Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
*) New ASN1 functions to handle sign, verify, digest, pack and
- unpack operations in terms of ASN1_ITEM.
+ unpack operations in terms of ASN1_ITEM. Modify existing wrappers
+ to use new functions. Add NO_ASN1_OLD which can be set to remove
+ some old style ASN1 functions: this can be used to determine if old
+ code will still work when these eventually go away.
[Steve Henson]
*) New extension functions for OCSP structures, these follow the
#include <openssl/buffer.h>
#include <openssl/x509.h>
+#ifndef NO_ASN1_OLD
+
int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
unsigned char *md, unsigned int *len)
{
return(1);
}
+#endif
+
int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
unsigned char *md, unsigned int *len)
#include "cryptlib.h"
#include <openssl/asn1_mac.h>
+#ifndef NO_ASN1_OLD
+
typedef struct
{
unsigned char *pbData;
return(NULL);
}
+#endif
#include <openssl/objects.h>
#include <openssl/buffer.h>
+#ifndef NO_ASN1_OLD
+
int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
const EVP_MD *type)
return(outl);
}
+#endif
+
int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey,
const EVP_MD *type)
#include <openssl/buffer.h>
#include <openssl/evp.h>
+#ifndef NO_ASN1_OLD
+
int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature,
char *data, EVP_PKEY *pkey)
{
return(ret);
}
+#endif
+
int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature,
void *asn, EVP_PKEY *pkey)
(unsigned char *)o)
#define OCSP_REQUEST_sign(o,pkey,md) \
- ASN1_sign((int(*)())i2d_OCSP_REQINFO,\
+ ASN1_item_sign(&OCSP_REQINFO_it,\
o->optionalSignature->signatureAlgorithm,NULL,\
o->optionalSignature->signature,(char *)o->tbsRequest,pkey,md)
#define OCSP_BASICRESP_sign(o,pkey,md,d) \
- ASN1_sign((int(*)())i2d_OCSP_RESPDATA,o->signatureAlgorithm,NULL,\
+ ASN1_item_sign(&OCSP_RESPDATA_it,o->signatureAlgorithm,NULL,\
o->signature,(char *)o->tbsResponseData,pkey,md)
-#define OCSP_REQUEST_verify(a,r) ASN1_verify((int (*)())i2d_OCSP_REQINFO,\
+#define OCSP_REQUEST_verify(a,r) ASN1_item_verify(&OCSP_REQINFO_it,\
a->optionalSignature->signatureAlgorithm,\
a->optionalSignature->signature,(char *)a->tbsRequest,r)
-#define OCSP_BASICRESP_verify(a,r,d) ASN1_verify((int (*)())i2d_OCSP_RESPDATA,\
+#define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(&OCSP_RESPDATA_it,\
a->signatureAlgorithm,a->signature,(char *)a->tbsResponseData,r)
#define ASN1_BIT_STRING_digest(data,type,md,len) \
- ASN1_digest((int (*)())i2d_ASN1_BIT_STRING,type,(char *)data,md,len)
+ ASN1_item_digest(&ASN1_BIT_STRING_it,type,(char *)data,md,len)
#define OCSP_CERTID_dup(cid) (OCSP_CERTID*)ASN1_dup((int(*)())i2d_OCSP_CERTID,\
(char *(*)())d2i_OCSP_CERTID,(char *)(cid))
int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
-
-OCSP_CERTSTATUS *OCSP_CERTSTATUS_new(void);
-void OCSP_CERTSTATUS_free(OCSP_CERTSTATUS *a);
-int i2d_OCSP_CERTSTATUS(OCSP_CERTSTATUS *a, unsigned char **pp);
-OCSP_CERTSTATUS *d2i_OCSP_CERTSTATUS(OCSP_CERTSTATUS **a, unsigned char **pp, long length);
-
-OCSP_REVOKEDINFO *OCSP_REVOKEDINFO_new(void);
-void OCSP_REVOKEDINFO_free(OCSP_REVOKEDINFO *a);
-int i2d_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO *a, unsigned char **pp);
-OCSP_REVOKEDINFO *d2i_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO **a, unsigned char **pp, long length);
-
-OCSP_BASICRESP *OCSP_BASICRESP_new(void);
-void OCSP_BASICRESP_free(OCSP_BASICRESP *a);
-int i2d_OCSP_BASICRESP(OCSP_BASICRESP *a, unsigned char **pp);
-OCSP_BASICRESP *d2i_OCSP_BASICRESP(OCSP_BASICRESP **a, unsigned char **pp, long length);
-
-OCSP_RESPDATA *OCSP_RESPDATA_new(void);
-void OCSP_RESPDATA_free(OCSP_RESPDATA *a);
-int i2d_OCSP_RESPDATA(OCSP_RESPDATA *a, unsigned char **pp);
-OCSP_RESPDATA *d2i_OCSP_RESPDATA(OCSP_RESPDATA **a, unsigned char **pp, long length);
-
-OCSP_RESPID *OCSP_RESPID_new(void);
-void OCSP_RESPID_free(OCSP_RESPID *a);
-int i2d_OCSP_RESPID(OCSP_RESPID *a, unsigned char **pp);
-OCSP_RESPID *d2i_OCSP_RESPID(OCSP_RESPID **a, unsigned char **pp, long length);
-
-OCSP_RESPONSE *OCSP_RESPONSE_new(void);
-void OCSP_RESPONSE_free(OCSP_RESPONSE *a);
-int i2d_OCSP_RESPONSE(OCSP_RESPONSE *a, unsigned char **pp);
-OCSP_RESPONSE *d2i_OCSP_RESPONSE(OCSP_RESPONSE **a, unsigned char **pp, long length);
-int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* a, unsigned long flags);
-
-OCSP_RESPBYTES *OCSP_RESPBYTES_new(void);
-void OCSP_RESPBYTES_free(OCSP_RESPBYTES *a);
-int i2d_OCSP_RESPBYTES(OCSP_RESPBYTES *a, unsigned char **pp);
-OCSP_RESPBYTES *d2i_OCSP_RESPBYTES(OCSP_RESPBYTES **a, unsigned char **pp, long length);
-
-OCSP_ONEREQ *OCSP_ONEREQ_new(void);
-void OCSP_ONEREQ_free(OCSP_ONEREQ *a);
-int i2d_OCSP_ONEREQ(OCSP_ONEREQ *a, unsigned char **pp);
-OCSP_ONEREQ *d2i_OCSP_ONEREQ(OCSP_ONEREQ **a, unsigned char **pp, long length);
-
-OCSP_CERTID *OCSP_CERTID_new(void);
-void OCSP_CERTID_free(OCSP_CERTID *a);
-int i2d_OCSP_CERTID(OCSP_CERTID *a, unsigned char **pp);
-OCSP_CERTID *d2i_OCSP_CERTID(OCSP_CERTID **a, unsigned char **pp, long length);
-
-OCSP_REQUEST *OCSP_REQUEST_new(void);
-void OCSP_REQUEST_free(OCSP_REQUEST *a);
-int i2d_OCSP_REQUEST(OCSP_REQUEST *a, unsigned char **pp);
-OCSP_REQUEST *d2i_OCSP_REQUEST(OCSP_REQUEST **a, unsigned char **pp, long length);
-
-int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
-
-OCSP_SIGNATURE *OCSP_SIGNATURE_new(void);
-void OCSP_SIGNATURE_free(OCSP_SIGNATURE *a);
-int i2d_OCSP_SIGNATURE(OCSP_SIGNATURE *a, unsigned char **pp);
-OCSP_SIGNATURE *d2i_OCSP_SIGNATURE(OCSP_SIGNATURE **a, unsigned char **pp, long length);
-
-
+DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
+DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
+DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
+DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
+DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
+DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
+DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
+int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
+
+
void ERR_load_OCSP_strings(void);
/* BEGIN ERROR CODES */
int X509_verify(X509 *a, EVP_PKEY *r)
{
- return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,
+ return(ASN1_item_verify(&X509_CINF_it,a->sig_alg,
a->signature,(char *)a->cert_info,r));
}
int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
{
- return( ASN1_verify((int (*)())i2d_X509_REQ_INFO,
+ return( ASN1_item_verify(&X509_REQ_INFO_it,
a->sig_alg,a->signature,(char *)a->req_info,r));
}
int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r)
{
- return(ASN1_verify((int (*)())i2d_X509_CRL_INFO,
+ return(ASN1_item_verify(&X509_CRL_INFO_it,
a->sig_alg, a->signature,(char *)a->crl,r));
}
int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
{
- return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC,
+ return(ASN1_item_verify(&NETSCAPE_SPKAC_it,
a->sig_algor,a->signature, (char *)a->spkac,r));
}
int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
{
- return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature,
+ return(ASN1_item_sign(&X509_CINF_it, x->cert_info->signature,
x->sig_alg, x->signature, (char *)x->cert_info,pkey,md));
}
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
{
- return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL,
+ return(ASN1_item_sign(&X509_REQ_INFO_it,x->sig_alg, NULL,
x->signature, (char *)x->req_info,pkey,md));
}
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
{
- return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,
+ return(ASN1_item_sign(&X509_CRL_INFO_it,x->crl->sig_alg,
x->sig_alg, x->signature, (char *)x->crl,pkey,md));
}
int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
{
- return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL,
+ return(ASN1_item_sign(&NETSCAPE_SPKAC_it, x->sig_algor,NULL,
x->signature, (char *)x->spkac,pkey,md));
}
int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
unsigned int *len)
{
- return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len));
+ return(ASN1_item_digest(&X509_it,type,(char *)data,md,len));
}
int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
unsigned int *len)
{
- return(ASN1_digest((int (*)())i2d_X509_CRL,type,(char *)data,md,len));
+ return(ASN1_item_digest(&X509_CRL_it,type,(char *)data,md,len));
}
int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md,
unsigned int *len)
{
- return(ASN1_digest((int (*)())i2d_X509_REQ,type,(char *)data,md,len));
+ return(ASN1_item_digest(&X509_REQ_it,type,(char *)data,md,len));
}
int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md,
unsigned int *len)
{
- return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len));
+ return(ASN1_item_digest(&X509_NAME_it,type,(char *)data,md,len));
}
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type,
unsigned char *md, unsigned int *len)
{
- return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,
+ return(ASN1_item_digest(&PKCS7_ISSUER_AND_SERIAL_it,type,
(char *)data,md,len));
}