CAdES : lowercase name for now internal methods.

CAdES : rework CAdES signing API. Make it private, as it is unused outside library bounds. Fix varous doc-nits. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
2024-11-21 01:15:20 +08:00 · 2019-07-31 19:14:12 +10:00 · 2019-07-31 19:14:12 +10:00 · 8c00f267b8
commit 8c00f267b8
parent faea3bd133
13 changed files with 51 additions and 51 deletions
--- a/crypto/cms/cms_ess.c
+++ b/crypto/cms/cms_ess.c
@ -17,6 +17,7 @@
 #include <openssl/ess.h>
 #include "cms_lcl.h"
 #include "internal/ess_int.h"
+#include "internal/cms_int.h"

 IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)

@ -339,12 +340,10 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
 }

 /*
- * Add signer certificate's V2 digest to a SignerInfo
- * structure
+ * Add signer certificate's V2 digest |sc| to a SignerInfo structure |si|
 */

-int CMS_add1_signing_cert_v2(CMS_SignerInfo *si,
-                             ESS_SIGNING_CERT_V2 *sc)
+int cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc)
 {
    ASN1_STRING *seq = NULL;
    unsigned char *p, *pp;
@ -373,11 +372,10 @@ int CMS_add1_signing_cert_v2(CMS_SignerInfo *si,
 }

 /*
- * Add signer certificate's digest to a SignerInfo
- * structure
+ * Add signer certificate's digest |sc| to a SignerInfo structure |si|
 */

-int CMS_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc)
+int cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc)
 {
    ASN1_STRING *seq = NULL;
    unsigned char *p, *pp;
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@ -14,9 +14,12 @@
 #include <openssl/x509v3.h>
 #include <openssl/err.h>
 #include <openssl/cms.h>
+#include <openssl/ess.h>
 #include "cms_lcl.h"
 #include "internal/asn1_int.h"
 #include "internal/evp_int.h"
+#include "internal/cms_int.h"
+#include "internal/ess_int.h"

 /* CMS SignedData Utilities */

@ -355,13 +358,13 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
                if ((sc = ESS_SIGNING_CERT_new_init(signer,
                                                    NULL, 1)) == NULL)
                    goto err;
-                add_sc = CMS_add1_signing_cert(si, sc);
+                add_sc = cms_add1_signing_cert(si, sc);
                ESS_SIGNING_CERT_free(sc);
            } else {
                if ((sc2 = ESS_SIGNING_CERT_V2_new_init(md, signer,
                                                        NULL, 1)) == NULL)
                    goto err;
-                add_sc = CMS_add1_signing_cert_v2(si, sc2);
+                add_sc = cms_add1_signing_cert_v2(si, sc2);
                ESS_SIGNING_CERT_V2_free(sc2);
            }
            if (!add_sc)
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@ -246,8 +246,8 @@ CMS_F_CMS_ADD1_RECEIPTREQUEST:158:CMS_add1_ReceiptRequest
 CMS_F_CMS_ADD1_RECIPIENT_CERT:101:CMS_add1_recipient_cert
 CMS_F_CMS_ADD1_SIGNER:102:CMS_add1_signer
 CMS_F_CMS_ADD1_SIGNINGTIME:103:cms_add1_signingTime
-CMS_F_CMS_ADD1_SIGNING_CERT:181:CMS_add1_signing_cert
-CMS_F_CMS_ADD1_SIGNING_CERT_V2:182:CMS_add1_signing_cert_v2
+CMS_F_CMS_ADD1_SIGNING_CERT:181:cms_add1_signing_cert
+CMS_F_CMS_ADD1_SIGNING_CERT_V2:182:cms_add1_signing_cert_v2
 CMS_F_CMS_COMPRESS:104:CMS_compress
 CMS_F_CMS_COMPRESSEDDATA_CREATE:105:cms_CompressedData_create
 CMS_F_CMS_COMPRESSEDDATA_INIT_BIO:106:cms_CompressedData_init_bio
--- a/crypto/include/internal/cms_int.h
+++ b/crypto/include/internal/cms_int.h
@ -0,0 +1,13 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* internal CMS-ESS related stuff */
+
+int cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc);
+int cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc);
--- a/crypto/include/internal/ess_int.h
+++ b/crypto/include/internal/ess_int.h
@ -12,9 +12,18 @@
 ESS_SIGNING_CERT *ESS_SIGNING_CERT_get(PKCS7_SIGNER_INFO *si);
 int ESS_SIGNING_CERT_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);

+ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
+                                            STACK_OF(X509) *certs,
+                                            int issuer_needed);
+
 ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_get(PKCS7_SIGNER_INFO *si);
 int ESS_SIGNING_CERT_V2_add(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT_V2 *sc);

+ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg,
+                                                  X509 *signcert,
+                                                  STACK_OF(X509) *certs,
+                                                  int issuer_needed);
+
 /*-
 * IssuerSerial ::= SEQUENCE {
 *        issuer                  GeneralNames,
--- a/doc/internal/man3/cms_add1_signing_cert.pod
+++ b/doc/internal/man3/cms_add1_signing_cert.pod
@ -2,7 +2,7 @@

 =head1 NAME

-CMS_add1_signing_cert, CMS_add1_signing_cert_v2
+cms_add1_signing_cert, cms_add1_signing_cert_v2
 - add ESS signing-certificate signed attribute to a
 CMS_SignerInfo data structure

@ -10,15 +10,15 @@ CMS_SignerInfo data structure

 #include <openssl/cms.h>

- int CMS_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc);
+ int cms_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc);

- int CMS_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc2);
+ int cms_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc2);

 =head1 DESCRIPTION

-CMS_add1_signing_cert() adds an ESS Signing Certificate B<sc> (version 1) signed
+cms_add1_signing_cert() adds an ESS Signing Certificate B<sc> (version 1) signed
 attribute to the CMS_SignerInfo B<si>.
-CMS_add1_signing_cert_v2() adds an ESS Signing Certificate B<sc2> (version 2) signed
+cms_add1_signing_cert_v2() adds an ESS Signing Certificate B<sc2> (version 2) signed
 attribute to the CMS_SignerInfo B<si>.
 The ESS Signing Certificate attributes version 1 and 2 are defined in RFC 5035
 which updates Section 5.4 of RFC 2634.
@ -31,7 +31,8 @@ For a fuller description see L<cms(1)>).

 =head1 RETURN VALUES

-CMS_add1_signing_cert() and CMS_add1_signing_cert_v2() return 1 if attribute is added or 0 if an error occurred.
+cms_add1_signing_cert() and cms_add1_signing_cert_v2() return 1 if attribute 
+is added or 0 if an error occurred.

 =head1 COPYRIGHT

--- a/doc/man3/X509_dup.pod
+++ b/doc/man3/X509_dup.pod
@ -52,12 +52,18 @@ EDIPARTYNAME_new,
 ESS_CERT_ID_dup,
 ESS_CERT_ID_free,
 ESS_CERT_ID_new,
+ESS_CERT_ID_V2_dup,
+ESS_CERT_ID_V2_free,
+ESS_CERT_ID_V2_new,
 ESS_ISSUER_SERIAL_dup,
 ESS_ISSUER_SERIAL_free,
 ESS_ISSUER_SERIAL_new,
 ESS_SIGNING_CERT_dup,
 ESS_SIGNING_CERT_free,
 ESS_SIGNING_CERT_new,
+ESS_SIGNING_CERT_V2_dup,
+ESS_SIGNING_CERT_V2_free,
+ESS_SIGNING_CERT_V2_new,
 EXTENDED_KEY_USAGE_free,
 EXTENDED_KEY_USAGE_new,
 GENERAL_NAMES_free,
--- a/doc/man3/d2i_X509.pod
+++ b/doc/man3/d2i_X509.pod
@ -63,8 +63,10 @@ d2i_EC_PUBKEY_bio,
 d2i_EC_PUBKEY_fp,
 d2i_EDIPARTYNAME,
 d2i_ESS_CERT_ID,
+d2i_ESS_CERT_ID_V2,
 d2i_ESS_ISSUER_SERIAL,
 d2i_ESS_SIGNING_CERT,
+d2i_ESS_SIGNING_CERT_V2,
 d2i_EXTENDED_KEY_USAGE,
 d2i_GENERAL_NAME,
 d2i_GENERAL_NAMES,
@ -249,8 +251,10 @@ i2d_EC_PUBKEY_bio,
 i2d_EC_PUBKEY_fp,
 i2d_EDIPARTYNAME,
 i2d_ESS_CERT_ID,
+i2d_ESS_CERT_ID_V2,
 i2d_ESS_ISSUER_SERIAL,
 i2d_ESS_SIGNING_CERT,
+i2d_ESS_SIGNING_CERT_V2,
 i2d_EXTENDED_KEY_USAGE,
 i2d_GENERAL_NAME,
 i2d_GENERAL_NAMES,
--- a/include/openssl/cms.h
+++ b/include/openssl/cms.h
@ -16,7 +16,6 @@
 # include <openssl/x509.h>
 # include <openssl/x509v3.h>
 # include <openssl/cmserr.h>
-# include <openssl/ess.h>
 # ifdef __cplusplus
 extern "C" {
 # endif
@ -285,8 +284,6 @@ int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
                                  const void *bytes, int len);
 void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
                                    int lastpos, int type);
-int CMS_add1_signing_cert(CMS_SignerInfo *si, ESS_SIGNING_CERT *sc);
-int CMS_add1_signing_cert_v2(CMS_SignerInfo *si, ESS_SIGNING_CERT_V2 *sc);

 int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
 CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
--- a/include/openssl/ess.h
+++ b/include/openssl/ess.h
@ -41,9 +41,6 @@ DECLARE_ASN1_DUP_FUNCTION(ESS_CERT_ID)
 DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_SIGNING_CERT)
 DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_SIGNING_CERT, ESS_SIGNING_CERT)
 DECLARE_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT)
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
-                                            STACK_OF(X509) *certs,
-                                            int issuer_needed);

 DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_CERT_ID_V2)
 DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_CERT_ID_V2, ESS_CERT_ID_V2)
@ -52,10 +49,6 @@ DECLARE_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2)
 DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_SIGNING_CERT_V2)
 DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_SIGNING_CERT_V2, ESS_SIGNING_CERT_V2)
 DECLARE_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT_V2)
-ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new_init(const EVP_MD *hash_alg,
-                                                  X509 *signcert,
-                                                  STACK_OF(X509) *certs,
-                                                  int issuer_needed);

 # ifdef  __cplusplus
 }
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@ -4476,10 +4476,6 @@ ASYNC_WAIT_CTX_get_callback             4581	3_0_0	EXIST::FUNCTION:
 ASYNC_WAIT_CTX_set_callback             4582	3_0_0	EXIST::FUNCTION:
 ASYNC_WAIT_CTX_set_status               4583	3_0_0	EXIST::FUNCTION:
 ASYNC_WAIT_CTX_get_status               4584	3_0_0	EXIST::FUNCTION:
-CMS_add1_signing_cert                   4585	3_0_0	EXIST::FUNCTION:CMS
-CMS_add1_signing_cert_v2                4586	3_0_0	EXIST::FUNCTION:CMS
-ESS_SIGNING_CERT_new_init               4587	3_0_0	EXIST::FUNCTION:
-ESS_SIGNING_CERT_V2_new_init            4588	3_0_0	EXIST::FUNCTION:
 ERR_load_ESS_strings                    4589	3_0_0	EXIST::FUNCTION:
 EVP_KDF_CTX_new_id                      4590	3_0_0	EXIST::FUNCTION:
 EVP_KDF_CTX_free                        4591	3_0_0	EXIST::FUNCTION:
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@ -474,12 +474,6 @@ ERR_load_X509_strings
 ERR_load_strings_const
 ERR_set_error_data
 ERR_unload_strings
-ESS_CERT_ID_V2_dup
-ESS_CERT_ID_V2_free
-ESS_CERT_ID_V2_new
-ESS_SIGNING_CERT_V2_dup
-ESS_SIGNING_CERT_V2_free
-ESS_SIGNING_CERT_V2_new
 ESS_SIGNING_CERT_V2_new_init
 ESS_SIGNING_CERT_new_init
 EVP_CIPHER_CTX_buf_noconst
@ -1456,8 +1450,6 @@ b2i_PublicKey_bio
 conf_ssl_get
 conf_ssl_get_cmd
 conf_ssl_name_find
-d2i_ESS_CERT_ID_V2
-d2i_ESS_SIGNING_CERT_V2
 d2i_X509_bio
 d2i_X509_fp
 err_free_strings_int
@ -1469,8 +1461,6 @@ i2a_ASN1_STRING
 i2b_PVK_bio
 i2b_PrivateKey_bio
 i2b_PublicKey_bio
-i2d_ESS_CERT_ID_V2
-i2d_ESS_SIGNING_CERT_V2
 i2d_PrivateKey_bio
 i2d_PrivateKey_fp
 i2d_X509_bio
--- a/util/missingcrypto111.txt
+++ b/util/missingcrypto111.txt
@ -485,12 +485,6 @@ ERR_load_X509_strings
 ERR_load_strings_const
 ERR_set_error_data
 ERR_unload_strings
-ESS_CERT_ID_V2_dup
-ESS_CERT_ID_V2_free
-ESS_CERT_ID_V2_new
-ESS_SIGNING_CERT_V2_dup
-ESS_SIGNING_CERT_V2_free
-ESS_SIGNING_CERT_V2_new
 EVP_CIPHER_CTX_buf_noconst
 EVP_CIPHER_CTX_clear_flags
 EVP_CIPHER_CTX_copy
@ -1571,8 +1565,6 @@ b2i_PublicKey_bio
 conf_ssl_get
 conf_ssl_get_cmd
 conf_ssl_name_find
-d2i_ESS_CERT_ID_V2
-d2i_ESS_SIGNING_CERT_V2
 d2i_X509_bio
 d2i_X509_fp
 err_free_strings_int
@ -1584,8 +1576,6 @@ i2a_ASN1_STRING
 i2b_PVK_bio
 i2b_PrivateKey_bio
 i2b_PublicKey_bio
-i2d_ESS_CERT_ID_V2
-i2d_ESS_SIGNING_CERT_V2
 i2d_PrivateKey_bio
 i2d_PrivateKey_fp
 i2d_X509_bio