Prepare to provide X509_get_{extended_,}key_usage()

ok beck jsing
author: tb <> 2021-10-22 18:37:15 +0000
committer: tb <> 2021-10-22 18:37:15 +0000
commit: b2cf79a9312a9785e1fcdb77f637203de75b4f46 (patch)
tree: 6a773985662a065a908ff8a1575884cd0a258c84
parent: 630111fac3e498f4089755b177349fed5f03d466 (diff)
download: openbsd-b2cf79a9312a9785e1fcdb77f637203de75b4f46.tar.gz
openbsd-b2cf79a9312a9785e1fcdb77f637203de75b4f46.tar.bz2
openbsd-b2cf79a9312a9785e1fcdb77f637203de75b4f46.zip
2 files changed, 32 insertions, 2 deletions
diff --git a/src/lib/libcrypto/x509/x509_purp.c b/src/lib/libcrypto/x509/x509_purp.c
index 3c05cc31b2..43236b2cd3 100644
--- a/src/lib/libcrypto/x509/x509_purp.c
+++ b/src/lib/libcrypto/x509/x509_purp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_purp.c,v 1.8 2021/10/21 13:51:52 tb Exp $ */
+/* $OpenBSD: x509_purp.c,v 1.9 2021/10/22 18:37:15 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2001.
 */
@@ -942,3 +942,29 @@ X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
        }
        return X509_V_OK;
 }
+uint32_t
+X509_get_key_usage(X509 *x)
+{
+        /* Call for side-effect of computing hash and caching extensions */
+        if (X509_check_purpose(x, -1, -1) != 1)
+                return 0;
+        if (x->ex_flags & EXFLAG_KUSAGE)
+                return x->ex_kusage;
+        return UINT32_MAX;
+}
+uint32_t
+X509_get_extended_key_usage(X509 *x)
+{
+        /* Call for side-effect of computing hash and caching extensions */
+        if (X509_check_purpose(x, -1, -1) != 1)
+                return 0;
+        if (x->ex_flags & EXFLAG_XKUSAGE)
+                return x->ex_xkusage;
+        return UINT32_MAX;
+}
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h
index 9467a666c5..84229a1890 100644
--- a/src/lib/libcrypto/x509/x509v3.h
+++ b/src/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509v3.h,v 1.6 2021/10/21 13:51:52 tb Exp $ */
+/* $OpenBSD: x509v3.h,v 1.7 2021/10/22 18:37:15 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -799,6 +799,10 @@ char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp);
 int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);
 void X509_PURPOSE_cleanup(void);
 int X509_PURPOSE_get_id(const X509_PURPOSE *);
+#if defined(LIBRESSL_NEW_API)
+uint32_t X509_get_key_usage(X509 *x);
+uint32_t X509_get_extended_key_usage(X509 *x);
+#endif
 STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
 STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
author	tb <>	2021-10-22 18:37:15 +0000
committer	tb <>	2021-10-22 18:37:15 +0000
commit	b2cf79a9312a9785e1fcdb77f637203de75b4f46 (patch)
tree	6a773985662a065a908ff8a1575884cd0a258c84
parent	630111fac3e498f4089755b177349fed5f03d466 (diff)
download	openbsd-b2cf79a9312a9785e1fcdb77f637203de75b4f46.tar.gz openbsd-b2cf79a9312a9785e1fcdb77f637203de75b4f46.tar.bz2 openbsd-b2cf79a9312a9785e1fcdb77f637203de75b4f46.zip

diff --git a/src/lib/libcrypto/x509/x509_purp.c b/src/lib/libcrypto/x509/x509_purp.c index 3c05cc31b2..43236b2cd3 100644 --- a/src/lib/libcrypto/x509/x509_purp.c +++ b/src/lib/libcrypto/x509/x509_purp.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_purp.c,v 1.8 2021/10/21 13:51:52 tb Exp $ */	1	/* $OpenBSD: x509_purp.c,v 1.9 2021/10/22 18:37:15 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2001.	3	* project 2001.
4	*/	4	*/
@@ -942,3 +942,29 @@ X509_check_akid(X509 issuer, AUTHORITY_KEYID akid)
942	}	942	}
943	return X509_V_OK;	943	return X509_V_OK;
944	}	944	}
		945
		946	uint32_t
		947	X509_get_key_usage(X509 *x)
		948	{
		949	/* Call for side-effect of computing hash and caching extensions */
		950	if (X509_check_purpose(x, -1, -1) != 1)
		951	return 0;
		952
		953	if (x->ex_flags & EXFLAG_KUSAGE)
		954	return x->ex_kusage;
		955
		956	return UINT32_MAX;
		957	}
		958
		959	uint32_t
		960	X509_get_extended_key_usage(X509 *x)
		961	{
		962	/* Call for side-effect of computing hash and caching extensions */
		963	if (X509_check_purpose(x, -1, -1) != 1)
		964	return 0;
		965
		966	if (x->ex_flags & EXFLAG_XKUSAGE)
		967	return x->ex_xkusage;
		968
		969	return UINT32_MAX;
		970	}


diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h index 9467a666c5..84229a1890 100644 --- a/src/lib/libcrypto/x509/x509v3.h +++ b/src/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509v3.h,v 1.6 2021/10/21 13:51:52 tb Exp $ */	1	/* $OpenBSD: x509v3.h,v 1.7 2021/10/22 18:37:15 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -799,6 +799,10 @@ char X509_PURPOSE_get0_sname(const X509_PURPOSE xp);
799	int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);	799	int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);
800	void X509_PURPOSE_cleanup(void);	800	void X509_PURPOSE_cleanup(void);
801	int X509_PURPOSE_get_id(const X509_PURPOSE *);	801	int X509_PURPOSE_get_id(const X509_PURPOSE *);
		802	#if defined(LIBRESSL_NEW_API)
		803	uint32_t X509_get_key_usage(X509 *x);
		804	uint32_t X509_get_extended_key_usage(X509 *x);
		805	#endif
802		806
803	STACK_OF(OPENSSL_STRING) X509_get1_email(X509 x);	807	STACK_OF(OPENSSL_STRING) X509_get1_email(X509 x);
804	STACK_OF(OPENSSL_STRING) X509_REQ_get1_email(X509_REQ x);	808	STACK_OF(OPENSSL_STRING) X509_REQ_get1_email(X509_REQ x);