artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b680683)
Prepare to provide X509_VERIFY_PARAM_set_auth_level()
authortb <tb@openbsd.org>
Mon, 27 Jun 2022 14:00:09 +0000 (14:00 +0000)
committertb <tb@openbsd.org>
Mon, 27 Jun 2022 14:00:09 +0000 (14:00 +0000)
For some unknown reason this needed a different name than security_level,
both internally and in the public API. Obviously it is exactly the same
garbage.

ok beck jsing

lib/libcrypto/x509/x509_lcl.h patch | blob | history
lib/libcrypto/x509/x509_vfy.h patch | blob | history
lib/libcrypto/x509/x509_vpm.c patch | blob | history

diff --git a/lib/libcrypto/x509/x509_lcl.h b/lib/libcrypto/x509/x509_lcl.h
index 5beef8a..d42fa4a 100644 (file)
--- a/lib/libcrypto/x509/x509_lcl.h
+++ b/lib/libcrypto/x509/x509_lcl.h
@@ -272,6 +272,7 @@ struct X509_VERIFY_PARAM_st {
        int purpose;            /* purpose to check untrusted certificates */
        int trust;              /* trust setting to check */
        int depth;              /* Verify depth */
+       int security_level;     /* 'Security level', see SP800-57. */
        STACK_OF(ASN1_OBJECT) *policies;        /* Permissible policies */
        X509_VERIFY_PARAM_ID *id;       /* opaque ID data */
 } /* X509_VERIFY_PARAM */;
diff --git a/lib/libcrypto/x509/x509_vfy.h b/lib/libcrypto/x509/x509_vfy.h
index 9a649cb..a007fe4 100644 (file)
--- a/lib/libcrypto/x509/x509_vfy.h
+++ b/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.h,v 1.50 2022/01/14 07:53:45 tb Exp $ */
+/* $OpenBSD: x509_vfy.h,v 1.51 2022/06/27 14:00:09 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -426,6 +426,9 @@ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
 int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
 int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
 void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+#if defined(LIBRESSL_INTERNAL)
+void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level);
+#endif
 void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
 int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
                                                ASN1_OBJECT *policy);
diff --git a/lib/libcrypto/x509/x509_vpm.c b/lib/libcrypto/x509/x509_vpm.c
index 13171e4..d4ec2c5 100644 (file)
--- a/lib/libcrypto/x509/x509_vpm.c
+++ b/lib/libcrypto/x509/x509_vpm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vpm.c,v 1.28 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: x509_vpm.c,v 1.29 2022/06/27 14:00:09 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
@@ -453,6 +453,12 @@ X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth)
        param->depth = depth;
 }
 
+void
+X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level)
+{
+       param->security_level = auth_level;
+}
+
 void
 X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
 {
OpenBSD src
by Ahmet Artu Yildirim