The branch master has been updated via 7880e14318bda992e5f89077bce7f965f4840262 (commit) via 32f5c251643a7a63223ac191923071b3cccb480a (commit) via 1f143e08a5cde8e3fa6b5b80988bd6be7673428a (commit) via 835911b845043817f4477252be4f5fec93165503 (commit) from 75ef61d7058b30a5c96a9f49eee0f0313141ec54 (commit)
- Log ----------------------------------------------------------------- commit 7880e14318bda992e5f89077bce7f965f4840262 Author: Dr. Stephen Henson <st...@openssl.org> Date: Fri Sep 18 02:54:59 2015 +0100 Use accessors in X509_REQ_print(). Reviewed-by: Rich Salz <rs...@openssl.org> commit 32f5c251643a7a63223ac191923071b3cccb480a Author: Dr. Stephen Henson <st...@openssl.org> Date: Fri Sep 18 02:38:49 2015 +0100 Use accessor functions in X509_CRL_print(). Reviewed-by: Rich Salz <rs...@openssl.org> commit 1f143e08a5cde8e3fa6b5b80988bd6be7673428a Author: Dr. Stephen Henson <st...@openssl.org> Date: Fri Sep 18 03:06:55 2015 +0100 New accessor X509_REQ_get_X509_PUBKEY() Reviewed-by: Rich Salz <rs...@openssl.org> commit 835911b845043817f4477252be4f5fec93165503 Author: Dr. Stephen Henson <st...@openssl.org> Date: Fri Sep 18 02:39:44 2015 +0100 Additional X509_CRL accessors. Reviewed-by: Rich Salz <rs...@openssl.org> ----------------------------------------------------------------------- Summary of changes: crypto/asn1/t_crl.c | 19 +++++++++++-------- crypto/asn1/t_req.c | 25 ++++++++++++++----------- crypto/x509/x509_req.c | 5 +++++ crypto/x509/x509cset.c | 10 ++++++++++ include/openssl/x509.h | 3 +++ 5 files changed, 43 insertions(+), 19 deletions(-) diff --git a/crypto/asn1/t_crl.c b/crypto/asn1/t_crl.c index a76e112..8400e85 100644 --- a/crypto/asn1/t_crl.c +++ b/crypto/asn1/t_crl.c @@ -63,7 +63,6 @@ #include <openssl/bn.h> #include <openssl/objects.h> #include <openssl/x509.h> -#include "internal/x509_int.h" #include <openssl/x509v3.h> #ifndef OPENSSL_NO_STDIO @@ -87,6 +86,8 @@ int X509_CRL_print(BIO *out, X509_CRL *x) { STACK_OF(X509_REVOKED) *rev; X509_REVOKED *r; + X509_ALGOR *sig_alg; + ASN1_BIT_STRING *sig; long l; int i; char *p; @@ -94,8 +95,9 @@ int X509_CRL_print(BIO *out, X509_CRL *x) BIO_printf(out, "Certificate Revocation List (CRL):\n"); l = X509_CRL_get_version(x); BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l); - i = OBJ_obj2nid(x->sig_alg.algorithm); - X509_signature_print(out, &x->sig_alg, NULL); + X509_CRL_get0_signature(&sig, &sig_alg, x); + i = X509_CRL_get_signature_nid(x); + X509_signature_print(out, sig_alg, NULL); p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0); BIO_printf(out, "%8sIssuer: %s\n", "", p); OPENSSL_free(p); @@ -108,7 +110,8 @@ int X509_CRL_print(BIO *out, X509_CRL *x) BIO_printf(out, "NONE"); BIO_printf(out, "\n"); - X509V3_extensions_print(out, "CRL extensions", x->crl.extensions, 0, 8); + X509V3_extensions_print(out, "CRL extensions", + X509_CRL_get0_extensions(x), 0, 8); rev = X509_CRL_get_REVOKED(x); @@ -120,14 +123,14 @@ int X509_CRL_print(BIO *out, X509_CRL *x) for (i = 0; i < sk_X509_REVOKED_num(rev); i++) { r = sk_X509_REVOKED_value(rev, i); BIO_printf(out, " Serial Number: "); - i2a_ASN1_INTEGER(out, r->serialNumber); + i2a_ASN1_INTEGER(out, X509_REVOKED_get0_serialNumber(r)); BIO_printf(out, "\n Revocation Date: "); - ASN1_TIME_print(out, r->revocationDate); + ASN1_TIME_print(out, X509_REVOKED_get0_revocationDate(r)); BIO_printf(out, "\n"); X509V3_extensions_print(out, "CRL entry extensions", - r->extensions, 0, 8); + X509_REVOKED_get0_extensions(r), 0, 8); } - X509_signature_print(out, &x->sig_alg, x->signature); + X509_signature_print(out, sig_alg, sig); return 1; diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c index 8ea350d..80611b1 100644 --- a/crypto/asn1/t_req.c +++ b/crypto/asn1/t_req.c @@ -62,7 +62,6 @@ #include <openssl/bn.h> #include <openssl/objects.h> #include <openssl/x509.h> -#include "internal/x509_int.h" #include <openssl/x509v3.h> #ifndef OPENSSL_NO_RSA # include <openssl/rsa.h> @@ -93,9 +92,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, { long l; int i; - X509_REQ_INFO *ri; EVP_PKEY *pkey; - STACK_OF(X509_ATTRIBUTE) *sk; STACK_OF(X509_EXTENSION) *exts; char mlch = ' '; int nmindent = 0; @@ -108,7 +105,6 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, if (nmflags == X509_FLAG_COMPAT) nmindent = 16; - ri = &x->req_info; if (!(cflag & X509_FLAG_NO_HEADER)) { if (BIO_write(bp, "Certificate Request:\n", 21) <= 0) goto err; @@ -123,17 +119,22 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, if (!(cflag & X509_FLAG_NO_SUBJECT)) { if (BIO_printf(bp, " Subject:%c", mlch) <= 0) goto err; - if (X509_NAME_print_ex(bp, ri->subject, nmindent, nmflags) < 0) + if (X509_NAME_print_ex(bp, X509_REQ_get_subject_name(x), + nmindent, nmflags) < 0) goto err; if (BIO_write(bp, "\n", 1) <= 0) goto err; } if (!(cflag & X509_FLAG_NO_PUBKEY)) { + X509_PUBKEY *xpkey; + ASN1_OBJECT *koid; if (BIO_write(bp, " Subject Public Key Info:\n", 33) <= 0) goto err; if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0) goto err; - if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0) + xpkey = X509_REQ_get_X509_PUBKEY(x); + X509_PUBKEY_get0_param(&koid, NULL, NULL, NULL, xpkey); + if (i2a_ASN1_OBJECT(bp, koid) <= 0) goto err; if (BIO_puts(bp, "\n") <= 0) goto err; @@ -153,19 +154,18 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0) goto err; - sk = x->req_info.attributes; - if (sk_X509_ATTRIBUTE_num(sk) == 0) { + if (X509_REQ_get_attr_count(x) == 0) { if (BIO_printf(bp, "%12sa0:00\n", "") <= 0) goto err; } else { - for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { + for (i = 0; i < X509_REQ_get_attr_count(x); i++) { ASN1_TYPE *at; X509_ATTRIBUTE *a; ASN1_BIT_STRING *bs = NULL; ASN1_OBJECT *aobj; int j, type = 0, count = 1, ii = 0; - a = sk_X509_ATTRIBUTE_value(sk, i); + a = X509_REQ_get_attr(x, i); aobj = X509_ATTRIBUTE_get0_object(a); if (X509_REQ_extension_nid(OBJ_obj2nid(aobj))) continue; @@ -227,7 +227,10 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, } if (!(cflag & X509_FLAG_NO_SIGDUMP)) { - if (!X509_signature_print(bp, &x->sig_alg, x->signature)) + X509_ALGOR *sig_alg; + ASN1_BIT_STRING *sig; + X509_REQ_get0_signature(&sig, &sig_alg, x); + if (!X509_signature_print(bp, sig_alg, sig)) goto err; } diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index a8b838c..8cc35b3 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -117,6 +117,11 @@ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req) return (X509_PUBKEY_get(req->req_info.pubkey)); } +X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *req) +{ + return req->req_info.pubkey; +} + int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) { EVP_PKEY *xk = NULL; diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c index 676ceba..a779fd4 100644 --- a/crypto/x509/x509cset.c +++ b/crypto/x509/x509cset.c @@ -158,6 +158,11 @@ X509_NAME *X509_CRL_get_issuer(X509_CRL *crl) return crl->crl.issuer; } +STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(X509_CRL *crl) +{ + return crl->crl.extensions; +} + STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl) { return crl->crl.revoked; @@ -221,6 +226,11 @@ int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial) return (in != NULL); } +STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(X509_REVOKED *r) +{ + return r->extensions; +} + int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp) { crl->crl.enc.modified = 1; diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 1374b0f..5d6c083 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -759,6 +759,7 @@ int X509_REQ_get_signature_nid(const X509_REQ *req); int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp); int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req); +X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *req); int X509_REQ_extension_nid(int nid); int *X509_REQ_get_extension_nids(void); void X509_REQ_set_extension_nids(int *nids); @@ -794,6 +795,7 @@ long X509_CRL_get_version(X509_CRL *crl); ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl); ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl); X509_NAME *X509_CRL_get_issuer(X509_CRL *crl); +STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(X509_CRL *crl); STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl); void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_CRL *crl); @@ -804,6 +806,7 @@ ASN1_INTEGER *X509_REVOKED_get0_serialNumber(X509_REVOKED *x); int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); ASN1_TIME *X509_REVOKED_get0_revocationDate(X509_REVOKED *x); int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); +STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(X509_REVOKED *r); X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, EVP_PKEY *skey, const EVP_MD *md, unsigned int flags); _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits