Skip to content

Comments

Improve ossl_cmp_build_cert_chain() and export as X509_build_chain()#14128

Closed
DDvO wants to merge 1 commit intoopenssl:masterfrom
siemens:add_OSSL_build_cert_chain
Closed

Improve ossl_cmp_build_cert_chain() and export as X509_build_chain()#14128
DDvO wants to merge 1 commit intoopenssl:masterfrom
siemens:add_OSSL_build_cert_chain

Conversation

@DDvO
Copy link
Contributor

@DDvO DDvO commented Feb 8, 2021
edited
Loading

So far there was no efficient way of using the OpenSSL API to just build the chain of a given cert without attempting to verify it.
Add X509_build_chain() to fill this gap.

This has been carved out from #13748.

Checklist
  • documentation is added or updated
  • tests are added or updated

@DDvO DDvO added this to the 3.0.0 beta1 milestone Feb 8, 2021
@DDvO DDvO mentioned this pull request Feb 8, 2021
Closed
2 tasks
richsalz
richsalz reviewed Feb 8, 2021
View reviewed changes
@DDvO DDvO changed the title Improve ossl_cmp_build_cert_chain(); publish it under as OSSL_build_cert_chain() Improve ossl_cmp_build_cert_chain(); publish it under as X509_build_chain() Feb 8, 2021
@DDvO DDvO force-pushed the add_OSSL_build_cert_chain branch 3 times, most recently from 712d2e1 to 418c51d Compare February 8, 2021 18:25
@DDvO DDvO force-pushed the add_OSSL_build_cert_chain branch from 418c51d to f4b8649 Compare February 17, 2021 10:45
@DDvO
Copy link
Contributor Author

DDvO commented Feb 17, 2021

Rebased to solve merge conflicts.

@DDvO DDvO force-pushed the add_OSSL_build_cert_chain branch from f4b8649 to bc98cdc Compare March 5, 2021 07:59
@DDvO
Copy link
Contributor Author

DDvO commented Mar 5, 2021

Rebased and carved out X509_add_certs() side-topic to #14436.

@DDvO DDvO mentioned this pull request Mar 5, 2021
Closed
@DDvO DDvO changed the title Improve ossl_cmp_build_cert_chain(); publish it under as X509_build_chain() Improve ossl_cmp_build_cert_chain() and export as X509_build_chain() Mar 5, 2021
@DDvO DDvO force-pushed the add_OSSL_build_cert_chain branch from bc98cdc to e11d286 Compare March 24, 2021 18:35
@openssl-machine
Copy link
Collaborator

openssl-machine commented Apr 5, 2021

This PR is in a state where it requires action by @openssl/otc but the last update was 30 days ago

@DDvO
Copy link
Contributor Author

DDvO commented Apr 15, 2021

Can we please finalize this soon?

Note that this just adds a new API element and does not affect cert (chain) validation.

@t8m t8m added approval: done This pull request has the required number of approvals branch: master Applies to master branch and removed approval: otc review pending labels Apr 19, 2021
@DDvO
Copy link
Contributor Author

DDvO commented Apr 20, 2021

Pushed - thanks @t8m!

@DDvO DDvO closed this Apr 20, 2021
openssl-machine pushed a commit that referenced this pull request Apr 20, 2021
@DDvO
Improve ossl_cmp_build_cert_chain(); publish it as X509_build_chain()
1c0eede 
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #14128)
@DDvO DDvO mentioned this pull request Jan 27, 2023
Closed
2 tasks
@DDvO DDvO mentioned this pull request Jun 15, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@t8m t8m t8m approved these changes

+1 more reviewer

@richsalz richsalz richsalz left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

approval: done This pull request has the required number of approvals branch: master Applies to master branch

Projects

None yet

Milestone

3.0.0 beta1

Development

Successfully merging this pull request may close these issues.

5 participants

@DDvO @openssl-machine @t8m @richsalz @mattcaswell