1 files changed, 0 insertions, 163 deletions
diff --git a/src/lib/libcrypto/ct/ct_policy.c b/src/lib/libcrypto/ct/ct_policy.c
deleted file mode 100644
index eb2b312019..0000000000
--- a/src/lib/libcrypto/ct/ct_policy.c
+++ /dev/null
@@ -1,163 +0,0 @@
-/*      $OpenBSD: ct_policy.c,v 1.6 2023/07/08 07:22:58 beck Exp $ */
-/*
- * Implementations of Certificate Transparency SCT policies.
- * Written by Rob Percival (robpercival@google.com) for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 2016 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-#ifdef OPENSSL_NO_CT
-# error "CT is disabled"
-#endif
-#include <openssl/ct.h>
-#include <openssl/err.h>
-#include <time.h>
-#include "ct_local.h"
-/*
- * Number of seconds in the future that an SCT timestamp can be, by default,
- * without being considered invalid. This is added to time() when setting a
- * default value for CT_POLICY_EVAL_CTX.epoch_time_in_ms.
- * It can be overridden by calling CT_POLICY_EVAL_CTX_set_time().
- */
-static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300;
-CT_POLICY_EVAL_CTX *
-CT_POLICY_EVAL_CTX_new(void)
-{
-        CT_POLICY_EVAL_CTX *ctx = calloc(1, sizeof(CT_POLICY_EVAL_CTX));
-        if (ctx == NULL) {
-                CTerror(ERR_R_MALLOC_FAILURE);
-                return NULL;
-        }
-        /* time(NULL) shouldn't ever fail, so don't bother checking for -1. */
-        ctx->epoch_time_in_ms = (uint64_t)(time(NULL) + SCT_CLOCK_DRIFT_TOLERANCE) *
-            1000;
-        return ctx;
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_new);
-void
-CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx)
-{
-        if (ctx == NULL)
-                return;
-        X509_free(ctx->cert);
-        X509_free(ctx->issuer);
-        free(ctx);
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_free);
-int
-CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert)
-{
-        if (!X509_up_ref(cert))
-                return 0;
-        ctx->cert = cert;
-        return 1;
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set1_cert);
-int
-CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer)
-{
-        if (!X509_up_ref(issuer))
-                return 0;
-        ctx->issuer = issuer;
-        return 1;
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set1_issuer);
-void
-CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
-    CTLOG_STORE *log_store)
-{
-        ctx->log_store = log_store;
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE);
-void
-CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms)
-{
-        ctx->epoch_time_in_ms = time_in_ms;
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set_time);
-X509 *
-CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx)
-{
-        return ctx->cert;
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get0_cert);
-X509 *
-CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx)
-{
-        return ctx->issuer;
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get0_issuer);
-const CTLOG_STORE *
-CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx)
-{
-        return ctx->log_store;
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get0_log_store);
-uint64_t
-CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx)
-{
-        return ctx->epoch_time_in_ms;
-}
-LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get_time);

diff --git a/src/lib/libcrypto/ct/ct_policy.c b/src/lib/libcrypto/ct/ct_policy.c deleted file mode 100644 index eb2b312019..0000000000 --- a/src/lib/libcrypto/ct/ct_policy.c +++ /dev/null
@@ -1,163 +0,0 @@
1	/* $OpenBSD: ct_policy.c,v 1.6 2023/07/08 07:22:58 beck Exp $ */
2	/*
3	* Implementations of Certificate Transparency SCT policies.
4	* Written by Rob Percival (robpercival@google.com) for the OpenSSL project.
5	*/
6	/* ====================================================================
7	* Copyright (c) 2016 The OpenSSL Project. All rights reserved.
8	*
9	* Redistribution and use in source and binary forms, with or without
10	* modification, are permitted provided that the following conditions
11	* are met:
12	*
13	* 1. Redistributions of source code must retain the above copyright
14	* notice, this list of conditions and the following disclaimer.
15	*
16	* 2. Redistributions in binary form must reproduce the above copyright
17	* notice, this list of conditions and the following disclaimer in
18	* the documentation and/or other materials provided with the
19	* distribution.
20	*
21	* 3. All advertising materials mentioning features or use of this
22	* software must display the following acknowledgment:
23	* "This product includes software developed by the OpenSSL Project
24	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25	*
26	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27	* endorse or promote products derived from this software without
28	* prior written permission. For written permission, please contact
29	* licensing@OpenSSL.org.
30	*
31	* 5. Products derived from this software may not be called "OpenSSL"
32	* nor may "OpenSSL" appear in their names without prior written
33	* permission of the OpenSSL Project.
34	*
35	* 6. Redistributions of any form whatsoever must retain the following
36	* acknowledgment:
37	* "This product includes software developed by the OpenSSL Project
38	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39	*
40	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51	* OF THE POSSIBILITY OF SUCH DAMAGE.
52	* ====================================================================
53	*/
54
55	#ifdef OPENSSL_NO_CT
56	# error "CT is disabled"
57	#endif
58
59	#include <openssl/ct.h>
60	#include <openssl/err.h>
61	#include <time.h>
62
63	#include "ct_local.h"
64
65	/*
66	* Number of seconds in the future that an SCT timestamp can be, by default,
67	* without being considered invalid. This is added to time() when setting a
68	* default value for CT_POLICY_EVAL_CTX.epoch_time_in_ms.
69	* It can be overridden by calling CT_POLICY_EVAL_CTX_set_time().
70	*/
71	static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300;
72
73	CT_POLICY_EVAL_CTX *
74	CT_POLICY_EVAL_CTX_new(void)
75	{
76	CT_POLICY_EVAL_CTX *ctx = calloc(1, sizeof(CT_POLICY_EVAL_CTX));
77
78	if (ctx == NULL) {
79	CTerror(ERR_R_MALLOC_FAILURE);
80	return NULL;
81	}
82
83	/* time(NULL) shouldn't ever fail, so don't bother checking for -1. */
84	ctx->epoch_time_in_ms = (uint64_t)(time(NULL) + SCT_CLOCK_DRIFT_TOLERANCE) *
85	1000;
86
87	return ctx;
88	}
89	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_new);
90
91	void
92	CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx)
93	{
94	if (ctx == NULL)
95	return;
96	X509_free(ctx->cert);
97	X509_free(ctx->issuer);
98	free(ctx);
99	}
100	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_free);
101
102	int
103	CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX ctx, X509 cert)
104	{
105	if (!X509_up_ref(cert))
106	return 0;
107	ctx->cert = cert;
108	return 1;
109	}
110	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set1_cert);
111
112	int
113	CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX ctx, X509 issuer)
114	{
115	if (!X509_up_ref(issuer))
116	return 0;
117	ctx->issuer = issuer;
118	return 1;
119	}
120	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set1_issuer);
121
122	void
123	CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
124	CTLOG_STORE *log_store)
125	{
126	ctx->log_store = log_store;
127	}
128	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE);
129
130	void
131	CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms)
132	{
133	ctx->epoch_time_in_ms = time_in_ms;
134	}
135	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set_time);
136
137	X509 *
138	CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx)
139	{
140	return ctx->cert;
141	}
142	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get0_cert);
143
144	X509 *
145	CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx)
146	{
147	return ctx->issuer;
148	}
149	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get0_issuer);
150
151	const CTLOG_STORE *
152	CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx)
153	{
154	return ctx->log_store;
155	}
156	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get0_log_store);
157
158	uint64_t
159	CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx)
160	{
161	return ctx->epoch_time_in_ms;
162	}
163	LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get_time);