summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libcrypto/Symbols.list6
-rw-r--r--src/lib/libcrypto/Symbols.namespace6
-rw-r--r--src/lib/libcrypto/hidden/openssl/x509_vfy.h3
-rw-r--r--src/lib/libcrypto/hidden/openssl/x509v3.h7
-rw-r--r--src/lib/libcrypto/x509/x509_local.h7
-rw-r--r--src/lib/libcrypto/x509/x509_purp.c32
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c11
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.h4
-rw-r--r--src/lib/libcrypto/x509/x509v3.h11
9 files changed, 13 insertions, 74 deletions
diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index 48af5219af..01b8cae19a 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -2693,17 +2693,12 @@ X509_PUBKEY_it
2693X509_PUBKEY_new 2693X509_PUBKEY_new
2694X509_PUBKEY_set 2694X509_PUBKEY_set
2695X509_PUBKEY_set0_param 2695X509_PUBKEY_set0_param
2696X509_PURPOSE_add
2697X509_PURPOSE_cleanup
2698X509_PURPOSE_get0 2696X509_PURPOSE_get0
2699X509_PURPOSE_get0_name 2697X509_PURPOSE_get0_name
2700X509_PURPOSE_get0_sname 2698X509_PURPOSE_get0_sname
2701X509_PURPOSE_get_by_id
2702X509_PURPOSE_get_by_sname 2699X509_PURPOSE_get_by_sname
2703X509_PURPOSE_get_count 2700X509_PURPOSE_get_count
2704X509_PURPOSE_get_id 2701X509_PURPOSE_get_id
2705X509_PURPOSE_get_trust
2706X509_PURPOSE_set
2707X509_REQ_INFO_free 2702X509_REQ_INFO_free
2708X509_REQ_INFO_it 2703X509_REQ_INFO_it
2709X509_REQ_INFO_new 2704X509_REQ_INFO_new
@@ -2796,7 +2791,6 @@ X509_STORE_CTX_get_verify
2796X509_STORE_CTX_get_verify_cb 2791X509_STORE_CTX_get_verify_cb
2797X509_STORE_CTX_init 2792X509_STORE_CTX_init
2798X509_STORE_CTX_new 2793X509_STORE_CTX_new
2799X509_STORE_CTX_purpose_inherit
2800X509_STORE_CTX_set0_crls 2794X509_STORE_CTX_set0_crls
2801X509_STORE_CTX_set0_param 2795X509_STORE_CTX_set0_param
2802X509_STORE_CTX_set0_trusted_stack 2796X509_STORE_CTX_set0_trusted_stack
diff --git a/src/lib/libcrypto/Symbols.namespace b/src/lib/libcrypto/Symbols.namespace
index 4a88b26487..261d03ffb2 100644
--- a/src/lib/libcrypto/Symbols.namespace
+++ b/src/lib/libcrypto/Symbols.namespace
@@ -557,7 +557,6 @@ _libre_X509_STORE_CTX_set_chain
557_libre_X509_STORE_CTX_set0_crls 557_libre_X509_STORE_CTX_set0_crls
558_libre_X509_STORE_CTX_set_purpose 558_libre_X509_STORE_CTX_set_purpose
559_libre_X509_STORE_CTX_set_trust 559_libre_X509_STORE_CTX_set_trust
560_libre_X509_STORE_CTX_purpose_inherit
561_libre_X509_STORE_CTX_set_flags 560_libre_X509_STORE_CTX_set_flags
562_libre_X509_STORE_CTX_set_time 561_libre_X509_STORE_CTX_set_time
563_libre_X509_STORE_CTX_set0_verified_chain 562_libre_X509_STORE_CTX_set0_verified_chain
@@ -772,18 +771,13 @@ _libre_X509V3_extensions_print
772_libre_X509_check_ca 771_libre_X509_check_ca
773_libre_X509_check_purpose 772_libre_X509_check_purpose
774_libre_X509_supported_extension 773_libre_X509_supported_extension
775_libre_X509_PURPOSE_set
776_libre_X509_check_issued 774_libre_X509_check_issued
777_libre_X509_check_akid 775_libre_X509_check_akid
778_libre_X509_PURPOSE_get_count 776_libre_X509_PURPOSE_get_count
779_libre_X509_PURPOSE_get0 777_libre_X509_PURPOSE_get0
780_libre_X509_PURPOSE_get_by_sname 778_libre_X509_PURPOSE_get_by_sname
781_libre_X509_PURPOSE_get_by_id
782_libre_X509_PURPOSE_add
783_libre_X509_PURPOSE_get0_name 779_libre_X509_PURPOSE_get0_name
784_libre_X509_PURPOSE_get0_sname 780_libre_X509_PURPOSE_get0_sname
785_libre_X509_PURPOSE_get_trust
786_libre_X509_PURPOSE_cleanup
787_libre_X509_PURPOSE_get_id 781_libre_X509_PURPOSE_get_id
788_libre_X509_get_extension_flags 782_libre_X509_get_extension_flags
789_libre_X509_get_key_usage 783_libre_X509_get_key_usage
diff --git a/src/lib/libcrypto/hidden/openssl/x509_vfy.h b/src/lib/libcrypto/hidden/openssl/x509_vfy.h
index 3502492133..88d8b143df 100644
--- a/src/lib/libcrypto/hidden/openssl/x509_vfy.h
+++ b/src/lib/libcrypto/hidden/openssl/x509_vfy.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_vfy.h,v 1.7 2024/02/23 10:39:07 tb Exp $ */ 1/* $OpenBSD: x509_vfy.h,v 1.8 2024/03/02 10:40:05 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2022 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2022 Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -109,7 +109,6 @@ LCRYPTO_USED(X509_STORE_CTX_set_chain);
109LCRYPTO_USED(X509_STORE_CTX_set0_crls); 109LCRYPTO_USED(X509_STORE_CTX_set0_crls);
110LCRYPTO_USED(X509_STORE_CTX_set_purpose); 110LCRYPTO_USED(X509_STORE_CTX_set_purpose);
111LCRYPTO_USED(X509_STORE_CTX_set_trust); 111LCRYPTO_USED(X509_STORE_CTX_set_trust);
112LCRYPTO_USED(X509_STORE_CTX_purpose_inherit);
113LCRYPTO_USED(X509_STORE_CTX_set_flags); 112LCRYPTO_USED(X509_STORE_CTX_set_flags);
114LCRYPTO_USED(X509_STORE_CTX_set_time); 113LCRYPTO_USED(X509_STORE_CTX_set_time);
115LCRYPTO_USED(X509_STORE_CTX_set0_verified_chain); 114LCRYPTO_USED(X509_STORE_CTX_set0_verified_chain);
diff --git a/src/lib/libcrypto/hidden/openssl/x509v3.h b/src/lib/libcrypto/hidden/openssl/x509v3.h
index 67f6a85bc4..a833ec9f4e 100644
--- a/src/lib/libcrypto/hidden/openssl/x509v3.h
+++ b/src/lib/libcrypto/hidden/openssl/x509v3.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509v3.h,v 1.6 2024/03/02 10:35:32 tb Exp $ */ 1/* $OpenBSD: x509v3.h,v 1.7 2024/03/02 10:40:05 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2022 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2022 Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -177,18 +177,13 @@ LCRYPTO_USED(X509V3_extensions_print);
177LCRYPTO_USED(X509_check_ca); 177LCRYPTO_USED(X509_check_ca);
178LCRYPTO_USED(X509_check_purpose); 178LCRYPTO_USED(X509_check_purpose);
179LCRYPTO_USED(X509_supported_extension); 179LCRYPTO_USED(X509_supported_extension);
180LCRYPTO_USED(X509_PURPOSE_set);
181LCRYPTO_USED(X509_check_issued); 180LCRYPTO_USED(X509_check_issued);
182LCRYPTO_USED(X509_check_akid); 181LCRYPTO_USED(X509_check_akid);
183LCRYPTO_USED(X509_PURPOSE_get_count); 182LCRYPTO_USED(X509_PURPOSE_get_count);
184LCRYPTO_USED(X509_PURPOSE_get0); 183LCRYPTO_USED(X509_PURPOSE_get0);
185LCRYPTO_USED(X509_PURPOSE_get_by_sname); 184LCRYPTO_USED(X509_PURPOSE_get_by_sname);
186LCRYPTO_USED(X509_PURPOSE_get_by_id);
187LCRYPTO_USED(X509_PURPOSE_add);
188LCRYPTO_USED(X509_PURPOSE_get0_name); 185LCRYPTO_USED(X509_PURPOSE_get0_name);
189LCRYPTO_USED(X509_PURPOSE_get0_sname); 186LCRYPTO_USED(X509_PURPOSE_get0_sname);
190LCRYPTO_USED(X509_PURPOSE_get_trust);
191LCRYPTO_USED(X509_PURPOSE_cleanup);
192LCRYPTO_USED(X509_PURPOSE_get_id); 187LCRYPTO_USED(X509_PURPOSE_get_id);
193LCRYPTO_USED(X509_get_extension_flags); 188LCRYPTO_USED(X509_get_extension_flags);
194LCRYPTO_USED(X509_get_key_usage); 189LCRYPTO_USED(X509_get_key_usage);
diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h
index 4ac99da2bd..342aa226fb 100644
--- a/src/lib/libcrypto/x509/x509_local.h
+++ b/src/lib/libcrypto/x509/x509_local.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_local.h,v 1.20 2024/03/02 10:20:27 tb Exp $ */ 1/* $OpenBSD: x509_local.h,v 1.21 2024/03/02 10:40:05 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2013. 3 * project 2013.
4 */ 4 */
@@ -59,6 +59,8 @@
59#ifndef HEADER_X509_LOCAL_H 59#ifndef HEADER_X509_LOCAL_H
60#define HEADER_X509_LOCAL_H 60#define HEADER_X509_LOCAL_H
61 61
62#include <openssl/x509v3.h>
63
62__BEGIN_HIDDEN_DECLS 64__BEGIN_HIDDEN_DECLS
63 65
64#define TS_HASH_EVP EVP_sha1() 66#define TS_HASH_EVP EVP_sha1()
@@ -402,6 +404,9 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, const unsigned char *salt,
402X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, 404X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
403 int prf_nid, int keylen); 405 int prf_nid, int keylen);
404 406
407int X509_PURPOSE_get_by_id(int id);
408int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);
409
405__END_HIDDEN_DECLS 410__END_HIDDEN_DECLS
406 411
407#endif /* !HEADER_X509_LOCAL_H */ 412#endif /* !HEADER_X509_LOCAL_H */
diff --git a/src/lib/libcrypto/x509/x509_purp.c b/src/lib/libcrypto/x509/x509_purp.c
index 1735e70cae..9d4ec3220c 100644
--- a/src/lib/libcrypto/x509/x509_purp.c
+++ b/src/lib/libcrypto/x509/x509_purp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_purp.c,v 1.36 2024/02/28 16:26:08 tb Exp $ */ 1/* $OpenBSD: x509_purp.c,v 1.37 2024/03/02 10:40:05 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2001. 3 * project 2001.
4 */ 4 */
@@ -188,18 +188,6 @@ X509_check_purpose(X509 *x, int id, int ca)
188LCRYPTO_ALIAS(X509_check_purpose); 188LCRYPTO_ALIAS(X509_check_purpose);
189 189
190int 190int
191X509_PURPOSE_set(int *p, int purpose)
192{
193 if (X509_PURPOSE_get_by_id(purpose) == -1) {
194 X509V3error(X509V3_R_INVALID_PURPOSE);
195 return 0;
196 }
197 *p = purpose;
198 return 1;
199}
200LCRYPTO_ALIAS(X509_PURPOSE_set);
201
202int
203X509_PURPOSE_get_count(void) 191X509_PURPOSE_get_count(void)
204{ 192{
205 return X509_PURPOSE_COUNT; 193 return X509_PURPOSE_COUNT;
@@ -243,23 +231,6 @@ X509_PURPOSE_get_by_id(int purpose)
243 231
244 return purpose - X509_PURPOSE_MIN; 232 return purpose - X509_PURPOSE_MIN;
245} 233}
246LCRYPTO_ALIAS(X509_PURPOSE_get_by_id);
247
248int
249X509_PURPOSE_add(int id, int trust, int flags,
250 int (*ck)(const X509_PURPOSE *, const X509 *, int), const char *name,
251 const char *sname, void *arg)
252{
253 X509error(ERR_R_DISABLED);
254 return 0;
255}
256LCRYPTO_ALIAS(X509_PURPOSE_add);
257
258void
259X509_PURPOSE_cleanup(void)
260{
261}
262LCRYPTO_ALIAS(X509_PURPOSE_cleanup);
263 234
264int 235int
265X509_PURPOSE_get_id(const X509_PURPOSE *xp) 236X509_PURPOSE_get_id(const X509_PURPOSE *xp)
@@ -287,7 +258,6 @@ X509_PURPOSE_get_trust(const X509_PURPOSE *xp)
287{ 258{
288 return xp->trust; 259 return xp->trust;
289} 260}
290LCRYPTO_ALIAS(X509_PURPOSE_get_trust);
291 261
292/* 262/*
293 * List of NIDs of extensions supported by the verifier. If an extension 263 * List of NIDs of extensions supported by the verifier. If an extension
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 499db35578..5399658639 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_vfy.c,v 1.141 2024/02/28 12:21:16 tb Exp $ */ 1/* $OpenBSD: x509_vfy.c,v 1.142 2024/03/02 10:40:05 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2172,15 +2172,6 @@ LCRYPTO_ALIAS(X509_STORE_CTX_set0_crls);
2172 * aren't set then we use the default of SSL client/server. 2172 * aren't set then we use the default of SSL client/server.
2173 */ 2173 */
2174int 2174int
2175X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
2176 int purpose, int trust)
2177{
2178 X509error(ERR_R_DISABLED);
2179 return 0;
2180}
2181LCRYPTO_ALIAS(X509_STORE_CTX_purpose_inherit);
2182
2183int
2184X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose_id) 2175X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose_id)
2185{ 2176{
2186 const X509_PURPOSE *purpose; 2177 const X509_PURPOSE *purpose;
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index d7657a51f0..914a83bb00 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_vfy.h,v 1.65 2024/02/23 10:39:07 tb Exp $ */ 1/* $OpenBSD: x509_vfy.h,v 1.66 2024/03/02 10:40:05 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -404,8 +404,6 @@ void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
404void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk); 404void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk);
405int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); 405int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
406int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); 406int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
407int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
408 int purpose, int trust);
409void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags); 407void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
410void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, 408void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
411 time_t t); 409 time_t t);
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h
index 676fd62c27..118a449e82 100644
--- a/src/lib/libcrypto/x509/x509v3.h
+++ b/src/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509v3.h,v 1.26 2024/03/02 10:35:32 tb Exp $ */ 1/* $OpenBSD: x509v3.h,v 1.27 2024/03/02 10:40:05 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -719,20 +719,13 @@ int X509V3_extensions_print(BIO *out, const char *title,
719int X509_check_ca(X509 *x); 719int X509_check_ca(X509 *x);
720int X509_check_purpose(X509 *x, int id, int ca); 720int X509_check_purpose(X509 *x, int id, int ca);
721int X509_supported_extension(X509_EXTENSION *ex); 721int X509_supported_extension(X509_EXTENSION *ex);
722int X509_PURPOSE_set(int *p, int purpose);
723int X509_check_issued(X509 *issuer, X509 *subject); 722int X509_check_issued(X509 *issuer, X509 *subject);
724int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid); 723int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
725int X509_PURPOSE_get_count(void); 724int X509_PURPOSE_get_count(void);
726X509_PURPOSE * X509_PURPOSE_get0(int idx); 725X509_PURPOSE *X509_PURPOSE_get0(int idx);
727int X509_PURPOSE_get_by_sname(const char *sname); 726int X509_PURPOSE_get_by_sname(const char *sname);
728int X509_PURPOSE_get_by_id(int id);
729int X509_PURPOSE_add(int id, int trust, int flags,
730 int (*ck)(const X509_PURPOSE *, const X509 *, int),
731 const char *name, const char *sname, void *arg);
732char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp); 727char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp);
733char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp); 728char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp);
734int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);
735void X509_PURPOSE_cleanup(void);
736int X509_PURPOSE_get_id(const X509_PURPOSE *); 729int X509_PURPOSE_get_id(const X509_PURPOSE *);
737uint32_t X509_get_extension_flags(X509 *x); 730uint32_t X509_get_extension_flags(X509 *x);
738uint32_t X509_get_key_usage(X509 *x); 731uint32_t X509_get_key_usage(X509 *x);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 15:39:45 +0000