Add some OpenSSL compatibility functions and hacks.
Change-Id: Ie42e57441f5fd7d1557a7fc1c648cf3f28b9c4db
Reviewed-on: https://boringssl-review.googlesource.com/28224
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/fipsmodule/ec/ec.c b/crypto/fipsmodule/ec/ec.c
index a937e27..b8a5f55 100644
--- a/crypto/fipsmodule/ec/ec.c
+++ b/crypto/fipsmodule/ec/ec.c
@@ -622,6 +622,20 @@
return ec_GFp_simple_group_get_degree(group);
}
+const char *EC_curve_nid2nist(int nid) {
+ switch (nid) {
+ case NID_secp224r1:
+ return "P-224";
+ case NID_X9_62_prime256v1:
+ return "P-256";
+ case NID_secp384r1:
+ return "P-384";
+ case NID_secp521r1:
+ return "P-521";
+ }
+ return NULL;
+}
+
EC_POINT *EC_POINT_new(const EC_GROUP *group) {
if (group == NULL) {
OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index 69bc6f1..3a73261 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -320,3 +320,23 @@
return 1;
return 0;
}
+
+void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,
+ const X509_ALGOR **palg)
+{
+ if (psig != NULL)
+ *psig = req->signature;
+ if (palg != NULL)
+ *palg = req->sig_alg;
+}
+
+int X509_REQ_get_signature_nid(const X509_REQ *req)
+{
+ return OBJ_obj2nid(req->sig_alg->algorithm);
+}
+
+int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp)
+{
+ req->req_info->enc.modified = 1;
+ return i2d_X509_REQ_INFO(req->req_info, pp);
+}
diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index 413a20d..0aa92bd 100644
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -162,3 +162,8 @@
{
return x->cert_info->extensions;
}
+
+const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x)
+{
+ return x->cert_info->signature;
+}
diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index 2fd48a9..fe269cd 100644
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -135,6 +135,25 @@
return 1;
}
+void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
+ const X509_ALGOR **palg)
+{
+ if (psig != NULL)
+ *psig = crl->signature;
+ if (palg != NULL)
+ *palg = crl->sig_alg;
+}
+
+int X509_CRL_get_signature_nid(const X509_CRL *crl)
+{
+ return OBJ_obj2nid(crl->sig_alg->algorithm);
+}
+
+const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *x)
+{
+ return x->revocationDate;
+}
+
int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
{
ASN1_TIME *in;
@@ -152,6 +171,11 @@
return (in != NULL);
}
+const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *x)
+{
+ return x->serialNumber;
+}
+
int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
{
ASN1_INTEGER *in;
@@ -168,3 +192,9 @@
}
return (in != NULL);
}
+
+int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp)
+{
+ crl->crl->enc.modified = 1;
+ return i2d_X509_CRL_INFO(crl->crl, pp);
+}
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index 01464a1..9ece062 100644
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -313,6 +313,12 @@
return length;
}
+int i2d_re_X509_tbs(X509 *x, unsigned char **pp)
+{
+ x->cert_info->enc.modified = 1;
+ return i2d_X509_CINF(x->cert_info, pp);
+}
+
void X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg,
const X509 *x)
{
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 312a387..69b30c5 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -154,6 +154,11 @@
// element of the field underlying |group|.
OPENSSL_EXPORT unsigned EC_GROUP_get_degree(const EC_GROUP *group);
+// EC_curve_nid2nist returns the NIST name of the elliptic curve specified by
+// |nid|, or NULL if |nid| is not a NIST curve. For example, it returns "P-256"
+// for |NID_X9_62_prime256v1|.
+OPENSSL_EXPORT const char *EC_curve_nid2nist(int nid);
+
// Points on elliptic curves.
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 7816b59..1dffb64 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -797,6 +797,16 @@
OPENSSL_EXPORT DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
+// Preprocessor compatibility section (hidden).
+//
+// Historically, a number of APIs were implemented in OpenSSL as macros and
+// constants to 'ctrl' functions. To avoid breaking #ifdefs in consumers, this
+// section defines a number of legacy macros.
+
+#define EVP_PKEY_CTX_set_rsa_oaep_md EVP_PKEY_CTX_set_rsa_oaep_md
+#define EVP_PKEY_CTX_set0_rsa_oaep_label EVP_PKEY_CTX_set0_rsa_oaep_label
+
+
// Private structures.
struct evp_pkey_st {
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index b336e0f..65d68c4 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -762,6 +762,8 @@
OPENSSL_EXPORT int i2d_X509_AUX(X509 *a,unsigned char **pp);
OPENSSL_EXPORT X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length);
+OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x, unsigned char **pp);
+
OPENSSL_EXPORT void X509_get0_signature(const ASN1_BIT_STRING **psig,
const X509_ALGOR **palg, const X509 *x);
OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x);
@@ -829,9 +831,15 @@
OPENSSL_EXPORT EVP_PKEY * X509_get_pubkey(X509 *x);
OPENSSL_EXPORT ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *x,long version);
OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
+OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req,
+ const ASN1_BIT_STRING **psig,
+ const X509_ALGOR **palg);
+OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req);
+OPENSSL_EXPORT int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);
OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
OPENSSL_EXPORT EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req);
OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
@@ -866,7 +874,17 @@
OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl);
OPENSSL_EXPORT int X509_CRL_up_ref(X509_CRL *crl);
+OPENSSL_EXPORT void X509_CRL_get0_signature(const X509_CRL *crl,
+ const ASN1_BIT_STRING **psig,
+ const X509_ALGOR **palg);
+OPENSSL_EXPORT int X509_CRL_get_signature_nid(const X509_CRL *crl);
+OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp);
+
+OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
+ const X509_REVOKED *x);
OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
+OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
+ const X509_REVOKED *x);
OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
