From 73e92de57759ea1fadbc7a9d08e02b99a752d688 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 28 Dec 2000 22:24:50 +0000 Subject: [PATCH] Add NO_ASN1_OLD to remove some old style functions: currently OpenSSL itself wont compile with this set because some old style stuff remains. Change old functions X509_sign(), X509_verify() etc to use new item based functions. Replace OCSP function declarations with DECLARE macros. --- CHANGES | 5 ++- crypto/asn1/a_digest.c | 4 ++ crypto/asn1/a_set.c | 3 ++ crypto/asn1/a_sign.c | 4 ++ crypto/asn1/a_verify.c | 4 ++ crypto/ocsp/ocsp.h | 84 ++++++++++-------------------------------- crypto/x509/x_all.c | 26 ++++++------- 7 files changed, 51 insertions(+), 79 deletions(-) diff --git a/CHANGES b/CHANGES index d83e08ad4b..28f71ba652 100644 --- a/CHANGES +++ b/CHANGES @@ -4,7 +4,10 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] *) New ASN1 functions to handle sign, verify, digest, pack and - unpack operations in terms of ASN1_ITEM. + unpack operations in terms of ASN1_ITEM. Modify existing wrappers + to use new functions. Add NO_ASN1_OLD which can be set to remove + some old style ASN1 functions: this can be used to determine if old + code will still work when these eventually go away. [Steve Henson] *) New extension functions for OCSP structures, these follow the diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index fb4686fdbd..6c12249d2c 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -69,6 +69,8 @@ #include #include +#ifndef NO_ASN1_OLD + int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, unsigned char *md, unsigned int *len) { @@ -88,6 +90,8 @@ int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, return(1); } +#endif + int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn, unsigned char *md, unsigned int *len) diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c index caf5a1419c..19bb60fca8 100644 --- a/crypto/asn1/a_set.c +++ b/crypto/asn1/a_set.c @@ -60,6 +60,8 @@ #include "cryptlib.h" #include +#ifndef NO_ASN1_OLD + typedef struct { unsigned char *pbData; @@ -215,3 +217,4 @@ err: return(NULL); } +#endif diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 5be077ddfc..67f130840d 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -71,6 +71,8 @@ #include #include +#ifndef NO_ASN1_OLD + int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, const EVP_MD *type) @@ -147,6 +149,8 @@ err: return(outl); } +#endif + int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, const EVP_MD *type) diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index be5a27e58b..4b4a240f50 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -71,6 +71,8 @@ #include #include +#ifndef NO_ASN1_OLD + int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey) { @@ -118,6 +120,8 @@ err: return(ret); } +#endif + int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey) diff --git a/crypto/ocsp/ocsp.h b/crypto/ocsp/ocsp.h index bca1738f7b..1a1b4c87d6 100644 --- a/crypto/ocsp/ocsp.h +++ b/crypto/ocsp/ocsp.h @@ -359,23 +359,23 @@ typedef struct ocsp_service_locator_st (unsigned char *)o) #define OCSP_REQUEST_sign(o,pkey,md) \ - ASN1_sign((int(*)())i2d_OCSP_REQINFO,\ + ASN1_item_sign(&OCSP_REQINFO_it,\ o->optionalSignature->signatureAlgorithm,NULL,\ o->optionalSignature->signature,(char *)o->tbsRequest,pkey,md) #define OCSP_BASICRESP_sign(o,pkey,md,d) \ - ASN1_sign((int(*)())i2d_OCSP_RESPDATA,o->signatureAlgorithm,NULL,\ + ASN1_item_sign(&OCSP_RESPDATA_it,o->signatureAlgorithm,NULL,\ o->signature,(char *)o->tbsResponseData,pkey,md) -#define OCSP_REQUEST_verify(a,r) ASN1_verify((int (*)())i2d_OCSP_REQINFO,\ +#define OCSP_REQUEST_verify(a,r) ASN1_item_verify(&OCSP_REQINFO_it,\ a->optionalSignature->signatureAlgorithm,\ a->optionalSignature->signature,(char *)a->tbsRequest,r) -#define OCSP_BASICRESP_verify(a,r,d) ASN1_verify((int (*)())i2d_OCSP_RESPDATA,\ +#define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(&OCSP_RESPDATA_it,\ a->signatureAlgorithm,a->signature,(char *)a->tbsResponseData,r) #define ASN1_BIT_STRING_digest(data,type,md,len) \ - ASN1_digest((int (*)())i2d_ASN1_BIT_STRING,type,(char *)data,md,len) + ASN1_item_digest(&ASN1_BIT_STRING_it,type,(char *)data,md,len) #define OCSP_CERTID_dup(cid) (OCSP_CERTID*)ASN1_dup((int(*)())i2d_OCSP_CERTID,\ (char *(*)())d2i_OCSP_CERTID,(char *)(cid)) @@ -489,70 +489,24 @@ int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int c int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc); DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP) - -OCSP_CERTSTATUS *OCSP_CERTSTATUS_new(void); -void OCSP_CERTSTATUS_free(OCSP_CERTSTATUS *a); -int i2d_OCSP_CERTSTATUS(OCSP_CERTSTATUS *a, unsigned char **pp); -OCSP_CERTSTATUS *d2i_OCSP_CERTSTATUS(OCSP_CERTSTATUS **a, unsigned char **pp, long length); - -OCSP_REVOKEDINFO *OCSP_REVOKEDINFO_new(void); -void OCSP_REVOKEDINFO_free(OCSP_REVOKEDINFO *a); -int i2d_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO *a, unsigned char **pp); -OCSP_REVOKEDINFO *d2i_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO **a, unsigned char **pp, long length); - -OCSP_BASICRESP *OCSP_BASICRESP_new(void); -void OCSP_BASICRESP_free(OCSP_BASICRESP *a); -int i2d_OCSP_BASICRESP(OCSP_BASICRESP *a, unsigned char **pp); -OCSP_BASICRESP *d2i_OCSP_BASICRESP(OCSP_BASICRESP **a, unsigned char **pp, long length); - -OCSP_RESPDATA *OCSP_RESPDATA_new(void); -void OCSP_RESPDATA_free(OCSP_RESPDATA *a); -int i2d_OCSP_RESPDATA(OCSP_RESPDATA *a, unsigned char **pp); -OCSP_RESPDATA *d2i_OCSP_RESPDATA(OCSP_RESPDATA **a, unsigned char **pp, long length); - -OCSP_RESPID *OCSP_RESPID_new(void); -void OCSP_RESPID_free(OCSP_RESPID *a); -int i2d_OCSP_RESPID(OCSP_RESPID *a, unsigned char **pp); -OCSP_RESPID *d2i_OCSP_RESPID(OCSP_RESPID **a, unsigned char **pp, long length); - -OCSP_RESPONSE *OCSP_RESPONSE_new(void); -void OCSP_RESPONSE_free(OCSP_RESPONSE *a); -int i2d_OCSP_RESPONSE(OCSP_RESPONSE *a, unsigned char **pp); -OCSP_RESPONSE *d2i_OCSP_RESPONSE(OCSP_RESPONSE **a, unsigned char **pp, long length); -int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* a, unsigned long flags); - -OCSP_RESPBYTES *OCSP_RESPBYTES_new(void); -void OCSP_RESPBYTES_free(OCSP_RESPBYTES *a); -int i2d_OCSP_RESPBYTES(OCSP_RESPBYTES *a, unsigned char **pp); -OCSP_RESPBYTES *d2i_OCSP_RESPBYTES(OCSP_RESPBYTES **a, unsigned char **pp, long length); - -OCSP_ONEREQ *OCSP_ONEREQ_new(void); -void OCSP_ONEREQ_free(OCSP_ONEREQ *a); -int i2d_OCSP_ONEREQ(OCSP_ONEREQ *a, unsigned char **pp); -OCSP_ONEREQ *d2i_OCSP_ONEREQ(OCSP_ONEREQ **a, unsigned char **pp, long length); - -OCSP_CERTID *OCSP_CERTID_new(void); -void OCSP_CERTID_free(OCSP_CERTID *a); -int i2d_OCSP_CERTID(OCSP_CERTID *a, unsigned char **pp); -OCSP_CERTID *d2i_OCSP_CERTID(OCSP_CERTID **a, unsigned char **pp, long length); - -OCSP_REQUEST *OCSP_REQUEST_new(void); -void OCSP_REQUEST_free(OCSP_REQUEST *a); -int i2d_OCSP_REQUEST(OCSP_REQUEST *a, unsigned char **pp); -OCSP_REQUEST *d2i_OCSP_REQUEST(OCSP_REQUEST **a, unsigned char **pp, long length); - -int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags); - -OCSP_SIGNATURE *OCSP_SIGNATURE_new(void); -void OCSP_SIGNATURE_free(OCSP_SIGNATURE *a); -int i2d_OCSP_SIGNATURE(OCSP_SIGNATURE *a, unsigned char **pp); -OCSP_SIGNATURE *d2i_OCSP_SIGNATURE(OCSP_SIGNATURE **a, unsigned char **pp, long length); - - +DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS) +DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO) +DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP) +DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA) +DECLARE_ASN1_FUNCTIONS(OCSP_RESPID) +DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE) +DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES) +DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ) +DECLARE_ASN1_FUNCTIONS(OCSP_CERTID) +DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST) +DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE) DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO) DECLARE_ASN1_FUNCTIONS(OCSP_CRLID) DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC) +int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags); + + void ERR_load_OCSP_strings(void); /* BEGIN ERROR CODES */ diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index 9bd6e2a39b..8aa872400b 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -67,49 +67,49 @@ int X509_verify(X509 *a, EVP_PKEY *r) { - return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg, + return(ASN1_item_verify(&X509_CINF_it,a->sig_alg, a->signature,(char *)a->cert_info,r)); } int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) { - return( ASN1_verify((int (*)())i2d_X509_REQ_INFO, + return( ASN1_item_verify(&X509_REQ_INFO_it, a->sig_alg,a->signature,(char *)a->req_info,r)); } int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r) { - return(ASN1_verify((int (*)())i2d_X509_CRL_INFO, + return(ASN1_item_verify(&X509_CRL_INFO_it, a->sig_alg, a->signature,(char *)a->crl,r)); } int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) { - return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC, + return(ASN1_item_verify(&NETSCAPE_SPKAC_it, a->sig_algor,a->signature, (char *)a->spkac,r)); } int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) { - return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, + return(ASN1_item_sign(&X509_CINF_it, x->cert_info->signature, x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)); } int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) { - return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, + return(ASN1_item_sign(&X509_REQ_INFO_it,x->sig_alg, NULL, x->signature, (char *)x->req_info,pkey,md)); } int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md) { - return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg, + return(ASN1_item_sign(&X509_CRL_INFO_it,x->crl->sig_alg, x->sig_alg, x->signature, (char *)x->crl,pkey,md)); } int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) { - return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, + return(ASN1_item_sign(&NETSCAPE_SPKAC_it, x->sig_algor,NULL, x->signature, (char *)x->spkac,pkey,md)); } @@ -414,31 +414,31 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne) int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { - return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)); + return(ASN1_item_digest(&X509_it,type,(char *)data,md,len)); } int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { - return(ASN1_digest((int (*)())i2d_X509_CRL,type,(char *)data,md,len)); + return(ASN1_item_digest(&X509_CRL_it,type,(char *)data,md,len)); } int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { - return(ASN1_digest((int (*)())i2d_X509_REQ,type,(char *)data,md,len)); + return(ASN1_item_digest(&X509_REQ_it,type,(char *)data,md,len)); } int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { - return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)); + return(ASN1_item_digest(&X509_NAME_it,type,(char *)data,md,len)); } int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { - return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type, + return(ASN1_item_digest(&PKCS7_ISSUER_AND_SERIAL_it,type, (char *)data,md,len)); } -- 2.34.1