Add NO_ASN1_OLD to remove some old style functions:
currently OpenSSL itself wont compile with this set because some old style stuff remains. Change old functions X509_sign(), X509_verify() etc to use new item based functions. Replace OCSP function declarations with DECLARE macros.
This commit is contained in:
parent
09ab755c55
commit
73e92de577
7 changed files with 51 additions and 79 deletions
5
CHANGES
5
CHANGES
|
@ -4,7 +4,10 @@
|
|||
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
|
||||
|
||||
*) New ASN1 functions to handle sign, verify, digest, pack and
|
||||
unpack operations in terms of ASN1_ITEM.
|
||||
unpack operations in terms of ASN1_ITEM. Modify existing wrappers
|
||||
to use new functions. Add NO_ASN1_OLD which can be set to remove
|
||||
some old style ASN1 functions: this can be used to determine if old
|
||||
code will still work when these eventually go away.
|
||||
[Steve Henson]
|
||||
|
||||
*) New extension functions for OCSP structures, these follow the
|
||||
|
|
|
@ -69,6 +69,8 @@
|
|||
#include <openssl/buffer.h>
|
||||
#include <openssl/x509.h>
|
||||
|
||||
#ifndef NO_ASN1_OLD
|
||||
|
||||
int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
|
||||
unsigned char *md, unsigned int *len)
|
||||
{
|
||||
|
@ -88,6 +90,8 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
|
|||
return(1);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
|
||||
unsigned char *md, unsigned int *len)
|
||||
|
|
|
@ -60,6 +60,8 @@
|
|||
#include "cryptlib.h"
|
||||
#include <openssl/asn1_mac.h>
|
||||
|
||||
#ifndef NO_ASN1_OLD
|
||||
|
||||
typedef struct
|
||||
{
|
||||
unsigned char *pbData;
|
||||
|
@ -215,3 +217,4 @@ err:
|
|||
return(NULL);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
|
|
@ -71,6 +71,8 @@
|
|||
#include <openssl/objects.h>
|
||||
#include <openssl/buffer.h>
|
||||
|
||||
#ifndef NO_ASN1_OLD
|
||||
|
||||
int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
|
||||
ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
|
||||
const EVP_MD *type)
|
||||
|
@ -147,6 +149,8 @@ err:
|
|||
return(outl);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
|
||||
ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey,
|
||||
const EVP_MD *type)
|
||||
|
|
|
@ -71,6 +71,8 @@
|
|||
#include <openssl/buffer.h>
|
||||
#include <openssl/evp.h>
|
||||
|
||||
#ifndef NO_ASN1_OLD
|
||||
|
||||
int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature,
|
||||
char *data, EVP_PKEY *pkey)
|
||||
{
|
||||
|
@ -118,6 +120,8 @@ err:
|
|||
return(ret);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature,
|
||||
void *asn, EVP_PKEY *pkey)
|
||||
|
|
|
@ -359,23 +359,23 @@ typedef struct ocsp_service_locator_st
|
|||
(unsigned char *)o)
|
||||
|
||||
#define OCSP_REQUEST_sign(o,pkey,md) \
|
||||
ASN1_sign((int(*)())i2d_OCSP_REQINFO,\
|
||||
ASN1_item_sign(&OCSP_REQINFO_it,\
|
||||
o->optionalSignature->signatureAlgorithm,NULL,\
|
||||
o->optionalSignature->signature,(char *)o->tbsRequest,pkey,md)
|
||||
|
||||
#define OCSP_BASICRESP_sign(o,pkey,md,d) \
|
||||
ASN1_sign((int(*)())i2d_OCSP_RESPDATA,o->signatureAlgorithm,NULL,\
|
||||
ASN1_item_sign(&OCSP_RESPDATA_it,o->signatureAlgorithm,NULL,\
|
||||
o->signature,(char *)o->tbsResponseData,pkey,md)
|
||||
|
||||
#define OCSP_REQUEST_verify(a,r) ASN1_verify((int (*)())i2d_OCSP_REQINFO,\
|
||||
#define OCSP_REQUEST_verify(a,r) ASN1_item_verify(&OCSP_REQINFO_it,\
|
||||
a->optionalSignature->signatureAlgorithm,\
|
||||
a->optionalSignature->signature,(char *)a->tbsRequest,r)
|
||||
|
||||
#define OCSP_BASICRESP_verify(a,r,d) ASN1_verify((int (*)())i2d_OCSP_RESPDATA,\
|
||||
#define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(&OCSP_RESPDATA_it,\
|
||||
a->signatureAlgorithm,a->signature,(char *)a->tbsResponseData,r)
|
||||
|
||||
#define ASN1_BIT_STRING_digest(data,type,md,len) \
|
||||
ASN1_digest((int (*)())i2d_ASN1_BIT_STRING,type,(char *)data,md,len)
|
||||
ASN1_item_digest(&ASN1_BIT_STRING_it,type,(char *)data,md,len)
|
||||
|
||||
#define OCSP_CERTID_dup(cid) (OCSP_CERTID*)ASN1_dup((int(*)())i2d_OCSP_CERTID,\
|
||||
(char *(*)())d2i_OCSP_CERTID,(char *)(cid))
|
||||
|
@ -489,70 +489,24 @@ int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int c
|
|||
int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
|
||||
|
||||
OCSP_CERTSTATUS *OCSP_CERTSTATUS_new(void);
|
||||
void OCSP_CERTSTATUS_free(OCSP_CERTSTATUS *a);
|
||||
int i2d_OCSP_CERTSTATUS(OCSP_CERTSTATUS *a, unsigned char **pp);
|
||||
OCSP_CERTSTATUS *d2i_OCSP_CERTSTATUS(OCSP_CERTSTATUS **a, unsigned char **pp, long length);
|
||||
|
||||
OCSP_REVOKEDINFO *OCSP_REVOKEDINFO_new(void);
|
||||
void OCSP_REVOKEDINFO_free(OCSP_REVOKEDINFO *a);
|
||||
int i2d_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO *a, unsigned char **pp);
|
||||
OCSP_REVOKEDINFO *d2i_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO **a, unsigned char **pp, long length);
|
||||
|
||||
OCSP_BASICRESP *OCSP_BASICRESP_new(void);
|
||||
void OCSP_BASICRESP_free(OCSP_BASICRESP *a);
|
||||
int i2d_OCSP_BASICRESP(OCSP_BASICRESP *a, unsigned char **pp);
|
||||
OCSP_BASICRESP *d2i_OCSP_BASICRESP(OCSP_BASICRESP **a, unsigned char **pp, long length);
|
||||
|
||||
OCSP_RESPDATA *OCSP_RESPDATA_new(void);
|
||||
void OCSP_RESPDATA_free(OCSP_RESPDATA *a);
|
||||
int i2d_OCSP_RESPDATA(OCSP_RESPDATA *a, unsigned char **pp);
|
||||
OCSP_RESPDATA *d2i_OCSP_RESPDATA(OCSP_RESPDATA **a, unsigned char **pp, long length);
|
||||
|
||||
OCSP_RESPID *OCSP_RESPID_new(void);
|
||||
void OCSP_RESPID_free(OCSP_RESPID *a);
|
||||
int i2d_OCSP_RESPID(OCSP_RESPID *a, unsigned char **pp);
|
||||
OCSP_RESPID *d2i_OCSP_RESPID(OCSP_RESPID **a, unsigned char **pp, long length);
|
||||
|
||||
OCSP_RESPONSE *OCSP_RESPONSE_new(void);
|
||||
void OCSP_RESPONSE_free(OCSP_RESPONSE *a);
|
||||
int i2d_OCSP_RESPONSE(OCSP_RESPONSE *a, unsigned char **pp);
|
||||
OCSP_RESPONSE *d2i_OCSP_RESPONSE(OCSP_RESPONSE **a, unsigned char **pp, long length);
|
||||
int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* a, unsigned long flags);
|
||||
|
||||
OCSP_RESPBYTES *OCSP_RESPBYTES_new(void);
|
||||
void OCSP_RESPBYTES_free(OCSP_RESPBYTES *a);
|
||||
int i2d_OCSP_RESPBYTES(OCSP_RESPBYTES *a, unsigned char **pp);
|
||||
OCSP_RESPBYTES *d2i_OCSP_RESPBYTES(OCSP_RESPBYTES **a, unsigned char **pp, long length);
|
||||
|
||||
OCSP_ONEREQ *OCSP_ONEREQ_new(void);
|
||||
void OCSP_ONEREQ_free(OCSP_ONEREQ *a);
|
||||
int i2d_OCSP_ONEREQ(OCSP_ONEREQ *a, unsigned char **pp);
|
||||
OCSP_ONEREQ *d2i_OCSP_ONEREQ(OCSP_ONEREQ **a, unsigned char **pp, long length);
|
||||
|
||||
OCSP_CERTID *OCSP_CERTID_new(void);
|
||||
void OCSP_CERTID_free(OCSP_CERTID *a);
|
||||
int i2d_OCSP_CERTID(OCSP_CERTID *a, unsigned char **pp);
|
||||
OCSP_CERTID *d2i_OCSP_CERTID(OCSP_CERTID **a, unsigned char **pp, long length);
|
||||
|
||||
OCSP_REQUEST *OCSP_REQUEST_new(void);
|
||||
void OCSP_REQUEST_free(OCSP_REQUEST *a);
|
||||
int i2d_OCSP_REQUEST(OCSP_REQUEST *a, unsigned char **pp);
|
||||
OCSP_REQUEST *d2i_OCSP_REQUEST(OCSP_REQUEST **a, unsigned char **pp, long length);
|
||||
|
||||
int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
|
||||
|
||||
OCSP_SIGNATURE *OCSP_SIGNATURE_new(void);
|
||||
void OCSP_SIGNATURE_free(OCSP_SIGNATURE *a);
|
||||
int i2d_OCSP_SIGNATURE(OCSP_SIGNATURE *a, unsigned char **pp);
|
||||
OCSP_SIGNATURE *d2i_OCSP_SIGNATURE(OCSP_SIGNATURE **a, unsigned char **pp, long length);
|
||||
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
|
||||
|
||||
int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
|
||||
|
||||
|
||||
void ERR_load_OCSP_strings(void);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
|
|
|
@ -67,49 +67,49 @@
|
|||
|
||||
int X509_verify(X509 *a, EVP_PKEY *r)
|
||||
{
|
||||
return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,
|
||||
return(ASN1_item_verify(&X509_CINF_it,a->sig_alg,
|
||||
a->signature,(char *)a->cert_info,r));
|
||||
}
|
||||
|
||||
int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
|
||||
{
|
||||
return( ASN1_verify((int (*)())i2d_X509_REQ_INFO,
|
||||
return( ASN1_item_verify(&X509_REQ_INFO_it,
|
||||
a->sig_alg,a->signature,(char *)a->req_info,r));
|
||||
}
|
||||
|
||||
int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r)
|
||||
{
|
||||
return(ASN1_verify((int (*)())i2d_X509_CRL_INFO,
|
||||
return(ASN1_item_verify(&X509_CRL_INFO_it,
|
||||
a->sig_alg, a->signature,(char *)a->crl,r));
|
||||
}
|
||||
|
||||
int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
|
||||
{
|
||||
return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC,
|
||||
return(ASN1_item_verify(&NETSCAPE_SPKAC_it,
|
||||
a->sig_algor,a->signature, (char *)a->spkac,r));
|
||||
}
|
||||
|
||||
int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
|
||||
{
|
||||
return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature,
|
||||
return(ASN1_item_sign(&X509_CINF_it, x->cert_info->signature,
|
||||
x->sig_alg, x->signature, (char *)x->cert_info,pkey,md));
|
||||
}
|
||||
|
||||
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
|
||||
{
|
||||
return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL,
|
||||
return(ASN1_item_sign(&X509_REQ_INFO_it,x->sig_alg, NULL,
|
||||
x->signature, (char *)x->req_info,pkey,md));
|
||||
}
|
||||
|
||||
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
|
||||
{
|
||||
return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,
|
||||
return(ASN1_item_sign(&X509_CRL_INFO_it,x->crl->sig_alg,
|
||||
x->sig_alg, x->signature, (char *)x->crl,pkey,md));
|
||||
}
|
||||
|
||||
int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
|
||||
{
|
||||
return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL,
|
||||
return(ASN1_item_sign(&NETSCAPE_SPKAC_it, x->sig_algor,NULL,
|
||||
x->signature, (char *)x->spkac,pkey,md));
|
||||
}
|
||||
|
||||
|
@ -414,31 +414,31 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne)
|
|||
int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
|
||||
unsigned int *len)
|
||||
{
|
||||
return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len));
|
||||
return(ASN1_item_digest(&X509_it,type,(char *)data,md,len));
|
||||
}
|
||||
|
||||
int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
|
||||
unsigned int *len)
|
||||
{
|
||||
return(ASN1_digest((int (*)())i2d_X509_CRL,type,(char *)data,md,len));
|
||||
return(ASN1_item_digest(&X509_CRL_it,type,(char *)data,md,len));
|
||||
}
|
||||
|
||||
int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md,
|
||||
unsigned int *len)
|
||||
{
|
||||
return(ASN1_digest((int (*)())i2d_X509_REQ,type,(char *)data,md,len));
|
||||
return(ASN1_item_digest(&X509_REQ_it,type,(char *)data,md,len));
|
||||
}
|
||||
|
||||
int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md,
|
||||
unsigned int *len)
|
||||
{
|
||||
return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len));
|
||||
return(ASN1_item_digest(&X509_NAME_it,type,(char *)data,md,len));
|
||||
}
|
||||
|
||||
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type,
|
||||
unsigned char *md, unsigned int *len)
|
||||
{
|
||||
return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,
|
||||
return(ASN1_item_digest(&PKCS7_ISSUER_AND_SERIAL_it,type,
|
||||
(char *)data,md,len));
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue