commit 0beff26c59e67e2e19d173f1bd23241a0e946fd9
author David Benjamin <davidben@google.com> Mon Dec 25 16:41:55 2023 -0500
committer Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Wed Jan 10 20:32:12 2024 +0000
tree 5e6a7765e84cbfa58aeb3db06d9f1ece5221b33f
parent 2a88b4b65da2794378044be9d125ce987ffd39f3

Remove X509_{PURPOSE,TRUST}_{MIN,MAX}

These tables are small enough that a linear scan is fine. This is one
less thing we need to keep in sync, and means we can remove entries
without renumbering them.

Change-Id: If1a41397aac3917534529e7e704983489e266a0f
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65150
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>

crypto/x509/v3_purp.c

diff --git a/crypto/x509/v3_purp.c b/crypto/x509/v3_purp.c
index a6c182e..7ef3d37 100644
--- a/crypto/x509/v3_purp.c
+++ b/crypto/x509/v3_purp.c
@@ -54,8 +54,8 @@
  * (eay@cryptsoft.com).  This product includes software written by Tim
  * Hudson (tjh@cryptsoft.com). */
 
-#include <stdio.h>
-
+#include <assert.h>
+#include <limits.h>
 #include <string.h>
 
 #include <openssl/digest.h>
@@ -169,8 +169,12 @@
 }
 
 int X509_PURPOSE_get_by_id(int purpose) {
-  if (purpose >= X509_PURPOSE_MIN && purpose <= X509_PURPOSE_MAX) {
-    return purpose - X509_PURPOSE_MIN;
+  for (size_t i = 0; i <OPENSSL_ARRAY_SIZE(xstandard); i++) {
+    if (xstandard[i].purpose == purpose) {
+      static_assert(OPENSSL_ARRAY_SIZE(xstandard) <= INT_MAX,
+                    "indices must fit in int");
+      return (int)i;
+    }
   }
   return -1;
 }

crypto/x509/x509_trs.c

diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c
index 122c20e..9db4bee 100644
--- a/crypto/x509/x509_trs.c
+++ b/crypto/x509/x509_trs.c
@@ -54,6 +54,9 @@
  * (eay@cryptsoft.com).  This product includes software written by Tim
  * Hudson (tjh@cryptsoft.com). */
 
+#include <assert.h>
+#include <limits.h>
+
 #include <openssl/err.h>
 #include <openssl/mem.h>
 #include <openssl/obj.h>
@@ -69,10 +72,6 @@
 
 static int obj_trust(int id, X509 *x, int flags);
 
-// WARNING: the following table should be kept in order of trust and without
-// any gaps so we can just subtract the minimum trust value to get an index
-// into the table
-
 static const X509_TRUST trstandard[] = {
     {X509_TRUST_COMPAT, 0, trust_compat, (char *)"compatible", 0, NULL},
     {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, (char *)"SSL Client",
@@ -122,8 +121,12 @@
 }
 
 int X509_TRUST_get_by_id(int id) {
-  if (id >= X509_TRUST_MIN && id <= X509_TRUST_MAX) {
-    return id - X509_TRUST_MIN;
+  for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(trstandard); i++) {
+    if (trstandard[i].trust == id) {
+      static_assert(OPENSSL_ARRAY_SIZE(trstandard) <= INT_MAX,
+                    "indices must fit in int");
+      return (int)i;
+    }
   }
   return -1;
 }

include/openssl/x509.h

diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 52b7807..1757e8e 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -3561,10 +3561,6 @@
 #define X509_TRUST_OCSP_REQUEST 7
 #define X509_TRUST_TSA 8
 
-// Keep these up to date!
-#define X509_TRUST_MIN 1
-#define X509_TRUST_MAX 8
-
 // check_trust return codes
 
 #define X509_TRUST_TRUSTED 1
@@ -4376,9 +4372,6 @@
 #define X509_PURPOSE_OCSP_HELPER 8
 #define X509_PURPOSE_TIMESTAMP_SIGN 9
 
-#define X509_PURPOSE_MIN 1
-#define X509_PURPOSE_MAX 9
-
 DEFINE_STACK_OF(X509_PURPOSE)
 
 DECLARE_ASN1_FUNCTIONS_const(BASIC_CONSTRAINTS)