mirror of
https://github.com/openssl/openssl.git
synced 2024-12-09 05:51:54 +08:00
bbaddbc068
The solution to incorporate the SM2 identity processing was an off the side hack that more or less duplicated the ASN1_item_verify() code with just a few lines being different. We replace this with a new function ASN1_item_verify_ctx(), which takes an EVP_MD_CTX pointer instead of an EVP_PKEY pointer, just like its sibling ASN1_item_sign_ctx(). This allows us to refactor X509_verify() and X509_REQ_verify() to simply create a local EVP_MD_CTX and an attached EVP_PKEY_CTX, which gets to hold the SM2 identity, if there is one, and then let ASN1_item_verify_ctx() to its job. This will also make it easier to adapt ASN1_item_verify_ctx() for provider based keys. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/10942) |
||
---|---|---|
.. | ||
perl | ||
add-depends.pl | ||
build.info | ||
cavs-to-evptest.pl | ||
check-malloc-errs | ||
ck_errf.pl | ||
copy.pl | ||
dofile.pl | ||
echo.pl | ||
engines.num | ||
err-to-raise | ||
find-doc-nits | ||
find-unused-errs | ||
fix-includes | ||
fix-includes.sed | ||
indent.pro | ||
libcrypto.num | ||
libssl.num | ||
local_shlib.com.in | ||
merge-err-lines | ||
missingcrypto111.txt | ||
missingcrypto.txt | ||
missingmacro111.txt | ||
missingmacro.txt | ||
missingssl111.txt | ||
missingssl.txt | ||
mkbuildinf.pl | ||
mkdef.pl | ||
mkdir-p.pl | ||
mkerr.pl | ||
mknum.pl | ||
mkrc.pl | ||
mktar.sh | ||
openssl-format-source | ||
openssl-update-copyright | ||
opensslwrap.sh | ||
other.syms | ||
process_docs.pl | ||
providers.num | ||
shlib_wrap.sh.in | ||
su-filter.pl | ||
unlocal_shlib.com.in |