make X509_CERT_AUX opaque

Reviewed-by: N Rich Salz <rsalz@openssl.org>

make X509_CERT_AUX opaque
Reviewed-by: N Rich Salz <rsalz@openssl.org>
bc3686df · Dr. Stephen Henson · d8c054f2 · bc3686df · bc3686df · bc3686df
5 changed file
--- a/crypto/asn1/t_x509a.c
+++ b/crypto/asn1/t_x509a.c
@@ -62,6 +62,7 @@
 #include <openssl/evp.h>
 #include <openssl/asn1.h>
 #include <openssl/x509.h>
+#include "internal/x509_int.h"
 /*
 * X509_CERT_AUX and string set routines

--- a/crypto/asn1/x_x509a.c
+++ b/crypto/asn1/x_x509a.c
@@ -62,6 +62,7 @@
 #include <openssl/evp.h>
 #include <openssl/asn1t.h>
 #include <openssl/x509.h>
+#include "internal/x509_int.h"
 /*
 * X509_CERT_AUX routines. These are used to encode additional user

--- a/crypto/include/internal/x509_int.h
+++ b/crypto/include/internal/x509_int.h
@@ -75,3 +75,17 @@ struct X509_name_st {
    unsigned char *canon_enc;
    int canon_enclen;
 } /* X509_NAME */ ;
+/*
+ * This stuff is certificate "auxiliary info" it contains details which are
+ * useful in certificate stores and databases. When used this is tagged onto
+ * the end of the certificate itself
+ */
+struct x509_cert_aux_st {
+    STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
+    STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
+    ASN1_UTF8STRING *alias;     /* "friendly name" */
+    ASN1_OCTET_STRING *keyid;   /* key id of private key */
+    STACK_OF(X509_ALGOR) *other; /* other unspecified info */
+};
--- a/crypto/x509/x509_trs.c
+++ b/crypto/x509/x509_trs.c
@@ -60,6 +60,7 @@
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #include <openssl/x509v3.h>
+#include "internal/x509_int.h"
 static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b);
 static void trtable_free(X509_TRUST *p);

--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -196,19 +196,7 @@ typedef struct x509_cinf_st {
    ASN1_ENCODING enc;
 } X509_CINF;
-/*
+typedef struct x509_cert_aux_st X509_CERT_AUX;
- * This stuff is certificate "auxiliary info" it contains details which are
- * useful in certificate stores and databases. When used this is tagged onto
- * the end of the certificate itself
- */
-typedef struct x509_cert_aux_st {
-    STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
-    STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
-    ASN1_UTF8STRING *alias;     /* "friendly name" */
-    ASN1_OCTET_STRING *keyid;   /* key id of private key */
-    STACK_OF(X509_ALGOR) *other; /* other unspecified info */
-} X509_CERT_AUX;
 struct x509_st {
    X509_CINF *cert_info;