Rename X509_att*() stuff to X509at_*(), add X509_REQ wrappers.

CHANGES

@@ -4,6 +4,22 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
+  *) Changes to X509_ATTRIBUTE utilities. These have been renamed from
+     X509_*() to X509at_*() on the grounds that they don't handle X509
+     structures and behave in an analagous way to the X509v3 functions:
+     they shouldn't be called directly but wrapper functions should be used
+     instead.
+
+     So we also now have some wrapper functions that call the X509at functions
+     when passed certificate requests. (TO DO: similar things can be done with
+     PKCS#7 signed and unsigned attributes, PKCS#12 attributes and a few other
+     things. Some of these need some d2i or i2d and print functionality
+     because they handle more complex structures. Also need to modify things
+     like 'req' so it actually calls this stuff instead of the evil hacks it
+     currently uses.)
+
+     [Steve Henson]
+
   *) Add missing #ifndefs that caused missing symbols when building libssl
      as a shared library without RSA.  Use #ifndef NO_SSL2 instead of
      NO_RSA in ssl/s2*.c. 

crypto/x509/x509.h

@@ -1019,27 +1019,37 @@ ASN1_OBJECT *	X509_EXTENSION_get_object(X509_EXTENSION *ex);
 ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
 int		X509_EXTENSION_get_critical(X509_EXTENSION *ex);
 
-
-int X509_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-int X509_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
 			  int lastpos);
-int X509_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
 			  int lastpos);
-X509_ATTRIBUTE *X509_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-X509_ATTRIBUTE *X509_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
-					 X509_ATTRIBUTE *attr, int loc);
+X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
+X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
+					 X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+			ASN1_OBJECT *obj, int type,
+			unsigned char *bytes, int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+			int nid, int type,
+			unsigned char *bytes, int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+			char *attrname, int type,
+			unsigned char *bytes, int len);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
 	     int atrtype, void *data, int len);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
 	     ASN1_OBJECT *obj, int atrtype, void *data, int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
+		char *atrname, int type, unsigned char *bytes, int len);
 int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj);
 int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len);
 void *X509_ATTRIBUTE_iget_data(X509_ATTRIBUTE *attr, int idx,
 					int atrtype, void *data);
 int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
 ASN1_OBJECT *X509_ATTRIBUTE_iget_object(X509_ATTRIBUTE *attr);
-ASN1_TYPE *X509_ATTRIBUTE_type_iget(X509_ATTRIBUTE *attr, int idx);
+ASN1_TYPE *X509_ATTRIBUTE_iget_type(X509_ATTRIBUTE *attr, int idx);
 
 int		X509_verify_cert(X509_STORE_CTX *ctx);
 
@@ -1107,6 +1117,7 @@ int X509_TRUST_get_trust(X509_TRUST *xp);
 #define X509_F_X509_ADD_ATTR				 135
 #define X509_F_X509_ATTRIBUTE_CREATE_BY_NID		 136
 #define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ		 137
+#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT		 140
 #define X509_F_X509_ATTRIBUTE_IGET_DATA			 139
 #define X509_F_X509_ATTRIBUTE_ISET_DATA			 138
 #define X509_F_X509_CHECK_PRIVATE_KEY			 128

crypto/x509/x509_att.c

@@ -65,23 +65,23 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
-int X509_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
+int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
 {
 	if (!x) return 0;
 	return(sk_X509_ATTRIBUTE_num(x));
 }
 
-int X509_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
 			  int lastpos)
 {
 	ASN1_OBJECT *obj;
 
 	obj=OBJ_nid2obj(nid);
 	if (obj == NULL) return(-2);
-	return(X509_get_attr_by_OBJ(x,obj,lastpos));
+	return(X509at_get_attr_by_OBJ(x,obj,lastpos));
 }
 
-int X509_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
 			  int lastpos)
 {
 	int n;
@@ -101,7 +101,7 @@ int X509_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
 	return(-1);
 }
 
-X509_ATTRIBUTE *X509_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
+X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
 {
 	if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
 		return NULL;
@@ -109,7 +109,7 @@ X509_ATTRIBUTE *X509_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
 		return sk_X509_ATTRIBUTE_value(x,loc);
 }
 
-X509_ATTRIBUTE *X509_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
+X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
 {
 	X509_ATTRIBUTE *ret;
 
@@ -119,8 +119,8 @@ X509_ATTRIBUTE *X509_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
 	return(ret);
 }
 
-STACK_OF(X509_ATTRIBUTE) *X509_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
-					 X509_ATTRIBUTE *attr, int loc)
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
+					 X509_ATTRIBUTE *attr)
 {
 	X509_ATTRIBUTE *new_attr=NULL;
 	int n;
@@ -135,12 +135,10 @@ STACK_OF(X509_ATTRIBUTE) *X509_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
 		sk= *x;
 
 	n=sk_X509_ATTRIBUTE_num(sk);
-	if (loc > n) loc=n;
-	else if (loc < 0) loc=n;
 
 	if ((new_attr=X509_ATTRIBUTE_dup(attr)) == NULL)
 		goto err2;
-	if (!sk_X509_ATTRIBUTE_insert(sk,new_attr,loc))
+	if (!sk_X509_ATTRIBUTE_push(sk,new_attr))
 		goto err;
 	if ((x != NULL) && (*x == NULL))
 		*x=sk;
@@ -153,6 +151,45 @@ err2:
 	return(NULL);
 }
 
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+			ASN1_OBJECT *obj, int type,
+			unsigned char *bytes, int len)
+{
+	X509_ATTRIBUTE *attr;
+	STACK_OF(X509_ATTRIBUTE) *ret;
+	attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
+	if(!attr) return 0;
+	ret = X509at_radd_attr(x, attr);
+	X509_ATTRIBUTE_free(attr);
+	return ret;
+}
+
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+			int nid, int type,
+			unsigned char *bytes, int len)
+{
+	X509_ATTRIBUTE *attr;
+	STACK_OF(X509_ATTRIBUTE) *ret;
+	attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
+	if(!attr) return 0;
+	ret = X509at_radd_attr(x, attr);
+	X509_ATTRIBUTE_free(attr);
+	return ret;
+}
+
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+			char *attrname, int type,
+			unsigned char *bytes, int len)
+{
+	X509_ATTRIBUTE *attr;
+	STACK_OF(X509_ATTRIBUTE) *ret;
+	attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
+	if(!attr) return 0;
+	ret = X509at_radd_attr(x, attr);
+	X509_ATTRIBUTE_free(attr);
+	return ret;
+}
+
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
 	     int atrtype, void *data, int len)
 {
@@ -199,6 +236,24 @@ err:
 	return(NULL);
 }
 
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
+		char *atrname, int type, unsigned char *bytes, int len)
+	{
+	ASN1_OBJECT *obj;
+	X509_ATTRIBUTE *nattr;
+
+	obj=OBJ_txt2obj(atrname, 0);
+	if (obj == NULL)
+		{
+		X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
+						X509_R_INVALID_FIELD_NAME);
+		return(NULL);
+		}
+	nattr = X509_ATTRIBUTE_create_by_OBJ(attr,obj,type,bytes,len);
+	ASN1_OBJECT_free(obj);
+	return nattr;
+	}
+
 int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
 {
 	if ((attr == NULL) || (obj == NULL))
@@ -255,7 +310,7 @@ void *X509_ATTRIBUTE_iget_data(X509_ATTRIBUTE *attr, int idx,
 					int atrtype, void *data)
 {
 	ASN1_TYPE *ttmp;
-	ttmp = X509_ATTRIBUTE_type_iget(attr, idx);
+	ttmp = X509_ATTRIBUTE_iget_type(attr, idx);
 	if(!ttmp) return NULL;
 	if(atrtype != ASN1_TYPE_get(ttmp)){
 		X509err(X509_F_X509_ATTRIBUTE_IGET_DATA, X509_R_WRONG_TYPE);
@@ -264,7 +319,7 @@ void *X509_ATTRIBUTE_iget_data(X509_ATTRIBUTE *attr, int idx,
 	return ttmp->value.ptr;
 }
 
-ASN1_TYPE *X509_ATTRIBUTE_type_iget(X509_ATTRIBUTE *attr, int idx)
+ASN1_TYPE *X509_ATTRIBUTE_iget_type(X509_ATTRIBUTE *attr, int idx)
 {
 	if (attr == NULL) return(NULL);
 	if(idx >= X509_ATTRIBUTE_count(attr)) return NULL;

crypto/x509/x509_err.c

@@ -75,6 +75,7 @@ static ERR_STRING_DATA X509_str_functs[]=
 {ERR_PACK(0,X509_F_X509_ADD_ATTR,0),	"X509_ADD_ATTR"},
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0),	"X509_ATTRIBUTE_create_by_NID"},
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0),	"X509_ATTRIBUTE_create_by_OBJ"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0),	"X509_ATTRIBUTE_CREATE_BY_TXT"},
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_IGET_DATA,0),	"X509_ATTRIBUTE_iget_data"},
 {ERR_PACK(0,X509_F_X509_ATTRIBUTE_ISET_DATA,0),	"X509_ATTRIBUTE_ISET_DATA"},
 {ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0),	"X509_check_private_key"},

crypto/x509/x509_req.c

@@ -214,3 +214,65 @@ int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts)
 {
 	return X509_REQ_add_extensions_nid(req, exts, NID_ext_req);
 }
+
+/* Request attribute functions */
+
+int X509_REQ_get_attr_count(const X509_REQ *req)
+{
+	return X509at_get_attr_count(req->req_info->attributes);
+}
+
+int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
+			  int lastpos)
+{
+	return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos);
+}
+
+int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
+			  int lastpos)
+{
+	return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos);
+}
+
+X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)
+{
+	return X509at_get_attr(req->req_info->attributes, loc);
+}
+
+X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
+{
+	return X509at_delete_attr(req->req_info->attributes, loc);
+}
+
+int X509_REQ_radd_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
+{
+	if(X509at_radd_attr(&req->req_info->attributes, attr)) return 1;
+	return 0;
+}
+
+int X509_REQ_radd_attr_by_OBJ(X509_REQ *req,
+			ASN1_OBJECT *obj, int type,
+			unsigned char *bytes, int len)
+{
+	if(X509at_radd_attr_by_OBJ(&req->req_info->attributes, obj,
+				type, bytes, len)) return 1;
+	return 0;
+}
+
+int X509_REQ_radd_attr_by_NID(X509_REQ *req,
+			int nid, int type,
+			unsigned char *bytes, int len)
+{
+	if(X509at_radd_attr_by_NID(&req->req_info->attributes, nid,
+				type, bytes, len)) return 1;
+	return 0;
+}
+
+int X509_REQ_radd_attr_by_txt(X509_REQ *req,
+			char *attrname, int type,
+			unsigned char *bytes, int len)
+{
+	if(X509at_radd_attr_by_txt(&req->req_info->attributes, attrname,
+				type, bytes, len)) return 1;
+	return 0;
+}

util/libeay.num

@@ -2159,20 +2159,20 @@ i2d_PrivateKey_bio                      2183
 X509_reject_clear                       2184
 X509_TRUST_set_default                  2185
 d2i_AutoPrivateKey                      2186
-X509_ATTRIBUTE_type_iget                2187
+X509_ATTRIBUTE_iget_type                2187
 X509_ATTRIBUTE_rset_data                2188
-X509_get_attr                           2189
-X509_get_attr_count                     2190
+X509at_get_attr                         2189
+X509at_get_attr_count                   2190
 X509_ATTRIBUTE_create_by_NID            2191
 X509_ATTRIBUTE_rset_object              2192
 X509_ATTRIBUTE_count                    2193
 X509_ATTRIBUTE_create_by_OBJ            2194
 X509_ATTRIBUTE_iget_object              2195
-X509_get_attr_by_NID                    2196
-X509_radd_attr                          2197
+X509at_get_attr_by_NID                  2196
+X509at_radd_attr                        2197
 X509_ATTRIBUTE_iget_data                2198
-X509_delete_attr                        2199
-X509_get_attr_by_OBJ                    2200
+X509at_delete_attr                      2199
+X509at_get_attr_by_OBJ                  2200
 RAND_add                                2201
 BIO_number_written                      2202
 BIO_number_read                         2203