From: Rob Percival <robpercival@google.com>
Date: Tue, 23 Aug 2016 11:52:43 +0000 (+0100)
Subject: Internalizes SCT_verify and removes SCT_verify_v1
X-Git-Tag: OpenSSL_1_1_0~61
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=cdb2a60347f988037d29adc7e4415e9c66c8a5a5

Internalizes SCT_verify and removes SCT_verify_v1

SCT_verify is impossible to call through the public API (SCT_CTX_new() is
not part of the public API), so rename it to SCT_CTX_verify and move it
out of the public API.

SCT_verify_v1 is redundant, since SCT_validate does the same verification
(by calling SCT_verify) and more. The API is less confusing with a single
verification function (SCT_validate).

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
---

diff --git a/crypto/ct/ct_err.c b/crypto/ct/ct_err.c
index 4349eb45e7..df232dc488 100644
--- a/crypto/ct/ct_err.c
+++ b/crypto/ct/ct_err.c
@@ -45,8 +45,7 @@ static ERR_STRING_DATA CT_str_functs[] = {
     {ERR_FUNC(CT_F_SCT_SET_LOG_ENTRY_TYPE), "SCT_set_log_entry_type"},
     {ERR_FUNC(CT_F_SCT_SET_SIGNATURE_NID), "SCT_set_signature_nid"},
     {ERR_FUNC(CT_F_SCT_SET_VERSION), "SCT_set_version"},
-    {ERR_FUNC(CT_F_SCT_VERIFY), "SCT_verify"},
-    {ERR_FUNC(CT_F_SCT_VERIFY_V1), "SCT_verify_v1"},
+    {ERR_FUNC(CT_F_SCT_CTX_VERIFY), "SCT_CTX_verify"},
     {0, NULL}
 };
 
diff --git a/crypto/ct/ct_locl.h b/crypto/ct/ct_locl.h
index 1180455e1a..6b2fa3ef0c 100644
--- a/crypto/ct/ct_locl.h
+++ b/crypto/ct/ct_locl.h
@@ -150,6 +150,13 @@ __owur int SCT_CTX_set1_issuer_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey);
  */
 __owur int SCT_CTX_set1_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey);
 
+/*
+ * Verifies an SCT with the given context.
+ * Returns 1 if the SCT verifies successfully; any other value indicates
+ * failure. See EVP_DigestVerifyFinal() for the meaning of those values.
+ */
+__owur int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct);
+
 /*
  * Does this SCT have the minimum fields populated to be usable?
  * Returns 1 if so, 0 otherwise.
diff --git a/crypto/ct/ct_sct.c b/crypto/ct/ct_sct.c
index 08676805bd..65a20c669b 100644
--- a/crypto/ct/ct_sct.c
+++ b/crypto/ct/ct_sct.c
@@ -349,7 +349,7 @@ int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx)
     if (SCT_CTX_set1_cert(sctx, ctx->cert, NULL) != 1)
         sct->validation_status = SCT_VALIDATION_STATUS_UNVERIFIED;
     else
-        sct->validation_status = SCT_verify(sctx, sct) == 1 ?
+        sct->validation_status = SCT_CTX_verify(sctx, sct) == 1 ?
             SCT_VALIDATION_STATUS_VALID : SCT_VALIDATION_STATUS_INVALID;
 
 end:
diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c
index 8305ce678e..724f65579b 100644
--- a/crypto/ct/ct_vfy.c
+++ b/crypto/ct/ct_vfy.c
@@ -93,7 +93,7 @@ static int sct_ctx_update(EVP_MD_CTX *ctx, const SCT_CTX *sctx, const SCT *sct)
     return 1;
 }
 
-int SCT_verify(const SCT_CTX *sctx, const SCT *sct)
+int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct)
 {
     EVP_MD_CTX *ctx = NULL;
     int ret = 0;
@@ -101,16 +101,16 @@ int SCT_verify(const SCT_CTX *sctx, const SCT *sct)
     if (!SCT_is_complete(sct) || sctx->pkey == NULL ||
         sct->entry_type == CT_LOG_ENTRY_TYPE_NOT_SET ||
         (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && sctx->ihash == NULL)) {
-        CTerr(CT_F_SCT_VERIFY, CT_R_SCT_NOT_SET);
+        CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_NOT_SET);
         return 0;
     }
     if (sct->version != SCT_VERSION_V1) {
-        CTerr(CT_F_SCT_VERIFY, CT_R_SCT_UNSUPPORTED_VERSION);
+        CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_UNSUPPORTED_VERSION);
         return 0;
     }
     if (sct->log_id_len != sctx->pkeyhashlen ||
         memcmp(sct->log_id, sctx->pkeyhash, sctx->pkeyhashlen) != 0) {
-        CTerr(CT_F_SCT_VERIFY, CT_R_SCT_LOG_ID_MISMATCH);
+        CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_LOG_ID_MISMATCH);
         return 0;
     }
 
@@ -128,45 +128,9 @@ int SCT_verify(const SCT_CTX *sctx, const SCT *sct)
     ret = EVP_DigestVerifyFinal(ctx, sct->sig, sct->sig_len);
     /* If ret < 0 some other error: fall through without setting error */
     if (ret == 0)
-        CTerr(CT_F_SCT_VERIFY, CT_R_SCT_INVALID_SIGNATURE);
+        CTerr(CT_F_SCT_CTX_VERIFY, CT_R_SCT_INVALID_SIGNATURE);
 
 end:
     EVP_MD_CTX_free(ctx);
     return ret;
 }
-
-int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
-                  X509_PUBKEY *log_pubkey, X509 *issuer_cert)
-{
-    int ret = 0;
-    SCT_CTX *sctx = NULL;
-
-    if (!SCT_is_complete(sct)) {
-        CTerr(CT_F_SCT_VERIFY_V1, CT_R_SCT_NOT_SET);
-        return 0;
-    }
-
-    if (sct->version != 0) {
-        CTerr(CT_F_SCT_VERIFY_V1, CT_R_SCT_UNSUPPORTED_VERSION);
-        return 0;
-    }
-
-    sctx = SCT_CTX_new();
-    if (sctx == NULL)
-        goto done;
-
-    if (!SCT_CTX_set1_pubkey(sctx, log_pubkey))
-        goto done;
-
-    if (!SCT_CTX_set1_cert(sctx, cert, preissuer))
-        goto done;
-
-    if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT &&
-        !SCT_CTX_set1_issuer(sctx, issuer_cert))
-        goto done;
-
-    ret = SCT_verify(sctx, sct);
-done:
-    SCT_CTX_free(sctx);
-    return ret;
-}
diff --git a/include/openssl/ct.h b/include/openssl/ct.h
index e753fc94b8..a0314f01e4 100644
--- a/include/openssl/ct.h
+++ b/include/openssl/ct.h
@@ -270,19 +270,6 @@ void SCT_print(const SCT *sct, BIO *out, int indent, const CTLOG_STORE *logs);
 void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
                     const char *separator, const CTLOG_STORE *logs);
 
-/*
- * Verifies an SCT with the given context.
- * Returns 1 if the SCT verifies successfully, 0 otherwise.
- */
-__owur int SCT_verify(const SCT_CTX *sctx, const SCT *sct);
-
-/*
- * Verifies an SCT against the provided data.
- * Returns 1 if the SCT verifies successfully, 0 otherwise.
- */
-__owur int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
-                  X509_PUBKEY *log_pubkey, X509 *issuer_cert);
-
 /*
  * Gets the last result of validating this SCT.
  * If it has not been validated yet, returns SCT_VALIDATION_STATUS_NOT_SET.
@@ -518,8 +505,7 @@ int ERR_load_CT_strings(void);
 # define CT_F_SCT_SET_LOG_ENTRY_TYPE                      102
 # define CT_F_SCT_SET_SIGNATURE_NID                       103
 # define CT_F_SCT_SET_VERSION                             104
-# define CT_F_SCT_VERIFY                                  128
-# define CT_F_SCT_VERIFY_V1                               129
+# define CT_F_SCT_CTX_VERIFY                              128
 
 /* Reason codes. */
 # define CT_R_BASE64_DECODE_ERROR                         108
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 7a9391556d..e9709f6439 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -570,7 +570,6 @@ CRYPTO_cts128_encrypt_block             569	1_1_0	EXIST::FUNCTION:
 ASN1_digest                             570	1_1_0	EXIST::FUNCTION:
 ERR_load_X509V3_strings                 571	1_1_0	EXIST::FUNCTION:
 EVP_PKEY_meth_get_cleanup               572	1_1_0	EXIST::FUNCTION:
-SCT_verify                              573	1_1_0	EXIST::FUNCTION:CT
 d2i_X509                                574	1_1_0	EXIST::FUNCTION:
 a2i_ASN1_STRING                         575	1_1_0	EXIST::FUNCTION:
 EC_GROUP_get_mont_data                  576	1_1_0	EXIST::FUNCTION:EC
@@ -596,7 +595,6 @@ RAND_query_egd_bytes                    596	1_1_0	EXIST::FUNCTION:EGD
 i2d_ASN1_PRINTABLE                      597	1_1_0	EXIST::FUNCTION:
 ENGINE_cmd_is_executable                598	1_1_0	EXIST::FUNCTION:ENGINE
 BIO_puts                                599	1_1_0	EXIST::FUNCTION:
-SCT_verify_v1                           600	1_1_0	EXIST::FUNCTION:CT
 RSAPublicKey_it                         601	1_1_0	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
 RSAPublicKey_it                         601	1_1_0	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
 ISSUING_DIST_POINT_new                  602	1_1_0	EXIST::FUNCTION: