diff --git a/lib/modules/Standards.pmod/PKCS.pmod/RSA.pmod b/lib/modules/Standards.pmod/PKCS.pmod/RSA.pmod
index 9b669d7f84b81114162ccab236f5df4c7b51faa1..8cc218e4ee5ba8e18105032119efcb121cdf106a 100644
--- a/lib/modules/Standards.pmod/PKCS.pmod/RSA.pmod
+++ b/lib/modules/Standards.pmod/PKCS.pmod/RSA.pmod
@@ -52,7 +52,7 @@ string private_key(Crypto.RSA rsa)
//! RSAPublicKey provided in ASN.1 DER-encoded format
//! @returns
//! @[Crypto.RSA] object
-Crypto.RSA parse_public_key(string key)
+Crypto.RSA.State parse_public_key(string key)
{
Object a = Standards.ASN1.Decode.simple_der_decode(key);
@@ -62,7 +62,7 @@ Crypto.RSA parse_public_key(string key)
|| (sizeof(a->elements->type_name - ({ "INTEGER" }))) )
return UNDEFINED;
- Crypto.RSA rsa = Crypto.RSA();
+ Crypto.RSA.State rsa = Crypto.RSA();
rsa->set_public_key(a->elements[0]->value, a->elements[1]->value);
return rsa;
}
@@ -72,14 +72,14 @@ Crypto.RSA parse_public_key(string key)
//! RSAPrivateKey provided in ASN.1 format
//! @returns
//! @[Crypto.RSA] object
-Crypto.RSA parse_private_key(Sequence seq)
+Crypto.RSA.State parse_private_key(Sequence seq)
{
if ((sizeof(seq->elements) != 9)
|| (sizeof(seq->elements->type_name - ({ "INTEGER" })))
|| seq->elements[0]->value)
return UNDEFINED;
- Crypto.RSA rsa = Crypto.RSA();
+ Crypto.RSA.State rsa = Crypto.RSA();
rsa->set_public_key(seq->elements[1]->value, seq->elements[2]->value);
rsa->set_private_key(seq->elements[3]->value, seq->elements[4..]->value);
return rsa;
@@ -90,7 +90,7 @@ Crypto.RSA parse_private_key(Sequence seq)
//! RSAPrivateKey provided in ASN.1 DER-encoded format
//! @returns
//! @[Crypto.RSA] object
-variant Crypto.RSA parse_private_key(string key)
+variant Crypto.RSA.State parse_private_key(string key)
{
Object a = Standards.ASN1.Decode.simple_der_decode(key);
diff --git a/lib/modules/Standards.pmod/X509.pmod b/lib/modules/Standards.pmod/X509.pmod
index ccf00d00c71dc99c92684d9e638f44a6e7ba9108..6add1cd27d772087ca077e20a946ad83c728af18 100644
--- a/lib/modules/Standards.pmod/X509.pmod
+++ b/lib/modules/Standards.pmod/X509.pmod
@@ -148,7 +148,7 @@ protected {
class Verifier {
constant type = "none";
- Crypto.Sign pkc;
+ Crypto.Sign.State pkc;
optional __deprecated__(Crypto.RSA) rsa;
optional __deprecated__(Crypto.DSA) dsa;
@@ -183,7 +183,9 @@ protected class RSAVerifier
pkc = RSA.parse_public_key(key);
}
- __deprecated__ Crypto.RSA `rsa() { return [object(Crypto.RSA)]pkc; }
+ __deprecated__ Crypto.RSA.State `rsa() {
+ return [object(Crypto.RSA.State)]pkc;
+ }
}
protected class DSAVerifier
@@ -196,7 +198,9 @@ protected class DSAVerifier
pkc = DSA.parse_public_key(key, p, q, g);
}
- __deprecated__ Crypto.DSA `dsa() { return [object(Crypto.DSA)]pkc; }
+ __deprecated__ Crypto.DSA.State `dsa() {
+ return [object(Crypto.DSA.State)]pkc;
+ }
}
#if constant(Crypto.ECC.Curve)
@@ -1150,7 +1154,7 @@ variant TBSCertificate make_tbs(Sequence issuer, Sequence algorithm,
//! @seealso
//! @[decode_certificate()], @[make_tbs()]
Sequence sign_tbs(TBSCertificate tbs,
- Crypto.Sign sign, Crypto.Hash hash)
+ Crypto.Sign.State sign, Crypto.Hash hash)
{
return Sequence(({ [object(Sequence)]tbs,
sign->pkcs_signature_algorithm_id(hash),
@@ -1200,8 +1204,9 @@ Sequence sign_tbs(TBSCertificate tbs,
//!
//! @seealso
//! @[make_selfsigned_certificate()], @[make_tbs()], @[sign_tbs()]
-string sign_key(Sequence issuer, Crypto.Sign c, Crypto.Sign ca, Crypto.Hash h,
- Sequence subject, int serial, int ttl, array|mapping|void extensions)
+string sign_key(Sequence issuer, Crypto.Sign.State c, Crypto.Sign.State ca,
+ Crypto.Hash h, Sequence subject, int serial, int ttl,
+ array|mapping|void extensions)
{
Sequence algorithm_id = c->pkcs_signature_algorithm_id(h);
if(!algorithm_id) error("Can't use %O for %O.\n", h, c);
@@ -1270,7 +1275,7 @@ Sequence make_extension(Identifier id, Object ext, void|int critical)
//!
//! @seealso
//! @[sign_key()], @[sign_tbs()]
-string make_selfsigned_certificate(Crypto.Sign c, int ttl,
+string make_selfsigned_certificate(Crypto.Sign.State c, int ttl,
mapping|array name,
mapping(Identifier:Sequence)|void extensions,
void|Crypto.Hash h, void|int serial)
@@ -1299,8 +1304,8 @@ string make_selfsigned_certificate(Crypto.Sign c, int ttl,
return sign_key(dn, c, c, h||Crypto.SHA256, dn, serial, ttl, extensions);
}
-string make_site_certificate(TBSCertificate ca, Crypto.Sign ca_key,
- Crypto.Sign c, int ttl, mapping|array name,
+string make_site_certificate(TBSCertificate ca, Crypto.Sign.State ca_key,
+ Crypto.Sign.State c, int ttl, mapping|array name,
mapping|void extensions,
void|Crypto.Hash h, void|int serial)
{
@@ -1323,10 +1328,9 @@ string make_site_certificate(TBSCertificate ca, Crypto.Sign ca_key,
return sign_key(ca->subject, c, ca_key, h||Crypto.SHA256, dn, serial, ttl, extensions);
}
-string make_root_certificate(Crypto.Sign c, int ttl,
- mapping|array name,
- mapping(Identifier:Sequence)|void extensions,
- void|Crypto.Hash h, void|int serial)
+string make_root_certificate(Crypto.Sign.State c, int ttl, mapping|array name,
+ mapping(Identifier:Sequence)|void extensions,
+ void|Crypto.Hash h, void|int serial)
{
if(!serial)
serial = (int)Gmp.mpz(Standards.UUID.make_version1(-1)->encode(), 256);
@@ -1800,7 +1804,7 @@ mapping verify_certificate_chain(array(string) cert_chain,
}
//! DWIM-parse the ASN.1-sequence for a private key.
-Crypto.Sign parse_private_key(Sequence seq)
+Crypto.Sign.State parse_private_key(Sequence seq)
{
switch(sizeof(seq)) {
case 5:
@@ -1820,7 +1824,7 @@ Crypto.Sign parse_private_key(Sequence seq)
}
//! DWIM-parse the DER-sequence for a private key.
-variant Crypto.Sign parse_private_key(string private_key)
+variant Crypto.Sign.State parse_private_key(string private_key)
{
Object seq = Standards.ASN1.Decode.simple_der_decode(private_key);
if (!seq || (seq->type_name != "SEQUENCE")) return UNDEFINED;