From a5a9b54d84e60e6a63f64cd001db1baf131b91a1 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Wed, 14 Jul 2021 13:27:30 -0400
Subject: [PATCH] Make X509_CRL opaque.

Update-Note: Use accessors instead.

Change-Id: I7b41eb7c724d94d3e6d26498063e045a1850c671
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48465
Reviewed-by: Adam Langley <agl@google.com>
---
 crypto/x509/by_dir.c    |  1 +
 crypto/x509/internal.h  | 36 ++++++++++++++++++++++++++++++++++++
 crypto/x509/t_crl.c     | 13 ++++++++++---
 crypto/x509/x509_ext.c  |  2 ++
 crypto/x509/x509_lu.c   |  1 +
 crypto/x509/x509cset.c  |  1 +
 crypto/x509/x_crl.c     |  1 +
 crypto/x509v3/v3_conf.c |  1 +
 include/openssl/base.h  |  1 -
 include/openssl/x509.h  | 34 ----------------------------------
 10 files changed, 53 insertions(+), 38 deletions(-)

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 7b91cbd0a..a630cdf00 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -68,6 +68,7 @@
 #if !defined(OPENSSL_TRUSTY)
 
 #include "../internal.h"
+#include "internal.h"
 
 typedef struct lookup_dir_hashes_st {
     unsigned long hash;
diff --git a/crypto/x509/internal.h b/crypto/x509/internal.h
index 59e980afe..8c37985f9 100644
--- a/crypto/x509/internal.h
+++ b/crypto/x509/internal.h
@@ -112,6 +112,42 @@ struct X509_req_st {
   CRYPTO_refcount_t references;
 } /* X509_REQ */;
 
+typedef struct {
+  ASN1_INTEGER *version;
+  X509_ALGOR *sig_alg;
+  X509_NAME *issuer;
+  ASN1_TIME *lastUpdate;
+  ASN1_TIME *nextUpdate;
+  STACK_OF(X509_REVOKED) *revoked;
+  STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
+  ASN1_ENCODING enc;
+} X509_CRL_INFO;
+
+DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
+
+struct X509_crl_st {
+  // actual signature
+  X509_CRL_INFO *crl;
+  X509_ALGOR *sig_alg;
+  ASN1_BIT_STRING *signature;
+  CRYPTO_refcount_t references;
+  int flags;
+  // Copies of various extensions
+  AUTHORITY_KEYID *akid;
+  ISSUING_DIST_POINT *idp;
+  // Convenient breakdown of IDP
+  int idp_flags;
+  int idp_reasons;
+  // CRL and base CRL numbers for delta processing
+  ASN1_INTEGER *crl_number;
+  ASN1_INTEGER *base_crl_number;
+  unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+  STACK_OF(GENERAL_NAMES) *issuers;
+  const X509_CRL_METHOD *meth;
+  void *meth_data;
+} /* X509_CRL */;
+
+
 struct X509_VERIFY_PARAM_st {
   char *name;
   time_t check_time;                // Time to use
diff --git a/crypto/x509/t_crl.c b/crypto/x509/t_crl.c
index 14f98c54e..42f05cd61 100644
--- a/crypto/x509/t_crl.c
+++ b/crypto/x509/t_crl.c
@@ -86,7 +86,13 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
     BIO_printf(out, "Certificate Revocation List (CRL):\n");
     l = X509_CRL_get_version(x);
     BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
-    X509_signature_print(out, x->sig_alg, NULL);
+    const X509_ALGOR *sig_alg;
+    const ASN1_BIT_STRING *signature;
+    X509_CRL_get0_signature(x, &signature, &sig_alg);
+    // Note this and the other |X509_signature_print| call print the outer
+    // signature algorithm twice, rather than both the inner and outer ones.
+    // This matches OpenSSL, though it was probably a bug.
+    X509_signature_print(out, sig_alg, NULL);
     p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
     BIO_printf(out, "%8sIssuer: %s\n", "", p);
     OPENSSL_free(p);
@@ -99,7 +105,8 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
         BIO_printf(out, "NONE");
     BIO_printf(out, "\n");
 
-    X509V3_extensions_print(out, "CRL extensions", x->crl->extensions, 0, 8);
+    X509V3_extensions_print(out, "CRL extensions", X509_CRL_get0_extensions(x),
+                            0, 8);
 
     rev = X509_CRL_get_REVOKED(x);
 
@@ -118,7 +125,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
         X509V3_extensions_print(out, "CRL entry extensions",
                                 r->extensions, 0, 8);
     }
-    X509_signature_print(out, x->sig_alg, x->signature);
+    X509_signature_print(out, sig_alg, signature);
 
     return 1;
 
diff --git a/crypto/x509/x509_ext.c b/crypto/x509/x509_ext.c
index 362c95b38..a08e2a85c 100644
--- a/crypto/x509/x509_ext.c
+++ b/crypto/x509/x509_ext.c
@@ -62,6 +62,8 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
+#include "internal.h"
+
 int X509_CRL_get_ext_count(const X509_CRL *x)
 {
     return (X509v3_get_ext_count(x->crl->extensions));
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 4046c3ebf..6d51ffdef 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -64,6 +64,7 @@
 #include <openssl/x509v3.h>
 
 #include "../internal.h"
+#include "internal.h"
 
 X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
 {
diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index ae9349928..7816d730c 100644
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -60,6 +60,7 @@
 #include <openssl/x509.h>
 
 #include "../internal.h"
+#include "internal.h"
 
 int X509_CRL_set_version(X509_CRL *x, long version)
 {
diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
index 3f5fc1dff..f6fbd0a9f 100644
--- a/crypto/x509/x_crl.c
+++ b/crypto/x509/x_crl.c
@@ -66,6 +66,7 @@
 #include <openssl/x509v3.h>
 
 #include "../internal.h"
+#include "internal.h"
 
 /*
  * Method to handle CRL access. In general a CRL could be very large (several
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index 158f8df18..319275230 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -69,6 +69,7 @@
 #include <openssl/x509v3.h>
 
 #include "../internal.h"
+#include "../x509/internal.h"
 #include "internal.h"
 
 static int v3_check_critical(const char **value);
diff --git a/include/openssl/base.h b/include/openssl/base.h
index 88cfb8f18..ea4366a21 100644
--- a/include/openssl/base.h
+++ b/include/openssl/base.h
@@ -365,7 +365,6 @@ typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
 typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
 typedef struct X509_VERIFY_PARAM_st X509_VERIFY_PARAM;
 typedef struct X509_algor_st X509_ALGOR;
-typedef struct X509_crl_info_st X509_CRL_INFO;
 typedef struct X509_crl_st X509_CRL;
 typedef struct X509_extension_st X509_EXTENSION;
 typedef struct X509_info_st X509_INFO;
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 1e745ca7a..4960b35ea 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -316,41 +316,8 @@ struct x509_revoked_st {
 
 DEFINE_STACK_OF(X509_REVOKED)
 
-struct X509_crl_info_st {
-  ASN1_INTEGER *version;
-  X509_ALGOR *sig_alg;
-  X509_NAME *issuer;
-  ASN1_TIME *lastUpdate;
-  ASN1_TIME *nextUpdate;
-  STACK_OF(X509_REVOKED) *revoked;
-  STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
-  ASN1_ENCODING enc;
-} /* X509_CRL_INFO */;
-
 DECLARE_STACK_OF(GENERAL_NAMES)
 
-struct X509_crl_st {
-  // actual signature
-  X509_CRL_INFO *crl;
-  X509_ALGOR *sig_alg;
-  ASN1_BIT_STRING *signature;
-  CRYPTO_refcount_t references;
-  int flags;
-  // Copies of various extensions
-  AUTHORITY_KEYID *akid;
-  ISSUING_DIST_POINT *idp;
-  // Convenient breakdown of IDP
-  int idp_flags;
-  int idp_reasons;
-  // CRL and base CRL numbers for delta processing
-  ASN1_INTEGER *crl_number;
-  ASN1_INTEGER *base_crl_number;
-  unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-  STACK_OF(GENERAL_NAMES) *issuers;
-  const X509_CRL_METHOD *meth;
-  void *meth_data;
-} /* X509_CRL */;
-
 DEFINE_STACK_OF(X509_CRL)
 
 struct private_key_st {
@@ -1040,7 +1007,6 @@ OPENSSL_EXPORT void X509_trust_clear(X509 *x);
 OPENSSL_EXPORT void X509_reject_clear(X509 *x);
 
 DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
-DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
 DECLARE_ASN1_FUNCTIONS(X509_CRL)
 
 OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);