155714Skris/* crypto/x509/x509.h */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 8296465Sdelphij * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15296465Sdelphij * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 22296465Sdelphij * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 37296465Sdelphij * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40296465Sdelphij * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 52296465Sdelphij * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 58160814Ssimon/* ==================================================================== 59160814Ssimon * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 60296465Sdelphij * ECDH support in OpenSSL originally developed by 61160814Ssimon * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 62160814Ssimon */ 6355714Skris 6455714Skris#ifndef HEADER_X509_H 65296465Sdelphij# define HEADER_X509_H 6655714Skris 67296465Sdelphij# include <openssl/e_os2.h> 68296465Sdelphij# include <openssl/symhacks.h> 69296465Sdelphij# ifndef OPENSSL_NO_BUFFER 70296465Sdelphij# include <openssl/buffer.h> 71296465Sdelphij# endif 72296465Sdelphij# ifndef OPENSSL_NO_EVP 73296465Sdelphij# include <openssl/evp.h> 74296465Sdelphij# endif 75296465Sdelphij# ifndef OPENSSL_NO_BIO 76296465Sdelphij# include <openssl/bio.h> 77296465Sdelphij# endif 78296465Sdelphij# include <openssl/stack.h> 79296465Sdelphij# include <openssl/asn1.h> 80296465Sdelphij# include <openssl/safestack.h> 8155714Skris 82296465Sdelphij# ifndef OPENSSL_NO_EC 83296465Sdelphij# include <openssl/ec.h> 84296465Sdelphij# endif 85160814Ssimon 86296465Sdelphij# ifndef OPENSSL_NO_ECDSA 87296465Sdelphij# include <openssl/ecdsa.h> 88296465Sdelphij# endif 89160814Ssimon 90296465Sdelphij# ifndef OPENSSL_NO_ECDH 91296465Sdelphij# include <openssl/ecdh.h> 92296465Sdelphij# endif 93160814Ssimon 94296465Sdelphij# ifndef OPENSSL_NO_DEPRECATED 95296465Sdelphij# ifndef OPENSSL_NO_RSA 96296465Sdelphij# include <openssl/rsa.h> 97296465Sdelphij# endif 98296465Sdelphij# ifndef OPENSSL_NO_DSA 99296465Sdelphij# include <openssl/dsa.h> 100296465Sdelphij# endif 101296465Sdelphij# ifndef OPENSSL_NO_DH 102296465Sdelphij# include <openssl/dh.h> 103296465Sdelphij# endif 104296465Sdelphij# endif 105160814Ssimon 106296465Sdelphij# ifndef OPENSSL_NO_SHA 107296465Sdelphij# include <openssl/sha.h> 108296465Sdelphij# endif 109296465Sdelphij# include <openssl/ossl_typ.h> 11055714Skris 11168651Skris#ifdef __cplusplus 11268651Skrisextern "C" { 11368651Skris#endif 11468651Skris 115296465Sdelphij# ifdef OPENSSL_SYS_WIN32 116160814Ssimon/* Under Win32 these are defined in wincrypt.h */ 117296465Sdelphij# undef X509_NAME 118296465Sdelphij# undef X509_CERT_PAIR 119296465Sdelphij# undef X509_EXTENSIONS 120296465Sdelphij# endif 12155714Skris 122296465Sdelphij# define X509_FILETYPE_PEM 1 123296465Sdelphij# define X509_FILETYPE_ASN1 2 124296465Sdelphij# define X509_FILETYPE_DEFAULT 3 12555714Skris 126296465Sdelphij# define X509v3_KU_DIGITAL_SIGNATURE 0x0080 127296465Sdelphij# define X509v3_KU_NON_REPUDIATION 0x0040 128296465Sdelphij# define X509v3_KU_KEY_ENCIPHERMENT 0x0020 129296465Sdelphij# define X509v3_KU_DATA_ENCIPHERMENT 0x0010 130296465Sdelphij# define X509v3_KU_KEY_AGREEMENT 0x0008 131296465Sdelphij# define X509v3_KU_KEY_CERT_SIGN 0x0004 132296465Sdelphij# define X509v3_KU_CRL_SIGN 0x0002 133296465Sdelphij# define X509v3_KU_ENCIPHER_ONLY 0x0001 134296465Sdelphij# define X509v3_KU_DECIPHER_ONLY 0x8000 135296465Sdelphij# define X509v3_KU_UNDEF 0xffff 13655714Skris 137296465Sdelphijtypedef struct X509_objects_st { 138296465Sdelphij int nid; 139296465Sdelphij int (*a2i) (void); 140296465Sdelphij int (*i2a) (void); 141296465Sdelphij} X509_OBJECTS; 14255714Skris 143296465Sdelphijstruct X509_algor_st { 144296465Sdelphij ASN1_OBJECT *algorithm; 145296465Sdelphij ASN1_TYPE *parameter; 146296465Sdelphij} /* X509_ALGOR */ ; 14755714Skris 14855714SkrisDECLARE_ASN1_SET_OF(X509_ALGOR) 14955714Skris 150194206Ssimontypedef STACK_OF(X509_ALGOR) X509_ALGORS; 151194206Ssimon 152296465Sdelphijtypedef struct X509_val_st { 153296465Sdelphij ASN1_TIME *notBefore; 154296465Sdelphij ASN1_TIME *notAfter; 155296465Sdelphij} X509_VAL; 15655714Skris 157296465Sdelphijtypedef struct X509_pubkey_st { 158296465Sdelphij X509_ALGOR *algor; 159296465Sdelphij ASN1_BIT_STRING *public_key; 160296465Sdelphij EVP_PKEY *pkey; 161296465Sdelphij} X509_PUBKEY; 16255714Skris 163296465Sdelphijtypedef struct X509_sig_st { 164296465Sdelphij X509_ALGOR *algor; 165296465Sdelphij ASN1_OCTET_STRING *digest; 166296465Sdelphij} X509_SIG; 16755714Skris 168296465Sdelphijtypedef struct X509_name_entry_st { 169296465Sdelphij ASN1_OBJECT *object; 170296465Sdelphij ASN1_STRING *value; 171296465Sdelphij int set; 172296465Sdelphij int size; /* temp variable */ 173296465Sdelphij} X509_NAME_ENTRY; 17455714Skris 17555714SkrisDECLARE_STACK_OF(X509_NAME_ENTRY) 17655714SkrisDECLARE_ASN1_SET_OF(X509_NAME_ENTRY) 17755714Skris 17855714Skris/* we always keep X509_NAMEs in 2 forms. */ 179296465Sdelphijstruct X509_name_st { 180296465Sdelphij STACK_OF(X509_NAME_ENTRY) *entries; 181296465Sdelphij int modified; /* true if 'bytes' needs to be built */ 182296465Sdelphij# ifndef OPENSSL_NO_BUFFER 183296465Sdelphij BUF_MEM *bytes; 184296465Sdelphij# else 185296465Sdelphij char *bytes; 186296465Sdelphij# endif 187296465Sdelphij unsigned long hash; /* Keep the hash around for lookups */ 188296465Sdelphij} /* X509_NAME */ ; 18955714Skris 19055714SkrisDECLARE_STACK_OF(X509_NAME) 19155714Skris 192296465Sdelphij# define X509_EX_V_NETSCAPE_HACK 0x8000 193296465Sdelphij# define X509_EX_V_INIT 0x0001 194296465Sdelphijtypedef struct X509_extension_st { 195296465Sdelphij ASN1_OBJECT *object; 196296465Sdelphij ASN1_BOOLEAN critical; 197296465Sdelphij ASN1_OCTET_STRING *value; 198296465Sdelphij} X509_EXTENSION; 19955714Skris 200194206Ssimontypedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; 201194206Ssimon 20255714SkrisDECLARE_STACK_OF(X509_EXTENSION) 20355714SkrisDECLARE_ASN1_SET_OF(X509_EXTENSION) 20455714Skris 20555714Skris/* a sequence of these are used */ 206296465Sdelphijtypedef struct x509_attributes_st { 207296465Sdelphij ASN1_OBJECT *object; 208296465Sdelphij int single; /* 0 for a set, 1 for a single item (which is 209296465Sdelphij * wrong) */ 210296465Sdelphij union { 211296465Sdelphij char *ptr; 212296465Sdelphij /* 213296465Sdelphij * 0 214296465Sdelphij */ STACK_OF(ASN1_TYPE) *set; 215296465Sdelphij /* 216296465Sdelphij * 1 217296465Sdelphij */ ASN1_TYPE *single; 218296465Sdelphij } value; 219296465Sdelphij} X509_ATTRIBUTE; 22055714Skris 22155714SkrisDECLARE_STACK_OF(X509_ATTRIBUTE) 22255714SkrisDECLARE_ASN1_SET_OF(X509_ATTRIBUTE) 22355714Skris 224296465Sdelphijtypedef struct X509_req_info_st { 225296465Sdelphij ASN1_ENCODING enc; 226296465Sdelphij ASN1_INTEGER *version; 227296465Sdelphij X509_NAME *subject; 228296465Sdelphij X509_PUBKEY *pubkey; 229296465Sdelphij /* d=2 hl=2 l= 0 cons: cont: 00 */ 230296465Sdelphij STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ 231296465Sdelphij} X509_REQ_INFO; 232109998Smarkm 233296465Sdelphijtypedef struct X509_req_st { 234296465Sdelphij X509_REQ_INFO *req_info; 235296465Sdelphij X509_ALGOR *sig_alg; 236296465Sdelphij ASN1_BIT_STRING *signature; 237296465Sdelphij int references; 238296465Sdelphij} X509_REQ; 23955714Skris 240296465Sdelphijtypedef struct x509_cinf_st { 241296465Sdelphij ASN1_INTEGER *version; /* [ 0 ] default of v1 */ 242296465Sdelphij ASN1_INTEGER *serialNumber; 243296465Sdelphij X509_ALGOR *signature; 244296465Sdelphij X509_NAME *issuer; 245296465Sdelphij X509_VAL *validity; 246296465Sdelphij X509_NAME *subject; 247296465Sdelphij X509_PUBKEY *key; 248296465Sdelphij ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ 249296465Sdelphij ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ 250296465Sdelphij STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ 251296465Sdelphij ASN1_ENCODING enc; 252296465Sdelphij} X509_CINF; 25355714Skris 254296465Sdelphij/* 255296465Sdelphij * This stuff is certificate "auxiliary info" it contains details which are 256296465Sdelphij * useful in certificate stores and databases. When used this is tagged onto 25759191Skris * the end of the certificate itself 25859191Skris */ 25959191Skris 260296465Sdelphijtypedef struct x509_cert_aux_st { 261296465Sdelphij STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ 262296465Sdelphij STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ 263296465Sdelphij ASN1_UTF8STRING *alias; /* "friendly name" */ 264296465Sdelphij ASN1_OCTET_STRING *keyid; /* key id of private key */ 265296465Sdelphij STACK_OF(X509_ALGOR) *other; /* other unspecified info */ 266296465Sdelphij} X509_CERT_AUX; 26759191Skris 268296465Sdelphijstruct x509_st { 269296465Sdelphij X509_CINF *cert_info; 270296465Sdelphij X509_ALGOR *sig_alg; 271296465Sdelphij ASN1_BIT_STRING *signature; 272296465Sdelphij int valid; 273296465Sdelphij int references; 274296465Sdelphij char *name; 275296465Sdelphij CRYPTO_EX_DATA ex_data; 276296465Sdelphij /* These contain copies of various extension values */ 277296465Sdelphij long ex_pathlen; 278296465Sdelphij long ex_pcpathlen; 279296465Sdelphij unsigned long ex_flags; 280296465Sdelphij unsigned long ex_kusage; 281296465Sdelphij unsigned long ex_xkusage; 282296465Sdelphij unsigned long ex_nscert; 283296465Sdelphij ASN1_OCTET_STRING *skid; 284296465Sdelphij struct AUTHORITY_KEYID_st *akid; 285296465Sdelphij X509_POLICY_CACHE *policy_cache; 286296465Sdelphij# ifndef OPENSSL_NO_RFC3779 287296465Sdelphij STACK_OF(IPAddressFamily) *rfc3779_addr; 288296465Sdelphij struct ASIdentifiers_st *rfc3779_asid; 289296465Sdelphij# endif 290296465Sdelphij# ifndef OPENSSL_NO_SHA 291296465Sdelphij unsigned char sha1_hash[SHA_DIGEST_LENGTH]; 292296465Sdelphij# endif 293296465Sdelphij X509_CERT_AUX *aux; 294296465Sdelphij} /* X509 */ ; 29555714Skris 29655714SkrisDECLARE_STACK_OF(X509) 29755714SkrisDECLARE_ASN1_SET_OF(X509) 29855714Skris 29959191Skris/* This is used for a table of trust checking functions */ 30059191Skris 30159191Skristypedef struct x509_trust_st { 302296465Sdelphij int trust; 303296465Sdelphij int flags; 304296465Sdelphij int (*check_trust) (struct x509_trust_st *, X509 *, int); 305296465Sdelphij char *name; 306296465Sdelphij int arg1; 307296465Sdelphij void *arg2; 30859191Skris} X509_TRUST; 30959191Skris 31059191SkrisDECLARE_STACK_OF(X509_TRUST) 31159191Skris 312160814Ssimontypedef struct x509_cert_pair_st { 313296465Sdelphij X509 *forward; 314296465Sdelphij X509 *reverse; 315160814Ssimon} X509_CERT_PAIR; 316160814Ssimon 31759191Skris/* standard trust ids */ 31859191Skris 319296465Sdelphij# define X509_TRUST_DEFAULT -1/* Only valid in purpose settings */ 32059191Skris 321296465Sdelphij# define X509_TRUST_COMPAT 1 322296465Sdelphij# define X509_TRUST_SSL_CLIENT 2 323296465Sdelphij# define X509_TRUST_SSL_SERVER 3 324296465Sdelphij# define X509_TRUST_EMAIL 4 325296465Sdelphij# define X509_TRUST_OBJECT_SIGN 5 326296465Sdelphij# define X509_TRUST_OCSP_SIGN 6 327296465Sdelphij# define X509_TRUST_OCSP_REQUEST 7 32859191Skris 32959191Skris/* Keep these up to date! */ 330296465Sdelphij# define X509_TRUST_MIN 1 331296465Sdelphij# define X509_TRUST_MAX 7 33259191Skris 33359191Skris/* trust_flags values */ 334296465Sdelphij# define X509_TRUST_DYNAMIC 1 335296465Sdelphij# define X509_TRUST_DYNAMIC_NAME 2 33659191Skris 33759191Skris/* check_trust return codes */ 33859191Skris 339296465Sdelphij# define X509_TRUST_TRUSTED 1 340296465Sdelphij# define X509_TRUST_REJECTED 2 341296465Sdelphij# define X509_TRUST_UNTRUSTED 3 34259191Skris 343109998Smarkm/* Flags for X509_print_ex() */ 344109998Smarkm 345296465Sdelphij# define X509_FLAG_COMPAT 0 346296465Sdelphij# define X509_FLAG_NO_HEADER 1L 347296465Sdelphij# define X509_FLAG_NO_VERSION (1L << 1) 348296465Sdelphij# define X509_FLAG_NO_SERIAL (1L << 2) 349296465Sdelphij# define X509_FLAG_NO_SIGNAME (1L << 3) 350296465Sdelphij# define X509_FLAG_NO_ISSUER (1L << 4) 351296465Sdelphij# define X509_FLAG_NO_VALIDITY (1L << 5) 352296465Sdelphij# define X509_FLAG_NO_SUBJECT (1L << 6) 353296465Sdelphij# define X509_FLAG_NO_PUBKEY (1L << 7) 354296465Sdelphij# define X509_FLAG_NO_EXTENSIONS (1L << 8) 355296465Sdelphij# define X509_FLAG_NO_SIGDUMP (1L << 9) 356296465Sdelphij# define X509_FLAG_NO_AUX (1L << 10) 357296465Sdelphij# define X509_FLAG_NO_ATTRIBUTES (1L << 11) 358109998Smarkm 359296465Sdelphij/* Flags specific to X509_NAME_print_ex() */ 36068651Skris 36168651Skris/* The field separator information */ 36268651Skris 363296465Sdelphij# define XN_FLAG_SEP_MASK (0xf << 16) 36468651Skris 365296465Sdelphij# define XN_FLAG_COMPAT 0/* Traditional SSLeay: use old 366296465Sdelphij * X509_NAME_print */ 367296465Sdelphij# define XN_FLAG_SEP_COMMA_PLUS (1 << 16)/* RFC2253 ,+ */ 368296465Sdelphij# define XN_FLAG_SEP_CPLUS_SPC (2 << 16)/* ,+ spaced: more readable */ 369296465Sdelphij# define XN_FLAG_SEP_SPLUS_SPC (3 << 16)/* ;+ spaced */ 370296465Sdelphij# define XN_FLAG_SEP_MULTILINE (4 << 16)/* One line per field */ 37168651Skris 372296465Sdelphij# define XN_FLAG_DN_REV (1 << 20)/* Reverse DN order */ 37368651Skris 37468651Skris/* How the field name is shown */ 37568651Skris 376296465Sdelphij# define XN_FLAG_FN_MASK (0x3 << 21) 37768651Skris 378296465Sdelphij# define XN_FLAG_FN_SN 0/* Object short name */ 379296465Sdelphij# define XN_FLAG_FN_LN (1 << 21)/* Object long name */ 380296465Sdelphij# define XN_FLAG_FN_OID (2 << 21)/* Always use OIDs */ 381296465Sdelphij# define XN_FLAG_FN_NONE (3 << 21)/* No field names */ 38268651Skris 383296465Sdelphij# define XN_FLAG_SPC_EQ (1 << 23)/* Put spaces round '=' */ 38468651Skris 385296465Sdelphij/* 386296465Sdelphij * This determines if we dump fields we don't recognise: RFC2253 requires 387296465Sdelphij * this. 38868651Skris */ 38968651Skris 390296465Sdelphij# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) 39168651Skris 392296465Sdelphij# define XN_FLAG_FN_ALIGN (1 << 25)/* Align field names to 20 393296465Sdelphij * characters */ 394109998Smarkm 39568651Skris/* Complete set of RFC2253 flags */ 39668651Skris 397296465Sdelphij# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ 398296465Sdelphij XN_FLAG_SEP_COMMA_PLUS | \ 399296465Sdelphij XN_FLAG_DN_REV | \ 400296465Sdelphij XN_FLAG_FN_SN | \ 401296465Sdelphij XN_FLAG_DUMP_UNKNOWN_FIELDS) 40268651Skris 40368651Skris/* readable oneline form */ 40468651Skris 405296465Sdelphij# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ 406296465Sdelphij ASN1_STRFLGS_ESC_QUOTE | \ 407296465Sdelphij XN_FLAG_SEP_CPLUS_SPC | \ 408296465Sdelphij XN_FLAG_SPC_EQ | \ 409296465Sdelphij XN_FLAG_FN_SN) 41068651Skris 41168651Skris/* readable multiline form */ 41268651Skris 413296465Sdelphij# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ 414296465Sdelphij ASN1_STRFLGS_ESC_MSB | \ 415296465Sdelphij XN_FLAG_SEP_MULTILINE | \ 416296465Sdelphij XN_FLAG_SPC_EQ | \ 417296465Sdelphij XN_FLAG_FN_LN | \ 418296465Sdelphij XN_FLAG_FN_ALIGN) 41968651Skris 420296465Sdelphijtypedef struct X509_revoked_st { 421296465Sdelphij ASN1_INTEGER *serialNumber; 422296465Sdelphij ASN1_TIME *revocationDate; 423296465Sdelphij STACK_OF(X509_EXTENSION) /* optional */ *extensions; 424296465Sdelphij int sequence; /* load sequence */ 425296465Sdelphij} X509_REVOKED; 42655714Skris 42755714SkrisDECLARE_STACK_OF(X509_REVOKED) 42855714SkrisDECLARE_ASN1_SET_OF(X509_REVOKED) 42955714Skris 430296465Sdelphijtypedef struct X509_crl_info_st { 431296465Sdelphij ASN1_INTEGER *version; 432296465Sdelphij X509_ALGOR *sig_alg; 433296465Sdelphij X509_NAME *issuer; 434296465Sdelphij ASN1_TIME *lastUpdate; 435296465Sdelphij ASN1_TIME *nextUpdate; 436296465Sdelphij STACK_OF(X509_REVOKED) *revoked; 437296465Sdelphij STACK_OF(X509_EXTENSION) /* [0] */ *extensions; 438296465Sdelphij ASN1_ENCODING enc; 439296465Sdelphij} X509_CRL_INFO; 44055714Skris 441296465Sdelphijstruct X509_crl_st { 442296465Sdelphij /* actual signature */ 443296465Sdelphij X509_CRL_INFO *crl; 444296465Sdelphij X509_ALGOR *sig_alg; 445296465Sdelphij ASN1_BIT_STRING *signature; 446296465Sdelphij int references; 447296465Sdelphij} /* X509_CRL */ ; 44855714Skris 44955714SkrisDECLARE_STACK_OF(X509_CRL) 45055714SkrisDECLARE_ASN1_SET_OF(X509_CRL) 45155714Skris 452296465Sdelphijtypedef struct private_key_st { 453296465Sdelphij int version; 454296465Sdelphij /* The PKCS#8 data types */ 455296465Sdelphij X509_ALGOR *enc_algor; 456296465Sdelphij ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ 457296465Sdelphij /* When decrypted, the following will not be NULL */ 458296465Sdelphij EVP_PKEY *dec_pkey; 459296465Sdelphij /* used to encrypt and decrypt */ 460296465Sdelphij int key_length; 461296465Sdelphij char *key_data; 462296465Sdelphij int key_free; /* true if we should auto free key_data */ 463296465Sdelphij /* expanded version of 'enc_algor' */ 464296465Sdelphij EVP_CIPHER_INFO cipher; 465296465Sdelphij int references; 466296465Sdelphij} X509_PKEY; 46755714Skris 468296465Sdelphij# ifndef OPENSSL_NO_EVP 469296465Sdelphijtypedef struct X509_info_st { 470296465Sdelphij X509 *x509; 471296465Sdelphij X509_CRL *crl; 472296465Sdelphij X509_PKEY *x_pkey; 473296465Sdelphij EVP_CIPHER_INFO enc_cipher; 474296465Sdelphij int enc_len; 475296465Sdelphij char *enc_data; 476296465Sdelphij int references; 477296465Sdelphij} X509_INFO; 47855714Skris 47955714SkrisDECLARE_STACK_OF(X509_INFO) 480296465Sdelphij# endif 48155714Skris 482296465Sdelphij/* 483296465Sdelphij * The next 2 structures and their 8 routines were sent to me by Pat Richard 484296465Sdelphij * <patr@x509.com> and are used to manipulate Netscapes spki structures - 485296465Sdelphij * useful if you are writing a CA web page 48655714Skris */ 487296465Sdelphijtypedef struct Netscape_spkac_st { 488296465Sdelphij X509_PUBKEY *pubkey; 489296465Sdelphij ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ 490296465Sdelphij} NETSCAPE_SPKAC; 49155714Skris 492296465Sdelphijtypedef struct Netscape_spki_st { 493296465Sdelphij NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ 494296465Sdelphij X509_ALGOR *sig_algor; 495296465Sdelphij ASN1_BIT_STRING *signature; 496296465Sdelphij} NETSCAPE_SPKI; 49755714Skris 49855714Skris/* Netscape certificate sequence structure */ 499296465Sdelphijtypedef struct Netscape_certificate_sequence { 500296465Sdelphij ASN1_OBJECT *type; 501296465Sdelphij STACK_OF(X509) *certs; 502296465Sdelphij} NETSCAPE_CERT_SEQUENCE; 50355714Skris 504296465Sdelphij/*- Unused (and iv length is wrong) 50555714Skristypedef struct CBCParameter_st 506296465Sdelphij { 507296465Sdelphij unsigned char iv[8]; 508296465Sdelphij } CBC_PARAM; 509109998Smarkm*/ 51055714Skris 51155714Skris/* Password based encryption structure */ 51255714Skris 51355714Skristypedef struct PBEPARAM_st { 514296465Sdelphij ASN1_OCTET_STRING *salt; 515296465Sdelphij ASN1_INTEGER *iter; 51655714Skris} PBEPARAM; 51755714Skris 51855714Skris/* Password based encryption V2 structures */ 51955714Skris 52055714Skristypedef struct PBE2PARAM_st { 521296465Sdelphij X509_ALGOR *keyfunc; 522296465Sdelphij X509_ALGOR *encryption; 52355714Skris} PBE2PARAM; 52455714Skris 52555714Skristypedef struct PBKDF2PARAM_st { 526296465Sdelphij/* Usually OCTET STRING but could be anything */ 527296465Sdelphij ASN1_TYPE *salt; 528296465Sdelphij ASN1_INTEGER *iter; 529296465Sdelphij ASN1_INTEGER *keylength; 530296465Sdelphij X509_ALGOR *prf; 53155714Skris} PBKDF2PARAM; 53255714Skris 53355714Skris/* PKCS#8 private key info structure */ 53455714Skris 535296465Sdelphijtypedef struct pkcs8_priv_key_info_st { 536296465Sdelphij /* Flag for various broken formats */ 537296465Sdelphij int broken; 538296465Sdelphij# define PKCS8_OK 0 539296465Sdelphij# define PKCS8_NO_OCTET 1 540296465Sdelphij# define PKCS8_EMBEDDED_PARAM 2 541296465Sdelphij# define PKCS8_NS_DB 3 542296465Sdelphij ASN1_INTEGER *version; 543296465Sdelphij X509_ALGOR *pkeyalg; 544296465Sdelphij /* Should be OCTET STRING but some are broken */ 545296465Sdelphij ASN1_TYPE *pkey; 546296465Sdelphij STACK_OF(X509_ATTRIBUTE) *attributes; 547296465Sdelphij} PKCS8_PRIV_KEY_INFO; 54855714Skris 54968651Skris#ifdef __cplusplus 55068651Skris} 55168651Skris#endif 55268651Skris 553296465Sdelphij# include <openssl/x509_vfy.h> 554296465Sdelphij# include <openssl/pkcs7.h> 55555714Skris 55668651Skris#ifdef __cplusplus 55768651Skrisextern "C" { 55868651Skris#endif 55968651Skris 560296465Sdelphij# ifdef SSLEAY_MACROS 561296465Sdelphij# define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\ 562296465Sdelphij a->signature,(char *)a->cert_info,r) 563296465Sdelphij# define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \ 564296465Sdelphij a->sig_alg,a->signature,(char *)a->req_info,r) 565296465Sdelphij# define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \ 566296465Sdelphij a->sig_alg, a->signature,(char *)a->crl,r) 56755714Skris 568296465Sdelphij# define X509_sign(x,pkey,md) \ 569296465Sdelphij ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \ 570296465Sdelphij x->sig_alg, x->signature, (char *)x->cert_info,pkey,md) 571296465Sdelphij# define X509_REQ_sign(x,pkey,md) \ 572296465Sdelphij ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \ 573296465Sdelphij x->signature, (char *)x->req_info,pkey,md) 574296465Sdelphij# define X509_CRL_sign(x,pkey,md) \ 575296465Sdelphij ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \ 576296465Sdelphij x->signature, (char *)x->crl,pkey,md) 577296465Sdelphij# define NETSCAPE_SPKI_sign(x,pkey,md) \ 578296465Sdelphij ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \ 579296465Sdelphij x->signature, (char *)x->spkac,pkey,md) 58055714Skris 581296465Sdelphij# define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ 582296465Sdelphij (char *(*)())d2i_X509,(char *)x509) 583296465Sdelphij# define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\ 584296465Sdelphij (int (*)())i2d_X509_ATTRIBUTE, \ 585296465Sdelphij (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa) 586296465Sdelphij# define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ 587296465Sdelphij (int (*)())i2d_X509_EXTENSION, \ 588296465Sdelphij (char *(*)())d2i_X509_EXTENSION,(char *)ex) 589296465Sdelphij# define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \ 590296465Sdelphij (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)) 591296465Sdelphij# define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509) 592296465Sdelphij# define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \ 593296465Sdelphij (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)) 594296465Sdelphij# define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509) 59555714Skris 596296465Sdelphij# define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \ 597296465Sdelphij (char *(*)())d2i_X509_CRL,(char *)crl) 598296465Sdelphij# define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \ 599296465Sdelphij X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\ 600296465Sdelphij (unsigned char **)(crl)) 601296465Sdelphij# define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\ 602296465Sdelphij (unsigned char *)crl) 603296465Sdelphij# define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \ 604296465Sdelphij X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\ 605296465Sdelphij (unsigned char **)(crl)) 606296465Sdelphij# define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\ 607296465Sdelphij (unsigned char *)crl) 60855714Skris 609296465Sdelphij# define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \ 610296465Sdelphij (char *(*)())d2i_PKCS7,(char *)p7) 611296465Sdelphij# define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \ 612296465Sdelphij PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\ 613296465Sdelphij (unsigned char **)(p7)) 614296465Sdelphij# define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\ 615296465Sdelphij (unsigned char *)p7) 616296465Sdelphij# define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \ 617296465Sdelphij PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\ 618296465Sdelphij (unsigned char **)(p7)) 619296465Sdelphij# define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\ 620296465Sdelphij (unsigned char *)p7) 62155714Skris 622296465Sdelphij# define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \ 623296465Sdelphij (char *(*)())d2i_X509_REQ,(char *)req) 624296465Sdelphij# define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\ 625296465Sdelphij X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\ 626296465Sdelphij (unsigned char **)(req)) 627296465Sdelphij# define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\ 628296465Sdelphij (unsigned char *)req) 629296465Sdelphij# define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\ 630296465Sdelphij X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\ 631296465Sdelphij (unsigned char **)(req)) 632296465Sdelphij# define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\ 633296465Sdelphij (unsigned char *)req) 63455714Skris 635296465Sdelphij# define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \ 636296465Sdelphij (char *(*)())d2i_RSAPublicKey,(char *)rsa) 637296465Sdelphij# define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \ 638296465Sdelphij (char *(*)())d2i_RSAPrivateKey,(char *)rsa) 63955714Skris 640296465Sdelphij# define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ 641296465Sdelphij RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \ 642296465Sdelphij (unsigned char **)(rsa)) 643296465Sdelphij# define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \ 644296465Sdelphij (unsigned char *)rsa) 645296465Sdelphij# define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ 646296465Sdelphij RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \ 647296465Sdelphij (unsigned char **)(rsa)) 648296465Sdelphij# define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \ 649296465Sdelphij (unsigned char *)rsa) 65055714Skris 651296465Sdelphij# define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ 652296465Sdelphij RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \ 653296465Sdelphij (unsigned char **)(rsa)) 654296465Sdelphij# define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \ 655296465Sdelphij (unsigned char *)rsa) 656296465Sdelphij# define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ 657296465Sdelphij RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \ 658296465Sdelphij (unsigned char **)(rsa)) 659296465Sdelphij# define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \ 660296465Sdelphij (unsigned char *)rsa) 66155714Skris 662296465Sdelphij# define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\ 663296465Sdelphij DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \ 664296465Sdelphij (unsigned char **)(dsa)) 665296465Sdelphij# define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \ 666296465Sdelphij (unsigned char *)dsa) 667296465Sdelphij# define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\ 668296465Sdelphij DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \ 669296465Sdelphij (unsigned char **)(dsa)) 670296465Sdelphij# define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ 671296465Sdelphij (unsigned char *)dsa) 67255714Skris 673296465Sdelphij# define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\ 674296465Sdelphij EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \ 675296465Sdelphij (unsigned char **)(ecdsa)) 676296465Sdelphij# define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \ 677296465Sdelphij (unsigned char *)ecdsa) 678296465Sdelphij# define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\ 679296465Sdelphij EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \ 680296465Sdelphij (unsigned char **)(ecdsa)) 681296465Sdelphij# define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \ 682296465Sdelphij (unsigned char *)ecdsa) 683160814Ssimon 684296465Sdelphij# define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ 685296465Sdelphij (char *(*)())d2i_X509_ALGOR,(char *)xn) 68655714Skris 687296465Sdelphij# define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ 688296465Sdelphij (char *(*)())d2i_X509_NAME,(char *)xn) 689296465Sdelphij# define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ 690296465Sdelphij (int (*)())i2d_X509_NAME_ENTRY, \ 691296465Sdelphij (char *(*)())d2i_X509_NAME_ENTRY,\ 692296465Sdelphij (char *)ne) 69355714Skris 694296465Sdelphij# define X509_digest(data,type,md,len) \ 695296465Sdelphij ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) 696296465Sdelphij# define X509_NAME_digest(data,type,md,len) \ 697296465Sdelphij ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) 698296465Sdelphij# ifndef PKCS7_ISSUER_AND_SERIAL_digest 699296465Sdelphij# define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ 700296465Sdelphij ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ 701296465Sdelphij (char *)data,md,len) 702296465Sdelphij# endif 703296465Sdelphij# endif 70455714Skris 705296465Sdelphij# define X509_EXT_PACK_UNKNOWN 1 706296465Sdelphij# define X509_EXT_PACK_STRING 2 70755714Skris 708296465Sdelphij# define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version) 709296465Sdelphij/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */ 710296465Sdelphij# define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore) 711296465Sdelphij# define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter) 712296465Sdelphij# define X509_extract_key(x) X509_get_pubkey(x)/*****/ 713296465Sdelphij# define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version) 714296465Sdelphij# define X509_REQ_get_subject_name(x) ((x)->req_info->subject) 715296465Sdelphij# define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) 716296465Sdelphij# define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) 717296465Sdelphij# define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) 71855714Skris 719296465Sdelphij# define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version) 720296465Sdelphij# define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) 721296465Sdelphij# define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) 722296465Sdelphij# define X509_CRL_get_issuer(x) ((x)->crl->issuer) 723296465Sdelphij# define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) 72455714Skris 725296465Sdelphij/* 726296465Sdelphij * This one is only used so that a binary form can output, as in 727296465Sdelphij * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) 728296465Sdelphij */ 729296465Sdelphij# define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) 73055714Skris 73155714Skrisconst char *X509_verify_cert_error_string(long n); 73255714Skris 733296465Sdelphij# ifndef SSLEAY_MACROS 734296465Sdelphij# ifndef OPENSSL_NO_EVP 73555714Skrisint X509_verify(X509 *a, EVP_PKEY *r); 73655714Skris 73755714Skrisint X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); 73855714Skrisint X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); 73955714Skrisint NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); 74055714Skris 741296465SdelphijNETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len); 742296465Sdelphijchar *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); 74359191SkrisEVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); 74459191Skrisint NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); 74559191Skris 74659191Skrisint NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); 74759191Skris 748296465Sdelphijint X509_signature_print(BIO *bp, X509_ALGOR *alg, ASN1_STRING *sig); 749109998Smarkm 75055714Skrisint X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 75155714Skrisint X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); 75255714Skrisint X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); 75355714Skrisint NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); 75455714Skris 755296465Sdelphijint X509_pubkey_digest(const X509 *data, const EVP_MD *type, 756296465Sdelphij unsigned char *md, unsigned int *len); 757296465Sdelphijint X509_digest(const X509 *data, const EVP_MD *type, 758296465Sdelphij unsigned char *md, unsigned int *len); 759296465Sdelphijint X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, 760296465Sdelphij unsigned char *md, unsigned int *len); 761296465Sdelphijint X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, 762296465Sdelphij unsigned char *md, unsigned int *len); 763296465Sdelphijint X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, 764296465Sdelphij unsigned char *md, unsigned int *len); 765296465Sdelphij# endif 76655714Skris 767296465Sdelphij# ifndef OPENSSL_NO_FP_API 76855714SkrisX509 *d2i_X509_fp(FILE *fp, X509 **x509); 769296465Sdelphijint i2d_X509_fp(FILE *fp, X509 *x509); 770296465SdelphijX509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl); 771296465Sdelphijint i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl); 772296465SdelphijX509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req); 773296465Sdelphijint i2d_X509_REQ_fp(FILE *fp, X509_REQ *req); 774296465Sdelphij# ifndef OPENSSL_NO_RSA 775296465SdelphijRSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa); 776296465Sdelphijint i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa); 777296465SdelphijRSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa); 778296465Sdelphijint i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa); 779296465SdelphijRSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa); 780296465Sdelphijint i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa); 781296465Sdelphij# endif 782296465Sdelphij# ifndef OPENSSL_NO_DSA 78359191SkrisDSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); 78459191Skrisint i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); 78555714SkrisDSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); 78655714Skrisint i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); 787296465Sdelphij# endif 788296465Sdelphij# ifndef OPENSSL_NO_EC 789160814SsimonEC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); 790296465Sdelphijint i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); 791160814SsimonEC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); 792296465Sdelphijint i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); 793296465Sdelphij# endif 794296465SdelphijX509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8); 795296465Sdelphijint i2d_PKCS8_fp(FILE *fp, X509_SIG *p8); 79655714SkrisPKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 797296465Sdelphij PKCS8_PRIV_KEY_INFO **p8inf); 798296465Sdelphijint i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf); 79959191Skrisint i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); 80059191Skrisint i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); 80159191SkrisEVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); 80268651Skrisint i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); 80368651SkrisEVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); 804296465Sdelphij# endif 80555714Skris 806296465Sdelphij# ifndef OPENSSL_NO_BIO 807296465SdelphijX509 *d2i_X509_bio(BIO *bp, X509 **x509); 808296465Sdelphijint i2d_X509_bio(BIO *bp, X509 *x509); 809296465SdelphijX509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl); 810296465Sdelphijint i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl); 811296465SdelphijX509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req); 812296465Sdelphijint i2d_X509_REQ_bio(BIO *bp, X509_REQ *req); 813296465Sdelphij# ifndef OPENSSL_NO_RSA 814296465SdelphijRSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa); 815296465Sdelphijint i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa); 816296465SdelphijRSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa); 817296465Sdelphijint i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa); 818296465SdelphijRSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa); 819296465Sdelphijint i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa); 820296465Sdelphij# endif 821296465Sdelphij# ifndef OPENSSL_NO_DSA 82259191SkrisDSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); 82359191Skrisint i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); 82455714SkrisDSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); 82555714Skrisint i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); 826296465Sdelphij# endif 827296465Sdelphij# ifndef OPENSSL_NO_EC 828160814SsimonEC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); 829296465Sdelphijint i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); 830160814SsimonEC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); 831296465Sdelphijint i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); 832296465Sdelphij# endif 833296465SdelphijX509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8); 834296465Sdelphijint i2d_PKCS8_bio(BIO *bp, X509_SIG *p8); 83555714SkrisPKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 836296465Sdelphij PKCS8_PRIV_KEY_INFO **p8inf); 837296465Sdelphijint i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf); 83859191Skrisint i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); 83959191Skrisint i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); 84059191SkrisEVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); 84168651Skrisint i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); 84268651SkrisEVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); 843296465Sdelphij# endif 84455714Skris 84555714SkrisX509 *X509_dup(X509 *x509); 84655714SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); 84755714SkrisX509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); 84855714SkrisX509_CRL *X509_CRL_dup(X509_CRL *crl); 84955714SkrisX509_REQ *X509_REQ_dup(X509_REQ *req); 85055714SkrisX509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); 851296465Sdelphijint X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, 852296465Sdelphij void *pval); 853194206Ssimonvoid X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, 854296465Sdelphij X509_ALGOR *algor); 855277195Sdelphijint X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); 856194206Ssimon 85755714SkrisX509_NAME *X509_NAME_dup(X509_NAME *xn); 85855714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); 85955714Skris 860296465Sdelphij# endif /* !SSLEAY_MACROS */ 86155714Skris 862296465Sdelphijint X509_cmp_time(ASN1_TIME *s, time_t *t); 863296465Sdelphijint X509_cmp_current_time(ASN1_TIME *s); 864296465SdelphijASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t); 865296465SdelphijASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj); 86655714Skris 867296465Sdelphijconst char *X509_get_default_cert_area(void); 868296465Sdelphijconst char *X509_get_default_cert_dir(void); 869296465Sdelphijconst char *X509_get_default_cert_file(void); 870296465Sdelphijconst char *X509_get_default_cert_dir_env(void); 871296465Sdelphijconst char *X509_get_default_cert_file_env(void); 872296465Sdelphijconst char *X509_get_default_private_dir(void); 87355714Skris 874296465SdelphijX509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 875296465SdelphijX509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey); 87655714Skris 877109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_ALGOR) 878194206SsimonDECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS) 879109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_VAL) 88055714Skris 881109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_PUBKEY) 88255714Skris 883296465Sdelphijint X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); 884296465SdelphijEVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key); 885296465Sdelphijint X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain); 886296465Sdelphijint i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp); 887296465SdelphijEVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length); 888296465Sdelphij# ifndef OPENSSL_NO_RSA 889296465Sdelphijint i2d_RSA_PUBKEY(RSA *a, unsigned char **pp); 890296465SdelphijRSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length); 891296465Sdelphij# endif 892296465Sdelphij# ifndef OPENSSL_NO_DSA 893296465Sdelphijint i2d_DSA_PUBKEY(DSA *a, unsigned char **pp); 894296465SdelphijDSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length); 895296465Sdelphij# endif 896296465Sdelphij# ifndef OPENSSL_NO_EC 897296465Sdelphijint i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); 898296465SdelphijEC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length); 899296465Sdelphij# endif 90055714Skris 901109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_SIG) 902109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_REQ_INFO) 903109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_REQ) 90455714Skris 905109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) 90655714SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); 90755714Skris 908109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_EXTENSION) 909194206SsimonDECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) 91055714Skris 911109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) 91255714Skris 913109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_NAME) 91455714Skris 915296465Sdelphijint X509_NAME_set(X509_NAME **xn, X509_NAME *name); 91655714Skris 917109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_CINF) 91855714Skris 919109998SmarkmDECLARE_ASN1_FUNCTIONS(X509) 920109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) 92155714Skris 922160814SsimonDECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR) 923160814Ssimon 92459191Skrisint X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 925296465Sdelphij CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 92659191Skrisint X509_set_ex_data(X509 *r, int idx, void *arg); 92759191Skrisvoid *X509_get_ex_data(X509 *r, int idx); 928296465Sdelphijint i2d_X509_AUX(X509 *a, unsigned char **pp); 929296465SdelphijX509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length); 93055714Skris 93159191Skrisint X509_alias_set1(X509 *x, unsigned char *name, int len); 93268651Skrisint X509_keyid_set1(X509 *x, unsigned char *id, int len); 933296465Sdelphijunsigned char *X509_alias_get0(X509 *x, int *len); 934296465Sdelphijunsigned char *X509_keyid_get0(X509 *x, int *len); 935296465Sdelphijint (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, 936296465Sdelphij int); 937109998Smarkmint X509_TRUST_set(int *t, int trust); 93859191Skrisint X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); 93959191Skrisint X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); 94059191Skrisvoid X509_trust_clear(X509 *x); 94159191Skrisvoid X509_reject_clear(X509 *x); 94259191Skris 943109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_REVOKED) 944109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_CRL_INFO) 945109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_CRL) 94655714Skris 947109998Smarkmint X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); 94855714Skris 949296465SdelphijX509_PKEY *X509_PKEY_new(void); 950296465Sdelphijvoid X509_PKEY_free(X509_PKEY *a); 951296465Sdelphijint i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp); 952296465SdelphijX509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, 953296465Sdelphij long length); 95455714Skris 955109998SmarkmDECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) 956109998SmarkmDECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) 957109998SmarkmDECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE) 95855714Skris 959296465Sdelphij# ifndef OPENSSL_NO_EVP 960296465SdelphijX509_INFO *X509_INFO_new(void); 961296465Sdelphijvoid X509_INFO_free(X509_INFO *a); 962296465Sdelphijchar *X509_NAME_oneline(X509_NAME *a, char *buf, int size); 96355714Skris 964160814Ssimonint ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1, 965296465Sdelphij ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey); 96655714Skris 967296465Sdelphijint ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, 968296465Sdelphij unsigned char *md, unsigned int *len); 96955714Skris 970160814Ssimonint ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, 971296465Sdelphij X509_ALGOR *algor2, ASN1_BIT_STRING *signature, 972296465Sdelphij char *data, EVP_PKEY *pkey, const EVP_MD *type); 973109998Smarkm 974296465Sdelphijint ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data, 975296465Sdelphij unsigned char *md, unsigned int *len); 976109998Smarkm 977109998Smarkmint ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1, 978296465Sdelphij ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey); 979109998Smarkm 980296465Sdelphijint ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, 981296465Sdelphij X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data, 982296465Sdelphij EVP_PKEY *pkey, const EVP_MD *type); 983296465Sdelphij# endif 98455714Skris 985296465Sdelphijint X509_set_version(X509 *x, long version); 986296465Sdelphijint X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); 987296465SdelphijASN1_INTEGER *X509_get_serialNumber(X509 *x); 988296465Sdelphijint X509_set_issuer_name(X509 *x, X509_NAME *name); 989296465SdelphijX509_NAME *X509_get_issuer_name(X509 *a); 990296465Sdelphijint X509_set_subject_name(X509 *x, X509_NAME *name); 991296465SdelphijX509_NAME *X509_get_subject_name(X509 *a); 992296465Sdelphijint X509_set_notBefore(X509 *x, ASN1_TIME *tm); 993296465Sdelphijint X509_set_notAfter(X509 *x, ASN1_TIME *tm); 994296465Sdelphijint X509_set_pubkey(X509 *x, EVP_PKEY *pkey); 995296465SdelphijEVP_PKEY *X509_get_pubkey(X509 *x); 996296465SdelphijASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x); 997296465Sdelphijint X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ ); 99855714Skris 999296465Sdelphijint X509_REQ_set_version(X509_REQ *x, long version); 1000296465Sdelphijint X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name); 1001296465Sdelphijint X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); 1002296465SdelphijEVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req); 1003296465Sdelphijint X509_REQ_extension_nid(int nid); 1004296465Sdelphijint *X509_REQ_get_extension_nids(void); 1005296465Sdelphijvoid X509_REQ_set_extension_nids(int *nids); 100659191SkrisSTACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); 100759191Skrisint X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, 1008296465Sdelphij int nid); 100959191Skrisint X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); 101059191Skrisint X509_REQ_get_attr_count(const X509_REQ *req); 1011296465Sdelphijint X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos); 101259191Skrisint X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, 1013296465Sdelphij int lastpos); 101459191SkrisX509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); 101559191SkrisX509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); 101659191Skrisint X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); 101759191Skrisint X509_REQ_add1_attr_by_OBJ(X509_REQ *req, 1018296465Sdelphij const ASN1_OBJECT *obj, int type, 1019296465Sdelphij const unsigned char *bytes, int len); 102059191Skrisint X509_REQ_add1_attr_by_NID(X509_REQ *req, 1021296465Sdelphij int nid, int type, 1022296465Sdelphij const unsigned char *bytes, int len); 102359191Skrisint X509_REQ_add1_attr_by_txt(X509_REQ *req, 1024296465Sdelphij const char *attrname, int type, 1025296465Sdelphij const unsigned char *bytes, int len); 102655714Skris 1027109998Smarkmint X509_CRL_set_version(X509_CRL *x, long version); 1028109998Smarkmint X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); 1029109998Smarkmint X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm); 1030109998Smarkmint X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm); 1031109998Smarkmint X509_CRL_sort(X509_CRL *crl); 1032109998Smarkm 1033109998Smarkmint X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); 1034109998Smarkmint X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); 1035109998Smarkm 1036296465Sdelphijint X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey); 1037160814Ssimon 1038296465Sdelphijint X509_check_private_key(X509 *x509, EVP_PKEY *pkey); 103955714Skris 1040296465Sdelphijint X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); 1041296465Sdelphijunsigned long X509_issuer_and_serial_hash(X509 *a); 104255714Skris 1043296465Sdelphijint X509_issuer_name_cmp(const X509 *a, const X509 *b); 1044296465Sdelphijunsigned long X509_issuer_name_hash(X509 *a); 104555714Skris 1046296465Sdelphijint X509_subject_name_cmp(const X509 *a, const X509 *b); 1047296465Sdelphijunsigned long X509_subject_name_hash(X509 *x); 104855714Skris 1049296465Sdelphijint X509_cmp(const X509 *a, const X509 *b); 1050296465Sdelphijint X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); 1051296465Sdelphijunsigned long X509_NAME_hash(X509_NAME *x); 105255714Skris 1053296465Sdelphijint X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); 1054296465Sdelphij# ifndef OPENSSL_NO_FP_API 1055296465Sdelphijint X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag, 1056296465Sdelphij unsigned long cflag); 1057296465Sdelphijint X509_print_fp(FILE *bp, X509 *x); 1058296465Sdelphijint X509_CRL_print_fp(FILE *bp, X509_CRL *x); 1059296465Sdelphijint X509_REQ_print_fp(FILE *bp, X509_REQ *req); 1060296465Sdelphijint X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, 1061296465Sdelphij unsigned long flags); 1062296465Sdelphij# endif 106355714Skris 1064296465Sdelphij# ifndef OPENSSL_NO_BIO 1065296465Sdelphijint X509_NAME_print(BIO *bp, X509_NAME *name, int obase); 1066296465Sdelphijint X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, 1067296465Sdelphij unsigned long flags); 1068296465Sdelphijint X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag, 1069296465Sdelphij unsigned long cflag); 1070296465Sdelphijint X509_print(BIO *bp, X509 *x); 1071296465Sdelphijint X509_ocspid_print(BIO *bp, X509 *x); 1072296465Sdelphijint X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent); 1073296465Sdelphijint X509_CRL_print(BIO *bp, X509_CRL *x); 1074296465Sdelphijint X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, 1075296465Sdelphij unsigned long cflag); 1076296465Sdelphijint X509_REQ_print(BIO *bp, X509_REQ *req); 1077296465Sdelphij# endif 107855714Skris 1079296465Sdelphijint X509_NAME_entry_count(X509_NAME *name); 1080296465Sdelphijint X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len); 1081296465Sdelphijint X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, 1082296465Sdelphij char *buf, int len); 108355714Skris 1084296465Sdelphij/* 1085296465Sdelphij * NOTE: you should be passsing -1, not 0 as lastpos. The functions that use 1086296465Sdelphij * lastpos, search after that position on. 1087296465Sdelphij */ 1088296465Sdelphijint X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos); 1089296465Sdelphijint X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, 1090296465Sdelphij int lastpos); 109155714SkrisX509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); 109255714SkrisX509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); 1093296465Sdelphijint X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, 1094296465Sdelphij int loc, int set); 109559191Skrisint X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, 1096296465Sdelphij unsigned char *bytes, int len, int loc, 1097296465Sdelphij int set); 109859191Skrisint X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, 1099296465Sdelphij unsigned char *bytes, int len, int loc, 1100296465Sdelphij int set); 110159191SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, 1102296465Sdelphij const char *field, int type, 1103296465Sdelphij const unsigned char *bytes, 1104296465Sdelphij int len); 110555714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, 1106296465Sdelphij int type, unsigned char *bytes, 1107296465Sdelphij int len); 1108160814Ssimonint X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, 1109296465Sdelphij const unsigned char *bytes, int len, int loc, 1110296465Sdelphij int set); 111155714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, 1112296465Sdelphij ASN1_OBJECT *obj, int type, 1113296465Sdelphij const unsigned char *bytes, 1114296465Sdelphij int len); 1115296465Sdelphijint X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj); 1116296465Sdelphijint X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, 1117296465Sdelphij const unsigned char *bytes, int len); 1118296465SdelphijASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); 1119296465SdelphijASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); 112055714Skris 1121296465Sdelphijint X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); 1122296465Sdelphijint X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, 1123296465Sdelphij int nid, int lastpos); 1124296465Sdelphijint X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, 1125296465Sdelphij ASN1_OBJECT *obj, int lastpos); 1126296465Sdelphijint X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, 1127296465Sdelphij int crit, int lastpos); 112855714SkrisX509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); 112955714SkrisX509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); 113055714SkrisSTACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, 1131296465Sdelphij X509_EXTENSION *ex, int loc); 113255714Skris 1133296465Sdelphijint X509_get_ext_count(X509 *x); 1134296465Sdelphijint X509_get_ext_by_NID(X509 *x, int nid, int lastpos); 1135296465Sdelphijint X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos); 1136296465Sdelphijint X509_get_ext_by_critical(X509 *x, int crit, int lastpos); 113755714SkrisX509_EXTENSION *X509_get_ext(X509 *x, int loc); 113855714SkrisX509_EXTENSION *X509_delete_ext(X509 *x, int loc); 1139296465Sdelphijint X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); 1140296465Sdelphijvoid *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); 1141296465Sdelphijint X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, 1142296465Sdelphij unsigned long flags); 114355714Skris 1144296465Sdelphijint X509_CRL_get_ext_count(X509_CRL *x); 1145296465Sdelphijint X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); 1146296465Sdelphijint X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos); 1147296465Sdelphijint X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos); 114855714SkrisX509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc); 114955714SkrisX509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); 1150296465Sdelphijint X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); 1151296465Sdelphijvoid *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx); 1152296465Sdelphijint X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit, 1153296465Sdelphij unsigned long flags); 115455714Skris 1155296465Sdelphijint X509_REVOKED_get_ext_count(X509_REVOKED *x); 1156296465Sdelphijint X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos); 1157296465Sdelphijint X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj, 1158296465Sdelphij int lastpos); 1159296465Sdelphijint X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos); 116055714SkrisX509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc); 116155714SkrisX509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); 1162296465Sdelphijint X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); 1163296465Sdelphijvoid *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx); 1164296465Sdelphijint X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit, 1165296465Sdelphij unsigned long flags); 116655714Skris 116755714SkrisX509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, 1168296465Sdelphij int nid, int crit, 1169296465Sdelphij ASN1_OCTET_STRING *data); 117055714SkrisX509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, 1171296465Sdelphij ASN1_OBJECT *obj, int crit, 1172296465Sdelphij ASN1_OCTET_STRING *data); 1173296465Sdelphijint X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj); 1174296465Sdelphijint X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); 1175296465Sdelphijint X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data); 1176296465SdelphijASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex); 117755714SkrisASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); 1178296465Sdelphijint X509_EXTENSION_get_critical(X509_EXTENSION *ex); 117955714Skris 118059191Skrisint X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); 118159191Skrisint X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, 1182296465Sdelphij int lastpos); 1183296465Sdelphijint X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, 1184296465Sdelphij ASN1_OBJECT *obj, int lastpos); 118559191SkrisX509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); 118659191SkrisX509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); 118759191SkrisSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, 1188296465Sdelphij X509_ATTRIBUTE *attr); 1189296465SdelphijSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) 1190296465Sdelphij **x, const ASN1_OBJECT *obj, 1191296465Sdelphij int type, 1192296465Sdelphij const unsigned char *bytes, 1193296465Sdelphij int len); 1194296465SdelphijSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) 1195296465Sdelphij **x, int nid, int type, 1196296465Sdelphij const unsigned char *bytes, 1197296465Sdelphij int len); 1198296465SdelphijSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) 1199296465Sdelphij **x, const char *attrname, 1200296465Sdelphij int type, 1201296465Sdelphij const unsigned char *bytes, 1202296465Sdelphij int len); 1203296465Sdelphijvoid *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj, 1204296465Sdelphij int lastpos, int type); 120559191SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, 1206296465Sdelphij int atrtype, const void *data, 1207296465Sdelphij int len); 120859191SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, 1209296465Sdelphij const ASN1_OBJECT *obj, 1210296465Sdelphij int atrtype, const void *data, 1211296465Sdelphij int len); 121259191SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, 1213296465Sdelphij const char *atrname, int type, 1214296465Sdelphij const unsigned char *bytes, 1215296465Sdelphij int len); 1216109998Smarkmint X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); 1217296465Sdelphijint X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, 1218296465Sdelphij const void *data, int len); 1219296465Sdelphijvoid *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, 1220296465Sdelphij void *data); 122159191Skrisint X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); 122259191SkrisASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); 122359191SkrisASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); 122459191Skris 1225160814Ssimonint EVP_PKEY_get_attr_count(const EVP_PKEY *key); 1226296465Sdelphijint EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos); 1227160814Ssimonint EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, 1228296465Sdelphij int lastpos); 1229160814SsimonX509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc); 1230160814SsimonX509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc); 1231160814Ssimonint EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr); 1232160814Ssimonint EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, 1233296465Sdelphij const ASN1_OBJECT *obj, int type, 1234296465Sdelphij const unsigned char *bytes, int len); 1235160814Ssimonint EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, 1236296465Sdelphij int nid, int type, 1237296465Sdelphij const unsigned char *bytes, int len); 1238160814Ssimonint EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, 1239296465Sdelphij const char *attrname, int type, 1240296465Sdelphij const unsigned char *bytes, int len); 1241160814Ssimon 1242296465Sdelphijint X509_verify_cert(X509_STORE_CTX *ctx); 124355714Skris 124455714Skris/* lookup a cert from a X509 STACK */ 1245296465SdelphijX509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, 1246296465Sdelphij ASN1_INTEGER *serial); 1247296465SdelphijX509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name); 124855714Skris 1249109998SmarkmDECLARE_ASN1_FUNCTIONS(PBEPARAM) 1250109998SmarkmDECLARE_ASN1_FUNCTIONS(PBE2PARAM) 1251109998SmarkmDECLARE_ASN1_FUNCTIONS(PBKDF2PARAM) 1252109998Smarkm 1253296465SdelphijX509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, 1254296465Sdelphij int saltlen); 125555714SkrisX509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, 1256296465Sdelphij unsigned char *salt, int saltlen); 125755714Skris 125855714Skris/* PKCS#8 utilities */ 125955714Skris 1260109998SmarkmDECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) 126155714Skris 126255714SkrisEVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); 126355714SkrisPKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); 126459191SkrisPKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken); 126555714SkrisPKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); 126655714Skris 126759191Skrisint X509_check_trust(X509 *x, int id, int flags); 126859191Skrisint X509_TRUST_get_count(void); 1269296465SdelphijX509_TRUST *X509_TRUST_get0(int idx); 127059191Skrisint X509_TRUST_get_by_id(int id); 1271296465Sdelphijint X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), 1272296465Sdelphij char *name, int arg1, void *arg2); 127359191Skrisvoid X509_TRUST_cleanup(void); 127459191Skrisint X509_TRUST_get_flags(X509_TRUST *xp); 127559191Skrischar *X509_TRUST_get0_name(X509_TRUST *xp); 127659191Skrisint X509_TRUST_get_trust(X509_TRUST *xp); 127759191Skris 127855714Skris/* BEGIN ERROR CODES */ 1279296465Sdelphij/* 1280296465Sdelphij * The following lines are auto generated by the script mkerr.pl. Any changes 128155714Skris * made after this point may be overwritten when the script is next run. 128255714Skris */ 128389837Skrisvoid ERR_load_X509_strings(void); 128455714Skris 128555714Skris/* Error codes for the X509 functions. */ 128655714Skris 128755714Skris/* Function codes. */ 1288296465Sdelphij# define X509_F_ADD_CERT_DIR 100 1289296465Sdelphij# define X509_F_BY_FILE_CTRL 101 1290296465Sdelphij# define X509_F_CHECK_POLICY 145 1291296465Sdelphij# define X509_F_DIR_CTRL 102 1292296465Sdelphij# define X509_F_GET_CERT_BY_SUBJECT 103 1293296465Sdelphij# define X509_F_NETSCAPE_SPKI_B64_DECODE 129 1294296465Sdelphij# define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 1295296465Sdelphij# define X509_F_X509AT_ADD1_ATTR 135 1296296465Sdelphij# define X509_F_X509V3_ADD_EXT 104 1297296465Sdelphij# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 1298296465Sdelphij# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 1299296465Sdelphij# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 1300296465Sdelphij# define X509_F_X509_ATTRIBUTE_GET0_DATA 139 1301296465Sdelphij# define X509_F_X509_ATTRIBUTE_SET1_DATA 138 1302296465Sdelphij# define X509_F_X509_CHECK_PRIVATE_KEY 128 1303296465Sdelphij# define X509_F_X509_CRL_PRINT_FP 147 1304296465Sdelphij# define X509_F_X509_EXTENSION_CREATE_BY_NID 108 1305296465Sdelphij# define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 1306296465Sdelphij# define X509_F_X509_GET_PUBKEY_PARAMETERS 110 1307296465Sdelphij# define X509_F_X509_LOAD_CERT_CRL_FILE 132 1308296465Sdelphij# define X509_F_X509_LOAD_CERT_FILE 111 1309296465Sdelphij# define X509_F_X509_LOAD_CRL_FILE 112 1310296465Sdelphij# define X509_F_X509_NAME_ADD_ENTRY 113 1311296465Sdelphij# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 1312296465Sdelphij# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131 1313296465Sdelphij# define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 1314296465Sdelphij# define X509_F_X509_NAME_ONELINE 116 1315296465Sdelphij# define X509_F_X509_NAME_PRINT 117 1316296465Sdelphij# define X509_F_X509_PRINT_EX_FP 118 1317296465Sdelphij# define X509_F_X509_PUBKEY_GET 119 1318296465Sdelphij# define X509_F_X509_PUBKEY_SET 120 1319296465Sdelphij# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144 1320296465Sdelphij# define X509_F_X509_REQ_PRINT_EX 121 1321296465Sdelphij# define X509_F_X509_REQ_PRINT_FP 122 1322296465Sdelphij# define X509_F_X509_REQ_TO_X509 123 1323296465Sdelphij# define X509_F_X509_STORE_ADD_CERT 124 1324296465Sdelphij# define X509_F_X509_STORE_ADD_CRL 125 1325296465Sdelphij# define X509_F_X509_STORE_CTX_GET1_ISSUER 146 1326296465Sdelphij# define X509_F_X509_STORE_CTX_INIT 143 1327296465Sdelphij# define X509_F_X509_STORE_CTX_NEW 142 1328296465Sdelphij# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 1329296465Sdelphij# define X509_F_X509_TO_X509_REQ 126 1330296465Sdelphij# define X509_F_X509_TRUST_ADD 133 1331296465Sdelphij# define X509_F_X509_TRUST_SET 141 1332296465Sdelphij# define X509_F_X509_VERIFY_CERT 127 133355714Skris 133455714Skris/* Reason codes. */ 1335296465Sdelphij# define X509_R_BAD_X509_FILETYPE 100 1336296465Sdelphij# define X509_R_BASE64_DECODE_ERROR 118 1337296465Sdelphij# define X509_R_CANT_CHECK_DH_KEY 114 1338296465Sdelphij# define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 1339296465Sdelphij# define X509_R_ERR_ASN1_LIB 102 1340296465Sdelphij# define X509_R_INVALID_DIRECTORY 113 1341296465Sdelphij# define X509_R_INVALID_FIELD_NAME 119 1342296465Sdelphij# define X509_R_INVALID_TRUST 123 1343296465Sdelphij# define X509_R_KEY_TYPE_MISMATCH 115 1344296465Sdelphij# define X509_R_KEY_VALUES_MISMATCH 116 1345296465Sdelphij# define X509_R_LOADING_CERT_DIR 103 1346296465Sdelphij# define X509_R_LOADING_DEFAULTS 104 1347296465Sdelphij# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 1348296465Sdelphij# define X509_R_SHOULD_RETRY 106 1349296465Sdelphij# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 1350296465Sdelphij# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 1351296465Sdelphij# define X509_R_UNKNOWN_KEY_TYPE 117 1352296465Sdelphij# define X509_R_UNKNOWN_NID 109 1353296465Sdelphij# define X509_R_UNKNOWN_PURPOSE_ID 121 1354296465Sdelphij# define X509_R_UNKNOWN_TRUST_ID 120 1355296465Sdelphij# define X509_R_UNSUPPORTED_ALGORITHM 111 1356296465Sdelphij# define X509_R_WRONG_LOOKUP_TYPE 112 1357296465Sdelphij# define X509_R_WRONG_TYPE 122 135855714Skris 135955714Skris#ifdef __cplusplus 136055714Skris} 136155714Skris#endif 136255714Skris#endif 1363