From bc3286bb8c3db455b6e08128903d5e64a08014ca Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Mon, 13 Aug 2018 17:52:48 -0500
Subject: [PATCH] Add a pile of compatibility functions.

Change-Id: I75c8783139c717be34a9159a2291d2ae55ee71d5
Reviewed-on: https://boringssl-review.googlesource.com/30984
Reviewed-by: Adam Langley <agl@google.com>
---
 crypto/crypto.c          |  2 ++
 crypto/x509/x509cset.c   | 10 ++++++++++
 crypto/x509v3/v3_purp.c  | 25 +++++++++++++++++++++++++
 include/openssl/crypto.h |  3 +++
 include/openssl/x509.h   |  2 ++
 include/openssl/x509v3.h |  5 +++++
 6 files changed, 47 insertions(+)

diff --git a/crypto/crypto.c b/crypto/crypto.c
index 4feda170..93e2f824 100644
--- a/crypto/crypto.c
+++ b/crypto/crypto.c
@@ -214,3 +214,5 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) {
   CRYPTO_library_init();
   return 1;
 }
+
+void OPENSSL_cleanup(void) {}
diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index fe269cdc..6f2708c1 100644
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c
@@ -135,6 +135,16 @@ int X509_CRL_up_ref(X509_CRL *crl)
     return 1;
 }
 
+const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl)
+{
+    return crl->crl->lastUpdate;
+}
+
+const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl)
+{
+    return crl->crl->nextUpdate;
+}
+
 void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
                              const X509_ALGOR **palg)
 {
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 92d0100e..5e1f6415 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -817,3 +817,28 @@ int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
     }
     return X509_V_OK;
 }
+
+uint32_t X509_get_extension_flags(X509 *x)
+{
+    /* Call for side-effect of computing hash and caching extensions */
+    X509_check_purpose(x, -1, -1);
+    return x->ex_flags;
+}
+
+uint32_t X509_get_key_usage(X509 *x)
+{
+    /* Call for side-effect of computing hash and caching extensions */
+    X509_check_purpose(x, -1, -1);
+    if (x->ex_flags & EXFLAG_KUSAGE)
+        return x->ex_kusage;
+    return UINT32_MAX;
+}
+
+uint32_t X509_get_extended_key_usage(X509 *x)
+{
+    /* Call for side-effect of computing hash and caching extensions */
+    X509_check_purpose(x, -1, -1);
+    if (x->ex_flags & EXFLAG_XKUSAGE)
+        return x->ex_xkusage;
+    return UINT32_MAX;
+}
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 8e1a271c..d35cf71a 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -125,6 +125,9 @@ OPENSSL_EXPORT void OPENSSL_load_builtin_modules(void);
 OPENSSL_EXPORT int OPENSSL_init_crypto(uint64_t opts,
                                        const OPENSSL_INIT_SETTINGS *settings);
 
+// OPENSSL_cleanup does nothing.
+OPENSSL_EXPORT void OPENSSL_cleanup(void);
+
 // FIPS_mode_set returns one if |on| matches whether BoringSSL was built with
 // |BORINGSSL_FIPS| and zero otherwise.
 OPENSSL_EXPORT int FIPS_mode_set(int on);
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 79cadc3e..eeab5ec5 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -531,6 +531,8 @@ extern "C" {
 #define		X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
 
 #define		X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
+const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
 #define 	X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
 #define 	X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
 #define		X509_CRL_get_issuer(x) ((x)->crl->issuer)
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index 56cf59c0..1af439d7 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -682,6 +682,11 @@ OPENSSL_EXPORT int X509_supported_extension(X509_EXTENSION *ex);
 OPENSSL_EXPORT int X509_PURPOSE_set(int *p, int purpose);
 OPENSSL_EXPORT int X509_check_issued(X509 *issuer, X509 *subject);
 OPENSSL_EXPORT int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
+
+OPENSSL_EXPORT uint32_t X509_get_extension_flags(X509 *x);
+OPENSSL_EXPORT uint32_t X509_get_key_usage(X509 *x);
+OPENSSL_EXPORT uint32_t X509_get_extended_key_usage(X509 *x);
+
 OPENSSL_EXPORT int X509_PURPOSE_get_count(void);
 OPENSSL_EXPORT X509_PURPOSE * X509_PURPOSE_get0(int idx);
 OPENSSL_EXPORT int X509_PURPOSE_get_by_sname(char *sname);