diff options
Diffstat (limited to 'src/lib/libcrypto/ct')
| -rw-r--r-- | src/lib/libcrypto/ct/ct_x509v3.c | 70 |
1 files changed, 49 insertions, 21 deletions
diff --git a/src/lib/libcrypto/ct/ct_x509v3.c b/src/lib/libcrypto/ct/ct_x509v3.c index 82a5c2be5d..59f2975cd9 100644 --- a/src/lib/libcrypto/ct/ct_x509v3.c +++ b/src/lib/libcrypto/ct/ct_x509v3.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ct_x509v3.c,v 1.5 2021/12/18 16:34:52 tb Exp $ */ | 1 | /* $OpenBSD: ct_x509v3.c,v 1.6 2021/12/25 15:42:32 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Rob Stradling (rob@comodo.com) and Stephen Henson | 3 | * Written by Rob Stradling (rob@comodo.com) and Stephen Henson |
| 4 | * (steve@openssl.org) for the OpenSSL project 2014. | 4 | * (steve@openssl.org) for the OpenSSL project 2014. |
| @@ -131,28 +131,56 @@ ocsp_ext_d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, long len) | |||
| 131 | /* Handlers for X509v3/OCSP Certificate Transparency extensions */ | 131 | /* Handlers for X509v3/OCSP Certificate Transparency extensions */ |
| 132 | const X509V3_EXT_METHOD v3_ct_scts[3] = { | 132 | const X509V3_EXT_METHOD v3_ct_scts[3] = { |
| 133 | /* X509v3 extension in certificates that contains SCTs */ | 133 | /* X509v3 extension in certificates that contains SCTs */ |
| 134 | { NID_ct_precert_scts, 0, NULL, | 134 | [0] = { |
| 135 | NULL, (X509V3_EXT_FREE)SCT_LIST_free, | 135 | .ext_nid = NID_ct_precert_scts, |
| 136 | (X509V3_EXT_D2I)x509_ext_d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST, | 136 | .ext_flags = 0, |
| 137 | NULL, NULL, | 137 | .it = NULL, |
| 138 | NULL, NULL, | 138 | .ext_new = NULL, |
| 139 | (X509V3_EXT_I2R)i2r_SCT_LIST, NULL, | 139 | .ext_free = (X509V3_EXT_FREE)SCT_LIST_free, |
| 140 | NULL }, | 140 | .d2i = (X509V3_EXT_D2I)x509_ext_d2i_SCT_LIST, |
| 141 | .i2d = (X509V3_EXT_I2D)i2d_SCT_LIST, | ||
| 142 | .i2s = NULL, | ||
| 143 | .s2i = NULL, | ||
| 144 | .i2v = NULL, | ||
| 145 | .v2i = NULL, | ||
| 146 | .i2r = (X509V3_EXT_I2R)i2r_SCT_LIST, | ||
| 147 | .r2i = NULL, | ||
| 148 | .usr_data = NULL, | ||
| 149 | }, | ||
| 141 | 150 | ||
| 142 | /* X509v3 extension to mark a certificate as a pre-certificate */ | 151 | /* X509v3 extension to mark a certificate as a pre-certificate */ |
| 143 | { NID_ct_precert_poison, 0, &ASN1_NULL_it, | 152 | [1] = { |
| 144 | NULL, NULL, NULL, NULL, | 153 | .ext_nid = NID_ct_precert_poison, |
| 145 | i2s_poison, s2i_poison, | 154 | .ext_flags = 0, |
| 146 | NULL, NULL, | 155 | .it = &ASN1_NULL_it, |
| 147 | NULL, NULL, | 156 | .ext_new = NULL, |
| 148 | NULL }, | 157 | .ext_free = NULL, |
| 158 | .d2i = NULL, | ||
| 159 | .i2d = NULL, | ||
| 160 | .i2s = i2s_poison, | ||
| 161 | .s2i = s2i_poison, | ||
| 162 | .i2v = NULL, | ||
| 163 | .v2i = NULL, | ||
| 164 | .i2r = NULL, | ||
| 165 | .r2i = NULL, | ||
| 166 | .usr_data = NULL, | ||
| 167 | }, | ||
| 149 | 168 | ||
| 150 | /* OCSP extension that contains SCTs */ | 169 | /* OCSP extension that contains SCTs */ |
| 151 | { NID_ct_cert_scts, 0, NULL, | 170 | [2] = { |
| 152 | 0, (X509V3_EXT_FREE)SCT_LIST_free, | 171 | .ext_nid = NID_ct_cert_scts, |
| 153 | (X509V3_EXT_D2I)ocsp_ext_d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST, | 172 | .ext_flags = 0, |
| 154 | NULL, NULL, | 173 | .it = NULL, |
| 155 | NULL, NULL, | 174 | .ext_new = NULL, |
| 156 | (X509V3_EXT_I2R)i2r_SCT_LIST, NULL, | 175 | .ext_free = (X509V3_EXT_FREE)SCT_LIST_free, |
| 157 | NULL }, | 176 | .d2i = (X509V3_EXT_D2I)ocsp_ext_d2i_SCT_LIST, |
| 177 | .i2d = (X509V3_EXT_I2D)i2d_SCT_LIST, | ||
| 178 | .i2s = NULL, | ||
| 179 | .s2i = NULL, | ||
| 180 | .i2v = NULL, | ||
| 181 | .v2i = NULL, | ||
| 182 | .i2r = (X509V3_EXT_I2R)i2r_SCT_LIST, | ||
| 183 | .r2i = NULL, | ||
| 184 | .usr_data = NULL, | ||
| 185 | }, | ||
| 158 | }; | 186 | }; |