Make X509_REQ and X509_REQ_INFO opaque.

We can unexport the X509_REQ_INFO type entirely. (NB: OpenSSL hasn't done this, but has unexported so much of X509_REQ_INFO that it is impossible to use what remains anyway.) Update-Note: Callers that reach into X509_REQ and X509_REQ_INFO must use accessors instead. Change-Id: I1eea5207b9195c8051d5e467acd63ad5f0caf89d Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47564 Reviewed-by: Adam Langley <agl@google.com>
4 years ago · aaecb82c6b
parent ddecaabdc8
commit aaecb82c6b
7 changed files with 32 additions and 27 deletions
--- a/crypto/x509/internal.h
+++ b/crypto/x509/internal.h
@ -50,6 +50,24 @@ struct x509_cert_aux_st {
  STACK_OF(X509_ALGOR) *other;    // other unspecified info
 } /* X509_CERT_AUX */;

+typedef struct {
+  ASN1_ENCODING enc;
+  ASN1_INTEGER *version;
+  X509_NAME *subject;
+  X509_PUBKEY *pubkey;
+  //  d=2 hl=2 l=  0 cons: cont: 00
+  STACK_OF(X509_ATTRIBUTE) *attributes;  // [ 0 ]
+} X509_REQ_INFO;
+
+DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
+
+struct X509_req_st {
+  X509_REQ_INFO *req_info;
+  X509_ALGOR *sig_alg;
+  ASN1_BIT_STRING *signature;
+  CRYPTO_refcount_t references;
+} /* X509_REQ */;
+

 /* RSA-PSS functions. */

--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@ -65,6 +65,9 @@
 #include <openssl/pem.h>
 #include <openssl/x509.h>

+#include "internal.h"
+
+
 X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
 {
    X509_REQ *ret;
--- a/crypto/x509/x509rset.c
+++ b/crypto/x509/x509rset.c
@ -59,6 +59,9 @@
 #include <openssl/obj.h>
 #include <openssl/x509.h>

+#include "internal.h"
+
+
 int X509_REQ_set_version(X509_REQ *x, long version)
 {
    if (x == NULL)
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@ -66,6 +66,9 @@
 #include <openssl/rsa.h>
 #include <openssl/stack.h>

+#include "internal.h"
+
+
 int X509_verify(X509 *x509, EVP_PKEY *pkey)
 {
    if (X509_ALGOR_cmp(x509->sig_alg, x509->cert_info->signature)) {
--- a/crypto/x509/x_req.c
+++ b/crypto/x509/x_req.c
@ -60,17 +60,16 @@
 #include <openssl/thread.h>
 #include <openssl/x509.h>

+#include "internal.h"
+
+
 /*
 * X509_REQ_INFO is handled in an unusual way to get round invalid encodings.
 * Some broken certificate requests don't encode the attributes field if it
 * is empty. This is in violation of PKCS#10 but we need to tolerate it. We
 * do this by making the attributes field OPTIONAL then using the callback to
 * initialise it to an empty STACK. This means that the field will be
- * correctly encoded unless we NULL out the field. As a result we no longer
- * need the req_kludge field because the information is now contained in the
- * attributes field: 1. If it is NULL then it's the invalid omission. 2. If
- * it is empty it is the correct encoding. 3. If it is not empty then some
- * attributes are present.
+ * correctly encoded unless we NULL out the field.
 */

 static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@ -90,9 +89,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
        ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
        ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
        ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
-        /* This isn't really OPTIONAL but it gets round invalid
-         * encodings
-         */
+        /* This isn't really OPTIONAL but it gets around invalid encodings. */
        ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
 } ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO)

--- a/include/openssl/base.h
+++ b/include/openssl/base.h
@ -372,7 +372,6 @@ typedef struct X509_info_st X509_INFO;
 typedef struct X509_name_entry_st X509_NAME_ENTRY;
 typedef struct X509_name_st X509_NAME;
 typedef struct X509_pubkey_st X509_PUBKEY;
-typedef struct X509_req_info_st X509_REQ_INFO;
 typedef struct X509_req_st X509_REQ;
 typedef struct X509_sig_st X509_SIG;
 typedef struct X509_val_st X509_VAL;
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@ -151,23 +151,6 @@ DECLARE_ASN1_SET_OF(X509_EXTENSION)
 DEFINE_STACK_OF(X509_ATTRIBUTE)
 DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)

-
-struct X509_req_info_st {
-  ASN1_ENCODING enc;
-  ASN1_INTEGER *version;
-  X509_NAME *subject;
-  X509_PUBKEY *pubkey;
-  //  d=2 hl=2 l=  0 cons: cont: 00
-  STACK_OF(X509_ATTRIBUTE) *attributes;  // [ 0 ]
-} /* X509_REQ_INFO */;
-
-struct X509_req_st {
-  X509_REQ_INFO *req_info;
-  X509_ALGOR *sig_alg;
-  ASN1_BIT_STRING *signature;
-  CRYPTO_refcount_t references;
-} /* X509_REQ */;
-
 struct x509_cinf_st {
  ASN1_INTEGER *version;  // [ 0 ] default of v1
  ASN1_INTEGER *serialNumber;
@ -950,7 +933,6 @@ OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
 OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);

 DECLARE_ASN1_FUNCTIONS(X509_SIG)
-DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
 DECLARE_ASN1_FUNCTIONS(X509_REQ)

 DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)