Remove most PBEPARAM stuff from public visibility

The struct itself needs to remain public, unfortunately. ok jsing
author: tb <> 2024-03-02 10:17:37 +0000
committer: tb <> 2024-03-02 10:17:37 +0000
commit: fdfad9e1701882b4e72b41155a9c8e4ef338ddbf (patch)
tree: 4111116bc9b99272485abcc1794b98f58991ba5f
parent: b88286b09abf67a2644f5e950fb27492f55b3b3e (diff)
download: openbsd-fdfad9e1701882b4e72b41155a9c8e4ef338ddbf.tar.gz
openbsd-fdfad9e1701882b4e72b41155a9c8e4ef338ddbf.tar.bz2
openbsd-fdfad9e1701882b4e72b41155a9c8e4ef338ddbf.zip
6 files changed, 40 insertions, 50 deletions
diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index 88c618de26..7a27d6d1a3 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -1810,15 +1810,7 @@ OpenSSL_add_all_ciphers
 OpenSSL_add_all_digests
 OpenSSL_version
 OpenSSL_version_num
-PBE2PARAM_free
-PBE2PARAM_it
-PBE2PARAM_new
-PBEPARAM_free
 PBEPARAM_it
-PBEPARAM_new
-PBKDF2PARAM_free
-PBKDF2PARAM_it
-PBKDF2PARAM_new
 PEM_ASN1_read
 PEM_ASN1_read_bio
 PEM_ASN1_write
@@ -3182,9 +3174,6 @@ d2i_OCSP_SERVICELOC
 d2i_OCSP_SIGNATURE
 d2i_OCSP_SINGLERESP
 d2i_OTHERNAME
-d2i_PBE2PARAM
-d2i_PBEPARAM
-d2i_PBKDF2PARAM
 d2i_PKCS12
 d2i_PKCS12_SAFEBAG
 d2i_PKCS12_bio
@@ -3377,9 +3366,6 @@ i2d_OCSP_SERVICELOC
 i2d_OCSP_SIGNATURE
 i2d_OCSP_SINGLERESP
 i2d_OTHERNAME
-i2d_PBE2PARAM
-i2d_PBEPARAM
-i2d_PBKDF2PARAM
 i2d_PKCS12
 i2d_PKCS12_SAFEBAG
 i2d_PKCS12_bio
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c
index 204e818286..0b628b36d9 100644
--- a/src/lib/libcrypto/asn1/p5_pbe.c
+++ b/src/lib/libcrypto/asn1/p5_pbe.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p5_pbe.c,v 1.25 2023/07/07 19:37:52 beck Exp $ */
+/* $OpenBSD: p5_pbe.c,v 1.26 2024/03/02 10:17:37 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -64,6 +64,8 @@
 #include <openssl/err.h>
 #include <openssl/x509.h>
+#include "x509_local.h"
 /* PKCS#5 password based encryption structure */
 static const ASN1_TEMPLATE PBEPARAM_seq_tt[] = {
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c
index 8ee752c020..ebb20c296f 100644
--- a/src/lib/libcrypto/asn1/p5_pbev2.c
+++ b/src/lib/libcrypto/asn1/p5_pbev2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p5_pbev2.c,v 1.31 2024/02/18 15:44:10 tb Exp $ */
+/* $OpenBSD: p5_pbev2.c,v 1.32 2024/03/02 10:17:37 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999-2004.
 */
@@ -65,6 +65,7 @@
 #include <openssl/x509.h>
 #include "evp_local.h"
+#include "x509_local.h"
 /* PKCS#5 v2.0 password based encryption structures */
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
index 3f1f1ec9a4..a9f5b8fb12 100644
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_pbe.c,v 1.44 2024/03/02 10:15:15 tb Exp $ */
+/* $OpenBSD: evp_pbe.c,v 1.45 2024/03/02 10:17:37 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -70,6 +70,7 @@
 #include "evp_local.h"
 #include "hmac_local.h"
 #include "pkcs12_local.h"
+#include "x509_local.h"
 /* Password based encryption (PBE) functions */
 int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
index fe18202533..bd8497d9c4 100644
--- a/src/lib/libcrypto/x509/x509.h
+++ b/src/lib/libcrypto/x509/x509.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.h,v 1.103 2023/11/02 20:25:48 tb Exp $ */
+/* $OpenBSD: x509.h,v 1.104 2024/03/02 10:17:37 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -328,28 +328,11 @@ typedef struct Netscape_spki_st {
        ASN1_BIT_STRING *signature;
 } NETSCAPE_SPKI;
-/* Password based encryption structure */
 typedef struct PBEPARAM_st {
        ASN1_OCTET_STRING *salt;
        ASN1_INTEGER *iter;
 } PBEPARAM;
-/* Password based encryption V2 structures */
-typedef struct PBE2PARAM_st {
-        X509_ALGOR *keyfunc;
-        X509_ALGOR *encryption;
-} PBE2PARAM;
-typedef struct PBKDF2PARAM_st {
-        /* Usually OCTET STRING but could be anything */
-        ASN1_TYPE *salt;
-        ASN1_INTEGER *iter;
-        ASN1_INTEGER *keylength;
-        X509_ALGOR *prf;
-} PBKDF2PARAM;
 #ifdef  __cplusplus
 }
 #endif
@@ -1033,21 +1016,7 @@ X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name,
                                     ASN1_INTEGER *serial);
 X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name);
-PBEPARAM *PBEPARAM_new(void);
-void PBEPARAM_free(PBEPARAM *a);
-PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len);
-int i2d_PBEPARAM(PBEPARAM *a, unsigned char **out);
 extern const ASN1_ITEM PBEPARAM_it;
-PBE2PARAM *PBE2PARAM_new(void);
-void PBE2PARAM_free(PBE2PARAM *a);
-PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len);
-int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out);
-extern const ASN1_ITEM PBE2PARAM_it;
-PBKDF2PARAM *PBKDF2PARAM_new(void);
-void PBKDF2PARAM_free(PBKDF2PARAM *a);
-PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len);
-int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out);
-extern const ASN1_ITEM PBKDF2PARAM_it;
 int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
                                const unsigned char *salt, int saltlen);
diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h
index f62f5ad57d..1e813797e1 100644
--- a/src/lib/libcrypto/x509/x509_local.h
+++ b/src/lib/libcrypto/x509/x509_local.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: x509_local.h,v 1.18 2024/01/06 17:37:23 tb Exp $ */
+/*      $OpenBSD: x509_local.h,v 1.19 2024/03/02 10:17:37 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2013.
 */
@@ -360,6 +360,37 @@ int X509_policy_check(const STACK_OF(X509) *certs,
    const STACK_OF(ASN1_OBJECT) *user_policies, unsigned long flags,
    X509 **out_current_cert);
+PBEPARAM *PBEPARAM_new(void);
+void PBEPARAM_free(PBEPARAM *a);
+PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len);
+int i2d_PBEPARAM(PBEPARAM *a, unsigned char **out);
+/* Password based encryption V2 structures */
+typedef struct PBE2PARAM_st {
+        X509_ALGOR *keyfunc;
+        X509_ALGOR *encryption;
+} PBE2PARAM;
+PBE2PARAM *PBE2PARAM_new(void);
+void PBE2PARAM_free(PBE2PARAM *a);
+PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len);
+int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out);
+extern const ASN1_ITEM PBE2PARAM_it;
+typedef struct PBKDF2PARAM_st {
+        /* Usually OCTET STRING but could be anything */
+        ASN1_TYPE *salt;
+        ASN1_INTEGER *iter;
+        ASN1_INTEGER *keylength;
+        X509_ALGOR *prf;
+} PBKDF2PARAM;
+PBKDF2PARAM *PBKDF2PARAM_new(void);
+void PBKDF2PARAM_free(PBKDF2PARAM *a);
+PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len);
+int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out);
+extern const ASN1_ITEM PBKDF2PARAM_it;
 __END_HIDDEN_DECLS
 #endif /* !HEADER_X509_LOCAL_H */
author	tb <>	2024-03-02 10:17:37 +0000
committer	tb <>	2024-03-02 10:17:37 +0000
commit	fdfad9e1701882b4e72b41155a9c8e4ef338ddbf (patch)
tree	4111116bc9b99272485abcc1794b98f58991ba5f
parent	b88286b09abf67a2644f5e950fb27492f55b3b3e (diff)
download	openbsd-fdfad9e1701882b4e72b41155a9c8e4ef338ddbf.tar.gz openbsd-fdfad9e1701882b4e72b41155a9c8e4ef338ddbf.tar.bz2 openbsd-fdfad9e1701882b4e72b41155a9c8e4ef338ddbf.zip