summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* x509_v3.c: zap another pointless local variabletb2024-05-231-7/+2
|
* x509_v3.c: add a few empty linestb2024-05-231-1/+9
|
* X509v3_get_ext_by_NID: make obj const, test & assigntb2024-05-231-4/+4
|
* x509_v3.c: remove a pointless local variabletb2024-05-231-5/+3
|
* x509_v3.c: mechanically replace ex with ext and new_ex with new_exttb2024-05-231-42/+42
|
* remove prototypes with no matching functionjsg2024-05-191-2/+1
| | | | feedback and ok tb@
* x509_v3.c: remove superfluous parenthesestb2024-05-161-39/+39
| | | | No change in the generated assembly
* X509_check_akid: zap stray spacetb2024-05-151-2/+2
|
* x509_ext.c: remove unnecessary includestb2024-05-141-5/+1
|
* x509_ext.c: remove lots of extraneous parenthesestb2024-05-141-23/+23
| | | | No change in the generated assembly
* Move X509V3_add_standard_extensions out of the waytb2024-05-111-8/+8
| | | | | | This function is only used by OpenLDAP and it's been a noop since forever. It has no business to be squeezed in between a number of other, quite unrelated functions. It's distracting.
* Make two NULL checks more explicittb2024-05-111-3/+3
|
* Unwrap a linetb2024-05-111-3/+2
|
* Tiny style tweaks in X509_REQ_add_extension_nid()tb2024-05-091-6/+5
| | | | | | Test & assign and use ret instead of rv. ok jsing
* Streamline X509_REQ_check_private_key() a bittb2024-05-091-16/+17
| | | | | | | Use better variable names, split the success from the error path and return directly rather than using an ok variable. ok jsing
* Zap some extra parentheses in X509_REQ_get_pubkey()tb2024-05-091-4/+4
| | | | ok jsing
* Clean up X509_to_X509_REQ()tb2024-05-091-21/+18
| | | | | | | | | | Use better variable names. X509_REQ_new() sets the version to the only specified version, so there is no point to set it. Extract the subject name, then assign to make it more obvious that we error happens if the cert has a missing subject. Switch to X509_get0_pubkey() to avoid some strange dance with a strangely named variable to adjust the refcount. ok jsing
* Further simplify X509_REQ_get_extensions()tb2024-05-091-6/+4
| | | | | | | Instead of inlining a poor version of ASN1_TYPE_unpack_sequence() with missing error checks, just call the real thing. It's safer and simpler. ok jsing
* Simplify X509_REQ_get_extensions()tb2024-05-081-22/+13
| | | | | | | | | | | | | Now that we know the two OIDs we need to look for when checking for the extension list attribute in a certification request, we can simplify this quite a bit. There is one change of behavior. Attribute value sets are not supposed to be empty and it makes no sense to return an empty stack of extensions in that case, return NULL instead, matching BoringSSL. This removes last use of ext_nids and ext_nid_list[], so these two bits of unprotected global mutable state can now join the party in the attic. ok jsing
* Simplify X509_REQ_extension_nid()tb2024-05-081-11/+3
| | | | | | | | | | | | | Now that the global ext_nids[] array can no longer be modified by the application, we can simplify this by returning the two possible NIDs that we accept in the extension list attribute in PKCS#10 certification requests. The year is 2024. This API is entirely unused by the ecosystem. Well not entirely! One small village of indomitable rare API use still holds out against the cleansers. You may have guessed it: security/xca. ok jsing
* Defang X509_REQ_{s,g}et_extension_nids()tb2024-05-081-15/+20
| | | | | | | | | These fiddle with unprotected global state, so aren't thread safe and of course there was no good reason to have this API in the first place. Nothing uses it, so it becomes a noop and will be removed in the next major bump. ok jsing
* Add a comment on abuse of EXFLAG_INVALIDtb2024-04-091-1/+8
| | | | | | | We added things we probably shouldn't have, and so did BoringSSL and OpenSSL. Terrible API is terrible. discussed with jsing
* Remove notBefore and notAfter cacheing.beck2024-04-084-63/+16
| | | | | | | | | | | | | | | | | | | | | | This cache was added because our time conversion used timegm() and gmtime() which aren't very cheap. These calls were noticably expensive when profiling things like rpki-client which do many X.509 validations. Now that we convert times using julien seconds from the unix epoch, BoringSSL style, instead of a julien days from a Byzantine date, we no longer use timegm() and gmtime(). Since the julien seconds calculaitons are cheap for conversion, we don't need to bother caching this, it doesn't have a noticable performance impact. While we are at this correct a bug where x509_verify_asn1_time_to_time_t was not NULL safe. Tested for performance regressions by tb@ and job@ ok tb@ job@
* Make X509_VERIFY_PARAM_set1_policies() less badtb2024-03-291-22/+34
| | | | | | | | | | | If any OBJ_dup() fails along the way, a partially copied policy stack would remain on the params object. This makes no sense. Implement and use an sk_ASN1_OBJECT_deep_copy(), that copies the full stack or else returns NULL. Remove unnecessary NULL check and streamline some other logic. ok jsing
* Clean up X509_VERIFY_PARAM_add0_policy()tb2024-03-291-6/+5
| | | | | | Streamline some checks and use more idiomatic sk_push() error check ok jsing
* Fix indenttb2024-03-291-2/+2
|
* Unify *_up_ref() implementationstb2024-03-271-3/+2
| | | | | | No need for an inconsistently named local variable and a ternary operator. ok jsing
* Remove superfluous parentheses in X509_REQ setterstb2024-03-261-10/+10
| | | | No change in generated assembly
* Cosmetics, mostly removal of silly parenthesestb2024-03-261-21/+19
| | | | No change in generated assembly
* Drop superfluous parentheses in X509_set_version()tb2024-03-261-5/+5
|
* Tweak versions comment for CRLstb2024-03-261-1/+2
|
* piuid and psuid have annoyed me for long enoughtb2024-03-261-7/+7
|
* x509 trust: remove unneeded headerstb2024-03-261-3/+1
|
* Reject setting invalid versions for certs, CRLs and CSRstb2024-03-263-3/+18
| | | | | | | | | | | | The toolkit aspect bites again. Lots of invalid CRLs and CSRs are produced because people neither read the RFCs nor does the toolkit check anything it is fed. Reviewers apparently also aren't capable of remembering that they have three copy-pasted versions of the same API and that adding a version check to one of the might suggest adding one for the other two. This requires ruby-openssl 20240326p0 to pass ok beck job jsing
* PKCS5_pbe2_set_iv() can be local to p5_pbev2tb2024-03-261-3/+1
| | | | quoth the muppet "yes I know this is horrible!"
* Revert r1.13 since it currently breaks openssl-ruby regress tests.jsing2024-03-251-2/+2
| | | | ok tb@
* Error on setting an invalid CSR versionjob2024-03-251-2/+2
| | | | | | Reported by David Benjamin (BoringSSL) OK tb@
* Final tweaks in x509_trs.c for nowtb2024-03-251-10/+11
| | | | looked over by jsing
* Kill X509_TRUSTtb2024-03-251-79/+31
| | | | | | | | After peeling off enough layers, the entire wacky abstraction turns out to be nothing but dispatching from a trust_id to a trust handler and passing the appropriate nid and the cert. ok beck jsing
* Clean up EVP_MD_CTX_{legacy_clear,cleanup}() usage in x509/x509_cmp.cjoshua2024-03-251-21/+25
| | | | ok tb@
* Add back trust member of X509_TRUST that I accidentally deletedtb2024-03-251-1/+2
|
* Const correct the trust handlerstb2024-03-251-8/+7
| | | | | | | The certificates no longer need to be modified since we cache the extensions up front. ok beck
* Pass the nid instead of the entire trust structuretb2024-03-251-10/+10
| | | | | | | This code is so ridiculously overengineered that it is an achievement even by early OpenSSL standards. ok beck
* Pull extension caching into X509_check_trust()tb2024-03-251-2/+7
| | | | | | This way the trust handlers can stop modifying the certificates. ok beck
* Remove unnecessary stat() calls from by_dirbeck2024-03-251-14/+15
| | | | | | | | | | | | | | | | | | | | | When searching for a CA or CRL file in by_dir, this stat() was used to short circuit attempting to open the file with X509_load_cert_file(). This was a deliberate TOCTOU introduced to avoid setting an error on the error stack, when what you really want to say is "we couldn't find a CA" and continue merrily on your way. As it so happens you really do not care why the load_file failed in any of these cases, it all boils down to "I can't find the CA or CRL". Instead we just omit the stat call, and clear the error stack if the load_file fails. The fact that you don't have a CA or CRL is caught later in the callers and is what you want, mimicing the non by_dir behaviour instead of possibly some bizzaro file system error. Based on a similar change in Boring. ok tb@
* Rename ax into auxtb2024-03-241-8/+7
|
* Drop redundant NULL checks around two for loopstb2024-03-241-15/+14
| | | | ok beck
* Rename arg1 to nid because that's what it istb2024-03-241-11/+11
| | | | | "Yeah, arg1 is always such an imaginative name" ian ok beck
* Drop the unused 'name' member from X509_TRUSTtb2024-03-241-10/+1
| | | | | | | This used to be exposed via an accessor, but this accessor is no longer part of the library, so nuke it. ok beck
* Remove unused flags and arg2 members from X509_TRUSTtb2024-03-231-3/+1
| | | | ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 20:04:01 +0000