fix various formatting nits in CMP contribution chunks 1-6 found by the new util...

author Dr. David von Oheimb <David.von.Oheimb@siemens.com>

Fri, 13 Dec 2019 19:07:08 +0000 (20:07 +0100)

committer Dr. David von Oheimb <David.von.Oheimb@siemens.com>

Mon, 17 Feb 2020 06:43:58 +0000 (07:43 +0100)
author Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Fri, 13 Dec 2019 19:07:08 +0000 (20:07 +0100)
committer Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Mon, 17 Feb 2020 06:43:58 +0000 (07:43 +0100)
diff --git a/crypto/cmp/cmp_asn.c b/crypto/cmp/cmp_asn.c

index ca121b068ac424dd3db623fc4dd9394850cf0d90..e02076bb12c9ece5e52e97c501a8c8d5aaf4aa9a 100644 (file)
--- a/crypto/cmp/cmp_asn.c
+++ b/crypto/cmp/cmp_asn.c
@@ -73,7 +73,8 @@ ASN1_SEQUENCE(OSSL_CMP_ERRORMSGCONTENT) = {
  IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT)
  
  ASN1_ADB_TEMPLATE(infotypeandvalue_default) = ASN1_OPT(OSSL_CMP_ITAV,
-        infoValue.other, ASN1_ANY);
+                                                       infoValue.other,
+                                                       ASN1_ANY);
  /* ITAV means InfoTypeAndValue */
  ASN1_ADB(OSSL_CMP_ITAV) = {
      /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c

index 12492336ef63265de7b874cc0f150c36fefb65d7..714157a9643dc9ccf43bab0768690a2aea4220a8 100644 (file)
--- a/crypto/cmp/cmp_ctx.c
+++ b/crypto/cmp/cmp_ctx.c
@@ -80,7 +80,7 @@ int OSSL_CMP_CTX_set1_untrusted_certs(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs)
      sk_X509_pop_free(ctx->untrusted_certs, X509_free);
      ctx->untrusted_certs = untrusted_certs;
      return 1;
-err:
+ err:
      sk_X509_pop_free(untrusted_certs, X509_free);
      return 0;
  }
diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h

index f36928bdf10bc08a44e4d3c0964027f180259d10..1e62d4516f31f10cf9113c8dc32cb936812e9f0c 100644 (file)
--- a/crypto/cmp/cmp_local.h
+++ b/crypto/cmp/cmp_local.h
@@ -48,16 +48,23 @@ struct ossl_cmp_ctx_st {
      void *http_cb_arg; /* allows to store optional argument to cb */
  
      /* server authentication */
-    int unprotectedErrors; /* accept neg. response with no/invalid protection */
-                           /* to cope with broken server */
+    /*
+     * unprotectedErrors may be set as workaround for broken server responses:
+     * accept missing or invalid protection of regular error messages, negative
+     * certificate responses (ip/cp/kup), revocation responses (rp), and PKIConf
+     */
+    int unprotectedErrors;
      X509 *srvCert; /* certificate used to identify the server */
      X509 *validatedSrvCert; /* caches any already validated server cert */
      X509_NAME *expected_sender; /* expected sender in pkiheader of response */
      X509_STORE *trusted; /* trust store maybe w CRLs and cert verify callback */
      STACK_OF(X509) *untrusted_certs; /* untrusted (intermediate) certs */
      int ignore_keyusage; /* ignore key usage entry when validating certs */
-    int permitTAInExtraCertsForIR; /* allow use of root certs in extracerts */
-             /* when validating message protection; used for 3GPP-style E.7 */
+    /*
+     * permitTAInExtraCertsForIR allows use of root certs in extracerts
+     * when validating message protection; this is used for 3GPP-style E.7
+     */
+    int permitTAInExtraCertsForIR;
  
      /* client authentication */
      int unprotectedSend; /* send unprotected PKI messages */
@@ -536,68 +543,108 @@ typedef struct ossl_cmp_pkibody_st {
          OSSL_CMP_CERTREPMESSAGE *ip; /* 1 */
          OSSL_CRMF_MSGS *cr; /* 2 */
          OSSL_CMP_CERTREPMESSAGE *cp; /* 3 */
-        /* p10cr      [4]  CertificationRequest,     --imported from [PKCS10] */
-        /*
+        /*-
+         * p10cr      [4]  CertificationRequest,     --imported from [PKCS10]
+         *
           * PKCS10_CERTIFICATIONREQUEST is effectively X509_REQ
           * so it is used directly
           */
          X509_REQ *p10cr; /* 4 */
-        /* popdecc    [5]  POPODecKeyChallContent, --pop Challenge */
-        /* POPODecKeyChallContent ::= SEQUENCE OF Challenge */
+        /*-
+         * popdecc    [5]  POPODecKeyChallContent, --pop Challenge
+         *
+         * POPODecKeyChallContent ::= SEQUENCE OF Challenge
+         */
          OSSL_CMP_POPODECKEYCHALLCONTENT *popdecc; /* 5 */
-        /* popdecr    [6]  POPODecKeyRespContent,  --pop Response */
-        /* POPODecKeyRespContent ::= SEQUENCE OF INTEGER */
+        /*-
+         * popdecr    [6]  POPODecKeyRespContent,  --pop Response
+         *
+         * POPODecKeyRespContent ::= SEQUENCE OF INTEGER
+         */
          OSSL_CMP_POPODECKEYRESPCONTENT *popdecr; /* 6 */
          OSSL_CRMF_MSGS *kur; /* 7 */
          OSSL_CMP_CERTREPMESSAGE *kup; /* 8 */
          OSSL_CRMF_MSGS *krr; /* 9 */
  
-        /* krp        [10] KeyRecRepContent,         --Key Recovery Response */
+        /*-
+         * krp        [10] KeyRecRepContent,         --Key Recovery Response
+         */
          OSSL_CMP_KEYRECREPCONTENT *krp; /* 10 */
-        /* rr         [11] RevReqContent,            --Revocation Request */
+        /*-
+         * rr         [11] RevReqContent,            --Revocation Request
+         */
          OSSL_CMP_REVREQCONTENT *rr; /* 11 */
-        /* rp         [12] RevRepContent,            --Revocation Response */
+        /*-
+         * rp         [12] RevRepContent,            --Revocation Response
+         */
          OSSL_CMP_REVREPCONTENT *rp; /* 12 */
-        /* ccr        [13] CertReqMessages,          --Cross-Cert. Request */
+        /*-
+         * ccr        [13] CertReqMessages,          --Cross-Cert. Request
+         */
          OSSL_CRMF_MSGS *ccr; /* 13 */
-        /* ccp        [14] CertRepMessage,           --Cross-Cert. Response */
+        /*-
+         * ccp        [14] CertRepMessage,           --Cross-Cert. Response
+         */
          OSSL_CMP_CERTREPMESSAGE *ccp; /* 14 */
-        /* ckuann     [15] CAKeyUpdAnnContent,       --CA Key Update Ann. */
+        /*-
+         * ckuann     [15] CAKeyUpdAnnContent,       --CA Key Update Ann.
+         */
          OSSL_CMP_CAKEYUPDANNCONTENT *ckuann; /* 15 */
-        /* cann       [16] CertAnnContent,           --Certificate Ann. */
-        /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
-        X509 *cann;         /* 16 */
-        /* rann       [17] RevAnnContent,            --Revocation Ann. */
+        /*-
+         * cann       [16] CertAnnContent,           --Certificate Ann.
+         * OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly
+         */
+        X509 *cann; /* 16 */
+        /*-
+         * rann       [17] RevAnnContent,            --Revocation Ann.
+         */
          OSSL_CMP_REVANNCONTENT *rann; /* 17 */
-        /* crlann     [18] CRLAnnContent,            --CRL Announcement */
-        /* CRLAnnContent ::= SEQUENCE OF CertificateList */
-        OSSL_CMP_CRLANNCONTENT *crlann;
-        /* PKIConfirmContent ::= NULL */
-        /* pkiconf    [19] PKIConfirmContent,        --Confirmation */
-        /* OSSL_CMP_PKICONFIRMCONTENT would be only a typedef of ASN1_NULL */
-        /* OSSL_CMP_CONFIRMCONTENT *pkiconf; */
-        /*
+        /*-
+         * crlann     [18] CRLAnnContent,            --CRL Announcement
+         * CRLAnnContent ::= SEQUENCE OF CertificateList
+         */
+        OSSL_CMP_CRLANNCONTENT *crlann; /* 18 */
+        /*-
+         * PKIConfirmContent ::= NULL
+         * pkiconf    [19] PKIConfirmContent,        --Confirmation
+         * OSSL_CMP_PKICONFIRMCONTENT would be only a typedef of ASN1_NULL
+         * OSSL_CMP_CONFIRMCONTENT *pkiconf;
+         *
           * NOTE: this should ASN1_NULL according to the RFC
           * but there might be a struct in it when sent from faulty servers...
           */
          ASN1_TYPE *pkiconf; /* 19 */
-        /* nested     [20] NestedMessageContent,     --Nested Message */
-        /* NestedMessageContent ::= PKIMessages */
+        /*-
+         * nested     [20] NestedMessageContent,     --Nested Message
+         * NestedMessageContent ::= PKIMessages
+         */
          OSSL_CMP_MSGS *nested; /* 20 */
-        /* genm       [21] GenMsgContent,            --General Message */
-        /* GenMsgContent ::= SEQUENCE OF InfoTypeAndValue */
+        /*-
+         * genm       [21] GenMsgContent,            --General Message
+         * GenMsgContent ::= SEQUENCE OF InfoTypeAndValue
+         */
          OSSL_CMP_GENMSGCONTENT *genm; /* 21 */
-        /* genp       [22] GenRepContent,            --General Response */
-        /* GenRepContent ::= SEQUENCE OF InfoTypeAndValue */
+        /*-
+         * genp       [22] GenRepContent,            --General Response
+         * GenRepContent ::= SEQUENCE OF InfoTypeAndValue
+         */
          OSSL_CMP_GENREPCONTENT *genp; /* 22 */
-        /* error      [23] ErrorMsgContent,          --Error Message */
+        /*-
+         * error      [23] ErrorMsgContent,          --Error Message
+         */
          OSSL_CMP_ERRORMSGCONTENT *error; /* 23 */
-        /* certConf [24] CertConfirmContent,     --Certificate confirm */
+        /*-
+         * certConf [24] CertConfirmContent,     --Certificate confirm
+         */
          OSSL_CMP_CERTCONFIRMCONTENT *certConf; /* 24 */
-        /* pollReq    [25] PollReqContent,           --Polling request */
-        OSSL_CMP_POLLREQCONTENT *pollReq;
-        /* pollRep    [26] PollRepContent            --Polling response */
-        OSSL_CMP_POLLREPCONTENT *pollRep;
+        /*-
+         * pollReq    [25] PollReqContent,           --Polling request
+         */
+        OSSL_CMP_POLLREQCONTENT *pollReq; /* 25 */
+        /*-
+         * pollRep    [26] PollRepContent            --Polling response
+         */
+        OSSL_CMP_POLLREPCONTENT *pollRep; /* 26 */
      } value;
  } OSSL_CMP_PKIBODY;
  DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKIBODY)
@@ -704,13 +751,12 @@ void ossl_cmp_add_error_txt(const char *separator, const char *txt);
  # define ossl_cmp_add_error_data(txt) ossl_cmp_add_error_txt(" : ", txt)
  # define ossl_cmp_add_error_line(txt) ossl_cmp_add_error_txt("\n", txt)
  /* functions manipulating lists of certificates etc could be generally useful */
-int ossl_cmp_sk_X509_add1_cert (STACK_OF(X509) *sk, X509 *cert,
-                                int no_dup, int prepend);
+int ossl_cmp_sk_X509_add1_cert(STACK_OF(X509) *sk, X509 *cert,
+                               int no_dup, int prepend);
  int ossl_cmp_sk_X509_add1_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs,
-                                int no_self_signed, int no_dups, int prepend);
+                                int no_self_issued, int no_dups, int prepend);
  int ossl_cmp_X509_STORE_add1_certs(X509_STORE *store, STACK_OF(X509) *certs,
-                                   int only_self_signed);
-STACK_OF(X509) *ossl_cmp_X509_STORE_get1_certs(X509_STORE *store);
+                                   int only_self_issued);
  int ossl_cmp_asn1_octet_string_set1(ASN1_OCTET_STRING **tgt,
                                      const ASN1_OCTET_STRING *src);
  int ossl_cmp_asn1_octet_string_set1_bytes(ASN1_OCTET_STRING **tgt,
@@ -850,7 +896,7 @@ OSSL_CMP_MSG *ossl_cmp_pollRep_new(OSSL_CMP_CTX *ctx, int crid,
  OSSL_CMP_PKISI *
  ossl_cmp_revrepcontent_get_pkistatusinfo(OSSL_CMP_REVREPCONTENT *rrep, int rsid);
  OSSL_CRMF_CERTID *ossl_cmp_revrepcontent_get_CertId(OSSL_CMP_REVREPCONTENT *rrep,
-                                               int rsid);
+                                                    int rsid);
  OSSL_CMP_POLLREP *
  ossl_cmp_pollrepcontent_get0_pollrep(const OSSL_CMP_POLLREPCONTENT *prc,
                                       int rid);
@@ -861,9 +907,9 @@ X509 *ossl_cmp_certresponse_get1_certificate(EVP_PKEY *privkey,
                                               const OSSL_CMP_CERTRESPONSE *crep);
  OSSL_CMP_MSG *ossl_cmp_msg_load(const char *file);
  /* BIO definitions */
-#  define OSSL_d2i_CMP_MSG_bio(bp, p) \
+# define OSSL_d2i_CMP_MSG_bio(bp, p) \
      ASN1_d2i_bio_of(OSSL_CMP_MSG, OSSL_CMP_MSG_new, d2i_OSSL_CMP_MSG, bp, p)
-#  define OSSL_i2d_CMP_MSG_bio(bp, o) \
+# define OSSL_i2d_CMP_MSG_bio(bp, o) \
      ASN1_i2d_bio_of(OSSL_CMP_MSG, i2d_OSSL_CMP_MSG, bp, o)
  
  /* from cmp_protect.c */
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c

index 00381932f3490eec160e8b0b39ab62b925618985..c794dc98bb7dcac94bd184b98f6b32bc36e57017 100644 (file)
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -232,7 +232,7 @@ static OSSL_CRMF_MSG *crm_new(OSSL_CMP_CTX *ctx, int bodytype,
               */
              || !OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_MSG_get0_tmpl(crm), rkey,
                                              subject, ctx->issuer,
-                                            NULL/* serial */))
+                                            NULL /* serial */))
          goto err;
      if (ctx->days != 0) {
          time_t notBefore, notAfter;
@@ -442,8 +442,8 @@ OSSL_CMP_MSG *ossl_cmp_rr_new(OSSL_CMP_CTX *ctx)
  
      /* Fill the template from the contents of the certificate to be revoked */
      if (!OSSL_CRMF_CERTTEMPLATE_fill(rd->certDetails,
-                                     NULL/* pubkey would be redundant */,
-                                     NULL/* subject would be redundant */,
+                                     NULL /* pubkey would be redundant */,
+                                     NULL /* subject would be redundant */,
                                       X509_get_issuer_name(ctx->oldCert),
                                       X509_get_serialNumber(ctx->oldCert)))
          goto err;
@@ -569,7 +569,7 @@ int ossl_cmp_msg_gen_push1_ITAVs(OSSL_CMP_MSG *msg,
          return 0;
  
      for (i = 0; i < sk_OSSL_CMP_ITAV_num(itavs); i++) {
-        if ((itav = OSSL_CMP_ITAV_dup(sk_OSSL_CMP_ITAV_value(itavs,i))) == NULL)
+        if ((itav = OSSL_CMP_ITAV_dup(sk_OSSL_CMP_ITAV_value(itavs, i))) == NULL)
              return 0;
          if (!ossl_cmp_msg_gen_push0_ITAV(msg, itav)) {
              OSSL_CMP_ITAV_free(itav);
@@ -643,8 +643,8 @@ OSSL_CMP_MSG *ossl_cmp_error_new(OSSL_CMP_CTX *ctx, OSSL_CMP_PKISI *si,
      }
      if (errorDetails != NULL)
          if ((msg->body->value.error->errorDetails =
-            sk_ASN1_UTF8STRING_deep_copy(errorDetails, ASN1_STRING_dup,
-                                         ASN1_STRING_free)) == NULL)
+             sk_ASN1_UTF8STRING_deep_copy(errorDetails, ASN1_STRING_dup,
+                                          ASN1_STRING_free)) == NULL)
              goto err;
  
      if (!unprotected && !ossl_cmp_msg_protect(ctx, msg))
diff --git a/crypto/cmp/cmp_protect.c b/crypto/cmp/cmp_protect.c

index 7db3440f32bce3358f920458cf3801a51a9c24c4..c1b4b8584d19b7ac6349d950bf45f7b2e48119de 100644 (file)
--- a/crypto/cmp/cmp_protect.c
+++ b/crypto/cmp/cmp_protect.c
@@ -156,7 +156,7 @@ int ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg)
              STACK_OF(X509) *chain =
                  ossl_cmp_build_cert_chain(ctx->untrusted_certs, ctx->clCert);
              int res = ossl_cmp_sk_X509_add1_certs(msg->extraCerts, chain,
-                                                  1 /* no self-signed */,
+                                                  1 /* no self-issued */,
                                                    1 /* no duplicates */, 0);
              sk_X509_pop_free(chain, X509_free);
              if (res == 0)
diff --git a/crypto/cmp/cmp_status.c b/crypto/cmp/cmp_status.c

index a5f6b29490381945292a7e39a8201c1ab3820a13..7ebc57d37bb212777f934c2d2b41684870c295cb 100644 (file)
--- a/crypto/cmp/cmp_status.c
+++ b/crypto/cmp/cmp_status.c
@@ -61,7 +61,7 @@ const char *ossl_cmp_PKIStatus_to_string(int status)
              char buf[40];
              BIO_snprintf(buf, sizeof(buf), "PKIStatus: invalid=%d", status);
              CMPerr(0, CMP_R_ERROR_PARSING_PKISTATUS);
-            ossl_cmp_add_error_data(buf);
+            ERR_add_error_data(1, buf);
              return NULL;
          }
      }
@@ -195,7 +195,7 @@ char *OSSL_CMP_CTX_snprint_PKIStatus(OSSL_CMP_CTX *ctx, char *buf,
      int printed_chars;
      int failinfo_found = 0;
      int n_status_strings;
-    char* write_ptr = buf;
+    char *write_ptr = buf;
  
  #define ADVANCE_BUFFER                                         \
      if (printed_chars < 0 || (size_t)printed_chars >= bufsize) \
diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c

index 168bb854d1bc3bef643a92ff3e6fea4786987183..a68f7010629b521a58cea12d2c9f05a393d68e48 100644 (file)
--- a/crypto/cmp/cmp_util.c
+++ b/crypto/cmp/cmp_util.c
@@ -120,7 +120,7 @@ static const char *improve_location_name(const char *func, const char *fallback)
          ? fallback : func;
  }
  
-int OSSL_CMP_print_to_bio(BIO* bio, const char *component, const char *file,
+int OSSL_CMP_print_to_bio(BIO *bio, const char *component, const char *file,
                            int line, OSSL_CMP_severity level, const char *msg)
  {
      const char *level_string =
diff --git a/crypto/crmf/crmf_asn.c b/crypto/crmf/crmf_asn.c

index 8b6657f96981b5fb8eb4ccab12647eab0d319602..bd375c6f8506c42c818e05d3ac729fce3a7a3bde 100644 (file)
--- a/crypto/crmf/crmf_asn.c
+++ b/crypto/crmf/crmf_asn.c
@@ -141,8 +141,8 @@ ASN1_CHOICE(OSSL_CRMF_POPO) = {
  IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_POPO)
  
  
-ASN1_ADB_TEMPLATE(attributetypeandvalue_default) = ASN1_OPT(
-        OSSL_CRMF_ATTRIBUTETYPEANDVALUE, value.other, ASN1_ANY);
+ASN1_ADB_TEMPLATE(attributetypeandvalue_default) =
+    ASN1_OPT(OSSL_CRMF_ATTRIBUTETYPEANDVALUE, value.other, ASN1_ANY);
  ASN1_ADB(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) = {
      ADB_ENTRY(NID_id_regCtrl_regToken,
                ASN1_SIMPLE(OSSL_CRMF_ATTRIBUTETYPEANDVALUE,
@@ -187,7 +187,7 @@ IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY)
  
  
  ASN1_SEQUENCE(OSSL_CRMF_CERTTEMPLATE) = {
-    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, version,      ASN1_INTEGER, 0),
+    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, version, ASN1_INTEGER, 0),
      /*
       * serialNumber MUST be omitted. This field is assigned by the CA
       * during certificate creation.
@@ -197,16 +197,16 @@ ASN1_SEQUENCE(OSSL_CRMF_CERTTEMPLATE) = {
       * signingAlg MUST be omitted. This field is assigned by the CA
       * during certificate creation.
       */
-    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, signingAlg,   X509_ALGOR, 2),
-    ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, issuer,       X509_NAME, 3),
+    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, signingAlg, X509_ALGOR, 2),
+    ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, issuer, X509_NAME, 3),
      ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, validity,
                   OSSL_CRMF_OPTIONALVALIDITY, 4),
-    ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, subject,      X509_NAME, 5),
-    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, publicKey,    X509_PUBKEY, 6),
+    ASN1_EXP_OPT(OSSL_CRMF_CERTTEMPLATE, subject, X509_NAME, 5),
+    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, publicKey, X509_PUBKEY, 6),
      /* issuerUID is deprecated in version 2 */
-    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, issuerUID,    ASN1_BIT_STRING, 7),
+    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, issuerUID, ASN1_BIT_STRING, 7),
      /* subjectUID is deprecated in version 2 */
-    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, subjectUID,   ASN1_BIT_STRING, 8),
+    ASN1_IMP_OPT(OSSL_CRMF_CERTTEMPLATE, subjectUID, ASN1_BIT_STRING, 8),
      ASN1_IMP_SEQUENCE_OF_OPT(OSSL_CRMF_CERTTEMPLATE, extensions,
                               X509_EXTENSION, 9),
  } ASN1_SEQUENCE_END(OSSL_CRMF_CERTTEMPLATE)
diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c

index 64dbf80978c8e1a941727ff6291c0e210c7bb29b..4d81569299192e9dc4aa69f3afdfc10f8f7b5c3a 100644 (file)
--- a/crypto/crmf/crmf_lib.c
+++ b/crypto/crmf/crmf_lib.c
@@ -47,7 +47,7 @@ int OSSL_CRMF_MSG_set1_##ctrlinf##_##atyp(OSSL_CRMF_MSG *msg,             \
  {                                                                         \
      OSSL_CRMF_ATTRIBUTETYPEANDVALUE *atav = NULL;                         \
                                                                            \
-    if (msg == NULL || in  == NULL)                                       \
+    if (msg == NULL || in == NULL)                                       \
          goto err;                                                         \
      if ((atav = OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new()) == NULL)           \
          goto err;                                                         \
@@ -122,9 +122,9 @@ int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi,
      return 1;
  }
  
-int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(
-                                 OSSL_CRMF_PKIPUBLICATIONINFO *pi,
-                                 OSSL_CRMF_SINGLEPUBINFO *spi)
+int
+OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
+                                                     OSSL_CRMF_SINGLEPUBINFO *spi)
  {
      if (pi == NULL || spi == NULL) {
          CRMFerr(CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO,
@@ -139,8 +139,8 @@ int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(
      return sk_OSSL_CRMF_SINGLEPUBINFO_push(pi->pubInfos, spi);
  }
  
-int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(
-                                 OSSL_CRMF_PKIPUBLICATIONINFO *pi, int action)
+int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
+                                                int action)
  {
      if (pi == NULL
              || action < OSSL_CRMF_PUB_ACTION_DONTPUBLISH
@@ -457,7 +457,7 @@ int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
          {
              OSSL_CRMF_POPOSIGNINGKEY *ps = OSSL_CRMF_POPOSIGNINGKEY_new();
              if (ps == NULL
-                    || !CRMF_poposigningkey_init(ps, crm->certReq, pkey, dgst)){
+                    || !CRMF_poposigningkey_init(ps, crm->certReq, pkey, dgst)) {
                  OSSL_CRMF_POPOSIGNINGKEY_free(ps);
                  goto err;
              }
@@ -542,21 +542,23 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
               * the public key from the certificate template. This MUST be
               * exactly the same value as contained in the certificate template.
               */
+            const ASN1_ITEM *rptr = ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT);
+
              if (pubkey == NULL
                      || sig->poposkInput->publicKey == NULL
                      || X509_PUBKEY_cmp(pubkey, sig->poposkInput->publicKey)
-                    || ASN1_item_verify(
-                           ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT),
-                           sig->algorithmIdentifier, sig->signature,
-                           sig->poposkInput, X509_PUBKEY_get0(pubkey)) < 1)
+                    || ASN1_item_verify(rptr, sig->algorithmIdentifier,
+                                        sig->signature, sig->poposkInput,
+                                        X509_PUBKEY_get0(pubkey)) < 1)
                  break;
          } else {
              if (pubkey == NULL
                      || req->certReq->certTemplate->subject == NULL
                      || ASN1_item_verify(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
-                                    sig->algorithmIdentifier, sig->signature,
-                                    req->certReq,
-                                    X509_PUBKEY_get0(pubkey)) < 1)
+                                        sig->algorithmIdentifier,
+                                        sig->signature,
+                                        req->certReq,
+                                        X509_PUBKEY_get0(pubkey)) < 1)
                  break;
          }
          return 1;
diff --git a/crypto/crmf/crmf_local.h b/crypto/crmf/crmf_local.h

index 06b32b53780bf1a377dcdb48a956d374d2ddb530..3f3f75cf2fbe74bbbd3199ca2d1fe9ff96038fd1 100644 (file)
--- a/crypto/crmf/crmf_local.h
+++ b/crypto/crmf/crmf_local.h
@@ -185,9 +185,9 @@ DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKMACVALUE)
  typedef struct ossl_crmf_popoprivkey_st {
      int type;
      union {
-        ASN1_BIT_STRING *thisMessage; /* 0 */     /* Deprecated */
+        ASN1_BIT_STRING *thisMessage; /* 0 */ /* Deprecated */
          ASN1_INTEGER *subsequentMessage; /* 1 */
-        ASN1_BIT_STRING *dhMAC; /* 2 */           /* Deprecated */
+        ASN1_BIT_STRING *dhMAC; /* 2 */ /* Deprecated */
          OSSL_CRMF_PKMACVALUE *agreeMAC; /* 3 */
          /*
           * TODO: This is not ASN1_NULL but CMS_ENVELOPEDDATA which should be
@@ -310,20 +310,20 @@ DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY)
   * }
   */
  struct ossl_crmf_certtemplate_st {
-    ASN1_INTEGER *version;           /* 0 */
-    ASN1_INTEGER *serialNumber;      /* 1 */ /* serialNumber MUST be omitted  */
-             /* This field is assigned by the CA during certificate creation  */
-    X509_ALGOR *signingAlg;          /* 2 */  /* signingAlg MUST be omitted   */
-             /* This field is assigned by the CA during certificate creation  */
-    X509_NAME *issuer;               /* 3 */
-    OSSL_CRMF_OPTIONALVALIDITY *validity; /* 4 */
-    X509_NAME *subject;              /* 5 */
-    X509_PUBKEY *publicKey;          /* 6 */
-    ASN1_BIT_STRING *issuerUID;      /* 7 */  /* deprecated in version 2      */
-                  /* According to rfc 3280: UniqueIdentifier  ::=  BIT STRING */
-    ASN1_BIT_STRING *subjectUID;     /* 8 */  /* deprecated in version 2      */
-                      /* Could be X509_EXTENSION*S*, but that's only cosmetic */
-    STACK_OF(X509_EXTENSION) *extensions; /* 9 */
+    ASN1_INTEGER *version;
+    ASN1_INTEGER *serialNumber; /* serialNumber MUST be omitted */
+    /* This field is assigned by the CA during certificate creation */
+    X509_ALGOR *signingAlg; /* signingAlg MUST be omitted */
+    /* This field is assigned by the CA during certificate creation */
+    X509_NAME *issuer;
+    OSSL_CRMF_OPTIONALVALIDITY *validity;
+    X509_NAME *subject;
+    X509_PUBKEY *publicKey;
+    ASN1_BIT_STRING *issuerUID; /* deprecated in version 2 */
+    /* According to rfc 3280: UniqueIdentifier ::= BIT STRING */
+    ASN1_BIT_STRING *subjectUID; /* deprecated in version 2 */
+    /* Could be X509_EXTENSION*S*, but that's only cosmetic */
+    STACK_OF(X509_EXTENSION) *extensions;
  } /* OSSL_CRMF_CERTTEMPLATE */;
  
  /*-
diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c

index 2dfa84e49b75f88ba9031d896465613b5c5bb2d6..6c22bc29a0708dcf0833f8b8b59a5b647d260b6b 100644 (file)
--- a/crypto/crmf/crmf_pbm.c
+++ b/crypto/crmf/crmf_pbm.c
@@ -71,7 +71,7 @@ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid,
      /*
       * iterationCount identifies the number of times the hash is applied
       * during the key computation process.  The iterationCount MUST be a
-     * minimum of 100.      Many people suggest using values as high as 1000
+     * minimum of 100. Many people suggest using values as high as 1000
       * iterations as the minimum value.  The trade off here is between
       * protection of the password from attacks and the time spent by the
       * server processing all of the different iterations in deriving
diff --git a/doc/internal/man3/ossl_cmp_sk_X509_add1_cert.pod b/doc/internal/man3/ossl_cmp_sk_X509_add1_cert.pod

index cb36855adf7a22f4de5ad588c1816c5bc692eff1..4c647708f3bb15c29ab845586cf2bc34e2f1c4ce 100644 (file)
--- a/doc/internal/man3/ossl_cmp_sk_X509_add1_cert.pod
+++ b/doc/internal/man3/ossl_cmp_sk_X509_add1_cert.pod
@@ -15,9 +15,9 @@ ossl_cmp_X509_STORE_get1_certs
    int ossl_cmp_sk_X509_add1_cert(STACK_OF(X509) *sk, X509 *cert,
                                   int no_dup, int prepend);
    int ossl_cmp_sk_X509_add1_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs,
-                                  int no_self_signed, int no_dups, int prepend);
+                                  int no_self_issued, int no_dups, int prepend);
    int ossl_cmp_X509_STORE_add1_certs(X509_STORE *store, STACK_OF(X509) *certs,
-                                     int only_self_signed);
+                                     int only_self_issued);
    STACK_OF(X509) *ossl_cmp_X509_STORE_get1_certs(X509_STORE *store);
  
  =head1 DESCRIPTION
@@ -29,10 +29,10 @@ On success the reference count of the certificate is increased.
  
  ossl_cmp_sk_X509_add1_certs() appends or prepends (depending on the I<prepend>
  argument) a list of certificates to the given list,
-optionally only if not self-signed and optionally only if not already contained.
+optionally only if not self-issued and optionally only if not already contained.
  The reference counts of those certificates appended successfully are increased.
  
-ossl_cmp_X509_STORE_add1_certs() adds all or only self-signed certificates from
+ossl_cmp_X509_STORE_add1_certs() adds all or only self-issued certificates from
  the given stack to given store. The I<certs> parameter may be NULL.
  
  ossl_cmp_X509_STORE_get1_certs() retrieves a copy of all certificates in the
diff --git a/include/openssl/cmp.h b/include/openssl/cmp.h

index 78763248e0db47b275c91fa0dca2f84cacd1648a..bc1ae3530548abbc4c691245201dabce1057a8b7 100644 (file)
--- a/include/openssl/cmp.h
+++ b/include/openssl/cmp.h
@@ -26,7 +26,7 @@
  #  include <openssl/x509.h>
  #  include <openssl/x509v3.h>
  
-#  ifdef  __cplusplus
+#  ifdef __cplusplus
  extern "C" {
  #  endif
  
@@ -128,9 +128,9 @@ extern "C" {
  #  define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq 26
  #  define OSSL_CMP_PKIFAILUREINFO_MAX 26
  #  define OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN \
-    ( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1)
+    ((1 << (OSSL_CMP_PKIFAILUREINFO_MAX + 1)) - 1)
  #  if OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX
-#   error  CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int
+#   error CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int
  #  endif
  
  typedef ASN1_BIT_STRING OSSL_CMP_PKIFAILUREINFO;
diff --git a/include/openssl/cmp_util.h b/include/openssl/cmp_util.h

index 69e843c64ec0c83558c281e8a63ee3056f282403..56fb49e188cfaca6f6795e38a4fe839a61dc858a 100644 (file)
--- a/include/openssl/cmp_util.h
+++ b/include/openssl/cmp_util.h
@@ -42,7 +42,7 @@ typedef int OSSL_CMP_severity;
  typedef int (*OSSL_cmp_log_cb_t)(const char *func, const char *file, int line,
                                   OSSL_CMP_severity level, const char *msg);
  
-int OSSL_CMP_print_to_bio(BIO* bio, const char *component, const char *file,
+int OSSL_CMP_print_to_bio(BIO *bio, const char *component, const char *file,
                            int line, OSSL_CMP_severity level, const char *msg);
  /* use of the logging callback for outputting error queue */
  void OSSL_CMP_print_errors_cb(OSSL_cmp_log_cb_t log_fn);
diff --git a/include/openssl/cmperr.h b/include/openssl/cmperr.h

index cd962fb5d16ad7af23b48ca5f6dfcc2d85afde27..a44a1a92bbd391b4c69fc568bdb6efc2dd8a1081 100644 (file)
--- a/include/openssl/cmperr.h
+++ b/include/openssl/cmperr.h
@@ -19,7 +19,7 @@
  
  # ifndef OPENSSL_NO_CMP
  
-#  ifdef  __cplusplus
+#  ifdef __cplusplus
  extern "C"
  #  endif
  int ERR_load_CMP_strings(void);
@@ -27,8 +27,8 @@ int ERR_load_CMP_strings(void);
  /*
   * CMP function codes.
   */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# endif
+#  ifndef OPENSSL_NO_DEPRECATED_3_0
+#  endif
  
  /*
   * CMP reason codes.
diff --git a/include/openssl/crmf.h b/include/openssl/crmf.h

index 160ad326b0c665bf8d1f3f8b5961cfa16b26e577..09b57f6bce170eaf84777aeac03128f45966669f 100644 (file)
--- a/include/openssl/crmf.h
+++ b/include/openssl/crmf.h
@@ -26,7 +26,7 @@
  #  include <openssl/types.h>
  #  include <openssl/x509.h>
  
-#  ifdef  __cplusplus
+#  ifdef __cplusplus
  extern "C" {
  #  endif
  
@@ -77,9 +77,9 @@ int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg,
                                          const ASN1_UTF8STRING *tok);
  int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg,
                                               const ASN1_UTF8STRING *auth);
-int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(
-                                               OSSL_CRMF_PKIPUBLICATIONINFO *pi,
-                                               OSSL_CRMF_SINGLEPUBINFO *spi);
+int
+OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
+                                                     OSSL_CRMF_SINGLEPUBINFO *spi);
  #  define OSSL_CRMF_PUB_METHOD_DONTCARE 0
  #  define OSSL_CRMF_PUB_METHOD_X500     1
  #  define OSSL_CRMF_PUB_METHOD_WEB      2
@@ -88,10 +88,10 @@ int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi,
                                       int method, GENERAL_NAME *nm);
  #  define OSSL_CRMF_PUB_ACTION_DONTPUBLISH   0
  #  define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1
-int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(
-                                  OSSL_CRMF_PKIPUBLICATIONINFO *pi, int action);
+int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
+                                                int action);
  int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg,
-                                        const OSSL_CRMF_PKIPUBLICATIONINFO *pi);
+                                                  const OSSL_CRMF_PKIPUBLICATIONINFO *pi);
  int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg,
                                                 const X509_PUBKEY *pubkey);
  int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg,
@@ -110,7 +110,7 @@ int OSSL_CRMF_MSG_get_certReqId(OSSL_CRMF_MSG *crm);
  int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, X509_EXTENSIONS *exts);
  
  int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext);
-#  define OSSL_CRMF_POPO_NONE      -1
+#  define OSSL_CRMF_POPO_NONE       -1
  #  define OSSL_CRMF_POPO_RAVERIFIED 0
  #  define OSSL_CRMF_POPO_SIGNATURE  1
  #  define OSSL_CRMF_POPO_KEYENC     2
diff --git a/include/openssl/crmferr.h b/include/openssl/crmferr.h

index 97f5159b51c902a7f9565887117873b57f2227f9..97a3028ce2a67c73ed6f14f0d968906b17f60c2b 100644 (file)
--- a/include/openssl/crmferr.h
+++ b/include/openssl/crmferr.h
@@ -19,7 +19,7 @@
  
  # ifndef OPENSSL_NO_CRMF
  
-#  ifdef  __cplusplus
+#  ifdef __cplusplus
  extern "C"
  #  endif
  int ERR_load_CRMF_strings(void);
@@ -27,7 +27,7 @@ int ERR_load_CRMF_strings(void);
  /*
   * CRMF function codes.
   */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
+#  ifndef OPENSSL_NO_DEPRECATED_3_0
  #   define CRMF_F_CRMF_POPOSIGNINGKEY_INIT                  0
  #   define CRMF_F_OSSL_CRMF_CERTID_GEN                      0
  #   define CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL               0
@@ -47,7 +47,7 @@ int ERR_load_CRMF_strings(void);
  #   define CRMF_F_OSSL_CRMF_MSG_SET_VALIDITY                0
  #   define CRMF_F_OSSL_CRMF_PBMP_NEW                        0
  #   define CRMF_F_OSSL_CRMF_PBM_NEW                         0
-# endif
+#  endif
  
  /*
   * CRMF reason codes.
diff --git a/test/cmp_ctx_test.c b/test/cmp_ctx_test.c

index e6b6f24854f65b6036f32c5cf531b49c64d72fec..5c637b0a3c9f9550d4f3e30f4fb78803065536b8 100644 (file)
--- a/test/cmp_ctx_test.c
+++ b/test/cmp_ctx_test.c
@@ -190,8 +190,8 @@ static int test_CTX_print_errors(void)
  }
  #endif
  
-static int execute_CTX_reqExtensions_have_SAN_test(
-                                             OSSL_CMP_CTX_TEST_FIXTURE *fixture)
+static
+int execute_CTX_reqExtensions_have_SAN_test(OSSL_CMP_CTX_TEST_FIXTURE *fixture)
  {
      OSSL_CMP_CTX *ctx = fixture->ctx;
      const int len = 16;
@@ -240,10 +240,10 @@ static int test_log_cb(const char *func, const char *file, int line,
                         OSSL_CMP_severity level, const char *msg)
  {
      test_log_cb_res =
-# ifndef PEDANTIC
+#ifndef PEDANTIC
          (TEST_str_eq(func, "execute_cmp_ctx_log_cb_test")
           || TEST_str_eq(func, "(unknown function)")) &&
-# endif
+#endif
          (TEST_str_eq(file, OPENSSL_FILE)
           || TEST_str_eq(file, "(no file)"))
          && (TEST_int_eq(line, test_log_line) || TEST_int_eq(line, 0))
@@ -327,13 +327,13 @@ typedef OSSL_CMP_CTX CMP_CTX; /* prevents rewriting type name by below macro */
  
  #define DEFINE_SET_GET_BASE_TEST(PREFIX, SETN, GETN, DUP, FIELD, TYPE, ERR, \
                                   DEFAULT, NEW, FREE) \
-static int execute_CTX_##SETN##_##GETN##_##FIELD( \
-    OSSL_CMP_CTX_TEST_FIXTURE *fixture) \
+static int \
+execute_CTX_##SETN##_##GETN##_##FIELD(OSSL_CMP_CTX_TEST_FIXTURE *fixture) \
  { \
      CMP_CTX *ctx = fixture->ctx; \
      int (*set_fn)(CMP_CTX *ctx, TYPE) = \
          (int (*)(CMP_CTX *ctx, TYPE))PREFIX##_##SETN##_##FIELD; \
-    /* need type cast in above assignment because TYPE arg sometimes is const */ \
+    /* need type cast in above assignment as TYPE arg sometimes is const */ \
      TYPE (*get_fn)(const CMP_CTX *ctx) = OSSL_CMP_CTX_##GETN##_##FIELD; \
      TYPE val1_to_free = NEW; \
      TYPE val1 = val1_to_free; \
@@ -437,7 +437,7 @@ static int execute_CTX_##SETN##_##GETN##_##FIELD( \
              TEST_error("third get gave different value"); \
              res = 0; \
          } \
-    } else  { \
+    } else { \
          if (DUP && val3_read == val2_read) { \
              TEST_error("third get did not create a new dup"); \
              res = 0; \
@@ -486,8 +486,8 @@ static X509_STORE *X509_STORE_new_1(void)
      return store;
  }
  
-#define DEFAULT_STORE(x) ((x) == NULL \
-    || X509_VERIFY_PARAM_get_flags(X509_STORE_get0_param(x)) == 0)
+#define DEFAULT_STORE(x) \
+    ((x) == NULL || X509_VERIFY_PARAM_get_flags(X509_STORE_get0_param(x)) == 0)
  
  #define IS_NEG(x) ((x) < 0)
  #define IS_0(x) ((x) == 0) /* for any type */
@@ -498,7 +498,7 @@ static X509_STORE *X509_STORE_new_1(void)
  
  #define DEFINE_SET_GET_TEST(OSSL_CMP, CTX, N, M, DUP, FIELD, TYPE) \
      DEFINE_SET_GET_BASE_TEST(OSSL_CMP##_##CTX, set##N, get##M, DUP, FIELD, \
-                             TYPE*, NULL, IS_0, TYPE##_new(), TYPE##_free)
+                             TYPE *, NULL, IS_0, TYPE##_new(), TYPE##_free)
  
  #define DEFINE_SET_GET_SK_TEST_DEFAULT(OSSL_CMP, CTX, N, M, FIELD, ELEM_TYPE, \
                                         DEFAULT, NEW, FREE) \
@@ -515,7 +515,7 @@ static X509_STORE *X509_STORE_new_1(void)
  #define DEFINE_SET_GET_TEST_DEFAULT(OSSL_CMP, CTX, N, M, DUP, FIELD, TYPE, \
                                      DEFAULT) \
      DEFINE_SET_GET_BASE_TEST(OSSL_CMP##_##CTX, set##N, get##M, DUP, FIELD, \
-                             TYPE*, NULL, DEFAULT, TYPE##_new(), TYPE##_free)
+                             TYPE *, NULL, DEFAULT, TYPE##_new(), TYPE##_free)
  #define DEFINE_SET_TEST_DEFAULT(OSSL_CMP, CTX, N, DUP, FIELD, TYPE, DEFAULT) \
      static TYPE *OSSL_CMP_CTX_get0_##FIELD(const CMP_CTX *ctx) \
      { \
@@ -546,7 +546,7 @@ typedef OSSL_HTTP_bio_cb_t OSSL_cmp_http_cb_t;
                               OSSL_cmp_##FIELD##_t, NULL, IS_0, \
                               test_##FIELD, DROP)
  #define DEFINE_SET_GET_P_VOID_TEST(FIELD) \
-    DEFINE_SET_GET_BASE_TEST(OSSL_CMP_CTX, set, get, 0, FIELD, void*, \
+    DEFINE_SET_GET_BASE_TEST(OSSL_CMP_CTX, set, get, 0, FIELD, void *, \
                               NULL, IS_0, ((void *)1), DROP)
  
  #define DEFINE_SET_GET_INT_TEST_DEFAULT(OSSL_CMP, CTX, FIELD, DEFAULT) \
@@ -576,7 +576,7 @@ typedef OSSL_HTTP_bio_cb_t OSSL_cmp_http_cb_t;
      static int OSSL_CMP_CTX_##SETN##_##FIELD##_str(CMP_CTX *ctx, char *val)\
      { \
          return OSSL_CMP_CTX_##SETN##_##FIELD(ctx, (unsigned char *)val, \
-                                            strlen(val)); \
+                                             strlen(val));              \
      } \
      \
      static char *OSSL_CMP_CTX_get1_##FIELD##_str(const CMP_CTX *ctx) \
@@ -681,7 +681,7 @@ static int execute_CTX_##PUSHN##_##ELEM(OSSL_CMP_CTX_TEST_FIXTURE *fixture) \
              res = 0; \
          } \
      } \
-    /* this does not check that all remaining fields and elems are untouched */\
+    /* this does not check if all remaining fields and elems are untouched */ \
      \
      if (!TEST_int_eq(ERR_peek_error(), 0)) \
          res = 0; \
@@ -699,7 +699,7 @@ static int test_CTX_##PUSHN##_##ELEM(void) \
  } \
  
  #define DEFINE_PUSH_TEST(N, DUP, FIELD, ELEM, TYPE) \
-    DEFINE_PUSH_BASE_TEST(push##N, DUP, FIELD, ELEM, TYPE*, TYPE, \
+    DEFINE_PUSH_BASE_TEST(push##N, DUP, FIELD, ELEM, TYPE *, TYPE, \
                            IS_0, TYPE##_new(), TYPE##_free)
  
  void cleanup_tests(void)
@@ -728,7 +728,7 @@ DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 0, srvCert, X509)
  DEFINE_SET_TEST(ossl_cmp, ctx, 0, 0, validatedSrvCert, X509)
  DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 1, expected_sender, X509_NAME)
  DEFINE_SET_GET_BASE_TEST(OSSL_CMP_CTX, set0, get0, 0, trustedStore,
-                         X509_STORE*, NULL,
+                         X509_STORE *, NULL,
                           DEFAULT_STORE, X509_STORE_new_1(), X509_STORE_free)
  DEFINE_SET_GET_SK_X509_TEST(OSSL_CMP, CTX, 1, 0, untrusted_certs)
  
@@ -738,9 +738,9 @@ DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 0, pkey, EVP_PKEY)
  DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 1, recipient, X509_NAME)
  DEFINE_PUSH_TEST(0, 0, geninfo_ITAVs, geninfo_ITAV, OSSL_CMP_ITAV)
  DEFINE_SET_SK_TEST(OSSL_CMP, CTX, 1, extraCertsOut, X509)
-DEFINE_SET_GET_ARG_FN(set0, get0, newPkey, 1, EVP_PKEY*) /* priv == 1 */
+DEFINE_SET_GET_ARG_FN(set0, get0, newPkey, 1, EVP_PKEY *) /* priv == 1 */
  DEFINE_SET_GET_TEST(OSSL_CMP, CTX, 0, 0, 0, newPkey_1, EVP_PKEY)
-DEFINE_SET_GET_ARG_FN(set0, get0, newPkey, 0, EVP_PKEY*) /* priv == 0 */
+DEFINE_SET_GET_ARG_FN(set0, get0, newPkey, 0, EVP_PKEY *) /* priv == 0 */
  DEFINE_SET_GET_TEST(OSSL_CMP, CTX, 0, 0, 0, newPkey_0, EVP_PKEY)
  DEFINE_SET_GET1_STR_FN(set1, referenceValue)
  DEFINE_SET_GET_TEST_DEFAULT(OSSL_CMP, CTX, 1, 1, 1, referenceValue_str, char,
diff --git a/test/cmp_hdr_test.c b/test/cmp_hdr_test.c

index a9b2aff79ccc8cbab47302982991fb6f7ac4abae..c12b72f29ec620fffd351fde23f0be330f2f8465 100644 (file)
--- a/test/cmp_hdr_test.c
+++ b/test/cmp_hdr_test.c
@@ -65,8 +65,9 @@ static int test_HDR_set_get_pvno(void)
      return result;
  }
  
-#define X509_NAME_ADD(n, rd, s) X509_NAME_add_entry_by_txt((n), (rd),          \
-                                MBSTRING_ASC, (unsigned char *)(s), -1, -1, 0)
+#define X509_NAME_ADD(n, rd, s) \
+    X509_NAME_add_entry_by_txt((n), (rd), MBSTRING_ASC, (unsigned char *)(s), \
+                               -1, -1, 0)
  
  static int execute_HDR_get0_senderNonce_test(CMP_HDR_TEST_FIXTURE *fixture)
  {
@@ -112,8 +113,8 @@ static int execute_HDR_set1_sender_test(CMP_HDR_TEST_FIXTURE *fixture)
      if (!TEST_int_eq(fixture->hdr->sender->type, GEN_DIRNAME))
          return 0;
  
-    if (!TEST_int_eq(
-            X509_NAME_cmp(fixture->hdr->sender->d.directoryName, x509name), 0))
+    if (!TEST_int_eq(X509_NAME_cmp(fixture->hdr->sender->d.directoryName,
+                                   x509name), 0))
          return 0;
  
      X509_NAME_free(x509name);
@@ -142,8 +143,8 @@ static int execute_HDR_set1_recipient_test(CMP_HDR_TEST_FIXTURE *fixture)
      if (!TEST_int_eq(fixture->hdr->recipient->type, GEN_DIRNAME))
          return 0;
  
-    if (!TEST_int_eq(
-            X509_NAME_cmp(fixture->hdr->recipient->d.directoryName, x509name),0))
+    if (!TEST_int_eq(X509_NAME_cmp(fixture->hdr->recipient->d.directoryName,
+                                   x509name), 0))
          return 0;
  
      X509_NAME_free(x509name);
@@ -188,7 +189,7 @@ static int test_HDR_update_messageTime(void)
  
  static int execute_HDR_set1_senderKID_test(CMP_HDR_TEST_FIXTURE *fixture)
  {
-    ASN1_OCTET_STRING* senderKID = ASN1_OCTET_STRING_new();
+    ASN1_OCTET_STRING *senderKID = ASN1_OCTET_STRING_new();
  
      if (!TEST_ptr(senderKID))
          return 0;
@@ -198,8 +199,8 @@ static int execute_HDR_set1_senderKID_test(CMP_HDR_TEST_FIXTURE *fixture)
          return 0;
      if (!TEST_int_eq(ossl_cmp_hdr_set1_senderKID(fixture->hdr, senderKID), 1))
          return 0;
-    if (!TEST_int_eq(
-            ASN1_OCTET_STRING_cmp(fixture->hdr->senderKID, senderKID), 0))
+    if (!TEST_int_eq(ASN1_OCTET_STRING_cmp(fixture->hdr->senderKID,
+                                           senderKID), 0))
          return 0;
  
      ASN1_OCTET_STRING_free(senderKID);
@@ -216,7 +217,7 @@ static int test_HDR_set1_senderKID(void)
  
  static int execute_HDR_push0_freeText_test(CMP_HDR_TEST_FIXTURE *fixture)
  {
-    ASN1_UTF8STRING* text = ASN1_UTF8STRING_new();
+    ASN1_UTF8STRING *text = ASN1_UTF8STRING_new();
  
      if (!TEST_ptr(text))
          return 0;
@@ -224,11 +225,10 @@ static int execute_HDR_push0_freeText_test(CMP_HDR_TEST_FIXTURE *fixture)
      if (!ASN1_STRING_set(text, "A free text", -1))
          return 0;
  
-    if (!TEST_int_eq(
-            ossl_cmp_hdr_push0_freeText(fixture->hdr, text), 1))
+    if (!TEST_int_eq(ossl_cmp_hdr_push0_freeText(fixture->hdr, text), 1))
          return 0;
-    if (!TEST_true(text == sk_ASN1_UTF8STRING_value(
-            fixture->hdr->freeText, 0)))
+
+    if (!TEST_true(text == sk_ASN1_UTF8STRING_value(fixture->hdr->freeText, 0)))
          return 0;
  
      return 1;
@@ -244,7 +244,8 @@ static int test_HDR_push0_freeText(void)
  
  static int execute_HDR_push1_freeText_test(CMP_HDR_TEST_FIXTURE *fixture)
  {
-    ASN1_UTF8STRING* text = ASN1_UTF8STRING_new();
+    ASN1_UTF8STRING *text = ASN1_UTF8STRING_new();
+    ASN1_UTF8STRING *pushed_text;
  
      if (!TEST_ptr(text))
          return 0;
@@ -252,11 +253,11 @@ static int execute_HDR_push1_freeText_test(CMP_HDR_TEST_FIXTURE *fixture)
      if (!ASN1_STRING_set(text, "A free text", -1))
          return 0;
  
-    if (!TEST_int_eq(
-            ossl_cmp_hdr_push1_freeText(fixture->hdr, text), 1))
+    if (!TEST_int_eq(ossl_cmp_hdr_push1_freeText(fixture->hdr, text), 1))
          return 0;
-    if (!TEST_int_eq(ASN1_STRING_cmp(
-            sk_ASN1_UTF8STRING_value(fixture->hdr->freeText, 0), text), 0))
+
+    pushed_text = sk_ASN1_UTF8STRING_value(fixture->hdr->freeText, 0);
+    if (!TEST_int_eq(ASN1_STRING_cmp(text, pushed_text), 0))
          return 0;
  
      ASN1_UTF8STRING_free(text);
@@ -279,11 +280,12 @@ execute_HDR_generalInfo_push0_item_test(CMP_HDR_TEST_FIXTURE *fixture)
      if (!TEST_ptr(itav))
          return 0;
  
-    if (!TEST_int_eq(
-            ossl_cmp_hdr_generalInfo_push0_item(fixture->hdr, itav), 1))
+    if (!TEST_int_eq(ossl_cmp_hdr_generalInfo_push0_item(fixture->hdr, itav),
+                     1))
          return 0;
-    if (!TEST_true(itav == sk_OSSL_CMP_ITAV_value(
-            fixture->hdr->generalInfo, 0)))
+
+    if (!TEST_true(itav == sk_OSSL_CMP_ITAV_value(fixture->hdr->generalInfo,
+                                                  0)))
          return 0;
  
      return 1;
@@ -302,10 +304,11 @@ execute_HDR_generalInfo_push1_items_test(CMP_HDR_TEST_FIXTURE *fixture)
  {
      const char oid[] = "1.2.3.4";
      char buf[20];
-    OSSL_CMP_ITAV *itav;
-    STACK_OF(OSSL_CMP_ITAV) *itavs = NULL;
+    OSSL_CMP_ITAV *itav, *pushed_itav;
+    STACK_OF(OSSL_CMP_ITAV) *itavs = NULL, *ginfo;
      ASN1_INTEGER *asn1int = ASN1_INTEGER_new();
      ASN1_TYPE *val = ASN1_TYPE_new();
+    ASN1_TYPE *pushed_val;
  
      if (!TEST_ptr(asn1int))
          return 0;
@@ -318,17 +321,17 @@ execute_HDR_generalInfo_push1_items_test(CMP_HDR_TEST_FIXTURE *fixture)
      itav = OSSL_CMP_ITAV_create(OBJ_txt2obj(oid, 1), val);
      OSSL_CMP_ITAV_push0_stack_item(&itavs, itav);
  
-    if (!TEST_int_eq(
-        ossl_cmp_hdr_generalInfo_push1_items(fixture->hdr, itavs), 1))
+    if (!TEST_int_eq(ossl_cmp_hdr_generalInfo_push1_items(fixture->hdr, itavs),
+                     1))
          return 0;
-    OBJ_obj2txt(buf, sizeof(buf), OSSL_CMP_ITAV_get0_type(
-            sk_OSSL_CMP_ITAV_value(fixture->hdr->generalInfo, 0)), 0);
+    ginfo = fixture->hdr->generalInfo;
+    pushed_itav = sk_OSSL_CMP_ITAV_value(ginfo, 0);
+    OBJ_obj2txt(buf, sizeof(buf), OSSL_CMP_ITAV_get0_type(pushed_itav), 0);
      if (!TEST_int_eq(memcmp(oid, buf, sizeof(oid)), 0))
          return 0;
  
-    if (!TEST_int_eq(ASN1_TYPE_cmp(itav->infoValue.other,
-                                   OSSL_CMP_ITAV_get0_value(
-            sk_OSSL_CMP_ITAV_value(fixture->hdr->generalInfo, 0))), 0))
+    pushed_val = OSSL_CMP_ITAV_get0_value(sk_OSSL_CMP_ITAV_value(ginfo, 0));
+    if (!TEST_int_eq(ASN1_TYPE_cmp(itav->infoValue.other, pushed_val), 0))
          return 0;
  
      sk_OSSL_CMP_ITAV_pop_free(itavs, OSSL_CMP_ITAV_free);
@@ -362,35 +365,36 @@ static int test_HDR_set_and_check_implicit_confirm(void)
  
  static int execute_HDR_init_test(CMP_HDR_TEST_FIXTURE *fixture)
  {
-    ASN1_OCTET_STRING *header_nonce = NULL;
-    ASN1_OCTET_STRING *ctx_nonce = NULL;
-    int res = 0;
+    ASN1_OCTET_STRING *header_nonce, *header_transactionID;
+    ASN1_OCTET_STRING *ctx_nonce;
  
      if (!TEST_int_eq(fixture->expected,
                       ossl_cmp_hdr_init(fixture->cmp_ctx, fixture->hdr)))
-        goto err;
-    if (fixture->expected != 0) {
-        if (!TEST_int_eq(ossl_cmp_hdr_get_pvno(fixture->hdr), OSSL_CMP_PVNO)
-                || !TEST_true(0 == ASN1_OCTET_STRING_cmp(
-                        ossl_cmp_hdr_get0_senderNonce(fixture->hdr),
-                        fixture->cmp_ctx->senderNonce))
-                || !TEST_true(0 == ASN1_OCTET_STRING_cmp(
-                            OSSL_CMP_HDR_get0_transactionID(fixture->hdr),
-                            fixture->cmp_ctx->transactionID)))
-            goto err;
-        header_nonce = OSSL_CMP_HDR_get0_recipNonce(fixture->hdr);
-        ctx_nonce = fixture->cmp_ctx->recipNonce;
-        if (ctx_nonce != NULL
-                && (!TEST_ptr(header_nonce)
-                || !TEST_int_eq(0, ASN1_OCTET_STRING_cmp(header_nonce,
-                                                         ctx_nonce))))
-            goto err;
-    }
+        return 0;
+    if (fixture->expected == 0)
+        return 1;
  
-    res = 1;
+    if (!TEST_int_eq(ossl_cmp_hdr_get_pvno(fixture->hdr), OSSL_CMP_PVNO))
+        return 0;
  
- err:
-    return res;
+    header_nonce = ossl_cmp_hdr_get0_senderNonce(fixture->hdr);
+    if (!TEST_int_eq(0, ASN1_OCTET_STRING_cmp(header_nonce,
+                                              fixture->cmp_ctx->senderNonce)))
+        return 0;
+    header_transactionID = OSSL_CMP_HDR_get0_transactionID(fixture->hdr);
+    if (!TEST_true(0 == ASN1_OCTET_STRING_cmp(header_transactionID,
+                                              fixture->cmp_ctx->transactionID)))
+        return 0;
+
+    header_nonce = OSSL_CMP_HDR_get0_recipNonce(fixture->hdr);
+    ctx_nonce = fixture->cmp_ctx->recipNonce;
+    if (ctx_nonce != NULL
+            && (!TEST_ptr(header_nonce)
+                    || !TEST_int_eq(0, ASN1_OCTET_STRING_cmp(header_nonce,
+                                                             ctx_nonce))))
+        return 0;
+
+    return 1;
  }
  
  static int test_HDR_init(void)
diff --git a/test/cmp_msg_test.c b/test/cmp_msg_test.c

index 7fa0619284f9383d960d1efe12416c08ba97f548..8f958658697e391571a97d40bc1e9bee1ff9b927 100644 (file)
--- a/test/cmp_msg_test.c
+++ b/test/cmp_msg_test.c
@@ -122,7 +122,7 @@ static int execute_pkimessage_create_test(CMP_MSG_TEST_FIXTURE *fixture)
                                (fixture->cmp_ctx, fixture->bodytype));
  }
  
-static int set1_newPkey(OSSL_CMP_CTX *ctx, EVP_PKEY* pkey)
+static int set1_newPkey(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey)
  {
      if (!EVP_PKEY_up_ref(pkey))
          return 0;
@@ -321,7 +321,7 @@ static int test_cmp_create_error_msg(void)
                                            OSSL_CMP_PKIFAILUREINFO_systemFailure,
                                            NULL);
      fixture->err_code = -1;
-    fixture->expected = 1;      /* Expected: Message creation is successful */
+    fixture->expected = 1; /* expected: message creation is successful */
      if (!TEST_true(set1_newPkey(fixture->cmp_ctx, newkey))) {
          tear_down(fixture);
          fixture = NULL;
@@ -430,7 +430,7 @@ static int execute_rp_create(CMP_MSG_TEST_FIXTURE *fixture)
          goto err;
  
      if (!X509_NAME_add_entry_by_txt(issuer, "CN", MBSTRING_ASC,
-                                    (unsigned char*)"The Issuer", -1, -1, 0)
+                                    (unsigned char *)"The Issuer", -1, -1, 0)
              || !ASN1_INTEGER_set(serial, 99)
              || (cid = OSSL_CRMF_CERTID_gen(issuer, serial)) == NULL
              || (rpmsg = ossl_cmp_rp_new(fixture->cmp_ctx, si, cid, 1)) == NULL)
@@ -439,8 +439,8 @@ static int execute_rp_create(CMP_MSG_TEST_FIXTURE *fixture)
      if (!TEST_ptr(ossl_cmp_revrepcontent_get_CertId(rpmsg->body->value.rp, 0)))
          goto err;
  
-    if (!TEST_ptr(ossl_cmp_revrepcontent_get_pkistatusinfo(rpmsg->body->value.rp,
-                                                           0)))
+    if (!TEST_ptr(ossl_cmp_revrepcontent_get_pkistatusinfo(rpmsg->body->
+                                                           value.rp, 0)))
          goto err;
  
      res = 1;
@@ -468,11 +468,11 @@ static int execute_pollrep_create(CMP_MSG_TEST_FIXTURE *fixture)
      pollrep = ossl_cmp_pollRep_new(fixture->cmp_ctx, 77, 2000);
      if (!TEST_ptr(pollrep))
          return 0;
-    if (!TEST_ptr(ossl_cmp_pollrepcontent_get0_pollrep(
-            pollrep->body->value.pollRep, 77)))
+    if (!TEST_ptr(ossl_cmp_pollrepcontent_get0_pollrep(pollrep->body->
+                                                       value.pollRep, 77)))
          goto err;
-    if (!TEST_ptr_null(ossl_cmp_pollrepcontent_get0_pollrep(
-            pollrep->body->value.pollRep, 88)))
+    if (!TEST_ptr_null(ossl_cmp_pollrepcontent_get0_pollrep(pollrep->body->
+                                                            value.pollRep, 88)))
          goto err;
  
      res = 1;
diff --git a/test/cmp_protect_test.c b/test/cmp_protect_test.c

index 8425849835f6d3bf4dce976d20a5d901f62dd972..022dea6b7cfc089326feba9b73d481f66b49baf7 100644 (file)
--- a/test/cmp_protect_test.c
+++ b/test/cmp_protect_test.c
@@ -20,7 +20,7 @@ typedef struct test_fixture {
      OSSL_CMP_CTX *cmp_ctx;
      /* for protection tests */
      OSSL_CMP_MSG *msg;
-    OSSL_CMP_PKISI *si;      /* for error and response messages */
+    OSSL_CMP_PKISI *si; /* for error and response messages */
      ASN1_OCTET_STRING *secret;
      EVP_PKEY *privkey;
      EVP_PKEY *pubkey;
@@ -86,7 +86,8 @@ static int execute_calc_protection_pbmac_test(CMP_PROTECT_TEST_FIXTURE *fixture)
      ASN1_BIT_STRING *protection =
          ossl_cmp_calc_protection(fixture->msg, fixture->secret, NULL);
      int res = TEST_ptr(protection)
-        && TEST_true(ASN1_STRING_cmp(protection, fixture->msg->protection) == 0);
+            && TEST_true(ASN1_STRING_cmp(protection,
+                                         fixture->msg->protection) == 0);
  
      ASN1_BIT_STRING_free(protection);
      return res;
@@ -400,7 +401,7 @@ static int execute_X509_STORE_test(CMP_PROTECT_TEST_FIXTURE *fixture)
  static int test_X509_STORE(void)
  {
      SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
-    fixture->callback_arg = 0;  /* self-signed allowed */
+    fixture->callback_arg = 0; /* self-issued allowed */
      if (!TEST_ptr(fixture->certs = sk_X509_new_null())
              || !sk_X509_push(fixture->certs, endentity1)
              || !sk_X509_push(fixture->certs, endentity2)
@@ -414,12 +415,12 @@ static int test_X509_STORE(void)
      return result;
  }
  
-static int test_X509_STORE_only_self_signed(void)
+static int test_X509_STORE_only_self_issued(void)
  {
      SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
      fixture->certs = sk_X509_new_null();
      fixture->chain = sk_X509_new_null();
-    fixture->callback_arg = 1;  /* only self-signed */
+    fixture->callback_arg = 1; /* only self-issued */
      if (!TEST_true(sk_X509_push(fixture->certs, endentity1))
              || !TEST_true(sk_X509_push(fixture->certs, endentity2))
              || !TEST_true(sk_X509_push(fixture->certs, root))
@@ -521,7 +522,7 @@ int setup_tests(void)
  #endif
  
      ADD_TEST(test_X509_STORE);
-    ADD_TEST(test_X509_STORE_only_self_signed);
+    ADD_TEST(test_X509_STORE_only_self_issued);
  
      return 1;
  }
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Fri, 13 Dec 2019 19:07:08 +0000 (20:07 +0100)
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>
	Mon, 17 Feb 2020 06:43:58 +0000 (07:43 +0100)
crypto/cmp/cmp_asn.c		patch \| blob \| history
crypto/cmp/cmp_ctx.c		patch \| blob \| history
crypto/cmp/cmp_local.h		patch \| blob \| history
crypto/cmp/cmp_msg.c		patch \| blob \| history
crypto/cmp/cmp_protect.c		patch \| blob \| history
crypto/cmp/cmp_status.c		patch \| blob \| history
crypto/cmp/cmp_util.c		patch \| blob \| history
crypto/crmf/crmf_asn.c		patch \| blob \| history
crypto/crmf/crmf_lib.c		patch \| blob \| history
crypto/crmf/crmf_local.h		patch \| blob \| history
crypto/crmf/crmf_pbm.c		patch \| blob \| history
doc/internal/man3/ossl_cmp_sk_X509_add1_cert.pod		patch \| blob \| history
include/openssl/cmp.h		patch \| blob \| history
include/openssl/cmp_util.h		patch \| blob \| history
include/openssl/cmperr.h		patch \| blob \| history
include/openssl/crmf.h		patch \| blob \| history
include/openssl/crmferr.h		patch \| blob \| history
test/cmp_ctx_test.c		patch \| blob \| history
test/cmp_hdr_test.c		patch \| blob \| history
test/cmp_msg_test.c		patch \| blob \| history
test/cmp_protect_test.c		patch \| blob \| history