summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_asid.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Unify X.509v3 extension methodstb2024-07-131-2/+8
| | | | | | | | | | | | Use C99 initializers for all structs (some were forgotten). Make all the structs static, call them x509v3_ext_* matching NID_*. Add accessors called x509v3_ext_method_* and use these to implement X509V3_EXT_get_nid(). This adds consistency and avoids a few contortions like grouping a few extensions in arrays to save a couple externs. ok beck jsing
* Hide global _it variables in x509v3.hbeck2024-07-081-1/+5
| | | | ok tb@
* x509_asid: NULL out min/max on extract_min_max() failuretb2024-02-201-1/+3
| | | | requested by/ok jsing
* x509_asid: fix some KNF botchestb2024-02-191-37/+19
| | | | | | | | When this file was brought into KNF, a few things became particularly ugly. This makes {a,b}{,_{min,max}} have function scope in canonize/is_canonical, which removes unfortunate line wraps and some other silliness. ok job
* Fix a few bugs in X509v3_asid_add*()tb2023-11-111-38/+96
| | | | | | | | | | | | | | | | | | | | | | | | | These 'builder' functions, usually used together, can result in corrupt ASIdentifiers on failure. In general, no caller should ever try to recover from OpenSSL API failure. There are simply too many traps. We can still make an effort to leave the objects in unmodified state on failure. This is tricky because ownership transfer happens. Unfortunately a really clean version of this seems impossible, maybe a future iteration will bring improvements... The nasty bit here is that the caller of X509v3_asid_add_id_or_range() can't know from the return value whether ownership of min and max was transferred or not. An inspection of (*choice)->u.range is required. If a caller frees min and max after sk_ASIdOrRange_push() failed, there is a double free. All these complications could have been avoided if the API interface had simply used uint32_t instead of ASN1_INTEGERs. The entire RFC 3779 API was clearly written without proper review. I don't know if there ever was an actual consumer before rpki-client. If it existed, nobody with the requisite skill set looked at it in depth. ok beck for the general direction with a lot of input and ok jsing
* remove duplicate includesjsg2023-04-191-2/+1
| | | | ok tb@
* libressl *_namespace.h: adjust *_ALIAS() to require a semicolontb2023-02-161-25/+25
| | | | | | | | | | LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon. This does not conform to style(9), breaks editors and ctags and (most importantly) my workflow. Fix this by neutering them with asm("") so that -Wpedantic doesn't complain. There's precedent in libc's namespace.h fix suggested by & ok jsing
* Make internal header file names consistenttb2022-11-261-2/+2
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Hide public symbols in libcrypto/x509 .c filesbeck2022-11-141-1/+25
| | | | ok tb@
* Fix comment styletb2022-11-131-3/+3
|
* Untangle two logic chains in x509_asid.c into something more readable.tb2022-07-301-9/+22
| | | | ok jsing
* Small readability tweak suggested by jsingtb2022-05-121-1/+3
|
* Rewrite and fix X509v3_asid_subset()tb2022-05-121-12/+30
| | | | | | | | | | | | X509v3_asid_subset() assumes that both asnum and rdi are present while they are both marked OPTIONAL in RFC 3779, 3.2.3. It will crash if either one is missing. In RPKI land RDI is a MUST NOT use (e.g, RFC 6487, 4.8.11), so this API is currently useless (and seemingly unused). Pick apart an ugly logical pipeline and implement this check in a readable fashion. ok jsing
* Clarify comments at the start of {asid,addr}_validate_path_internal()tb2022-04-211-4/+4
| | | | Requested by jsing
* Avoid expensive RFC 3779 checks during cert verificationtb2022-04-211-5/+7
| | | | | | | | | | | | | | | X509v3_{addr,asid}_is_canonical() check that the ipAddrBlocks and autonomousSysIds extension conform to RFC 3779. These checks are not cheap. Certs containing non-conformant extensions should not be considered valid, so mark them with EXFLAG_INVALID while caching the extension information in x509v3_cache_extensions(). This way the expensive check while walking the chains during X509_verify_cert() is replaced with a cheap check of the extension flags. This avoids a lot of superfluous work when validating numerous certs with similar chains against the same roots as is done in rpki-client. Issue noticed and fix suggested by claudio ok claudio inoguchi jsing
* No need for assert.h in here.tb2021-12-251-2/+1
|
* Use C99 initializers for v3_addr, v3_asid and v3_ct_scts[]tb2021-12-251-12/+15
| | | | | | as is done for most other X.509 v3 extension methods. discussed with jsing
* KNF nittb2021-12-241-2/+2
|
* Remove asserts from asid_validate_path_internal()tb2021-12-241-11/+22
| | | | | | | | | | | The first asserts ensure that things checked in the callers hold true. Turn them into error checks and set the error on the X509_STORE_CTX if it's present. Checking sk_value(..., i) with i < sk_num(...) isn't useful, particularly if that check is done via an assert. Turn one remaining assert into a NULL check. Finally, simplify the sk_num() checks in the callers. ok jsing
* Turn asserts in ASIdentifierChoice_canonize() into error checkstb2021-12-241-3/+5
| | | | | | | | | The first assert ensures that a stack that was just sorted in a stronger sense is sorted in a weak sense and the second assert ensures that the result of the canonization procedure is canonical. All callers check for error, so these asserts don't do anything useful. ok jsing
* Remove assert from extract_min_max() (again)tb2021-12-241-3/+1
| | | | | | All callers ensure that aor != NULL, so this isn't necessary. ok jsing
* Revert previous. The commit contained more than intended.tb2021-12-241-25/+14
|
* Turn asserts in ASIdentifierChoice_canonize() into error checkstb2021-12-241-12/+25
| | | | | | | | | The first assert ensure that a stack that was just sorted in a stronger sense is sorted in a weak sense and the second assert ensures that the result of the canonization procedure is canonical. All callers check for error, so these asserts don't do anything useful. ok jsing
* Remove assert from extract_min_max()tb2021-12-241-3/+1
| | | | | | All callers ensure that aor != NULL, so this isn't necessary. ok jsing
* Fix indent of a comment.tb2021-12-241-2/+2
|
* Reinstate the licenses that were replaced with a license stubtb2021-12-181-6/+54
| | | | in OpenSSL commit d2e9e320.
* Move the now internal X.509-related structs into x509_lcl.h.tb2021-11-011-1/+3
| | | | | | | | Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds. ok jsing
* Add missing RCS markerstb2021-10-251-0/+1
|
* Zap two unused includesjca2021-10-251-2/+0
| | | | Spotted by egcc. ok tb@
* Fix indentation of comments and labelsjob2021-09-081-85/+85
| | | | OK tb@
* Replace (&(x)) pattern with &xjob2021-09-071-16/+16
| | | | | | No functional changes. OK tb@
* KNFjob2021-09-071-575/+607
| | | | OK tb@ jsing@ beck@
* Unroll ASN1_ITEM_ref()job2021-09-021-1/+1
| | | | OK @tb
* Change OPENSSL_strdup() to strdup()job2021-09-021-1/+1
| | | | OK tb@
* Change OPENSSL_malloc to calloc()job2021-09-021-1/+2
| | | | OK tb@
* Add err.h for X509error() and friendsjob2021-09-021-0/+1
| | | | OK tb@
* Fix OPENSSL_assert() and assert()job2021-09-021-26/+13
| | | | OK tb@
* Fix header file includesjob2021-09-021-5/+6
| | | | OK tb@
* Move the error put functions from X509V3err() to X509V3error()job2021-09-021-29/+17
| | | | OK tb@
* Unroll ASN1_SEQUENCE() ASN1_CHOICE() ASN1_ITEM_TEMPLATE()job2021-09-021-22/+106
| | | | OK jsing@
* OPENSSL_assert() is not appropriate in this contextjob2021-09-021-2/+3
| | | | | | Feedback from tb@ OK tb@
* Replace ossl_assert()/assert() with OPENSSL_assert()job2021-09-021-10/+10
| | | | OK tb@
* Replace OPENSSL_free() with free()job2021-09-021-4/+4
| | | | OK tb@
* Unroll IMPLEMENT_ASN1_FUNCTIONS()job2021-09-021-4/+98
| | | | OK jsing@
* Lay groundwork to support X.509 v3 extensions for IP Addresses and AS ↵job2021-09-021-0/+894
Identifiers These extensions are defined in RFC 3779 and used in the RPKI (RFC 6482, RFC 8360). Imported from OpenSSL 1.1.1j (aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf) This changeset is a no-op, as there are 10+ issues and at least 2 security issues. Work will continue in-tree. OK tb@, discussed with beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 22:51:00 +0000