[openssl-commits] [openssl] master update
Dr. Stephen Henson
steve at openssl.org
Tue Sep 22 12:15:22 UTC 2015
The branch master has been updated
via 7880e14318bda992e5f89077bce7f965f4840262 (commit)
via 32f5c251643a7a63223ac191923071b3cccb480a (commit)
via 1f143e08a5cde8e3fa6b5b80988bd6be7673428a (commit)
via 835911b845043817f4477252be4f5fec93165503 (commit)
from 75ef61d7058b30a5c96a9f49eee0f0313141ec54 (commit)
- Log -----------------------------------------------------------------
commit 7880e14318bda992e5f89077bce7f965f4840262
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Fri Sep 18 02:54:59 2015 +0100
Use accessors in X509_REQ_print().
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit 32f5c251643a7a63223ac191923071b3cccb480a
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Fri Sep 18 02:38:49 2015 +0100
Use accessor functions in X509_CRL_print().
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit 1f143e08a5cde8e3fa6b5b80988bd6be7673428a
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Fri Sep 18 03:06:55 2015 +0100
New accessor X509_REQ_get_X509_PUBKEY()
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit 835911b845043817f4477252be4f5fec93165503
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Fri Sep 18 02:39:44 2015 +0100
Additional X509_CRL accessors.
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/t_crl.c | 19 +++++++++++--------
crypto/asn1/t_req.c | 25 ++++++++++++++-----------
crypto/x509/x509_req.c | 5 +++++
crypto/x509/x509cset.c | 10 ++++++++++
include/openssl/x509.h | 3 +++
5 files changed, 43 insertions(+), 19 deletions(-)
diff --git a/crypto/asn1/t_crl.c b/crypto/asn1/t_crl.c
index a76e112..8400e85 100644
--- a/crypto/asn1/t_crl.c
+++ b/crypto/asn1/t_crl.c
@@ -63,7 +63,6 @@
#include <openssl/bn.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "internal/x509_int.h"
#include <openssl/x509v3.h>
#ifndef OPENSSL_NO_STDIO
@@ -87,6 +86,8 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
{
STACK_OF(X509_REVOKED) *rev;
X509_REVOKED *r;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *sig;
long l;
int i;
char *p;
@@ -94,8 +95,9 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
BIO_printf(out, "Certificate Revocation List (CRL):\n");
l = X509_CRL_get_version(x);
BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
- i = OBJ_obj2nid(x->sig_alg.algorithm);
- X509_signature_print(out, &x->sig_alg, NULL);
+ X509_CRL_get0_signature(&sig, &sig_alg, x);
+ i = X509_CRL_get_signature_nid(x);
+ X509_signature_print(out, sig_alg, NULL);
p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
BIO_printf(out, "%8sIssuer: %s\n", "", p);
OPENSSL_free(p);
@@ -108,7 +110,8 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
BIO_printf(out, "NONE");
BIO_printf(out, "\n");
- X509V3_extensions_print(out, "CRL extensions", x->crl.extensions, 0, 8);
+ X509V3_extensions_print(out, "CRL extensions",
+ X509_CRL_get0_extensions(x), 0, 8);
rev = X509_CRL_get_REVOKED(x);
@@ -120,14 +123,14 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
for (i = 0; i < sk_X509_REVOKED_num(rev); i++) {
r = sk_X509_REVOKED_value(rev, i);
BIO_printf(out, " Serial Number: ");
- i2a_ASN1_INTEGER(out, r->serialNumber);
+ i2a_ASN1_INTEGER(out, X509_REVOKED_get0_serialNumber(r));
BIO_printf(out, "\n Revocation Date: ");
- ASN1_TIME_print(out, r->revocationDate);
+ ASN1_TIME_print(out, X509_REVOKED_get0_revocationDate(r));
BIO_printf(out, "\n");
X509V3_extensions_print(out, "CRL entry extensions",
- r->extensions, 0, 8);
+ X509_REVOKED_get0_extensions(r), 0, 8);
}
- X509_signature_print(out, &x->sig_alg, x->signature);
+ X509_signature_print(out, sig_alg, sig);
return 1;
diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c
index 8ea350d..80611b1 100644
--- a/crypto/asn1/t_req.c
+++ b/crypto/asn1/t_req.c
@@ -62,7 +62,6 @@
#include <openssl/bn.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "internal/x509_int.h"
#include <openssl/x509v3.h>
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
@@ -93,9 +92,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
{
long l;
int i;
- X509_REQ_INFO *ri;
EVP_PKEY *pkey;
- STACK_OF(X509_ATTRIBUTE) *sk;
STACK_OF(X509_EXTENSION) *exts;
char mlch = ' ';
int nmindent = 0;
@@ -108,7 +105,6 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
if (nmflags == X509_FLAG_COMPAT)
nmindent = 16;
- ri = &x->req_info;
if (!(cflag & X509_FLAG_NO_HEADER)) {
if (BIO_write(bp, "Certificate Request:\n", 21) <= 0)
goto err;
@@ -123,17 +119,22 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
if (!(cflag & X509_FLAG_NO_SUBJECT)) {
if (BIO_printf(bp, " Subject:%c", mlch) <= 0)
goto err;
- if (X509_NAME_print_ex(bp, ri->subject, nmindent, nmflags) < 0)
+ if (X509_NAME_print_ex(bp, X509_REQ_get_subject_name(x),
+ nmindent, nmflags) < 0)
goto err;
if (BIO_write(bp, "\n", 1) <= 0)
goto err;
}
if (!(cflag & X509_FLAG_NO_PUBKEY)) {
+ X509_PUBKEY *xpkey;
+ ASN1_OBJECT *koid;
if (BIO_write(bp, " Subject Public Key Info:\n", 33) <= 0)
goto err;
if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
goto err;
- if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0)
+ xpkey = X509_REQ_get_X509_PUBKEY(x);
+ X509_PUBKEY_get0_param(&koid, NULL, NULL, NULL, xpkey);
+ if (i2a_ASN1_OBJECT(bp, koid) <= 0)
goto err;
if (BIO_puts(bp, "\n") <= 0)
goto err;
@@ -153,19 +154,18 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0)
goto err;
- sk = x->req_info.attributes;
- if (sk_X509_ATTRIBUTE_num(sk) == 0) {
+ if (X509_REQ_get_attr_count(x) == 0) {
if (BIO_printf(bp, "%12sa0:00\n", "") <= 0)
goto err;
} else {
- for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
+ for (i = 0; i < X509_REQ_get_attr_count(x); i++) {
ASN1_TYPE *at;
X509_ATTRIBUTE *a;
ASN1_BIT_STRING *bs = NULL;
ASN1_OBJECT *aobj;
int j, type = 0, count = 1, ii = 0;
- a = sk_X509_ATTRIBUTE_value(sk, i);
+ a = X509_REQ_get_attr(x, i);
aobj = X509_ATTRIBUTE_get0_object(a);
if (X509_REQ_extension_nid(OBJ_obj2nid(aobj)))
continue;
@@ -227,7 +227,10 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
}
if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
- if (!X509_signature_print(bp, &x->sig_alg, x->signature))
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *sig;
+ X509_REQ_get0_signature(&sig, &sig_alg, x);
+ if (!X509_signature_print(bp, sig_alg, sig))
goto err;
}
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index a8b838c..8cc35b3 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -117,6 +117,11 @@ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
return (X509_PUBKEY_get(req->req_info.pubkey));
}
+X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *req)
+{
+ return req->req_info.pubkey;
+}
+
int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
{
EVP_PKEY *xk = NULL;
diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index 676ceba..a779fd4 100644
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -158,6 +158,11 @@ X509_NAME *X509_CRL_get_issuer(X509_CRL *crl)
return crl->crl.issuer;
}
+STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(X509_CRL *crl)
+{
+ return crl->crl.extensions;
+}
+
STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl)
{
return crl->crl.revoked;
@@ -221,6 +226,11 @@ int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
return (in != NULL);
}
+STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(X509_REVOKED *r)
+{
+ return r->extensions;
+}
+
int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp)
{
crl->crl.enc.modified = 1;
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 1374b0f..5d6c083 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -759,6 +759,7 @@ int X509_REQ_get_signature_nid(const X509_REQ *req);
int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);
int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *req);
int X509_REQ_extension_nid(int nid);
int *X509_REQ_get_extension_nids(void);
void X509_REQ_set_extension_nids(int *nids);
@@ -794,6 +795,7 @@ long X509_CRL_get_version(X509_CRL *crl);
ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
X509_NAME *X509_CRL_get_issuer(X509_CRL *crl);
+STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(X509_CRL *crl);
STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
X509_CRL *crl);
@@ -804,6 +806,7 @@ ASN1_INTEGER *X509_REVOKED_get0_serialNumber(X509_REVOKED *x);
int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
ASN1_TIME *X509_REVOKED_get0_revocationDate(X509_REVOKED *x);
int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(X509_REVOKED *r);
X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
EVP_PKEY *skey, const EVP_MD *md, unsigned int flags);
More information about the openssl-commits
mailing list