sync code with last improvements from OpenBSD

This commit is contained in:
purplerain 2023-10-13 03:26:36 +00:00
parent e5a8beb33e
commit 2ec21d9c19
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
205 changed files with 4715 additions and 23023 deletions

View file

@ -1,4 +1,4 @@
/* $OpenBSD: x_algor.c,v 1.25 2023/07/07 19:37:52 beck Exp $ */
/* $OpenBSD: x_algor.c,v 1.31 2023/10/11 13:22:11 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -57,9 +57,12 @@
*/
#include <stddef.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include "x509_local.h"
static const ASN1_TEMPLATE X509_ALGOR_seq_tt[] = {
{
@ -102,7 +105,6 @@ const ASN1_ITEM X509_ALGORS_it = {
.sname = "X509_ALGORS",
};
X509_ALGOR *
d2i_X509_ALGOR(X509_ALGOR **a, const unsigned char **in, long len)
{
@ -150,71 +152,85 @@ X509_ALGOR_dup(X509_ALGOR *x)
int
X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
{
if (!alg)
if (alg == NULL)
return 0;
if (ptype != V_ASN1_UNDEF) {
if (ptype == V_ASN1_UNDEF) {
ASN1_TYPE_free(alg->parameter);
alg->parameter = NULL;
} else {
if (alg->parameter == NULL)
alg->parameter = ASN1_TYPE_new();
if (alg->parameter == NULL)
return 0;
if (ptype != 0)
ASN1_TYPE_set(alg->parameter, ptype, pval);
}
if (alg) {
if (alg->algorithm)
ASN1_OBJECT_free(alg->algorithm);
alg->algorithm = aobj;
}
if (ptype == 0)
return 1;
if (ptype == V_ASN1_UNDEF) {
if (alg->parameter) {
ASN1_TYPE_free(alg->parameter);
alg->parameter = NULL;
}
} else
ASN1_TYPE_set(alg->parameter, ptype, pval);
ASN1_OBJECT_free(alg->algorithm);
alg->algorithm = aobj;
return 1;
}
void
X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, const void **ppval,
const X509_ALGOR *algor)
X509_ALGOR_get0(const ASN1_OBJECT **out_aobj, int *out_type,
const void **out_value, const X509_ALGOR *alg)
{
if (paobj)
*paobj = algor->algorithm;
if (pptype) {
if (algor->parameter == NULL) {
*pptype = V_ASN1_UNDEF;
return;
} else
*pptype = algor->parameter->type;
if (ppval)
*ppval = algor->parameter->value.ptr;
int type = V_ASN1_UNDEF;
const void *value = NULL;
if (out_aobj != NULL)
*out_aobj = alg->algorithm;
/* Ensure out_value is not left uninitialized if out_type is NULL. */
if (out_value != NULL)
*out_value = NULL;
if (out_type == NULL)
return;
if (alg->parameter != NULL) {
type = alg->parameter->type;
value = alg->parameter->value.ptr;
}
*out_type = type;
if (out_value != NULL)
*out_value = value;
}
/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
void
X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
int
X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md)
{
ASN1_OBJECT *aobj;
int param_type = V_ASN1_NULL;
if ((EVP_MD_flags(md) & EVP_MD_FLAG_DIGALGID_ABSENT) != 0)
param_type = V_ASN1_UNDEF;
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
if ((aobj = OBJ_nid2obj(EVP_MD_type(md))) == NULL)
return 0;
return X509_ALGOR_set0(alg, aobj, param_type, NULL);
}
void
X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
{
(void)X509_ALGOR_set_evp_md(alg, md);
}
/* Returns 0 if they are equal, != 0 otherwise. */
int
X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
{
int rv = OBJ_cmp(a->algorithm, b->algorithm);
if (!rv) {
if (!a->parameter && !b->parameter)
rv = 0;
else
rv = ASN1_TYPE_cmp(a->parameter, b->parameter);
}
return(rv);
int cmp;
if ((cmp = OBJ_cmp(a->algorithm, b->algorithm)) != 0)
return cmp;
if (a->parameter == NULL && b->parameter == NULL)
return 0;
return ASN1_TYPE_cmp(a->parameter, b->parameter);
}

View file

@ -1,4 +1,4 @@
.\" $OpenBSD: ASRange_new.3,v 1.7 2023/10/01 05:20:41 tb Exp $
.\" $OpenBSD: ASRange_new.3,v 1.8 2023/10/11 12:06:11 tb Exp $
.\"
.\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
.\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: October 1 2023 $
.Dd $Mdocdate: October 11 2023 $
.Dt ASRANGE_NEW 3
.Os
.Sh NAME
@ -92,16 +92,10 @@ All
.Vt ASN1_INTEGER Ns s
in this manual must be representable as unsigned 32-bit integers.
The API performs no corresponding checks.
The library provides no convenient way of setting the value of an
An
.Vt ASN1_INTEGER
directly.
A detour via a
.Vt BIGNUM
or a string is unavoidable.
To retrieve the value of an
.Vt ASN1_INTEGER ,
use
.Xr ASN1_INTEGER_get_uint64 3 .
can be set using
.Xr ASN1_INTEGER_set_uint64 3 .
.Pp
The
.Vt ASRange
@ -353,8 +347,7 @@ return the number of bytes successfully encoded
or a value <= 0 if an error occurs.
.Sh SEE ALSO
.Xr ASIdentifiers_new 3 ,
.Xr BN_set_word 3 ,
.Xr BN_to_ASN1_INTEGER 3 ,
.Xr ASN1_INTEGER_set_uint64 3 ,
.Xr crypto 3 ,
.Xr IPAddressRange_new 3 ,
.Xr s2i_ASN1_INTEGER 3 ,

View file

@ -1,4 +1,4 @@
.\" $OpenBSD: X509_ALGOR_dup.3,v 1.19 2023/10/10 13:59:47 tb Exp $
.\" $OpenBSD: X509_ALGOR_dup.3,v 1.20 2023/10/11 06:08:57 tb Exp $
.\" OpenSSL 4692340e Jun 7 15:49:08 2016 -0400
.\"
.\" This file is a derived work.
@ -66,7 +66,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: October 10 2023 $
.Dd $Mdocdate: October 11 2023 $
.Dt X509_ALGOR_DUP 3
.Os
.Sh NAME
@ -208,16 +208,31 @@ is transferred to
on success.
.Pp
.Fn X509_ALGOR_get0
is the inverse of
.Fn X509_ALGOR_set0 :
it returns the algorithm OID in
.Pf * Fa paobj
and the associated parameter in
.Pf * Fa pptype
returns
.Fa alg Ns 's
algorithm OID in
.Pf * Fa paobj ,
its parameter type in
.Pf * Fa pptype ,
and its parameter value in
.Pf * Fa ppval .
Any of
.Fa paobj ,
.Fa pptype ,
and
.Pf * Fa ppval
from
.Fa alg .
.Fa ppval
can be
.Dv NULL .
If
.Fa pptype is
.Dv NULL
or if
.Pf * Fa pptype
is
.Dv V_ASN1_UNDEF
then
.Pf * Fa ppval Ns 's
value is undefined.
.Pp
.Fn X509_ALGOR_set_md
sets

View file

@ -1,4 +1,4 @@
/* $OpenBSD: x509_local.h,v 1.9 2023/05/28 05:25:24 tb Exp $ */
/* $OpenBSD: x509_local.h,v 1.10 2023/10/11 13:05:18 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2013.
*/
@ -379,6 +379,8 @@ int x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int quiet);
int name_cmp(const char *name, const char *cmp);
int X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md);
int X509_policy_check(const STACK_OF(X509) *certs,
const STACK_OF(ASN1_OBJECT) *user_policies, unsigned long flags,
X509 **out_current_cert);