#include "ct_locl.h"
-#define n2s(c,s) ((s=(((unsigned int)((c)[0]))<< 8)| \
- (((unsigned int)((c)[1])) )),c+=2)
-
-#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
- c[1]=(unsigned char)(((s) )&0xff)),c+=2)
-
-#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \
- c[1]=(unsigned char)(((l)>> 8)&0xff), \
- c[2]=(unsigned char)(((l) )&0xff)),c+=3)
-
-#define n2l8(c,l) (l =((uint64_t)(*((c)++)))<<56, \
- l|=((uint64_t)(*((c)++)))<<48, \
- l|=((uint64_t)(*((c)++)))<<40, \
- l|=((uint64_t)(*((c)++)))<<32, \
- l|=((uint64_t)(*((c)++)))<<24, \
- l|=((uint64_t)(*((c)++)))<<16, \
- l|=((uint64_t)(*((c)++)))<< 8, \
- l|=((uint64_t)(*((c)++))))
-
-#define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
- *((c)++)=(unsigned char)(((l)>>48)&0xff), \
- *((c)++)=(unsigned char)(((l)>>40)&0xff), \
- *((c)++)=(unsigned char)(((l)>>32)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
typedef enum sct_signature_type_t {
SIGNATURE_TYPE_NOT_SET = -1,
SIGNATURE_TYPE_CERT_TIMESTAMP,
int SCT_verify(const SCT_CTX *sctx, const SCT *sct)
{
EVP_MD_CTX *ctx = NULL;
- int ret = -1;
+ int ret = 0;
if (!SCT_is_complete(sct) || sctx->pkey == NULL ||
sct->entry_type == CT_LOG_ENTRY_TYPE_NOT_SET ||
(sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && sctx->ihash == NULL)) {
CTerr(CT_F_SCT_VERIFY, CT_R_SCT_NOT_SET);
- return -1;
+ return 0;
}
if (sct->version != SCT_VERSION_V1) {
CTerr(CT_F_SCT_VERIFY, CT_R_SCT_UNSUPPORTED_VERSION);
if (!SCT_is_complete(sct)) {
CTerr(CT_F_SCT_VERIFY_V1, CT_R_SCT_NOT_SET);
- return -1;
+ return 0;
}
if (sct->version != 0) {
if (sctx == NULL)
goto done;
- ret = SCT_CTX_set1_pubkey(sctx, log_pubkey);
- if (ret <= 0)
+ if (!SCT_CTX_set1_pubkey(sctx, log_pubkey))
goto done;
- ret = SCT_CTX_set1_cert(sctx, cert, preissuer);
- if (ret <= 0)
+ if (!SCT_CTX_set1_cert(sctx, cert, preissuer))
goto done;
- if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT) {
- ret = SCT_CTX_set1_issuer(sctx, issuer_cert);
- if (ret <= 0)
- goto done;
- }
+ if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT &&
+ !SCT_CTX_set1_issuer(sctx, issuer_cert))
+ goto done;
ret = SCT_verify(sctx, sct);
-
done:
SCT_CTX_free(sctx);
return ret;