artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d822a5a) | patch
rpki-client: simplify signature type checking for certs/CRLs
authortb <tb@openbsd.org>
Tue, 11 Jun 2024 07:27:14 +0000 (07:27 +0000)
committertb <tb@openbsd.org>
Tue, 11 Jun 2024 07:27:14 +0000 (07:27 +0000)
commit073e107a94a20866404b25c8981661aab65df794
tree1d18006f42029a5b60fd288da0092ce2232f41fetree | snapshot
parentd822a5af4c79efa44f551bb53a787cc5bb0c28edcommit | diff
rpki-client: simplify signature type checking for certs/CRLs

The OpenSSL 1.1 get_signature_nid() API is available for all libraries
that we support and it does exactly what we want. It is much simpler
than the unergonomic accessors we used previously. The ASN.1 templates
ensure that the relevant struct members aren't NULL after successful
deserialization, so the calls are safe.

ok claudio
usr.sbin/rpki-client/cert.c diff | blob | history
usr.sbin/rpki-client/crl.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim