diff options
| author | Rob Percival <robpercival@google.com> | 2016-08-23 12:52:43 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-08-23 20:12:25 +0100 |
| commit | cdb2a60347f988037d29adc7e4415e9c66c8a5a5 (patch) | |
| tree | ce213a2202bbbbe21c33014db2d1ecef97c7a71a /crypto/ct | |
| parent | 5579eab9efd2c8e2f21340f9b9fe20ee89f25857 (diff) | |
Internalizes SCT_verify and removes SCT_verify_v1
SCT_verify is impossible to call through the public API (SCT_CTX_new() is
not part of the public API), so rename it to SCT_CTX_verify and move it
out of the public API.
SCT_verify_v1 is redundant, since SCT_validate does the same verification
(by calling SCT_verify) and more. The API is less confusing with a single
verification function (SCT_validate).
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'crypto/ct')
| -rw-r--r-- | crypto/ct/ct_err.c | 3 | ||||
| -rw-r--r-- | crypto/ct/ct_locl.h | 7 | ||||
| -rw-r--r-- | crypto/ct/ct_sct.c | 2 | ||||
| -rw-r--r-- | crypto/ct/ct_vfy.c | 46 |
4 files changed, 14 insertions, 44 deletions
diff --git a/crypto/ct/ct_err.c b/crypto/ct/ct_err.c index 4349eb45e7..df232dc488 100644 --- a/crypto/ct/ct_err.c +++ b/crypto/ct/ct_err.c @@ -45,8 +45,7 @@ static ERR_STRING_DATA CT_str_functs[] = { {ERR_FUNC(CT_F_SCT_SET_LOG_ENTRY_TYPE), "SCT_set_log_entry_type"}, {ERR_FUNC(CT_F_SCT_SET_SIGNATURE_NID), "SCT_set_signature_nid"}, {ERR_FUNC(CT_F_SCT_SET_VERSION), "SCT_set_version"}, - {ERR_FUNC(CT_F_SCT_VERIFY), "SCT_verify"}, - {ERR_FUNC(CT_F_SCT_VERIFY_V1), "SCT_verify_v1"}, + {ERR_FUNC(CT_F_SCT_CTX_VERIFY), "SCT_CTX_verify"}, {0, NULL} }; diff --git a/crypto/ct/ct_locl.h b/crypto/ct/ct_locl.h index 1180455e1a..6b2fa3ef0c 100644 --- a/crypto/ct/ct_locl.h +++ b/crypto/ct/ct_locl.h @@ -151,6 +151,13 @@ __owur int SCT_CTX_set1_issuer_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey); __owur int SCT_CTX_set1_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey); /* + * Verifies an SCT with the given context. + * Returns 1 if the SCT verifies successfully; any other value indicates + * failure. See EVP_DigestVerifyFinal() for the meaning of those values. + */ +__owur int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct); + +/* * Does this SCT have the minimum fields populated to be usable? * Returns 1 if so, 0 otherwise. */ diff --git a/crypto/ct/ct_sct.c b/crypto/ct/ct_sct.c index 08676805bd..65a20c669b 100644 --- a/crypto/ct/ct_sct.c +++ b/crypto/ct/ct_sct.c @@ -349,7 +349,7 @@ int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx) if (SCT_CTX_set1_cert(sctx, ctx->cert, NULL) != 1) sct->validation_status = SCT_VALIDATION_STATUS_UNVERIFIED; else - sct->validation_status = SCT_verify(sctx, sct) == 1 ? + sct->validation_status = SCT_CTX_verify(sctx, sct) == 1 ? SCT_VALIDATION_STATUS_VALID : SCT_VALIDATION_STATUS_INVALID; end: diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c index 8305ce678e..724f65579b 100644 --- a/crypto/ct/ct_vfy.c +++ b/crypto/ct/ct_vfy.c @@ -93,7 +93,7 @@ static int sct_ctx_update(EVP_MD_CTX *ctx, const SCT_CTX *sctx, const SCT *sct) return 1; } -int SCT_verify(const SCT_CTX *sctx, const SCT *sct) +int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct) { EVP_MD_CTX *ctx = NULL; int ret = 0; @@ -101,16 +101,16 @@ int SCT_verify(const SCT_CTX *sctx, const SCT *sct) if (!SCT_is_complete(sct) || sctx->pkey == NULL || sct->entry_type == CT_LOG_ENTRY_TYPE_NOT_SET || (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && sctx->ihash == NULL)) { - CTerr(CT_F_SCT_VERIFY, CT_R_SCT_NOT_SET); + CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_NOT_SET); return 0; } if (sct->version != SCT_VERSION_V1) { - CTerr(CT_F_SCT_VERIFY, CT_R_SCT_UNSUPPORTED_VERSION); + CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_UNSUPPORTED_VERSION); return 0; } if (sct->log_id_len != sctx->pkeyhashlen || memcmp(sct->log_id, sctx->pkeyhash, sctx->pkeyhashlen) != 0) { - CTerr(CT_F_SCT_VERIFY, CT_R_SCT_LOG_ID_MISMATCH); + CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_LOG_ID_MISMATCH); return 0; } @@ -128,45 +128,9 @@ int SCT_verify(const SCT_CTX *sctx, const SCT *sct) ret = EVP_DigestVerifyFinal(ctx, sct->sig, sct->sig_len); /* If ret < 0 some other error: fall through without setting error */ if (ret == 0) - CTerr(CT_F_SCT_VERIFY, CT_R_SCT_INVALID_SIGNATURE); + CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_INVALID_SIGNATURE); end: EVP_MD_CTX_free(ctx); return ret; } - -int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer, - X509_PUBKEY *log_pubkey, X509 *issuer_cert) -{ - int ret = 0; - SCT_CTX *sctx = NULL; - - if (!SCT_is_complete(sct)) { - CTerr(CT_F_SCT_VERIFY_V1, CT_R_SCT_NOT_SET); - return 0; - } - - if (sct->version != 0) { - CTerr(CT_F_SCT_VERIFY_V1, CT_R_SCT_UNSUPPORTED_VERSION); - return 0; - } - - sctx = SCT_CTX_new(); - if (sctx == NULL) - goto done; - - if (!SCT_CTX_set1_pubkey(sctx, log_pubkey)) - goto done; - - if (!SCT_CTX_set1_cert(sctx, cert, preissuer)) - goto done; - - if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && - !SCT_CTX_set1_issuer(sctx, issuer_cert)) - goto done; - - ret = SCT_verify(sctx, sct); -done: - SCT_CTX_free(sctx); - return ret; -} |