Rename the cert_type enums

author Alberto Leiva Popper <ydahhrk@gmail.com>

Fri, 7 Jul 2023 16:03:34 +0000 (10:03 -0600)

committer Alberto Leiva Popper <ydahhrk@gmail.com>

Fri, 7 Jul 2023 16:04:59 +0000 (10:04 -0600)
author Alberto Leiva Popper <ydahhrk@gmail.com>
Fri, 7 Jul 2023 16:03:34 +0000 (10:03 -0600)
committer Alberto Leiva Popper <ydahhrk@gmail.com>
Fri, 7 Jul 2023 16:04:59 +0000 (10:04 -0600)
diff --git a/src/asn1/signed_data.c b/src/asn1/signed_data.c

index 83b5934e16fb81a650a5ec102a1d3bcd51afbe74..7d27dff960a77d088f652fec5d2bc258d4d5e637 100644 (file)
--- a/src/asn1/signed_data.c
+++ b/src/asn1/signed_data.c
@@ -95,7 +95,7 @@ handle_sdata_certificate(ANY_t *cert_encoded, struct signed_object_args *args,
         error = certificate_validate_chain(cert, args->crls);
         if (error)
                 goto end2;
-       error = certificate_validate_rfc6487(cert, EE);
+       error = certificate_validate_rfc6487(cert, CERTYPE_EE);
         if (error)
                 goto end2;
         error = certificate_validate_extensions_ee(cert, sid, &args->refs,
@@ -110,7 +110,7 @@ handle_sdata_certificate(ANY_t *cert_encoded, struct signed_object_args *args,
                 goto end2;
  
         resources_set_policy(args->res, policy);
-       error = certificate_get_resources(cert, args->res, EE);
+       error = certificate_get_resources(cert, args->res, CERTYPE_EE);
         if (error)
                 goto end2;
  
diff --git a/src/cert_stack.c b/src/cert_stack.c

index 94204be3668775e36f627352b47740c5f7482e31..f7a2520fa5fdeae65ef7448a763a33aa4bd173f3 100644 (file)
--- a/src/cert_stack.c
+++ b/src/cert_stack.c
@@ -264,7 +264,7 @@ init_resources(X509 *x509, enum rpki_policy policy, enum cert_type type,
          * The "It MUST NOT use the "inherit" form of the INR extension(s)"
          * part is already handled in certificate_get_resources().
          */
-       if (type == TA && resources_empty(result)) {
+       if (type == CERTYPE_TA && resources_empty(result)) {
                 error = pr_val_err("Trust Anchor certificate does not define any number resources.");
                 goto fail;
         }
diff --git a/src/object/certificate.c b/src/object/certificate.c

index 411f6e6471a383487a072bc69502db6c67635309..80d630bd9c843146076392090f458ab0cc2307ba 100644 (file)
--- a/src/object/certificate.c
+++ b/src/object/certificate.c
@@ -426,7 +426,7 @@ validate_public_key(X509 *cert, enum cert_type type)
         if (!ok)
                 return val_crypto_err("X509_PUBKEY_get0_param() returned %d", ok);
  
-       if (type == BGPSEC)
+       if (type == CERTYPE_BGPSEC)
                 return validate_certificate_public_key_algorithm_bgpsec(pa);
  
         error = validate_certificate_public_key_algorithm(pa);
@@ -449,7 +449,7 @@ validate_public_key(X509 *cert, enum cert_type type)
          * getting the message.
          */
  
-       if (type == TA) {
+       if (type == CERTYPE_TA) {
                 error = validate_spki(pubkey);
                 if (error)
                         return error;
@@ -491,7 +491,7 @@ certificate_validate_rfc6487(X509 *cert, enum cert_type type)
                 return error;
  
         /* rfc6487#section-4.4 */
-       error = validate_issuer(cert, type == TA);
+       error = validate_issuer(cert, type == CERTYPE_TA);
         if (error)
                 return error;
  
@@ -1125,12 +1125,12 @@ certificate_get_resources(X509 *cert, struct resources *resources,
                 return __certificate_get_resources(cert, resources,
                     NID_sbgp_ipAddrBlock, NID_sbgp_autonomousSysNum,
                     nid_ipAddrBlocksv2(), nid_autonomousSysIdsv2(),
-                   "6484", "8360", type != BGPSEC);
+                   "6484", "8360", type != CERTYPE_BGPSEC);
         case RPKI_POLICY_RFC8360:
                 return __certificate_get_resources(cert, resources,
                     nid_ipAddrBlocksv2(), nid_autonomousSysIdsv2(),
                     NID_sbgp_ipAddrBlock, NID_sbgp_autonomousSysNum,
-                   "8360", "6484", type != BGPSEC);
+                   "8360", "6484", type != CERTYPE_BGPSEC);
         }
  
         pr_crit("Unknown policy: %u", policy);
@@ -1796,7 +1796,7 @@ static int
  get_certificate_type(X509 *cert, bool is_ta, enum cert_type *result)
  {
         if (is_ta) {
-               *result = TA;
+               *result = CERTYPE_TA;
                 return 0;
         }
  
@@ -1804,17 +1804,17 @@ get_certificate_type(X509 *cert, bool is_ta, enum cert_type *result)
                 goto err;
  
         if (X509_check_ca(cert) == 1) {
-               *result = CA;
+               *result = CERTYPE_CA;
                 return 0;
         }
  
         if (has_bgpsec_router_eku(cert)) {
-               *result = BGPSEC;
+               *result = CERTYPE_BGPSEC;
                 return 0;
         }
  
  err:
-       *result = EE; /* Shuts up nonsense gcc 8.3 warning */
+       *result = CERTYPE_EE; /* Shuts up nonsense gcc 8.3 warning */
         return pr_val_err("Certificate is not TA, CA nor BGPsec. Ignoring...");
  }
  
@@ -2118,15 +2118,15 @@ certificate_traverse(struct rpp *rpp_parent, struct rpki_uri *cert_uri)
  
         /* Debug cert type */
         switch (type) {
-       case TA:
+       case CERTYPE_TA:
                 break;
-       case CA:
+       case CERTYPE_CA:
                 pr_val_debug("Type: CA");
                 break;
-       case BGPSEC:
+       case CERTYPE_BGPSEC:
                 pr_val_debug("Type: BGPsec EE. Ignoring...");
                 goto revert_cert;
-       case EE:
+       case CERTYPE_EE:
                 pr_val_debug("Type: unexpected, validated as CA");
                 break;
         }
@@ -2139,7 +2139,7 @@ certificate_traverse(struct rpp *rpp_parent, struct rpki_uri *cert_uri)
         memset(&refs, 0, sizeof(refs));
  
         switch (type) {
-       case TA:
+       case CERTYPE_TA:
                 error = certificate_validate_extensions_ta(cert, &sia_uris,
                     &policy);
                 break;
diff --git a/src/object/certificate.h b/src/object/certificate.h

index d6f2e01806bcbb871ecacf678f26925aa0b8362d..5412e2014973cb9e628165a91081fd58703f4c1d 100644 (file)
--- a/src/object/certificate.h
+++ b/src/object/certificate.h
@@ -12,10 +12,10 @@
  
  /* Certificate types in the RPKI */
  enum cert_type {
-       TA,             /* Trust Anchor */
-       CA,             /* Certificate Authority */
-       BGPSEC,         /* BGPsec certificates */
-       EE,             /* End Entity certificates */
+       CERTYPE_TA,             /* Trust Anchor */
+       CERTYPE_CA,             /* Certificate Authority */
+       CERTYPE_BGPSEC,         /* BGPsec certificates */
+       CERTYPE_EE,             /* End Entity certificates */
  };
  
  /**
author	Alberto Leiva Popper <ydahhrk@gmail.com>
	Fri, 7 Jul 2023 16:03:34 +0000 (10:03 -0600)
committer	Alberto Leiva Popper <ydahhrk@gmail.com>
	Fri, 7 Jul 2023 16:04:59 +0000 (10:04 -0600)
src/asn1/signed_data.c		patch \| blob \| blame \| history
src/cert_stack.c		patch \| blob \| blame \| history
src/object/certificate.c		patch \| blob \| blame \| history
src/object/certificate.h		patch \| blob \| blame \| history