From cd933ebd578d7ec77e1905250a4afbc65750bef4 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 8 Jul 2017 12:11:59 +0100 Subject: [PATCH] Move certificate table to header file so it can be tested. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3858) --- ssl/ssl_cert.c | 14 +------------- ssl/ssl_cert_table.h | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 13 deletions(-) create mode 100644 ssl/ssl_cert_table.h diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index a87933d1f6..ce4a09fad5 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -24,6 +24,7 @@ #include #include #include "ssl_locl.h" +#include "ssl_cert_table.h" #include "internal/thread_once.h" static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, @@ -977,19 +978,6 @@ int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid, void *other) ctx->cert->sec_ex); } -/* - * Certificate table information. NB: table entries must match SSL_PKEY indices - */ -static const SSL_CERT_LOOKUP ssl_cert_info [] = { - {EVP_PKEY_RSA, SSL_aRSA}, /* SSL_PKEY_RSA */ - {EVP_PKEY_DSA, SSL_aDSS}, /* SSL_PKEY_DSA_SIGN */ - {EVP_PKEY_EC, SSL_aECDSA}, /* SSL_PKEY_ECC */ - {NID_id_GostR3410_2001, SSL_aGOST01}, /* SSL_PKEY_GOST01 */ - {NID_id_GostR3410_2012_256, SSL_aGOST12}, /* SSL_PKEY_GOST12_256 */ - {NID_id_GostR3410_2012_512, SSL_aGOST12}, /* SSL_PKEY_GOST12_512 */ - {EVP_PKEY_ED25519, SSL_aECDSA} /* SSL_PKEY_ED25519 */ -}; - const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx) { int nid = EVP_PKEY_id(pk); diff --git a/ssl/ssl_cert_table.h b/ssl/ssl_cert_table.h new file mode 100644 index 0000000000..eae9ff232b --- /dev/null +++ b/ssl/ssl_cert_table.h @@ -0,0 +1,21 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Certificate table information. NB: table entries must match SSL_PKEY indices + */ +static const SSL_CERT_LOOKUP ssl_cert_info [] = { + {EVP_PKEY_RSA, SSL_aRSA}, /* SSL_PKEY_RSA */ + {EVP_PKEY_DSA, SSL_aDSS}, /* SSL_PKEY_DSA_SIGN */ + {EVP_PKEY_EC, SSL_aECDSA}, /* SSL_PKEY_ECC */ + {NID_id_GostR3410_2001, SSL_aGOST01}, /* SSL_PKEY_GOST01 */ + {NID_id_GostR3410_2012_256, SSL_aGOST12}, /* SSL_PKEY_GOST12_256 */ + {NID_id_GostR3410_2012_512, SSL_aGOST12}, /* SSL_PKEY_GOST12_512 */ + {EVP_PKEY_ED25519, SSL_aECDSA} /* SSL_PKEY_ED25519 */ +}; -- 2.25.1