From: Ezra Peisach Date: Mon, 26 Sep 2011 01:33:07 +0000 (+0000) Subject: Move static function prototypes from header to individual file so header X-Git-Tag: krb5-1.10-alpha1~141 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=cd50eb490861440795fb01320b5fb745727c6920;p=krb5.git Move static function prototypes from header to individual file so header can be used in other files without warning of function defined but never declared. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25234 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c index a1c4ca102..be752f714 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c @@ -42,6 +42,139 @@ #include "pkinit_crypto_openssl.h" +static void openssl_init(void); + +static krb5_error_code pkinit_init_pkinit_oids(pkinit_plg_crypto_context ); +static void pkinit_fini_pkinit_oids(pkinit_plg_crypto_context ); + +static krb5_error_code pkinit_init_dh_params(pkinit_plg_crypto_context ); +static void pkinit_fini_dh_params(pkinit_plg_crypto_context ); + +static krb5_error_code pkinit_init_certs(pkinit_identity_crypto_context ctx); +static void pkinit_fini_certs(pkinit_identity_crypto_context ctx); + +static krb5_error_code pkinit_init_pkcs11(pkinit_identity_crypto_context ctx); +static void pkinit_fini_pkcs11(pkinit_identity_crypto_context ctx); + +static krb5_error_code pkinit_encode_dh_params +(BIGNUM *, BIGNUM *, BIGNUM *, unsigned char **, unsigned int *); +static DH *pkinit_decode_dh_params +(DH **, unsigned char **, unsigned int ); +static int pkinit_check_dh_params +(BIGNUM * p1, BIGNUM * p2, BIGNUM * g1, BIGNUM * q1); + +static krb5_error_code pkinit_sign_data +(krb5_context context, pkinit_identity_crypto_context cryptoctx, + unsigned char *data, unsigned int data_len, + unsigned char **sig, unsigned int *sig_len); + +static krb5_error_code create_signature +(unsigned char **, unsigned int *, unsigned char *, unsigned int, + EVP_PKEY *pkey); + +static krb5_error_code pkinit_decode_data +(krb5_context context, pkinit_identity_crypto_context cryptoctx, + unsigned char *data, unsigned int data_len, + unsigned char **decoded, unsigned int *decoded_len); + +static krb5_error_code decode_data +(unsigned char **, unsigned int *, unsigned char *, unsigned int, + EVP_PKEY *pkey, X509 *cert); + +#ifdef DEBUG_DH +static void print_dh(DH *, char *); +static void print_pubkey(BIGNUM *, char *); +#endif + +static int prepare_enc_data +(unsigned char *indata, int indata_len, unsigned char **outdata, + int *outdata_len); + +static int openssl_callback (int, X509_STORE_CTX *); +static int openssl_callback_ignore_crls (int, X509_STORE_CTX *); + +static int pkcs7_decrypt +(krb5_context context, pkinit_identity_crypto_context id_cryptoctx, + PKCS7 *p7, BIO *bio); + +static BIO * pkcs7_dataDecode +(krb5_context context, pkinit_identity_crypto_context id_cryptoctx, + PKCS7 *p7); + +static ASN1_OBJECT * pkinit_pkcs7type2oid +(pkinit_plg_crypto_context plg_cryptoctx, int pkcs7_type); + +static krb5_error_code pkinit_create_sequence_of_principal_identifiers +(krb5_context context, pkinit_plg_crypto_context plg_cryptoctx, + pkinit_req_crypto_context req_cryptoctx, + pkinit_identity_crypto_context id_cryptoctx, + int type, krb5_data **out_data); + +#ifndef WITHOUT_PKCS11 +static krb5_error_code pkinit_find_private_key +(pkinit_identity_crypto_context, CK_ATTRIBUTE_TYPE usage, + CK_OBJECT_HANDLE *objp); +static krb5_error_code pkinit_login +(krb5_context context, pkinit_identity_crypto_context id_cryptoctx, + CK_TOKEN_INFO *tip); +static krb5_error_code pkinit_open_session +(krb5_context context, pkinit_identity_crypto_context id_cryptoctx); +static void * pkinit_C_LoadModule(const char *modname, CK_FUNCTION_LIST_PTR_PTR p11p); +static CK_RV pkinit_C_UnloadModule(void *handle); +#ifdef SILLYDECRYPT +CK_RV pkinit_C_Decrypt +(pkinit_identity_crypto_context id_cryptoctx, + CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, + CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); +#endif + +static krb5_error_code pkinit_sign_data_pkcs11 +(krb5_context context, pkinit_identity_crypto_context id_cryptoctx, + unsigned char *data, unsigned int data_len, + unsigned char **sig, unsigned int *sig_len); +static krb5_error_code pkinit_decode_data_pkcs11 +(krb5_context context, pkinit_identity_crypto_context id_cryptoctx, + unsigned char *data, unsigned int data_len, + unsigned char **decoded_data, unsigned int *decoded_data_len); +#endif /* WITHOUT_PKCS11 */ + +static krb5_error_code pkinit_sign_data_fs +(krb5_context context, pkinit_identity_crypto_context id_cryptoctx, + unsigned char *data, unsigned int data_len, + unsigned char **sig, unsigned int *sig_len); +static krb5_error_code pkinit_decode_data_fs +(krb5_context context, pkinit_identity_crypto_context id_cryptoctx, + unsigned char *data, unsigned int data_len, + unsigned char **decoded_data, unsigned int *decoded_data_len); + +static krb5_error_code der_decode_data +(unsigned char *, long, unsigned char **, long *); + +static krb5_error_code +create_krb5_invalidCertificates(krb5_context context, + pkinit_plg_crypto_context plg_cryptoctx, + pkinit_req_crypto_context req_cryptoctx, + pkinit_identity_crypto_context id_cryptoctx, + krb5_external_principal_identifier *** ids); + +static krb5_error_code +create_identifiers_from_stack(STACK_OF(X509) *sk, + krb5_external_principal_identifier *** ids); +#ifdef LONGHORN_BETA_COMPAT +static int +wrap_signeddata(unsigned char *data, unsigned int data_len, + unsigned char **out, unsigned int *out_len, + int is_longhorn_server); +#else +static int +wrap_signeddata(unsigned char *data, unsigned int data_len, + unsigned char **out, unsigned int *out_len); +#endif + +static char * +pkinit_pkcs11_code_to_text(int err); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L /* Use CMS support present in OpenSSL 1.0 and later. */ #include diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h index 9c824c811..2e56203b1 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h +++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.h @@ -126,140 +126,8 @@ struct _pkinit_cert_iter_data { unsigned int index; }; -static void openssl_init(void); - -static krb5_error_code pkinit_init_pkinit_oids(pkinit_plg_crypto_context ); -static void pkinit_fini_pkinit_oids(pkinit_plg_crypto_context ); - -static krb5_error_code pkinit_init_dh_params(pkinit_plg_crypto_context ); -static void pkinit_fini_dh_params(pkinit_plg_crypto_context ); - -static krb5_error_code pkinit_init_certs(pkinit_identity_crypto_context ctx); -static void pkinit_fini_certs(pkinit_identity_crypto_context ctx); - -static krb5_error_code pkinit_init_pkcs11(pkinit_identity_crypto_context ctx); -static void pkinit_fini_pkcs11(pkinit_identity_crypto_context ctx); - -static krb5_error_code pkinit_encode_dh_params - (BIGNUM *, BIGNUM *, BIGNUM *, unsigned char **, unsigned int *); -static DH *pkinit_decode_dh_params - (DH **, unsigned char **, unsigned int ); -static int pkinit_check_dh_params - (BIGNUM * p1, BIGNUM * p2, BIGNUM * g1, BIGNUM * q1); - -static krb5_error_code pkinit_sign_data - (krb5_context context, pkinit_identity_crypto_context cryptoctx, - unsigned char *data, unsigned int data_len, - unsigned char **sig, unsigned int *sig_len); - -static krb5_error_code create_signature - (unsigned char **, unsigned int *, unsigned char *, unsigned int, - EVP_PKEY *pkey); - -static krb5_error_code pkinit_decode_data - (krb5_context context, pkinit_identity_crypto_context cryptoctx, - unsigned char *data, unsigned int data_len, - unsigned char **decoded, unsigned int *decoded_len); - -static krb5_error_code decode_data - (unsigned char **, unsigned int *, unsigned char *, unsigned int, - EVP_PKEY *pkey, X509 *cert); - -#ifdef DEBUG_DH -static void print_dh(DH *, char *); -static void print_pubkey(BIGNUM *, char *); -#endif - -static int prepare_enc_data - (unsigned char *indata, int indata_len, unsigned char **outdata, - int *outdata_len); - -static int openssl_callback (int, X509_STORE_CTX *); -static int openssl_callback_ignore_crls (int, X509_STORE_CTX *); - -static int pkcs7_decrypt - (krb5_context context, pkinit_identity_crypto_context id_cryptoctx, - PKCS7 *p7, BIO *bio); - -static BIO * pkcs7_dataDecode - (krb5_context context, pkinit_identity_crypto_context id_cryptoctx, - PKCS7 *p7); - -static ASN1_OBJECT * pkinit_pkcs7type2oid - (pkinit_plg_crypto_context plg_cryptoctx, int pkcs7_type); - -static krb5_error_code pkinit_create_sequence_of_principal_identifiers - (krb5_context context, pkinit_plg_crypto_context plg_cryptoctx, - pkinit_req_crypto_context req_cryptoctx, - pkinit_identity_crypto_context id_cryptoctx, - int type, krb5_data **out_data); - -#ifndef WITHOUT_PKCS11 -static krb5_error_code pkinit_find_private_key - (pkinit_identity_crypto_context, CK_ATTRIBUTE_TYPE usage, - CK_OBJECT_HANDLE *objp); -static krb5_error_code pkinit_login - (krb5_context context, pkinit_identity_crypto_context id_cryptoctx, - CK_TOKEN_INFO *tip); -static krb5_error_code pkinit_open_session - (krb5_context context, pkinit_identity_crypto_context id_cryptoctx); -static void * pkinit_C_LoadModule(const char *modname, CK_FUNCTION_LIST_PTR_PTR p11p); -static CK_RV pkinit_C_UnloadModule(void *handle); -#ifdef SILLYDECRYPT -CK_RV pkinit_C_Decrypt - (pkinit_identity_crypto_context id_cryptoctx, - CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, - CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen); -#endif - -static krb5_error_code pkinit_sign_data_pkcs11 - (krb5_context context, pkinit_identity_crypto_context id_cryptoctx, - unsigned char *data, unsigned int data_len, - unsigned char **sig, unsigned int *sig_len); -static krb5_error_code pkinit_decode_data_pkcs11 - (krb5_context context, pkinit_identity_crypto_context id_cryptoctx, - unsigned char *data, unsigned int data_len, - unsigned char **decoded_data, unsigned int *decoded_data_len); -#endif /* WITHOUT_PKCS11 */ - -static krb5_error_code pkinit_sign_data_fs - (krb5_context context, pkinit_identity_crypto_context id_cryptoctx, - unsigned char *data, unsigned int data_len, - unsigned char **sig, unsigned int *sig_len); -static krb5_error_code pkinit_decode_data_fs - (krb5_context context, pkinit_identity_crypto_context id_cryptoctx, - unsigned char *data, unsigned int data_len, - unsigned char **decoded_data, unsigned int *decoded_data_len); - -static krb5_error_code der_decode_data - (unsigned char *, long, unsigned char **, long *); - -static krb5_error_code -create_krb5_invalidCertificates(krb5_context context, - pkinit_plg_crypto_context plg_cryptoctx, - pkinit_req_crypto_context req_cryptoctx, - pkinit_identity_crypto_context id_cryptoctx, - krb5_external_principal_identifier *** ids); - -static krb5_error_code -create_identifiers_from_stack(STACK_OF(X509) *sk, - krb5_external_principal_identifier *** ids); -#ifdef LONGHORN_BETA_COMPAT -static int -wrap_signeddata(unsigned char *data, unsigned int data_len, - unsigned char **out, unsigned int *out_len, - int is_longhorn_server); -#else -static int -wrap_signeddata(unsigned char *data, unsigned int data_len, - unsigned char **out, unsigned int *out_len); -#endif - /* This handy macro borrowed from crypto/x509v3/v3_purp.c */ #define ku_reject(x, usage) \ (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage))) -static char * -pkinit_pkcs11_code_to_text(int err); - #endif /* _PKINIT_CRYPTO_OPENSSL_H */