security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-27 02:02:45 +02:00
Code Activity

dirmngr: Remove use of hardcoded numbers in validate.

Browse Source 
* dirmngr/validate.c (enum cert_usage_modes): New.
(cert_usage_p): Change type of arg MODE.  Use enums instead of
hardwired values.  Use a switch instead of tricky bit tests.
(cert_use_cert_p, cert_use_ocsp_p, cert_use_crl_p): Adjust.

* dirmngr/validate.c (cert_usage_p): Rename to check_cert_usage.
(cert_use_cert_p): Rename to check_cert_use_cert.
(cert_use_ocsp_p): Rename to check_cert_use_ocsp.
(cert_use_crl_p): Rename to check_cert_use_crl.

* dirmngr/validate.h (VALIDATE_MODE_CERT_SYSTRUST): New.
(VALIDATE_MODE_TLS, VALIDATE_MODE_TLS_SYSTRUST): New.

--

A function with a "_p" suffix return 0 for a True just looks weird.
We now use names which better indicate that an error code is returned.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-02-17 14:19:15 +01:00
parent dea4b3c742
commit ed99af030d
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 77 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
dirmngr/validate.c
View File

@ -1,6 +1,6 @@
/* validate.c - Validate a certificate chain. /* validate.c - Validate a certificate chain.
* Copyright (C) 2001, 2003, 2004, 2008 Free Software Foundation, Inc. * Copyright (C) 2001, 2003, 2004, 2008 Free Software Foundation, Inc.
* Copyright (C) 2004, 2006, 2008 g10 Code GmbH * Copyright (C) 2004, 2006, 2008, 2017 g10 Code GmbH
* *
* This file is part of DirMngr. * This file is part of DirMngr.
* *
@ -33,6 +33,20 @@
#include "validate.h" #include "validate.h"
#include "misc.h" #include "misc.h"
/* Mode parameters for cert_check_usage(). */
enum cert_usage_modes
{
CERT_USAGE_MODE_SIGN, /* Usable for encryption. */
CERT_USAGE_MODE_ENCR, /* Usable for signing. */
CERT_USAGE_MODE_VRFY, /* Usable for verification. */
CERT_USAGE_MODE_DECR, /* Usable for decryption. */
CERT_USAGE_MODE_CERT, /* Usable for cert signing. */
CERT_USAGE_MODE_OCSP, /* Usable for OCSP respone signing. */
CERT_USAGE_MODE_CRL /* Usable for CRL signing. */
};
/* While running the validation function we need to keep track of the /* While running the validation function we need to keep track of the
certificates and the validation outcome of each. We use this type certificates and the validation outcome of each. We use this type
for it. */ for it. */
@ -394,11 +408,11 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime,
switch (mode) switch (mode)
{ {
case VALIDATE_MODE_OCSP: case VALIDATE_MODE_OCSP:
err = cert_use_ocsp_p (cert); err = check_cert_use_ocsp (cert);
break; break;
case VALIDATE_MODE_CRL: case VALIDATE_MODE_CRL:
case VALIDATE_MODE_CRL_RECURSIVE: case VALIDATE_MODE_CRL_RECURSIVE:
err = cert_use_crl_p (cert); err = check_cert_use_crl (cert);
break; break;
default: default:
err = 0; err = 0;
@ -694,7 +708,7 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime,
} }
/* May that certificate be used for certification? */ /* May that certificate be used for certification? */
err = cert_use_cert_p (issuer_cert); err = check_cert_use_cert (issuer_cert);
if (err) if (err)
goto leave; /* No. */ goto leave; /* No. */
@ -1001,13 +1015,9 @@ check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert)
/* Return 0 if the cert is usable for encryption. A MODE of 0 checks /* Return 0 if CERT is usable for MODE. */
for signing, a MODE of 1 checks for encryption, a MODE of 2 checks static gpg_error_t
for verification and a MODE of 3 for decryption (just for check_cert_usage (ksba_cert_t cert, enum cert_usage_modes mode)
debugging). MODE 4 is for certificate signing, MODE 5 for OCSP
response signing, MODE 6 is for CRL signing. */
static int
cert_usage_p (ksba_cert_t cert, int mode)
{ {
gpg_error_t err; gpg_error_t err;
unsigned int use; unsigned int use;
@ -1077,7 +1087,8 @@ cert_usage_p (ksba_cert_t cert, int mode)
if (gpg_err_code (err) == GPG_ERR_NO_DATA) if (gpg_err_code (err) == GPG_ERR_NO_DATA)
{ {
err = 0; err = 0;
if (opt.verbose && mode < 2) if (opt.verbose && (mode == CERT_USAGE_MODE_SIGN
|| mode == CERT_USAGE_MODE_ENCR))
log_info (_("no key usage specified - assuming all usages\n")); log_info (_("no key usage specified - assuming all usages\n"));
use = ~0; use = ~0;
} }
@ -1094,17 +1105,36 @@ cert_usage_p (ksba_cert_t cert, int mode)
return err; return err;
} }
if (mode == 4) switch (mode)
{ {
case CERT_USAGE_MODE_SIGN:
case CERT_USAGE_MODE_VRFY:
if ((use & (KSBA_KEYUSAGE_DIGITAL_SIGNATURE
| KSBA_KEYUSAGE_NON_REPUDIATION)))
return 0;
log_info (mode == CERT_USAGE_MODE_VRFY
? _("certificate should not have been used for signing\n")
: _("certificate is not usable for signing\n"));
break;
case CERT_USAGE_MODE_ENCR:
case CERT_USAGE_MODE_DECR:
if ((use & (KSBA_KEYUSAGE_KEY_ENCIPHERMENT
| KSBA_KEYUSAGE_DATA_ENCIPHERMENT)))
return 0;
log_info (mode == CERT_USAGE_MODE_DECR
? _("certificate should not have been used for encryption\n")
: _("certificate is not usable for encryption\n"));
break;
case CERT_USAGE_MODE_CERT:
if ((use & (KSBA_KEYUSAGE_KEY_CERT_SIGN))) if ((use & (KSBA_KEYUSAGE_KEY_CERT_SIGN)))
return 0; return 0;
log_info (_("certificate should not have " log_info (_("certificate should not have "
"been used for certification\n")); "been used for certification\n"));
return gpg_error (GPG_ERR_WRONG_KEY_USAGE); break;
}
if (mode == 5) case CERT_USAGE_MODE_OCSP:
{
if (use != ~0 if (use != ~0
&& (have_ocsp_signing && (have_ocsp_signing
|| (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
@ -1112,50 +1142,38 @@ cert_usage_p (ksba_cert_t cert, int mode)
return 0; return 0;
log_info (_("certificate should not have " log_info (_("certificate should not have "
"been used for OCSP response signing\n")); "been used for OCSP response signing\n"));
return gpg_error (GPG_ERR_WRONG_KEY_USAGE); break;
}
if (mode == 6) case CERT_USAGE_MODE_CRL:
{
if ((use & (KSBA_KEYUSAGE_CRL_SIGN))) if ((use & (KSBA_KEYUSAGE_CRL_SIGN)))
return 0; return 0;
log_info (_("certificate should not have " log_info (_("certificate should not have "
"been used for CRL signing\n")); "been used for CRL signing\n"));
return gpg_error (GPG_ERR_WRONG_KEY_USAGE); break;
} }
if ((use & ((mode&1)?
(KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT):
(KSBA_KEYUSAGE_DIGITAL_SIGNATURE|KSBA_KEYUSAGE_NON_REPUDIATION)))
)
return 0;
log_info (mode==3? _("certificate should not have been used "
"for encryption\n"):
mode==2? _("certificate should not have been used for signing\n"):
mode==1? _("certificate is not usable for encryption\n"):
_("certificate is not usable for signing\n"));
return gpg_error (GPG_ERR_WRONG_KEY_USAGE); return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
} }
/* Return 0 if the certificate CERT is usable for certification. */ /* Return 0 if the certificate CERT is usable for certification. */
gpg_error_t gpg_error_t
cert_use_cert_p (ksba_cert_t cert) check_cert_use_cert (ksba_cert_t cert)
{ {
return cert_usage_p (cert, 4); return check_cert_usage (cert, CERT_USAGE_MODE_CERT);
} }
/* Return 0 if the certificate CERT is usable for signing OCSP /* Return 0 if the certificate CERT is usable for signing OCSP
responses. */ responses. */
gpg_error_t gpg_error_t
cert_use_ocsp_p (ksba_cert_t cert) check_cert_use_ocsp (ksba_cert_t cert)
{ {
return cert_usage_p (cert, 5); return check_cert_usage (cert, CERT_USAGE_MODE_OCSP);
} }
/* Return 0 if the certificate CERT is usable for signing CRLs. */ /* Return 0 if the certificate CERT is usable for signing CRLs. */
gpg_error_t gpg_error_t
cert_use_crl_p (ksba_cert_t cert) check_cert_use_crl (ksba_cert_t cert)
{ {
return cert_usage_p (cert, 6); return check_cert_usage (cert, CERT_USAGE_MODE_CRL);
} }

26
dirmngr/validate.h
View File

@ -25,13 +25,27 @@
enum { enum {
/* Simple certificate validation mode. */ /* Simple certificate validation mode. */
VALIDATE_MODE_CERT = 0, VALIDATE_MODE_CERT = 0,
/* Same as MODE_CERT but using the system provided root
* certificates. */
VALIDATE_MODE_CERT_SYSTRUST,
/* Same as MODE_CERT but uses a provided list of certificates. */
VALIDATE_MODE_TLS,
/* Same as MODE_TLS but using the system provided root
* certificates. */
VALIDATE_MODE_TLS_SYSTRUST,
/* Standard CRL issuer certificate validation; i.e. CRLs are not /* Standard CRL issuer certificate validation; i.e. CRLs are not
considered for CRL issuer certificates. */ considered for CRL issuer certificates. */
VALIDATE_MODE_CRL = 1, VALIDATE_MODE_CRL,
/* Full CRL validation. */ /* Full CRL validation. */
VALIDATE_MODE_CRL_RECURSIVE = 2, VALIDATE_MODE_CRL_RECURSIVE,
/* Validation as used for OCSP. */ /* Validation as used for OCSP. */
VALIDATE_MODE_OCSP = 3 VALIDATE_MODE_OCSP
}; };
@ -42,14 +56,14 @@ gpg_error_t validate_cert_chain (ctrl_t ctrl,
int mode, char **r_trust_anchor); int mode, char **r_trust_anchor);
/* Return 0 if the certificate CERT is usable for certification. */ /* Return 0 if the certificate CERT is usable for certification. */
gpg_error_t cert_use_cert_p (ksba_cert_t cert); gpg_error_t check_cert_use_cert (ksba_cert_t cert);
/* Return 0 if the certificate CERT is usable for signing OCSP /* Return 0 if the certificate CERT is usable for signing OCSP
responses. */ responses. */
gpg_error_t cert_use_ocsp_p (ksba_cert_t cert); gpg_error_t check_cert_use_ocsp (ksba_cert_t cert);
/* Return 0 if the certificate CERT is usable for signing CRLs. */ /* Return 0 if the certificate CERT is usable for signing CRLs. */
gpg_error_t cert_use_crl_p (ksba_cert_t cert); gpg_error_t check_cert_use_crl (ksba_cert_t cert);
#endif /*VALIDATE_H*/ #endif /*VALIDATE_H*/