From f2a253e0ddd23c9a7601276f37b536fff53f3f8f Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 11 Jun 2001 00:43:20 +0000 Subject: [PATCH] Add support for MS CSP Name PKCS#12 attribute. --- CHANGES | 4 + apps/pkcs12.c | 7 ++ crypto/asn1/a_strnid.c | 4 +- crypto/objects/obj_dat.h | 15 ++-- crypto/objects/obj_mac.h | 5 ++ crypto/objects/obj_mac.num | 1 + crypto/objects/objects.txt | 2 + crypto/pkcs12/p12_attr.c | 155 ++++++++----------------------------- crypto/pkcs12/pkcs12.h | 2 + crypto/rsa/rsa_sign.c | 6 +- crypto/x509/x509.h | 30 +++---- crypto/x509/x509_att.c | 20 ++--- crypto/x509/x509_req.c | 10 +-- 13 files changed, 99 insertions(+), 162 deletions(-) diff --git a/CHANGES b/CHANGES index 5859004a4c..f3c99b5d2c 100644 --- a/CHANGES +++ b/CHANGES @@ -11,6 +11,10 @@ *) applies to 0.9.6a (/0.9.6b) and 0.9.7 +) applies to 0.9.7 only + +) Tidy up PKCS#12 attribute handling. Add support for the CSP name + attribute in PKCS#12 files, add new -CSP option to pkcs12 utility. + [Steve Henson] + *) Fix OAEP check. [Ulf Möller, Bodo Möller] diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 90abbb84d2..f277956cd9 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -99,6 +99,7 @@ int MAIN(int argc, char **argv) BIO *in=NULL, *out = NULL, *inkey = NULL, *certsin = NULL; char **args; char *name = NULL; + char *csp_name = NULL; PKCS12 *p12 = NULL; char pass[50], macpass[50]; int export_cert = 0; @@ -197,6 +198,11 @@ int MAIN(int argc, char **argv) args++; name = *args; } else badarg = 1; + } else if (!strcmp (*args, "-CSP")) { + if (args[1]) { + args++; + csp_name = *args; + } else badarg = 1; } else if (!strcmp (*args, "-caname")) { if (args[1]) { args++; @@ -572,6 +578,7 @@ int MAIN(int argc, char **argv) PKCS8_PRIV_KEY_INFO_free(p8); p8 = NULL; if (name) PKCS12_add_friendlyname (bag, name, -1); + if(csp_name) PKCS12_add_CSPName_asc(bag, csp_name, -1); PKCS12_add_localkeyid (bag, keyid, keyidlen); bags = sk_PKCS12_SAFEBAG_new_null(); sk_PKCS12_SAFEBAG_push (bags, bag); diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index 732e68fe46..0187ddb015 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -170,8 +170,10 @@ static ASN1_STRING_TABLE tbl_standard[] = { {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0}, {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0}, {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0}, +{NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, {NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, -{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK} +{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, +{NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK} }; static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 788c69d497..17c806cf08 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -61,12 +61,12 @@ * perl obj_dat.pl obj_mac.h obj_dat.h */ -#define NUM_NID 492 -#define NUM_SN 490 -#define NUM_LN 490 -#define NUM_OBJ 464 +#define NUM_NID 493 +#define NUM_SN 491 +#define NUM_LN 491 +#define NUM_OBJ 465 -static unsigned char lvalues[3783]={ +static unsigned char lvalues[3792]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -531,6 +531,7 @@ static unsigned char lvalues[3783]={ 0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3759] OBJ_X9_62_prime239v3 */ 0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3767] OBJ_X9_62_prime256v1 */ 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3775] OBJ_ecdsa_with_SHA1 */ +0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3782] OBJ_ms_csp_name */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -1284,6 +1285,7 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3767]),0}, {"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7, &(lvalues[3775]),0}, +{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3782]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -1312,6 +1314,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[410]),/* "CCITT" */ &(nid_objs[13]),/* "CN" */ &(nid_objs[141]),/* "CRLReason" */ +&(nid_objs[492]),/* "CSPName" */ &(nid_objs[367]),/* "CrlID" */ &(nid_objs[107]),/* "D" */ &(nid_objs[391]),/* "DC" */ @@ -1807,6 +1810,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[142]),/* "Invalidity Date" */ &(nid_objs[388]),/* "Mail" */ &(nid_objs[383]),/* "Management" */ +&(nid_objs[492]),/* "Microsoft CSP Name" */ &(nid_objs[135]),/* "Microsoft Commercial Code Signing" */ &(nid_objs[138]),/* "Microsoft Encrypted File System" */ &(nid_objs[171]),/* "Microsoft Extension Request" */ @@ -2542,6 +2546,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[188]),/* OBJ_SMIME 1 2 840 113549 1 9 16 */ &(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */ &(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */ +&(nid_objs[492]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */ &(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */ &(nid_objs[315]),/* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */ &(nid_objs[316]),/* OBJ_id_regCtrl_authenticator 1 3 6 1 5 5 7 5 1 2 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index 37ca4efffa..cd114a2600 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -639,6 +639,11 @@ #define NID_localKeyID 157 #define OBJ_localKeyID OBJ_pkcs9,21L +#define SN_ms_csp_name "CSPName" +#define LN_ms_csp_name "Microsoft CSP Name" +#define NID_ms_csp_name 492 +#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L + #define OBJ_certTypes OBJ_pkcs9,22L #define LN_x509Certificate "x509Certificate" diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 355a2b55f6..362bdb713d 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -489,3 +489,4 @@ X9_62_prime239v2 488 X9_62_prime239v3 489 X9_62_prime256v1 490 ecdsa_with_SHA1 491 +ms_csp_name 492 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 1e51416c73..86d337d01e 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -201,6 +201,8 @@ id-smime-cti 6 : id-smime-cti-ets-proofOfCreation pkcs9 20 : : friendlyName pkcs9 21 : : localKeyID +!Cname ms-csp-name +1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name !Alias certTypes pkcs9 22 certTypes 1 : : x509Certificate certTypes 2 : : sdsiCertificate diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c index 2d4d04292a..026cf3826a 100644 --- a/crypto/pkcs12/p12_attr.c +++ b/crypto/pkcs12/p12_attr.c @@ -62,156 +62,63 @@ /* Add a local keyid to a safebag */ -int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name, +int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen) { - X509_ATTRIBUTE *attrib; - ASN1_BMPSTRING *oct; - ASN1_TYPE *keyid; - if (!(keyid = ASN1_TYPE_new ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - keyid->type = V_ASN1_OCTET_STRING; - if (!(oct = M_ASN1_OCTET_STRING_new())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!M_ASN1_OCTET_STRING_set(oct, name, namelen)) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - keyid->value.octet_string = oct; - if (!(attrib = X509_ATTRIBUTE_new ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - attrib->object = OBJ_nid2obj(NID_localKeyID); - if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - sk_ASN1_TYPE_push (attrib->value.set,keyid); - attrib->single = 0; - if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); + if (X509at_add1_attr_by_NID(&bag->attrib, NID_localKeyID, + V_ASN1_OCTET_STRING, name, namelen)) + return 1; + else return 0; - } - sk_X509_ATTRIBUTE_push (bag->attrib, attrib); - return 1; } /* Add key usage to PKCS#8 structure */ -int PKCS8_add_keyusage (PKCS8_PRIV_KEY_INFO *p8, int usage) +int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage) { - X509_ATTRIBUTE *attrib; - ASN1_BIT_STRING *bstr; - ASN1_TYPE *keyid; unsigned char us_val; us_val = (unsigned char) usage; - if (!(keyid = ASN1_TYPE_new ())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - keyid->type = V_ASN1_BIT_STRING; - if (!(bstr = M_ASN1_BIT_STRING_new())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!M_ASN1_BIT_STRING_set(bstr, &us_val, 1)) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - keyid->value.bit_string = bstr; - if (!(attrib = X509_ATTRIBUTE_new ())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - attrib->object = OBJ_nid2obj(NID_key_usage); - if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); + if (X509at_add1_attr_by_NID(&p8->attributes, NID_key_usage, + V_ASN1_BIT_STRING, &us_val, 1)) + return 1; + else return 0; - } - sk_ASN1_TYPE_push (attrib->value.set,keyid); - attrib->single = 0; - if (!p8->attributes - && !(p8->attributes = sk_X509_ATTRIBUTE_new_null ())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - sk_X509_ATTRIBUTE_push (p8->attributes, attrib); - return 1; } /* Add a friendlyname to a safebag */ -int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name, +int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen) { - unsigned char *uniname; - int ret, unilen; - if (!asc2uni(name, namelen, &uniname, &unilen)) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC, - ERR_R_MALLOC_FAILURE); + if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName, + MBSTRING_ASC, (unsigned char *)name, namelen)) + return 1; + else return 0; - } - ret = PKCS12_add_friendlyname_uni (bag, uniname, unilen); - OPENSSL_free(uniname); - return ret; } - -int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag, + +int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, int namelen) { - X509_ATTRIBUTE *attrib; - ASN1_BMPSTRING *bmp; - ASN1_TYPE *fname; - /* Zap ending double null if included */ - if(!name[namelen - 1] && !name[namelen - 2]) namelen -= 2; - if (!(fname = ASN1_TYPE_new ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); - return 0; - } - fname->type = V_ASN1_BMPSTRING; - if (!(bmp = M_ASN1_BMPSTRING_new())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); - return 0; - } - if (!(bmp->data = OPENSSL_malloc (namelen))) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); + if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName, + MBSTRING_BMP, name, namelen)) + return 1; + else return 0; - } - memcpy (bmp->data, name, namelen); - bmp->length = namelen; - fname->value.bmpstring = bmp; - if (!(attrib = X509_ATTRIBUTE_new ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); - return 0; - } - attrib->object = OBJ_nid2obj(NID_friendlyName); - if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME, - ERR_R_MALLOC_FAILURE); - return 0; - } - sk_ASN1_TYPE_push (attrib->value.set,fname); - attrib->single = 0; - if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); +} + +int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, + int namelen) +{ + if (X509at_add1_attr_by_NID(&bag->attrib, NID_ms_csp_name, + MBSTRING_ASC, (unsigned char *)name, namelen)) + return 1; + else return 0; - } - sk_X509_ATTRIBUTE_push (bag->attrib, attrib); - return PKCS12_OK; } -ASN1_TYPE *PKCS12_get_attr_gen (STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid) +ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid) { X509_ATTRIBUTE *attrib; int i; diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h index 01c20ddc6e..611762777d 100644 --- a/crypto/pkcs12/pkcs12.h +++ b/crypto/pkcs12/pkcs12.h @@ -201,6 +201,8 @@ STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12); int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen); int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen); +int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, + int namelen); int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, int namelen); int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage); diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 009fba199e..2a440901de 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -77,7 +77,8 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, const unsigned char *s = NULL; X509_ALGOR algor; ASN1_OCTET_STRING digest; - if(rsa->flags & RSA_FLAG_SIGN_VER) + if((rsa->flags & RSA_FLAG_SIGN_VER) + && ENGINE_get_RSA(rsa->engine)->rsa_sign) return ENGINE_get_RSA(rsa->engine)->rsa_sign(type, m, m_len, sigret, siglen, rsa); /* Special case: SSL signature, just check the length */ @@ -154,7 +155,8 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, return(0); } - if(rsa->flags & RSA_FLAG_SIGN_VER) + if((rsa->flags & RSA_FLAG_SIGN_VER) + && ENGINE_get_RSA(rsa->engine)->rsa_verify) return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 16a5653b1d..4951bad8cc 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -967,14 +967,14 @@ X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, - ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len); + const ASN1_OBJECT *obj, int type, + const unsigned char *bytes, int len); int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid, int type, - unsigned char *bytes, int len); + const unsigned char *bytes, int len); int X509_REQ_add1_attr_by_txt(X509_REQ *req, - char *attrname, int type, - unsigned char *bytes, int len); + const char *attrname, int type, + const unsigned char *bytes, int len); int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); @@ -1113,22 +1113,22 @@ X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr); STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, - ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len); + const ASN1_OBJECT *obj, int type, + const unsigned char *bytes, int len); STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, - unsigned char *bytes, int len); + const unsigned char *bytes, int len); STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, - char *attrname, int type, - unsigned char *bytes, int len); + const char *attrname, int type, + const unsigned char *bytes, int len); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, - int atrtype, void *data, int len); + int atrtype, const void *data, int len); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, - ASN1_OBJECT *obj, int atrtype, void *data, int len); + const ASN1_OBJECT *obj, int atrtype, const void *data, int len); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, - char *atrname, int type, unsigned char *bytes, int len); -int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj); -int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len); + const char *atrname, int type, const unsigned char *bytes, int len); +int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); +int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len); void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, void *data); int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c index f074d2ab18..0bae3d32a1 100644 --- a/crypto/x509/x509_att.c +++ b/crypto/x509/x509_att.c @@ -149,8 +149,8 @@ err2: } STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, - ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len) + const ASN1_OBJECT *obj, int type, + const unsigned char *bytes, int len) { X509_ATTRIBUTE *attr; STACK_OF(X509_ATTRIBUTE) *ret; @@ -163,7 +163,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, - unsigned char *bytes, int len) + const unsigned char *bytes, int len) { X509_ATTRIBUTE *attr; STACK_OF(X509_ATTRIBUTE) *ret; @@ -175,8 +175,8 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, } STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, - char *attrname, int type, - unsigned char *bytes, int len) + const char *attrname, int type, + const unsigned char *bytes, int len) { X509_ATTRIBUTE *attr; STACK_OF(X509_ATTRIBUTE) *ret; @@ -188,7 +188,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, } X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, - int atrtype, void *data, int len) + int atrtype, const void *data, int len) { ASN1_OBJECT *obj; X509_ATTRIBUTE *ret; @@ -205,7 +205,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, } X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, - ASN1_OBJECT *obj, int atrtype, void *data, int len) + const ASN1_OBJECT *obj, int atrtype, const void *data, int len) { X509_ATTRIBUTE *ret; @@ -234,7 +234,7 @@ err: } X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, - char *atrname, int type, unsigned char *bytes, int len) + const char *atrname, int type, const unsigned char *bytes, int len) { ASN1_OBJECT *obj; X509_ATTRIBUTE *nattr; @@ -252,7 +252,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, return nattr; } -int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj) +int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) { if ((attr == NULL) || (obj == NULL)) return(0); @@ -261,7 +261,7 @@ int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj) return(1); } -int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len) +int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len) { ASN1_TYPE *ttmp; ASN1_STRING *stmp; diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index e2766e1a5f..0affa3bf30 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -251,8 +251,8 @@ int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr) } int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, - ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len) + const ASN1_OBJECT *obj, int type, + const unsigned char *bytes, int len) { if(X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj, type, bytes, len)) return 1; @@ -261,7 +261,7 @@ int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid, int type, - unsigned char *bytes, int len) + const unsigned char *bytes, int len) { if(X509at_add1_attr_by_NID(&req->req_info->attributes, nid, type, bytes, len)) return 1; @@ -269,8 +269,8 @@ int X509_REQ_add1_attr_by_NID(X509_REQ *req, } int X509_REQ_add1_attr_by_txt(X509_REQ *req, - char *attrname, int type, - unsigned char *bytes, int len) + const char *attrname, int type, + const unsigned char *bytes, int len) { if(X509at_add1_attr_by_txt(&req->req_info->attributes, attrname, type, bytes, len)) return 1; -- 2.25.1