diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2019-12-13 20:07:08 +0100 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-02-17 07:43:58 +0100 |
| commit | 235595c402bd7815f07f1f3f3babe9fcc247a206 (patch) | |
| tree | b4fd2cf01de36a6988d1eceadf8f51e6238b5a1c /crypto/crmf | |
| parent | ebf3006917e0e968af4a5d5c2c6379c5b866f801 (diff) | |
| download | openssl-new-235595c402bd7815f07f1f3f3babe9fcc247a206.tar.gz | |
fix various formatting nits in CMP contribution chunks 1-6 found by the new util/check-format.pl
in addition:
correct wording in doc, comments, and parameter names: self-signed -> self-issued where appropriate
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/10620)
Diffstat (limited to 'crypto/crmf')
| -rw-r--r-- | crypto/crmf/crmf_asn.c | 18 | ||||
| -rw-r--r-- | crypto/crmf/crmf_lib.c | 30 | ||||
| -rw-r--r-- | crypto/crmf/crmf_local.h | 32 | ||||
| -rw-r--r-- | crypto/crmf/crmf_pbm.c | 2 |
4 files changed, 42 insertions, 40 deletions
diff --git a/crypto/crmf/crmf_asn.c b/crypto/crmf/crmf_asn.c index 8b6657f969..bd375c6f85 100644 --- a/crypto/crmf/crmf_asn.c +++ b/crypto/crmf/crmf_asn.c @@ -141,8 +141,8 @@ ASN1_CHOICE(OSSL_CRMF_POPO) = { IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPO) -ASN1_ADB_TEMPLATE(attributetypeandvalue_default) = ASN1_OPT( - OSSL_CRMF_ATTRIBUTETYPEANDVALUE, value.other, ASN1_ANY); +ASN1_ADB_TEMPLATE(attributetypeandvalue_default) = + ASN1_OPT(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, value.other, ASN1_ANY); ASN1_ADB(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) = { ADB_ENTRY(NID_id_regCtrl_regToken, ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, @@ -187,7 +187,7 @@ IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY) ASN1_SEQUENCE(OSSL_CRMF_CERTTEMPLATE) = { - ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, version, ASN1_INTEGER, 0), + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, version, ASN1_INTEGER, 0), /* * serialNumber MUST be omitted. This field is assigned by the CA * during certificate creation. @@ -197,16 +197,16 @@ ASN1_SEQUENCE(OSSL_CRMF_CERTTEMPLATE) = { * signingAlg MUST be omitted. This field is assigned by the CA * during certificate creation. */ - ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, signingAlg, X509_ALGOR, 2), - ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, issuer, X509_NAME, 3), + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, signingAlg, X509_ALGOR, 2), + ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, issuer, X509_NAME, 3), ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, validity, OSSL_CRMF_OPTIONALVALIDITY, 4), - ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, subject, X509_NAME, 5), - ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, publicKey, X509_PUBKEY, 6), + ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, subject, X509_NAME, 5), + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, publicKey, X509_PUBKEY, 6), /* issuerUID is deprecated in version 2 */ - ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, issuerUID, ASN1_BIT_STRING, 7), + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, issuerUID, ASN1_BIT_STRING, 7), /* subjectUID is deprecated in version 2 */ - ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, subjectUID, ASN1_BIT_STRING, 8), + ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, subjectUID, ASN1_BIT_STRING, 8), ASN1_IMP_SEQUENCE_OF_OPT(OSSL_CRMF_CERTTEMPLATE, extensions, X509_EXTENSION, 9), } ASN1_SEQUENCE_END(OSSL_CRMF_CERTTEMPLATE) diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c index 64dbf80978..4d81569299 100644 --- a/crypto/crmf/crmf_lib.c +++ b/crypto/crmf/crmf_lib.c @@ -47,7 +47,7 @@ int OSSL_CRMF_MSG_set1_##ctrlinf##_##atyp(OSSL_CRMF_MSG *msg, \ { \ OSSL_CRMF_ATTRIBUTETYPEANDVALUE *atav = NULL; \ \ - if (msg == NULL || in == NULL) \ + if (msg == NULL || in == NULL) \ goto err; \ if ((atav = OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new()) == NULL) \ goto err; \ @@ -122,9 +122,9 @@ int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, return 1; } -int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo( - OSSL_CRMF_PKIPUBLICATIONINFO *pi, - OSSL_CRMF_SINGLEPUBINFO *spi) +int +OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi, + OSSL_CRMF_SINGLEPUBINFO *spi) { if (pi == NULL || spi == NULL) { CRMFerr(CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO, @@ -139,8 +139,8 @@ int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo( return sk_OSSL_CRMF_SINGLEPUBINFO_push(pi->pubInfos, spi); } -int OSSL_CRMF_MSG_set_PKIPublicationInfo_action( - OSSL_CRMF_PKIPUBLICATIONINFO *pi, int action) +int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi, + int action) { if (pi == NULL || action < OSSL_CRMF_PUB_ACTION_DONTPUBLISH @@ -457,7 +457,7 @@ int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey, { OSSL_CRMF_POPOSIGNINGKEY *ps = OSSL_CRMF_POPOSIGNINGKEY_new(); if (ps == NULL - || !CRMF_poposigningkey_init(ps, crm->certReq, pkey, dgst)){ + || !CRMF_poposigningkey_init(ps, crm->certReq, pkey, dgst)) { OSSL_CRMF_POPOSIGNINGKEY_free(ps); goto err; } @@ -542,21 +542,23 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, * the public key from the certificate template. This MUST be * exactly the same value as contained in the certificate template. */ + const ASN1_ITEM *rptr = ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT); + if (pubkey == NULL || sig->poposkInput->publicKey == NULL || X509_PUBKEY_cmp(pubkey, sig->poposkInput->publicKey) - || ASN1_item_verify( - ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT), - sig->algorithmIdentifier, sig->signature, - sig->poposkInput, X509_PUBKEY_get0(pubkey)) < 1) + || ASN1_item_verify(rptr, sig->algorithmIdentifier, + sig->signature, sig->poposkInput, + X509_PUBKEY_get0(pubkey)) < 1) break; } else { if (pubkey == NULL || req->certReq->certTemplate->subject == NULL || ASN1_item_verify(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST), - sig->algorithmIdentifier, sig->signature, - req->certReq, - X509_PUBKEY_get0(pubkey)) < 1) + sig->algorithmIdentifier, + sig->signature, + req->certReq, + X509_PUBKEY_get0(pubkey)) < 1) break; } return 1; diff --git a/crypto/crmf/crmf_local.h b/crypto/crmf/crmf_local.h index 06b32b5378..3f3f75cf2f 100644 --- a/crypto/crmf/crmf_local.h +++ b/crypto/crmf/crmf_local.h @@ -185,9 +185,9 @@ DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKMACVALUE) typedef struct ossl_crmf_popoprivkey_st { int type; union { - ASN1_BIT_STRING *thisMessage; /* 0 */ /* Deprecated */ + ASN1_BIT_STRING *thisMessage; /* 0 */ /* Deprecated */ ASN1_INTEGER *subsequentMessage; /* 1 */ - ASN1_BIT_STRING *dhMAC; /* 2 */ /* Deprecated */ + ASN1_BIT_STRING *dhMAC; /* 2 */ /* Deprecated */ OSSL_CRMF_PKMACVALUE *agreeMAC; /* 3 */ /* * TODO: This is not ASN1_NULL but CMS_ENVELOPEDDATA which should be @@ -310,20 +310,20 @@ DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY) * } */ struct ossl_crmf_certtemplate_st { - ASN1_INTEGER *version; /* 0 */ - ASN1_INTEGER *serialNumber; /* 1 */ /* serialNumber MUST be omitted */ - /* This field is assigned by the CA during certificate creation */ - X509_ALGOR *signingAlg; /* 2 */ /* signingAlg MUST be omitted */ - /* This field is assigned by the CA during certificate creation */ - X509_NAME *issuer; /* 3 */ - OSSL_CRMF_OPTIONALVALIDITY *validity; /* 4 */ - X509_NAME *subject; /* 5 */ - X509_PUBKEY *publicKey; /* 6 */ - ASN1_BIT_STRING *issuerUID; /* 7 */ /* deprecated in version 2 */ - /* According to rfc 3280: UniqueIdentifier ::= BIT STRING */ - ASN1_BIT_STRING *subjectUID; /* 8 */ /* deprecated in version 2 */ - /* Could be X509_EXTENSION*S*, but that's only cosmetic */ - STACK_OF(X509_EXTENSION) *extensions; /* 9 */ + ASN1_INTEGER *version; + ASN1_INTEGER *serialNumber; /* serialNumber MUST be omitted */ + /* This field is assigned by the CA during certificate creation */ + X509_ALGOR *signingAlg; /* signingAlg MUST be omitted */ + /* This field is assigned by the CA during certificate creation */ + X509_NAME *issuer; + OSSL_CRMF_OPTIONALVALIDITY *validity; + X509_NAME *subject; + X509_PUBKEY *publicKey; + ASN1_BIT_STRING *issuerUID; /* deprecated in version 2 */ + /* According to rfc 3280: UniqueIdentifier ::= BIT STRING */ + ASN1_BIT_STRING *subjectUID; /* deprecated in version 2 */ + /* Could be X509_EXTENSION*S*, but that's only cosmetic */ + STACK_OF(X509_EXTENSION) *extensions; } /* OSSL_CRMF_CERTTEMPLATE */; /*- diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c index 2dfa84e49b..6c22bc29a0 100644 --- a/crypto/crmf/crmf_pbm.c +++ b/crypto/crmf/crmf_pbm.c @@ -71,7 +71,7 @@ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid, /* * iterationCount identifies the number of times the hash is applied * during the key computation process. The iterationCount MUST be a - * minimum of 100. Many people suggest using values as high as 1000 + * minimum of 100. Many people suggest using values as high as 1000 * iterations as the minimum value. The trade off here is between * protection of the password from attacks and the time spent by the * server processing all of the different iterations in deriving |