diff options
author | Matt Caswell <matt@openssl.org> | 2020-04-03 16:25:18 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-04-09 14:51:48 +0100 |
commit | d4b2bfbadecd64de298d37ef6eb90a829da01a6a (patch) | |
tree | 9a4f8f90e5ace759073f977e6b1f1c9cadd88426 /include | |
parent | 76e23fc50b2dcf9b4d33824102ce5ae03f8faea3 (diff) |
Make the CT code library context aware
Add the new functions CTLOG_STORE_new_with_libctx(),
CTLOG_new_with_libctx() and CTLOG_new_from_base64_with_libctx() to pass
in the library context/property query string to use a library context
is to be used.
We also add the function CT_POLICY_EVAL_CTX_new_with_libctx() to enable
the creation of a CT_POLICY_EVAL_CTX to be associated with a libctx and
property query string.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11483)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/ct.h | 44 |
1 files changed, 40 insertions, 4 deletions
diff --git a/include/openssl/ct.h b/include/openssl/ct.h index b7c211d920..489f1ad472 100644 --- a/include/openssl/ct.h +++ b/include/openssl/ct.h @@ -69,10 +69,18 @@ DEFINE_STACK_OF(CTLOG) ******************************************/ /* - * Creates a new, empty policy evaluation context. + * Creates a new, empty policy evaluation context associated with the given + * library context and property query string. * The caller is responsible for calling CT_POLICY_EVAL_CTX_free when finished * with the CT_POLICY_EVAL_CTX. */ +CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx, + const char *propq); + +/* + * The same as CT_POLICY_EVAL_CTX_new_with_libctx() but the default library + * context and property query string is used. + */ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void); /* Deletes a policy evaluation context and anything it owns. */ @@ -409,19 +417,39 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len); ********************/ /* - * Creates a new CT log instance with the given |public_key| and |name|. + * Creates a new CT log instance with the given |public_key| and |name| and + * associates it with the give library context |libctx| and property query + * string |propq|. * Takes ownership of |public_key| but copies |name|. * Returns NULL if malloc fails or if |public_key| cannot be converted to DER. * Should be deleted by the caller using CTLOG_free when no longer needed. */ +CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name, + OPENSSL_CTX *libctx, const char *propq); + +/* + * The same as CTLOG_new_with_libctx except that the default library context and + * property query string are used. + */ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name); /* * Creates a new CTLOG instance with the base64-encoded SubjectPublicKeyInfo DER - * in |pkey_base64|. The |name| is a string to help users identify this log. + * in |pkey_base64| and associated with the given library context |libctx| and + * property query string |propq|. The |name| is a string to help users identify + * this log. * Returns 1 on success, 0 on failure. * Should be deleted by the caller using CTLOG_free when no longer needed. */ +int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64, + const char *name, OPENSSL_CTX *libctx, + const char *propq); + +/* + * The same as CTLOG_new_from_base64_with_libctx() except that the default + * library context and property query string are used. + * Returns 1 on success, 0 on failure. + */ int CTLOG_new_from_base64(CTLOG ** ct_log, const char *pkey_base64, const char *name); @@ -443,7 +471,15 @@ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log); **************************/ /* - * Creates a new CT log store. + * Creates a new CT log store and associates it with the given libctx and + * property query string. + * Should be deleted by the caller using CTLOG_STORE_free when no longer needed. + */ +CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, const char *propq); + +/* + * Same as CTLOG_STORE_new_with_libctx except that the default libctx and + * property query string are used. * Should be deleted by the caller using CTLOG_STORE_free when no longer needed. */ CTLOG_STORE *CTLOG_STORE_new(void); |