x509v3.h revision 109998
155714Skris/* x509v3.h */ 255714Skris/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL 355714Skris * project 1999. 455714Skris */ 555714Skris/* ==================================================================== 655714Skris * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 755714Skris * 855714Skris * Redistribution and use in source and binary forms, with or without 955714Skris * modification, are permitted provided that the following conditions 1055714Skris * are met: 1155714Skris * 1255714Skris * 1. Redistributions of source code must retain the above copyright 1355714Skris * notice, this list of conditions and the following disclaimer. 1455714Skris * 1555714Skris * 2. Redistributions in binary form must reproduce the above copyright 1655714Skris * notice, this list of conditions and the following disclaimer in 1755714Skris * the documentation and/or other materials provided with the 1855714Skris * distribution. 1955714Skris * 2055714Skris * 3. All advertising materials mentioning features or use of this 2155714Skris * software must display the following acknowledgment: 2255714Skris * "This product includes software developed by the OpenSSL Project 2355714Skris * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 2455714Skris * 2555714Skris * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 2655714Skris * endorse or promote products derived from this software without 2755714Skris * prior written permission. For written permission, please contact 2855714Skris * licensing@OpenSSL.org. 2955714Skris * 3055714Skris * 5. Products derived from this software may not be called "OpenSSL" 3155714Skris * nor may "OpenSSL" appear in their names without prior written 3255714Skris * permission of the OpenSSL Project. 3355714Skris * 3455714Skris * 6. Redistributions of any form whatsoever must retain the following 3555714Skris * acknowledgment: 3655714Skris * "This product includes software developed by the OpenSSL Project 3755714Skris * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 3855714Skris * 3955714Skris * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 4055714Skris * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4155714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 4255714Skris * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 4355714Skris * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 4455714Skris * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 4555714Skris * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 4655714Skris * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4755714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 4855714Skris * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 4955714Skris * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 5055714Skris * OF THE POSSIBILITY OF SUCH DAMAGE. 5155714Skris * ==================================================================== 5255714Skris * 5355714Skris * This product includes cryptographic software written by Eric Young 5455714Skris * (eay@cryptsoft.com). This product includes software written by Tim 5555714Skris * Hudson (tjh@cryptsoft.com). 5655714Skris * 5755714Skris */ 5855714Skris#ifndef HEADER_X509V3_H 5955714Skris#define HEADER_X509V3_H 6055714Skris 6168651Skris#include <openssl/bio.h> 6268651Skris#include <openssl/x509.h> 6368651Skris#include <openssl/conf.h> 6468651Skris 6555714Skris#ifdef __cplusplus 6655714Skrisextern "C" { 6755714Skris#endif 6855714Skris 6955714Skris/* Forward reference */ 7055714Skrisstruct v3_ext_method; 7155714Skrisstruct v3_ext_ctx; 7255714Skris 7355714Skris/* Useful typedefs */ 7455714Skris 7555714Skristypedef void * (*X509V3_EXT_NEW)(void); 7655714Skristypedef void (*X509V3_EXT_FREE)(void *); 7755714Skristypedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long); 7855714Skristypedef int (*X509V3_EXT_I2D)(void *, unsigned char **); 7955714Skristypedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); 8055714Skristypedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); 8155714Skristypedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); 8255714Skristypedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); 8355714Skristypedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); 8455714Skristypedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); 8555714Skris 8655714Skris/* V3 extension structure */ 8755714Skris 8855714Skrisstruct v3_ext_method { 8955714Skrisint ext_nid; 9055714Skrisint ext_flags; 91109998Smarkm/* If this is set the following four fields are ignored */ 92109998SmarkmASN1_ITEM_EXP *it; 93109998Smarkm/* Old style ASN1 calls */ 9455714SkrisX509V3_EXT_NEW ext_new; 9555714SkrisX509V3_EXT_FREE ext_free; 9655714SkrisX509V3_EXT_D2I d2i; 9755714SkrisX509V3_EXT_I2D i2d; 9855714Skris 9955714Skris/* The following pair is used for string extensions */ 10055714SkrisX509V3_EXT_I2S i2s; 10155714SkrisX509V3_EXT_S2I s2i; 10255714Skris 10355714Skris/* The following pair is used for multi-valued extensions */ 10455714SkrisX509V3_EXT_I2V i2v; 10555714SkrisX509V3_EXT_V2I v2i; 10655714Skris 10755714Skris/* The following are used for raw extensions */ 10855714SkrisX509V3_EXT_I2R i2r; 10955714SkrisX509V3_EXT_R2I r2i; 11055714Skris 11155714Skrisvoid *usr_data; /* Any extension specific data */ 11255714Skris}; 11355714Skris 11455714Skristypedef struct X509V3_CONF_METHOD_st { 11555714Skrischar * (*get_string)(void *db, char *section, char *value); 11655714SkrisSTACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section); 11755714Skrisvoid (*free_string)(void *db, char * string); 11855714Skrisvoid (*free_section)(void *db, STACK_OF(CONF_VALUE) *section); 11955714Skris} X509V3_CONF_METHOD; 12055714Skris 12155714Skris/* Context specific info */ 12255714Skrisstruct v3_ext_ctx { 12355714Skris#define CTX_TEST 0x1 12455714Skrisint flags; 12555714SkrisX509 *issuer_cert; 12655714SkrisX509 *subject_cert; 12755714SkrisX509_REQ *subject_req; 12855714SkrisX509_CRL *crl; 12955714SkrisX509V3_CONF_METHOD *db_meth; 13055714Skrisvoid *db; 13155714Skris/* Maybe more here */ 13255714Skris}; 13355714Skris 13455714Skristypedef struct v3_ext_method X509V3_EXT_METHOD; 13555714Skristypedef struct v3_ext_ctx X509V3_CTX; 13655714Skris 13768651SkrisDECLARE_STACK_OF(X509V3_EXT_METHOD) 13868651Skris 13955714Skris/* ext_flags values */ 14055714Skris#define X509V3_EXT_DYNAMIC 0x1 14155714Skris#define X509V3_EXT_CTX_DEP 0x2 14255714Skris#define X509V3_EXT_MULTILINE 0x4 14355714Skris 14455714Skristypedef BIT_STRING_BITNAME ENUMERATED_NAMES; 14555714Skris 14655714Skristypedef struct BASIC_CONSTRAINTS_st { 14755714Skrisint ca; 14855714SkrisASN1_INTEGER *pathlen; 14955714Skris} BASIC_CONSTRAINTS; 15055714Skris 15155714Skris 15255714Skristypedef struct PKEY_USAGE_PERIOD_st { 15355714SkrisASN1_GENERALIZEDTIME *notBefore; 15455714SkrisASN1_GENERALIZEDTIME *notAfter; 15555714Skris} PKEY_USAGE_PERIOD; 15655714Skris 15759191Skristypedef struct otherName_st { 15859191SkrisASN1_OBJECT *type_id; 15959191SkrisASN1_TYPE *value; 16059191Skris} OTHERNAME; 16159191Skris 162109998Smarkmtypedef struct EDIPartyName_st { 163109998Smarkm ASN1_STRING *nameAssigner; 164109998Smarkm ASN1_STRING *partyName; 165109998Smarkm} EDIPARTYNAME; 166109998Smarkm 16755714Skristypedef struct GENERAL_NAME_st { 16855714Skris 169109998Smarkm#define GEN_OTHERNAME 0 170109998Smarkm#define GEN_EMAIL 1 171109998Smarkm#define GEN_DNS 2 172109998Smarkm#define GEN_X400 3 173109998Smarkm#define GEN_DIRNAME 4 174109998Smarkm#define GEN_EDIPARTY 5 175109998Smarkm#define GEN_URI 6 176109998Smarkm#define GEN_IPADD 7 177109998Smarkm#define GEN_RID 8 17855714Skris 17955714Skrisint type; 18055714Skrisunion { 18155714Skris char *ptr; 182109998Smarkm OTHERNAME *otherName; /* otherName */ 183109998Smarkm ASN1_IA5STRING *rfc822Name; 184109998Smarkm ASN1_IA5STRING *dNSName; 185109998Smarkm ASN1_TYPE *x400Address; 186109998Smarkm X509_NAME *directoryName; 187109998Smarkm EDIPARTYNAME *ediPartyName; 188109998Smarkm ASN1_IA5STRING *uniformResourceIdentifier; 189109998Smarkm ASN1_OCTET_STRING *iPAddress; 190109998Smarkm ASN1_OBJECT *registeredID; 191109998Smarkm 192109998Smarkm /* Old names */ 19355714Skris ASN1_OCTET_STRING *ip; /* iPAddress */ 19455714Skris X509_NAME *dirn; /* dirn */ 195109998Smarkm ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ 19655714Skris ASN1_OBJECT *rid; /* registeredID */ 197109998Smarkm ASN1_TYPE *other; /* x400Address */ 19855714Skris} d; 19955714Skris} GENERAL_NAME; 20055714Skris 201109998Smarkmtypedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; 202109998Smarkm 20359191Skristypedef struct ACCESS_DESCRIPTION_st { 20459191Skris ASN1_OBJECT *method; 20559191Skris GENERAL_NAME *location; 20659191Skris} ACCESS_DESCRIPTION; 20759191Skris 208109998Smarkmtypedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; 209109998Smarkm 210109998Smarkmtypedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE; 211109998Smarkm 21255714SkrisDECLARE_STACK_OF(GENERAL_NAME) 21355714SkrisDECLARE_ASN1_SET_OF(GENERAL_NAME) 21455714Skris 21559191SkrisDECLARE_STACK_OF(ACCESS_DESCRIPTION) 21659191SkrisDECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) 21759191Skris 21855714Skristypedef struct DIST_POINT_NAME_st { 219109998Smarkmint type; 220109998Smarkmunion { 221109998Smarkm GENERAL_NAMES *fullname; 222109998Smarkm STACK_OF(X509_NAME_ENTRY) *relativename; 223109998Smarkm} name; 22455714Skris} DIST_POINT_NAME; 22555714Skris 22655714Skristypedef struct DIST_POINT_st { 22755714SkrisDIST_POINT_NAME *distpoint; 22855714SkrisASN1_BIT_STRING *reasons; 229109998SmarkmGENERAL_NAMES *CRLissuer; 23055714Skris} DIST_POINT; 23155714Skris 232109998Smarkmtypedef STACK_OF(DIST_POINT) CRL_DIST_POINTS; 233109998Smarkm 23455714SkrisDECLARE_STACK_OF(DIST_POINT) 23555714SkrisDECLARE_ASN1_SET_OF(DIST_POINT) 23655714Skris 23755714Skristypedef struct AUTHORITY_KEYID_st { 23855714SkrisASN1_OCTET_STRING *keyid; 239109998SmarkmGENERAL_NAMES *issuer; 24055714SkrisASN1_INTEGER *serial; 24155714Skris} AUTHORITY_KEYID; 24255714Skris 24355714Skris/* Strong extranet structures */ 24455714Skris 24555714Skristypedef struct SXNET_ID_st { 24655714Skris ASN1_INTEGER *zone; 24755714Skris ASN1_OCTET_STRING *user; 24855714Skris} SXNETID; 24955714Skris 25055714SkrisDECLARE_STACK_OF(SXNETID) 25155714SkrisDECLARE_ASN1_SET_OF(SXNETID) 25255714Skris 25355714Skristypedef struct SXNET_st { 25455714Skris ASN1_INTEGER *version; 25555714Skris STACK_OF(SXNETID) *ids; 25655714Skris} SXNET; 25755714Skris 25855714Skristypedef struct NOTICEREF_st { 25955714Skris ASN1_STRING *organization; 26068651Skris STACK_OF(ASN1_INTEGER) *noticenos; 26155714Skris} NOTICEREF; 26255714Skris 26355714Skristypedef struct USERNOTICE_st { 26455714Skris NOTICEREF *noticeref; 26555714Skris ASN1_STRING *exptext; 26655714Skris} USERNOTICE; 26755714Skris 26855714Skristypedef struct POLICYQUALINFO_st { 26955714Skris ASN1_OBJECT *pqualid; 27055714Skris union { 27155714Skris ASN1_IA5STRING *cpsuri; 27255714Skris USERNOTICE *usernotice; 27355714Skris ASN1_TYPE *other; 27455714Skris } d; 27555714Skris} POLICYQUALINFO; 27655714Skris 27755714SkrisDECLARE_STACK_OF(POLICYQUALINFO) 27855714SkrisDECLARE_ASN1_SET_OF(POLICYQUALINFO) 27955714Skris 28055714Skristypedef struct POLICYINFO_st { 28155714Skris ASN1_OBJECT *policyid; 28255714Skris STACK_OF(POLICYQUALINFO) *qualifiers; 28355714Skris} POLICYINFO; 28455714Skris 285109998Smarkmtypedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; 286109998Smarkm 28755714SkrisDECLARE_STACK_OF(POLICYINFO) 28855714SkrisDECLARE_ASN1_SET_OF(POLICYINFO) 28955714Skris 29055714Skris#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ 29155714Skris",name:", val->name, ",value:", val->value); 29255714Skris 29355714Skris#define X509V3_set_ctx_test(ctx) \ 29455714Skris X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) 295109998Smarkm#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL; 29655714Skris 297109998Smarkm#define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \ 298109998Smarkm 0,0,0,0, \ 299109998Smarkm 0,0, \ 30055714Skris (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \ 30155714Skris (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \ 30255714Skris NULL, NULL, \ 303109998Smarkm table} 30455714Skris 305109998Smarkm#define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \ 306109998Smarkm 0,0,0,0, \ 30755714Skris (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \ 30855714Skris (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \ 309109998Smarkm 0,0,0,0, \ 31055714Skris NULL} 31155714Skris 312109998Smarkm#define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} 31355714Skris 31459191Skris 31559191Skris/* X509_PURPOSE stuff */ 31659191Skris 31759191Skris#define EXFLAG_BCONS 0x1 31859191Skris#define EXFLAG_KUSAGE 0x2 31959191Skris#define EXFLAG_XKUSAGE 0x4 32059191Skris#define EXFLAG_NSCERT 0x8 32159191Skris 32259191Skris#define EXFLAG_CA 0x10 32359191Skris#define EXFLAG_SS 0x20 32459191Skris#define EXFLAG_V1 0x40 32559191Skris#define EXFLAG_INVALID 0x80 32659191Skris#define EXFLAG_SET 0x100 327109998Smarkm#define EXFLAG_CRITICAL 0x200 32859191Skris 32959191Skris#define KU_DIGITAL_SIGNATURE 0x0080 33059191Skris#define KU_NON_REPUDIATION 0x0040 33159191Skris#define KU_KEY_ENCIPHERMENT 0x0020 33259191Skris#define KU_DATA_ENCIPHERMENT 0x0010 33359191Skris#define KU_KEY_AGREEMENT 0x0008 33459191Skris#define KU_KEY_CERT_SIGN 0x0004 33559191Skris#define KU_CRL_SIGN 0x0002 33659191Skris#define KU_ENCIPHER_ONLY 0x0001 33759191Skris#define KU_DECIPHER_ONLY 0x8000 33859191Skris 33959191Skris#define NS_SSL_CLIENT 0x80 34059191Skris#define NS_SSL_SERVER 0x40 34159191Skris#define NS_SMIME 0x20 34259191Skris#define NS_OBJSIGN 0x10 34359191Skris#define NS_SSL_CA 0x04 34459191Skris#define NS_SMIME_CA 0x02 34559191Skris#define NS_OBJSIGN_CA 0x01 346109998Smarkm#define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA) 34759191Skris 34859191Skris#define XKU_SSL_SERVER 0x1 34959191Skris#define XKU_SSL_CLIENT 0x2 35059191Skris#define XKU_SMIME 0x4 35159191Skris#define XKU_CODE_SIGN 0x8 35259191Skris#define XKU_SGC 0x10 353109998Smarkm#define XKU_OCSP_SIGN 0x20 354109998Smarkm#define XKU_TIMESTAMP 0x40 35559191Skris 35659191Skris#define X509_PURPOSE_DYNAMIC 0x1 35759191Skris#define X509_PURPOSE_DYNAMIC_NAME 0x2 35859191Skris 35959191Skristypedef struct x509_purpose_st { 36059191Skris int purpose; 36159191Skris int trust; /* Default trust ID */ 36259191Skris int flags; 36368651Skris int (*check_purpose)(const struct x509_purpose_st *, 36468651Skris const X509 *, int); 36559191Skris char *name; 36659191Skris char *sname; 36759191Skris void *usr_data; 36859191Skris} X509_PURPOSE; 36959191Skris 37059191Skris#define X509_PURPOSE_SSL_CLIENT 1 37159191Skris#define X509_PURPOSE_SSL_SERVER 2 37259191Skris#define X509_PURPOSE_NS_SSL_SERVER 3 37359191Skris#define X509_PURPOSE_SMIME_SIGN 4 37459191Skris#define X509_PURPOSE_SMIME_ENCRYPT 5 37559191Skris#define X509_PURPOSE_CRL_SIGN 6 37659191Skris#define X509_PURPOSE_ANY 7 377109998Smarkm#define X509_PURPOSE_OCSP_HELPER 8 37859191Skris 37959191Skris#define X509_PURPOSE_MIN 1 380109998Smarkm#define X509_PURPOSE_MAX 8 38159191Skris 382109998Smarkm/* Flags for X509V3_EXT_print() */ 38359191Skris 384109998Smarkm#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) 385109998Smarkm/* Return error for unknown extensions */ 386109998Smarkm#define X509V3_EXT_DEFAULT 0 387109998Smarkm/* Print error for unknown extensions */ 388109998Smarkm#define X509V3_EXT_ERROR_UNKNOWN (1L << 16) 389109998Smarkm/* ASN1 parse unknown extensions */ 390109998Smarkm#define X509V3_EXT_PARSE_UNKNOWN (2L << 16) 391109998Smarkm/* BIO_dump unknown extensions */ 392109998Smarkm#define X509V3_EXT_DUMP_UNKNOWN (3L << 16) 39355714Skris 394109998Smarkm/* Flags for X509V3_add1_i2d */ 39555714Skris 396109998Smarkm#define X509V3_ADD_OP_MASK 0xfL 397109998Smarkm#define X509V3_ADD_DEFAULT 0L 398109998Smarkm#define X509V3_ADD_APPEND 1L 399109998Smarkm#define X509V3_ADD_REPLACE 2L 400109998Smarkm#define X509V3_ADD_REPLACE_EXISTING 3L 401109998Smarkm#define X509V3_ADD_KEEP_EXISTING 4L 402109998Smarkm#define X509V3_ADD_DELETE 5L 403109998Smarkm#define X509V3_ADD_SILENT 0x10 40455714Skris 405109998SmarkmDECLARE_STACK_OF(X509_PURPOSE) 40655714Skris 407109998SmarkmDECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS) 408109998Smarkm 409109998SmarkmDECLARE_ASN1_FUNCTIONS(SXNET) 410109998SmarkmDECLARE_ASN1_FUNCTIONS(SXNETID) 411109998Smarkm 41255714Skrisint SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); 41355714Skrisint SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); 41455714Skrisint SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen); 41555714Skris 41655714SkrisASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone); 41755714SkrisASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone); 41855714SkrisASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone); 41955714Skris 420109998SmarkmDECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID) 42155714Skris 422109998SmarkmDECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) 42355714Skris 424109998SmarkmDECLARE_ASN1_FUNCTIONS(GENERAL_NAME) 425109998Smarkm 426109998SmarkmSTACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); 427109998Smarkmint GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen); 428109998Smarkm 429109998SmarkmDECLARE_ASN1_FUNCTIONS(GENERAL_NAMES) 430109998Smarkm 43155714SkrisSTACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, 432109998Smarkm GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist); 433109998SmarkmGENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, 43455714Skris X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); 43555714Skris 436109998SmarkmDECLARE_ASN1_FUNCTIONS(OTHERNAME) 437109998SmarkmDECLARE_ASN1_FUNCTIONS(EDIPARTYNAME) 43859191Skris 43955714Skrischar *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); 44055714SkrisASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); 44155714Skris 442109998SmarkmDECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) 443109998Smarkmint i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a); 44455714Skris 445109998SmarkmDECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) 446109998SmarkmDECLARE_ASN1_FUNCTIONS(POLICYINFO) 447109998SmarkmDECLARE_ASN1_FUNCTIONS(POLICYQUALINFO) 448109998SmarkmDECLARE_ASN1_FUNCTIONS(USERNOTICE) 449109998SmarkmDECLARE_ASN1_FUNCTIONS(NOTICEREF) 45055714Skris 451109998SmarkmDECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS) 452109998SmarkmDECLARE_ASN1_FUNCTIONS(DIST_POINT) 453109998SmarkmDECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME) 45455714Skris 455109998SmarkmDECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) 456109998SmarkmDECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) 45755714Skris 45855714Skris#ifdef HEADER_CONF_H 45955714SkrisGENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf); 46055714Skrisvoid X509V3_conf_free(CONF_VALUE *val); 461109998Smarkm 462109998SmarkmX509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value); 463109998SmarkmX509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value); 464109998Smarkmint X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, STACK_OF(X509_EXTENSION) **sk); 465109998Smarkmint X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert); 466109998Smarkmint X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); 467109998Smarkmint X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); 468109998Smarkm 46955714SkrisX509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value); 47055714SkrisX509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value); 47155714Skrisint X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert); 47259191Skrisint X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); 47355714Skrisint X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); 474109998Smarkm 47555714Skrisint X509V3_add_value_bool_nf(char *name, int asn1_bool, 47655714Skris STACK_OF(CONF_VALUE) **extlist); 47755714Skrisint X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool); 47855714Skrisint X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint); 479109998Smarkmvoid X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf); 48055714Skrisvoid X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash); 48155714Skris#endif 48255714Skris 48355714Skrischar * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section); 48455714SkrisSTACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section); 48555714Skrisvoid X509V3_string_free(X509V3_CTX *ctx, char *str); 48655714Skrisvoid X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section); 48755714Skrisvoid X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, 48855714Skris X509_REQ *req, X509_CRL *crl, int flags); 48955714Skris 49055714Skrisint X509V3_add_value(const char *name, const char *value, 49155714Skris STACK_OF(CONF_VALUE) **extlist); 49255714Skrisint X509V3_add_value_uchar(const char *name, const unsigned char *value, 49355714Skris STACK_OF(CONF_VALUE) **extlist); 49455714Skrisint X509V3_add_value_bool(const char *name, int asn1_bool, 49555714Skris STACK_OF(CONF_VALUE) **extlist); 49655714Skrisint X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, 49755714Skris STACK_OF(CONF_VALUE) **extlist); 49855714Skrischar * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); 49955714SkrisASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value); 50055714Skrischar * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); 50155714Skrischar * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); 50255714Skrisint X509V3_EXT_add(X509V3_EXT_METHOD *ext); 50355714Skrisint X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist); 50455714Skrisint X509V3_EXT_add_alias(int nid_to, int nid_from); 50555714Skrisvoid X509V3_EXT_cleanup(void); 50655714Skris 50755714SkrisX509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); 50855714SkrisX509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); 50955714Skrisint X509V3_add_standard_extensions(void); 510109998SmarkmSTACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line); 51155714Skrisvoid *X509V3_EXT_d2i(X509_EXTENSION *ext); 51259191Skrisvoid *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx); 51359191Skris 514109998Smarkm 51555714SkrisX509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); 516109998Smarkmint X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags); 51755714Skris 51855714Skrischar *hex_to_string(unsigned char *buffer, long len); 51955714Skrisunsigned char *string_to_hex(char *str, long *len); 52055714Skrisint name_cmp(const char *name, const char *cmp); 52155714Skris 52255714Skrisvoid X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, 52355714Skris int ml); 524109998Smarkmint X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent); 52555714Skrisint X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); 52655714Skris 527109998Smarkmint X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent); 528109998Smarkm 52959191Skrisint X509_check_purpose(X509 *x, int id, int ca); 530109998Smarkmint X509_supported_extension(X509_EXTENSION *ex); 531109998Smarkmint X509_PURPOSE_set(int *p, int purpose); 53268651Skrisint X509_check_issued(X509 *issuer, X509 *subject); 53359191Skrisint X509_PURPOSE_get_count(void); 53459191SkrisX509_PURPOSE * X509_PURPOSE_get0(int idx); 53559191Skrisint X509_PURPOSE_get_by_sname(char *sname); 53659191Skrisint X509_PURPOSE_get_by_id(int id); 53759191Skrisint X509_PURPOSE_add(int id, int trust, int flags, 53868651Skris int (*ck)(const X509_PURPOSE *, const X509 *, int), 53959191Skris char *name, char *sname, void *arg); 54059191Skrischar *X509_PURPOSE_get0_name(X509_PURPOSE *xp); 54159191Skrischar *X509_PURPOSE_get0_sname(X509_PURPOSE *xp); 54259191Skrisint X509_PURPOSE_get_trust(X509_PURPOSE *xp); 54359191Skrisvoid X509_PURPOSE_cleanup(void); 54459191Skrisint X509_PURPOSE_get_id(X509_PURPOSE *); 54559191Skris 54668651SkrisSTACK *X509_get1_email(X509 *x); 54768651SkrisSTACK *X509_REQ_get1_email(X509_REQ *x); 54868651Skrisvoid X509_email_free(STACK *sk); 54968651Skris 55068651Skris 55155714Skris/* BEGIN ERROR CODES */ 55255714Skris/* The following lines are auto generated by the script mkerr.pl. Any changes 55355714Skris * made after this point may be overwritten when the script is next run. 55455714Skris */ 55589837Skrisvoid ERR_load_X509V3_strings(void); 55655714Skris 55755714Skris/* Error codes for the X509V3 functions. */ 55855714Skris 55955714Skris/* Function codes. */ 56055714Skris#define X509V3_F_COPY_EMAIL 122 56155714Skris#define X509V3_F_COPY_ISSUER 123 56255714Skris#define X509V3_F_DO_EXT_CONF 124 56355714Skris#define X509V3_F_DO_EXT_I2D 135 56455714Skris#define X509V3_F_HEX_TO_STRING 111 56555714Skris#define X509V3_F_I2S_ASN1_ENUMERATED 121 56655714Skris#define X509V3_F_I2S_ASN1_INTEGER 120 56759191Skris#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 56855714Skris#define X509V3_F_NOTICE_SECTION 132 56955714Skris#define X509V3_F_NREF_NOS 133 57055714Skris#define X509V3_F_POLICY_SECTION 131 57155714Skris#define X509V3_F_R2I_CERTPOL 130 57255714Skris#define X509V3_F_S2I_ASN1_IA5STRING 100 57355714Skris#define X509V3_F_S2I_ASN1_INTEGER 108 57455714Skris#define X509V3_F_S2I_ASN1_OCTET_STRING 112 57555714Skris#define X509V3_F_S2I_ASN1_SKEY_ID 114 57655714Skris#define X509V3_F_S2I_S2I_SKEY_ID 115 57755714Skris#define X509V3_F_STRING_TO_HEX 113 57855714Skris#define X509V3_F_SXNET_ADD_ASC 125 57955714Skris#define X509V3_F_SXNET_ADD_ID_INTEGER 126 58055714Skris#define X509V3_F_SXNET_ADD_ID_ULONG 127 58155714Skris#define X509V3_F_SXNET_GET_ID_ASC 128 58255714Skris#define X509V3_F_SXNET_GET_ID_ULONG 129 58359191Skris#define X509V3_F_V2I_ACCESS_DESCRIPTION 139 58455714Skris#define X509V3_F_V2I_ASN1_BIT_STRING 101 58555714Skris#define X509V3_F_V2I_AUTHORITY_KEYID 119 58655714Skris#define X509V3_F_V2I_BASIC_CONSTRAINTS 102 58755714Skris#define X509V3_F_V2I_CRLD 134 58855714Skris#define X509V3_F_V2I_EXT_KU 103 58955714Skris#define X509V3_F_V2I_GENERAL_NAME 117 59055714Skris#define X509V3_F_V2I_GENERAL_NAMES 118 59155714Skris#define X509V3_F_V3_GENERIC_EXTENSION 116 592109998Smarkm#define X509V3_F_X509V3_ADD_I2D 140 59355714Skris#define X509V3_F_X509V3_ADD_VALUE 105 59455714Skris#define X509V3_F_X509V3_EXT_ADD 104 59555714Skris#define X509V3_F_X509V3_EXT_ADD_ALIAS 106 59655714Skris#define X509V3_F_X509V3_EXT_CONF 107 59755714Skris#define X509V3_F_X509V3_EXT_I2D 136 59855714Skris#define X509V3_F_X509V3_GET_VALUE_BOOL 110 59955714Skris#define X509V3_F_X509V3_PARSE_LIST 109 60059191Skris#define X509V3_F_X509_PURPOSE_ADD 137 601109998Smarkm#define X509V3_F_X509_PURPOSE_SET 141 60255714Skris 60355714Skris/* Reason codes. */ 60455714Skris#define X509V3_R_BAD_IP_ADDRESS 118 60555714Skris#define X509V3_R_BAD_OBJECT 119 60655714Skris#define X509V3_R_BN_DEC2BN_ERROR 100 60755714Skris#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 60855714Skris#define X509V3_R_DUPLICATE_ZONE_ID 133 60955714Skris#define X509V3_R_ERROR_CONVERTING_ZONE 131 610109998Smarkm#define X509V3_R_ERROR_CREATING_EXTENSION 144 61155714Skris#define X509V3_R_ERROR_IN_EXTENSION 128 61255714Skris#define X509V3_R_EXPECTED_A_SECTION_NAME 137 613109998Smarkm#define X509V3_R_EXTENSION_EXISTS 145 61455714Skris#define X509V3_R_EXTENSION_NAME_ERROR 115 61555714Skris#define X509V3_R_EXTENSION_NOT_FOUND 102 61655714Skris#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 61755714Skris#define X509V3_R_EXTENSION_VALUE_ERROR 116 61855714Skris#define X509V3_R_ILLEGAL_HEX_DIGIT 113 61955714Skris#define X509V3_R_INVALID_BOOLEAN_STRING 104 62055714Skris#define X509V3_R_INVALID_EXTENSION_STRING 105 62155714Skris#define X509V3_R_INVALID_NAME 106 62255714Skris#define X509V3_R_INVALID_NULL_ARGUMENT 107 62355714Skris#define X509V3_R_INVALID_NULL_NAME 108 62455714Skris#define X509V3_R_INVALID_NULL_VALUE 109 62555714Skris#define X509V3_R_INVALID_NUMBER 140 62655714Skris#define X509V3_R_INVALID_NUMBERS 141 62755714Skris#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 62855714Skris#define X509V3_R_INVALID_OPTION 138 62955714Skris#define X509V3_R_INVALID_POLICY_IDENTIFIER 134 630109998Smarkm#define X509V3_R_INVALID_PURPOSE 146 63155714Skris#define X509V3_R_INVALID_SECTION 135 63259191Skris#define X509V3_R_INVALID_SYNTAX 143 63355714Skris#define X509V3_R_ISSUER_DECODE_ERROR 126 63455714Skris#define X509V3_R_MISSING_VALUE 124 63555714Skris#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142 63655714Skris#define X509V3_R_NO_CONFIG_DATABASE 136 63755714Skris#define X509V3_R_NO_ISSUER_CERTIFICATE 121 63855714Skris#define X509V3_R_NO_ISSUER_DETAILS 127 63955714Skris#define X509V3_R_NO_POLICY_IDENTIFIER 139 64055714Skris#define X509V3_R_NO_PUBLIC_KEY 114 64155714Skris#define X509V3_R_NO_SUBJECT_DETAILS 125 64255714Skris#define X509V3_R_ODD_NUMBER_OF_DIGITS 112 64355714Skris#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 64455714Skris#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 64555714Skris#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 64655714Skris#define X509V3_R_UNKNOWN_EXTENSION 129 64755714Skris#define X509V3_R_UNKNOWN_EXTENSION_NAME 130 64855714Skris#define X509V3_R_UNKNOWN_OPTION 120 64955714Skris#define X509V3_R_UNSUPPORTED_OPTION 117 65055714Skris#define X509V3_R_USER_TOO_LONG 132 65155714Skris 65255714Skris#ifdef __cplusplus 65355714Skris} 65455714Skris#endif 65555714Skris#endif 656