From bc3686dfb031445c5af9a256a46a57dc1277a190 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 31 Aug 2015 12:16:52 +0100 Subject: [PATCH] make X509_CERT_AUX opaque Reviewed-by: Rich Salz --- crypto/asn1/t_x509a.c | 1 + crypto/asn1/x_x509a.c | 1 + crypto/include/internal/x509_int.h | 14 ++++++++++++++ crypto/x509/x509_trs.c | 1 + include/openssl/x509.h | 14 +------------- 5 files changed, 18 insertions(+), 13 deletions(-) diff --git a/crypto/asn1/t_x509a.c b/crypto/asn1/t_x509a.c index 12fedb8edf..06b227e388 100644 --- a/crypto/asn1/t_x509a.c +++ b/crypto/asn1/t_x509a.c @@ -62,6 +62,7 @@ #include #include #include +#include "internal/x509_int.h" /* * X509_CERT_AUX and string set routines diff --git a/crypto/asn1/x_x509a.c b/crypto/asn1/x_x509a.c index e299b1fd50..76608b669f 100644 --- a/crypto/asn1/x_x509a.c +++ b/crypto/asn1/x_x509a.c @@ -62,6 +62,7 @@ #include #include #include +#include "internal/x509_int.h" /* * X509_CERT_AUX routines. These are used to encode additional user diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h index 761f702e7f..644b27d405 100644 --- a/crypto/include/internal/x509_int.h +++ b/crypto/include/internal/x509_int.h @@ -75,3 +75,17 @@ struct X509_name_st { unsigned char *canon_enc; int canon_enclen; } /* X509_NAME */ ; + +/* + * This stuff is certificate "auxiliary info" it contains details which are + * useful in certificate stores and databases. When used this is tagged onto + * the end of the certificate itself + */ + +struct x509_cert_aux_st { + STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ + STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ + ASN1_UTF8STRING *alias; /* "friendly name" */ + ASN1_OCTET_STRING *keyid; /* key id of private key */ + STACK_OF(X509_ALGOR) *other; /* other unspecified info */ +}; diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c index 1912c96551..6e3616e2f2 100644 --- a/crypto/x509/x509_trs.c +++ b/crypto/x509/x509_trs.c @@ -60,6 +60,7 @@ #include #include "internal/cryptlib.h" #include +#include "internal/x509_int.h" static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b); static void trtable_free(X509_TRUST *p); diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 0c2d19a97b..ab8abcaf78 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -196,19 +196,7 @@ typedef struct x509_cinf_st { ASN1_ENCODING enc; } X509_CINF; -/* - * This stuff is certificate "auxiliary info" it contains details which are - * useful in certificate stores and databases. When used this is tagged onto - * the end of the certificate itself - */ - -typedef struct x509_cert_aux_st { - STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ - STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ - ASN1_UTF8STRING *alias; /* "friendly name" */ - ASN1_OCTET_STRING *keyid; /* key id of private key */ - STACK_OF(X509_ALGOR) *other; /* other unspecified info */ -} X509_CERT_AUX; +typedef struct x509_cert_aux_st X509_CERT_AUX; struct x509_st { X509_CINF *cert_info; -- 2.25.1