x509v3.h revision 167612
155714Skris/* x509v3.h */ 255714Skris/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL 355714Skris * project 1999. 455714Skris */ 555714Skris/* ==================================================================== 6160814Ssimon * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. 755714Skris * 855714Skris * Redistribution and use in source and binary forms, with or without 955714Skris * modification, are permitted provided that the following conditions 1055714Skris * are met: 1155714Skris * 1255714Skris * 1. Redistributions of source code must retain the above copyright 1355714Skris * notice, this list of conditions and the following disclaimer. 1455714Skris * 1555714Skris * 2. Redistributions in binary form must reproduce the above copyright 1655714Skris * notice, this list of conditions and the following disclaimer in 1755714Skris * the documentation and/or other materials provided with the 1855714Skris * distribution. 1955714Skris * 2055714Skris * 3. All advertising materials mentioning features or use of this 2155714Skris * software must display the following acknowledgment: 2255714Skris * "This product includes software developed by the OpenSSL Project 2355714Skris * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 2455714Skris * 2555714Skris * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 2655714Skris * endorse or promote products derived from this software without 2755714Skris * prior written permission. For written permission, please contact 2855714Skris * licensing@OpenSSL.org. 2955714Skris * 3055714Skris * 5. Products derived from this software may not be called "OpenSSL" 3155714Skris * nor may "OpenSSL" appear in their names without prior written 3255714Skris * permission of the OpenSSL Project. 3355714Skris * 3455714Skris * 6. Redistributions of any form whatsoever must retain the following 3555714Skris * acknowledgment: 3655714Skris * "This product includes software developed by the OpenSSL Project 3755714Skris * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 3855714Skris * 3955714Skris * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 4055714Skris * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4155714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 4255714Skris * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 4355714Skris * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 4455714Skris * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 4555714Skris * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 4655714Skris * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4755714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 4855714Skris * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 4955714Skris * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 5055714Skris * OF THE POSSIBILITY OF SUCH DAMAGE. 5155714Skris * ==================================================================== 5255714Skris * 5355714Skris * This product includes cryptographic software written by Eric Young 5455714Skris * (eay@cryptsoft.com). This product includes software written by Tim 5555714Skris * Hudson (tjh@cryptsoft.com). 5655714Skris * 5755714Skris */ 5855714Skris#ifndef HEADER_X509V3_H 5955714Skris#define HEADER_X509V3_H 6055714Skris 6168651Skris#include <openssl/bio.h> 6268651Skris#include <openssl/x509.h> 6368651Skris#include <openssl/conf.h> 6468651Skris 6555714Skris#ifdef __cplusplus 6655714Skrisextern "C" { 6755714Skris#endif 6855714Skris 6955714Skris/* Forward reference */ 7055714Skrisstruct v3_ext_method; 7155714Skrisstruct v3_ext_ctx; 7255714Skris 7355714Skris/* Useful typedefs */ 7455714Skris 7555714Skristypedef void * (*X509V3_EXT_NEW)(void); 7655714Skristypedef void (*X509V3_EXT_FREE)(void *); 77160814Ssimontypedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long); 7855714Skristypedef int (*X509V3_EXT_I2D)(void *, unsigned char **); 7955714Skristypedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); 8055714Skristypedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); 8155714Skristypedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); 82160814Ssimontypedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); 8355714Skristypedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); 84160814Ssimontypedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); 8555714Skris 8655714Skris/* V3 extension structure */ 8755714Skris 8855714Skrisstruct v3_ext_method { 8955714Skrisint ext_nid; 9055714Skrisint ext_flags; 91109998Smarkm/* If this is set the following four fields are ignored */ 92109998SmarkmASN1_ITEM_EXP *it; 93109998Smarkm/* Old style ASN1 calls */ 9455714SkrisX509V3_EXT_NEW ext_new; 9555714SkrisX509V3_EXT_FREE ext_free; 9655714SkrisX509V3_EXT_D2I d2i; 9755714SkrisX509V3_EXT_I2D i2d; 9855714Skris 9955714Skris/* The following pair is used for string extensions */ 10055714SkrisX509V3_EXT_I2S i2s; 10155714SkrisX509V3_EXT_S2I s2i; 10255714Skris 10355714Skris/* The following pair is used for multi-valued extensions */ 10455714SkrisX509V3_EXT_I2V i2v; 10555714SkrisX509V3_EXT_V2I v2i; 10655714Skris 10755714Skris/* The following are used for raw extensions */ 10855714SkrisX509V3_EXT_I2R i2r; 10955714SkrisX509V3_EXT_R2I r2i; 11055714Skris 11155714Skrisvoid *usr_data; /* Any extension specific data */ 11255714Skris}; 11355714Skris 11455714Skristypedef struct X509V3_CONF_METHOD_st { 11555714Skrischar * (*get_string)(void *db, char *section, char *value); 11655714SkrisSTACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section); 11755714Skrisvoid (*free_string)(void *db, char * string); 11855714Skrisvoid (*free_section)(void *db, STACK_OF(CONF_VALUE) *section); 11955714Skris} X509V3_CONF_METHOD; 12055714Skris 12155714Skris/* Context specific info */ 12255714Skrisstruct v3_ext_ctx { 12355714Skris#define CTX_TEST 0x1 12455714Skrisint flags; 12555714SkrisX509 *issuer_cert; 12655714SkrisX509 *subject_cert; 12755714SkrisX509_REQ *subject_req; 12855714SkrisX509_CRL *crl; 12955714SkrisX509V3_CONF_METHOD *db_meth; 13055714Skrisvoid *db; 13155714Skris/* Maybe more here */ 13255714Skris}; 13355714Skris 13455714Skristypedef struct v3_ext_method X509V3_EXT_METHOD; 13555714Skris 13668651SkrisDECLARE_STACK_OF(X509V3_EXT_METHOD) 13768651Skris 13855714Skris/* ext_flags values */ 13955714Skris#define X509V3_EXT_DYNAMIC 0x1 14055714Skris#define X509V3_EXT_CTX_DEP 0x2 14155714Skris#define X509V3_EXT_MULTILINE 0x4 14255714Skris 14355714Skristypedef BIT_STRING_BITNAME ENUMERATED_NAMES; 14455714Skris 14555714Skristypedef struct BASIC_CONSTRAINTS_st { 14655714Skrisint ca; 14755714SkrisASN1_INTEGER *pathlen; 14855714Skris} BASIC_CONSTRAINTS; 14955714Skris 15055714Skris 15155714Skristypedef struct PKEY_USAGE_PERIOD_st { 15255714SkrisASN1_GENERALIZEDTIME *notBefore; 15355714SkrisASN1_GENERALIZEDTIME *notAfter; 15455714Skris} PKEY_USAGE_PERIOD; 15555714Skris 15659191Skristypedef struct otherName_st { 15759191SkrisASN1_OBJECT *type_id; 15859191SkrisASN1_TYPE *value; 15959191Skris} OTHERNAME; 16059191Skris 161109998Smarkmtypedef struct EDIPartyName_st { 162109998Smarkm ASN1_STRING *nameAssigner; 163109998Smarkm ASN1_STRING *partyName; 164109998Smarkm} EDIPARTYNAME; 165109998Smarkm 16655714Skristypedef struct GENERAL_NAME_st { 16755714Skris 168109998Smarkm#define GEN_OTHERNAME 0 169109998Smarkm#define GEN_EMAIL 1 170109998Smarkm#define GEN_DNS 2 171109998Smarkm#define GEN_X400 3 172109998Smarkm#define GEN_DIRNAME 4 173109998Smarkm#define GEN_EDIPARTY 5 174109998Smarkm#define GEN_URI 6 175109998Smarkm#define GEN_IPADD 7 176109998Smarkm#define GEN_RID 8 17755714Skris 17855714Skrisint type; 17955714Skrisunion { 18055714Skris char *ptr; 181109998Smarkm OTHERNAME *otherName; /* otherName */ 182109998Smarkm ASN1_IA5STRING *rfc822Name; 183109998Smarkm ASN1_IA5STRING *dNSName; 184109998Smarkm ASN1_TYPE *x400Address; 185109998Smarkm X509_NAME *directoryName; 186109998Smarkm EDIPARTYNAME *ediPartyName; 187109998Smarkm ASN1_IA5STRING *uniformResourceIdentifier; 188109998Smarkm ASN1_OCTET_STRING *iPAddress; 189109998Smarkm ASN1_OBJECT *registeredID; 190109998Smarkm 191109998Smarkm /* Old names */ 19255714Skris ASN1_OCTET_STRING *ip; /* iPAddress */ 19355714Skris X509_NAME *dirn; /* dirn */ 194109998Smarkm ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ 19555714Skris ASN1_OBJECT *rid; /* registeredID */ 196109998Smarkm ASN1_TYPE *other; /* x400Address */ 19755714Skris} d; 19855714Skris} GENERAL_NAME; 19955714Skris 200109998Smarkmtypedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; 201109998Smarkm 20259191Skristypedef struct ACCESS_DESCRIPTION_st { 20359191Skris ASN1_OBJECT *method; 20459191Skris GENERAL_NAME *location; 20559191Skris} ACCESS_DESCRIPTION; 20659191Skris 207109998Smarkmtypedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; 208109998Smarkm 209109998Smarkmtypedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE; 210109998Smarkm 21155714SkrisDECLARE_STACK_OF(GENERAL_NAME) 21255714SkrisDECLARE_ASN1_SET_OF(GENERAL_NAME) 21355714Skris 21459191SkrisDECLARE_STACK_OF(ACCESS_DESCRIPTION) 21559191SkrisDECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) 21659191Skris 21755714Skristypedef struct DIST_POINT_NAME_st { 218109998Smarkmint type; 219109998Smarkmunion { 220109998Smarkm GENERAL_NAMES *fullname; 221109998Smarkm STACK_OF(X509_NAME_ENTRY) *relativename; 222109998Smarkm} name; 22355714Skris} DIST_POINT_NAME; 22455714Skris 22555714Skristypedef struct DIST_POINT_st { 22655714SkrisDIST_POINT_NAME *distpoint; 22755714SkrisASN1_BIT_STRING *reasons; 228109998SmarkmGENERAL_NAMES *CRLissuer; 22955714Skris} DIST_POINT; 23055714Skris 231109998Smarkmtypedef STACK_OF(DIST_POINT) CRL_DIST_POINTS; 232109998Smarkm 23355714SkrisDECLARE_STACK_OF(DIST_POINT) 23455714SkrisDECLARE_ASN1_SET_OF(DIST_POINT) 23555714Skris 23655714Skristypedef struct AUTHORITY_KEYID_st { 23755714SkrisASN1_OCTET_STRING *keyid; 238109998SmarkmGENERAL_NAMES *issuer; 23955714SkrisASN1_INTEGER *serial; 24055714Skris} AUTHORITY_KEYID; 24155714Skris 24255714Skris/* Strong extranet structures */ 24355714Skris 24455714Skristypedef struct SXNET_ID_st { 24555714Skris ASN1_INTEGER *zone; 24655714Skris ASN1_OCTET_STRING *user; 24755714Skris} SXNETID; 24855714Skris 24955714SkrisDECLARE_STACK_OF(SXNETID) 25055714SkrisDECLARE_ASN1_SET_OF(SXNETID) 25155714Skris 25255714Skristypedef struct SXNET_st { 25355714Skris ASN1_INTEGER *version; 25455714Skris STACK_OF(SXNETID) *ids; 25555714Skris} SXNET; 25655714Skris 25755714Skristypedef struct NOTICEREF_st { 25855714Skris ASN1_STRING *organization; 25968651Skris STACK_OF(ASN1_INTEGER) *noticenos; 26055714Skris} NOTICEREF; 26155714Skris 26255714Skristypedef struct USERNOTICE_st { 26355714Skris NOTICEREF *noticeref; 26455714Skris ASN1_STRING *exptext; 26555714Skris} USERNOTICE; 26655714Skris 26755714Skristypedef struct POLICYQUALINFO_st { 26855714Skris ASN1_OBJECT *pqualid; 26955714Skris union { 27055714Skris ASN1_IA5STRING *cpsuri; 27155714Skris USERNOTICE *usernotice; 27255714Skris ASN1_TYPE *other; 27355714Skris } d; 27455714Skris} POLICYQUALINFO; 27555714Skris 27655714SkrisDECLARE_STACK_OF(POLICYQUALINFO) 27755714SkrisDECLARE_ASN1_SET_OF(POLICYQUALINFO) 27855714Skris 27955714Skristypedef struct POLICYINFO_st { 28055714Skris ASN1_OBJECT *policyid; 28155714Skris STACK_OF(POLICYQUALINFO) *qualifiers; 28255714Skris} POLICYINFO; 28355714Skris 284109998Smarkmtypedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; 285109998Smarkm 28655714SkrisDECLARE_STACK_OF(POLICYINFO) 28755714SkrisDECLARE_ASN1_SET_OF(POLICYINFO) 28855714Skris 289160814Ssimontypedef struct POLICY_MAPPING_st { 290160814Ssimon ASN1_OBJECT *issuerDomainPolicy; 291160814Ssimon ASN1_OBJECT *subjectDomainPolicy; 292160814Ssimon} POLICY_MAPPING; 293160814Ssimon 294160814SsimonDECLARE_STACK_OF(POLICY_MAPPING) 295160814Ssimon 296160814Ssimontypedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS; 297160814Ssimon 298160814Ssimontypedef struct GENERAL_SUBTREE_st { 299160814Ssimon GENERAL_NAME *base; 300160814Ssimon ASN1_INTEGER *minimum; 301160814Ssimon ASN1_INTEGER *maximum; 302160814Ssimon} GENERAL_SUBTREE; 303160814Ssimon 304160814SsimonDECLARE_STACK_OF(GENERAL_SUBTREE) 305160814Ssimon 306160814Ssimontypedef struct NAME_CONSTRAINTS_st { 307160814Ssimon STACK_OF(GENERAL_SUBTREE) *permittedSubtrees; 308160814Ssimon STACK_OF(GENERAL_SUBTREE) *excludedSubtrees; 309160814Ssimon} NAME_CONSTRAINTS; 310160814Ssimon 311160814Ssimontypedef struct POLICY_CONSTRAINTS_st { 312160814Ssimon ASN1_INTEGER *requireExplicitPolicy; 313160814Ssimon ASN1_INTEGER *inhibitPolicyMapping; 314160814Ssimon} POLICY_CONSTRAINTS; 315160814Ssimon 316160814Ssimon/* Proxy certificate structures, see RFC 3820 */ 317160814Ssimontypedef struct PROXY_POLICY_st 318160814Ssimon { 319160814Ssimon ASN1_OBJECT *policyLanguage; 320160814Ssimon ASN1_OCTET_STRING *policy; 321160814Ssimon } PROXY_POLICY; 322160814Ssimon 323160814Ssimontypedef struct PROXY_CERT_INFO_EXTENSION_st 324160814Ssimon { 325160814Ssimon ASN1_INTEGER *pcPathLengthConstraint; 326160814Ssimon PROXY_POLICY *proxyPolicy; 327160814Ssimon } PROXY_CERT_INFO_EXTENSION; 328160814Ssimon 329160814SsimonDECLARE_ASN1_FUNCTIONS(PROXY_POLICY) 330160814SsimonDECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION) 331160814Ssimon 332160814Ssimon 33355714Skris#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ 33455714Skris",name:", val->name, ",value:", val->value); 33555714Skris 33655714Skris#define X509V3_set_ctx_test(ctx) \ 33755714Skris X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) 338109998Smarkm#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL; 33955714Skris 340109998Smarkm#define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \ 341109998Smarkm 0,0,0,0, \ 342109998Smarkm 0,0, \ 34355714Skris (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \ 34455714Skris (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \ 34555714Skris NULL, NULL, \ 346109998Smarkm table} 34755714Skris 348109998Smarkm#define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \ 349109998Smarkm 0,0,0,0, \ 35055714Skris (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \ 35155714Skris (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \ 352109998Smarkm 0,0,0,0, \ 35355714Skris NULL} 35455714Skris 355109998Smarkm#define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} 35655714Skris 35759191Skris 35859191Skris/* X509_PURPOSE stuff */ 35959191Skris 36059191Skris#define EXFLAG_BCONS 0x1 36159191Skris#define EXFLAG_KUSAGE 0x2 36259191Skris#define EXFLAG_XKUSAGE 0x4 36359191Skris#define EXFLAG_NSCERT 0x8 36459191Skris 36559191Skris#define EXFLAG_CA 0x10 36659191Skris#define EXFLAG_SS 0x20 36759191Skris#define EXFLAG_V1 0x40 36859191Skris#define EXFLAG_INVALID 0x80 36959191Skris#define EXFLAG_SET 0x100 370109998Smarkm#define EXFLAG_CRITICAL 0x200 371160814Ssimon#define EXFLAG_PROXY 0x400 37259191Skris 373160814Ssimon#define EXFLAG_INVALID_POLICY 0x400 374160814Ssimon 37559191Skris#define KU_DIGITAL_SIGNATURE 0x0080 37659191Skris#define KU_NON_REPUDIATION 0x0040 37759191Skris#define KU_KEY_ENCIPHERMENT 0x0020 37859191Skris#define KU_DATA_ENCIPHERMENT 0x0010 37959191Skris#define KU_KEY_AGREEMENT 0x0008 38059191Skris#define KU_KEY_CERT_SIGN 0x0004 38159191Skris#define KU_CRL_SIGN 0x0002 38259191Skris#define KU_ENCIPHER_ONLY 0x0001 38359191Skris#define KU_DECIPHER_ONLY 0x8000 38459191Skris 38559191Skris#define NS_SSL_CLIENT 0x80 38659191Skris#define NS_SSL_SERVER 0x40 38759191Skris#define NS_SMIME 0x20 38859191Skris#define NS_OBJSIGN 0x10 38959191Skris#define NS_SSL_CA 0x04 39059191Skris#define NS_SMIME_CA 0x02 39159191Skris#define NS_OBJSIGN_CA 0x01 392109998Smarkm#define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA) 39359191Skris 39459191Skris#define XKU_SSL_SERVER 0x1 39559191Skris#define XKU_SSL_CLIENT 0x2 39659191Skris#define XKU_SMIME 0x4 39759191Skris#define XKU_CODE_SIGN 0x8 39859191Skris#define XKU_SGC 0x10 399109998Smarkm#define XKU_OCSP_SIGN 0x20 400109998Smarkm#define XKU_TIMESTAMP 0x40 401111147Snectar#define XKU_DVCS 0x80 40259191Skris 40359191Skris#define X509_PURPOSE_DYNAMIC 0x1 40459191Skris#define X509_PURPOSE_DYNAMIC_NAME 0x2 40559191Skris 40659191Skristypedef struct x509_purpose_st { 40759191Skris int purpose; 40859191Skris int trust; /* Default trust ID */ 40959191Skris int flags; 41068651Skris int (*check_purpose)(const struct x509_purpose_st *, 41168651Skris const X509 *, int); 41259191Skris char *name; 41359191Skris char *sname; 41459191Skris void *usr_data; 41559191Skris} X509_PURPOSE; 41659191Skris 41759191Skris#define X509_PURPOSE_SSL_CLIENT 1 41859191Skris#define X509_PURPOSE_SSL_SERVER 2 41959191Skris#define X509_PURPOSE_NS_SSL_SERVER 3 42059191Skris#define X509_PURPOSE_SMIME_SIGN 4 42159191Skris#define X509_PURPOSE_SMIME_ENCRYPT 5 42259191Skris#define X509_PURPOSE_CRL_SIGN 6 42359191Skris#define X509_PURPOSE_ANY 7 424109998Smarkm#define X509_PURPOSE_OCSP_HELPER 8 42559191Skris 42659191Skris#define X509_PURPOSE_MIN 1 427109998Smarkm#define X509_PURPOSE_MAX 8 42859191Skris 429109998Smarkm/* Flags for X509V3_EXT_print() */ 43059191Skris 431109998Smarkm#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) 432109998Smarkm/* Return error for unknown extensions */ 433109998Smarkm#define X509V3_EXT_DEFAULT 0 434109998Smarkm/* Print error for unknown extensions */ 435109998Smarkm#define X509V3_EXT_ERROR_UNKNOWN (1L << 16) 436109998Smarkm/* ASN1 parse unknown extensions */ 437109998Smarkm#define X509V3_EXT_PARSE_UNKNOWN (2L << 16) 438109998Smarkm/* BIO_dump unknown extensions */ 439109998Smarkm#define X509V3_EXT_DUMP_UNKNOWN (3L << 16) 44055714Skris 441109998Smarkm/* Flags for X509V3_add1_i2d */ 44255714Skris 443109998Smarkm#define X509V3_ADD_OP_MASK 0xfL 444109998Smarkm#define X509V3_ADD_DEFAULT 0L 445109998Smarkm#define X509V3_ADD_APPEND 1L 446109998Smarkm#define X509V3_ADD_REPLACE 2L 447109998Smarkm#define X509V3_ADD_REPLACE_EXISTING 3L 448109998Smarkm#define X509V3_ADD_KEEP_EXISTING 4L 449109998Smarkm#define X509V3_ADD_DELETE 5L 450109998Smarkm#define X509V3_ADD_SILENT 0x10 45155714Skris 452109998SmarkmDECLARE_STACK_OF(X509_PURPOSE) 45355714Skris 454109998SmarkmDECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS) 455109998Smarkm 456109998SmarkmDECLARE_ASN1_FUNCTIONS(SXNET) 457109998SmarkmDECLARE_ASN1_FUNCTIONS(SXNETID) 458109998Smarkm 45955714Skrisint SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); 46055714Skrisint SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); 46155714Skrisint SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen); 46255714Skris 46355714SkrisASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone); 46455714SkrisASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone); 46555714SkrisASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone); 46655714Skris 467109998SmarkmDECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID) 46855714Skris 469109998SmarkmDECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) 47055714Skris 471109998SmarkmDECLARE_ASN1_FUNCTIONS(GENERAL_NAME) 472109998Smarkm 473160814Ssimon 474160814SsimonASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, 475160814Ssimon X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); 476160814SsimonSTACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, 477160814Ssimon ASN1_BIT_STRING *bits, 478160814Ssimon STACK_OF(CONF_VALUE) *extlist); 479160814Ssimon 480109998SmarkmSTACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); 481109998Smarkmint GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen); 482109998Smarkm 483109998SmarkmDECLARE_ASN1_FUNCTIONS(GENERAL_NAMES) 484109998Smarkm 48555714SkrisSTACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, 486109998Smarkm GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist); 487109998SmarkmGENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, 48855714Skris X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); 48955714Skris 490109998SmarkmDECLARE_ASN1_FUNCTIONS(OTHERNAME) 491109998SmarkmDECLARE_ASN1_FUNCTIONS(EDIPARTYNAME) 49259191Skris 49355714Skrischar *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); 49455714SkrisASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); 49555714Skris 496109998SmarkmDECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) 497109998Smarkmint i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a); 49855714Skris 499109998SmarkmDECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) 500109998SmarkmDECLARE_ASN1_FUNCTIONS(POLICYINFO) 501109998SmarkmDECLARE_ASN1_FUNCTIONS(POLICYQUALINFO) 502109998SmarkmDECLARE_ASN1_FUNCTIONS(USERNOTICE) 503109998SmarkmDECLARE_ASN1_FUNCTIONS(NOTICEREF) 50455714Skris 505109998SmarkmDECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS) 506109998SmarkmDECLARE_ASN1_FUNCTIONS(DIST_POINT) 507109998SmarkmDECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME) 50855714Skris 509109998SmarkmDECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) 510109998SmarkmDECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) 51155714Skris 512160814SsimonDECLARE_ASN1_ITEM(POLICY_MAPPING) 513160814SsimonDECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING) 514160814SsimonDECLARE_ASN1_ITEM(POLICY_MAPPINGS) 515160814Ssimon 516160814SsimonDECLARE_ASN1_ITEM(GENERAL_SUBTREE) 517160814SsimonDECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE) 518160814Ssimon 519160814SsimonDECLARE_ASN1_ITEM(NAME_CONSTRAINTS) 520160814SsimonDECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS) 521160814Ssimon 522160814SsimonDECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS) 523160814SsimonDECLARE_ASN1_ITEM(POLICY_CONSTRAINTS) 524160814Ssimon 52555714Skris#ifdef HEADER_CONF_H 526160814SsimonGENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, 527160814Ssimon CONF_VALUE *cnf); 528160814SsimonGENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, X509V3_EXT_METHOD *method, 529160814Ssimon X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc); 53055714Skrisvoid X509V3_conf_free(CONF_VALUE *val); 531109998Smarkm 532109998SmarkmX509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value); 533109998SmarkmX509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value); 534109998Smarkmint X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, STACK_OF(X509_EXTENSION) **sk); 535109998Smarkmint X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert); 536109998Smarkmint X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); 537109998Smarkmint X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); 538109998Smarkm 53955714SkrisX509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value); 54055714SkrisX509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value); 54155714Skrisint X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert); 54259191Skrisint X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); 54355714Skrisint X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); 544109998Smarkm 54555714Skrisint X509V3_add_value_bool_nf(char *name, int asn1_bool, 54655714Skris STACK_OF(CONF_VALUE) **extlist); 54755714Skrisint X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool); 54855714Skrisint X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint); 549109998Smarkmvoid X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf); 55055714Skrisvoid X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash); 55155714Skris#endif 55255714Skris 55355714Skrischar * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section); 55455714SkrisSTACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section); 55555714Skrisvoid X509V3_string_free(X509V3_CTX *ctx, char *str); 55655714Skrisvoid X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section); 55755714Skrisvoid X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, 55855714Skris X509_REQ *req, X509_CRL *crl, int flags); 55955714Skris 56055714Skrisint X509V3_add_value(const char *name, const char *value, 56155714Skris STACK_OF(CONF_VALUE) **extlist); 56255714Skrisint X509V3_add_value_uchar(const char *name, const unsigned char *value, 56355714Skris STACK_OF(CONF_VALUE) **extlist); 56455714Skrisint X509V3_add_value_bool(const char *name, int asn1_bool, 56555714Skris STACK_OF(CONF_VALUE) **extlist); 56655714Skrisint X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, 56755714Skris STACK_OF(CONF_VALUE) **extlist); 56855714Skrischar * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); 56955714SkrisASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value); 57055714Skrischar * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); 57155714Skrischar * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); 57255714Skrisint X509V3_EXT_add(X509V3_EXT_METHOD *ext); 57355714Skrisint X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist); 57455714Skrisint X509V3_EXT_add_alias(int nid_to, int nid_from); 57555714Skrisvoid X509V3_EXT_cleanup(void); 57655714Skris 57755714SkrisX509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); 57855714SkrisX509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); 57955714Skrisint X509V3_add_standard_extensions(void); 580109998SmarkmSTACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line); 58155714Skrisvoid *X509V3_EXT_d2i(X509_EXTENSION *ext); 58259191Skrisvoid *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx); 58359191Skris 584109998Smarkm 58555714SkrisX509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); 586109998Smarkmint X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags); 58755714Skris 58855714Skrischar *hex_to_string(unsigned char *buffer, long len); 58955714Skrisunsigned char *string_to_hex(char *str, long *len); 59055714Skrisint name_cmp(const char *name, const char *cmp); 59155714Skris 59255714Skrisvoid X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, 59355714Skris int ml); 594109998Smarkmint X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent); 59555714Skrisint X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); 59655714Skris 597109998Smarkmint X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent); 598109998Smarkm 599160814Ssimonint X509_check_ca(X509 *x); 60059191Skrisint X509_check_purpose(X509 *x, int id, int ca); 601109998Smarkmint X509_supported_extension(X509_EXTENSION *ex); 602109998Smarkmint X509_PURPOSE_set(int *p, int purpose); 60368651Skrisint X509_check_issued(X509 *issuer, X509 *subject); 60459191Skrisint X509_PURPOSE_get_count(void); 60559191SkrisX509_PURPOSE * X509_PURPOSE_get0(int idx); 60659191Skrisint X509_PURPOSE_get_by_sname(char *sname); 60759191Skrisint X509_PURPOSE_get_by_id(int id); 60859191Skrisint X509_PURPOSE_add(int id, int trust, int flags, 60968651Skris int (*ck)(const X509_PURPOSE *, const X509 *, int), 61059191Skris char *name, char *sname, void *arg); 61159191Skrischar *X509_PURPOSE_get0_name(X509_PURPOSE *xp); 61259191Skrischar *X509_PURPOSE_get0_sname(X509_PURPOSE *xp); 61359191Skrisint X509_PURPOSE_get_trust(X509_PURPOSE *xp); 61459191Skrisvoid X509_PURPOSE_cleanup(void); 61559191Skrisint X509_PURPOSE_get_id(X509_PURPOSE *); 61659191Skris 61768651SkrisSTACK *X509_get1_email(X509 *x); 61868651SkrisSTACK *X509_REQ_get1_email(X509_REQ *x); 61968651Skrisvoid X509_email_free(STACK *sk); 62068651Skris 621160814SsimonASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc); 622160814SsimonASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc); 623167612Ssimonint a2i_ipadd(unsigned char *ipout, const char *ipasc); 624160814Ssimonint X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, 625160814Ssimon unsigned long chtype); 62668651Skris 627160814Ssimonvoid X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent); 628160814Ssimon 629167612Ssimon#ifndef OPENSSL_NO_RFC3779 630167612Ssimon 631167612Ssimontypedef struct ASRange_st { 632167612Ssimon ASN1_INTEGER *min, *max; 633167612Ssimon} ASRange; 634167612Ssimon 635167612Ssimon#define ASIdOrRange_id 0 636167612Ssimon#define ASIdOrRange_range 1 637167612Ssimon 638167612Ssimontypedef struct ASIdOrRange_st { 639167612Ssimon int type; 640167612Ssimon union { 641167612Ssimon ASN1_INTEGER *id; 642167612Ssimon ASRange *range; 643167612Ssimon } u; 644167612Ssimon} ASIdOrRange; 645167612Ssimon 646167612Ssimontypedef STACK_OF(ASIdOrRange) ASIdOrRanges; 647167612SsimonDECLARE_STACK_OF(ASIdOrRange) 648167612Ssimon 649167612Ssimon#define ASIdentifierChoice_inherit 0 650167612Ssimon#define ASIdentifierChoice_asIdsOrRanges 1 651167612Ssimon 652167612Ssimontypedef struct ASIdentifierChoice_st { 653167612Ssimon int type; 654167612Ssimon union { 655167612Ssimon ASN1_NULL *inherit; 656167612Ssimon ASIdOrRanges *asIdsOrRanges; 657167612Ssimon } u; 658167612Ssimon} ASIdentifierChoice; 659167612Ssimon 660167612Ssimontypedef struct ASIdentifiers_st { 661167612Ssimon ASIdentifierChoice *asnum, *rdi; 662167612Ssimon} ASIdentifiers; 663167612Ssimon 664167612SsimonDECLARE_ASN1_FUNCTIONS(ASRange) 665167612SsimonDECLARE_ASN1_FUNCTIONS(ASIdOrRange) 666167612SsimonDECLARE_ASN1_FUNCTIONS(ASIdentifierChoice) 667167612SsimonDECLARE_ASN1_FUNCTIONS(ASIdentifiers) 668167612Ssimon 669167612Ssimon 670167612Ssimontypedef struct IPAddressRange_st { 671167612Ssimon ASN1_BIT_STRING *min, *max; 672167612Ssimon} IPAddressRange; 673167612Ssimon 674167612Ssimon#define IPAddressOrRange_addressPrefix 0 675167612Ssimon#define IPAddressOrRange_addressRange 1 676167612Ssimon 677167612Ssimontypedef struct IPAddressOrRange_st { 678167612Ssimon int type; 679167612Ssimon union { 680167612Ssimon ASN1_BIT_STRING *addressPrefix; 681167612Ssimon IPAddressRange *addressRange; 682167612Ssimon } u; 683167612Ssimon} IPAddressOrRange; 684167612Ssimon 685167612Ssimontypedef STACK_OF(IPAddressOrRange) IPAddressOrRanges; 686167612SsimonDECLARE_STACK_OF(IPAddressOrRange) 687167612Ssimon 688167612Ssimon#define IPAddressChoice_inherit 0 689167612Ssimon#define IPAddressChoice_addressesOrRanges 1 690167612Ssimon 691167612Ssimontypedef struct IPAddressChoice_st { 692167612Ssimon int type; 693167612Ssimon union { 694167612Ssimon ASN1_NULL *inherit; 695167612Ssimon IPAddressOrRanges *addressesOrRanges; 696167612Ssimon } u; 697167612Ssimon} IPAddressChoice; 698167612Ssimon 699167612Ssimontypedef struct IPAddressFamily_st { 700167612Ssimon ASN1_OCTET_STRING *addressFamily; 701167612Ssimon IPAddressChoice *ipAddressChoice; 702167612Ssimon} IPAddressFamily; 703167612Ssimon 704167612Ssimontypedef STACK_OF(IPAddressFamily) IPAddrBlocks; 705167612SsimonDECLARE_STACK_OF(IPAddressFamily) 706167612Ssimon 707167612SsimonDECLARE_ASN1_FUNCTIONS(IPAddressRange) 708167612SsimonDECLARE_ASN1_FUNCTIONS(IPAddressOrRange) 709167612SsimonDECLARE_ASN1_FUNCTIONS(IPAddressChoice) 710167612SsimonDECLARE_ASN1_FUNCTIONS(IPAddressFamily) 711167612Ssimon 712167612Ssimon/* 713167612Ssimon * API tag for elements of the ASIdentifer SEQUENCE. 714167612Ssimon */ 715167612Ssimon#define V3_ASID_ASNUM 0 716167612Ssimon#define V3_ASID_RDI 1 717167612Ssimon 718167612Ssimon/* 719167612Ssimon * AFI values, assigned by IANA. It'd be nice to make the AFI 720167612Ssimon * handling code totally generic, but there are too many little things 721167612Ssimon * that would need to be defined for other address families for it to 722167612Ssimon * be worth the trouble. 723167612Ssimon */ 724167612Ssimon#define IANA_AFI_IPV4 1 725167612Ssimon#define IANA_AFI_IPV6 2 726167612Ssimon 727167612Ssimon/* 728167612Ssimon * Utilities to construct and extract values from RFC3779 extensions, 729167612Ssimon * since some of the encodings (particularly for IP address prefixes 730167612Ssimon * and ranges) are a bit tedious to work with directly. 731167612Ssimon */ 732167612Ssimonint v3_asid_add_inherit(ASIdentifiers *asid, int which); 733167612Ssimonint v3_asid_add_id_or_range(ASIdentifiers *asid, int which, 734167612Ssimon ASN1_INTEGER *min, ASN1_INTEGER *max); 735167612Ssimonint v3_addr_add_inherit(IPAddrBlocks *addr, 736167612Ssimon const unsigned afi, const unsigned *safi); 737167612Ssimonint v3_addr_add_prefix(IPAddrBlocks *addr, 738167612Ssimon const unsigned afi, const unsigned *safi, 739167612Ssimon unsigned char *a, const int prefixlen); 740167612Ssimonint v3_addr_add_range(IPAddrBlocks *addr, 741167612Ssimon const unsigned afi, const unsigned *safi, 742167612Ssimon unsigned char *min, unsigned char *max); 743167612Ssimonunsigned v3_addr_get_afi(const IPAddressFamily *f); 744167612Ssimonint v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi, 745167612Ssimon unsigned char *min, unsigned char *max, 746167612Ssimon const int length); 747167612Ssimon 748167612Ssimon/* 749167612Ssimon * Canonical forms. 750167612Ssimon */ 751167612Ssimonint v3_asid_is_canonical(ASIdentifiers *asid); 752167612Ssimonint v3_addr_is_canonical(IPAddrBlocks *addr); 753167612Ssimonint v3_asid_canonize(ASIdentifiers *asid); 754167612Ssimonint v3_addr_canonize(IPAddrBlocks *addr); 755167612Ssimon 756167612Ssimon/* 757167612Ssimon * Tests for inheritance and containment. 758167612Ssimon */ 759167612Ssimonint v3_asid_inherits(ASIdentifiers *asid); 760167612Ssimonint v3_addr_inherits(IPAddrBlocks *addr); 761167612Ssimonint v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b); 762167612Ssimonint v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b); 763167612Ssimon 764167612Ssimon/* 765167612Ssimon * Check whether RFC 3779 extensions nest properly in chains. 766167612Ssimon */ 767167612Ssimonint v3_asid_validate_path(X509_STORE_CTX *); 768167612Ssimonint v3_addr_validate_path(X509_STORE_CTX *); 769167612Ssimonint v3_asid_validate_resource_set(STACK_OF(X509) *chain, 770167612Ssimon ASIdentifiers *ext, 771167612Ssimon int allow_inheritance); 772167612Ssimonint v3_addr_validate_resource_set(STACK_OF(X509) *chain, 773167612Ssimon IPAddrBlocks *ext, 774167612Ssimon int allow_inheritance); 775167612Ssimon 776167612Ssimon#endif /* OPENSSL_NO_RFC3779 */ 777167612Ssimon 77855714Skris/* BEGIN ERROR CODES */ 77955714Skris/* The following lines are auto generated by the script mkerr.pl. Any changes 78055714Skris * made after this point may be overwritten when the script is next run. 78155714Skris */ 78289837Skrisvoid ERR_load_X509V3_strings(void); 78355714Skris 78455714Skris/* Error codes for the X509V3 functions. */ 78555714Skris 78655714Skris/* Function codes. */ 787167612Ssimon#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 156 788167612Ssimon#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 157 78955714Skris#define X509V3_F_COPY_EMAIL 122 79055714Skris#define X509V3_F_COPY_ISSUER 123 791160814Ssimon#define X509V3_F_DO_DIRNAME 144 79255714Skris#define X509V3_F_DO_EXT_CONF 124 79355714Skris#define X509V3_F_DO_EXT_I2D 135 794160814Ssimon#define X509V3_F_DO_EXT_NCONF 151 795160814Ssimon#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148 79655714Skris#define X509V3_F_HEX_TO_STRING 111 79755714Skris#define X509V3_F_I2S_ASN1_ENUMERATED 121 798160814Ssimon#define X509V3_F_I2S_ASN1_IA5STRING 149 79955714Skris#define X509V3_F_I2S_ASN1_INTEGER 120 80059191Skris#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 80155714Skris#define X509V3_F_NOTICE_SECTION 132 80255714Skris#define X509V3_F_NREF_NOS 133 80355714Skris#define X509V3_F_POLICY_SECTION 131 804160814Ssimon#define X509V3_F_PROCESS_PCI_VALUE 150 80555714Skris#define X509V3_F_R2I_CERTPOL 130 806160814Ssimon#define X509V3_F_R2I_PCI 155 80755714Skris#define X509V3_F_S2I_ASN1_IA5STRING 100 80855714Skris#define X509V3_F_S2I_ASN1_INTEGER 108 80955714Skris#define X509V3_F_S2I_ASN1_OCTET_STRING 112 81055714Skris#define X509V3_F_S2I_ASN1_SKEY_ID 114 811160814Ssimon#define X509V3_F_S2I_SKEY_ID 115 81255714Skris#define X509V3_F_STRING_TO_HEX 113 813160814Ssimon#define X509V3_F_SXNET_ADD_ID_ASC 125 81455714Skris#define X509V3_F_SXNET_ADD_ID_INTEGER 126 81555714Skris#define X509V3_F_SXNET_ADD_ID_ULONG 127 81655714Skris#define X509V3_F_SXNET_GET_ID_ASC 128 81755714Skris#define X509V3_F_SXNET_GET_ID_ULONG 129 818167612Ssimon#define X509V3_F_V2I_ASIDENTIFIERS 158 81955714Skris#define X509V3_F_V2I_ASN1_BIT_STRING 101 820160814Ssimon#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139 82155714Skris#define X509V3_F_V2I_AUTHORITY_KEYID 119 82255714Skris#define X509V3_F_V2I_BASIC_CONSTRAINTS 102 82355714Skris#define X509V3_F_V2I_CRLD 134 824160814Ssimon#define X509V3_F_V2I_EXTENDED_KEY_USAGE 103 82555714Skris#define X509V3_F_V2I_GENERAL_NAMES 118 826160814Ssimon#define X509V3_F_V2I_GENERAL_NAME_EX 117 827167612Ssimon#define X509V3_F_V2I_IPADDRBLOCKS 159 828160814Ssimon#define X509V3_F_V2I_ISSUER_ALT 153 829160814Ssimon#define X509V3_F_V2I_NAME_CONSTRAINTS 147 830160814Ssimon#define X509V3_F_V2I_POLICY_CONSTRAINTS 146 831160814Ssimon#define X509V3_F_V2I_POLICY_MAPPINGS 145 832160814Ssimon#define X509V3_F_V2I_SUBJECT_ALT 154 833167612Ssimon#define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL 160 83455714Skris#define X509V3_F_V3_GENERIC_EXTENSION 116 835160814Ssimon#define X509V3_F_X509V3_ADD1_I2D 140 83655714Skris#define X509V3_F_X509V3_ADD_VALUE 105 83755714Skris#define X509V3_F_X509V3_EXT_ADD 104 83855714Skris#define X509V3_F_X509V3_EXT_ADD_ALIAS 106 83955714Skris#define X509V3_F_X509V3_EXT_CONF 107 84055714Skris#define X509V3_F_X509V3_EXT_I2D 136 841160814Ssimon#define X509V3_F_X509V3_EXT_NCONF 152 842160814Ssimon#define X509V3_F_X509V3_GET_SECTION 142 843160814Ssimon#define X509V3_F_X509V3_GET_STRING 143 84455714Skris#define X509V3_F_X509V3_GET_VALUE_BOOL 110 84555714Skris#define X509V3_F_X509V3_PARSE_LIST 109 84659191Skris#define X509V3_F_X509_PURPOSE_ADD 137 847109998Smarkm#define X509V3_F_X509_PURPOSE_SET 141 84855714Skris 84955714Skris/* Reason codes. */ 85055714Skris#define X509V3_R_BAD_IP_ADDRESS 118 85155714Skris#define X509V3_R_BAD_OBJECT 119 85255714Skris#define X509V3_R_BN_DEC2BN_ERROR 100 85355714Skris#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 854160814Ssimon#define X509V3_R_DIRNAME_ERROR 149 85555714Skris#define X509V3_R_DUPLICATE_ZONE_ID 133 85655714Skris#define X509V3_R_ERROR_CONVERTING_ZONE 131 857109998Smarkm#define X509V3_R_ERROR_CREATING_EXTENSION 144 85855714Skris#define X509V3_R_ERROR_IN_EXTENSION 128 85955714Skris#define X509V3_R_EXPECTED_A_SECTION_NAME 137 860109998Smarkm#define X509V3_R_EXTENSION_EXISTS 145 86155714Skris#define X509V3_R_EXTENSION_NAME_ERROR 115 86255714Skris#define X509V3_R_EXTENSION_NOT_FOUND 102 86355714Skris#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 86455714Skris#define X509V3_R_EXTENSION_VALUE_ERROR 116 865160814Ssimon#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151 86655714Skris#define X509V3_R_ILLEGAL_HEX_DIGIT 113 867160814Ssimon#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152 868167612Ssimon#define X509V3_R_INVALID_ASNUMBER 160 869167612Ssimon#define X509V3_R_INVALID_ASRANGE 161 87055714Skris#define X509V3_R_INVALID_BOOLEAN_STRING 104 87155714Skris#define X509V3_R_INVALID_EXTENSION_STRING 105 872167612Ssimon#define X509V3_R_INVALID_INHERITANCE 162 873167612Ssimon#define X509V3_R_INVALID_IPADDRESS 163 87455714Skris#define X509V3_R_INVALID_NAME 106 87555714Skris#define X509V3_R_INVALID_NULL_ARGUMENT 107 87655714Skris#define X509V3_R_INVALID_NULL_NAME 108 87755714Skris#define X509V3_R_INVALID_NULL_VALUE 109 87855714Skris#define X509V3_R_INVALID_NUMBER 140 87955714Skris#define X509V3_R_INVALID_NUMBERS 141 88055714Skris#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 88155714Skris#define X509V3_R_INVALID_OPTION 138 88255714Skris#define X509V3_R_INVALID_POLICY_IDENTIFIER 134 883160814Ssimon#define X509V3_R_INVALID_PROXY_POLICY_SETTING 153 884109998Smarkm#define X509V3_R_INVALID_PURPOSE 146 885167612Ssimon#define X509V3_R_INVALID_SAFI 164 88655714Skris#define X509V3_R_INVALID_SECTION 135 88759191Skris#define X509V3_R_INVALID_SYNTAX 143 88855714Skris#define X509V3_R_ISSUER_DECODE_ERROR 126 88955714Skris#define X509V3_R_MISSING_VALUE 124 89055714Skris#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142 89155714Skris#define X509V3_R_NO_CONFIG_DATABASE 136 89255714Skris#define X509V3_R_NO_ISSUER_CERTIFICATE 121 89355714Skris#define X509V3_R_NO_ISSUER_DETAILS 127 89455714Skris#define X509V3_R_NO_POLICY_IDENTIFIER 139 895160814Ssimon#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154 89655714Skris#define X509V3_R_NO_PUBLIC_KEY 114 89755714Skris#define X509V3_R_NO_SUBJECT_DETAILS 125 89855714Skris#define X509V3_R_ODD_NUMBER_OF_DIGITS 112 899160814Ssimon#define X509V3_R_OPERATION_NOT_DEFINED 148 900160814Ssimon#define X509V3_R_OTHERNAME_ERROR 147 901160814Ssimon#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155 902160814Ssimon#define X509V3_R_POLICY_PATH_LENGTH 156 903160814Ssimon#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157 904160814Ssimon#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158 905160814Ssimon#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159 906160814Ssimon#define X509V3_R_SECTION_NOT_FOUND 150 90755714Skris#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 90855714Skris#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 90955714Skris#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 91055714Skris#define X509V3_R_UNKNOWN_EXTENSION 129 91155714Skris#define X509V3_R_UNKNOWN_EXTENSION_NAME 130 91255714Skris#define X509V3_R_UNKNOWN_OPTION 120 91355714Skris#define X509V3_R_UNSUPPORTED_OPTION 117 91455714Skris#define X509V3_R_USER_TOO_LONG 132 91555714Skris 91655714Skris#ifdef __cplusplus 91755714Skris} 91855714Skris#endif 91955714Skris#endif 920