)?;
 
             // While OPTIONAL in the ASN.1 module, RFC 5280 §5.1.2.5 says:
             //   Conforming CRL issuers MUST include the nextUpdate field in all CRLs.
             // We do not presently enforce the correct choice of UTCTime or GeneralizedTime based on
             // whether the date is post 2050.
-            der::time_choice(tbs_cert_list)?;
+            Time::from_der(tbs_cert_list)?;
 
             // RFC 5280 §5.1.2.6:
             //   When there are no revoked certificates, the revoked certificates list
@@ -351,7 +351,7 @@ impl<'a> FromDer<'a> for BorrowedCertRevocationList<'a> {
                             //   that the application cannot process, then the application MUST NOT
                             //   use that CRL to determine the status of certificates.  However,
                             //   applications may ignore unrecognized non-critical extensions.
-                            crl.remember_extension(&Extension::parse(extension)?)
+                            crl.remember_extension(&Extension::from_der(extension)?)
                         },
                     )
                 },
@@ -468,7 +468,7 @@ impl<'a> BorrowedRevokedCert<'a> {
 
                 // id-ce-invalidityDate 2.5.29.24 - RFC 5280 §5.3.2.
                 24 => set_extension_once(&mut self.invalidity_date, || {
-                    extension.value.read_all(Error::BadDer, der::time_choice)
+                    extension.value.read_all(Error::BadDer, Time::from_der)
                 }),
 
                 // id-ce-certificateIssuer 2.5.29.29 - RFC 5280 §5.3.3.
@@ -503,7 +503,7 @@ impl<'a> FromDer<'a> for BorrowedRevokedCert<'a> {
                 .map_err(|_| Error::InvalidSerialNumber)?
                 .as_slice_less_safe();
 
-            let revocation_date = der::time_choice(der)?;
+            let revocation_date = Time::from_der(der)?;
 
             let mut revoked_cert = BorrowedRevokedCert {
                 serial_number,
@@ -537,7 +537,7 @@ impl<'a> FromDer<'a> for BorrowedRevokedCert<'a> {
                     //   process, then the application MUST NOT use that CRL to determine the
                     //   status of any certificates.  However, applications may ignore
                     //   unrecognized non-critical CRL entry extensions.
-                    revoked_cert.remember_extension(&Extension::parse(ext_der)?)
+                    revoked_cert.remember_extension(&Extension::from_der(ext_der)?)
                 })?;
                 if reader.at_end() {
                     break;