From 4c21d318fc5909ffe35949b5bb782e779981cb62 Mon Sep 17 00:00:00 2001 From: tb Date: Sun, 2 Jul 2023 17:12:17 +0000 Subject: [PATCH] Convert some tables to C99 initializers ok & "happy pirate day" beck --- lib/libcrypto/asn1/a_strnid.c | 156 ++++++++++++++++++++++++++++----- lib/libcrypto/x509/x509_purp.c | 76 +++++++++++++--- lib/libcrypto/x509/x509_trs.c | 59 ++++++++++--- 3 files changed, 249 insertions(+), 42 deletions(-) diff --git a/lib/libcrypto/asn1/a_strnid.c b/lib/libcrypto/asn1/a_strnid.c index 034c4d72c3a..5d4e5ef8a0a 100644 --- a/lib/libcrypto/asn1/a_strnid.c +++ b/lib/libcrypto/asn1/a_strnid.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_strnid.c,v 1.25 2021/12/13 17:55:53 schwarze Exp $ */ +/* $OpenBSD: a_strnid.c,v 1.26 2023/07/02 17:12:17 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -187,25 +187,139 @@ ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, int inlen, /* This table must be kept in NID order */ static const ASN1_STRING_TABLE tbl_standard[] = { - {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0}, - {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, - {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0}, - {NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0}, - {NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0}, - {NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE, 0}, - {NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK}, - {NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0}, - {NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0}, - {NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0}, - {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0}, - {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0}, - {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0}, - {NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, - {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, - {NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, - {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, - {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK}, - {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK} + { + .nid = NID_commonName, + .minsize = 1, + .maxsize = ub_common_name, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_countryName, + .minsize = 2, + .maxsize = 2, + .mask = B_ASN1_PRINTABLESTRING, + .flags = STABLE_NO_MASK, + }, + { + .nid = NID_localityName, + .minsize = 1, + .maxsize = ub_locality_name, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_stateOrProvinceName, + .minsize = 1, + .maxsize = ub_state_name, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_organizationName, + .minsize = 1, + .maxsize = ub_organization_name, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_organizationalUnitName, + .minsize = 1, + .maxsize = ub_organization_unit_name, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_pkcs9_emailAddress, + .minsize = 1, + .maxsize = ub_email_address, + .mask = B_ASN1_IA5STRING, + .flags = STABLE_NO_MASK, + }, + { + .nid = NID_pkcs9_unstructuredName, + .minsize = 1, + .maxsize = -1, + .mask = PKCS9STRING_TYPE, + .flags = 0, + }, + { + .nid = NID_pkcs9_challengePassword, + .minsize = 1, + .maxsize = -1, + .mask = PKCS9STRING_TYPE, + .flags = 0, + }, + { + .nid = NID_pkcs9_unstructuredAddress, + .minsize = 1, + .maxsize = -1, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_givenName, + .minsize = 1, + .maxsize = ub_name, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_surname, + .minsize = 1, + .maxsize = ub_name, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_initials, + .minsize = 1, + .maxsize = ub_name, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_serialNumber, + .minsize = 1, + .maxsize = ub_serial_number, + .mask = B_ASN1_PRINTABLESTRING, + .flags = STABLE_NO_MASK, + }, + { + .nid = NID_friendlyName, + .minsize = -1, + .maxsize = -1, + .mask = B_ASN1_BMPSTRING, + .flags = STABLE_NO_MASK, + }, + { + .nid = NID_name, + .minsize = 1, + .maxsize = ub_name, + .mask = DIRSTRING_TYPE, + .flags = 0, + }, + { + .nid = NID_dnQualifier, + .minsize = -1, + .maxsize = -1, + .mask = B_ASN1_PRINTABLESTRING, + .flags = STABLE_NO_MASK, + }, + { + .nid = NID_domainComponent, + .minsize = 1, + .maxsize = -1, + .mask = B_ASN1_IA5STRING, + .flags = STABLE_NO_MASK, + }, + { + .nid = NID_ms_csp_name, + .minsize = -1, + .maxsize = -1, + .mask = B_ASN1_BMPSTRING, + .flags = STABLE_NO_MASK, + }, }; static int @@ -254,7 +368,7 @@ ASN1_STRING_TABLE_get(int nid) return sk_ASN1_STRING_TABLE_value(stable, idx); } return OBJ_bsearch_table(&fnd, tbl_standard, - sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE)); + sizeof(tbl_standard) / sizeof(tbl_standard[0])); } /* diff --git a/lib/libcrypto/x509/x509_purp.c b/lib/libcrypto/x509/x509_purp.c index f7bc7ea538d..f2c4f1dd57f 100644 --- a/lib/libcrypto/x509/x509_purp.c +++ b/lib/libcrypto/x509/x509_purp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_purp.c,v 1.27 2023/06/25 13:52:27 tb Exp $ */ +/* $OpenBSD: x509_purp.c,v 1.28 2023/07/02 17:12:17 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -99,18 +99,72 @@ static int xp_cmp(const X509_PURPOSE * const *a, const X509_PURPOSE * const *b); static void xptable_free(X509_PURPOSE *p); static X509_PURPOSE xstandard[] = { - {X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0, check_purpose_ssl_client, "SSL client", "sslclient", NULL}, - {X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ssl_server, "SSL server", "sslserver", NULL}, - {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL}, - {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL}, - {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL}, - {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL}, - {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL}, - {X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper, "OCSP helper", "ocsphelper", NULL}, - {X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0, check_purpose_timestamp_sign, "Time Stamp signing", "timestampsign", NULL}, + { + .purpose = X509_PURPOSE_SSL_CLIENT, + .trust = X509_TRUST_SSL_CLIENT, + .check_purpose = check_purpose_ssl_client, + .name = "SSL client", + .sname = "sslclient", + }, + { + .purpose = X509_PURPOSE_SSL_SERVER, + .trust = X509_TRUST_SSL_SERVER, + .check_purpose = check_purpose_ssl_server, + .name = "SSL server", + .sname = "sslserver", + }, + { + .purpose = X509_PURPOSE_NS_SSL_SERVER, + .trust = X509_TRUST_SSL_SERVER, + .check_purpose = check_purpose_ns_ssl_server, + .name = "Netscape SSL server", + .sname = "nssslserver", + }, + { + .purpose = X509_PURPOSE_SMIME_SIGN, + .trust = X509_TRUST_EMAIL, + .check_purpose = check_purpose_smime_sign, + .name = "S/MIME signing", + .sname = "smimesign", + }, + { + .purpose = X509_PURPOSE_SMIME_ENCRYPT, + .trust = X509_TRUST_EMAIL, + .check_purpose = check_purpose_smime_encrypt, + .name = "S/MIME encryption", + .sname = "smimeencrypt", + }, + { + .purpose = X509_PURPOSE_CRL_SIGN, + .trust = X509_TRUST_COMPAT, + .check_purpose = check_purpose_crl_sign, + .name = "CRL signing", + .sname = "crlsign", + }, + { + .purpose = X509_PURPOSE_ANY, + .trust = X509_TRUST_DEFAULT, + .check_purpose = no_check, + .name = "Any Purpose", + .sname = "any", + }, + { + .purpose = X509_PURPOSE_OCSP_HELPER, + .trust = X509_TRUST_COMPAT, + .check_purpose = ocsp_helper, + .name = "OCSP helper", + .sname = "ocsphelper", + }, + { + .purpose = X509_PURPOSE_TIMESTAMP_SIGN, + .trust = X509_TRUST_TSA, + .check_purpose = check_purpose_timestamp_sign, + .name = "Time Stamp signing", + .sname = "timestampsign", + }, }; -#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE)) +#define X509_PURPOSE_COUNT (sizeof(xstandard) / sizeof(xstandard[0])) static STACK_OF(X509_PURPOSE) *xptable = NULL; diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c index e3265918a43..6b935f8beea 100644 --- a/lib/libcrypto/x509/x509_trs.c +++ b/lib/libcrypto/x509/x509_trs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_trs.c,v 1.31 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: x509_trs.c,v 1.32 2023/07/02 17:12:17 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -80,17 +80,56 @@ static int (*default_trust)(int id, X509 *x, int flags) = obj_trust; */ static X509_TRUST trstandard[] = { - {X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL}, - {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL}, - {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL}, - {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, - {X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign, NULL}, - {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL}, - {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL}, - {X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL} + { + .trust = X509_TRUST_COMPAT, + .check_trust = trust_compat, + .name = "compatible", + }, + { + .trust = X509_TRUST_SSL_CLIENT, + .check_trust = trust_1oidany, + .name = "SSL Client", + .arg1 = NID_client_auth, + }, + { + .trust = X509_TRUST_SSL_SERVER, + .check_trust = trust_1oidany, + .name = "SSL Server", + .arg1 = NID_server_auth, + }, + { + .trust = X509_TRUST_EMAIL, + .check_trust = trust_1oidany, + .name = "S/MIME email", + .arg1 = NID_email_protect, + }, + { + .trust = X509_TRUST_OBJECT_SIGN, + .check_trust = trust_1oidany, + .name = "Object Signer", + .arg1 = NID_code_sign, + }, + { + .trust = X509_TRUST_OCSP_SIGN, + .check_trust = trust_1oid, + .name = "OCSP responder", + .arg1 = NID_OCSP_sign, + }, + { + .trust = X509_TRUST_OCSP_REQUEST, + .check_trust = trust_1oid, + .name = "OCSP request", + .arg1 = NID_ad_OCSP, + }, + { + .trust = X509_TRUST_TSA, + .check_trust = trust_1oidany, + .name = "TSA server", + .arg1 = NID_time_stamp, + }, }; -#define X509_TRUST_COUNT (sizeof(trstandard)/sizeof(X509_TRUST)) +#define X509_TRUST_COUNT (sizeof(trstandard) / sizeof(trstandard[0])) static STACK_OF(X509_TRUST) *trtable = NULL; -- 2.20.1