summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2001-06-11 02:43:20 +0200
committerDr. Stephen Henson <steve@openssl.org>2001-06-11 02:43:20 +0200
commitf2a253e0ddd23c9a7601276f37b536fff53f3f8f (patch)
tree2ef7d83b758e7cee96384caa11cf6f10166fff86
parentmore error codes fixed (diff)
downloadopenssl-f2a253e0ddd23c9a7601276f37b536fff53f3f8f.tar.xz
openssl-f2a253e0ddd23c9a7601276f37b536fff53f3f8f.zip
Add support for MS CSP Name PKCS#12 attribute.
-rw-r--r--CHANGES4
-rw-r--r--apps/pkcs12.c7
-rw-r--r--crypto/asn1/a_strnid.c4
-rw-r--r--crypto/objects/obj_dat.h15
-rw-r--r--crypto/objects/obj_mac.h5
-rw-r--r--crypto/objects/obj_mac.num1
-rw-r--r--crypto/objects/objects.txt2
-rw-r--r--crypto/pkcs12/p12_attr.c155
-rw-r--r--crypto/pkcs12/pkcs12.h2
-rw-r--r--crypto/rsa/rsa_sign.c6
-rw-r--r--crypto/x509/x509.h30
-rw-r--r--crypto/x509/x509_att.c20
-rw-r--r--crypto/x509/x509_req.c10
13 files changed, 99 insertions, 162 deletions
diff --git a/CHANGES b/CHANGES
index 5859004a4c..f3c99b5d2c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -11,6 +11,10 @@
*) applies to 0.9.6a (/0.9.6b) and 0.9.7
+) applies to 0.9.7 only
+ +) Tidy up PKCS#12 attribute handling. Add support for the CSP name
+ attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
+ [Steve Henson]
+
*) Fix OAEP check.
[Ulf Möller, Bodo Möller]
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 90abbb84d2..f277956cd9 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -99,6 +99,7 @@ int MAIN(int argc, char **argv)
BIO *in=NULL, *out = NULL, *inkey = NULL, *certsin = NULL;
char **args;
char *name = NULL;
+ char *csp_name = NULL;
PKCS12 *p12 = NULL;
char pass[50], macpass[50];
int export_cert = 0;
@@ -197,6 +198,11 @@ int MAIN(int argc, char **argv)
args++;
name = *args;
} else badarg = 1;
+ } else if (!strcmp (*args, "-CSP")) {
+ if (args[1]) {
+ args++;
+ csp_name = *args;
+ } else badarg = 1;
} else if (!strcmp (*args, "-caname")) {
if (args[1]) {
args++;
@@ -572,6 +578,7 @@ int MAIN(int argc, char **argv)
PKCS8_PRIV_KEY_INFO_free(p8);
p8 = NULL;
if (name) PKCS12_add_friendlyname (bag, name, -1);
+ if(csp_name) PKCS12_add_CSPName_asc(bag, csp_name, -1);
PKCS12_add_localkeyid (bag, keyid, keyidlen);
bags = sk_PKCS12_SAFEBAG_new_null();
sk_PKCS12_SAFEBAG_push (bags, bag);
diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c
index 732e68fe46..0187ddb015 100644
--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@@ -170,8 +170,10 @@ static ASN1_STRING_TABLE tbl_standard[] = {
{NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
{NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
{NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
+{NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
{NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
-{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}
+{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
+{NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
};
static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 788c69d497..17c806cf08 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -61,12 +61,12 @@
* perl obj_dat.pl obj_mac.h obj_dat.h
*/
-#define NUM_NID 492
-#define NUM_SN 490
-#define NUM_LN 490
-#define NUM_OBJ 464
+#define NUM_NID 493
+#define NUM_SN 491
+#define NUM_LN 491
+#define NUM_OBJ 465
-static unsigned char lvalues[3783]={
+static unsigned char lvalues[3792]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -531,6 +531,7 @@ static unsigned char lvalues[3783]={
0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06, /* [3759] OBJ_X9_62_prime239v3 */
0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07, /* [3767] OBJ_X9_62_prime256v1 */
0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01, /* [3775] OBJ_ecdsa_with_SHA1 */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3782] OBJ_ms_csp_name */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -1284,6 +1285,7 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3767]),0},
{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
&(lvalues[3775]),0},
+{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3782]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -1312,6 +1314,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[410]),/* "CCITT" */
&(nid_objs[13]),/* "CN" */
&(nid_objs[141]),/* "CRLReason" */
+&(nid_objs[492]),/* "CSPName" */
&(nid_objs[367]),/* "CrlID" */
&(nid_objs[107]),/* "D" */
&(nid_objs[391]),/* "DC" */
@@ -1807,6 +1810,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[142]),/* "Invalidity Date" */
&(nid_objs[388]),/* "Mail" */
&(nid_objs[383]),/* "Management" */
+&(nid_objs[492]),/* "Microsoft CSP Name" */
&(nid_objs[135]),/* "Microsoft Commercial Code Signing" */
&(nid_objs[138]),/* "Microsoft Encrypted File System" */
&(nid_objs[171]),/* "Microsoft Extension Request" */
@@ -2542,6 +2546,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[188]),/* OBJ_SMIME 1 2 840 113549 1 9 16 */
&(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */
&(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */
+&(nid_objs[492]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */
&(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */
&(nid_objs[315]),/* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */
&(nid_objs[316]),/* OBJ_id_regCtrl_authenticator 1 3 6 1 5 5 7 5 1 2 */
diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h
index 37ca4efffa..cd114a2600 100644
--- a/crypto/objects/obj_mac.h
+++ b/crypto/objects/obj_mac.h
@@ -639,6 +639,11 @@
#define NID_localKeyID 157
#define OBJ_localKeyID OBJ_pkcs9,21L
+#define SN_ms_csp_name "CSPName"
+#define LN_ms_csp_name "Microsoft CSP Name"
+#define NID_ms_csp_name 492
+#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L
+
#define OBJ_certTypes OBJ_pkcs9,22L
#define LN_x509Certificate "x509Certificate"
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 355a2b55f6..362bdb713d 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -489,3 +489,4 @@ X9_62_prime239v2 488
X9_62_prime239v3 489
X9_62_prime256v1 490
ecdsa_with_SHA1 491
+ms_csp_name 492
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 1e51416c73..86d337d01e 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -201,6 +201,8 @@ id-smime-cti 6 : id-smime-cti-ets-proofOfCreation
pkcs9 20 : : friendlyName
pkcs9 21 : : localKeyID
+!Cname ms-csp-name
+1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name
!Alias certTypes pkcs9 22
certTypes 1 : : x509Certificate
certTypes 2 : : sdsiCertificate
diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c
index 2d4d04292a..026cf3826a 100644
--- a/crypto/pkcs12/p12_attr.c
+++ b/crypto/pkcs12/p12_attr.c
@@ -62,156 +62,63 @@
/* Add a local keyid to a safebag */
-int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name,
+int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
int namelen)
{
- X509_ATTRIBUTE *attrib;
- ASN1_BMPSTRING *oct;
- ASN1_TYPE *keyid;
- if (!(keyid = ASN1_TYPE_new ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- keyid->type = V_ASN1_OCTET_STRING;
- if (!(oct = M_ASN1_OCTET_STRING_new())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!M_ASN1_OCTET_STRING_set(oct, name, namelen)) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- keyid->value.octet_string = oct;
- if (!(attrib = X509_ATTRIBUTE_new ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- attrib->object = OBJ_nid2obj(NID_localKeyID);
- if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- sk_ASN1_TYPE_push (attrib->value.set,keyid);
- attrib->single = 0;
- if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
+ if (X509at_add1_attr_by_NID(&bag->attrib, NID_localKeyID,
+ V_ASN1_OCTET_STRING, name, namelen))
+ return 1;
+ else
return 0;
- }
- sk_X509_ATTRIBUTE_push (bag->attrib, attrib);
- return 1;
}
/* Add key usage to PKCS#8 structure */
-int PKCS8_add_keyusage (PKCS8_PRIV_KEY_INFO *p8, int usage)
+int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
{
- X509_ATTRIBUTE *attrib;
- ASN1_BIT_STRING *bstr;
- ASN1_TYPE *keyid;
unsigned char us_val;
us_val = (unsigned char) usage;
- if (!(keyid = ASN1_TYPE_new ())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- keyid->type = V_ASN1_BIT_STRING;
- if (!(bstr = M_ASN1_BIT_STRING_new())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!M_ASN1_BIT_STRING_set(bstr, &us_val, 1)) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- keyid->value.bit_string = bstr;
- if (!(attrib = X509_ATTRIBUTE_new ())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- attrib->object = OBJ_nid2obj(NID_key_usage);
- if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
+ if (X509at_add1_attr_by_NID(&p8->attributes, NID_key_usage,
+ V_ASN1_BIT_STRING, &us_val, 1))
+ return 1;
+ else
return 0;
- }
- sk_ASN1_TYPE_push (attrib->value.set,keyid);
- attrib->single = 0;
- if (!p8->attributes
- && !(p8->attributes = sk_X509_ATTRIBUTE_new_null ())) {
- PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- sk_X509_ATTRIBUTE_push (p8->attributes, attrib);
- return 1;
}
/* Add a friendlyname to a safebag */
-int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name,
+int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
int namelen)
{
- unsigned char *uniname;
- int ret, unilen;
- if (!asc2uni(name, namelen, &uniname, &unilen)) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,
- ERR_R_MALLOC_FAILURE);
+ if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
+ MBSTRING_ASC, (unsigned char *)name, namelen))
+ return 1;
+ else
return 0;
- }
- ret = PKCS12_add_friendlyname_uni (bag, uniname, unilen);
- OPENSSL_free(uniname);
- return ret;
}
-
-int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag,
+
+int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
const unsigned char *name, int namelen)
{
- X509_ATTRIBUTE *attrib;
- ASN1_BMPSTRING *bmp;
- ASN1_TYPE *fname;
- /* Zap ending double null if included */
- if(!name[namelen - 1] && !name[namelen - 2]) namelen -= 2;
- if (!(fname = ASN1_TYPE_new ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- fname->type = V_ASN1_BMPSTRING;
- if (!(bmp = M_ASN1_BMPSTRING_new())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!(bmp->data = OPENSSL_malloc (namelen))) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
+ if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
+ MBSTRING_BMP, name, namelen))
+ return 1;
+ else
return 0;
- }
- memcpy (bmp->data, name, namelen);
- bmp->length = namelen;
- fname->value.bmpstring = bmp;
- if (!(attrib = X509_ATTRIBUTE_new ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- attrib->object = OBJ_nid2obj(NID_friendlyName);
- if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- sk_ASN1_TYPE_push (attrib->value.set,fname);
- attrib->single = 0;
- if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
- PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
- ERR_R_MALLOC_FAILURE);
+}
+
+int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
+ int namelen)
+{
+ if (X509at_add1_attr_by_NID(&bag->attrib, NID_ms_csp_name,
+ MBSTRING_ASC, (unsigned char *)name, namelen))
+ return 1;
+ else
return 0;
- }
- sk_X509_ATTRIBUTE_push (bag->attrib, attrib);
- return PKCS12_OK;
}
-ASN1_TYPE *PKCS12_get_attr_gen (STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
+ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
{
X509_ATTRIBUTE *attrib;
int i;
diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h
index 01c20ddc6e..611762777d 100644
--- a/crypto/pkcs12/pkcs12.h
+++ b/crypto/pkcs12/pkcs12.h
@@ -201,6 +201,8 @@ STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen);
int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
int namelen);
+int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
+ int namelen);
int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,
int namelen);
int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
index 009fba199e..2a440901de 100644
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -77,7 +77,8 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
const unsigned char *s = NULL;
X509_ALGOR algor;
ASN1_OCTET_STRING digest;
- if(rsa->flags & RSA_FLAG_SIGN_VER)
+ if((rsa->flags & RSA_FLAG_SIGN_VER)
+ && ENGINE_get_RSA(rsa->engine)->rsa_sign)
return ENGINE_get_RSA(rsa->engine)->rsa_sign(type,
m, m_len, sigret, siglen, rsa);
/* Special case: SSL signature, just check the length */
@@ -154,7 +155,8 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
return(0);
}
- if(rsa->flags & RSA_FLAG_SIGN_VER)
+ if((rsa->flags & RSA_FLAG_SIGN_VER)
+ && ENGINE_get_RSA(rsa->engine)->rsa_verify)
return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype,
m, m_len, sigbuf, siglen, rsa);
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 16a5653b1d..4951bad8cc 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -967,14 +967,14 @@ X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
- ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len);
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len);
int X509_REQ_add1_attr_by_NID(X509_REQ *req,
int nid, int type,
- unsigned char *bytes, int len);
+ const unsigned char *bytes, int len);
int X509_REQ_add1_attr_by_txt(X509_REQ *req,
- char *attrname, int type,
- unsigned char *bytes, int len);
+ const char *attrname, int type,
+ const unsigned char *bytes, int len);
int X509_check_private_key(X509 *x509,EVP_PKEY *pkey);
@@ -1113,22 +1113,22 @@ X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
X509_ATTRIBUTE *attr);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
- ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len);
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
int nid, int type,
- unsigned char *bytes, int len);
+ const unsigned char *bytes, int len);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
- char *attrname, int type,
- unsigned char *bytes, int len);
+ const char *attrname, int type,
+ const unsigned char *bytes, int len);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
- int atrtype, void *data, int len);
+ int atrtype, const void *data, int len);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
- ASN1_OBJECT *obj, int atrtype, void *data, int len);
+ const ASN1_OBJECT *obj, int atrtype, const void *data, int len);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
- char *atrname, int type, unsigned char *bytes, int len);
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len);
+ const char *atrname, int type, const unsigned char *bytes, int len);
+int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
+int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len);
void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
int atrtype, void *data);
int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c
index f074d2ab18..0bae3d32a1 100644
--- a/crypto/x509/x509_att.c
+++ b/crypto/x509/x509_att.c
@@ -149,8 +149,8 @@ err2:
}
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
- ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len)
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len)
{
X509_ATTRIBUTE *attr;
STACK_OF(X509_ATTRIBUTE) *ret;
@@ -163,7 +163,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
int nid, int type,
- unsigned char *bytes, int len)
+ const unsigned char *bytes, int len)
{
X509_ATTRIBUTE *attr;
STACK_OF(X509_ATTRIBUTE) *ret;
@@ -175,8 +175,8 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
}
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
- char *attrname, int type,
- unsigned char *bytes, int len)
+ const char *attrname, int type,
+ const unsigned char *bytes, int len)
{
X509_ATTRIBUTE *attr;
STACK_OF(X509_ATTRIBUTE) *ret;
@@ -188,7 +188,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
}
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
- int atrtype, void *data, int len)
+ int atrtype, const void *data, int len)
{
ASN1_OBJECT *obj;
X509_ATTRIBUTE *ret;
@@ -205,7 +205,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
}
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
- ASN1_OBJECT *obj, int atrtype, void *data, int len)
+ const ASN1_OBJECT *obj, int atrtype, const void *data, int len)
{
X509_ATTRIBUTE *ret;
@@ -234,7 +234,7 @@ err:
}
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
- char *atrname, int type, unsigned char *bytes, int len)
+ const char *atrname, int type, const unsigned char *bytes, int len)
{
ASN1_OBJECT *obj;
X509_ATTRIBUTE *nattr;
@@ -252,7 +252,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
return nattr;
}
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
+int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
{
if ((attr == NULL) || (obj == NULL))
return(0);
@@ -261,7 +261,7 @@ int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
return(1);
}
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len)
+int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len)
{
ASN1_TYPE *ttmp;
ASN1_STRING *stmp;
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index e2766e1a5f..0affa3bf30 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -251,8 +251,8 @@ int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
}
int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
- ASN1_OBJECT *obj, int type,
- unsigned char *bytes, int len)
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len)
{
if(X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj,
type, bytes, len)) return 1;
@@ -261,7 +261,7 @@ int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
int X509_REQ_add1_attr_by_NID(X509_REQ *req,
int nid, int type,
- unsigned char *bytes, int len)
+ const unsigned char *bytes, int len)
{
if(X509at_add1_attr_by_NID(&req->req_info->attributes, nid,
type, bytes, len)) return 1;
@@ -269,8 +269,8 @@ int X509_REQ_add1_attr_by_NID(X509_REQ *req,
}
int X509_REQ_add1_attr_by_txt(X509_REQ *req,
- char *attrname, int type,
- unsigned char *bytes, int len)
+ const char *attrname, int type,
+ const unsigned char *bytes, int len)
{
if(X509at_add1_attr_by_txt(&req->req_info->attributes, attrname,
type, bytes, len)) return 1;