sync code with last improvements from OpenBSD
This commit is contained in:
parent
e5a8beb33e
commit
2ec21d9c19
205 changed files with 4715 additions and 23023 deletions
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: x_algor.c,v 1.25 2023/07/07 19:37:52 beck Exp $ */
|
||||
/* $OpenBSD: x_algor.c,v 1.31 2023/10/11 13:22:11 tb Exp $ */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 2000.
|
||||
*/
|
||||
|
@ -57,9 +57,12 @@
|
|||
*/
|
||||
|
||||
#include <stddef.h>
|
||||
#include <openssl/x509.h>
|
||||
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/asn1t.h>
|
||||
#include <openssl/x509.h>
|
||||
|
||||
#include "x509_local.h"
|
||||
|
||||
static const ASN1_TEMPLATE X509_ALGOR_seq_tt[] = {
|
||||
{
|
||||
|
@ -102,7 +105,6 @@ const ASN1_ITEM X509_ALGORS_it = {
|
|||
.sname = "X509_ALGORS",
|
||||
};
|
||||
|
||||
|
||||
X509_ALGOR *
|
||||
d2i_X509_ALGOR(X509_ALGOR **a, const unsigned char **in, long len)
|
||||
{
|
||||
|
@ -150,71 +152,85 @@ X509_ALGOR_dup(X509_ALGOR *x)
|
|||
int
|
||||
X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
|
||||
{
|
||||
if (!alg)
|
||||
if (alg == NULL)
|
||||
return 0;
|
||||
if (ptype != V_ASN1_UNDEF) {
|
||||
|
||||
if (ptype == V_ASN1_UNDEF) {
|
||||
ASN1_TYPE_free(alg->parameter);
|
||||
alg->parameter = NULL;
|
||||
} else {
|
||||
if (alg->parameter == NULL)
|
||||
alg->parameter = ASN1_TYPE_new();
|
||||
if (alg->parameter == NULL)
|
||||
return 0;
|
||||
if (ptype != 0)
|
||||
ASN1_TYPE_set(alg->parameter, ptype, pval);
|
||||
}
|
||||
if (alg) {
|
||||
if (alg->algorithm)
|
||||
ASN1_OBJECT_free(alg->algorithm);
|
||||
alg->algorithm = aobj;
|
||||
}
|
||||
if (ptype == 0)
|
||||
return 1;
|
||||
if (ptype == V_ASN1_UNDEF) {
|
||||
if (alg->parameter) {
|
||||
ASN1_TYPE_free(alg->parameter);
|
||||
alg->parameter = NULL;
|
||||
}
|
||||
} else
|
||||
ASN1_TYPE_set(alg->parameter, ptype, pval);
|
||||
|
||||
ASN1_OBJECT_free(alg->algorithm);
|
||||
alg->algorithm = aobj;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
void
|
||||
X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, const void **ppval,
|
||||
const X509_ALGOR *algor)
|
||||
X509_ALGOR_get0(const ASN1_OBJECT **out_aobj, int *out_type,
|
||||
const void **out_value, const X509_ALGOR *alg)
|
||||
{
|
||||
if (paobj)
|
||||
*paobj = algor->algorithm;
|
||||
if (pptype) {
|
||||
if (algor->parameter == NULL) {
|
||||
*pptype = V_ASN1_UNDEF;
|
||||
return;
|
||||
} else
|
||||
*pptype = algor->parameter->type;
|
||||
if (ppval)
|
||||
*ppval = algor->parameter->value.ptr;
|
||||
int type = V_ASN1_UNDEF;
|
||||
const void *value = NULL;
|
||||
|
||||
if (out_aobj != NULL)
|
||||
*out_aobj = alg->algorithm;
|
||||
|
||||
/* Ensure out_value is not left uninitialized if out_type is NULL. */
|
||||
if (out_value != NULL)
|
||||
*out_value = NULL;
|
||||
|
||||
if (out_type == NULL)
|
||||
return;
|
||||
|
||||
if (alg->parameter != NULL) {
|
||||
type = alg->parameter->type;
|
||||
value = alg->parameter->value.ptr;
|
||||
}
|
||||
|
||||
*out_type = type;
|
||||
if (out_value != NULL)
|
||||
*out_value = value;
|
||||
}
|
||||
|
||||
/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
|
||||
|
||||
void
|
||||
X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
|
||||
int
|
||||
X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md)
|
||||
{
|
||||
ASN1_OBJECT *aobj;
|
||||
int param_type = V_ASN1_NULL;
|
||||
|
||||
if ((EVP_MD_flags(md) & EVP_MD_FLAG_DIGALGID_ABSENT) != 0)
|
||||
param_type = V_ASN1_UNDEF;
|
||||
|
||||
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
|
||||
if ((aobj = OBJ_nid2obj(EVP_MD_type(md))) == NULL)
|
||||
return 0;
|
||||
|
||||
return X509_ALGOR_set0(alg, aobj, param_type, NULL);
|
||||
}
|
||||
|
||||
void
|
||||
X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
|
||||
{
|
||||
(void)X509_ALGOR_set_evp_md(alg, md);
|
||||
}
|
||||
|
||||
/* Returns 0 if they are equal, != 0 otherwise. */
|
||||
int
|
||||
X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
|
||||
{
|
||||
int rv = OBJ_cmp(a->algorithm, b->algorithm);
|
||||
if (!rv) {
|
||||
if (!a->parameter && !b->parameter)
|
||||
rv = 0;
|
||||
else
|
||||
rv = ASN1_TYPE_cmp(a->parameter, b->parameter);
|
||||
}
|
||||
return(rv);
|
||||
int cmp;
|
||||
|
||||
if ((cmp = OBJ_cmp(a->algorithm, b->algorithm)) != 0)
|
||||
return cmp;
|
||||
|
||||
if (a->parameter == NULL && b->parameter == NULL)
|
||||
return 0;
|
||||
|
||||
return ASN1_TYPE_cmp(a->parameter, b->parameter);
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.\" $OpenBSD: ASRange_new.3,v 1.7 2023/10/01 05:20:41 tb Exp $
|
||||
.\" $OpenBSD: ASRange_new.3,v 1.8 2023/10/11 12:06:11 tb Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
|
||||
.\"
|
||||
|
@ -14,7 +14,7 @@
|
|||
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
.\"
|
||||
.Dd $Mdocdate: October 1 2023 $
|
||||
.Dd $Mdocdate: October 11 2023 $
|
||||
.Dt ASRANGE_NEW 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -92,16 +92,10 @@ All
|
|||
.Vt ASN1_INTEGER Ns s
|
||||
in this manual must be representable as unsigned 32-bit integers.
|
||||
The API performs no corresponding checks.
|
||||
The library provides no convenient way of setting the value of an
|
||||
An
|
||||
.Vt ASN1_INTEGER
|
||||
directly.
|
||||
A detour via a
|
||||
.Vt BIGNUM
|
||||
or a string is unavoidable.
|
||||
To retrieve the value of an
|
||||
.Vt ASN1_INTEGER ,
|
||||
use
|
||||
.Xr ASN1_INTEGER_get_uint64 3 .
|
||||
can be set using
|
||||
.Xr ASN1_INTEGER_set_uint64 3 .
|
||||
.Pp
|
||||
The
|
||||
.Vt ASRange
|
||||
|
@ -353,8 +347,7 @@ return the number of bytes successfully encoded
|
|||
or a value <= 0 if an error occurs.
|
||||
.Sh SEE ALSO
|
||||
.Xr ASIdentifiers_new 3 ,
|
||||
.Xr BN_set_word 3 ,
|
||||
.Xr BN_to_ASN1_INTEGER 3 ,
|
||||
.Xr ASN1_INTEGER_set_uint64 3 ,
|
||||
.Xr crypto 3 ,
|
||||
.Xr IPAddressRange_new 3 ,
|
||||
.Xr s2i_ASN1_INTEGER 3 ,
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
.\" $OpenBSD: X509_ALGOR_dup.3,v 1.19 2023/10/10 13:59:47 tb Exp $
|
||||
.\" $OpenBSD: X509_ALGOR_dup.3,v 1.20 2023/10/11 06:08:57 tb Exp $
|
||||
.\" OpenSSL 4692340e Jun 7 15:49:08 2016 -0400
|
||||
.\"
|
||||
.\" This file is a derived work.
|
||||
|
@ -66,7 +66,7 @@
|
|||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: October 10 2023 $
|
||||
.Dd $Mdocdate: October 11 2023 $
|
||||
.Dt X509_ALGOR_DUP 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -208,16 +208,31 @@ is transferred to
|
|||
on success.
|
||||
.Pp
|
||||
.Fn X509_ALGOR_get0
|
||||
is the inverse of
|
||||
.Fn X509_ALGOR_set0 :
|
||||
it returns the algorithm OID in
|
||||
.Pf * Fa paobj
|
||||
and the associated parameter in
|
||||
.Pf * Fa pptype
|
||||
returns
|
||||
.Fa alg Ns 's
|
||||
algorithm OID in
|
||||
.Pf * Fa paobj ,
|
||||
its parameter type in
|
||||
.Pf * Fa pptype ,
|
||||
and its parameter value in
|
||||
.Pf * Fa ppval .
|
||||
Any of
|
||||
.Fa paobj ,
|
||||
.Fa pptype ,
|
||||
and
|
||||
.Pf * Fa ppval
|
||||
from
|
||||
.Fa alg .
|
||||
.Fa ppval
|
||||
can be
|
||||
.Dv NULL .
|
||||
If
|
||||
.Fa pptype is
|
||||
.Dv NULL
|
||||
or if
|
||||
.Pf * Fa pptype
|
||||
is
|
||||
.Dv V_ASN1_UNDEF
|
||||
then
|
||||
.Pf * Fa ppval Ns 's
|
||||
value is undefined.
|
||||
.Pp
|
||||
.Fn X509_ALGOR_set_md
|
||||
sets
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: x509_local.h,v 1.9 2023/05/28 05:25:24 tb Exp $ */
|
||||
/* $OpenBSD: x509_local.h,v 1.10 2023/10/11 13:05:18 tb Exp $ */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 2013.
|
||||
*/
|
||||
|
@ -379,6 +379,8 @@ int x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int quiet);
|
|||
|
||||
int name_cmp(const char *name, const char *cmp);
|
||||
|
||||
int X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md);
|
||||
|
||||
int X509_policy_check(const STACK_OF(X509) *certs,
|
||||
const STACK_OF(ASN1_OBJECT) *user_policies, unsigned long flags,
|
||||
X509 **out_current_cert);
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue