Deprecate the recursive includes of bn.h from various API headers (asn1.h,

dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.

diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c
index d9db53f01d39de2a495d1bcca3b77f7cf4c815b7..49f9e994be4eb48ee1ae6d18892fe0bb17e08bef 100644 (file)
--- a/crypto/asn1/a_enum.c
+++ b/crypto/asn1/a_enum.c
@@ -59,6 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1.h>
+#include <openssl/bn.h>
 
 /* 
  * Code for ENUMERATED type: identical to INTEGER apart from a different tag.

diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 5d76de79ba89d3e8ab3b8b3b8b8c4476ea5e1354..c81fa00c4c0b49466644613835ad590f46ba9e80 100644 (file)
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -59,6 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1.h>
+#include <openssl/bn.h>
 
 ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
 { return M_ASN1_INTEGER_dup(x);}

diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index dbf0f636e2a32cebfdd36a3e22793445836a5c7d..f7bb935e073a45dad22497dad6255689d278e398 100644 (file)
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -64,13 +64,15 @@
 #ifndef OPENSSL_NO_BIO
 #include <openssl/bio.h>
 #endif
-#include <openssl/bn.h>
 #include <openssl/stack.h>
 #include <openssl/safestack.h>
 
 #include <openssl/symhacks.h>
 
 #include <openssl/ossl_typ.h>
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
+#endif
 
 #ifdef OPENSSL_BUILD_SHLIBCRYPTO
 # undef OPENSSL_EXTERN

diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c
index 67b0cc9f00e56479a7605fbcaea4299d27deec0f..e84bae64387beccfbbb1100325ff0aaf4df48aa9 100644 (file)
--- a/crypto/asn1/t_spki.c
+++ b/crypto/asn1/t_spki.c
@@ -62,6 +62,7 @@
 #include <openssl/asn1.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
+#include <openssl/bn.h>
 
 /* Print out an SPKI */
 

diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c
index a80532cefc683dc0f1e4eb813b5da6c40686b5df..869c05d931de14f5051587216da6033b20ad30a1 100644 (file)
--- a/crypto/asn1/x_bignum.c
+++ b/crypto/asn1/x_bignum.c
@@ -59,6 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1t.h>
+#include <openssl/bn.h>
 
 /* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a
  * BIGNUM directly. Currently it ignores the sign which isn't a problem since all

diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c
index 71774fa33d6916e60b9459d66c6e8b10d72ce245..0db233cb95f6596f415b184bbf6cff48e566c0da 100644 (file)
--- a/crypto/asn1/x_long.c
+++ b/crypto/asn1/x_long.c
@@ -59,6 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1t.h>
+#include <openssl/bn.h>
 
 /* Custom primitive type for long handling. This converts between an ASN1_INTEGER
  * and a long directly.

diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index 28a1b4208df1dbe8a103f4af71db90018964c083..312340e9f3e37e82b33998418fa881a0e6af236b 100644 (file)
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -68,9 +68,10 @@
 #ifndef OPENSSL_NO_BIO
 #include <openssl/bio.h>
 #endif
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
 #include <openssl/ossl_typ.h>
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
+#endif
        
 #define DH_FLAG_CACHE_MONT_P   0x01
 

diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index cdb19457fb52bf3b85adaa7ae595a037d92e141c..068e18cb1885a8b625b9cd4230f0dec945c0d149 100644 (file)
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -74,11 +74,11 @@
 #ifndef OPENSSL_NO_BIO
 #include <openssl/bio.h>
 #endif
-#include <openssl/bn.h>
 #include <openssl/crypto.h>
 #include <openssl/ossl_typ.h>
 
 #ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
 #ifndef OPENSSL_NO_DH
 # include <openssl/dh.h>
 #endif

diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h
index db15a81938ed5531b41ccec8bada42f169391e1d..b3267df62ba342eac68a0221eafcf989979df1f2 100644 (file)
--- a/crypto/ec/ec.h
+++ b/crypto/ec/ec.h
@@ -78,9 +78,11 @@
 #error EC is disabled.
 #endif
 
-#include <openssl/bn.h>
 #include <openssl/asn1.h>
 #include <openssl/symhacks.h>
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
+#endif
 
 #ifdef  __cplusplus
 extern "C" {

diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
index 9becad8283d989c323e37b755c00a0095c0d7db9..30632ba91572fc4bc795bba1da2a98e79dff0049 100644 (file)
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -74,6 +74,7 @@
 
 #include <openssl/obj_mac.h>
 #include <openssl/ec.h>
+#include <openssl/bn.h>
 
 #if defined(__SUNPRO_C)
 # if __SUNPRO_C >= 0x520

diff --git a/crypto/ec/ectest.c b/crypto/ec/ectest.c
index 9944d632c9d0bee9defd362f2b495c473252175e..b96feae7f327fb686a4318a095bfff335a79571c 100644 (file)
--- a/crypto/ec/ectest.c
+++ b/crypto/ec/ectest.c
@@ -93,6 +93,7 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
 #include <openssl/obj_mac.h>
 #include <openssl/objects.h>
 #include <openssl/rand.h>
+#include <openssl/bn.h>
 
 #define ABORT do { \
        fflush(stdout); \

diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h
index 1a62a214b3d4bc3403168851668aec63050e7e05..f9189e09ca64ab518cdb4b1e1ce297fe14dabab9 100644 (file)
--- a/crypto/ecdh/ecdh.h
+++ b/crypto/ecdh/ecdh.h
@@ -75,9 +75,11 @@
 #error ECDH is disabled.
 #endif
 
-#include <openssl/bn.h>
 #include <openssl/ec.h>
 #include <openssl/ossl_typ.h>
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
+#endif
 
 #ifdef __cplusplus
 extern "C" {

diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c
index c7633bac7f5ea15a2b3158f4b1dd50cc1df77d48..d61e54f184c057c994e95f1a1dffcf7f6e3ce34a 100644 (file)
--- a/crypto/ecdh/ech_ossl.c
+++ b/crypto/ecdh/ech_ossl.c
@@ -77,6 +77,7 @@
 #include <openssl/err.h>
 #include <openssl/sha.h>
 #include <openssl/obj_mac.h>
+#include <openssl/bn.h>
 
 static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, EC_KEY *ecdh,
                             void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen));

diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h
index a57ba0f14f2065d227d9f380da0ade762c829595..e6081bb2af52ad7a27ee52899dd2474d92adaec7 100644 (file)
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -65,9 +65,11 @@
 #error ECDSA is disabled.
 #endif
 
-#include <openssl/bn.h>
 #include <openssl/ec.h>
 #include <openssl/ossl_typ.h>
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
+#endif
 
 #ifdef __cplusplus
 extern "C" {

diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index 6ce5d927caa754b47f2a4a975cc0a72f4f881947..d553ea1cd6039f260954416ae297375d17110c60 100644 (file)
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -57,6 +57,7 @@
 #include "ecdsa.h"
 #include <openssl/engine.h>
 #include <openssl/err.h>
+#include <openssl/bn.h>
 
 const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT;
 

diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
index 7e4b61fdef505d168fde020314cfcd677760fd71..712f666641795818285a14aa08ba4d5a63fcf0b3 100644 (file)
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -59,6 +59,7 @@
 #include "ecdsa.h"
 #include <openssl/err.h>
 #include <openssl/obj_mac.h>
+#include <openssl/bn.h>
 
 static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, 
                EC_KEY *eckey);

diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index dd63e09e55ec7b75dd003b0042d623abdf1b065a..e81b810deac53cfac66ffe617e169c343167dc74 100644 (file)
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -63,6 +63,7 @@
 #include <openssl/rand.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
+#include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_DSA
 static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);

diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 9196a34b4a908aa33e59d43ae2e454f09ea481a8..18e72d0a1b8188e06a76ffe24decd960603ef236 100644 (file)
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/pkcs12.h>
-
+#include <openssl/bn.h>
 
 /* Uncomment out this line to get debugging info about key generation */
 /*#define DEBUG_KEYGEN*/

diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 5bf862cd68e6e99d511f38d296e43f8c6fb2ebdc..00a7873f921afb72fcd704f75ce725acd9c3816e 100644 (file)
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -64,9 +64,11 @@
 #ifndef OPENSSL_NO_BIO
 #include <openssl/bio.h>
 #endif
-#include <openssl/bn.h>
 #include <openssl/crypto.h>
 #include <openssl/ossl_typ.h>
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
+#endif
 
 #ifdef OPENSSL_NO_RSA
 #error RSA is disabled.

diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c
index 236842a6342127fd0b47db1e73da598a73b7a7e9..6f0a28aa25c1d799e227a82b1e5e6894a98e2a35 100644 (file)
--- a/crypto/rsa/rsa_test.c
+++ b/crypto/rsa/rsa_test.c
@@ -8,6 +8,7 @@
 #include <openssl/crypto.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
+#include <openssl/bn.h>
 #ifdef OPENSSL_NO_RSA
 int main(int argc, char *argv[])
 {

diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index a2bb7b004335ceaea85a5392de12b538c85f5d82..191cfef1a51127e855a8fc3acb84a9c07f68d10a 100644 (file)
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -63,6 +63,7 @@
 #include "cryptlib.h"
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
+#include <openssl/bn.h>
 
 static char *strip_spaces(char *name);
 static int sk_strcmp(const char * const *a, const char * const *b);