Make X509_REQ and X509_REQ_INFO opaque.

We can unexport the X509_REQ_INFO type entirely. (NB: OpenSSL hasn't
done this, but has unexported so much of X509_REQ_INFO that it is
impossible to use what remains anyway.)

Update-Note: Callers that reach into X509_REQ and X509_REQ_INFO must use
accessors instead.

Change-Id: I1eea5207b9195c8051d5e467acd63ad5f0caf89d
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47564
Reviewed-by: Adam Langley <agl@google.com>

crypto/x509/internal.h

@@ -50,6 +50,24 @@ struct x509_cert_aux_st {
   STACK_OF(X509_ALGOR) *other;    // other unspecified info
 } /* X509_CERT_AUX */;
 
+typedef struct {
+  ASN1_ENCODING enc;
+  ASN1_INTEGER *version;
+  X509_NAME *subject;
+  X509_PUBKEY *pubkey;
+  //  d=2 hl=2 l=  0 cons: cont: 00
+  STACK_OF(X509_ATTRIBUTE) *attributes;  // [ 0 ]
+} X509_REQ_INFO;
+
+DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
+
+struct X509_req_st {
+  X509_REQ_INFO *req_info;
+  X509_ALGOR *sig_alg;
+  ASN1_BIT_STRING *signature;
+  CRYPTO_refcount_t references;
+} /* X509_REQ */;
+
 
 /* RSA-PSS functions. */
 

crypto/x509/x509_req.c

@@ -65,6 +65,9 @@
 #include <openssl/pem.h>
 #include <openssl/x509.h>
 
+#include "internal.h"
+
+
 X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
 {
     X509_REQ *ret;

crypto/x509/x509rset.c

@@ -59,6 +59,9 @@
 #include <openssl/obj.h>
 #include <openssl/x509.h>
 
+#include "internal.h"
+
+
 int X509_REQ_set_version(X509_REQ *x, long version)
 {
     if (x == NULL)

crypto/x509/x_all.c

@@ -66,6 +66,9 @@
 #include <openssl/rsa.h>
 #include <openssl/stack.h>
 
+#include "internal.h"
+
+
 int X509_verify(X509 *x509, EVP_PKEY *pkey)
 {
     if (X509_ALGOR_cmp(x509->sig_alg, x509->cert_info->signature)) {

crypto/x509/x_req.c

@@ -60,17 +60,16 @@
 #include <openssl/thread.h>
 #include <openssl/x509.h>
 
+#include "internal.h"
+
+
 /*
  * X509_REQ_INFO is handled in an unusual way to get round invalid encodings.
  * Some broken certificate requests don't encode the attributes field if it
  * is empty. This is in violation of PKCS#10 but we need to tolerate it. We
  * do this by making the attributes field OPTIONAL then using the callback to
  * initialise it to an empty STACK. This means that the field will be
- * correctly encoded unless we NULL out the field. As a result we no longer
+ * correctly encoded unless we NULL out the field.
- * need the req_kludge field because the information is now contained in the
- * attributes field: 1. If it is NULL then it's the invalid omission. 2. If
- * it is empty it is the correct encoding. 3. If it is not empty then some
- * attributes are present.
  */
 
 static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -90,9 +89,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
         ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
         ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
         ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
-        /* This isn't really OPTIONAL but it gets round invalid
+        /* This isn't really OPTIONAL but it gets around invalid encodings. */
-         * encodings
-         */
         ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
 } ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO)
 

include/openssl/base.h

@@ -372,7 +372,6 @@ typedef struct X509_info_st X509_INFO;
 typedef struct X509_name_entry_st X509_NAME_ENTRY;
 typedef struct X509_name_st X509_NAME;
 typedef struct X509_pubkey_st X509_PUBKEY;
-typedef struct X509_req_info_st X509_REQ_INFO;
 typedef struct X509_req_st X509_REQ;
 typedef struct X509_sig_st X509_SIG;
 typedef struct X509_val_st X509_VAL;

include/openssl/x509.h

@@ -151,23 +151,6 @@ DECLARE_ASN1_SET_OF(X509_EXTENSION)
 DEFINE_STACK_OF(X509_ATTRIBUTE)
 DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
 
-
-struct X509_req_info_st {
-  ASN1_ENCODING enc;
-  ASN1_INTEGER *version;
-  X509_NAME *subject;
-  X509_PUBKEY *pubkey;
-  //  d=2 hl=2 l=  0 cons: cont: 00
-  STACK_OF(X509_ATTRIBUTE) *attributes;  // [ 0 ]
-} /* X509_REQ_INFO */;
-
-struct X509_req_st {
-  X509_REQ_INFO *req_info;
-  X509_ALGOR *sig_alg;
-  ASN1_BIT_STRING *signature;
-  CRYPTO_refcount_t references;
-} /* X509_REQ */;
-
 struct x509_cinf_st {
   ASN1_INTEGER *version;  // [ 0 ] default of v1
   ASN1_INTEGER *serialNumber;
@@ -950,7 +933,6 @@ OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
 OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
 
 DECLARE_ASN1_FUNCTIONS(X509_SIG)
-DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
 DECLARE_ASN1_FUNCTIONS(X509_REQ)
 
 DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)