Merge pull request #579 from sfackler/x509-signature

X509 signature access

4 files changed, 35 insertions, 4 deletions

diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs
index d18fa5ad..68943c87 100644
--- a/openssl-sys/src/lib.rs
+++ b/openssl-sys/src/lib.rs
@@ -26,8 +26,10 @@ pub use libressl::*;
 pub enum ASN1_INTEGER {}
 pub enum ASN1_GENERALIZEDTIME {}
 pub enum ASN1_STRING {}
+pub enum ASN1_BIT_STRING {}
 pub enum ASN1_TIME {}
 pub enum ASN1_TYPE {}
+pub enum ASN1_OBJECT {}
 pub enum BN_CTX {}
 pub enum BN_GENCB {}
 pub enum CONF {}
@@ -1408,6 +1410,8 @@ extern {
     pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING;
     pub fn ASN1_TIME_free(tm: *mut ASN1_TIME);
     pub fn ASN1_TIME_print(b: *mut BIO, tm: *const ASN1_TIME) -> c_int;
+    pub fn ASN1_BIT_STRING_free(x: *mut ASN1_BIT_STRING);
+    pub fn ASN1_OBJECT_free(x: *mut ASN1_OBJECT);
 
     pub fn BIO_ctrl(b: *mut BIO, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
     pub fn BIO_free_all(b: *mut BIO);
@@ -1652,6 +1656,9 @@ extern {
 
     pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int;
 
+    pub fn OBJ_obj2nid(o: *const ASN1_OBJECT) -> c_int;
+    pub fn OBJ_obj2txt(buf: *mut c_char, buf_len: c_int, a: *const ASN1_OBJECT, no_name: c_int) -> c_int;
+
     pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP;
     pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP);
     pub fn OCSP_basic_verify(bs: *mut OCSP_BASICRESP, certs: *mut stack_st_X509, st: *mut X509_STORE, flags: c_ulong) -> c_int;
@@ -1925,6 +1932,8 @@ extern {
     pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING;
     pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int;
 
+    pub fn X509_ALGOR_free(x: *mut X509_ALGOR);
+
     pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION);
 
     pub fn X509_NAME_free(x: *mut X509_NAME);
diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs
index 2862a47e..1bb17849 100644
--- a/openssl-sys/src/libressl.rs
+++ b/openssl-sys/src/libressl.rs
@@ -247,8 +247,8 @@ pub struct DH {
 #[repr(C)]
 pub struct X509 {
     pub cert_info: *mut X509_CINF,
-    sig_alg: *mut c_void,
-    signature: *mut c_void,
+    pub sig_alg: *mut ::X509_ALGOR,
+    pub signature: *mut ::ASN1_BIT_STRING,
     pub valid: c_int,
     pub references: c_int,
     pub name: *mut c_char,
@@ -286,6 +286,12 @@ pub struct X509_CINF {
 }
 
 #[repr(C)]
+pub struct X509_ALGOR {
+    pub algorithm: *mut ::ASN1_OBJECT,
+    parameter: *mut c_void,
+}
+
+#[repr(C)]
 pub struct ASN1_ENCODING {
     pub enc: *mut c_uchar,
     pub len: c_long,
diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs
index 14b7c414..f709c46f 100644
--- a/openssl-sys/src/ossl10x.rs
+++ b/openssl-sys/src/ossl10x.rs
@@ -250,8 +250,8 @@ pub struct DH {
 #[repr(C)]
 pub struct X509 {
     pub cert_info: *mut X509_CINF,
-    sig_alg: *mut c_void,
-    signature: *mut c_void,
+    pub sig_alg: *mut ::X509_ALGOR,
+    pub signature: *mut ::ASN1_BIT_STRING,
     pub valid: c_int,
     pub references: c_int,
     pub name: *mut c_char,
@@ -293,6 +293,12 @@ pub struct X509_CINF {
 }
 
 #[repr(C)]
+pub struct X509_ALGOR {
+    pub algorithm: *mut ::ASN1_OBJECT,
+    parameter: *mut c_void,
+}
+
+#[repr(C)]
 pub struct ASN1_ENCODING {
     pub enc: *mut c_uchar,
     pub len: c_long,
@@ -833,6 +839,12 @@ extern {
     pub fn X509_set_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_set_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_get_ext_d2i(x: *mut ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int) -> *mut c_void;
+    #[cfg(not(ossl101))]
+    pub fn X509_get0_signature(psig: *mut *mut ::ASN1_BIT_STRING, palg: *mut *mut ::X509_ALGOR, x: *const ::X509);
+    #[cfg(not(ossl101))]
+    pub fn X509_get_signature_nid(x: *const X509) -> c_int;
+    #[cfg(not(ossl101))]
+    pub fn X509_ALGOR_get0(paobj: *mut *mut ::ASN1_OBJECT, pptype: *mut c_int, ppval: *mut *mut c_void, alg: *mut ::X509_ALGOR);
     pub fn X509_NAME_get_entry(n: *mut ::X509_NAME, loc: c_int) -> *mut ::X509_NAME_ENTRY;
     pub fn X509_NAME_ENTRY_get_data(ne: *mut ::X509_NAME_ENTRY) -> *mut ::ASN1_STRING;
     pub fn X509_STORE_CTX_get_chain(ctx: *mut ::X509_STORE_CTX) -> *mut stack_st_X509;
diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs
index b7fdebab..68a62c6c 100644
--- a/openssl-sys/src/ossl110.rs
+++ b/openssl-sys/src/ossl110.rs
@@ -26,6 +26,7 @@ pub enum stack_st_X509_ATTRIBUTE {}
 pub enum stack_st_X509_EXTENSION {}
 pub enum stack_st_SSL_CIPHER {}
 pub enum X509 {}
+pub enum X509_ALGOR {}
 pub enum X509_VERIFY_PARAM {}
 
 pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong =                   0x00000000;
@@ -84,6 +85,8 @@ extern {
     pub fn X509_set1_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_set1_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int;
     pub fn X509_get_ext_d2i(x: *const ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int) -> *mut c_void;
+    pub fn X509_get_signature_nid(x: *const X509) -> c_int;
+    pub fn X509_ALGOR_get0(paobj: *mut *const ::ASN1_OBJECT, pptype: *mut c_int, ppval: *mut *const c_void, alg: *const ::X509_ALGOR);
     pub fn X509_NAME_get_entry(n: *const ::X509_NAME, loc: c_int) -> *mut ::X509_NAME_ENTRY;
     pub fn X509_NAME_ENTRY_get_data(ne: *const ::X509_NAME_ENTRY) -> *mut ::ASN1_STRING;
     pub fn X509V3_EXT_nconf_nid(conf: *mut ::CONF, ctx: *mut ::X509V3_CTX, ext_nid: c_int, value: *const c_char) -> *mut ::X509_EXTENSION;
@@ -127,6 +130,7 @@ extern {
     pub fn SSL_CTX_clear_options(ctx: *mut ::SSL_CTX, op: c_ulong) -> c_ulong;
     pub fn X509_getm_notAfter(x: *const ::X509) -> *mut ::ASN1_TIME;
     pub fn X509_getm_notBefore(x: *const ::X509) -> *mut ::ASN1_TIME;
+    pub fn X509_get0_signature(psig: *mut *const ::ASN1_BIT_STRING, palg: *mut *const ::X509_ALGOR, x: *const ::X509);
     pub fn DH_set0_pqg(dh: *mut ::DH,
                        p: *mut ::BIGNUM,
                        q: *mut ::BIGNUM,