Makes CTLOG_STORE_get0_log_by_id return const CTLOG*

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

Treat boolean functions as booleans

Use "!x" instead of "x <= 0", as these functions never return a negative
value.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-

Treat boolean functions as booleans

Use "!x" instead of "x <= 0", as these functions never return a negative
value.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Make parameters of CTLOG_get* const

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

Handle empty log name in "enable_logs" line of the CT log file

e.g. "enabled_logs = foo,,bar"

Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

Handle missing "enabled_logs" line in CT log file

Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

If a CT log entry in CTLOG_FILE is invalid, skip it and continue loading

Previously, the remaining CT log entries would not be loaded.
Also, CTLOG_STORE_load_file would return 1 even if

If a CT log entry in CTLOG_FILE is invalid, skip it and continue loading

Previously, the remaining CT log entries would not be loaded.
Also, CTLOG_STORE_load_file would return 1 even if a log entry was
invalid, resulting in no errors being shown.

Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Addresses review comments from richsalz

Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

Verify SCT signatures

Tests included in future commit, which adds CT policy validation.

Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>