Reintroduce check that CRL Number is in range
authortb <tb@openbsd.org>
Thu, 12 Sep 2024 10:33:25 +0000 (10:33 +0000)
committertb <tb@openbsd.org>
Thu, 12 Sep 2024 10:33:25 +0000 (10:33 +0000)
commit904d9c60a494ce97b94afaf3fd42c67d7804546d
tree2385196d4365941f84b5a44c83efad254f90e34f
parent00475b9b7a5913f394433f708ebd3dff5b5824cf
Reintroduce check that CRL Number is in range

The CRL number draft clarified what ignoring means and it includes checking
that the CRL number is well-formed again. So do this but continue to ignore
the value for any other purpose. This refactors x509_convert_seqnum() into
a couple of helpers. There's some duplication between crl_check_crl_number()
and crl_parse_crl_number() which could be removed if anyone cares.

tweaks/ok job
usr.sbin/rpki-client/crl.c
usr.sbin/rpki-client/extern.h
usr.sbin/rpki-client/mft.c
usr.sbin/rpki-client/print.c
usr.sbin/rpki-client/x509.c