diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2022-05-09 19:19:34 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2022-05-09 19:19:34 +0000 |
| commit | a833eb4b8074f358bd3e637c07d2825d53e25bb8 (patch) | |
| tree | b1640387b6a8dbad4f757ba5ef2fb5dc3a35585d /lib/libcrypto/x509 | |
| parent | ff50d9efde8e4e2e1bc8a0d0aa2bb1aec4ee5432 (diff) | |
Simplify X509_ATTRIBUTE ASN.1 encoding.
For some unknown historical reason, X509_ATTRIBUTE allows for a single
ASN.1 value or an ASN.1 SET OF, rather than requiring an ASN.1 SET OF.
Simplify encoding and remove support for single values - this is similar
to OpenSSL e20b57270dec.
This removes the last use of COMBINE in the ASN.1 decoder.
ok tb@
Diffstat (limited to 'lib/libcrypto/x509')
| -rw-r--r-- | lib/libcrypto/x509/x509_att.c | 27 | ||||
| -rw-r--r-- | lib/libcrypto/x509/x509_lcl.h | 7 |
2 files changed, 11 insertions, 23 deletions
diff --git a/lib/libcrypto/x509/x509_att.c b/lib/libcrypto/x509/x509_att.c index 38aa0631432..8d369df9006 100644 --- a/lib/libcrypto/x509/x509_att.c +++ b/lib/libcrypto/x509/x509_att.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_att.c,v 1.18 2021/11/01 20:53:08 tb Exp $ */ +/* $OpenBSD: x509_att.c,v 1.19 2022/05/09 19:19:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -324,10 +324,8 @@ X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, goto err; atype = attrtype; } - if (!(attr->value.set = sk_ASN1_TYPE_new_null())) - goto err; - attr->single = 0; - /* This is a bit naughty because the attribute should really have + /* + * This is a bit naughty because the attribute should really have * at least one value but some types use and zero length SET and * require this. */ @@ -343,7 +341,7 @@ X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, goto err; } else ASN1_TYPE_set(ttmp, atype, stmp); - if (!sk_ASN1_TYPE_push(attr->value.set, ttmp)) + if (!sk_ASN1_TYPE_push(attr->set, ttmp)) goto err; return 1; @@ -357,11 +355,10 @@ err: int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr) { - if (!attr->single) - return sk_ASN1_TYPE_num(attr->value.set); - if (attr->value.single) - return 1; - return 0; + if (attr == NULL) + return 0; + + return sk_ASN1_TYPE_num(attr->set); } ASN1_OBJECT * @@ -392,10 +389,6 @@ X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) { if (attr == NULL) return (NULL); - if (idx >= X509_ATTRIBUTE_count(attr)) - return NULL; - if (!attr->single) - return sk_ASN1_TYPE_value(attr->value.set, idx); - else - return attr->value.single; + + return sk_ASN1_TYPE_value(attr->set, idx); } diff --git a/lib/libcrypto/x509/x509_lcl.h b/lib/libcrypto/x509/x509_lcl.h index e7eb733f7d9..5beef8a94dc 100644 --- a/lib/libcrypto/x509/x509_lcl.h +++ b/lib/libcrypto/x509/x509_lcl.h @@ -109,12 +109,7 @@ struct X509_extension_st { struct x509_attributes_st { ASN1_OBJECT *object; - int single; /* 0 for a set, 1 for a single item (which is wrong) */ - union { - char *ptr; -/* 0 */ STACK_OF(ASN1_TYPE) *set; -/* 1 */ ASN1_TYPE *single; - } value; + STACK_OF(ASN1_TYPE) *set; } /* X509_ATTRIBUTE */; struct X509_req_info_st { |