Google Git
Sign in
boringssl / boringssl / e60893c098f1c8f1778be4af34de30c5c4c040ee^! / .
commite60893c098f1c8f1778be4af34de30c5c4c040ee[log] [tgz]
authorDavid Benjamin <davidben@google.com>Mon Apr 19 11:09:34 2021 -0400
committerAdam Langley <agl@google.com>Mon Apr 19 16:57:34 2021 +0000
tree81b22f599e606be80d42855f2e8ac1d918f443bc
parent468cde90ca58421d63f4dfeaebcf8bb3fccb4127 [diff]
Make X509_PUBKEY opaque.

Update-Note: Direct accesses of X509_PUBKEY should be replaced with one
of the accessors. I believe all callers have been fixed at this point.

Change-Id: Ib325782867478fb548da1bf5ef0023cf989f125b
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46944
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/x509/internal.h b/crypto/x509/internal.h
index 3d868ab..32af84d 100644
--- a/crypto/x509/internal.h
+++ b/crypto/x509/internal.h

@@ -31,6 +31,12 @@
   ASN1_TIME *notAfter;
 } /* X509_VAL */;
 
+struct X509_pubkey_st {
+  X509_ALGOR *algor;
+  ASN1_BIT_STRING *public_key;
+  EVP_PKEY *pkey;
+} /* X509_PUBKEY */;
+
 
 /* RSA-PSS functions. */
 

diff --git a/crypto/x509/t_req.c b/crypto/x509/t_req.c
index 2fd36f8..8202664 100644
--- a/crypto/x509/t_req.c
+++ b/crypto/x509/t_req.c

@@ -63,6 +63,8 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
+#include "internal.h"
+
 
 int X509_REQ_print_fp(FILE *fp, X509_REQ *x) {
   BIO *bio = BIO_new_fp(fp, BIO_NOCLOSE);

diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index a4f0728..cf20dcd 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c

@@ -68,6 +68,7 @@
 
 #include "../internal.h"
 #include "../x509v3/internal.h"
+#include "internal.h"
 
 
 int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)

diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index f5d3fee..c283e0d 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c

@@ -68,6 +68,7 @@
 #include <openssl/thread.h>
 
 #include "../internal.h"
+#include "internal.h"
 
 /* Minor tweak to operation: free up EVP_PKEY */
 static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,

diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c
index 140356d..1cae7e1 100644
--- a/crypto/x509v3/v3_skey.c
+++ b/crypto/x509v3/v3_skey.c

@@ -63,6 +63,7 @@
 #include <openssl/obj.h>
 #include <openssl/x509v3.h>
 
+#include "../x509/internal.h"
 #include "internal.h"
 
 

diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 714a8eb..4916959 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h

@@ -115,12 +115,6 @@
 
 typedef STACK_OF(X509_ALGOR) X509_ALGORS;
 
-struct X509_pubkey_st {
-  X509_ALGOR *algor;
-  ASN1_BIT_STRING *public_key;
-  EVP_PKEY *pkey;
-};
-
 struct X509_sig_st {
   X509_ALGOR *algor;
   ASN1_OCTET_STRING *digest;