[Pkg-gnupg-commit] [gnupg2] 97/166: dirmngr: Remove use of hardcoded numbers in validate.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Mar 16 22:33:09 UTC 2017
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch experimental
in repository gnupg2.
commit ed99af030d19305dd7cd41c41ac581306cb91fd5
Author: Werner Koch <wk at gnupg.org>
Date: Fri Feb 17 14:19:15 2017 +0100
dirmngr: Remove use of hardcoded numbers in validate.
* dirmngr/validate.c (enum cert_usage_modes): New.
(cert_usage_p): Change type of arg MODE. Use enums instead of
hardwired values. Use a switch instead of tricky bit tests.
(cert_use_cert_p, cert_use_ocsp_p, cert_use_crl_p): Adjust.
* dirmngr/validate.c (cert_usage_p): Rename to check_cert_usage.
(cert_use_cert_p): Rename to check_cert_use_cert.
(cert_use_ocsp_p): Rename to check_cert_use_ocsp.
(cert_use_crl_p): Rename to check_cert_use_crl.
* dirmngr/validate.h (VALIDATE_MODE_CERT_SYSTRUST): New.
(VALIDATE_MODE_TLS, VALIDATE_MODE_TLS_SYSTRUST): New.
--
A function with a "_p" suffix return 0 for a True just looks weird.
We now use names which better indicate that an error code is returned.
Signed-off-by: Werner Koch <wk at gnupg.org>
---
dirmngr/validate.c | 96 ++++++++++++++++++++++++++++++++----------------------
dirmngr/validate.h | 26 +++++++++++----
2 files changed, 77 insertions(+), 45 deletions(-)
diff --git a/dirmngr/validate.c b/dirmngr/validate.c
index 4139c22..5081ae0 100644
--- a/dirmngr/validate.c
+++ b/dirmngr/validate.c
@@ -1,6 +1,6 @@
/* validate.c - Validate a certificate chain.
* Copyright (C) 2001, 2003, 2004, 2008 Free Software Foundation, Inc.
- * Copyright (C) 2004, 2006, 2008 g10 Code GmbH
+ * Copyright (C) 2004, 2006, 2008, 2017 g10 Code GmbH
*
* This file is part of DirMngr.
*
@@ -33,6 +33,20 @@
#include "validate.h"
#include "misc.h"
+
+/* Mode parameters for cert_check_usage(). */
+enum cert_usage_modes
+ {
+ CERT_USAGE_MODE_SIGN, /* Usable for encryption. */
+ CERT_USAGE_MODE_ENCR, /* Usable for signing. */
+ CERT_USAGE_MODE_VRFY, /* Usable for verification. */
+ CERT_USAGE_MODE_DECR, /* Usable for decryption. */
+ CERT_USAGE_MODE_CERT, /* Usable for cert signing. */
+ CERT_USAGE_MODE_OCSP, /* Usable for OCSP respone signing. */
+ CERT_USAGE_MODE_CRL /* Usable for CRL signing. */
+ };
+
+
/* While running the validation function we need to keep track of the
certificates and the validation outcome of each. We use this type
for it. */
@@ -394,11 +408,11 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime,
switch (mode)
{
case VALIDATE_MODE_OCSP:
- err = cert_use_ocsp_p (cert);
+ err = check_cert_use_ocsp (cert);
break;
case VALIDATE_MODE_CRL:
case VALIDATE_MODE_CRL_RECURSIVE:
- err = cert_use_crl_p (cert);
+ err = check_cert_use_crl (cert);
break;
default:
err = 0;
@@ -694,7 +708,7 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime,
}
/* May that certificate be used for certification? */
- err = cert_use_cert_p (issuer_cert);
+ err = check_cert_use_cert (issuer_cert);
if (err)
goto leave; /* No. */
@@ -1001,13 +1015,9 @@ check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert)
-/* Return 0 if the cert is usable for encryption. A MODE of 0 checks
- for signing, a MODE of 1 checks for encryption, a MODE of 2 checks
- for verification and a MODE of 3 for decryption (just for
- debugging). MODE 4 is for certificate signing, MODE 5 for OCSP
- response signing, MODE 6 is for CRL signing. */
-static int
-cert_usage_p (ksba_cert_t cert, int mode)
+/* Return 0 if CERT is usable for MODE. */
+static gpg_error_t
+check_cert_usage (ksba_cert_t cert, enum cert_usage_modes mode)
{
gpg_error_t err;
unsigned int use;
@@ -1077,7 +1087,8 @@ cert_usage_p (ksba_cert_t cert, int mode)
if (gpg_err_code (err) == GPG_ERR_NO_DATA)
{
err = 0;
- if (opt.verbose && mode < 2)
+ if (opt.verbose && (mode == CERT_USAGE_MODE_SIGN
+ || mode == CERT_USAGE_MODE_ENCR))
log_info (_("no key usage specified - assuming all usages\n"));
use = ~0;
}
@@ -1094,17 +1105,36 @@ cert_usage_p (ksba_cert_t cert, int mode)
return err;
}
- if (mode == 4)
+ switch (mode)
{
+ case CERT_USAGE_MODE_SIGN:
+ case CERT_USAGE_MODE_VRFY:
+ if ((use & (KSBA_KEYUSAGE_DIGITAL_SIGNATURE
+ | KSBA_KEYUSAGE_NON_REPUDIATION)))
+ return 0;
+ log_info (mode == CERT_USAGE_MODE_VRFY
+ ? _("certificate should not have been used for signing\n")
+ : _("certificate is not usable for signing\n"));
+ break;
+
+ case CERT_USAGE_MODE_ENCR:
+ case CERT_USAGE_MODE_DECR:
+ if ((use & (KSBA_KEYUSAGE_KEY_ENCIPHERMENT
+ | KSBA_KEYUSAGE_DATA_ENCIPHERMENT)))
+ return 0;
+ log_info (mode == CERT_USAGE_MODE_DECR
+ ? _("certificate should not have been used for encryption\n")
+ : _("certificate is not usable for encryption\n"));
+ break;
+
+ case CERT_USAGE_MODE_CERT:
if ((use & (KSBA_KEYUSAGE_KEY_CERT_SIGN)))
return 0;
log_info (_("certificate should not have "
"been used for certification\n"));
- return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
- }
+ break;
- if (mode == 5)
- {
+ case CERT_USAGE_MODE_OCSP:
if (use != ~0
&& (have_ocsp_signing
|| (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
@@ -1112,50 +1142,38 @@ cert_usage_p (ksba_cert_t cert, int mode)
return 0;
log_info (_("certificate should not have "
"been used for OCSP response signing\n"));
- return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
- }
+ break;
- if (mode == 6)
- {
+ case CERT_USAGE_MODE_CRL:
if ((use & (KSBA_KEYUSAGE_CRL_SIGN)))
return 0;
log_info (_("certificate should not have "
"been used for CRL signing\n"));
- return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
+ break;
}
- if ((use & ((mode&1)?
- (KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT):
- (KSBA_KEYUSAGE_DIGITAL_SIGNATURE|KSBA_KEYUSAGE_NON_REPUDIATION)))
- )
- return 0;
-
- log_info (mode==3? _("certificate should not have been used "
- "for encryption\n"):
- mode==2? _("certificate should not have been used for signing\n"):
- mode==1? _("certificate is not usable for encryption\n"):
- _("certificate is not usable for signing\n"));
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
}
+
/* Return 0 if the certificate CERT is usable for certification. */
gpg_error_t
-cert_use_cert_p (ksba_cert_t cert)
+check_cert_use_cert (ksba_cert_t cert)
{
- return cert_usage_p (cert, 4);
+ return check_cert_usage (cert, CERT_USAGE_MODE_CERT);
}
/* Return 0 if the certificate CERT is usable for signing OCSP
responses. */
gpg_error_t
-cert_use_ocsp_p (ksba_cert_t cert)
+check_cert_use_ocsp (ksba_cert_t cert)
{
- return cert_usage_p (cert, 5);
+ return check_cert_usage (cert, CERT_USAGE_MODE_OCSP);
}
/* Return 0 if the certificate CERT is usable for signing CRLs. */
gpg_error_t
-cert_use_crl_p (ksba_cert_t cert)
+check_cert_use_crl (ksba_cert_t cert)
{
- return cert_usage_p (cert, 6);
+ return check_cert_usage (cert, CERT_USAGE_MODE_CRL);
}
diff --git a/dirmngr/validate.h b/dirmngr/validate.h
index 0d9283c..376d99d 100644
--- a/dirmngr/validate.h
+++ b/dirmngr/validate.h
@@ -25,13 +25,27 @@
enum {
/* Simple certificate validation mode. */
VALIDATE_MODE_CERT = 0,
+
+ /* Same as MODE_CERT but using the system provided root
+ * certificates. */
+ VALIDATE_MODE_CERT_SYSTRUST,
+
+ /* Same as MODE_CERT but uses a provided list of certificates. */
+ VALIDATE_MODE_TLS,
+
+ /* Same as MODE_TLS but using the system provided root
+ * certificates. */
+ VALIDATE_MODE_TLS_SYSTRUST,
+
/* Standard CRL issuer certificate validation; i.e. CRLs are not
considered for CRL issuer certificates. */
- VALIDATE_MODE_CRL = 1,
+ VALIDATE_MODE_CRL,
+
/* Full CRL validation. */
- VALIDATE_MODE_CRL_RECURSIVE = 2,
+ VALIDATE_MODE_CRL_RECURSIVE,
+
/* Validation as used for OCSP. */
- VALIDATE_MODE_OCSP = 3
+ VALIDATE_MODE_OCSP
};
@@ -42,14 +56,14 @@ gpg_error_t validate_cert_chain (ctrl_t ctrl,
int mode, char **r_trust_anchor);
/* Return 0 if the certificate CERT is usable for certification. */
-gpg_error_t cert_use_cert_p (ksba_cert_t cert);
+gpg_error_t check_cert_use_cert (ksba_cert_t cert);
/* Return 0 if the certificate CERT is usable for signing OCSP
responses. */
-gpg_error_t cert_use_ocsp_p (ksba_cert_t cert);
+gpg_error_t check_cert_use_ocsp (ksba_cert_t cert);
/* Return 0 if the certificate CERT is usable for signing CRLs. */
-gpg_error_t cert_use_crl_p (ksba_cert_t cert);
+gpg_error_t check_cert_use_crl (ksba_cert_t cert);
#endif /*VALIDATE_H*/
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list