artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4fdd586) | patch
Check that TA certs are correctly signed
authortb <tb@openbsd.org>
Thu, 6 Jun 2024 11:53:09 +0000 (11:53 +0000)
committertb <tb@openbsd.org>
Thu, 6 Jun 2024 11:53:09 +0000 (11:53 +0000)
commitb6a9c519f92dfae089b645d66e81f8c90e11ec8b
treeffde8ecc0dcd0cf81ec9894d1b00c6faa302dc6dtree | snapshot
parent4fdd5861ce320c6c2e70c3f7373326bac42ebe9fcommit | diff
Check that TA certs are correctly signed

We know the pubkey from the TAL, so check that the signature is right
as required by RFC 6487, section 7, additional condition 1, applied to
self-issued certs. Make the error check weird since OpenSSL 3 broke yet
another API (thanks claudio for making me go look).

ok claudio job
usr.sbin/rpki-client/cert.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim