From b9ca8f2356a98630a262951486cd10436963e169 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Sun, 12 Aug 2018 18:01:14 -0400
Subject: [PATCH] Extract internal-only parts of x509.h

---
 src/lib/tls/include.am         |  3 ++-
 src/lib/tls/x509.c             |  1 +
 src/lib/tls/x509.h             | 11 -----------
 src/lib/tls/x509_internal.h    | 28 ++++++++++++++++++++++++++++
 src/lib/tls/x509_nss.c         |  1 +
 src/lib/tls/x509_openssl.c     |  1 +
 src/test/test_tortls.c         |  1 +
 src/test/test_tortls_openssl.c |  1 +
 8 files changed, 35 insertions(+), 12 deletions(-)
 create mode 100644 src/lib/tls/x509_internal.h

diff --git a/src/lib/tls/include.am b/src/lib/tls/include.am
index 1731049032..b25e2e16bf 100644
--- a/src/lib/tls/include.am
+++ b/src/lib/tls/include.am
@@ -34,4 +34,5 @@ noinst_HEADERS +=				\
 	src/lib/tls/tortls.h			\
 	src/lib/tls/tortls_internal.h		\
 	src/lib/tls/tortls_st.h			\
-	src/lib/tls/x509.h
+	src/lib/tls/x509.h			\
+	src/lib/tls/x509_internal.h
diff --git a/src/lib/tls/x509.c b/src/lib/tls/x509.c
index dbf1dd927c..fc6139aceb 100644
--- a/src/lib/tls/x509.c
+++ b/src/lib/tls/x509.c
@@ -11,6 +11,7 @@
 
 #define TOR_X509_PRIVATE
 #include "lib/tls/x509.h"
+#include "lib/tls/x509_internal.h"
 #include "lib/log/util_bug.h"
 #include "lib/crypt_ops/crypto_rand.h"
 
diff --git a/src/lib/tls/x509.h b/src/lib/tls/x509.h
index f75d15d7e9..ccaa92184e 100644
--- a/src/lib/tls/x509.h
+++ b/src/lib/tls/x509.h
@@ -40,15 +40,6 @@ void tor_tls_pick_certificate_lifetime(time_t now,
                                        time_t *start_time_out,
                                        time_t *end_time_out);
 
-MOCK_DECL(tor_x509_cert_impl_t *, tor_tls_create_certificate,
-                                                   (crypto_pk_t *rsa,
-                                                    crypto_pk_t *rsa_sign,
-                                                    const char *cname,
-                                                    const char *cname_sign,
-                                                  unsigned int cert_lifetime));
-MOCK_DECL(tor_x509_cert_t *, tor_x509_cert_new,
-          (tor_x509_cert_impl_t *x509_cert));
-
 #ifdef TOR_UNIT_TESTS
 tor_x509_cert_t *tor_x509_cert_replace_expiration(
                                                const tor_x509_cert_t *inp,
@@ -63,8 +54,6 @@ void tor_x509_cert_free_(tor_x509_cert_t *cert);
   FREE_AND_NULL(tor_x509_cert_t, tor_x509_cert_free_, (c))
 tor_x509_cert_t *tor_x509_cert_decode(const uint8_t *certificate,
                             size_t certificate_len);
-const tor_x509_cert_impl_t *tor_x509_cert_get_impl(
-                                           const tor_x509_cert_t *cert);
 void tor_x509_cert_get_der(const tor_x509_cert_t *cert,
                       const uint8_t **encoded_out, size_t *size_out);
 
diff --git a/src/lib/tls/x509_internal.h b/src/lib/tls/x509_internal.h
new file mode 100644
index 0000000000..2cca393d21
--- /dev/null
+++ b/src/lib/tls/x509_internal.h
@@ -0,0 +1,28 @@
+/* Copyright (c) 2003, Roger Dingledine
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef TOR_X509_INTERNAL_H
+#define TOR_X509_INTERNAL_H
+
+/**
+ * \file x509.h
+ * \brief Internal headers for tortls.c
+ **/
+
+#include "lib/crypt_ops/crypto_rsa.h"
+#include "lib/testsupport/testsupport.h"
+
+MOCK_DECL(tor_x509_cert_impl_t *, tor_tls_create_certificate,
+                                                   (crypto_pk_t *rsa,
+                                                    crypto_pk_t *rsa_sign,
+                                                    const char *cname,
+                                                    const char *cname_sign,
+                                                  unsigned int cert_lifetime));
+MOCK_DECL(tor_x509_cert_t *, tor_x509_cert_new,
+          (tor_x509_cert_impl_t *x509_cert));
+const tor_x509_cert_impl_t *tor_x509_cert_get_impl(
+                                           const tor_x509_cert_t *cert);
+
+#endif
diff --git a/src/lib/tls/x509_nss.c b/src/lib/tls/x509_nss.c
index e856c95187..e0087eae6c 100644
--- a/src/lib/tls/x509_nss.c
+++ b/src/lib/tls/x509_nss.c
@@ -11,6 +11,7 @@
 
 #define TOR_X509_PRIVATE
 #include "lib/tls/x509.h"
+#include "lib/tls/x509_internal.h"
 #include "lib/tls/tortls.h"
 #include "lib/crypt_ops/crypto_rand.h"
 #include "lib/crypt_ops/crypto_util.h"
diff --git a/src/lib/tls/x509_openssl.c b/src/lib/tls/x509_openssl.c
index c003d4704b..43d33d781f 100644
--- a/src/lib/tls/x509_openssl.c
+++ b/src/lib/tls/x509_openssl.c
@@ -11,6 +11,7 @@
 
 #define TOR_X509_PRIVATE
 #include "lib/tls/x509.h"
+#include "lib/tls/x509_internal.h"
 #include "lib/tls/tortls.h"
 #include "lib/crypt_ops/crypto_rand.h"
 #include "lib/crypt_ops/crypto_util.h"
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index d20bc5fa6c..eedf0dd3c9 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -19,6 +19,7 @@
 #include "app/config/config.h"
 #include "lib/crypt_ops/compat_openssl.h"
 #include "lib/tls/x509.h"
+#include "lib/tls/x509_internal.h"
 #include "lib/tls/tortls.h"
 #include "lib/tls/tortls_st.h"
 #include "lib/tls/tortls_internal.h"
diff --git a/src/test/test_tortls_openssl.c b/src/test/test_tortls_openssl.c
index a9336a6f1b..12a05b3033 100644
--- a/src/test/test_tortls_openssl.c
+++ b/src/test/test_tortls_openssl.c
@@ -36,6 +36,7 @@ ENABLE_GCC_WARNING(redundant-decls)
 #include "app/config/config.h"
 #include "lib/crypt_ops/compat_openssl.h"
 #include "lib/tls/x509.h"
+#include "lib/tls/x509_internal.h"
 #include "lib/tls/tortls.h"
 #include "lib/tls/tortls_st.h"
 #include "lib/tls/tortls_internal.h"