From: tb Date: Sat, 2 Mar 2024 10:17:37 +0000 (+0000) Subject: Remove most PBEPARAM stuff from public visibility X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2c9362b1f10ee1ed41722672ff8c864fdc588bb4;p=openbsd Remove most PBEPARAM stuff from public visibility The struct itself needs to remain public, unfortunately. ok jsing --- diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list index 88c618de265..7a27d6d1a32 100644 --- a/lib/libcrypto/Symbols.list +++ b/lib/libcrypto/Symbols.list @@ -1810,15 +1810,7 @@ OpenSSL_add_all_ciphers OpenSSL_add_all_digests OpenSSL_version OpenSSL_version_num -PBE2PARAM_free -PBE2PARAM_it -PBE2PARAM_new -PBEPARAM_free PBEPARAM_it -PBEPARAM_new -PBKDF2PARAM_free -PBKDF2PARAM_it -PBKDF2PARAM_new PEM_ASN1_read PEM_ASN1_read_bio PEM_ASN1_write @@ -3182,9 +3174,6 @@ d2i_OCSP_SERVICELOC d2i_OCSP_SIGNATURE d2i_OCSP_SINGLERESP d2i_OTHERNAME -d2i_PBE2PARAM -d2i_PBEPARAM -d2i_PBKDF2PARAM d2i_PKCS12 d2i_PKCS12_SAFEBAG d2i_PKCS12_bio @@ -3377,9 +3366,6 @@ i2d_OCSP_SERVICELOC i2d_OCSP_SIGNATURE i2d_OCSP_SINGLERESP i2d_OTHERNAME -i2d_PBE2PARAM -i2d_PBEPARAM -i2d_PBKDF2PARAM i2d_PKCS12 i2d_PKCS12_SAFEBAG i2d_PKCS12_bio diff --git a/lib/libcrypto/asn1/p5_pbe.c b/lib/libcrypto/asn1/p5_pbe.c index 204e818286d..0b628b36d92 100644 --- a/lib/libcrypto/asn1/p5_pbe.c +++ b/lib/libcrypto/asn1/p5_pbe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p5_pbe.c,v 1.25 2023/07/07 19:37:52 beck Exp $ */ +/* $OpenBSD: p5_pbe.c,v 1.26 2024/03/02 10:17:37 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -64,6 +64,8 @@ #include #include +#include "x509_local.h" + /* PKCS#5 password based encryption structure */ static const ASN1_TEMPLATE PBEPARAM_seq_tt[] = { diff --git a/lib/libcrypto/asn1/p5_pbev2.c b/lib/libcrypto/asn1/p5_pbev2.c index 8ee752c0207..ebb20c296fc 100644 --- a/lib/libcrypto/asn1/p5_pbev2.c +++ b/lib/libcrypto/asn1/p5_pbev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p5_pbev2.c,v 1.31 2024/02/18 15:44:10 tb Exp $ */ +/* $OpenBSD: p5_pbev2.c,v 1.32 2024/03/02 10:17:37 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999-2004. */ @@ -65,6 +65,7 @@ #include #include "evp_local.h" +#include "x509_local.h" /* PKCS#5 v2.0 password based encryption structures */ diff --git a/lib/libcrypto/evp/evp_pbe.c b/lib/libcrypto/evp/evp_pbe.c index 3f1f1ec9a4d..a9f5b8fb126 100644 --- a/lib/libcrypto/evp/evp_pbe.c +++ b/lib/libcrypto/evp/evp_pbe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_pbe.c,v 1.44 2024/03/02 10:15:15 tb Exp $ */ +/* $OpenBSD: evp_pbe.c,v 1.45 2024/03/02 10:17:37 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -70,6 +70,7 @@ #include "evp_local.h" #include "hmac_local.h" #include "pkcs12_local.h" +#include "x509_local.h" /* Password based encryption (PBE) functions */ int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h index fe182025330..bd8497d9c4a 100644 --- a/lib/libcrypto/x509/x509.h +++ b/lib/libcrypto/x509/x509.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.h,v 1.103 2023/11/02 20:25:48 tb Exp $ */ +/* $OpenBSD: x509.h,v 1.104 2024/03/02 10:17:37 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -328,28 +328,11 @@ typedef struct Netscape_spki_st { ASN1_BIT_STRING *signature; } NETSCAPE_SPKI; -/* Password based encryption structure */ - typedef struct PBEPARAM_st { ASN1_OCTET_STRING *salt; ASN1_INTEGER *iter; } PBEPARAM; -/* Password based encryption V2 structures */ - -typedef struct PBE2PARAM_st { - X509_ALGOR *keyfunc; - X509_ALGOR *encryption; -} PBE2PARAM; - -typedef struct PBKDF2PARAM_st { - /* Usually OCTET STRING but could be anything */ - ASN1_TYPE *salt; - ASN1_INTEGER *iter; - ASN1_INTEGER *keylength; - X509_ALGOR *prf; -} PBKDF2PARAM; - #ifdef __cplusplus } #endif @@ -1033,21 +1016,7 @@ X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, ASN1_INTEGER *serial); X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); -PBEPARAM *PBEPARAM_new(void); -void PBEPARAM_free(PBEPARAM *a); -PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len); -int i2d_PBEPARAM(PBEPARAM *a, unsigned char **out); extern const ASN1_ITEM PBEPARAM_it; -PBE2PARAM *PBE2PARAM_new(void); -void PBE2PARAM_free(PBE2PARAM *a); -PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len); -int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out); -extern const ASN1_ITEM PBE2PARAM_it; -PBKDF2PARAM *PBKDF2PARAM_new(void); -void PBKDF2PARAM_free(PBKDF2PARAM *a); -PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len); -int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out); -extern const ASN1_ITEM PBKDF2PARAM_it; int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, const unsigned char *salt, int saltlen); diff --git a/lib/libcrypto/x509/x509_local.h b/lib/libcrypto/x509/x509_local.h index f62f5ad57dd..1e813797e12 100644 --- a/lib/libcrypto/x509/x509_local.h +++ b/lib/libcrypto/x509/x509_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_local.h,v 1.18 2024/01/06 17:37:23 tb Exp $ */ +/* $OpenBSD: x509_local.h,v 1.19 2024/03/02 10:17:37 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2013. */ @@ -360,6 +360,37 @@ int X509_policy_check(const STACK_OF(X509) *certs, const STACK_OF(ASN1_OBJECT) *user_policies, unsigned long flags, X509 **out_current_cert); +PBEPARAM *PBEPARAM_new(void); +void PBEPARAM_free(PBEPARAM *a); +PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len); +int i2d_PBEPARAM(PBEPARAM *a, unsigned char **out); + +/* Password based encryption V2 structures */ +typedef struct PBE2PARAM_st { + X509_ALGOR *keyfunc; + X509_ALGOR *encryption; +} PBE2PARAM; + +PBE2PARAM *PBE2PARAM_new(void); +void PBE2PARAM_free(PBE2PARAM *a); +PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len); +int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out); +extern const ASN1_ITEM PBE2PARAM_it; + +typedef struct PBKDF2PARAM_st { + /* Usually OCTET STRING but could be anything */ + ASN1_TYPE *salt; + ASN1_INTEGER *iter; + ASN1_INTEGER *keylength; + X509_ALGOR *prf; +} PBKDF2PARAM; + +PBKDF2PARAM *PBKDF2PARAM_new(void); +void PBKDF2PARAM_free(PBKDF2PARAM *a); +PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len); +int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out); +extern const ASN1_ITEM PBKDF2PARAM_it; + __END_HIDDEN_DECLS #endif /* !HEADER_X509_LOCAL_H */