summaryrefslogtreecommitdiff
path: root/usr.sbin/rpki-client/mft.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/rpki-client/mft.c')
-rw-r--r--usr.sbin/rpki-client/mft.c45
1 files changed, 40 insertions, 5 deletions
diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c
index f857cdb657a..bfa8b71b3fc 100644
--- a/usr.sbin/rpki-client/mft.c
+++ b/usr.sbin/rpki-client/mft.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mft.c,v 1.46 2022/01/18 13:06:43 claudio Exp $ */
+/* $OpenBSD: mft.c,v 1.47 2022/01/18 16:18:22 claudio Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -403,9 +403,8 @@ out:
/*
* Parse the objects that have been published in the manifest.
* This conforms to RFC 6486.
- * Note that if the MFT is stale, all referenced objects are stripped
- * from the parsed content.
- * The MFT content is otherwise returned.
+ * On success the MFT content is returned. Stale MFTs only set
+ * the stale flag and returned like valid MFTs.
*/
struct mft *
mft_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len)
@@ -418,7 +417,7 @@ mft_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len)
memset(&p, 0, sizeof(struct parse));
p.fn = fn;
- cms = cms_parse_validate(x509, fn, der, len, mft_oid, &cmsz);
+ cms = cms_parse_validate(x509, fn, der, len, mft_oid, &cmsz, 0);
if (cms == NULL)
return NULL;
assert(*x509 != NULL);
@@ -532,3 +531,39 @@ mft_read(struct ibuf *b)
return p;
}
+
+/*
+ * Compare two MFT files, returns 1 if first MFT is better and 0 if second
+ * should be used.
+ */
+int
+mft_compare(const struct mft *a, const struct mft *b)
+{
+ BIGNUM *abn = NULL, *bbn = NULL;
+ int r;
+
+ if (a == NULL)
+ return 0;
+ if (b == NULL)
+ return 1;
+
+warnx("%s: seq a %s, seq b %s", __func__, a->seqnum, b->seqnum);
+ BN_hex2bn(&abn, a->seqnum);
+ BN_hex2bn(&bbn, b->seqnum);
+
+ r = BN_cmp(abn, bbn);
+ BN_free(abn);
+ BN_free(bbn);
+
+ if (r <= 0)
+ return 0;
+
+warnx("%s: prefer b", __func__);
+ /*
+ * Equal sequence numbers should not happen for different content.
+ * In this case we prefer the newer MFT. It seems some CA update
+ * the EE cert and timestamps without issuing a new serial.
+ * This is bad bad bad bad bad.
+ */
+ return 1;
+}