x509.h revision 89837
155714Skris/* crypto/x509/x509.h */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 855714Skris * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1555714Skris * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 2255714Skris * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4055714Skris * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 5255714Skris * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 5855714Skris 5955714Skris#ifndef HEADER_X509_H 6055714Skris#define HEADER_X509_H 6155714Skris 6268651Skris#include <openssl/symhacks.h> 6368651Skris#ifndef NO_BUFFER 6468651Skris#include <openssl/buffer.h> 6555714Skris#endif 6668651Skris#ifndef NO_EVP 6768651Skris#include <openssl/evp.h> 6855714Skris#endif 6968651Skris#ifndef NO_BIO 7068651Skris#include <openssl/bio.h> 7168651Skris#endif 7255714Skris#include <openssl/stack.h> 7355714Skris#include <openssl/asn1.h> 7455714Skris#include <openssl/safestack.h> 7555714Skris 7655714Skris#ifndef NO_RSA 7755714Skris#include <openssl/rsa.h> 7855714Skris#endif 7955714Skris 8055714Skris#ifndef NO_DSA 8155714Skris#include <openssl/dsa.h> 8255714Skris#endif 8355714Skris 8455714Skris#ifndef NO_DH 8555714Skris#include <openssl/dh.h> 8655714Skris#endif 8755714Skris 8855714Skris#include <openssl/evp.h> 8955714Skris 9055714Skris 9168651Skris#ifdef __cplusplus 9268651Skrisextern "C" { 9368651Skris#endif 9468651Skris 9555714Skris#ifdef WIN32 9655714Skris/* Under Win32 this is defined in wincrypt.h */ 9755714Skris#undef X509_NAME 9855714Skris#endif 9955714Skris 10068651Skris /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ 10168651Skris#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */ 10268651Skris#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */ 10368651Skris 10455714Skris#define X509_FILETYPE_PEM 1 10555714Skris#define X509_FILETYPE_ASN1 2 10655714Skris#define X509_FILETYPE_DEFAULT 3 10755714Skris 10855714Skris#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 10955714Skris#define X509v3_KU_NON_REPUDIATION 0x0040 11055714Skris#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 11155714Skris#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 11255714Skris#define X509v3_KU_KEY_AGREEMENT 0x0008 11355714Skris#define X509v3_KU_KEY_CERT_SIGN 0x0004 11455714Skris#define X509v3_KU_CRL_SIGN 0x0002 11555714Skris#define X509v3_KU_ENCIPHER_ONLY 0x0001 11655714Skris#define X509v3_KU_DECIPHER_ONLY 0x8000 11755714Skris#define X509v3_KU_UNDEF 0xffff 11855714Skris 11955714Skristypedef struct X509_objects_st 12055714Skris { 12155714Skris int nid; 12255714Skris int (*a2i)(); 12355714Skris int (*i2a)(); 12455714Skris } X509_OBJECTS; 12555714Skris 12655714Skristypedef struct X509_algor_st 12755714Skris { 12855714Skris ASN1_OBJECT *algorithm; 12955714Skris ASN1_TYPE *parameter; 13055714Skris } X509_ALGOR; 13155714Skris 13255714SkrisDECLARE_STACK_OF(X509_ALGOR) 13355714SkrisDECLARE_ASN1_SET_OF(X509_ALGOR) 13455714Skris 13555714Skristypedef struct X509_val_st 13655714Skris { 13768651Skris ASN1_TIME *notBefore; 13868651Skris ASN1_TIME *notAfter; 13955714Skris } X509_VAL; 14055714Skris 14155714Skristypedef struct X509_pubkey_st 14255714Skris { 14355714Skris X509_ALGOR *algor; 14455714Skris ASN1_BIT_STRING *public_key; 14555714Skris EVP_PKEY *pkey; 14655714Skris } X509_PUBKEY; 14755714Skris 14855714Skristypedef struct X509_sig_st 14955714Skris { 15055714Skris X509_ALGOR *algor; 15155714Skris ASN1_OCTET_STRING *digest; 15255714Skris } X509_SIG; 15355714Skris 15455714Skristypedef struct X509_name_entry_st 15555714Skris { 15655714Skris ASN1_OBJECT *object; 15755714Skris ASN1_STRING *value; 15855714Skris int set; 15955714Skris int size; /* temp variable */ 16055714Skris } X509_NAME_ENTRY; 16155714Skris 16255714SkrisDECLARE_STACK_OF(X509_NAME_ENTRY) 16355714SkrisDECLARE_ASN1_SET_OF(X509_NAME_ENTRY) 16455714Skris 16555714Skris/* we always keep X509_NAMEs in 2 forms. */ 16655714Skristypedef struct X509_name_st 16755714Skris { 16855714Skris STACK_OF(X509_NAME_ENTRY) *entries; 16955714Skris int modified; /* true if 'bytes' needs to be built */ 17068651Skris#ifndef NO_BUFFER 17155714Skris BUF_MEM *bytes; 17255714Skris#else 17355714Skris char *bytes; 17455714Skris#endif 17555714Skris unsigned long hash; /* Keep the hash around for lookups */ 17655714Skris } X509_NAME; 17755714Skris 17855714SkrisDECLARE_STACK_OF(X509_NAME) 17955714Skris 18055714Skris#define X509_EX_V_NETSCAPE_HACK 0x8000 18155714Skris#define X509_EX_V_INIT 0x0001 18255714Skristypedef struct X509_extension_st 18355714Skris { 18455714Skris ASN1_OBJECT *object; 18555714Skris short critical; 18655714Skris short netscape_hack; 18755714Skris ASN1_OCTET_STRING *value; 18859191Skris struct v3_ext_method *method; /* V3 method to use */ 18959191Skris void *ext_val; /* extension value */ 19055714Skris } X509_EXTENSION; 19155714Skris 19255714SkrisDECLARE_STACK_OF(X509_EXTENSION) 19355714SkrisDECLARE_ASN1_SET_OF(X509_EXTENSION) 19455714Skris 19555714Skris/* a sequence of these are used */ 19655714Skristypedef struct x509_attributes_st 19755714Skris { 19855714Skris ASN1_OBJECT *object; 19955714Skris int set; /* 1 for a set, 0 for a single item (which is wrong) */ 20055714Skris union { 20155714Skris char *ptr; 20255714Skris/* 1 */ STACK_OF(ASN1_TYPE) *set; 20355714Skris/* 0 */ ASN1_TYPE *single; 20455714Skris } value; 20555714Skris } X509_ATTRIBUTE; 20655714Skris 20755714SkrisDECLARE_STACK_OF(X509_ATTRIBUTE) 20855714SkrisDECLARE_ASN1_SET_OF(X509_ATTRIBUTE) 20955714Skris 21055714Skristypedef struct X509_req_info_st 21155714Skris { 21268651Skris unsigned char *asn1; 21368651Skris int length; 21455714Skris ASN1_INTEGER *version; 21555714Skris X509_NAME *subject; 21655714Skris X509_PUBKEY *pubkey; 21755714Skris /* d=2 hl=2 l= 0 cons: cont: 00 */ 21855714Skris STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ 21955714Skris int req_kludge; 22055714Skris } X509_REQ_INFO; 22155714Skris 22255714Skristypedef struct X509_req_st 22355714Skris { 22455714Skris X509_REQ_INFO *req_info; 22555714Skris X509_ALGOR *sig_alg; 22655714Skris ASN1_BIT_STRING *signature; 22755714Skris int references; 22855714Skris } X509_REQ; 22955714Skris 23055714Skristypedef struct x509_cinf_st 23155714Skris { 23255714Skris ASN1_INTEGER *version; /* [ 0 ] default of v1 */ 23355714Skris ASN1_INTEGER *serialNumber; 23455714Skris X509_ALGOR *signature; 23555714Skris X509_NAME *issuer; 23655714Skris X509_VAL *validity; 23755714Skris X509_NAME *subject; 23855714Skris X509_PUBKEY *key; 23955714Skris ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ 24055714Skris ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ 24155714Skris STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ 24255714Skris } X509_CINF; 24355714Skris 24459191Skris/* This stuff is certificate "auxiliary info" 24559191Skris * it contains details which are useful in certificate 24659191Skris * stores and databases. When used this is tagged onto 24759191Skris * the end of the certificate itself 24859191Skris */ 24959191Skris 25059191Skristypedef struct x509_cert_aux_st 25159191Skris { 25259191Skris STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ 25359191Skris STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ 25459191Skris ASN1_UTF8STRING *alias; /* "friendly name" */ 25559191Skris ASN1_OCTET_STRING *keyid; /* key id of private key */ 25659191Skris STACK_OF(X509_ALGOR) *other; /* other unspecified info */ 25759191Skris } X509_CERT_AUX; 25859191Skris 25955714Skristypedef struct x509_st 26055714Skris { 26155714Skris X509_CINF *cert_info; 26255714Skris X509_ALGOR *sig_alg; 26355714Skris ASN1_BIT_STRING *signature; 26455714Skris int valid; 26555714Skris int references; 26655714Skris char *name; 26759191Skris CRYPTO_EX_DATA ex_data; 26859191Skris /* These contain copies of various extension values */ 26959191Skris long ex_pathlen; 27059191Skris unsigned long ex_flags; 27159191Skris unsigned long ex_kusage; 27259191Skris unsigned long ex_xkusage; 27359191Skris unsigned long ex_nscert; 27468651Skris ASN1_OCTET_STRING *skid; 27568651Skris struct AUTHORITY_KEYID_st *akid; 27659191Skris#ifndef NO_SHA 27759191Skris unsigned char sha1_hash[SHA_DIGEST_LENGTH]; 27859191Skris#endif 27959191Skris X509_CERT_AUX *aux; 28055714Skris } X509; 28155714Skris 28255714SkrisDECLARE_STACK_OF(X509) 28355714SkrisDECLARE_ASN1_SET_OF(X509) 28455714Skris 28559191Skris/* This is used for a table of trust checking functions */ 28659191Skris 28759191Skristypedef struct x509_trust_st { 28859191Skris int trust; 28959191Skris int flags; 29059191Skris int (*check_trust)(struct x509_trust_st *, X509 *, int); 29159191Skris char *name; 29259191Skris int arg1; 29359191Skris void *arg2; 29459191Skris} X509_TRUST; 29559191Skris 29659191SkrisDECLARE_STACK_OF(X509_TRUST) 29759191Skris 29859191Skris/* standard trust ids */ 29959191Skris 30059191Skris#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ 30159191Skris 30259191Skris#define X509_TRUST_COMPAT 1 30359191Skris#define X509_TRUST_SSL_CLIENT 2 30459191Skris#define X509_TRUST_SSL_SERVER 3 30559191Skris#define X509_TRUST_EMAIL 4 30659191Skris#define X509_TRUST_OBJECT_SIGN 5 30759191Skris 30859191Skris/* Keep these up to date! */ 30959191Skris#define X509_TRUST_MIN 1 31059191Skris#define X509_TRUST_MAX 5 31159191Skris 31259191Skris 31359191Skris/* trust_flags values */ 31459191Skris#define X509_TRUST_DYNAMIC 1 31559191Skris#define X509_TRUST_DYNAMIC_NAME 2 31659191Skris 31759191Skris/* check_trust return codes */ 31859191Skris 31959191Skris#define X509_TRUST_TRUSTED 1 32059191Skris#define X509_TRUST_REJECTED 2 32159191Skris#define X509_TRUST_UNTRUSTED 3 32259191Skris 32368651Skris/* Flags specific to X509_NAME_print_ex() */ 32468651Skris 32568651Skris/* The field separator information */ 32668651Skris 32768651Skris#define XN_FLAG_SEP_MASK (0xf << 16) 32868651Skris 32968651Skris#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */ 33068651Skris#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */ 33168651Skris#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */ 33268651Skris#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */ 33368651Skris#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */ 33468651Skris 33568651Skris#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */ 33668651Skris 33768651Skris/* How the field name is shown */ 33868651Skris 33968651Skris#define XN_FLAG_FN_MASK (0x3 << 21) 34068651Skris 34168651Skris#define XN_FLAG_FN_SN 0 /* Object short name */ 34268651Skris#define XN_FLAG_FN_LN (1 << 21) /* Object long name */ 34368651Skris#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */ 34468651Skris#define XN_FLAG_FN_NONE (3 << 21) /* No field names */ 34568651Skris 34668651Skris#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */ 34768651Skris 34868651Skris/* This determines if we dump fields we don't recognise: 34968651Skris * RFC2253 requires this. 35068651Skris */ 35168651Skris 35268651Skris#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) 35368651Skris 35468651Skris/* Complete set of RFC2253 flags */ 35568651Skris 35668651Skris#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ 35768651Skris XN_FLAG_SEP_COMMA_PLUS | \ 35868651Skris XN_FLAG_DN_REV | \ 35968651Skris XN_FLAG_FN_SN | \ 36068651Skris XN_FLAG_DUMP_UNKNOWN_FIELDS) 36168651Skris 36268651Skris/* readable oneline form */ 36368651Skris 36468651Skris#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ 36568651Skris ASN1_STRFLGS_ESC_QUOTE | \ 36668651Skris XN_FLAG_SEP_CPLUS_SPC | \ 36768651Skris XN_FLAG_SPC_EQ | \ 36868651Skris XN_FLAG_FN_SN) 36968651Skris 37068651Skris/* readable multiline form */ 37168651Skris 37268651Skris#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ 37368651Skris ASN1_STRFLGS_ESC_MSB | \ 37468651Skris XN_FLAG_SEP_MULTILINE | \ 37568651Skris XN_FLAG_SPC_EQ | \ 37668651Skris XN_FLAG_FN_LN) 37768651Skris 37855714Skristypedef struct X509_revoked_st 37955714Skris { 38055714Skris ASN1_INTEGER *serialNumber; 38168651Skris ASN1_TIME *revocationDate; 38255714Skris STACK_OF(X509_EXTENSION) /* optional */ *extensions; 38355714Skris int sequence; /* load sequence */ 38455714Skris } X509_REVOKED; 38555714Skris 38655714SkrisDECLARE_STACK_OF(X509_REVOKED) 38755714SkrisDECLARE_ASN1_SET_OF(X509_REVOKED) 38855714Skris 38955714Skristypedef struct X509_crl_info_st 39055714Skris { 39155714Skris ASN1_INTEGER *version; 39255714Skris X509_ALGOR *sig_alg; 39355714Skris X509_NAME *issuer; 39468651Skris ASN1_TIME *lastUpdate; 39568651Skris ASN1_TIME *nextUpdate; 39655714Skris STACK_OF(X509_REVOKED) *revoked; 39755714Skris STACK_OF(X509_EXTENSION) /* [0] */ *extensions; 39855714Skris } X509_CRL_INFO; 39955714Skris 40055714Skristypedef struct X509_crl_st 40155714Skris { 40255714Skris /* actual signature */ 40355714Skris X509_CRL_INFO *crl; 40455714Skris X509_ALGOR *sig_alg; 40555714Skris ASN1_BIT_STRING *signature; 40655714Skris int references; 40755714Skris } X509_CRL; 40855714Skris 40955714SkrisDECLARE_STACK_OF(X509_CRL) 41055714SkrisDECLARE_ASN1_SET_OF(X509_CRL) 41155714Skris 41255714Skristypedef struct private_key_st 41355714Skris { 41455714Skris int version; 41555714Skris /* The PKCS#8 data types */ 41655714Skris X509_ALGOR *enc_algor; 41755714Skris ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ 41855714Skris 41955714Skris /* When decrypted, the following will not be NULL */ 42055714Skris EVP_PKEY *dec_pkey; 42155714Skris 42255714Skris /* used to encrypt and decrypt */ 42355714Skris int key_length; 42455714Skris char *key_data; 42555714Skris int key_free; /* true if we should auto free key_data */ 42655714Skris 42755714Skris /* expanded version of 'enc_algor' */ 42855714Skris EVP_CIPHER_INFO cipher; 42955714Skris 43055714Skris int references; 43155714Skris } X509_PKEY; 43255714Skris 43368651Skris#ifndef NO_EVP 43455714Skristypedef struct X509_info_st 43555714Skris { 43655714Skris X509 *x509; 43755714Skris X509_CRL *crl; 43855714Skris X509_PKEY *x_pkey; 43955714Skris 44055714Skris EVP_CIPHER_INFO enc_cipher; 44155714Skris int enc_len; 44255714Skris char *enc_data; 44355714Skris 44455714Skris int references; 44555714Skris } X509_INFO; 44655714Skris 44755714SkrisDECLARE_STACK_OF(X509_INFO) 44855714Skris#endif 44955714Skris 45055714Skris/* The next 2 structures and their 8 routines were sent to me by 45155714Skris * Pat Richard <patr@x509.com> and are used to manipulate 45259191Skris * Netscapes spki structures - useful if you are writing a CA web page 45355714Skris */ 45455714Skristypedef struct Netscape_spkac_st 45555714Skris { 45655714Skris X509_PUBKEY *pubkey; 45755714Skris ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ 45855714Skris } NETSCAPE_SPKAC; 45955714Skris 46055714Skristypedef struct Netscape_spki_st 46155714Skris { 46255714Skris NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ 46355714Skris X509_ALGOR *sig_algor; 46455714Skris ASN1_BIT_STRING *signature; 46555714Skris } NETSCAPE_SPKI; 46655714Skris 46755714Skris/* Netscape certificate sequence structure */ 46855714Skristypedef struct Netscape_certificate_sequence 46955714Skris { 47055714Skris ASN1_OBJECT *type; 47155714Skris STACK_OF(X509) *certs; 47255714Skris } NETSCAPE_CERT_SEQUENCE; 47355714Skris 47455714Skristypedef struct CBCParameter_st 47555714Skris { 47655714Skris unsigned char iv[8]; 47755714Skris } CBC_PARAM; 47855714Skris 47955714Skris/* Password based encryption structure */ 48055714Skris 48155714Skristypedef struct PBEPARAM_st { 48255714SkrisASN1_OCTET_STRING *salt; 48355714SkrisASN1_INTEGER *iter; 48455714Skris} PBEPARAM; 48555714Skris 48655714Skris/* Password based encryption V2 structures */ 48755714Skris 48855714Skristypedef struct PBE2PARAM_st { 48955714SkrisX509_ALGOR *keyfunc; 49055714SkrisX509_ALGOR *encryption; 49155714Skris} PBE2PARAM; 49255714Skris 49355714Skristypedef struct PBKDF2PARAM_st { 49455714SkrisASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */ 49555714SkrisASN1_INTEGER *iter; 49655714SkrisASN1_INTEGER *keylength; 49755714SkrisX509_ALGOR *prf; 49855714Skris} PBKDF2PARAM; 49955714Skris 50055714Skris 50155714Skris/* PKCS#8 private key info structure */ 50255714Skris 50355714Skristypedef struct pkcs8_priv_key_info_st 50455714Skris { 50555714Skris int broken; /* Flag for various broken formats */ 50659191Skris#define PKCS8_OK 0 50759191Skris#define PKCS8_NO_OCTET 1 50859191Skris#define PKCS8_EMBEDDED_PARAM 2 50959191Skris#define PKCS8_NS_DB 3 51055714Skris ASN1_INTEGER *version; 51155714Skris X509_ALGOR *pkeyalg; 51255714Skris ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ 51355714Skris STACK_OF(X509_ATTRIBUTE) *attributes; 51455714Skris } PKCS8_PRIV_KEY_INFO; 51555714Skris 51668651Skris#ifdef __cplusplus 51768651Skris} 51868651Skris#endif 51968651Skris 52055714Skris#include <openssl/x509_vfy.h> 52155714Skris#include <openssl/pkcs7.h> 52255714Skris 52368651Skris#ifdef __cplusplus 52468651Skrisextern "C" { 52568651Skris#endif 52668651Skris 52755714Skris#ifdef SSLEAY_MACROS 52855714Skris#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\ 52955714Skris a->signature,(char *)a->cert_info,r) 53055714Skris#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \ 53155714Skris a->sig_alg,a->signature,(char *)a->req_info,r) 53255714Skris#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \ 53355714Skris a->sig_alg, a->signature,(char *)a->crl,r) 53455714Skris 53555714Skris#define X509_sign(x,pkey,md) \ 53655714Skris ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \ 53755714Skris x->sig_alg, x->signature, (char *)x->cert_info,pkey,md) 53855714Skris#define X509_REQ_sign(x,pkey,md) \ 53955714Skris ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \ 54055714Skris x->signature, (char *)x->req_info,pkey,md) 54155714Skris#define X509_CRL_sign(x,pkey,md) \ 54255714Skris ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \ 54355714Skris x->signature, (char *)x->crl,pkey,md) 54455714Skris#define NETSCAPE_SPKI_sign(x,pkey,md) \ 54555714Skris ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \ 54655714Skris x->signature, (char *)x->spkac,pkey,md) 54755714Skris 54855714Skris#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ 54955714Skris (char *(*)())d2i_X509,(char *)x509) 55055714Skris#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\ 55155714Skris (int (*)())i2d_X509_ATTRIBUTE, \ 55255714Skris (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa) 55355714Skris#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ 55455714Skris (int (*)())i2d_X509_EXTENSION, \ 55555714Skris (char *(*)())d2i_X509_EXTENSION,(char *)ex) 55655714Skris#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \ 55755714Skris (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)) 55855714Skris#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509) 55955714Skris#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \ 56055714Skris (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)) 56155714Skris#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509) 56255714Skris 56355714Skris#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \ 56455714Skris (char *(*)())d2i_X509_CRL,(char *)crl) 56555714Skris#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \ 56655714Skris X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\ 56755714Skris (unsigned char **)(crl)) 56855714Skris#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\ 56955714Skris (unsigned char *)crl) 57055714Skris#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \ 57155714Skris X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\ 57255714Skris (unsigned char **)(crl)) 57355714Skris#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\ 57455714Skris (unsigned char *)crl) 57555714Skris 57655714Skris#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \ 57755714Skris (char *(*)())d2i_PKCS7,(char *)p7) 57855714Skris#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \ 57955714Skris PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\ 58055714Skris (unsigned char **)(p7)) 58155714Skris#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\ 58255714Skris (unsigned char *)p7) 58355714Skris#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \ 58455714Skris PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\ 58555714Skris (unsigned char **)(p7)) 58655714Skris#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\ 58755714Skris (unsigned char *)p7) 58855714Skris 58955714Skris#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \ 59055714Skris (char *(*)())d2i_X509_REQ,(char *)req) 59155714Skris#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\ 59255714Skris X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\ 59355714Skris (unsigned char **)(req)) 59455714Skris#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\ 59555714Skris (unsigned char *)req) 59655714Skris#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\ 59755714Skris X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\ 59855714Skris (unsigned char **)(req)) 59955714Skris#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\ 60055714Skris (unsigned char *)req) 60155714Skris 60255714Skris#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \ 60355714Skris (char *(*)())d2i_RSAPublicKey,(char *)rsa) 60455714Skris#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \ 60555714Skris (char *(*)())d2i_RSAPrivateKey,(char *)rsa) 60655714Skris 60755714Skris#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ 60855714Skris RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \ 60955714Skris (unsigned char **)(rsa)) 61055714Skris#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \ 61155714Skris (unsigned char *)rsa) 61255714Skris#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ 61355714Skris RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \ 61455714Skris (unsigned char **)(rsa)) 61555714Skris#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \ 61655714Skris (unsigned char *)rsa) 61755714Skris 61855714Skris#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ 61955714Skris RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \ 62055714Skris (unsigned char **)(rsa)) 62155714Skris#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \ 62255714Skris (unsigned char *)rsa) 62355714Skris#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ 62455714Skris RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \ 62555714Skris (unsigned char **)(rsa)) 62655714Skris#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \ 62755714Skris (unsigned char *)rsa) 62855714Skris 62955714Skris#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\ 63055714Skris DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \ 63155714Skris (unsigned char **)(dsa)) 63255714Skris#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \ 63355714Skris (unsigned char *)dsa) 63455714Skris#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\ 63555714Skris DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \ 63655714Skris (unsigned char **)(dsa)) 63755714Skris#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ 63855714Skris (unsigned char *)dsa) 63955714Skris 64055714Skris#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ 64155714Skris (char *(*)())d2i_X509_ALGOR,(char *)xn) 64255714Skris 64355714Skris#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ 64455714Skris (char *(*)())d2i_X509_NAME,(char *)xn) 64555714Skris#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ 64655714Skris (int (*)())i2d_X509_NAME_ENTRY, \ 64755714Skris (char *(*)())d2i_X509_NAME_ENTRY,\ 64855714Skris (char *)ne) 64955714Skris 65055714Skris#define X509_digest(data,type,md,len) \ 65155714Skris ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) 65255714Skris#define X509_NAME_digest(data,type,md,len) \ 65355714Skris ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) 65455714Skris#ifndef PKCS7_ISSUER_AND_SERIAL_digest 65555714Skris#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ 65655714Skris ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ 65755714Skris (char *)data,md,len) 65855714Skris#endif 65955714Skris#endif 66055714Skris 66155714Skris#define X509_EXT_PACK_UNKNOWN 1 66255714Skris#define X509_EXT_PACK_STRING 2 66355714Skris 66455714Skris#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version) 66555714Skris/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */ 66655714Skris#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore) 66755714Skris#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter) 66855714Skris#define X509_extract_key(x) X509_get_pubkey(x) /*****/ 66955714Skris#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version) 67055714Skris#define X509_REQ_get_subject_name(x) ((x)->req_info->subject) 67155714Skris#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) 67255714Skris#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) 67355714Skris#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) 67455714Skris 67555714Skris#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version) 67655714Skris#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) 67755714Skris#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) 67855714Skris#define X509_CRL_get_issuer(x) ((x)->crl->issuer) 67955714Skris#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) 68055714Skris 68155714Skris/* This one is only used so that a binary form can output, as in 68255714Skris * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ 68355714Skris#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) 68455714Skris 68555714Skris 68655714Skrisconst char *X509_verify_cert_error_string(long n); 68755714Skris 68855714Skris#ifndef SSLEAY_MACROS 68968651Skris#ifndef NO_EVP 69055714Skrisint X509_verify(X509 *a, EVP_PKEY *r); 69155714Skris 69255714Skrisint X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); 69355714Skrisint X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); 69455714Skrisint NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); 69555714Skris 69659191SkrisNETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len); 69759191Skrischar * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); 69859191SkrisEVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); 69959191Skrisint NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); 70059191Skris 70159191Skrisint NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); 70259191Skris 70355714Skrisint X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 70455714Skrisint X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); 70555714Skrisint X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); 70655714Skrisint NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); 70755714Skris 70868651Skrisint X509_digest(const X509 *data,const EVP_MD *type, 70968651Skris unsigned char *md, unsigned int *len); 71068651Skrisint X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, 71168651Skris unsigned char *md, unsigned int *len); 71268651Skrisint X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, 71368651Skris unsigned char *md, unsigned int *len); 71468651Skrisint X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, 71568651Skris unsigned char *md, unsigned int *len); 71655714Skris#endif 71755714Skris 71855714Skris#ifndef NO_FP_API 71955714SkrisX509 *d2i_X509_fp(FILE *fp, X509 **x509); 72055714Skrisint i2d_X509_fp(FILE *fp,X509 *x509); 72155714SkrisX509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); 72255714Skrisint i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); 72355714SkrisX509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); 72455714Skrisint i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); 72555714Skris#ifndef NO_RSA 72655714SkrisRSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); 72755714Skrisint i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); 72855714SkrisRSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); 72955714Skrisint i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); 73059191SkrisRSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa); 73159191Skrisint i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa); 73255714Skris#endif 73355714Skris#ifndef NO_DSA 73459191SkrisDSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); 73559191Skrisint i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); 73655714SkrisDSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); 73755714Skrisint i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); 73859191Skris#endif 73955714SkrisX509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); 74055714Skrisint i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); 74155714SkrisPKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 74255714Skris PKCS8_PRIV_KEY_INFO **p8inf); 74355714Skrisint i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); 74459191Skrisint i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); 74559191Skrisint i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); 74659191SkrisEVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); 74768651Skrisint i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); 74868651SkrisEVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); 74955714Skris#endif 75055714Skris 75168651Skris#ifndef NO_BIO 75255714SkrisX509 *d2i_X509_bio(BIO *bp,X509 **x509); 75355714Skrisint i2d_X509_bio(BIO *bp,X509 *x509); 75455714SkrisX509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); 75555714Skrisint i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); 75655714SkrisX509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); 75755714Skrisint i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); 75855714Skris#ifndef NO_RSA 75955714SkrisRSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); 76055714Skrisint i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); 76155714SkrisRSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); 76255714Skrisint i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); 76359191SkrisRSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa); 76459191Skrisint i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa); 76555714Skris#endif 76655714Skris#ifndef NO_DSA 76759191SkrisDSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); 76859191Skrisint i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); 76955714SkrisDSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); 77055714Skrisint i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); 77155714Skris#endif 77255714SkrisX509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); 77355714Skrisint i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); 77455714SkrisPKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 77555714Skris PKCS8_PRIV_KEY_INFO **p8inf); 77655714Skrisint i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); 77759191Skrisint i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); 77859191Skrisint i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); 77959191SkrisEVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); 78068651Skrisint i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); 78168651SkrisEVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); 78255714Skris#endif 78355714Skris 78455714SkrisX509 *X509_dup(X509 *x509); 78555714SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); 78655714SkrisX509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); 78755714SkrisX509_CRL *X509_CRL_dup(X509_CRL *crl); 78855714SkrisX509_REQ *X509_REQ_dup(X509_REQ *req); 78955714SkrisX509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); 79055714SkrisX509_NAME *X509_NAME_dup(X509_NAME *xn); 79155714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); 79255714Skris#ifndef NO_RSA 79355714SkrisRSA *RSAPublicKey_dup(RSA *rsa); 79455714SkrisRSA *RSAPrivateKey_dup(RSA *rsa); 79555714Skris#endif 79655714Skris 79755714Skris#endif /* !SSLEAY_MACROS */ 79855714Skris 79968651Skrisint X509_cmp_time(ASN1_TIME *s, time_t *t); 80068651Skrisint X509_cmp_current_time(ASN1_TIME *s); 80168651SkrisASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t); 80268651SkrisASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj); 80355714Skris 80455714Skrisconst char * X509_get_default_cert_area(void ); 80555714Skrisconst char * X509_get_default_cert_dir(void ); 80655714Skrisconst char * X509_get_default_cert_file(void ); 80755714Skrisconst char * X509_get_default_cert_dir_env(void ); 80855714Skrisconst char * X509_get_default_cert_file_env(void ); 80955714Skrisconst char * X509_get_default_private_dir(void ); 81055714Skris 81159191SkrisX509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 81255714SkrisX509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); 81355714Skris 81455714SkrisX509_ALGOR * X509_ALGOR_new(void ); 81555714Skrisvoid X509_ALGOR_free(X509_ALGOR *a); 81655714Skrisint i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp); 81755714SkrisX509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp, 81855714Skris long length); 81955714Skris 82055714SkrisX509_VAL * X509_VAL_new(void ); 82155714Skrisvoid X509_VAL_free(X509_VAL *a); 82255714Skrisint i2d_X509_VAL(X509_VAL *a,unsigned char **pp); 82355714SkrisX509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp, 82455714Skris long length); 82555714Skris 82655714SkrisX509_PUBKEY * X509_PUBKEY_new(void ); 82755714Skrisvoid X509_PUBKEY_free(X509_PUBKEY *a); 82855714Skrisint i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp); 82955714SkrisX509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp, 83055714Skris long length); 83155714Skrisint X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); 83255714SkrisEVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); 83355714Skrisint X509_get_pubkey_parameters(EVP_PKEY *pkey, 83455714Skris STACK_OF(X509) *chain); 83559191Skrisint i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); 83659191SkrisEVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp, 83759191Skris long length); 83859191Skris#ifndef NO_RSA 83959191Skrisint i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); 84059191SkrisRSA * d2i_RSA_PUBKEY(RSA **a,unsigned char **pp, 84159191Skris long length); 84259191Skris#endif 84359191Skris#ifndef NO_DSA 84459191Skrisint i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); 84559191SkrisDSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp, 84659191Skris long length); 84759191Skris#endif 84855714Skris 84955714SkrisX509_SIG * X509_SIG_new(void ); 85055714Skrisvoid X509_SIG_free(X509_SIG *a); 85155714Skrisint i2d_X509_SIG(X509_SIG *a,unsigned char **pp); 85255714SkrisX509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length); 85355714Skris 85455714SkrisX509_REQ_INFO *X509_REQ_INFO_new(void); 85555714Skrisvoid X509_REQ_INFO_free(X509_REQ_INFO *a); 85655714Skrisint i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp); 85755714SkrisX509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp, 85855714Skris long length); 85955714Skris 86055714SkrisX509_REQ * X509_REQ_new(void); 86155714Skrisvoid X509_REQ_free(X509_REQ *a); 86255714Skrisint i2d_X509_REQ(X509_REQ *a,unsigned char **pp); 86355714SkrisX509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length); 86455714Skris 86555714SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_new(void ); 86655714Skrisvoid X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); 86755714Skrisint i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp); 86855714SkrisX509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp, 86955714Skris long length); 87055714SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); 87155714Skris 87255714Skris 87355714SkrisX509_EXTENSION *X509_EXTENSION_new(void ); 87455714Skrisvoid X509_EXTENSION_free(X509_EXTENSION *a); 87555714Skrisint i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp); 87655714SkrisX509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp, 87755714Skris long length); 87855714Skris 87955714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_new(void); 88055714Skrisvoid X509_NAME_ENTRY_free(X509_NAME_ENTRY *a); 88155714Skrisint i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp); 88255714SkrisX509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp, 88355714Skris long length); 88455714Skris 88555714SkrisX509_NAME * X509_NAME_new(void); 88655714Skrisvoid X509_NAME_free(X509_NAME *a); 88755714Skrisint i2d_X509_NAME(X509_NAME *a,unsigned char **pp); 88855714SkrisX509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length); 88955714Skrisint X509_NAME_set(X509_NAME **xn, X509_NAME *name); 89055714Skris 89155714Skris 89255714SkrisX509_CINF * X509_CINF_new(void); 89355714Skrisvoid X509_CINF_free(X509_CINF *a); 89455714Skrisint i2d_X509_CINF(X509_CINF *a,unsigned char **pp); 89555714SkrisX509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length); 89655714Skris 89755714SkrisX509 * X509_new(void); 89855714Skrisvoid X509_free(X509 *a); 89955714Skrisint i2d_X509(X509 *a,unsigned char **pp); 90055714SkrisX509 * d2i_X509(X509 **a,unsigned char **pp,long length); 90159191Skrisint X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 90259191Skris CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 90359191Skrisint X509_set_ex_data(X509 *r, int idx, void *arg); 90459191Skrisvoid *X509_get_ex_data(X509 *r, int idx); 90559191Skrisint i2d_X509_AUX(X509 *a,unsigned char **pp); 90659191SkrisX509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length); 90755714Skris 90859191SkrisX509_CERT_AUX * X509_CERT_AUX_new(void); 90959191Skrisvoid X509_CERT_AUX_free(X509_CERT_AUX *a); 91059191Skrisint i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp); 91159191SkrisX509_CERT_AUX * d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp, 91259191Skris long length); 91359191Skrisint X509_alias_set1(X509 *x, unsigned char *name, int len); 91468651Skrisint X509_keyid_set1(X509 *x, unsigned char *id, int len); 91559191Skrisunsigned char * X509_alias_get0(X509 *x, int *len); 91659191Skrisint (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); 91759191Skrisint X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); 91859191Skrisint X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); 91959191Skrisvoid X509_trust_clear(X509 *x); 92059191Skrisvoid X509_reject_clear(X509 *x); 92159191Skris 92255714SkrisX509_REVOKED * X509_REVOKED_new(void); 92355714Skrisvoid X509_REVOKED_free(X509_REVOKED *a); 92455714Skrisint i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp); 92555714SkrisX509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length); 92655714Skris 92755714SkrisX509_CRL_INFO *X509_CRL_INFO_new(void); 92855714Skrisvoid X509_CRL_INFO_free(X509_CRL_INFO *a); 92955714Skrisint i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp); 93055714SkrisX509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp, 93155714Skris long length); 93255714Skris 93355714SkrisX509_CRL * X509_CRL_new(void); 93455714Skrisvoid X509_CRL_free(X509_CRL *a); 93555714Skrisint i2d_X509_CRL(X509_CRL *a,unsigned char **pp); 93655714SkrisX509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length); 93755714Skris 93855714SkrisX509_PKEY * X509_PKEY_new(void ); 93955714Skrisvoid X509_PKEY_free(X509_PKEY *a); 94055714Skrisint i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); 94155714SkrisX509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length); 94255714Skris 94355714SkrisNETSCAPE_SPKI * NETSCAPE_SPKI_new(void ); 94455714Skrisvoid NETSCAPE_SPKI_free(NETSCAPE_SPKI *a); 94555714Skrisint i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp); 94655714SkrisNETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp, 94755714Skris long length); 94855714Skris 94955714SkrisNETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void ); 95055714Skrisvoid NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a); 95155714Skrisint i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp); 95255714SkrisNETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp, 95355714Skris long length); 95455714Skris 95555714Skris 95655714Skrisint i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp); 95755714SkrisNETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void); 95855714SkrisNETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length); 95955714Skrisvoid NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a); 96055714Skris 96168651Skris#ifndef NO_EVP 96255714SkrisX509_INFO * X509_INFO_new(void); 96355714Skrisvoid X509_INFO_free(X509_INFO *a); 96455714Skrischar * X509_NAME_oneline(X509_NAME *a,char *buf,int size); 96555714Skris 96655714Skrisint ASN1_verify(int (*i2d)(), X509_ALGOR *algor1, 96755714Skris ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); 96855714Skris 96959191Skrisint ASN1_digest(int (*i2d)(),const EVP_MD *type,char *data, 97055714Skris unsigned char *md,unsigned int *len); 97155714Skris 97255714Skrisint ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, 97355714Skris ASN1_BIT_STRING *signature, 97455714Skris char *data,EVP_PKEY *pkey, const EVP_MD *type); 97555714Skris#endif 97655714Skris 97755714Skrisint X509_set_version(X509 *x,long version); 97855714Skrisint X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); 97955714SkrisASN1_INTEGER * X509_get_serialNumber(X509 *x); 98055714Skrisint X509_set_issuer_name(X509 *x, X509_NAME *name); 98155714SkrisX509_NAME * X509_get_issuer_name(X509 *a); 98255714Skrisint X509_set_subject_name(X509 *x, X509_NAME *name); 98355714SkrisX509_NAME * X509_get_subject_name(X509 *a); 98468651Skrisint X509_set_notBefore(X509 *x, ASN1_TIME *tm); 98568651Skrisint X509_set_notAfter(X509 *x, ASN1_TIME *tm); 98655714Skrisint X509_set_pubkey(X509 *x, EVP_PKEY *pkey); 98755714SkrisEVP_PKEY * X509_get_pubkey(X509 *x); 98855714Skrisint X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */); 98955714Skris 99055714Skrisint X509_REQ_set_version(X509_REQ *x,long version); 99155714Skrisint X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name); 99255714Skrisint X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); 99355714SkrisEVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); 99459191Skrisint X509_REQ_extension_nid(int nid); 99559191Skrisint * X509_REQ_get_extension_nids(void); 99659191Skrisvoid X509_REQ_set_extension_nids(int *nids); 99759191SkrisSTACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); 99859191Skrisint X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, 99959191Skris int nid); 100059191Skrisint X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); 100159191Skrisint X509_REQ_get_attr_count(const X509_REQ *req); 100259191Skrisint X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, 100359191Skris int lastpos); 100459191Skrisint X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, 100559191Skris int lastpos); 100659191SkrisX509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); 100759191SkrisX509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); 100859191Skrisint X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); 100959191Skrisint X509_REQ_add1_attr_by_OBJ(X509_REQ *req, 101059191Skris ASN1_OBJECT *obj, int type, 101159191Skris unsigned char *bytes, int len); 101259191Skrisint X509_REQ_add1_attr_by_NID(X509_REQ *req, 101359191Skris int nid, int type, 101459191Skris unsigned char *bytes, int len); 101559191Skrisint X509_REQ_add1_attr_by_txt(X509_REQ *req, 101659191Skris char *attrname, int type, 101759191Skris unsigned char *bytes, int len); 101855714Skris 101955714Skrisint X509_check_private_key(X509 *x509,EVP_PKEY *pkey); 102055714Skris 102168651Skrisint X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); 102255714Skrisunsigned long X509_issuer_and_serial_hash(X509 *a); 102355714Skris 102468651Skrisint X509_issuer_name_cmp(const X509 *a, const X509 *b); 102555714Skrisunsigned long X509_issuer_name_hash(X509 *a); 102655714Skris 102768651Skrisint X509_subject_name_cmp(const X509 *a, const X509 *b); 102855714Skrisunsigned long X509_subject_name_hash(X509 *x); 102955714Skris 103068651Skrisint X509_cmp(const X509 *a, const X509 *b); 103168651Skrisint X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); 103255714Skrisunsigned long X509_NAME_hash(X509_NAME *x); 103355714Skris 103468651Skrisint X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); 103555714Skris#ifndef NO_FP_API 103655714Skrisint X509_print_fp(FILE *bp,X509 *x); 103755714Skrisint X509_CRL_print_fp(FILE *bp,X509_CRL *x); 103855714Skrisint X509_REQ_print_fp(FILE *bp,X509_REQ *req); 103968651Skrisint X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags); 104055714Skris#endif 104155714Skris 104268651Skris#ifndef NO_BIO 104355714Skrisint X509_NAME_print(BIO *bp, X509_NAME *name, int obase); 104468651Skrisint X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); 104555714Skrisint X509_print(BIO *bp,X509 *x); 104659191Skrisint X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); 104755714Skrisint X509_CRL_print(BIO *bp,X509_CRL *x); 104855714Skrisint X509_REQ_print(BIO *bp,X509_REQ *req); 104955714Skris#endif 105055714Skris 105155714Skrisint X509_NAME_entry_count(X509_NAME *name); 105255714Skrisint X509_NAME_get_text_by_NID(X509_NAME *name, int nid, 105355714Skris char *buf,int len); 105455714Skrisint X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, 105555714Skris char *buf,int len); 105655714Skris 105755714Skris/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use 105859191Skris * lastpos, search after that position on. */ 105955714Skrisint X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); 106055714Skrisint X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, 106155714Skris int lastpos); 106255714SkrisX509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); 106355714SkrisX509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); 106455714Skrisint X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, 106555714Skris int loc, int set); 106659191Skrisint X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, 106759191Skris unsigned char *bytes, int len, int loc, int set); 106859191Skrisint X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, 106959191Skris unsigned char *bytes, int len, int loc, int set); 107059191SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, 107159191Skris char *field, int type, unsigned char *bytes, int len); 107255714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, 107355714Skris int type,unsigned char *bytes, int len); 107459191Skrisint X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type, 107559191Skris unsigned char *bytes, int len, int loc, int set); 107655714SkrisX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, 107755714Skris ASN1_OBJECT *obj, int type,unsigned char *bytes, 107855714Skris int len); 107955714Skrisint X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, 108055714Skris ASN1_OBJECT *obj); 108155714Skrisint X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, 108255714Skris unsigned char *bytes, int len); 108355714SkrisASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); 108455714SkrisASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); 108555714Skris 108655714Skrisint X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); 108755714Skrisint X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, 108855714Skris int nid, int lastpos); 108955714Skrisint X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, 109055714Skris ASN1_OBJECT *obj,int lastpos); 109155714Skrisint X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, 109255714Skris int crit, int lastpos); 109355714SkrisX509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); 109455714SkrisX509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); 109555714SkrisSTACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, 109655714Skris X509_EXTENSION *ex, int loc); 109755714Skris 109855714Skrisint X509_get_ext_count(X509 *x); 109955714Skrisint X509_get_ext_by_NID(X509 *x, int nid, int lastpos); 110055714Skrisint X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); 110155714Skrisint X509_get_ext_by_critical(X509 *x, int crit, int lastpos); 110255714SkrisX509_EXTENSION *X509_get_ext(X509 *x, int loc); 110355714SkrisX509_EXTENSION *X509_delete_ext(X509 *x, int loc); 110455714Skrisint X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); 110559191Skrisvoid * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); 110655714Skris 110755714Skrisint X509_CRL_get_ext_count(X509_CRL *x); 110855714Skrisint X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); 110955714Skrisint X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos); 111055714Skrisint X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos); 111155714SkrisX509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc); 111255714SkrisX509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); 111355714Skrisint X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); 111459191Skrisvoid * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx); 111555714Skris 111655714Skrisint X509_REVOKED_get_ext_count(X509_REVOKED *x); 111755714Skrisint X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos); 111855714Skrisint X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos); 111955714Skrisint X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos); 112055714SkrisX509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc); 112155714SkrisX509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); 112255714Skrisint X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); 112359191Skrisvoid * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx); 112455714Skris 112555714SkrisX509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, 112655714Skris int nid, int crit, ASN1_OCTET_STRING *data); 112755714SkrisX509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, 112855714Skris ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data); 112955714Skrisint X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj); 113055714Skrisint X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); 113155714Skrisint X509_EXTENSION_set_data(X509_EXTENSION *ex, 113255714Skris ASN1_OCTET_STRING *data); 113355714SkrisASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); 113455714SkrisASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); 113555714Skrisint X509_EXTENSION_get_critical(X509_EXTENSION *ex); 113655714Skris 113759191Skrisint X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); 113859191Skrisint X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, 113959191Skris int lastpos); 114059191Skrisint X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj, 114159191Skris int lastpos); 114259191SkrisX509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); 114359191SkrisX509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); 114459191SkrisSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, 114559191Skris X509_ATTRIBUTE *attr); 114659191SkrisSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, 114759191Skris ASN1_OBJECT *obj, int type, 114859191Skris unsigned char *bytes, int len); 114959191SkrisSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, 115059191Skris int nid, int type, 115159191Skris unsigned char *bytes, int len); 115259191SkrisSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, 115359191Skris char *attrname, int type, 115459191Skris unsigned char *bytes, int len); 115559191SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, 115659191Skris int atrtype, void *data, int len); 115759191SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, 115859191Skris ASN1_OBJECT *obj, int atrtype, void *data, int len); 115959191SkrisX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, 116059191Skris char *atrname, int type, unsigned char *bytes, int len); 116159191Skrisint X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj); 116259191Skrisint X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len); 116359191Skrisvoid *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, 116459191Skris int atrtype, void *data); 116559191Skrisint X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); 116659191SkrisASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); 116759191SkrisASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); 116859191Skris 116955714Skrisint X509_verify_cert(X509_STORE_CTX *ctx); 117055714Skris 117155714Skris/* lookup a cert from a X509 STACK */ 117255714SkrisX509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, 117355714Skris ASN1_INTEGER *serial); 117455714SkrisX509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); 117555714Skris 117655714Skrisint i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp); 117755714SkrisPBEPARAM *PBEPARAM_new(void); 117855714SkrisPBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length); 117955714Skrisvoid PBEPARAM_free(PBEPARAM *a); 118055714SkrisX509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen); 118155714SkrisX509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, 118255714Skris unsigned char *salt, int saltlen); 118355714Skris 118455714Skrisint i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp); 118555714SkrisPBKDF2PARAM *PBKDF2PARAM_new(void); 118655714SkrisPBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length); 118755714Skrisvoid PBKDF2PARAM_free(PBKDF2PARAM *a); 118855714Skris 118955714Skrisint i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp); 119055714SkrisPBE2PARAM *PBE2PARAM_new(void); 119155714SkrisPBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length); 119255714Skrisvoid PBE2PARAM_free(PBE2PARAM *a); 119355714Skris 119455714Skris/* PKCS#8 utilities */ 119555714Skris 119655714Skrisint i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp); 119755714SkrisPKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void); 119855714SkrisPKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, 119955714Skris unsigned char **pp, long length); 120055714Skrisvoid PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a); 120155714Skris 120255714SkrisEVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); 120355714SkrisPKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); 120459191SkrisPKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken); 120555714SkrisPKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); 120655714Skris 120759191Skrisint X509_check_trust(X509 *x, int id, int flags); 120859191Skrisint X509_TRUST_get_count(void); 120959191SkrisX509_TRUST * X509_TRUST_get0(int idx); 121059191Skrisint X509_TRUST_get_by_id(int id); 121159191Skrisint X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), 121259191Skris char *name, int arg1, void *arg2); 121359191Skrisvoid X509_TRUST_cleanup(void); 121459191Skrisint X509_TRUST_get_flags(X509_TRUST *xp); 121559191Skrischar *X509_TRUST_get0_name(X509_TRUST *xp); 121659191Skrisint X509_TRUST_get_trust(X509_TRUST *xp); 121759191Skris 121855714Skris/* BEGIN ERROR CODES */ 121955714Skris/* The following lines are auto generated by the script mkerr.pl. Any changes 122055714Skris * made after this point may be overwritten when the script is next run. 122155714Skris */ 122289837Skrisvoid ERR_load_X509_strings(void); 122355714Skris 122455714Skris/* Error codes for the X509 functions. */ 122555714Skris 122655714Skris/* Function codes. */ 122755714Skris#define X509_F_ADD_CERT_DIR 100 122855714Skris#define X509_F_BY_FILE_CTRL 101 122955714Skris#define X509_F_DIR_CTRL 102 123055714Skris#define X509_F_GET_CERT_BY_SUBJECT 103 123159191Skris#define X509_F_NETSCAPE_SPKI_B64_DECODE 129 123259191Skris#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 123355714Skris#define X509_F_X509V3_ADD_EXT 104 123459191Skris#define X509_F_X509_ADD_ATTR 135 123559191Skris#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 123659191Skris#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 123759191Skris#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 123859191Skris#define X509_F_X509_ATTRIBUTE_GET0_DATA 139 123959191Skris#define X509_F_X509_ATTRIBUTE_SET1_DATA 138 124055714Skris#define X509_F_X509_CHECK_PRIVATE_KEY 128 124155714Skris#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 124255714Skris#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 124355714Skris#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 124459191Skris#define X509_F_X509_LOAD_CERT_CRL_FILE 132 124555714Skris#define X509_F_X509_LOAD_CERT_FILE 111 124655714Skris#define X509_F_X509_LOAD_CRL_FILE 112 124755714Skris#define X509_F_X509_NAME_ADD_ENTRY 113 124855714Skris#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 124959191Skris#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131 125055714Skris#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 125155714Skris#define X509_F_X509_NAME_ONELINE 116 125255714Skris#define X509_F_X509_NAME_PRINT 117 125355714Skris#define X509_F_X509_PRINT_FP 118 125455714Skris#define X509_F_X509_PUBKEY_GET 119 125555714Skris#define X509_F_X509_PUBKEY_SET 120 125655714Skris#define X509_F_X509_REQ_PRINT 121 125755714Skris#define X509_F_X509_REQ_PRINT_FP 122 125855714Skris#define X509_F_X509_REQ_TO_X509 123 125955714Skris#define X509_F_X509_STORE_ADD_CERT 124 126055714Skris#define X509_F_X509_STORE_ADD_CRL 125 126159191Skris#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 126255714Skris#define X509_F_X509_TO_X509_REQ 126 126359191Skris#define X509_F_X509_TRUST_ADD 133 126455714Skris#define X509_F_X509_VERIFY_CERT 127 126555714Skris 126655714Skris/* Reason codes. */ 126755714Skris#define X509_R_BAD_X509_FILETYPE 100 126859191Skris#define X509_R_BASE64_DECODE_ERROR 118 126955714Skris#define X509_R_CANT_CHECK_DH_KEY 114 127055714Skris#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 127155714Skris#define X509_R_ERR_ASN1_LIB 102 127255714Skris#define X509_R_INVALID_DIRECTORY 113 127359191Skris#define X509_R_INVALID_FIELD_NAME 119 127455714Skris#define X509_R_KEY_TYPE_MISMATCH 115 127555714Skris#define X509_R_KEY_VALUES_MISMATCH 116 127655714Skris#define X509_R_LOADING_CERT_DIR 103 127755714Skris#define X509_R_LOADING_DEFAULTS 104 127855714Skris#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 127955714Skris#define X509_R_SHOULD_RETRY 106 128055714Skris#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 128155714Skris#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 128255714Skris#define X509_R_UNKNOWN_KEY_TYPE 117 128355714Skris#define X509_R_UNKNOWN_NID 109 128459191Skris#define X509_R_UNKNOWN_PURPOSE_ID 121 128559191Skris#define X509_R_UNKNOWN_TRUST_ID 120 128655714Skris#define X509_R_UNSUPPORTED_ALGORITHM 111 128755714Skris#define X509_R_WRONG_LOOKUP_TYPE 112 128859191Skris#define X509_R_WRONG_TYPE 122 128955714Skris 129055714Skris#ifdef __cplusplus 129155714Skris} 129255714Skris#endif 129355714Skris#endif 1294