summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_cmp.c
diff options
context:
space:
mode:
authorbeck <>2000-03-19 11:13:58 +0000
committerbeck <>2000-03-19 11:13:58 +0000
commit796d609550df3a33fc11468741c5d2f6d3df4c11 (patch)
tree6c6d539061caa20372dad0ac4ddb1dfae2fbe7fe /src/lib/libcrypto/x509/x509_cmp.c
parent5be3114c1fd7e0dfea1e38d3abb4cbba75244419 (diff)
downloadopenbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.gz
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.bz2
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.zip
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'src/lib/libcrypto/x509/x509_cmp.c')
-rw-r--r--src/lib/libcrypto/x509/x509_cmp.c23
1 files changed, 19 insertions, 4 deletions
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
index 9a93bae3ff..a8a5ca8b03 100644
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ b/src/lib/libcrypto/x509/x509_cmp.c
@@ -57,12 +57,11 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <sys/types.h>
61#include <sys/stat.h>
62#include "cryptlib.h" 60#include "cryptlib.h"
63#include <openssl/asn1.h> 61#include <openssl/asn1.h>
64#include <openssl/objects.h> 62#include <openssl/objects.h>
65#include <openssl/x509.h> 63#include <openssl/x509.h>
64#include <openssl/x509v3.h>
66 65
67int X509_issuer_and_serial_cmp(X509 *a, X509 *b) 66int X509_issuer_and_serial_cmp(X509 *a, X509 *b)
68 { 67 {
@@ -71,7 +70,7 @@ int X509_issuer_and_serial_cmp(X509 *a, X509 *b)
71 70
72 ai=a->cert_info; 71 ai=a->cert_info;
73 bi=b->cert_info; 72 bi=b->cert_info;
74 i=ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber); 73 i=M_ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber);
75 if (i) return(i); 74 if (i) return(i);
76 return(X509_NAME_cmp(ai->issuer,bi->issuer)); 75 return(X509_NAME_cmp(ai->issuer,bi->issuer));
77 } 76 }
@@ -138,6 +137,20 @@ unsigned long X509_subject_name_hash(X509 *x)
138 return(X509_NAME_hash(x->cert_info->subject)); 137 return(X509_NAME_hash(x->cert_info->subject));
139 } 138 }
140 139
140#ifndef NO_SHA
141/* Compare two certificates: they must be identical for
142 * this to work.
143 */
144int X509_cmp(X509 *a, X509 *b)
145{
146 /* ensure hash is valid */
147 X509_check_purpose(a, -1, 0);
148 X509_check_purpose(b, -1, 0);
149
150 return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
151}
152#endif
153
141int X509_NAME_cmp(X509_NAME *a, X509_NAME *b) 154int X509_NAME_cmp(X509_NAME *a, X509_NAME *b)
142 { 155 {
143 int i,j; 156 int i,j;
@@ -175,7 +188,7 @@ int X509_NAME_cmp(X509_NAME *a, X509_NAME *b)
175 188
176#ifndef NO_MD5 189#ifndef NO_MD5
177/* I now DER encode the name and hash it. Since I cache the DER encoding, 190/* I now DER encode the name and hash it. Since I cache the DER encoding,
178 * this is reasonably effiecent. */ 191 * this is reasonably efficient. */
179unsigned long X509_NAME_hash(X509_NAME *x) 192unsigned long X509_NAME_hash(X509_NAME *x)
180 { 193 {
181 unsigned long ret=0; 194 unsigned long ret=0;
@@ -209,6 +222,8 @@ X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
209 X509_CINF cinf; 222 X509_CINF cinf;
210 X509 x,*x509=NULL; 223 X509 x,*x509=NULL;
211 224
225 if(!sk) return NULL;
226
212 x.cert_info= &cinf; 227 x.cert_info= &cinf;
213 cinf.serialNumber=serial; 228 cinf.serialNumber=serial;
214 cinf.issuer=name; 229 cinf.issuer=name;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 03:29:19 +0000