1/* x509v3.h */ 2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL 3 * project 1999. 4 */ 5/* ==================================================================== 6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58#ifndef HEADER_X509V3_H 59#define HEADER_X509V3_H 60 61#include <openssl/bio.h> 62#include <openssl/x509.h> 63#include <openssl/conf.h> 64 65#ifdef __cplusplus 66extern "C" { 67#endif 68 69/* Forward reference */ 70struct v3_ext_method; 71struct v3_ext_ctx; 72 73/* Useful typedefs */ 74 75typedef void * (*X509V3_EXT_NEW)(void); 76typedef void (*X509V3_EXT_FREE)(void *); 77typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long); 78typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); 79typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); 80typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); 81typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); 82typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); 83typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); 84typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); 85 86/* V3 extension structure */ 87 88struct v3_ext_method { 89int ext_nid; 90int ext_flags; 91/* If this is set the following four fields are ignored */ 92ASN1_ITEM_EXP *it; 93/* Old style ASN1 calls */ 94X509V3_EXT_NEW ext_new; 95X509V3_EXT_FREE ext_free; 96X509V3_EXT_D2I d2i; 97X509V3_EXT_I2D i2d; 98 99/* The following pair is used for string extensions */ 100X509V3_EXT_I2S i2s; 101X509V3_EXT_S2I s2i; 102 103/* The following pair is used for multi-valued extensions */ 104X509V3_EXT_I2V i2v; 105X509V3_EXT_V2I v2i; 106 107/* The following are used for raw extensions */ 108X509V3_EXT_I2R i2r; 109X509V3_EXT_R2I r2i; 110 111void *usr_data; /* Any extension specific data */ 112}; 113 114typedef struct X509V3_CONF_METHOD_st { 115char * (*get_string)(void *db, char *section, char *value); 116STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section); 117void (*free_string)(void *db, char * string); 118void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section); 119} X509V3_CONF_METHOD; 120 121/* Context specific info */ 122struct v3_ext_ctx { 123#define CTX_TEST 0x1 124int flags; 125X509 *issuer_cert; 126X509 *subject_cert; 127X509_REQ *subject_req; 128X509_CRL *crl; 129X509V3_CONF_METHOD *db_meth; 130void *db; 131/* Maybe more here */ 132}; 133 134typedef struct v3_ext_method X509V3_EXT_METHOD; 135typedef struct v3_ext_ctx X509V3_CTX; 136 137DECLARE_STACK_OF(X509V3_EXT_METHOD) 138 139/* ext_flags values */ 140#define X509V3_EXT_DYNAMIC 0x1 141#define X509V3_EXT_CTX_DEP 0x2 142#define X509V3_EXT_MULTILINE 0x4 143 144typedef BIT_STRING_BITNAME ENUMERATED_NAMES; 145 146typedef struct BASIC_CONSTRAINTS_st { 147int ca; 148ASN1_INTEGER *pathlen; 149} BASIC_CONSTRAINTS; 150 151 152typedef struct PKEY_USAGE_PERIOD_st { 153ASN1_GENERALIZEDTIME *notBefore; 154ASN1_GENERALIZEDTIME *notAfter; 155} PKEY_USAGE_PERIOD; 156 157typedef struct otherName_st { 158ASN1_OBJECT *type_id; 159ASN1_TYPE *value; 160} OTHERNAME; 161 162typedef struct EDIPartyName_st { 163 ASN1_STRING *nameAssigner; 164 ASN1_STRING *partyName; 165} EDIPARTYNAME; 166 167typedef struct GENERAL_NAME_st { 168 169#define GEN_OTHERNAME 0 170#define GEN_EMAIL 1 171#define GEN_DNS 2 172#define GEN_X400 3 173#define GEN_DIRNAME 4 174#define GEN_EDIPARTY 5 175#define GEN_URI 6 176#define GEN_IPADD 7 177#define GEN_RID 8 178 179int type; 180union { 181 char *ptr; 182 OTHERNAME *otherName; /* otherName */ 183 ASN1_IA5STRING *rfc822Name; 184 ASN1_IA5STRING *dNSName; 185 ASN1_TYPE *x400Address; 186 X509_NAME *directoryName; 187 EDIPARTYNAME *ediPartyName; 188 ASN1_IA5STRING *uniformResourceIdentifier; 189 ASN1_OCTET_STRING *iPAddress; 190 ASN1_OBJECT *registeredID; 191 192 /* Old names */ 193 ASN1_OCTET_STRING *ip; /* iPAddress */ 194 X509_NAME *dirn; /* dirn */ 195 ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ 196 ASN1_OBJECT *rid; /* registeredID */ 197 ASN1_TYPE *other; /* x400Address */ 198} d; 199} GENERAL_NAME; 200 201typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; 202 203typedef struct ACCESS_DESCRIPTION_st { 204 ASN1_OBJECT *method; 205 GENERAL_NAME *location; 206} ACCESS_DESCRIPTION; 207 208typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; 209 210typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE; 211 212DECLARE_STACK_OF(GENERAL_NAME) 213DECLARE_ASN1_SET_OF(GENERAL_NAME) 214 215DECLARE_STACK_OF(ACCESS_DESCRIPTION) 216DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) 217 218typedef struct DIST_POINT_NAME_st { 219int type; 220union { 221 GENERAL_NAMES *fullname; 222 STACK_OF(X509_NAME_ENTRY) *relativename; 223} name; 224} DIST_POINT_NAME; 225 226typedef struct DIST_POINT_st { 227DIST_POINT_NAME *distpoint; 228ASN1_BIT_STRING *reasons; 229GENERAL_NAMES *CRLissuer; 230} DIST_POINT; 231 232typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS; 233 234DECLARE_STACK_OF(DIST_POINT) 235DECLARE_ASN1_SET_OF(DIST_POINT) 236 237typedef struct AUTHORITY_KEYID_st { 238ASN1_OCTET_STRING *keyid; 239GENERAL_NAMES *issuer; 240ASN1_INTEGER *serial; 241} AUTHORITY_KEYID; 242 243/* Strong extranet structures */ 244 245typedef struct SXNET_ID_st { 246 ASN1_INTEGER *zone; 247 ASN1_OCTET_STRING *user; 248} SXNETID; 249 250DECLARE_STACK_OF(SXNETID) 251DECLARE_ASN1_SET_OF(SXNETID) 252 253typedef struct SXNET_st { 254 ASN1_INTEGER *version; 255 STACK_OF(SXNETID) *ids; 256} SXNET; 257 258typedef struct NOTICEREF_st { 259 ASN1_STRING *organization; 260 STACK_OF(ASN1_INTEGER) *noticenos; 261} NOTICEREF; 262 263typedef struct USERNOTICE_st { 264 NOTICEREF *noticeref; 265 ASN1_STRING *exptext; 266} USERNOTICE; 267 268typedef struct POLICYQUALINFO_st { 269 ASN1_OBJECT *pqualid; 270 union { 271 ASN1_IA5STRING *cpsuri; 272 USERNOTICE *usernotice; 273 ASN1_TYPE *other; 274 } d; 275} POLICYQUALINFO; 276 277DECLARE_STACK_OF(POLICYQUALINFO) 278DECLARE_ASN1_SET_OF(POLICYQUALINFO) 279 280typedef struct POLICYINFO_st { 281 ASN1_OBJECT *policyid; 282 STACK_OF(POLICYQUALINFO) *qualifiers; 283} POLICYINFO; 284 285typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; 286 287DECLARE_STACK_OF(POLICYINFO) 288DECLARE_ASN1_SET_OF(POLICYINFO) 289 290#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ 291",name:", val->name, ",value:", val->value); 292 293#define X509V3_set_ctx_test(ctx) \ 294 X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) 295#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL; 296 297#define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \ 298 0,0,0,0, \ 299 0,0, \ 300 (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \ 301 (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \ 302 NULL, NULL, \ 303 table} 304 305#define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \ 306 0,0,0,0, \ 307 (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \ 308 (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \ 309 0,0,0,0, \ 310 NULL} 311 312#define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} 313 314 315/* X509_PURPOSE stuff */ 316 317#define EXFLAG_BCONS 0x1 318#define EXFLAG_KUSAGE 0x2 319#define EXFLAG_XKUSAGE 0x4 320#define EXFLAG_NSCERT 0x8 321 322#define EXFLAG_CA 0x10 323#define EXFLAG_SS 0x20 324#define EXFLAG_V1 0x40 325#define EXFLAG_INVALID 0x80 326#define EXFLAG_SET 0x100 327#define EXFLAG_CRITICAL 0x200 328 329#define KU_DIGITAL_SIGNATURE 0x0080 330#define KU_NON_REPUDIATION 0x0040 331#define KU_KEY_ENCIPHERMENT 0x0020 332#define KU_DATA_ENCIPHERMENT 0x0010 333#define KU_KEY_AGREEMENT 0x0008 334#define KU_KEY_CERT_SIGN 0x0004 335#define KU_CRL_SIGN 0x0002 336#define KU_ENCIPHER_ONLY 0x0001 337#define KU_DECIPHER_ONLY 0x8000 338 339#define NS_SSL_CLIENT 0x80 340#define NS_SSL_SERVER 0x40 341#define NS_SMIME 0x20 342#define NS_OBJSIGN 0x10 343#define NS_SSL_CA 0x04 344#define NS_SMIME_CA 0x02 345#define NS_OBJSIGN_CA 0x01 346#define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA) 347 348#define XKU_SSL_SERVER 0x1 349#define XKU_SSL_CLIENT 0x2 350#define XKU_SMIME 0x4 351#define XKU_CODE_SIGN 0x8 352#define XKU_SGC 0x10 353#define XKU_OCSP_SIGN 0x20 354#define XKU_TIMESTAMP 0x40 355#define XKU_DVCS 0x80 356 357#define X509_PURPOSE_DYNAMIC 0x1 358#define X509_PURPOSE_DYNAMIC_NAME 0x2 359 360typedef struct x509_purpose_st { 361 int purpose; 362 int trust; /* Default trust ID */ 363 int flags; 364 int (*check_purpose)(const struct x509_purpose_st *, 365 const X509 *, int); 366 char *name; 367 char *sname; 368 void *usr_data; 369} X509_PURPOSE; 370 371#define X509_PURPOSE_SSL_CLIENT 1 372#define X509_PURPOSE_SSL_SERVER 2 373#define X509_PURPOSE_NS_SSL_SERVER 3 374#define X509_PURPOSE_SMIME_SIGN 4 375#define X509_PURPOSE_SMIME_ENCRYPT 5 376#define X509_PURPOSE_CRL_SIGN 6 377#define X509_PURPOSE_ANY 7 378#define X509_PURPOSE_OCSP_HELPER 8 379 380#define X509_PURPOSE_MIN 1 381#define X509_PURPOSE_MAX 8 382 383/* Flags for X509V3_EXT_print() */ 384 385#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) 386/* Return error for unknown extensions */ 387#define X509V3_EXT_DEFAULT 0 388/* Print error for unknown extensions */ 389#define X509V3_EXT_ERROR_UNKNOWN (1L << 16) 390/* ASN1 parse unknown extensions */ 391#define X509V3_EXT_PARSE_UNKNOWN (2L << 16) 392/* BIO_dump unknown extensions */ 393#define X509V3_EXT_DUMP_UNKNOWN (3L << 16) 394 395/* Flags for X509V3_add1_i2d */ 396 397#define X509V3_ADD_OP_MASK 0xfL 398#define X509V3_ADD_DEFAULT 0L 399#define X509V3_ADD_APPEND 1L 400#define X509V3_ADD_REPLACE 2L 401#define X509V3_ADD_REPLACE_EXISTING 3L 402#define X509V3_ADD_KEEP_EXISTING 4L 403#define X509V3_ADD_DELETE 5L 404#define X509V3_ADD_SILENT 0x10 405 406DECLARE_STACK_OF(X509_PURPOSE) 407 408DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS) 409 410DECLARE_ASN1_FUNCTIONS(SXNET) 411DECLARE_ASN1_FUNCTIONS(SXNETID) 412 413int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); 414int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); 415int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen); 416 417ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone); 418ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone); 419ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone); 420 421DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID) 422 423DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) 424 425DECLARE_ASN1_FUNCTIONS(GENERAL_NAME) 426 427STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); 428int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen); 429 430DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES) 431 432STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, 433 GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist); 434GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, 435 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); 436 437DECLARE_ASN1_FUNCTIONS(OTHERNAME) 438DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME) 439 440char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); 441ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); 442 443DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) 444int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a); 445 446DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) 447DECLARE_ASN1_FUNCTIONS(POLICYINFO) 448DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO) 449DECLARE_ASN1_FUNCTIONS(USERNOTICE) 450DECLARE_ASN1_FUNCTIONS(NOTICEREF) 451 452DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS) 453DECLARE_ASN1_FUNCTIONS(DIST_POINT) 454DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME) 455 456DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) 457DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) 458 459#ifdef HEADER_CONF_H 460GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf); 461void X509V3_conf_free(CONF_VALUE *val); 462 463X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value); 464X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value); 465int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, STACK_OF(X509_EXTENSION) **sk); 466int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert); 467int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); 468int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); 469 470X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value); 471X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value); 472int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert); 473int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); 474int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); 475 476int X509V3_add_value_bool_nf(char *name, int asn1_bool, 477 STACK_OF(CONF_VALUE) **extlist); 478int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool); 479int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint); 480void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf); 481void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash); 482#endif 483 484char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section); 485STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section); 486void X509V3_string_free(X509V3_CTX *ctx, char *str); 487void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section); 488void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, 489 X509_REQ *req, X509_CRL *crl, int flags); 490 491int X509V3_add_value(const char *name, const char *value, 492 STACK_OF(CONF_VALUE) **extlist); 493int X509V3_add_value_uchar(const char *name, const unsigned char *value, 494 STACK_OF(CONF_VALUE) **extlist); 495int X509V3_add_value_bool(const char *name, int asn1_bool, 496 STACK_OF(CONF_VALUE) **extlist); 497int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, 498 STACK_OF(CONF_VALUE) **extlist); 499char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); 500ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value); 501char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); 502char * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); 503int X509V3_EXT_add(X509V3_EXT_METHOD *ext); 504int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist); 505int X509V3_EXT_add_alias(int nid_to, int nid_from); 506void X509V3_EXT_cleanup(void); 507 508X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); 509X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); 510int X509V3_add_standard_extensions(void); 511STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line); 512void *X509V3_EXT_d2i(X509_EXTENSION *ext); 513void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx); 514 515 516X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); 517int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags); 518 519char *hex_to_string(unsigned char *buffer, long len); 520unsigned char *string_to_hex(char *str, long *len); 521int name_cmp(const char *name, const char *cmp); 522 523void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, 524 int ml); 525int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent); 526int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); 527 528int X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent); 529 530int X509_check_ca(X509 *x); 531int X509_check_purpose(X509 *x, int id, int ca); 532int X509_supported_extension(X509_EXTENSION *ex); 533int X509_PURPOSE_set(int *p, int purpose); 534int X509_check_issued(X509 *issuer, X509 *subject); 535int X509_PURPOSE_get_count(void); 536X509_PURPOSE * X509_PURPOSE_get0(int idx); 537int X509_PURPOSE_get_by_sname(char *sname); 538int X509_PURPOSE_get_by_id(int id); 539int X509_PURPOSE_add(int id, int trust, int flags, 540 int (*ck)(const X509_PURPOSE *, const X509 *, int), 541 char *name, char *sname, void *arg); 542char *X509_PURPOSE_get0_name(X509_PURPOSE *xp); 543char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp); 544int X509_PURPOSE_get_trust(X509_PURPOSE *xp); 545void X509_PURPOSE_cleanup(void); 546int X509_PURPOSE_get_id(X509_PURPOSE *); 547 548STACK *X509_get1_email(X509 *x); 549STACK *X509_REQ_get1_email(X509_REQ *x); 550void X509_email_free(STACK *sk); 551 552 553/* BEGIN ERROR CODES */ 554/* The following lines are auto generated by the script mkerr.pl. Any changes 555 * made after this point may be overwritten when the script is next run. 556 */ 557void ERR_load_X509V3_strings(void); 558 559/* Error codes for the X509V3 functions. */ 560 561/* Function codes. */ 562#define X509V3_F_COPY_EMAIL 122 563#define X509V3_F_COPY_ISSUER 123 564#define X509V3_F_DO_EXT_CONF 124 565#define X509V3_F_DO_EXT_I2D 135 566#define X509V3_F_HEX_TO_STRING 111 567#define X509V3_F_I2S_ASN1_ENUMERATED 121 568#define X509V3_F_I2S_ASN1_IA5STRING 142 569#define X509V3_F_I2S_ASN1_INTEGER 120 570#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 571#define X509V3_F_NOTICE_SECTION 132 572#define X509V3_F_NREF_NOS 133 573#define X509V3_F_POLICY_SECTION 131 574#define X509V3_F_R2I_CERTPOL 130 575#define X509V3_F_S2I_ASN1_IA5STRING 100 576#define X509V3_F_S2I_ASN1_INTEGER 108 577#define X509V3_F_S2I_ASN1_OCTET_STRING 112 578#define X509V3_F_S2I_ASN1_SKEY_ID 114 579#define X509V3_F_S2I_S2I_SKEY_ID 115 580#define X509V3_F_STRING_TO_HEX 113 581#define X509V3_F_SXNET_ADD_ASC 125 582#define X509V3_F_SXNET_ADD_ID_INTEGER 126 583#define X509V3_F_SXNET_ADD_ID_ULONG 127 584#define X509V3_F_SXNET_GET_ID_ASC 128 585#define X509V3_F_SXNET_GET_ID_ULONG 129 586#define X509V3_F_V2I_ACCESS_DESCRIPTION 139 587#define X509V3_F_V2I_ASN1_BIT_STRING 101 588#define X509V3_F_V2I_AUTHORITY_KEYID 119 589#define X509V3_F_V2I_BASIC_CONSTRAINTS 102 590#define X509V3_F_V2I_CRLD 134 591#define X509V3_F_V2I_EXT_KU 103 592#define X509V3_F_V2I_GENERAL_NAME 117 593#define X509V3_F_V2I_GENERAL_NAMES 118 594#define X509V3_F_V3_GENERIC_EXTENSION 116 595#define X509V3_F_X509V3_ADD_I2D 140 596#define X509V3_F_X509V3_ADD_VALUE 105 597#define X509V3_F_X509V3_EXT_ADD 104 598#define X509V3_F_X509V3_EXT_ADD_ALIAS 106 599#define X509V3_F_X509V3_EXT_CONF 107 600#define X509V3_F_X509V3_EXT_I2D 136 601#define X509V3_F_X509V3_GET_VALUE_BOOL 110 602#define X509V3_F_X509V3_PARSE_LIST 109 603#define X509V3_F_X509_PURPOSE_ADD 137 604#define X509V3_F_X509_PURPOSE_SET 141 605 606/* Reason codes. */ 607#define X509V3_R_BAD_IP_ADDRESS 118 608#define X509V3_R_BAD_OBJECT 119 609#define X509V3_R_BN_DEC2BN_ERROR 100 610#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 611#define X509V3_R_DUPLICATE_ZONE_ID 133 612#define X509V3_R_ERROR_CONVERTING_ZONE 131 613#define X509V3_R_ERROR_CREATING_EXTENSION 144 614#define X509V3_R_ERROR_IN_EXTENSION 128 615#define X509V3_R_EXPECTED_A_SECTION_NAME 137 616#define X509V3_R_EXTENSION_EXISTS 145 617#define X509V3_R_EXTENSION_NAME_ERROR 115 618#define X509V3_R_EXTENSION_NOT_FOUND 102 619#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 620#define X509V3_R_EXTENSION_VALUE_ERROR 116 621#define X509V3_R_ILLEGAL_HEX_DIGIT 113 622#define X509V3_R_INVALID_BOOLEAN_STRING 104 623#define X509V3_R_INVALID_EXTENSION_STRING 105 624#define X509V3_R_INVALID_NAME 106 625#define X509V3_R_INVALID_NULL_ARGUMENT 107 626#define X509V3_R_INVALID_NULL_NAME 108 627#define X509V3_R_INVALID_NULL_VALUE 109 628#define X509V3_R_INVALID_NUMBER 140 629#define X509V3_R_INVALID_NUMBERS 141 630#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 631#define X509V3_R_INVALID_OPTION 138 632#define X509V3_R_INVALID_POLICY_IDENTIFIER 134 633#define X509V3_R_INVALID_PURPOSE 146 634#define X509V3_R_INVALID_SECTION 135 635#define X509V3_R_INVALID_SYNTAX 143 636#define X509V3_R_ISSUER_DECODE_ERROR 126 637#define X509V3_R_MISSING_VALUE 124 638#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142 639#define X509V3_R_NO_CONFIG_DATABASE 136 640#define X509V3_R_NO_ISSUER_CERTIFICATE 121 641#define X509V3_R_NO_ISSUER_DETAILS 127 642#define X509V3_R_NO_POLICY_IDENTIFIER 139 643#define X509V3_R_NO_PUBLIC_KEY 114 644#define X509V3_R_NO_SUBJECT_DETAILS 125 645#define X509V3_R_ODD_NUMBER_OF_DIGITS 112 646#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 647#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 648#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 649#define X509V3_R_UNKNOWN_EXTENSION 129 650#define X509V3_R_UNKNOWN_EXTENSION_NAME 130 651#define X509V3_R_UNKNOWN_OPTION 120 652#define X509V3_R_UNSUPPORTED_OPTION 117 653#define X509V3_R_USER_TOO_LONG 132 654 655#ifdef __cplusplus 656} 657#endif 658#endif 659