x509.h revision 160814
155714Skris/* crypto/x509/x509.h */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 855714Skris * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1555714Skris * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 2255714Skris * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4055714Skris * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 5255714Skris * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 58160814Ssimon/* ==================================================================== 59160814Ssimon * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 60160814Ssimon * ECDH support in OpenSSL originally developed by 61160814Ssimon * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 62160814Ssimon */ 6355714Skris 6455714Skris#ifndef HEADER_X509_H 6555714Skris#define HEADER_X509_H 6655714Skris 67160814Ssimon#include <openssl/e_os2.h> 6868651Skris#include <openssl/symhacks.h> 69109998Smarkm#ifndef OPENSSL_NO_BUFFER 7068651Skris#include <openssl/buffer.h> 7155714Skris#endif 72109998Smarkm#ifndef OPENSSL_NO_EVP 7368651Skris#include <openssl/evp.h> 7455714Skris#endif 75109998Smarkm#ifndef OPENSSL_NO_BIO 7668651Skris#include <openssl/bio.h> 7768651Skris#endif 7855714Skris#include <openssl/stack.h> 7955714Skris#include <openssl/asn1.h> 8055714Skris#include <openssl/safestack.h> 8155714Skris 82160814Ssimon#ifndef OPENSSL_NO_EC 83160814Ssimon#include <openssl/ec.h> 84160814Ssimon#endif 85160814Ssimon 86160814Ssimon#ifndef OPENSSL_NO_ECDSA 87160814Ssimon#include <openssl/ecdsa.h> 88160814Ssimon#endif 89160814Ssimon 90160814Ssimon#ifndef OPENSSL_NO_ECDH 91160814Ssimon#include <openssl/ecdh.h> 92160814Ssimon#endif 93160814Ssimon 94160814Ssimon#ifndef OPENSSL_NO_DEPRECATED 95109998Smarkm#ifndef OPENSSL_NO_RSA 9655714Skris#include <openssl/rsa.h> 9755714Skris#endif 98109998Smarkm#ifndef OPENSSL_NO_DSA 9955714Skris#include <openssl/dsa.h> 10055714Skris#endif 101109998Smarkm#ifndef OPENSSL_NO_DH 10255714Skris#include <openssl/dh.h> 10355714Skris#endif 104160814Ssimon#endif 105160814Ssimon 106109998Smarkm#ifndef OPENSSL_NO_SHA 107109998Smarkm#include <openssl/sha.h> 108109998Smarkm#endif 109109998Smarkm#include <openssl/ossl_typ.h> 11055714Skris 11168651Skris#ifdef __cplusplus 11268651Skrisextern "C" { 11368651Skris#endif 11468651Skris 115109998Smarkm#ifdef OPENSSL_SYS_WIN32 116160814Ssimon/* Under Win32 these are defined in wincrypt.h */ 11755714Skris#undef X509_NAME 118160814Ssimon#undef X509_CERT_PAIR 11955714Skris#endif 12055714Skris 12155714Skris#define X509_FILETYPE_PEM 1 12255714Skris#define X509_FILETYPE_ASN1 2 12355714Skris#define X509_FILETYPE_DEFAULT 3 12455714Skris 12555714Skris#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 12655714Skris#define X509v3_KU_NON_REPUDIATION 0x0040 12755714Skris#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 12855714Skris#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 12955714Skris#define X509v3_KU_KEY_AGREEMENT 0x0008 13055714Skris#define X509v3_KU_KEY_CERT_SIGN 0x0004 13155714Skris#define X509v3_KU_CRL_SIGN 0x0002 13255714Skris#define X509v3_KU_ENCIPHER_ONLY 0x0001 13355714Skris#define X509v3_KU_DECIPHER_ONLY 0x8000 13455714Skris#define X509v3_KU_UNDEF 0xffff 13555714Skris 13655714Skristypedef struct X509_objects_st 13755714Skris { 13855714Skris int nid; 139160814Ssimon int (*a2i)(void); 140160814Ssimon int (*i2a)(void); 14155714Skris } X509_OBJECTS; 14255714Skris 143109998Smarkmstruct X509_algor_st 14455714Skris { 14555714Skris ASN1_OBJECT *algorithm; 14655714Skris ASN1_TYPE *parameter; 147109998Smarkm } /* X509_ALGOR */; 14855714Skris 14955714SkrisDECLARE_STACK_OF(X509_ALGOR) 15055714SkrisDECLARE_ASN1_SET_OF(X509_ALGOR) 15155714Skris 15255714Skristypedef struct X509_val_st 15355714Skris { 15468651Skris ASN1_TIME *notBefore; 15568651Skris ASN1_TIME *notAfter; 15655714Skris } X509_VAL; 15755714Skris 15855714Skristypedef struct X509_pubkey_st 15955714Skris { 16055714Skris X509_ALGOR *algor; 16155714Skris ASN1_BIT_STRING *public_key; 16255714Skris EVP_PKEY *pkey; 16355714Skris } X509_PUBKEY; 16455714Skris 16555714Skristypedef struct X509_sig_st 16655714Skris { 16755714Skris X509_ALGOR *algor; 16855714Skris ASN1_OCTET_STRING *digest; 16955714Skris } X509_SIG; 17055714Skris 17155714Skristypedef struct X509_name_entry_st 17255714Skris { 17355714Skris ASN1_OBJECT *object; 17455714Skris ASN1_STRING *value; 17555714Skris int set; 17655714Skris int size; /* temp variable */ 17755714Skris } X509_NAME_ENTRY; 17855714Skris 17955714SkrisDECLARE_STACK_OF(X509_NAME_ENTRY) 18055714SkrisDECLARE_ASN1_SET_OF(X509_NAME_ENTRY) 18155714Skris 18255714Skris/* we always keep X509_NAMEs in 2 forms. */ 183109998Smarkmstruct X509_name_st 18455714Skris { 18555714Skris STACK_OF(X509_NAME_ENTRY) *entries; 18655714Skris int modified; /* true if 'bytes' needs to be built */ 187109998Smarkm#ifndef OPENSSL_NO_BUFFER 18855714Skris BUF_MEM *bytes; 18955714Skris#else 19055714Skris char *bytes; 19155714Skris#endif 19255714Skris unsigned long hash; /* Keep the hash around for lookups */ 193109998Smarkm } /* X509_NAME */; 19455714Skris 19555714SkrisDECLARE_STACK_OF(X509_NAME) 19655714Skris 19755714Skris#define X509_EX_V_NETSCAPE_HACK 0x8000 19855714Skris#define X509_EX_V_INIT 0x0001 19955714Skristypedef struct X509_extension_st 20055714Skris { 20155714Skris ASN1_OBJECT *object; 202109998Smarkm ASN1_BOOLEAN critical; 20355714Skris ASN1_OCTET_STRING *value; 20455714Skris } X509_EXTENSION; 20555714Skris 20655714SkrisDECLARE_STACK_OF(X509_EXTENSION) 20755714SkrisDECLARE_ASN1_SET_OF(X509_EXTENSION) 20855714Skris 20955714Skris/* a sequence of these are used */ 21055714Skristypedef struct x509_attributes_st 21155714Skris { 21255714Skris ASN1_OBJECT *object; 213109998Smarkm int single; /* 0 for a set, 1 for a single item (which is wrong) */ 21455714Skris union { 21555714Skris char *ptr; 216109998Smarkm/* 0 */ STACK_OF(ASN1_TYPE) *set; 217109998Smarkm/* 1 */ ASN1_TYPE *single; 21855714Skris } value; 21955714Skris } X509_ATTRIBUTE; 22055714Skris 22155714SkrisDECLARE_STACK_OF(X509_ATTRIBUTE) 22255714SkrisDECLARE_ASN1_SET_OF(X509_ATTRIBUTE) 22355714Skris 224109998Smarkm 22555714Skristypedef struct X509_req_info_st 22655714Skris { 227109998Smarkm ASN1_ENCODING enc; 22855714Skris ASN1_INTEGER *version; 22955714Skris X509_NAME *subject; 23055714Skris X509_PUBKEY *pubkey; 23155714Skris /* d=2 hl=2 l= 0 cons: cont: 00 */ 23255714Skris STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ 23355714Skris } X509_REQ_INFO; 23455714Skris 23555714Skristypedef struct X509_req_st 23655714Skris { 23755714Skris X509_REQ_INFO *req_info; 23855714Skris X509_ALGOR *sig_alg; 23955714Skris ASN1_BIT_STRING *signature; 24055714Skris int references; 24155714Skris } X509_REQ; 24255714Skris 24355714Skristypedef struct x509_cinf_st 24455714Skris { 24555714Skris ASN1_INTEGER *version; /* [ 0 ] default of v1 */ 24655714Skris ASN1_INTEGER *serialNumber; 24755714Skris X509_ALGOR *signature; 24855714Skris X509_NAME *issuer; 24955714Skris X509_VAL *validity; 25055714Skris X509_NAME *subject; 25155714Skris X509_PUBKEY *key; 25255714Skris ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ 25355714Skris ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ 25455714Skris STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ 25555714Skris } X509_CINF; 25655714Skris 25759191Skris/* This stuff is certificate "auxiliary info" 25859191Skris * it contains details which are useful in certificate 25959191Skris * stores and databases. When used this is tagged onto 26059191Skris * the end of the certificate itself 26159191Skris */ 26259191Skris 26359191Skristypedef struct x509_cert_aux_st 26459191Skris { 26559191Skris STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ 26659191Skris STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ 26759191Skris ASN1_UTF8STRING *alias; /* "friendly name" */ 26859191Skris ASN1_OCTET_STRING *keyid; /* key id of private key */ 26959191Skris STACK_OF(X509_ALGOR) *other; /* other unspecified info */ 27059191Skris } X509_CERT_AUX; 27159191Skris 272109998Smarkmstruct x509_st 27355714Skris { 27455714Skris X509_CINF *cert_info; 27555714Skris X509_ALGOR *sig_alg; 27655714Skris ASN1_BIT_STRING *signature; 27755714Skris int valid; 27855714Skris int references; 27955714Skris char *name; 28059191Skris CRYPTO_EX_DATA ex_data; 28159191Skris /* These contain copies of various extension values */ 28259191Skris long ex_pathlen; 283160814Ssimon long ex_pcpathlen; 28459191Skris unsigned long ex_flags; 28559191Skris unsigned long ex_kusage; 28659191Skris unsigned long ex_xkusage; 28759191Skris unsigned long ex_nscert; 28868651Skris ASN1_OCTET_STRING *skid; 28968651Skris struct AUTHORITY_KEYID_st *akid; 290160814Ssimon X509_POLICY_CACHE *policy_cache; 291109998Smarkm#ifndef OPENSSL_NO_SHA 29259191Skris unsigned char sha1_hash[SHA_DIGEST_LENGTH]; 29359191Skris#endif 29459191Skris X509_CERT_AUX *aux; 295109998Smarkm } /* X509 */; 29655714Skris 29755714SkrisDECLARE_STACK_OF(X509) 29855714SkrisDECLARE_ASN1_SET_OF(X509) 29955714Skris 30059191Skris/* This is used for a table of trust checking functions */ 30159191Skris 30259191Skristypedef struct x509_trust_st { 30359191Skris int trust; 30459191Skris int flags; 30559191Skris int (*check_trust)(struct x509_trust_st *, X509 *, int); 30659191Skris char *name; 30759191Skris int arg1; 30859191Skris void *arg2; 30959191Skris} X509_TRUST; 31059191Skris 31159191SkrisDECLARE_STACK_OF(X509_TRUST) 31259191Skris 313160814Ssimontypedef struct x509_cert_pair_st { 314160814Ssimon X509 *forward; 315160814Ssimon X509 *reverse; 316160814Ssimon} X509_CERT_PAIR; 317160814Ssimon 31859191Skris/* standard trust ids */ 31959191Skris 32059191Skris#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ 32159191Skris 32259191Skris#define X509_TRUST_COMPAT 1 32359191Skris#define X509_TRUST_SSL_CLIENT 2 32459191Skris#define X509_TRUST_SSL_SERVER 3 32559191Skris#define X509_TRUST_EMAIL 4 32659191Skris#define X509_TRUST_OBJECT_SIGN 5 327109998Smarkm#define X509_TRUST_OCSP_SIGN 6 328109998Smarkm#define X509_TRUST_OCSP_REQUEST 7 32959191Skris 33059191Skris/* Keep these up to date! */ 33159191Skris#define X509_TRUST_MIN 1 332109998Smarkm#define X509_TRUST_MAX 7 33359191Skris 33459191Skris 33559191Skris/* trust_flags values */ 33659191Skris#define X509_TRUST_DYNAMIC 1 33759191Skris#define X509_TRUST_DYNAMIC_NAME 2 33859191Skris 33959191Skris/* check_trust return codes */ 34059191Skris 34159191Skris#define X509_TRUST_TRUSTED 1 34259191Skris#define X509_TRUST_REJECTED 2 34359191Skris#define X509_TRUST_UNTRUSTED 3 34459191Skris 345109998Smarkm/* Flags for X509_print_ex() */ 346109998Smarkm 347109998Smarkm#define X509_FLAG_COMPAT 0 348109998Smarkm#define X509_FLAG_NO_HEADER 1L 349109998Smarkm#define X509_FLAG_NO_VERSION (1L << 1) 350109998Smarkm#define X509_FLAG_NO_SERIAL (1L << 2) 351109998Smarkm#define X509_FLAG_NO_SIGNAME (1L << 3) 352109998Smarkm#define X509_FLAG_NO_ISSUER (1L << 4) 353109998Smarkm#define X509_FLAG_NO_VALIDITY (1L << 5) 354109998Smarkm#define X509_FLAG_NO_SUBJECT (1L << 6) 355109998Smarkm#define X509_FLAG_NO_PUBKEY (1L << 7) 356109998Smarkm#define X509_FLAG_NO_EXTENSIONS (1L << 8) 357109998Smarkm#define X509_FLAG_NO_SIGDUMP (1L << 9) 358109998Smarkm#define X509_FLAG_NO_AUX (1L << 10) 359109998Smarkm#define X509_FLAG_NO_ATTRIBUTES (1L << 11) 360109998Smarkm 36168651Skris/* Flags specific to X509_NAME_print_ex() */ 36268651Skris 36368651Skris/* The field separator information */ 36468651Skris 36568651Skris#define XN_FLAG_SEP_MASK (0xf << 16) 36668651Skris 36768651Skris#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */ 36868651Skris#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */ 36968651Skris#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */ 37068651Skris#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */ 37168651Skris#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */ 37268651Skris 37368651Skris#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */ 37468651Skris 37568651Skris/* How the field name is shown */ 37668651Skris 37768651Skris#define XN_FLAG_FN_MASK (0x3 << 21) 37868651Skris 37968651Skris#define XN_FLAG_FN_SN 0 /* Object short name */ 38068651Skris#define XN_FLAG_FN_LN (1 << 21) /* Object long name */ 38168651Skris#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */ 38268651Skris#define XN_FLAG_FN_NONE (3 << 21) /* No field names */ 38368651Skris 38468651Skris#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */ 38568651Skris 38668651Skris/* This determines if we dump fields we don't recognise: 38768651Skris * RFC2253 requires this. 38868651Skris */ 38968651Skris 39068651Skris#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) 39168651Skris 392109998Smarkm#define XN_FLAG_FN_ALIGN (1 << 25) /* Align field names to 20 characters */ 393109998Smarkm 39468651Skris/* Complete set of RFC2253 flags */ 39568651Skris 39668651Skris#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ 39768651Skris XN_FLAG_SEP_COMMA_PLUS | \ 39868651Skris XN_FLAG_DN_REV | \ 39968651Skris XN_FLAG_FN_SN | \ 40068651Skris XN_FLAG_DUMP_UNKNOWN_FIELDS) 40168651Skris 40268651Skris/* readable oneline form */ 40368651Skris 40468651Skris#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ 40568651Skris ASN1_STRFLGS_ESC_QUOTE | \ 40668651Skris XN_FLAG_SEP_CPLUS_SPC | \ 40768651Skris XN_FLAG_SPC_EQ | \ 40868651Skris XN_FLAG_FN_SN) 40968651Skris 41068651Skris/* readable multiline form */ 41168651Skris 41268651Skris#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ 41368651Skris ASN1_STRFLGS_ESC_MSB | \ 41468651Skris XN_FLAG_SEP_MULTILINE | \ 41568651Skris XN_FLAG_SPC_EQ | \ 416109998Smarkm XN_FLAG_FN_LN | \ 417109998Smarkm XN_FLAG_FN_ALIGN) 41868651Skris 41955714Skristypedef struct X509_revoked_st 42055714Skris { 42155714Skris ASN1_INTEGER *serialNumber; 42268651Skris ASN1_TIME *revocationDate; 42355714Skris STACK_OF(X509_EXTENSION) /* optional */ *extensions; 42455714Skris int sequence; /* load sequence */ 42555714Skris } X509_REVOKED; 42655714Skris 42755714SkrisDECLARE_STACK_OF(X509_REVOKED) 42855714SkrisDECLARE_ASN1_SET_OF(X509_REVOKED) 42955714Skris 43055714Skristypedef struct X509_crl_info_st 43155714Skris { 43255714Skris ASN1_INTEGER *version; 43355714Skris X509_ALGOR *sig_alg; 43455714Skris X509_NAME *issuer; 43568651Skris ASN1_TIME *lastUpdate; 43668651Skris ASN1_TIME *nextUpdate; 43755714Skris STACK_OF(X509_REVOKED) *revoked; 43855714Skris STACK_OF(X509_EXTENSION) /* [0] */ *extensions; 439142425Snectar ASN1_ENCODING enc; 44055714Skris } X509_CRL_INFO; 44155714Skris 442109998Smarkmstruct X509_crl_st 44355714Skris { 44455714Skris /* actual signature */ 44555714Skris X509_CRL_INFO *crl; 44655714Skris X509_ALGOR *sig_alg; 44755714Skris ASN1_BIT_STRING *signature; 44855714Skris int references; 449109998Smarkm } /* X509_CRL */; 45055714Skris 45155714SkrisDECLARE_STACK_OF(X509_CRL) 45255714SkrisDECLARE_ASN1_SET_OF(X509_CRL) 45355714Skris 45455714Skristypedef struct private_key_st 45555714Skris { 45655714Skris int version; 45755714Skris /* The PKCS#8 data types */ 45855714Skris X509_ALGOR *enc_algor; 45955714Skris ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ 46055714Skris 46155714Skris /* When decrypted, the following will not be NULL */ 46255714Skris EVP_PKEY *dec_pkey; 46355714Skris 46455714Skris /* used to encrypt and decrypt */ 46555714Skris int key_length; 46655714Skris char *key_data; 46755714Skris int key_free; /* true if we should auto free key_data */ 46855714Skris 46955714Skris /* expanded version of 'enc_algor' */ 47055714Skris EVP_CIPHER_INFO cipher; 47155714Skris 47255714Skris int references; 47355714Skris } X509_PKEY; 47455714Skris 475109998Smarkm#ifndef OPENSSL_NO_EVP 47655714Skristypedef struct X509_info_st 47755714Skris { 47855714Skris X509 *x509; 47955714Skris X509_CRL *crl; 48055714Skris X509_PKEY *x_pkey; 48155714Skris 48255714Skris EVP_CIPHER_INFO enc_cipher; 48355714Skris int enc_len; 48455714Skris char *enc_data; 48555714Skris 48655714Skris int references; 48755714Skris } X509_INFO; 48855714Skris 48955714SkrisDECLARE_STACK_OF(X509_INFO) 49055714Skris#endif 49155714Skris 49255714Skris/* The next 2 structures and their 8 routines were sent to me by 49355714Skris * Pat Richard <patr@x509.com> and are used to manipulate 49459191Skris * Netscapes spki structures - useful if you are writing a CA web page 49555714Skris */ 49655714Skristypedef struct Netscape_spkac_st 49755714Skris { 49855714Skris X509_PUBKEY *pubkey; 49955714Skris ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ 50055714Skris } NETSCAPE_SPKAC; 50155714Skris 50255714Skristypedef struct Netscape_spki_st 50355714Skris { 50455714Skris NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ 50555714Skris X509_ALGOR *sig_algor; 50655714Skris ASN1_BIT_STRING *signature; 50755714Skris } NETSCAPE_SPKI; 50855714Skris 50955714Skris/* Netscape certificate sequence structure */ 51055714Skristypedef struct Netscape_certificate_sequence 51155714Skris { 51255714Skris ASN1_OBJECT *type; 51355714Skris STACK_OF(X509) *certs; 51455714Skris } NETSCAPE_CERT_SEQUENCE; 51555714Skris 516109998Smarkm/* Unused (and iv length is wrong) 51755714Skristypedef struct CBCParameter_st 51855714Skris { 51955714Skris unsigned char iv[8]; 52055714Skris } CBC_PARAM; 521109998Smarkm*/ 52255714Skris 52355714Skris/* Password based encryption structure */ 52455714Skris 52555714Skristypedef struct PBEPARAM_st { 52655714SkrisASN1_OCTET_STRING *salt; 52755714SkrisASN1_INTEGER *iter; 52855714Skris} PBEPARAM; 52955714Skris 53055714Skris/* Password based encryption V2 structures */ 53155714Skris 53255714Skristypedef struct PBE2PARAM_st { 53355714SkrisX509_ALGOR *keyfunc; 53455714SkrisX509_ALGOR *encryption; 53555714Skris} PBE2PARAM; 53655714Skris 53755714Skristypedef struct PBKDF2PARAM_st { 53855714SkrisASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */ 53955714SkrisASN1_INTEGER *iter; 54055714SkrisASN1_INTEGER *keylength; 54155714SkrisX509_ALGOR *prf; 54255714Skris} PBKDF2PARAM; 54355714Skris 54455714Skris 54555714Skris/* PKCS#8 private key info structure */ 54655714Skris 54755714Skristypedef struct pkcs8_priv_key_info_st 54855714Skris { 54955714Skris int broken; /* Flag for various broken formats */ 55059191Skris#define PKCS8_OK 0 55159191Skris#define PKCS8_NO_OCTET 1 55259191Skris#define PKCS8_EMBEDDED_PARAM 2 55359191Skris#define PKCS8_NS_DB 3 55455714Skris ASN1_INTEGER *version; 55555714Skris X509_ALGOR *pkeyalg; 55655714Skris ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ 55755714Skris STACK_OF(X509_ATTRIBUTE) *attributes; 55855714Skris } PKCS8_PRIV_KEY_INFO; 55955714Skris 56068651Skris#ifdef __cplusplus 56168651Skris} 56268651Skris#endif 56368651Skris 56455714Skris#include <openssl/x509_vfy.h> 56555714Skris#include <openssl/pkcs7.h> 56655714Skris 56768651Skris#ifdef __cplusplus 56868651Skrisextern "C" { 56968651Skris#endif 57068651Skris 57155714Skris#ifdef SSLEAY_MACROS 57255714Skris#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\ 57355714Skris a->signature,(char *)a->cert_info,r) 57455714Skris#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \ 57555714Skris a->sig_alg,a->signature,(char *)a->req_info,r) 57655714Skris#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \ 57755714Skris a->sig_alg, a->signature,(char *)a->crl,r) 57855714Skris 57955714Skris#define X509_sign(x,pkey,md) \ 58055714Skris ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \ 58155714Skris x->sig_alg, x->signature, (char *)x->cert_info,pkey,md) 58255714Skris#define X509_REQ_sign(x,pkey,md) \ 58355714Skris ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \ 58455714Skris x->signature, (char *)x->req_info,pkey,md) 58555714Skris#define X509_CRL_sign(x,pkey,md) \ 58655714Skris ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \ 58755714Skris x->signature, (char *)x->crl,pkey,md) 58855714Skris#define NETSCAPE_SPKI_sign(x,pkey,md) \ 58955714Skris ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \ 59055714Skris x->signature, (char *)x->spkac,pkey,md) 59155714Skris 59255714Skris#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ 59355714Skris (char *(*)())d2i_X509,(char *)x509) 59455714Skris#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\ 59555714Skris (int (*)())i2d_X509_ATTRIBUTE, \ 59655714Skris (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa) 59755714Skris#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ 59855714Skris (int (*)())i2d_X509_EXTENSION, \ 59955714Skris (char *(*)())d2i_X509_EXTENSION,(char *)ex) 60055714Skris#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \ 60155714Skris (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)) 60255714Skris#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509) 60355714Skris#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \ 60455714Skris (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)) 60555714Skris#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509) 60655714Skris 60755714Skris#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \ 60855714Skris (char *(*)())d2i_X509_CRL,(char *)crl) 60955714Skris#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \ 61055714Skris X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\ 61155714Skris (unsigned char **)(crl)) 61255714Skris#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\ 61355714Skris (unsigned char *)crl) 61455714Skris#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \ 61555714Skris X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\ 61655714Skris (unsigned char **)(crl)) 61755714Skris#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\ 61855714Skris (unsigned char *)crl) 61955714Skris 62055714Skris#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \ 62155714Skris (char *(*)())d2i_PKCS7,(char *)p7) 62255714Skris#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \ 62355714Skris PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\ 62455714Skris (unsigned char **)(p7)) 62555714Skris#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\ 62655714Skris (unsigned char *)p7) 62755714Skris#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \ 62855714Skris PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\ 62955714Skris (unsigned char **)(p7)) 63055714Skris#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\ 63155714Skris (unsigned char *)p7) 63255714Skris 63355714Skris#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \ 63455714Skris (char *(*)())d2i_X509_REQ,(char *)req) 63555714Skris#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\ 63655714Skris X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\ 63755714Skris (unsigned char **)(req)) 63855714Skris#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\ 63955714Skris (unsigned char *)req) 64055714Skris#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\ 64155714Skris X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\ 64255714Skris (unsigned char **)(req)) 64355714Skris#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\ 64455714Skris (unsigned char *)req) 64555714Skris 64655714Skris#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \ 64755714Skris (char *(*)())d2i_RSAPublicKey,(char *)rsa) 64855714Skris#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \ 64955714Skris (char *(*)())d2i_RSAPrivateKey,(char *)rsa) 65055714Skris 65155714Skris#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ 65255714Skris RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \ 65355714Skris (unsigned char **)(rsa)) 65455714Skris#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \ 65555714Skris (unsigned char *)rsa) 65655714Skris#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ 65755714Skris RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \ 65855714Skris (unsigned char **)(rsa)) 65955714Skris#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \ 66055714Skris (unsigned char *)rsa) 66155714Skris 66255714Skris#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ 66355714Skris RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \ 66455714Skris (unsigned char **)(rsa)) 66555714Skris#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \ 66655714Skris (unsigned char *)rsa) 66755714Skris#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ 66855714Skris RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \ 66955714Skris (unsigned char **)(rsa)) 67055714Skris#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \ 67155714Skris (unsigned char *)rsa) 67255714Skris 67355714Skris#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\ 67455714Skris DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \ 67555714Skris (unsigned char **)(dsa)) 67655714Skris#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \ 67755714Skris (unsigned char *)dsa) 67855714Skris#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\ 67955714Skris DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \ 68055714Skris (unsigned char **)(dsa)) 68155714Skris#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ 68255714Skris (unsigned char *)dsa) 68355714Skris 684160814Ssimon#define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\ 685160814Ssimon EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \ 686160814Ssimon (unsigned char **)(ecdsa)) 687160814Ssimon#define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \ 688160814Ssimon (unsigned char *)ecdsa) 689160814Ssimon#define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\ 690160814Ssimon EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \ 691160814Ssimon (unsigned char **)(ecdsa)) 692160814Ssimon#define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \ 693160814Ssimon (unsigned char *)ecdsa) 694160814Ssimon 69555714Skris#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ 69655714Skris (char *(*)())d2i_X509_ALGOR,(char *)xn) 69755714Skris 69855714Skris#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ 69955714Skris (char *(*)())d2i_X509_NAME,(char *)xn) 70055714Skris#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ 70155714Skris (int (*)())i2d_X509_NAME_ENTRY, \ 70255714Skris (char *(*)())d2i_X509_NAME_ENTRY,\ 70355714Skris (char *)ne) 70455714Skris 70555714Skris#define X509_digest(data,type,md,len) \ 70655714Skris ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) 70755714Skris#define X509_NAME_digest(data,type,md,len) \ 70855714Skris ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) 70955714Skris#ifndef PKCS7_ISSUER_AND_SERIAL_digest 71055714Skris#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ 71155714Skris ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ 71255714Skris (char *)data,md,len) 71355714Skris#endif 71455714Skris#endif 71555714Skris 71655714Skris#define X509_EXT_PACK_UNKNOWN 1 71755714Skris#define X509_EXT_PACK_STRING 2 71855714Skris 71955714Skris#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version) 72055714Skris/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */ 72155714Skris#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore) 72255714Skris#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter) 72355714Skris#define X509_extract_key(x) X509_get_pubkey(x) /*****/ 72455714Skris#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version) 72555714Skris#define X509_REQ_get_subject_name(x) ((x)->req_info->subject) 72655714Skris#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) 72755714Skris#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) 72855714Skris#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) 72955714Skris 73055714Skris#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version) 73155714Skris#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) 73255714Skris#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) 73355714Skris#define X509_CRL_get_issuer(x) ((x)->crl->issuer) 73455714Skris#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) 73555714Skris 73655714Skris/* This one is only used so that a binary form can output, as in 73755714Skris * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ 73855714Skris#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) 73955714Skris 74055714Skris 74155714Skrisconst char *X509_verify_cert_error_string(long n); 74255714Skris 74355714Skris#ifndef SSLEAY_MACROS 744109998Smarkm#ifndef OPENSSL_NO_EVP 74555714Skrisint X509_verify(X509 *a, EVP_PKEY *r); 74655714Skris 74755714Skrisint X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); 74855714Skrisint X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); 74955714Skrisint NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); 75055714Skris 75159191SkrisNETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len); 75259191Skrischar * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); 75359191SkrisEVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); 75459191Skrisint NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); 75559191Skris 75659191Skrisint NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); 75759191Skris 758109998Smarkmint X509_signature_print(BIO *bp,X509_ALGOR *alg, ASN1_STRING *sig); 759109998Smarkm 76055714Skrisint X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 76155714Skrisint X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); 76255714Skrisint X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); 76355714Skrisint NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); 76455714Skris 765109998Smarkmint X509_pubkey_digest(const X509 *data,const EVP_MD *type, 766109998Smarkm unsigned char *md, unsigned int *len); 76768651Skrisint X509_digest(const X509 *data,const EVP_MD *type, 76868651Skris unsigned char *md, unsigned int *len); 76968651Skrisint X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, 77068651Skris unsigned char *md, unsigned int *len); 77168651Skrisint X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, 77268651Skris unsigned char *md, unsigned int *len); 77368651Skrisint X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, 77468651Skris unsigned char *md, unsigned int *len); 77555714Skris#endif 77655714Skris 777109998Smarkm#ifndef OPENSSL_NO_FP_API 77855714SkrisX509 *d2i_X509_fp(FILE *fp, X509 **x509); 77955714Skrisint i2d_X509_fp(FILE *fp,X509 *x509); 78055714SkrisX509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); 78155714Skrisint i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); 78255714SkrisX509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); 78355714Skrisint i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); 784109998Smarkm#ifndef OPENSSL_NO_RSA 78555714SkrisRSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); 78655714Skrisint i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); 78755714SkrisRSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); 78855714Skrisint i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); 78959191SkrisRSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa); 79059191Skrisint i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa); 79155714Skris#endif 792109998Smarkm#ifndef OPENSSL_NO_DSA 79359191SkrisDSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); 79459191Skrisint i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); 79555714SkrisDSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); 79655714Skrisint i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); 79759191Skris#endif 798160814Ssimon#ifndef OPENSSL_NO_EC 799160814SsimonEC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); 800160814Ssimonint i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); 801160814SsimonEC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); 802160814Ssimonint i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); 803160814Ssimon#endif 80455714SkrisX509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); 80555714Skrisint i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); 80655714SkrisPKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 80755714Skris PKCS8_PRIV_KEY_INFO **p8inf); 80855714Skrisint i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); 80959191Skrisint i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); 81059191Skrisint i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); 81159191SkrisEVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); 81268651Skrisint i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); 81368651SkrisEVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); 81455714Skris#endif 81555714Skris 816109998Smarkm#ifndef OPENSSL_NO_BIO 81755714SkrisX509 *d2i_X509_bio(BIO *bp,X509 **x509); 81855714Skrisint i2d_X509_bio(BIO *bp,X509 *x509); 81955714SkrisX509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); 82055714Skrisint i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); 82155714SkrisX509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); 82255714Skrisint i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); 823109998Smarkm#ifndef OPENSSL_NO_RSA 82455714SkrisRSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); 82555714Skrisint i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); 82655714SkrisRSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); 82755714Skrisint i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); 82859191SkrisRSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa); 82959191Skrisint i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa); 83055714Skris#endif 831109998Smarkm#ifndef OPENSSL_NO_DSA 83259191SkrisDSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); 83359191Skrisint i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); 83455714SkrisDSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); 83555714Skrisint i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); 83655714Skris#endif 837160814Ssimon#ifndef OPENSSL_NO_EC 838160814SsimonEC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); 839160814Ssimonint i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); 840160814SsimonEC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); 841160814Ssimonint i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); 842160814Ssimon#endif 84355714SkrisX509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); 84455714Skrisint i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); 84555714SkrisPKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 84655714Skris PKCS8_PRIV_KEY_INFO **p8inf); 84755714Skrisint i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); 84859191Skrisint i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); 84959191Skrisint i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); 85059191SkrisEVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); 85168651Skrisint i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); 85268651SkrisEVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); 85355714Skris#endif 85455714Skris 85555714SkrisX509 *X509_dup(X509 *x509); 85655714SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); 85755714SkrisX509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); 85855714SkrisX509_CRL *X509_CRL_dup(X509_CRL *crl); 85955714SkrisX509_REQ *X509_REQ_dup(X509_REQ *req); 86055714SkrisX509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); 86155714SkrisX509_NAME *X509_NAME_dup(X509_NAME *xn); 86255714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); 86355714Skris 86455714Skris#endif /* !SSLEAY_MACROS */ 86555714Skris 86668651Skrisint X509_cmp_time(ASN1_TIME *s, time_t *t); 86768651Skrisint X509_cmp_current_time(ASN1_TIME *s); 86868651SkrisASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t); 86968651SkrisASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj); 87055714Skris 87155714Skrisconst char * X509_get_default_cert_area(void ); 87255714Skrisconst char * X509_get_default_cert_dir(void ); 87355714Skrisconst char * X509_get_default_cert_file(void ); 87455714Skrisconst char * X509_get_default_cert_dir_env(void ); 87555714Skrisconst char * X509_get_default_cert_file_env(void ); 87655714Skrisconst char * X509_get_default_private_dir(void ); 87755714Skris 87859191SkrisX509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 87955714SkrisX509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); 88055714Skris 881109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_ALGOR) 882109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_VAL) 88355714Skris 884109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_PUBKEY) 88555714Skris 88655714Skrisint X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); 88755714SkrisEVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); 88855714Skrisint X509_get_pubkey_parameters(EVP_PKEY *pkey, 88955714Skris STACK_OF(X509) *chain); 89059191Skrisint i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); 891160814SsimonEVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, 89259191Skris long length); 893109998Smarkm#ifndef OPENSSL_NO_RSA 89459191Skrisint i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); 895160814SsimonRSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, 89659191Skris long length); 89759191Skris#endif 898109998Smarkm#ifndef OPENSSL_NO_DSA 89959191Skrisint i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); 900160814SsimonDSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, 90159191Skris long length); 90259191Skris#endif 903160814Ssimon#ifndef OPENSSL_NO_EC 904160814Ssimonint i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); 905160814SsimonEC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, 906160814Ssimon long length); 907160814Ssimon#endif 90855714Skris 909109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_SIG) 910109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_REQ_INFO) 911109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_REQ) 91255714Skris 913109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) 91455714SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); 91555714Skris 916109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_EXTENSION) 91755714Skris 918109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) 91955714Skris 920109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_NAME) 92155714Skris 92255714Skrisint X509_NAME_set(X509_NAME **xn, X509_NAME *name); 92355714Skris 924109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_CINF) 92555714Skris 926109998SmarkmDECLARE_ASN1_FUNCTIONS(X509) 927109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) 92855714Skris 929160814SsimonDECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR) 930160814Ssimon 93159191Skrisint X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 93259191Skris CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 93359191Skrisint X509_set_ex_data(X509 *r, int idx, void *arg); 93459191Skrisvoid *X509_get_ex_data(X509 *r, int idx); 93559191Skrisint i2d_X509_AUX(X509 *a,unsigned char **pp); 936160814SsimonX509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); 93755714Skris 93859191Skrisint X509_alias_set1(X509 *x, unsigned char *name, int len); 93968651Skrisint X509_keyid_set1(X509 *x, unsigned char *id, int len); 94059191Skrisunsigned char * X509_alias_get0(X509 *x, int *len); 941160814Ssimonunsigned char * X509_keyid_get0(X509 *x, int *len); 94259191Skrisint (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); 943109998Smarkmint X509_TRUST_set(int *t, int trust); 94459191Skrisint X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); 94559191Skrisint X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); 94659191Skrisvoid X509_trust_clear(X509 *x); 94759191Skrisvoid X509_reject_clear(X509 *x); 94859191Skris 949109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_REVOKED) 950109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_CRL_INFO) 951109998SmarkmDECLARE_ASN1_FUNCTIONS(X509_CRL) 95255714Skris 953109998Smarkmint X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); 95455714Skris 95555714SkrisX509_PKEY * X509_PKEY_new(void ); 95655714Skrisvoid X509_PKEY_free(X509_PKEY *a); 95755714Skrisint i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); 958160814SsimonX509_PKEY * d2i_X509_PKEY(X509_PKEY **a,const unsigned char **pp,long length); 95955714Skris 960109998SmarkmDECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) 961109998SmarkmDECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) 962109998SmarkmDECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE) 96355714Skris 964109998Smarkm#ifndef OPENSSL_NO_EVP 96555714SkrisX509_INFO * X509_INFO_new(void); 96655714Skrisvoid X509_INFO_free(X509_INFO *a); 96755714Skrischar * X509_NAME_oneline(X509_NAME *a,char *buf,int size); 96855714Skris 969160814Ssimonint ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1, 970160814Ssimon ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); 97155714Skris 972160814Ssimonint ASN1_digest(i2d_of_void *i2d,const EVP_MD *type,char *data, 973160814Ssimon unsigned char *md,unsigned int *len); 97455714Skris 975160814Ssimonint ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, 976160814Ssimon X509_ALGOR *algor2, ASN1_BIT_STRING *signature, 977160814Ssimon char *data,EVP_PKEY *pkey, const EVP_MD *type); 978109998Smarkm 979109998Smarkmint ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, 980109998Smarkm unsigned char *md,unsigned int *len); 981109998Smarkm 982109998Smarkmint ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1, 983109998Smarkm ASN1_BIT_STRING *signature,void *data,EVP_PKEY *pkey); 984109998Smarkm 985109998Smarkmint ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, 986109998Smarkm ASN1_BIT_STRING *signature, 987109998Smarkm void *data, EVP_PKEY *pkey, const EVP_MD *type); 98855714Skris#endif 98955714Skris 99055714Skrisint X509_set_version(X509 *x,long version); 99155714Skrisint X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); 99255714SkrisASN1_INTEGER * X509_get_serialNumber(X509 *x); 99355714Skrisint X509_set_issuer_name(X509 *x, X509_NAME *name); 99455714SkrisX509_NAME * X509_get_issuer_name(X509 *a); 99555714Skrisint X509_set_subject_name(X509 *x, X509_NAME *name); 99655714SkrisX509_NAME * X509_get_subject_name(X509 *a); 99768651Skrisint X509_set_notBefore(X509 *x, ASN1_TIME *tm); 99868651Skrisint X509_set_notAfter(X509 *x, ASN1_TIME *tm); 99955714Skrisint X509_set_pubkey(X509 *x, EVP_PKEY *pkey); 100055714SkrisEVP_PKEY * X509_get_pubkey(X509 *x); 1001109998SmarkmASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x); 100255714Skrisint X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */); 100355714Skris 100455714Skrisint X509_REQ_set_version(X509_REQ *x,long version); 100555714Skrisint X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name); 100655714Skrisint X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); 100755714SkrisEVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); 100859191Skrisint X509_REQ_extension_nid(int nid); 100959191Skrisint * X509_REQ_get_extension_nids(void); 101059191Skrisvoid X509_REQ_set_extension_nids(int *nids); 101159191SkrisSTACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); 101259191Skrisint X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, 101359191Skris int nid); 101459191Skrisint X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); 101559191Skrisint X509_REQ_get_attr_count(const X509_REQ *req); 101659191Skrisint X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, 101759191Skris int lastpos); 101859191Skrisint X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, 101959191Skris int lastpos); 102059191SkrisX509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); 102159191SkrisX509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); 102259191Skrisint X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); 102359191Skrisint X509_REQ_add1_attr_by_OBJ(X509_REQ *req, 1024109998Smarkm const ASN1_OBJECT *obj, int type, 1025109998Smarkm const unsigned char *bytes, int len); 102659191Skrisint X509_REQ_add1_attr_by_NID(X509_REQ *req, 102759191Skris int nid, int type, 1028109998Smarkm const unsigned char *bytes, int len); 102959191Skrisint X509_REQ_add1_attr_by_txt(X509_REQ *req, 1030109998Smarkm const char *attrname, int type, 1031109998Smarkm const unsigned char *bytes, int len); 103255714Skris 1033109998Smarkmint X509_CRL_set_version(X509_CRL *x, long version); 1034109998Smarkmint X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); 1035109998Smarkmint X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm); 1036109998Smarkmint X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm); 1037109998Smarkmint X509_CRL_sort(X509_CRL *crl); 1038109998Smarkm 1039109998Smarkmint X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); 1040109998Smarkmint X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); 1041109998Smarkm 1042160814Ssimonint X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey); 1043160814Ssimon 104455714Skrisint X509_check_private_key(X509 *x509,EVP_PKEY *pkey); 104555714Skris 104668651Skrisint X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); 104755714Skrisunsigned long X509_issuer_and_serial_hash(X509 *a); 104855714Skris 104968651Skrisint X509_issuer_name_cmp(const X509 *a, const X509 *b); 105055714Skrisunsigned long X509_issuer_name_hash(X509 *a); 105155714Skris 105268651Skrisint X509_subject_name_cmp(const X509 *a, const X509 *b); 105355714Skrisunsigned long X509_subject_name_hash(X509 *x); 105455714Skris 105568651Skrisint X509_cmp(const X509 *a, const X509 *b); 105668651Skrisint X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); 105755714Skrisunsigned long X509_NAME_hash(X509_NAME *x); 105855714Skris 105968651Skrisint X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); 1060109998Smarkm#ifndef OPENSSL_NO_FP_API 1061109998Smarkmint X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag); 106255714Skrisint X509_print_fp(FILE *bp,X509 *x); 106355714Skrisint X509_CRL_print_fp(FILE *bp,X509_CRL *x); 106455714Skrisint X509_REQ_print_fp(FILE *bp,X509_REQ *req); 106568651Skrisint X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags); 106655714Skris#endif 106755714Skris 1068109998Smarkm#ifndef OPENSSL_NO_BIO 106955714Skrisint X509_NAME_print(BIO *bp, X509_NAME *name, int obase); 107068651Skrisint X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); 1071109998Smarkmint X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); 107255714Skrisint X509_print(BIO *bp,X509 *x); 1073109998Smarkmint X509_ocspid_print(BIO *bp,X509 *x); 107459191Skrisint X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); 107555714Skrisint X509_CRL_print(BIO *bp,X509_CRL *x); 1076109998Smarkmint X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); 107755714Skrisint X509_REQ_print(BIO *bp,X509_REQ *req); 107855714Skris#endif 107955714Skris 108055714Skrisint X509_NAME_entry_count(X509_NAME *name); 108155714Skrisint X509_NAME_get_text_by_NID(X509_NAME *name, int nid, 108255714Skris char *buf,int len); 108355714Skrisint X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, 108455714Skris char *buf,int len); 108555714Skris 108655714Skris/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use 108759191Skris * lastpos, search after that position on. */ 108855714Skrisint X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); 108955714Skrisint X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, 109055714Skris int lastpos); 109155714SkrisX509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); 109255714SkrisX509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); 109355714Skrisint X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, 109455714Skris int loc, int set); 109559191Skrisint X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, 109659191Skris unsigned char *bytes, int len, int loc, int set); 109759191Skrisint X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, 109859191Skris unsigned char *bytes, int len, int loc, int set); 109959191SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, 1100160814Ssimon const char *field, int type, const unsigned char *bytes, int len); 110155714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, 110255714Skris int type,unsigned char *bytes, int len); 1103160814Ssimonint X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, 1104160814Ssimon const unsigned char *bytes, int len, int loc, int set); 110555714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, 1106160814Ssimon ASN1_OBJECT *obj, int type,const unsigned char *bytes, 110755714Skris int len); 110855714Skrisint X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, 110955714Skris ASN1_OBJECT *obj); 111055714Skrisint X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, 1111160814Ssimon const unsigned char *bytes, int len); 111255714SkrisASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); 111355714SkrisASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); 111455714Skris 111555714Skrisint X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); 111655714Skrisint X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, 111755714Skris int nid, int lastpos); 111855714Skrisint X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, 111955714Skris ASN1_OBJECT *obj,int lastpos); 112055714Skrisint X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, 112155714Skris int crit, int lastpos); 112255714SkrisX509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); 112355714SkrisX509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); 112455714SkrisSTACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, 112555714Skris X509_EXTENSION *ex, int loc); 112655714Skris 112755714Skrisint X509_get_ext_count(X509 *x); 112855714Skrisint X509_get_ext_by_NID(X509 *x, int nid, int lastpos); 112955714Skrisint X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); 113055714Skrisint X509_get_ext_by_critical(X509 *x, int crit, int lastpos); 113155714SkrisX509_EXTENSION *X509_get_ext(X509 *x, int loc); 113255714SkrisX509_EXTENSION *X509_delete_ext(X509 *x, int loc); 113355714Skrisint X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); 113459191Skrisvoid * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); 1135109998Smarkmint X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, 1136109998Smarkm unsigned long flags); 113755714Skris 113855714Skrisint X509_CRL_get_ext_count(X509_CRL *x); 113955714Skrisint X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); 114055714Skrisint X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos); 114155714Skrisint X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos); 114255714SkrisX509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc); 114355714SkrisX509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); 114455714Skrisint X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); 114559191Skrisvoid * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx); 1146109998Smarkmint X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit, 1147109998Smarkm unsigned long flags); 114855714Skris 114955714Skrisint X509_REVOKED_get_ext_count(X509_REVOKED *x); 115055714Skrisint X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos); 115155714Skrisint X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos); 115255714Skrisint X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos); 115355714SkrisX509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc); 115455714SkrisX509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); 115555714Skrisint X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); 115659191Skrisvoid * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx); 1157109998Smarkmint X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit, 1158109998Smarkm unsigned long flags); 115955714Skris 116055714SkrisX509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, 116155714Skris int nid, int crit, ASN1_OCTET_STRING *data); 116255714SkrisX509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, 116355714Skris ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data); 116455714Skrisint X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj); 116555714Skrisint X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); 116655714Skrisint X509_EXTENSION_set_data(X509_EXTENSION *ex, 116755714Skris ASN1_OCTET_STRING *data); 116855714SkrisASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); 116955714SkrisASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); 117055714Skrisint X509_EXTENSION_get_critical(X509_EXTENSION *ex); 117155714Skris 117259191Skrisint X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); 117359191Skrisint X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, 117459191Skris int lastpos); 117559191Skrisint X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj, 117659191Skris int lastpos); 117759191SkrisX509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); 117859191SkrisX509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); 117959191SkrisSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, 118059191Skris X509_ATTRIBUTE *attr); 118159191SkrisSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, 1182109998Smarkm const ASN1_OBJECT *obj, int type, 1183109998Smarkm const unsigned char *bytes, int len); 118459191SkrisSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, 118559191Skris int nid, int type, 1186109998Smarkm const unsigned char *bytes, int len); 118759191SkrisSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, 1188109998Smarkm const char *attrname, int type, 1189109998Smarkm const unsigned char *bytes, int len); 119059191SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, 1191109998Smarkm int atrtype, const void *data, int len); 119259191SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, 1193109998Smarkm const ASN1_OBJECT *obj, int atrtype, const void *data, int len); 119459191SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, 1195109998Smarkm const char *atrname, int type, const unsigned char *bytes, int len); 1196109998Smarkmint X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); 1197109998Smarkmint X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len); 119859191Skrisvoid *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, 119959191Skris int atrtype, void *data); 120059191Skrisint X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); 120159191SkrisASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); 120259191SkrisASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); 120359191Skris 1204160814Ssimonint EVP_PKEY_get_attr_count(const EVP_PKEY *key); 1205160814Ssimonint EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, 1206160814Ssimon int lastpos); 1207160814Ssimonint EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, 1208160814Ssimon int lastpos); 1209160814SsimonX509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc); 1210160814SsimonX509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc); 1211160814Ssimonint EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr); 1212160814Ssimonint EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, 1213160814Ssimon const ASN1_OBJECT *obj, int type, 1214160814Ssimon const unsigned char *bytes, int len); 1215160814Ssimonint EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, 1216160814Ssimon int nid, int type, 1217160814Ssimon const unsigned char *bytes, int len); 1218160814Ssimonint EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, 1219160814Ssimon const char *attrname, int type, 1220160814Ssimon const unsigned char *bytes, int len); 1221160814Ssimon 122255714Skrisint X509_verify_cert(X509_STORE_CTX *ctx); 122355714Skris 122455714Skris/* lookup a cert from a X509 STACK */ 122555714SkrisX509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, 122655714Skris ASN1_INTEGER *serial); 122755714SkrisX509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); 122855714Skris 1229109998SmarkmDECLARE_ASN1_FUNCTIONS(PBEPARAM) 1230109998SmarkmDECLARE_ASN1_FUNCTIONS(PBE2PARAM) 1231109998SmarkmDECLARE_ASN1_FUNCTIONS(PBKDF2PARAM) 1232109998Smarkm 123355714SkrisX509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen); 123455714SkrisX509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, 123555714Skris unsigned char *salt, int saltlen); 123655714Skris 123755714Skris/* PKCS#8 utilities */ 123855714Skris 1239109998SmarkmDECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) 124055714Skris 124155714SkrisEVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); 124255714SkrisPKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); 124359191SkrisPKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken); 124455714SkrisPKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); 124555714Skris 124659191Skrisint X509_check_trust(X509 *x, int id, int flags); 124759191Skrisint X509_TRUST_get_count(void); 124859191SkrisX509_TRUST * X509_TRUST_get0(int idx); 124959191Skrisint X509_TRUST_get_by_id(int id); 125059191Skrisint X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), 125159191Skris char *name, int arg1, void *arg2); 125259191Skrisvoid X509_TRUST_cleanup(void); 125359191Skrisint X509_TRUST_get_flags(X509_TRUST *xp); 125459191Skrischar *X509_TRUST_get0_name(X509_TRUST *xp); 125559191Skrisint X509_TRUST_get_trust(X509_TRUST *xp); 125659191Skris 125755714Skris/* BEGIN ERROR CODES */ 125855714Skris/* The following lines are auto generated by the script mkerr.pl. Any changes 125955714Skris * made after this point may be overwritten when the script is next run. 126055714Skris */ 126189837Skrisvoid ERR_load_X509_strings(void); 126255714Skris 126355714Skris/* Error codes for the X509 functions. */ 126455714Skris 126555714Skris/* Function codes. */ 126655714Skris#define X509_F_ADD_CERT_DIR 100 126755714Skris#define X509_F_BY_FILE_CTRL 101 1268160814Ssimon#define X509_F_CHECK_POLICY 145 126955714Skris#define X509_F_DIR_CTRL 102 127055714Skris#define X509_F_GET_CERT_BY_SUBJECT 103 127159191Skris#define X509_F_NETSCAPE_SPKI_B64_DECODE 129 127259191Skris#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 1273160814Ssimon#define X509_F_X509AT_ADD1_ATTR 135 127455714Skris#define X509_F_X509V3_ADD_EXT 104 127559191Skris#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 127659191Skris#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 127759191Skris#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 127859191Skris#define X509_F_X509_ATTRIBUTE_GET0_DATA 139 127959191Skris#define X509_F_X509_ATTRIBUTE_SET1_DATA 138 128055714Skris#define X509_F_X509_CHECK_PRIVATE_KEY 128 1281160814Ssimon#define X509_F_X509_CRL_PRINT_FP 147 128255714Skris#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 128355714Skris#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 128455714Skris#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 128559191Skris#define X509_F_X509_LOAD_CERT_CRL_FILE 132 128655714Skris#define X509_F_X509_LOAD_CERT_FILE 111 128755714Skris#define X509_F_X509_LOAD_CRL_FILE 112 128855714Skris#define X509_F_X509_NAME_ADD_ENTRY 113 128955714Skris#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 129059191Skris#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131 129155714Skris#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 129255714Skris#define X509_F_X509_NAME_ONELINE 116 129355714Skris#define X509_F_X509_NAME_PRINT 117 1294160814Ssimon#define X509_F_X509_PRINT_EX_FP 118 129555714Skris#define X509_F_X509_PUBKEY_GET 119 129655714Skris#define X509_F_X509_PUBKEY_SET 120 1297160814Ssimon#define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144 1298160814Ssimon#define X509_F_X509_REQ_PRINT_EX 121 129955714Skris#define X509_F_X509_REQ_PRINT_FP 122 130055714Skris#define X509_F_X509_REQ_TO_X509 123 130155714Skris#define X509_F_X509_STORE_ADD_CERT 124 130255714Skris#define X509_F_X509_STORE_ADD_CRL 125 1303160814Ssimon#define X509_F_X509_STORE_CTX_GET1_ISSUER 146 1304109998Smarkm#define X509_F_X509_STORE_CTX_INIT 143 1305109998Smarkm#define X509_F_X509_STORE_CTX_NEW 142 130659191Skris#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 130755714Skris#define X509_F_X509_TO_X509_REQ 126 130859191Skris#define X509_F_X509_TRUST_ADD 133 1309109998Smarkm#define X509_F_X509_TRUST_SET 141 131055714Skris#define X509_F_X509_VERIFY_CERT 127 131155714Skris 131255714Skris/* Reason codes. */ 131355714Skris#define X509_R_BAD_X509_FILETYPE 100 131459191Skris#define X509_R_BASE64_DECODE_ERROR 118 131555714Skris#define X509_R_CANT_CHECK_DH_KEY 114 131655714Skris#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 131755714Skris#define X509_R_ERR_ASN1_LIB 102 131855714Skris#define X509_R_INVALID_DIRECTORY 113 131959191Skris#define X509_R_INVALID_FIELD_NAME 119 1320109998Smarkm#define X509_R_INVALID_TRUST 123 132155714Skris#define X509_R_KEY_TYPE_MISMATCH 115 132255714Skris#define X509_R_KEY_VALUES_MISMATCH 116 132355714Skris#define X509_R_LOADING_CERT_DIR 103 132455714Skris#define X509_R_LOADING_DEFAULTS 104 132555714Skris#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 132655714Skris#define X509_R_SHOULD_RETRY 106 132755714Skris#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 132855714Skris#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 132955714Skris#define X509_R_UNKNOWN_KEY_TYPE 117 133055714Skris#define X509_R_UNKNOWN_NID 109 133159191Skris#define X509_R_UNKNOWN_PURPOSE_ID 121 133259191Skris#define X509_R_UNKNOWN_TRUST_ID 120 133355714Skris#define X509_R_UNSUPPORTED_ALGORITHM 111 133455714Skris#define X509_R_WRONG_LOOKUP_TYPE 112 133559191Skris#define X509_R_WRONG_TYPE 122 133655714Skris 133755714Skris#ifdef __cplusplus 133855714Skris} 133955714Skris#endif 134055714Skris#endif 1341