From e84240d42289a131def633579cfdabfb6ebf557d Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 19 May 1999 12:45:16 +0000 Subject: [PATCH] New functions sk_set, sk_value and sk_num to replace existing macros: this is to minimise the effects on existing code. --- CHANGES | 12 ++++++++++++ apps/pkcs12.c | 6 +++--- crypto/ex_data.c | 4 ++-- crypto/objects/o_names.c | 6 +++--- crypto/pkcs12/p12_crt.c | 2 +- crypto/pkcs12/pkcs12.h | 5 +++++ crypto/pkcs7/pk7_doit.c | 10 +++++----- crypto/stack/safestack.h | 4 ++-- crypto/stack/stack.c | 17 +++++++++++++++++ crypto/stack/stack.h | 10 ++++++++-- util/libeay.num | 3 +++ 11 files changed, 61 insertions(+), 18 deletions(-) diff --git a/CHANGES b/CHANGES index 97e9dcb5ec..9f04291d99 100644 --- a/CHANGES +++ b/CHANGES @@ -10,6 +10,18 @@ [23-Dec-1998] down below; but in later versions, these hyphens are gone.] + *) New functions sk_num, sk_value and sk_set to replace the previous macros. + These are required because of the typesafe stack would otherwise break + existing code. If old code used a structure member which used to be STACK + and is now STACK_OF (for example cert in a PKCS7_SIGNED structure) with + sk_num or sk_value it would produce an error because the num, data members + are not present in STACK_OF. Now it just produces a warning. sk_set + replaces the old method of assigning a value to sk_value + (e.g. sk_value(x, i) = y) which the library used in a few cases. Any code + that does this will no longer work (and should use sk_set instead) but + this could be regarded as a "questionable" behaviour anyway. + [Steve Henson] + *) Fix most of the other PKCS#7 bugs. The "experimental" code can now correctly handle encrypted S/MIME data. [Steve Henson] diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 190efc7b42..13544ddef8 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -69,7 +69,6 @@ EVP_CIPHER *enc; -#define _ITER_ 2048 #define NOKEYS 0x1 #define NOCERTS 0x2 @@ -99,7 +98,7 @@ int MAIN(int argc, char **argv) int options = 0; int chain = 0; int badarg = 0; - int iter = _ITER_; + int iter = PKCS12_DEFAULT_ITER; int maciter = 1; int twopass = 0; int keytype = 0; @@ -140,7 +139,8 @@ int MAIN(int argc, char **argv) #endif else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc(); else if (!strcmp (*args, "-noiter")) iter = 1; - else if (!strcmp (*args, "-maciter")) maciter = _ITER_; + else if (!strcmp (*args, "-maciter")) + maciter = PKCS12_DEFAULT_ITER; else if (!strcmp (*args, "-nodes")) enc=NULL; else if (!strcmp (*args, "-inkey")) { if (args[1]) { diff --git a/crypto/ex_data.c b/crypto/ex_data.c index a60d58e81f..741bb570f0 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -97,7 +97,7 @@ int CRYPTO_get_ex_new_index(int idx, STACK **skp, long argl, char *argp, goto err; } } - sk_value(*skp,idx)=(char *)a; + sk_set(*skp,idx, (char *)a); ret=idx; err: MemCheck_on(); @@ -127,7 +127,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, char *val) } i++; } - sk_value(ad->sk,idx)=val; + sk_set(ad->sk,idx,val); return(1); } diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c index 22edb0e680..4da5e45b9c 100644 --- a/crypto/objects/o_names.c +++ b/crypto/objects/o_names.c @@ -56,11 +56,11 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(), int (*cmp_func)(), MemCheck_on(); } if (hash_func != NULL) - sk_value(names_hash,ret)=(char *)hash_func; + sk_set(names_hash,ret,(char *)hash_func); if (cmp_func != NULL) - sk_value(names_cmp,ret)= (char *)cmp_func; + sk_set(names_cmp,ret,(char *)cmp_func); if (free_func != NULL) - sk_value(names_free,ret)=(char *)free_func; + sk_set(names_free,ret,(char *)free_func); return(ret); } diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c index 96cecc6efc..56d88b0759 100644 --- a/crypto/pkcs12/p12_crt.c +++ b/crypto/pkcs12/p12_crt.c @@ -77,7 +77,7 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, /* Set defaults */ if(!nid_cert) nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - if(!iter) iter = 2048; + if(!iter) iter = PKCS12_DEFAULT_ITER; if(!mac_iter) mac_iter = 1; if(!pkey || !cert) { diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h index 6a489a44c3..34ca002b0c 100644 --- a/crypto/pkcs12/pkcs12.h +++ b/crypto/pkcs12/pkcs12.h @@ -70,6 +70,11 @@ extern "C" { #define PKCS12_IV_ID 2 #define PKCS12_MAC_ID 3 +/* Default iteration count */ +#ifndef PKCS12_DEFAULT_ITER +#define PKCS12_DEFAULT_ITER 2048 +#endif + #define PKCS12_MAC_KEY_LENGTH 20 #define PKCS12_SALT_LEN 8 diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 49e19fe9c5..47855bdb68 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -823,8 +823,8 @@ int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, STACK *sk) p7si->auth_attr=sk_dup(sk); for (i=0; iauth_attr,i)=(char *)X509_ATTRIBUTE_dup( - (X509_ATTRIBUTE *)sk_value(sk,i))) == NULL) + if ((sk_set(p7si->auth_attr,i,(char *)X509_ATTRIBUTE_dup( + (X509_ATTRIBUTE *)sk_value(sk,i)))) == NULL) return(0); } return(1); @@ -839,8 +839,8 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK *sk) p7si->unauth_attr=sk_dup(sk); for (i=0; iunauth_attr,i)=(char *)X509_ATTRIBUTE_dup( - (X509_ATTRIBUTE *)sk_value(sk,i))) == NULL) + if ((sk_set(p7si->unauth_attr,i,(char *)X509_ATTRIBUTE_dup( + (X509_ATTRIBUTE *)sk_value(sk,i)))) == NULL) return(0); } return(1); @@ -880,7 +880,7 @@ new_attrib: { X509_ATTRIBUTE_free(attr); attr=X509_ATTRIBUTE_create(nid,atrtype,value); - sk_value(*sk,i)=(char *)attr; + sk_set(*sk,i,(char *)attr); goto end; } } diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h index 3c9fdba658..d0823c0d0a 100644 --- a/crypto/stack/safestack.h +++ b/crypto/stack/safestack.h @@ -92,11 +92,11 @@ STACK_OF(type) *sk_##type##_new_null() \ void sk_##type##_free(STACK_OF(type) *sk) \ { sk_free((STACK *)sk); } \ int sk_##type##_num(const STACK_OF(type) *sk) \ - { return sk_num((const STACK *)sk); } \ + { return M_sk_num((const STACK *)sk); } \ type *sk_##type##_value(const STACK_OF(type) *sk,int n) \ { return (type *)sk_value((STACK *)sk,n); } \ type *sk_##type##_set(STACK_OF(type) *sk,int n,type *v) \ - { return (type *)(sk_value((STACK *)sk,n)=(char *)v); } \ + { return (type *)(sk_set((STACK *)sk,n,(char *)v)); } \ void sk_##type##_zero(STACK_OF(type) *sk) \ { sk_zero((STACK *)sk); } \ int sk_##type##_push(STACK_OF(type) *sk,type *v) \ diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c index 5a15a2456d..f1165b340c 100644 --- a/crypto/stack/stack.c +++ b/crypto/stack/stack.c @@ -284,3 +284,20 @@ void sk_free(STACK *st) Free((char *)st); } +int sk_num(STACK *st) +{ + if(st == NULL) return -1; + return st->num; +} + +char *sk_value(STACK *st, int i) +{ + if(st == NULL) return NULL; + return st->data[i]; +} + +char *sk_set(STACK *st, int i, char *value) +{ + if(st == NULL) return NULL; + return (st->data[i] = value); +} diff --git a/crypto/stack/stack.h b/crypto/stack/stack.h index 3629b0d3c8..ec629d0fd2 100644 --- a/crypto/stack/stack.h +++ b/crypto/stack/stack.h @@ -73,11 +73,17 @@ typedef struct stack_st int (*comp)(); } STACK; -#define sk_num(sk) ((sk)->num) -#define sk_value(sk,n) ((sk)->data[n]) #define sk_new_null() sk_new(NULL) +#define M_sk_num(sk) ((sk)->num) +#define M_sk_value(sk,n) ((sk)->data[n]) + +int sk_num(STACK *); +char *sk_value(STACK *, int); + +char *sk_set(STACK *, int, char *); + STACK *sk_new(int (*cmp)()); void sk_free(STACK *); void sk_pop_free(STACK *st, void (*func)()); diff --git a/util/libeay.num b/util/libeay.num index 7be174acdf..604295ba7b 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -1625,3 +1625,6 @@ EVP_CIPHER_type 1649 EVP_PBE_CipherInit 1650 X509V3_add_value_bool_nf 1651 d2i_ASN1_UINTEGER 1652 +sk_value 1653 +sk_num 1654 +sk_set 1655 -- 2.34.1