artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 82c9ebf) | patch
Cache sha512 hash and parsed not_before and not_after with X509 cert.
authorbeck <beck@openbsd.org>
Thu, 4 Nov 2021 23:52:34 +0000 (23:52 +0000)
committerbeck <beck@openbsd.org>
Thu, 4 Nov 2021 23:52:34 +0000 (23:52 +0000)
commit88e5d4476be93cdd38d69b681fe8cc963fa2a4cd
tree1886b73589b507cacd5edbe3bd7d88c18defa792tree | snapshot
parent82c9ebfef76b295c9cb6a7f3797c555ef49f768dcommit | diff
Cache sha512 hash and parsed not_before and not_after with X509 cert.

Replace sha1 hash use with sha512 for certificate comparisons internal
to the library. use the cached sha512 for the validator's verification
cache.

Reduces our recomputation of hashes, and heavy use of time1 time
conversion functions noticed bu claudio@ in rpki client.

ok jsing@ tb@
lib/libcrypto/ts/ts_rsp_sign.c diff | blob | history
lib/libcrypto/ts/ts_rsp_verify.c diff | blob | history
lib/libcrypto/x509/x509_cmp.c diff | blob | history
lib/libcrypto/x509/x509_internal.h diff | blob | history
lib/libcrypto/x509/x509_lcl.h diff | blob | history
lib/libcrypto/x509/x509_purp.c diff | blob | history
lib/libcrypto/x509/x509_verify.c diff | blob | history
lib/libcrypto/x509/x509_verify.h diff | blob | history
lib/libcrypto/x509/x509_vfy.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim