x509.h revision 221304ee937bc0910948a8be1320cb8cc4eb6d36
15f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer/* crypto/x509/x509.h */ 25f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 35f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * All rights reserved. 45f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * 50bc735ffcfb223c0186419547abaa5c84482663eChris Lattner * This package is an SSL implementation written 60bc735ffcfb223c0186419547abaa5c84482663eChris Lattner * by Eric Young (eay@cryptsoft.com). 75f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * The implementation was written so as to conform with Netscapes SSL. 85f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * 95f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * This library is free for commercial and non-commercial use as long as 105f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * the following conditions are aheared to. The following conditions 115f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * apply to all code found in this distribution, be it the RC4, RSA, 125f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * lhash, DES, etc., code; not just the SSL code. The SSL documentation 135f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * included with this distribution is covered by the same copyright terms 145f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * except that the holder is Tim Hudson (tjh@cryptsoft.com). 155f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * 165f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * Copyright remains Eric Young's, and as such any Copyright notices in 17e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek * the code are not to be removed. 185f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * If this package is used in a product, Eric Young should be given attribution 19e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * as the author of the parts of the library used. 20464175bba1318bef7905122e9fda20cff926df78Chris Lattner * This can be in the form of a textual message at program startup or 21e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * in documentation (online or textual) provided with the package. 22464175bba1318bef7905122e9fda20cff926df78Chris Lattner * 2368d331a78e655d97294e94fcfa63f92cc1f40578Steve Naroff * Redistribution and use in source and binary forms, with or without 247192f8e9592729882a09d84d77838db26e39ebd4Ted Kremenek * modification, are permitted provided that the following conditions 256c2b6eb8d836da19007f7540709e16d5e39a1cbaChris Lattner * are met: 265f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * 1. Redistributions of source code must retain the copyright 275f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * notice, this list of conditions and the following disclaimer. 28b7cfe88e88cb4f46308de89cf3f0c81bfe624128Chris Lattner * 2. Redistributions in binary form must reproduce the above copyright 29b7cfe88e88cb4f46308de89cf3f0c81bfe624128Chris Lattner * notice, this list of conditions and the following disclaimer in the 30b7cfe88e88cb4f46308de89cf3f0c81bfe624128Chris Lattner * documentation and/or other materials provided with the distribution. 31b7cfe88e88cb4f46308de89cf3f0c81bfe624128Chris Lattner * 3. All advertising materials mentioning features or use of this software 325f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * must display the following acknowledgement: 33e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * "This product includes cryptographic software written by 34e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * Eric Young (eay@cryptsoft.com)" 35c7229c338c21ef26b01ef3ecf9eec4fd373fa9ecChris Lattner * The word 'cryptographic' can be left out if the rouines from the library 36e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * being used are not cryptographic related :-). 37e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * 4. If you include any Windows specific code (or a derivative thereof) from 38e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * the apps directory (application code) you must include an acknowledgement: 39e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * 41c56f34a1c1779de15330bdb3eec39b3418802d47Daniel Dunbar * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 485f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 495f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 502bd24ba6d10f8c811c8e2a57c8397e07082ba497Ted Kremenek * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 515f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * SUCH DAMAGE. 52ebb97e98c03f8d7034bd3748a10e35f39a95c289Christopher Lamb * 535f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * The licence and distribution terms for any publically available version or 545f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * derivative of this code cannot be changed. i.e. this code cannot simply be 555618bd4a52c45fbbb605e3ba885663b2164db8a3Steve Naroff * copied and put under another distribution licence 565f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * [including the GNU Public Licence.] 577192f8e9592729882a09d84d77838db26e39ebd4Ted Kremenek */ 58c5773c4b8ce1ed6ed5c7112c9020c954a47dce96Eli Friedman/* ==================================================================== 59c5773c4b8ce1ed6ed5c7112c9020c954a47dce96Eli Friedman * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 605f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * ECDH support in OpenSSL originally developed by 615f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 625f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer */ 63a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek 64a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#ifndef HEADER_X509_H 6588a981b47c7face1b1fdaa9074256245107b9ca9Devang Patel#define HEADER_X509_H 66a9a4a24592a2164114a8a36717650e6341eb67a4Ted Kremenek 6788a981b47c7face1b1fdaa9074256245107b9ca9Devang Patel#include <openssl/e_os2.h> 6844a3dded8080c5c9cfdad208ade8f8f7850d9a4fDevang Patel#include <openssl/symhacks.h> 6944a3dded8080c5c9cfdad208ade8f8f7850d9a4fDevang Patel#ifndef OPENSSL_NO_BUFFER 707d6b46d9a9d75dea8ef9f6973dd50633c1f37963Fariborz Jahanian#include <openssl/buffer.h> 717d6b46d9a9d75dea8ef9f6973dd50633c1f37963Fariborz Jahanian#endif 72b2cf3573d7351094f6247fcca94703ce88eb9ee0Anders Carlsson#ifndef OPENSSL_NO_EVP 73b2cf3573d7351094f6247fcca94703ce88eb9ee0Anders Carlsson#include <openssl/evp.h> 74b2cf3573d7351094f6247fcca94703ce88eb9ee0Anders Carlsson#endif 75b2cf3573d7351094f6247fcca94703ce88eb9ee0Anders Carlsson#ifndef OPENSSL_NO_BIO 76b2cf3573d7351094f6247fcca94703ce88eb9ee0Anders Carlsson#include <openssl/bio.h> 777e219e47de26346885d667131977bd9ca2d7662aSteve Naroff#endif 786083ea3723ec3996ae3bdf8d1b352b0c3b3922c8Ted Kremenek#include <openssl/stack.h> 79a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#include <openssl/asn1.h> 807e219e47de26346885d667131977bd9ca2d7662aSteve Naroff#include <openssl/safestack.h> 812198891824c38d45b2279de5d5e3ef9394eb457cSteve Naroff 826083ea3723ec3996ae3bdf8d1b352b0c3b3922c8Ted Kremenek#ifndef OPENSSL_NO_EC 83a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#include <openssl/ec.h> 84b62f6813406a03bf8a371c4e46c9fad51d102121Fariborz Jahanian#endif 85b62f6813406a03bf8a371c4e46c9fad51d102121Fariborz Jahanian 866083ea3723ec3996ae3bdf8d1b352b0c3b3922c8Ted Kremenek#ifndef OPENSSL_NO_ECDSA 87a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#include <openssl/ecdsa.h> 88390d50a725497e99247dc104a7d2c2a255d3af14Fariborz Jahanian#endif 898baaca50f07d0c10bba69c8d88c1b9078c92d06dAnders Carlsson 906083ea3723ec3996ae3bdf8d1b352b0c3b3922c8Ted Kremenek#ifndef OPENSSL_NO_ECDH 91a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#include <openssl/ecdh.h> 928baaca50f07d0c10bba69c8d88c1b9078c92d06dAnders Carlsson#endif 93390d50a725497e99247dc104a7d2c2a255d3af14Fariborz Jahanian 94a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#ifndef OPENSSL_NO_DEPRECATED 952198891824c38d45b2279de5d5e3ef9394eb457cSteve Naroff#ifndef OPENSSL_NO_RSA 967a9d49fd2bfac00e905b361ba76d26ab5b6c3b09Ted Kremenek#include <openssl/rsa.h> 97ef177820100ab583b08fd3056e2a5a52ee4b1629Argyrios Kyrtzidis#endif 98ef177820100ab583b08fd3056e2a5a52ee4b1629Argyrios Kyrtzidis#ifndef OPENSSL_NO_DSA 99e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek#include <openssl/dsa.h> 100b800dc2d5e27ec60f567567b623cdc61152b8fb8Chris Lattner#endif 101e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek#ifndef OPENSSL_NO_DH 102e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek#include <openssl/dh.h> 103e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek#endif 104e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek#endif 105e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek 106e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek#ifndef OPENSSL_NO_SHA 1076c2b6eb8d836da19007f7540709e16d5e39a1cbaChris Lattner#include <openssl/sha.h> 108e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek#endif 1097a9d49fd2bfac00e905b361ba76d26ab5b6c3b09Ted Kremenek#include <openssl/ossl_typ.h> 1105f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer 11171993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson#ifdef __cplusplus 11229238a0bf7cbf5b396efb451a0adb5fe4aa037caSteve Naroffextern "C" { 113a9a4a24592a2164114a8a36717650e6341eb67a4Ted Kremenek#endif 1147a9d49fd2bfac00e905b361ba76d26ab5b6c3b09Ted Kremenek 115e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek#ifdef OPENSSL_SYS_WIN32 116e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek/* Under Win32 these are defined in wincrypt.h */ 1176c2b6eb8d836da19007f7540709e16d5e39a1cbaChris Lattner#undef X509_NAME 1189c728dc4d8da89c73fcae74c9e72d7a83ffd7b6dTed Kremenek#undef X509_CERT_PAIR 1199c728dc4d8da89c73fcae74c9e72d7a83ffd7b6dTed Kremenek#undef X509_EXTENSIONS 1209c728dc4d8da89c73fcae74c9e72d7a83ffd7b6dTed Kremenek#endif 121ef177820100ab583b08fd3056e2a5a52ee4b1629Argyrios Kyrtzidis 122ef177820100ab583b08fd3056e2a5a52ee4b1629Argyrios Kyrtzidis#define X509_FILETYPE_PEM 1 123ef177820100ab583b08fd3056e2a5a52ee4b1629Argyrios Kyrtzidis#define X509_FILETYPE_ASN1 2 124a9a4a24592a2164114a8a36717650e6341eb67a4Ted Kremenek#define X509_FILETYPE_DEFAULT 3 125a9a4a24592a2164114a8a36717650e6341eb67a4Ted Kremenek 126a9a4a24592a2164114a8a36717650e6341eb67a4Ted Kremenek#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 1275f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#define X509v3_KU_NON_REPUDIATION 0x0040 1285f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 1295f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 1305f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#define X509v3_KU_KEY_AGREEMENT 0x0008 1315f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#define X509v3_KU_KEY_CERT_SIGN 0x0004 1325f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#define X509v3_KU_CRL_SIGN 0x0002 13364c438a4be2a871fa43c78264663ba1e9788b94dArgyrios Kyrtzidis#define X509v3_KU_ENCIPHER_ONLY 0x0001 1345f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#define X509v3_KU_DECIPHER_ONLY 0x8000 1355f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#define X509v3_KU_UNDEF 0xffff 1365f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer 1375f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencertypedef struct X509_objects_st 1385f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer { 13933e1d64ab5cd5d27f8530ccd056191fe2c9f3f2eFariborz Jahanian int nid; 1405f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer int (*a2i)(void); 141e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek int (*i2a)(void); 142e7d07d113677a39026ff5119b8b67f6fe8ca9793Ted Kremenek } X509_OBJECTS; 143e91593ef084479340582b2ba177b44be50a717b7Daniel Dunbar 144fee0452973f28691a61aab0fb074468ce3e34b9bTed Kremenekstruct X509_algor_st 1455f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer { 1465f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer ASN1_OBJECT *algorithm; 1475f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer ASN1_TYPE *parameter; 14803ed44061df258e74a40383bda849e14b892a8c6Ted Kremenek } /* X509_ALGOR */; 14903ed44061df258e74a40383bda849e14b892a8c6Ted Kremenek 150464175bba1318bef7905122e9fda20cff926df78Chris LattnerDECLARE_ASN1_SET_OF(X509_ALGOR) 151464175bba1318bef7905122e9fda20cff926df78Chris Lattner 152464175bba1318bef7905122e9fda20cff926df78Chris Lattnertypedef STACK_OF(X509_ALGOR) X509_ALGORS; 153d2d2a11a91d7ddf468bfb70f66362d24806ed601Chris Lattner 154f46699ce225811d8d9dbab9d00189a0e54469457Chris Lattnertypedef struct X509_val_st 155f46699ce225811d8d9dbab9d00189a0e54469457Chris Lattner { 156f46699ce225811d8d9dbab9d00189a0e54469457Chris Lattner ASN1_TIME *notBefore; 157f46699ce225811d8d9dbab9d00189a0e54469457Chris Lattner ASN1_TIME *notAfter; 158ebb97e98c03f8d7034bd3748a10e35f39a95c289Christopher Lamb } X509_VAL; 159ebb97e98c03f8d7034bd3748a10e35f39a95c289Christopher Lamb 1605f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencerstruct X509_pubkey_st 1615f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer { 1625f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer X509_ALGOR *algor; 1635f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer ASN1_BIT_STRING *public_key; 1645f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer EVP_PKEY *pkey; 1655f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer }; 1665f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer 1675618bd4a52c45fbbb605e3ba885663b2164db8a3Steve Narofftypedef struct X509_sig_st 1685618bd4a52c45fbbb605e3ba885663b2164db8a3Steve Naroff { 1695618bd4a52c45fbbb605e3ba885663b2164db8a3Steve Naroff X509_ALGOR *algor; 1705618bd4a52c45fbbb605e3ba885663b2164db8a3Steve Naroff ASN1_OCTET_STRING *digest; 1715f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer } X509_SIG; 1725f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer 1735f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencertypedef struct X509_name_entry_st 1745f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer { 1755f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer ASN1_OBJECT *object; 176bdbf7b030a3e0ddb95240076683830e6f78c79a5Steve Naroff ASN1_STRING *value; 177bdbf7b030a3e0ddb95240076683830e6f78c79a5Steve Naroff int set; 178c9406125e2cac9208098655ac8058c095c2c3a65Steve Naroff int size; /* temp variable */ 179c9406125e2cac9208098655ac8058c095c2c3a65Steve Naroff } X509_NAME_ENTRY; 180c9406125e2cac9208098655ac8058c095c2c3a65Steve Naroff 181fb22d96692c5240fb8d611290dbf7eeed3759c73Steve NaroffDECLARE_STACK_OF(X509_NAME_ENTRY) 182c5773c4b8ce1ed6ed5c7112c9020c954a47dce96Eli FriedmanDECLARE_ASN1_SET_OF(X509_NAME_ENTRY) 183c5773c4b8ce1ed6ed5c7112c9020c954a47dce96Eli Friedman 184c5773c4b8ce1ed6ed5c7112c9020c954a47dce96Eli Friedman/* we always keep X509_NAMEs in 2 forms. */ 185c5773c4b8ce1ed6ed5c7112c9020c954a47dce96Eli Friedmanstruct X509_name_st 186c5773c4b8ce1ed6ed5c7112c9020c954a47dce96Eli Friedman { 187c5773c4b8ce1ed6ed5c7112c9020c954a47dce96Eli Friedman STACK_OF(X509_NAME_ENTRY) *entries; 188bdbf7b030a3e0ddb95240076683830e6f78c79a5Steve Naroff int modified; /* true if 'bytes' needs to be built */ 189bdbf7b030a3e0ddb95240076683830e6f78c79a5Steve Naroff#ifndef OPENSSL_NO_BUFFER 190c9406125e2cac9208098655ac8058c095c2c3a65Steve Naroff BUF_MEM *bytes; 191c9406125e2cac9208098655ac8058c095c2c3a65Steve Naroff#else 192c9406125e2cac9208098655ac8058c095c2c3a65Steve Naroff char *bytes; 1935f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#endif 19473322924127c873c13101b705dd823f5539ffa5fSteve Naroff/* unsigned long hash; Keep the hash around for lookups */ 19573322924127c873c13101b705dd823f5539ffa5fSteve Naroff unsigned char *canon_enc; 19673322924127c873c13101b705dd823f5539ffa5fSteve Naroff int canon_enclen; 19773322924127c873c13101b705dd823f5539ffa5fSteve Naroff } /* X509_NAME */; 198213541a68a3e137d11d2cefb612c6cdb410d7e8eNate Begeman 199213541a68a3e137d11d2cefb612c6cdb410d7e8eNate BegemanDECLARE_STACK_OF(X509_NAME) 200213541a68a3e137d11d2cefb612c6cdb410d7e8eNate Begeman 201213541a68a3e137d11d2cefb612c6cdb410d7e8eNate Begeman#define X509_EX_V_NETSCAPE_HACK 0x8000 2025f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer#define X509_EX_V_INIT 0x0001 2035f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencertypedef struct X509_extension_st 2045f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer { 2055f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer ASN1_OBJECT *object; 2065f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer ASN1_BOOLEAN critical; 2075f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer ASN1_OCTET_STRING *value; 2085f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer } X509_EXTENSION; 20986da77fdaf4c0237eafb9670f54eee20b08635bfEli Friedman 2105f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencertypedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; 2112ce52f3fb95bf544db6bd3d91a72bce7d9cceb6cDouglas Gregor 2122ce52f3fb95bf544db6bd3d91a72bce7d9cceb6cDouglas GregorDECLARE_STACK_OF(X509_EXTENSION) 2132ce52f3fb95bf544db6bd3d91a72bce7d9cceb6cDouglas GregorDECLARE_ASN1_SET_OF(X509_EXTENSION) 2142ce52f3fb95bf544db6bd3d91a72bce7d9cceb6cDouglas Gregor 2152ce52f3fb95bf544db6bd3d91a72bce7d9cceb6cDouglas Gregor/* a sequence of these are used */ 2165f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencertypedef struct x509_attributes_st 2175f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer { 2185f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer ASN1_OBJECT *object; 219a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek int single; /* 0 for a set, 1 for a single item (which is wrong) */ 2204b6c9051c6522894978c9ba6a819a659d102db36Fariborz Jahanian union { 221a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek char *ptr; 222a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek/* 0 */ STACK_OF(ASN1_TYPE) *set; 2234b6c9051c6522894978c9ba6a819a659d102db36Fariborz Jahanian/* 1 */ ASN1_TYPE *single; 224a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek } value; 225a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek } X509_ATTRIBUTE; 226c569249ca0ab755ac79d8cbbfcb2bcae19743624Fariborz Jahanian 227a526c5c67e5a0473c340903ee542ce570119665fTed KremenekDECLARE_STACK_OF(X509_ATTRIBUTE) 228c569249ca0ab755ac79d8cbbfcb2bcae19743624Fariborz JahanianDECLARE_ASN1_SET_OF(X509_ATTRIBUTE) 22962f5f7ffad57e0c2af2b308af3735351505937cbChris Lattner 230c569249ca0ab755ac79d8cbbfcb2bcae19743624Fariborz Jahanian 231c569249ca0ab755ac79d8cbbfcb2bcae19743624Fariborz Jahaniantypedef struct X509_req_info_st 2325f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer { 233d1861fd633d5096a00777c918eb8575ea7162fe7Steve Naroff ASN1_ENCODING enc; 2348d1a3b8ca1e5fcc4567b5a6f51d82be2e460de1cSteve Naroff ASN1_INTEGER *version; 235d1861fd633d5096a00777c918eb8575ea7162fe7Steve Naroff X509_NAME *subject; 236d1861fd633d5096a00777c918eb8575ea7162fe7Steve Naroff X509_PUBKEY *pubkey; 2375f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer /* d=2 hl=2 l= 0 cons: cont: 00 */ 2385f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ 2395f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer } X509_REQ_INFO; 2405f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer 2415f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencertypedef struct X509_req_st 2425f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer { 2435f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer X509_REQ_INFO *req_info; 244fd888a581d6d329f5b447c8ff4d37cf396315993Eli Friedman X509_ALGOR *sig_alg; 24555f4b02bc71e7347986c6a5249bef635aac1901aArgyrios Kyrtzidis ASN1_BIT_STRING *signature; 246fd888a581d6d329f5b447c8ff4d37cf396315993Eli Friedman int references; 24755f4b02bc71e7347986c6a5249bef635aac1901aArgyrios Kyrtzidis } X509_REQ; 24864c438a4be2a871fa43c78264663ba1e9788b94dArgyrios Kyrtzidis 24964c438a4be2a871fa43c78264663ba1e9788b94dArgyrios Kyrtzidistypedef struct x509_cinf_st 25064c438a4be2a871fa43c78264663ba1e9788b94dArgyrios Kyrtzidis { 25164c438a4be2a871fa43c78264663ba1e9788b94dArgyrios Kyrtzidis ASN1_INTEGER *version; /* [ 0 ] default of v1 */ 25264c438a4be2a871fa43c78264663ba1e9788b94dArgyrios Kyrtzidis ASN1_INTEGER *serialNumber; 25364c438a4be2a871fa43c78264663ba1e9788b94dArgyrios Kyrtzidis X509_ALGOR *signature; 25464c438a4be2a871fa43c78264663ba1e9788b94dArgyrios Kyrtzidis X509_NAME *issuer; 25564c438a4be2a871fa43c78264663ba1e9788b94dArgyrios Kyrtzidis X509_VAL *validity; 2565f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer X509_NAME *subject; 2578b9023ba35a86838789e2c9034a6128728c547aaChris Lattner X509_PUBKEY *key; 2588b9023ba35a86838789e2c9034a6128728c547aaChris Lattner ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ 2598b9023ba35a86838789e2c9034a6128728c547aaChris Lattner ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ 2608b9023ba35a86838789e2c9034a6128728c547aaChris Lattner STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ 261beaf299a2701c5559a4e5d76b0c40f805afb8e6aSteve Naroff } X509_CINF; 262beaf299a2701c5559a4e5d76b0c40f805afb8e6aSteve Naroff 26371993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson/* This stuff is certificate "auxiliary info" 26471993dd85eed9cc42c6b2fa61ee5c53026b74817Anders Carlsson * it contains details which are useful in certificate 265983df5b2280980e59b0b062bcc2882230465a61eSteve Naroff * stores and databases. When used this is tagged onto 266a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek * the end of the certificate itself 267a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek */ 268a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek 2692198891824c38d45b2279de5d5e3ef9394eb457cSteve Narofftypedef struct x509_cert_aux_st 270b62f6813406a03bf8a371c4e46c9fad51d102121Fariborz Jahanian { 27185f9bceab1542aafff012d4d28e998f4ba16e362Anders Carlsson STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ 2727d6b46d9a9d75dea8ef9f6973dd50633c1f37963Fariborz Jahanian STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ 273c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner ASN1_UTF8STRING *alias; /* "friendly name" */ 27433e1d64ab5cd5d27f8530ccd056191fe2c9f3f2eFariborz Jahanian ASN1_OCTET_STRING *keyid; /* key id of private key */ 275ecb01e666665efabd2aa76a76f6080e2a78965faFariborz Jahanian STACK_OF(X509_ALGOR) *other; /* other unspecified info */ 276a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek } X509_CERT_AUX; 277ecb01e666665efabd2aa76a76f6080e2a78965faFariborz Jahanian 278ecb01e666665efabd2aa76a76f6080e2a78965faFariborz Jahanianstruct x509_st 279a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek { 28033e1d64ab5cd5d27f8530ccd056191fe2c9f3f2eFariborz Jahanian X509_CINF *cert_info; 281c56f34a1c1779de15330bdb3eec39b3418802d47Daniel Dunbar X509_ALGOR *sig_alg; 282c56f34a1c1779de15330bdb3eec39b3418802d47Daniel Dunbar ASN1_BIT_STRING *signature; 283c56f34a1c1779de15330bdb3eec39b3418802d47Daniel Dunbar int valid; 284c56f34a1c1779de15330bdb3eec39b3418802d47Daniel Dunbar int references; 285c56f34a1c1779de15330bdb3eec39b3418802d47Daniel Dunbar char *name; 286c56f34a1c1779de15330bdb3eec39b3418802d47Daniel Dunbar CRYPTO_EX_DATA ex_data; 28777a49f6b1e5741f6bda71eb7837b43343925027bArgyrios Kyrtzidis /* These contain copies of various extension values */ 288c56f34a1c1779de15330bdb3eec39b3418802d47Daniel Dunbar long ex_pathlen; 289c56f34a1c1779de15330bdb3eec39b3418802d47Daniel Dunbar long ex_pcpathlen; 29033e1d64ab5cd5d27f8530ccd056191fe2c9f3f2eFariborz Jahanian unsigned long ex_flags; 291a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek unsigned long ex_kusage; 29233e1d64ab5cd5d27f8530ccd056191fe2c9f3f2eFariborz Jahanian unsigned long ex_xkusage; 293a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek unsigned long ex_nscert; 29485f9bceab1542aafff012d4d28e998f4ba16e362Anders Carlsson ASN1_OCTET_STRING *skid; 295d85376aa66bc16488539f6bb11f97d0170b1fe6bChris Lattner AUTHORITY_KEYID *akid; 296d85376aa66bc16488539f6bb11f97d0170b1fe6bChris Lattner X509_POLICY_CACHE *policy_cache; 297a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek STACK_OF(DIST_POINT) *crldp; 298d85376aa66bc16488539f6bb11f97d0170b1fe6bChris Lattner STACK_OF(GENERAL_NAME) *altname; 299b62f6813406a03bf8a371c4e46c9fad51d102121Fariborz Jahanian NAME_CONSTRAINTS *nc; 300a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#ifndef OPENSSL_NO_RFC3779 301a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek STACK_OF(IPAddressFamily) *rfc3779_addr; 302b62f6813406a03bf8a371c4e46c9fad51d102121Fariborz Jahanian struct ASIdentifiers_st *rfc3779_asid; 303a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#endif 304a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#ifndef OPENSSL_NO_SHA 305390d50a725497e99247dc104a7d2c2a255d3af14Fariborz Jahanian unsigned char sha1_hash[SHA_DIGEST_LENGTH]; 306d85376aa66bc16488539f6bb11f97d0170b1fe6bChris Lattner#endif 307d85376aa66bc16488539f6bb11f97d0170b1fe6bChris Lattner X509_CERT_AUX *aux; 308d85376aa66bc16488539f6bb11f97d0170b1fe6bChris Lattner } /* X509 */; 309a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek 310d85376aa66bc16488539f6bb11f97d0170b1fe6bChris LattnerDECLARE_STACK_OF(X509) 3118baaca50f07d0c10bba69c8d88c1b9078c92d06dAnders CarlssonDECLARE_ASN1_SET_OF(X509) 312b2cf3573d7351094f6247fcca94703ce88eb9ee0Anders Carlsson 313b2cf3573d7351094f6247fcca94703ce88eb9ee0Anders Carlsson/* This is used for a table of trust checking functions */ 314b2cf3573d7351094f6247fcca94703ce88eb9ee0Anders Carlsson 315464175bba1318bef7905122e9fda20cff926df78Chris Lattnertypedef struct x509_trust_st { 316b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted Kremenek int trust; 317b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted Kremenek int flags; 318b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted Kremenek int (*check_trust)(struct x509_trust_st *, X509 *, int); 319b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted Kremenek char *name; 320b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted Kremenek int arg1; 321b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted Kremenek void *arg2; 322b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted Kremenek} X509_TRUST; 323b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted Kremenek 324b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted KremenekDECLARE_STACK_OF(X509_TRUST) 325b6ccaac65ca72f72954eb3893bbd940bedd23f00Ted Kremenek 326464175bba1318bef7905122e9fda20cff926df78Chris Lattnertypedef struct x509_cert_pair_st { 327464175bba1318bef7905122e9fda20cff926df78Chris Lattner X509 *forward; 328464175bba1318bef7905122e9fda20cff926df78Chris Lattner X509 *reverse; 329b7cfe88e88cb4f46308de89cf3f0c81bfe624128Chris Lattner} X509_CERT_PAIR; 330b7cfe88e88cb4f46308de89cf3f0c81bfe624128Chris Lattner 331b7cfe88e88cb4f46308de89cf3f0c81bfe624128Chris Lattner/* standard trust ids */ 332b7cfe88e88cb4f46308de89cf3f0c81bfe624128Chris Lattner 333464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ 334464175bba1318bef7905122e9fda20cff926df78Chris Lattner 33598be4943e8dc4f3905629a7102668960873cf863Chris Lattner#define X509_TRUST_COMPAT 1 336464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_SSL_CLIENT 2 337464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_SSL_SERVER 3 338464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_EMAIL 4 33998be4943e8dc4f3905629a7102668960873cf863Chris Lattner#define X509_TRUST_OBJECT_SIGN 5 34098be4943e8dc4f3905629a7102668960873cf863Chris Lattner#define X509_TRUST_OCSP_SIGN 6 341464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_OCSP_REQUEST 7 342464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_TSA 8 343464175bba1318bef7905122e9fda20cff926df78Chris Lattner 344464175bba1318bef7905122e9fda20cff926df78Chris Lattner/* Keep these up to date! */ 34598be4943e8dc4f3905629a7102668960873cf863Chris Lattner#define X509_TRUST_MIN 1 34698be4943e8dc4f3905629a7102668960873cf863Chris Lattner#define X509_TRUST_MAX 8 347464175bba1318bef7905122e9fda20cff926df78Chris Lattner 348464175bba1318bef7905122e9fda20cff926df78Chris Lattner 34988a981b47c7face1b1fdaa9074256245107b9ca9Devang Patel/* trust_flags values */ 350464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_DYNAMIC 1 351464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_DYNAMIC_NAME 2 35298be4943e8dc4f3905629a7102668960873cf863Chris Lattner 353464175bba1318bef7905122e9fda20cff926df78Chris Lattner/* check_trust return codes */ 35444a3dded8080c5c9cfdad208ade8f8f7850d9a4fDevang Patel 355464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_TRUSTED 1 356464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_REJECTED 2 357464175bba1318bef7905122e9fda20cff926df78Chris Lattner#define X509_TRUST_UNTRUSTED 3 358464175bba1318bef7905122e9fda20cff926df78Chris Lattner 35977c9647cae939104c6cb2b6a4dd8ca859d2e5770Chris Lattner/* Flags for X509_print_ex() */ 36077c9647cae939104c6cb2b6a4dd8ca859d2e5770Chris Lattner 36177c9647cae939104c6cb2b6a4dd8ca859d2e5770Chris Lattner#define X509_FLAG_COMPAT 0 36277c9647cae939104c6cb2b6a4dd8ca859d2e5770Chris Lattner#define X509_FLAG_NO_HEADER 1L 36377c9647cae939104c6cb2b6a4dd8ca859d2e5770Chris Lattner#define X509_FLAG_NO_VERSION (1L << 1) 36477c9647cae939104c6cb2b6a4dd8ca859d2e5770Chris Lattner#define X509_FLAG_NO_SERIAL (1L << 2) 36577c9647cae939104c6cb2b6a4dd8ca859d2e5770Chris Lattner#define X509_FLAG_NO_SIGNAME (1L << 3) 36677c9647cae939104c6cb2b6a4dd8ca859d2e5770Chris Lattner#define X509_FLAG_NO_ISSUER (1L << 4) 367c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner#define X509_FLAG_NO_VALIDITY (1L << 5) 368c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner#define X509_FLAG_NO_SUBJECT (1L << 6) 369c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner#define X509_FLAG_NO_PUBKEY (1L << 7) 370c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner#define X509_FLAG_NO_EXTENSIONS (1L << 8) 371c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner#define X509_FLAG_NO_SIGDUMP (1L << 9) 372c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner#define X509_FLAG_NO_AUX (1L << 10) 373c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner#define X509_FLAG_NO_ATTRIBUTES (1L << 11) 374c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner 375c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner/* Flags specific to X509_NAME_print_ex() */ 376c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner 377c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner/* The field separator information */ 378c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner 379c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner#define XN_FLAG_SEP_MASK (0xf << 16) 380c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner 381c63a1f276f7b324fd9a4be82098b1c8f7bf30733Chris Lattner#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */ 382e6327747b72bb687c948270f702ff53c30f411a6Chris Lattner#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */ 383e6327747b72bb687c948270f702ff53c30f411a6Chris Lattner#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */ 384e6327747b72bb687c948270f702ff53c30f411a6Chris Lattner#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */ 385e6327747b72bb687c948270f702ff53c30f411a6Chris Lattner#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */ 386e6327747b72bb687c948270f702ff53c30f411a6Chris Lattner 387e6327747b72bb687c948270f702ff53c30f411a6Chris Lattner#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */ 388e6327747b72bb687c948270f702ff53c30f411a6Chris Lattner 389e6327747b72bb687c948270f702ff53c30f411a6Chris Lattner/* How the field name is shown */ 3907cfeb08f2466d6263ec6ff1402298f93f6d6991fChris Lattner 3917cfeb08f2466d6263ec6ff1402298f93f6d6991fChris Lattner#define XN_FLAG_FN_MASK (0x3 << 21) 3927cfeb08f2466d6263ec6ff1402298f93f6d6991fChris Lattner 3937cfeb08f2466d6263ec6ff1402298f93f6d6991fChris Lattner#define XN_FLAG_FN_SN 0 /* Object short name */ 394a75cea3f6be0daa8054d36af81a6ffda1713f82dChris Lattner#define XN_FLAG_FN_LN (1 << 21) /* Object long name */ 395a75cea3f6be0daa8054d36af81a6ffda1713f82dChris Lattner#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */ 396a75cea3f6be0daa8054d36af81a6ffda1713f82dChris Lattner#define XN_FLAG_FN_NONE (3 << 21) /* No field names */ 397a75cea3f6be0daa8054d36af81a6ffda1713f82dChris Lattner 398a75cea3f6be0daa8054d36af81a6ffda1713f82dChris Lattner#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */ 399a75cea3f6be0daa8054d36af81a6ffda1713f82dChris Lattner 4005f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer/* This determines if we dump fields we don't recognise: 401716c7304ff5d27a95e1e7823acd1d09d5ec3e37fSteve Naroff * RFC2253 requires this. 402716c7304ff5d27a95e1e7823acd1d09d5ec3e37fSteve Naroff */ 403716c7304ff5d27a95e1e7823acd1d09d5ec3e37fSteve Naroff 404716c7304ff5d27a95e1e7823acd1d09d5ec3e37fSteve Naroff#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) 405f1448a0e4a1e868ff873a8530a61a09cb68666ccSteve Naroff 406f1448a0e4a1e868ff873a8530a61a09cb68666ccSteve Naroff#define XN_FLAG_FN_ALIGN (1 << 25) /* Align field names to 20 characters */ 407ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff 408ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff/* Complete set of RFC2253 flags */ 409ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff 410ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ 411ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff XN_FLAG_SEP_COMMA_PLUS | \ 412ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff XN_FLAG_DN_REV | \ 413ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff XN_FLAG_FN_SN | \ 414ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff XN_FLAG_DUMP_UNKNOWN_FIELDS) 415a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek 41645ecd5daa36385b7e0b2f657357805e01f5d8cbfSteve Naroff/* readable oneline form */ 41745ecd5daa36385b7e0b2f657357805e01f5d8cbfSteve Naroff 418ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ 419ec0550fa3653d46560bf4484a2e988329c228e39Steve Naroff ASN1_STRFLGS_ESC_QUOTE | \ 420a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek XN_FLAG_SEP_CPLUS_SPC | \ 42145ecd5daa36385b7e0b2f657357805e01f5d8cbfSteve Naroff XN_FLAG_SPC_EQ | \ 42245ecd5daa36385b7e0b2f657357805e01f5d8cbfSteve Naroff XN_FLAG_FN_SN) 4238baaca50f07d0c10bba69c8d88c1b9078c92d06dAnders Carlsson 4248baaca50f07d0c10bba69c8d88c1b9078c92d06dAnders Carlsson/* readable multiline form */ 425a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek 426a526c5c67e5a0473c340903ee542ce570119665fTed Kremenek#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ 4278baaca50f07d0c10bba69c8d88c1b9078c92d06dAnders Carlsson ASN1_STRFLGS_ESC_MSB | \ 4288baaca50f07d0c10bba69c8d88c1b9078c92d06dAnders Carlsson XN_FLAG_SEP_MULTILINE | \ 4298baaca50f07d0c10bba69c8d88c1b9078c92d06dAnders Carlsson XN_FLAG_SPC_EQ | \ 4303d815e7eb56c25d7ed812eced32e41df43039f9aEli Friedman XN_FLAG_FN_LN | \ 4313d815e7eb56c25d7ed812eced32e41df43039f9aEli Friedman XN_FLAG_FN_ALIGN) 4323d815e7eb56c25d7ed812eced32e41df43039f9aEli Friedman 4333d815e7eb56c25d7ed812eced32e41df43039f9aEli Friedmanstruct x509_revoked_st 4343d815e7eb56c25d7ed812eced32e41df43039f9aEli Friedman { 4353d815e7eb56c25d7ed812eced32e41df43039f9aEli Friedman ASN1_INTEGER *serialNumber; 4363d815e7eb56c25d7ed812eced32e41df43039f9aEli Friedman ASN1_TIME *revocationDate; 4373d815e7eb56c25d7ed812eced32e41df43039f9aEli Friedman STACK_OF(X509_EXTENSION) /* optional */ *extensions; 438368eefa081d12f0a265ee90ee8ec61b54168d57dChris Lattner /* Set up if indirect CRL */ 439ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman STACK_OF(GENERAL_NAME) *issuer; 440ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman /* Revocation reason */ 441ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman int reason; 442ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman int sequence; /* load sequence */ 443ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman }; 444ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman 445ad74a758189180b8ab8faea648e4766c3bfd7fcbEli FriedmanDECLARE_STACK_OF(X509_REVOKED) 446ad74a758189180b8ab8faea648e4766c3bfd7fcbEli FriedmanDECLARE_ASN1_SET_OF(X509_REVOKED) 447ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman 448ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedmantypedef struct X509_crl_info_st 449ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman { 450ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman ASN1_INTEGER *version; 451ad74a758189180b8ab8faea648e4766c3bfd7fcbEli Friedman X509_ALGOR *sig_alg; 452368eefa081d12f0a265ee90ee8ec61b54168d57dChris Lattner X509_NAME *issuer; 453368eefa081d12f0a265ee90ee8ec61b54168d57dChris Lattner ASN1_TIME *lastUpdate; 454368eefa081d12f0a265ee90ee8ec61b54168d57dChris Lattner ASN1_TIME *nextUpdate; 455368eefa081d12f0a265ee90ee8ec61b54168d57dChris Lattner STACK_OF(X509_REVOKED) *revoked; 456368eefa081d12f0a265ee90ee8ec61b54168d57dChris Lattner STACK_OF(X509_EXTENSION) /* [0] */ *extensions; 457368eefa081d12f0a265ee90ee8ec61b54168d57dChris Lattner ASN1_ENCODING enc; 4585f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer } X509_CRL_INFO; 4595f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer 4605f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencerstruct X509_crl_st 4615f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer { 4625f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer /* actual signature */ 4635f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer X509_CRL_INFO *crl; 4645f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer X509_ALGOR *sig_alg; 4655f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer ASN1_BIT_STRING *signature; 4665f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer int references; 4675f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer int flags; 4685f016e2cb5d11daeb237544de1c5d59f20fe1a6eReid Spencer /* Copies of various extensions */ 469 AUTHORITY_KEYID *akid; 470 ISSUING_DIST_POINT *idp; 471 /* Convenient breakdown of IDP */ 472 int idp_flags; 473 int idp_reasons; 474 /* CRL and base CRL numbers for delta processing */ 475 ASN1_INTEGER *crl_number; 476 ASN1_INTEGER *base_crl_number; 477#ifndef OPENSSL_NO_SHA 478 unsigned char sha1_hash[SHA_DIGEST_LENGTH]; 479#endif 480 STACK_OF(GENERAL_NAMES) *issuers; 481 const X509_CRL_METHOD *meth; 482 void *meth_data; 483 } /* X509_CRL */; 484 485DECLARE_STACK_OF(X509_CRL) 486DECLARE_ASN1_SET_OF(X509_CRL) 487 488typedef struct private_key_st 489 { 490 int version; 491 /* The PKCS#8 data types */ 492 X509_ALGOR *enc_algor; 493 ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ 494 495 /* When decrypted, the following will not be NULL */ 496 EVP_PKEY *dec_pkey; 497 498 /* used to encrypt and decrypt */ 499 int key_length; 500 char *key_data; 501 int key_free; /* true if we should auto free key_data */ 502 503 /* expanded version of 'enc_algor' */ 504 EVP_CIPHER_INFO cipher; 505 506 int references; 507 } X509_PKEY; 508 509#ifndef OPENSSL_NO_EVP 510typedef struct X509_info_st 511 { 512 X509 *x509; 513 X509_CRL *crl; 514 X509_PKEY *x_pkey; 515 516 EVP_CIPHER_INFO enc_cipher; 517 int enc_len; 518 char *enc_data; 519 520 int references; 521 } X509_INFO; 522 523DECLARE_STACK_OF(X509_INFO) 524#endif 525 526/* The next 2 structures and their 8 routines were sent to me by 527 * Pat Richard <patr@x509.com> and are used to manipulate 528 * Netscapes spki structures - useful if you are writing a CA web page 529 */ 530typedef struct Netscape_spkac_st 531 { 532 X509_PUBKEY *pubkey; 533 ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ 534 } NETSCAPE_SPKAC; 535 536typedef struct Netscape_spki_st 537 { 538 NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ 539 X509_ALGOR *sig_algor; 540 ASN1_BIT_STRING *signature; 541 } NETSCAPE_SPKI; 542 543/* Netscape certificate sequence structure */ 544typedef struct Netscape_certificate_sequence 545 { 546 ASN1_OBJECT *type; 547 STACK_OF(X509) *certs; 548 } NETSCAPE_CERT_SEQUENCE; 549 550/* Unused (and iv length is wrong) 551typedef struct CBCParameter_st 552 { 553 unsigned char iv[8]; 554 } CBC_PARAM; 555*/ 556 557/* Password based encryption structure */ 558 559typedef struct PBEPARAM_st { 560ASN1_OCTET_STRING *salt; 561ASN1_INTEGER *iter; 562} PBEPARAM; 563 564/* Password based encryption V2 structures */ 565 566typedef struct PBE2PARAM_st { 567X509_ALGOR *keyfunc; 568X509_ALGOR *encryption; 569} PBE2PARAM; 570 571typedef struct PBKDF2PARAM_st { 572ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */ 573ASN1_INTEGER *iter; 574ASN1_INTEGER *keylength; 575X509_ALGOR *prf; 576} PBKDF2PARAM; 577 578 579/* PKCS#8 private key info structure */ 580 581struct pkcs8_priv_key_info_st 582 { 583 int broken; /* Flag for various broken formats */ 584#define PKCS8_OK 0 585#define PKCS8_NO_OCTET 1 586#define PKCS8_EMBEDDED_PARAM 2 587#define PKCS8_NS_DB 3 588#define PKCS8_NEG_PRIVKEY 4 589 ASN1_INTEGER *version; 590 X509_ALGOR *pkeyalg; 591 ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ 592 STACK_OF(X509_ATTRIBUTE) *attributes; 593 }; 594 595#ifdef __cplusplus 596} 597#endif 598 599#include <openssl/x509_vfy.h> 600#include <openssl/pkcs7.h> 601 602#ifdef __cplusplus 603extern "C" { 604#endif 605 606#define X509_EXT_PACK_UNKNOWN 1 607#define X509_EXT_PACK_STRING 2 608 609#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version) 610/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */ 611#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore) 612#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter) 613#define X509_extract_key(x) X509_get_pubkey(x) /*****/ 614#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version) 615#define X509_REQ_get_subject_name(x) ((x)->req_info->subject) 616#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) 617#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) 618#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) 619 620#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version) 621#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) 622#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) 623#define X509_CRL_get_issuer(x) ((x)->crl->issuer) 624#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) 625 626void X509_CRL_set_default_method(const X509_CRL_METHOD *meth); 627X509_CRL_METHOD *X509_CRL_METHOD_new( 628 int (*crl_init)(X509_CRL *crl), 629 int (*crl_free)(X509_CRL *crl), 630 int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, 631 ASN1_INTEGER *ser, X509_NAME *issuer), 632 int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)); 633void X509_CRL_METHOD_free(X509_CRL_METHOD *m); 634 635void X509_CRL_set_meth_data(X509_CRL *crl, void *dat); 636void *X509_CRL_get_meth_data(X509_CRL *crl); 637 638/* This one is only used so that a binary form can output, as in 639 * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ 640#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) 641 642 643const char *X509_verify_cert_error_string(long n); 644 645#ifndef OPENSSL_NO_EVP 646int X509_verify(X509 *a, EVP_PKEY *r); 647 648int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); 649int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); 650int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); 651 652NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len); 653char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); 654EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); 655int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); 656 657int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); 658 659int X509_signature_print(BIO *bp,X509_ALGOR *alg, ASN1_STRING *sig); 660 661int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 662int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); 663int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); 664int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); 665 666int X509_pubkey_digest(const X509 *data,const EVP_MD *type, 667 unsigned char *md, unsigned int *len); 668int X509_digest(const X509 *data,const EVP_MD *type, 669 unsigned char *md, unsigned int *len); 670int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, 671 unsigned char *md, unsigned int *len); 672int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, 673 unsigned char *md, unsigned int *len); 674int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, 675 unsigned char *md, unsigned int *len); 676#endif 677 678#ifndef OPENSSL_NO_FP_API 679X509 *d2i_X509_fp(FILE *fp, X509 **x509); 680int i2d_X509_fp(FILE *fp,X509 *x509); 681X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); 682int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); 683X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); 684int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); 685#ifndef OPENSSL_NO_RSA 686RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); 687int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); 688RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); 689int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); 690RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa); 691int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa); 692#endif 693#ifndef OPENSSL_NO_DSA 694DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); 695int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); 696DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); 697int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); 698#endif 699#ifndef OPENSSL_NO_EC 700EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); 701int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); 702EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); 703int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); 704#endif 705X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); 706int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); 707PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 708 PKCS8_PRIV_KEY_INFO **p8inf); 709int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); 710int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); 711int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); 712EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); 713int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); 714EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); 715#endif 716 717#ifndef OPENSSL_NO_BIO 718X509 *d2i_X509_bio(BIO *bp,X509 **x509); 719int i2d_X509_bio(BIO *bp,X509 *x509); 720X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); 721int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); 722X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); 723int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); 724#ifndef OPENSSL_NO_RSA 725RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); 726int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); 727RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); 728int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); 729RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa); 730int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa); 731#endif 732#ifndef OPENSSL_NO_DSA 733DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); 734int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); 735DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); 736int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); 737#endif 738#ifndef OPENSSL_NO_EC 739EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); 740int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); 741EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); 742int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); 743#endif 744X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); 745int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); 746PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 747 PKCS8_PRIV_KEY_INFO **p8inf); 748int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); 749int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); 750int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); 751EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); 752int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); 753EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); 754#endif 755 756X509 *X509_dup(X509 *x509); 757X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); 758X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); 759X509_CRL *X509_CRL_dup(X509_CRL *crl); 760X509_REQ *X509_REQ_dup(X509_REQ *req); 761X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); 762int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval); 763void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, 764 X509_ALGOR *algor); 765 766X509_NAME *X509_NAME_dup(X509_NAME *xn); 767X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); 768 769int X509_cmp_time(const ASN1_TIME *s, time_t *t); 770int X509_cmp_current_time(const ASN1_TIME *s); 771ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t); 772ASN1_TIME * X509_time_adj_ex(ASN1_TIME *s, 773 int offset_day, long offset_sec, time_t *t); 774ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj); 775 776const char * X509_get_default_cert_area(void ); 777const char * X509_get_default_cert_dir(void ); 778const char * X509_get_default_cert_file(void ); 779const char * X509_get_default_cert_dir_env(void ); 780const char * X509_get_default_cert_file_env(void ); 781const char * X509_get_default_private_dir(void ); 782 783X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 784X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); 785 786DECLARE_ASN1_FUNCTIONS(X509_ALGOR) 787DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS) 788DECLARE_ASN1_FUNCTIONS(X509_VAL) 789 790DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) 791 792int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); 793EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); 794int X509_get_pubkey_parameters(EVP_PKEY *pkey, 795 STACK_OF(X509) *chain); 796int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); 797EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, 798 long length); 799#ifndef OPENSSL_NO_RSA 800int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); 801RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, 802 long length); 803#endif 804#ifndef OPENSSL_NO_DSA 805int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); 806DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, 807 long length); 808#endif 809#ifndef OPENSSL_NO_EC 810int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); 811EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, 812 long length); 813#endif 814 815DECLARE_ASN1_FUNCTIONS(X509_SIG) 816DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO) 817DECLARE_ASN1_FUNCTIONS(X509_REQ) 818 819DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) 820X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); 821 822DECLARE_ASN1_FUNCTIONS(X509_EXTENSION) 823DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) 824 825DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) 826 827DECLARE_ASN1_FUNCTIONS(X509_NAME) 828 829int X509_NAME_set(X509_NAME **xn, X509_NAME *name); 830 831DECLARE_ASN1_FUNCTIONS(X509_CINF) 832 833DECLARE_ASN1_FUNCTIONS(X509) 834DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) 835 836DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR) 837 838int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 839 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 840int X509_set_ex_data(X509 *r, int idx, void *arg); 841void *X509_get_ex_data(X509 *r, int idx); 842int i2d_X509_AUX(X509 *a,unsigned char **pp); 843X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); 844 845int X509_alias_set1(X509 *x, unsigned char *name, int len); 846int X509_keyid_set1(X509 *x, unsigned char *id, int len); 847unsigned char * X509_alias_get0(X509 *x, int *len); 848unsigned char * X509_keyid_get0(X509 *x, int *len); 849int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); 850int X509_TRUST_set(int *t, int trust); 851int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); 852int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); 853void X509_trust_clear(X509 *x); 854void X509_reject_clear(X509 *x); 855 856DECLARE_ASN1_FUNCTIONS(X509_REVOKED) 857DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO) 858DECLARE_ASN1_FUNCTIONS(X509_CRL) 859 860int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); 861int X509_CRL_get0_by_serial(X509_CRL *crl, 862 X509_REVOKED **ret, ASN1_INTEGER *serial); 863int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x); 864 865X509_PKEY * X509_PKEY_new(void ); 866void X509_PKEY_free(X509_PKEY *a); 867int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); 868X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,const unsigned char **pp,long length); 869 870DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) 871DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) 872DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE) 873 874#ifndef OPENSSL_NO_EVP 875X509_INFO * X509_INFO_new(void); 876void X509_INFO_free(X509_INFO *a); 877char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); 878 879int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1, 880 ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); 881 882int ASN1_digest(i2d_of_void *i2d,const EVP_MD *type,char *data, 883 unsigned char *md,unsigned int *len); 884 885int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, 886 X509_ALGOR *algor2, ASN1_BIT_STRING *signature, 887 char *data,EVP_PKEY *pkey, const EVP_MD *type); 888 889int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, 890 unsigned char *md,unsigned int *len); 891 892int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1, 893 ASN1_BIT_STRING *signature,void *data,EVP_PKEY *pkey); 894 895int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, 896 ASN1_BIT_STRING *signature, 897 void *data, EVP_PKEY *pkey, const EVP_MD *type); 898#endif 899 900int X509_set_version(X509 *x,long version); 901int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); 902ASN1_INTEGER * X509_get_serialNumber(X509 *x); 903int X509_set_issuer_name(X509 *x, X509_NAME *name); 904X509_NAME * X509_get_issuer_name(X509 *a); 905int X509_set_subject_name(X509 *x, X509_NAME *name); 906X509_NAME * X509_get_subject_name(X509 *a); 907int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); 908int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); 909int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); 910EVP_PKEY * X509_get_pubkey(X509 *x); 911ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x); 912int X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */); 913 914int X509_REQ_set_version(X509_REQ *x,long version); 915int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name); 916int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); 917EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); 918int X509_REQ_extension_nid(int nid); 919int * X509_REQ_get_extension_nids(void); 920void X509_REQ_set_extension_nids(int *nids); 921STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); 922int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, 923 int nid); 924int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); 925int X509_REQ_get_attr_count(const X509_REQ *req); 926int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, 927 int lastpos); 928int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, 929 int lastpos); 930X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); 931X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); 932int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); 933int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, 934 const ASN1_OBJECT *obj, int type, 935 const unsigned char *bytes, int len); 936int X509_REQ_add1_attr_by_NID(X509_REQ *req, 937 int nid, int type, 938 const unsigned char *bytes, int len); 939int X509_REQ_add1_attr_by_txt(X509_REQ *req, 940 const char *attrname, int type, 941 const unsigned char *bytes, int len); 942 943int X509_CRL_set_version(X509_CRL *x, long version); 944int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); 945int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); 946int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); 947int X509_CRL_sort(X509_CRL *crl); 948 949int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); 950int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); 951 952int X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey); 953 954int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); 955 956int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); 957unsigned long X509_issuer_and_serial_hash(X509 *a); 958 959int X509_issuer_name_cmp(const X509 *a, const X509 *b); 960unsigned long X509_issuer_name_hash(X509 *a); 961 962int X509_subject_name_cmp(const X509 *a, const X509 *b); 963unsigned long X509_subject_name_hash(X509 *x); 964 965#ifndef OPENSSL_NO_MD5 966unsigned long X509_issuer_name_hash_old(X509 *a); 967unsigned long X509_subject_name_hash_old(X509 *x); 968#endif 969 970int X509_cmp(const X509 *a, const X509 *b); 971int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); 972unsigned long X509_NAME_hash(X509_NAME *x); 973unsigned long X509_NAME_hash_old(X509_NAME *x); 974 975int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); 976int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); 977#ifndef OPENSSL_NO_FP_API 978int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag); 979int X509_print_fp(FILE *bp,X509 *x); 980int X509_CRL_print_fp(FILE *bp,X509_CRL *x); 981int X509_REQ_print_fp(FILE *bp,X509_REQ *req); 982int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags); 983#endif 984 985#ifndef OPENSSL_NO_BIO 986int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); 987int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); 988int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); 989int X509_print(BIO *bp,X509 *x); 990int X509_ocspid_print(BIO *bp,X509 *x); 991int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); 992int X509_CRL_print(BIO *bp,X509_CRL *x); 993int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); 994int X509_REQ_print(BIO *bp,X509_REQ *req); 995#endif 996 997int X509_NAME_entry_count(X509_NAME *name); 998int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, 999 char *buf,int len); 1000int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, 1001 char *buf,int len); 1002 1003/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use 1004 * lastpos, search after that position on. */ 1005int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); 1006int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, 1007 int lastpos); 1008X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); 1009X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); 1010int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, 1011 int loc, int set); 1012int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, 1013 unsigned char *bytes, int len, int loc, int set); 1014int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, 1015 unsigned char *bytes, int len, int loc, int set); 1016X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, 1017 const char *field, int type, const unsigned char *bytes, int len); 1018X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, 1019 int type,unsigned char *bytes, int len); 1020int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, 1021 const unsigned char *bytes, int len, int loc, int set); 1022X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, 1023 ASN1_OBJECT *obj, int type,const unsigned char *bytes, 1024 int len); 1025int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, 1026 ASN1_OBJECT *obj); 1027int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, 1028 const unsigned char *bytes, int len); 1029ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); 1030ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); 1031 1032int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); 1033int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, 1034 int nid, int lastpos); 1035int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, 1036 ASN1_OBJECT *obj,int lastpos); 1037int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, 1038 int crit, int lastpos); 1039X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); 1040X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); 1041STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, 1042 X509_EXTENSION *ex, int loc); 1043 1044int X509_get_ext_count(X509 *x); 1045int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); 1046int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); 1047int X509_get_ext_by_critical(X509 *x, int crit, int lastpos); 1048X509_EXTENSION *X509_get_ext(X509 *x, int loc); 1049X509_EXTENSION *X509_delete_ext(X509 *x, int loc); 1050int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); 1051void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); 1052int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, 1053 unsigned long flags); 1054 1055int X509_CRL_get_ext_count(X509_CRL *x); 1056int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); 1057int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos); 1058int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos); 1059X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc); 1060X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); 1061int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); 1062void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx); 1063int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit, 1064 unsigned long flags); 1065 1066int X509_REVOKED_get_ext_count(X509_REVOKED *x); 1067int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos); 1068int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos); 1069int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos); 1070X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc); 1071X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); 1072int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); 1073void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx); 1074int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit, 1075 unsigned long flags); 1076 1077X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, 1078 int nid, int crit, ASN1_OCTET_STRING *data); 1079X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, 1080 ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data); 1081int X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj); 1082int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); 1083int X509_EXTENSION_set_data(X509_EXTENSION *ex, 1084 ASN1_OCTET_STRING *data); 1085ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); 1086ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); 1087int X509_EXTENSION_get_critical(X509_EXTENSION *ex); 1088 1089int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); 1090int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, 1091 int lastpos); 1092int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj, 1093 int lastpos); 1094X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); 1095X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); 1096STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, 1097 X509_ATTRIBUTE *attr); 1098STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, 1099 const ASN1_OBJECT *obj, int type, 1100 const unsigned char *bytes, int len); 1101STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, 1102 int nid, int type, 1103 const unsigned char *bytes, int len); 1104STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, 1105 const char *attrname, int type, 1106 const unsigned char *bytes, int len); 1107void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, 1108 ASN1_OBJECT *obj, int lastpos, int type); 1109X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, 1110 int atrtype, const void *data, int len); 1111X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, 1112 const ASN1_OBJECT *obj, int atrtype, const void *data, int len); 1113X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, 1114 const char *atrname, int type, const unsigned char *bytes, int len); 1115int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); 1116int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len); 1117void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, 1118 int atrtype, void *data); 1119int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); 1120ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); 1121ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); 1122 1123int EVP_PKEY_get_attr_count(const EVP_PKEY *key); 1124int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, 1125 int lastpos); 1126int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, 1127 int lastpos); 1128X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc); 1129X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc); 1130int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr); 1131int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, 1132 const ASN1_OBJECT *obj, int type, 1133 const unsigned char *bytes, int len); 1134int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, 1135 int nid, int type, 1136 const unsigned char *bytes, int len); 1137int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, 1138 const char *attrname, int type, 1139 const unsigned char *bytes, int len); 1140 1141int X509_verify_cert(X509_STORE_CTX *ctx); 1142 1143/* lookup a cert from a X509 STACK */ 1144X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, 1145 ASN1_INTEGER *serial); 1146X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); 1147 1148DECLARE_ASN1_FUNCTIONS(PBEPARAM) 1149DECLARE_ASN1_FUNCTIONS(PBE2PARAM) 1150DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM) 1151 1152int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, 1153 const unsigned char *salt, int saltlen); 1154 1155X509_ALGOR *PKCS5_pbe_set(int alg, int iter, 1156 const unsigned char *salt, int saltlen); 1157X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, 1158 unsigned char *salt, int saltlen); 1159X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, 1160 unsigned char *salt, int saltlen, 1161 unsigned char *aiv, int prf_nid); 1162 1163/* PKCS#8 utilities */ 1164 1165DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) 1166 1167EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); 1168PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); 1169PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken); 1170PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); 1171 1172int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, 1173 int version, int ptype, void *pval, 1174 unsigned char *penc, int penclen); 1175int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, 1176 const unsigned char **pk, int *ppklen, 1177 X509_ALGOR **pa, 1178 PKCS8_PRIV_KEY_INFO *p8); 1179 1180int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, 1181 int ptype, void *pval, 1182 unsigned char *penc, int penclen); 1183int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, 1184 const unsigned char **pk, int *ppklen, 1185 X509_ALGOR **pa, 1186 X509_PUBKEY *pub); 1187 1188int X509_check_trust(X509 *x, int id, int flags); 1189int X509_TRUST_get_count(void); 1190X509_TRUST * X509_TRUST_get0(int idx); 1191int X509_TRUST_get_by_id(int id); 1192int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), 1193 char *name, int arg1, void *arg2); 1194void X509_TRUST_cleanup(void); 1195int X509_TRUST_get_flags(X509_TRUST *xp); 1196char *X509_TRUST_get0_name(X509_TRUST *xp); 1197int X509_TRUST_get_trust(X509_TRUST *xp); 1198 1199/* BEGIN ERROR CODES */ 1200/* The following lines are auto generated by the script mkerr.pl. Any changes 1201 * made after this point may be overwritten when the script is next run. 1202 */ 1203void ERR_load_X509_strings(void); 1204 1205/* Error codes for the X509 functions. */ 1206 1207/* Function codes. */ 1208#define X509_F_ADD_CERT_DIR 100 1209#define X509_F_BY_FILE_CTRL 101 1210#define X509_F_CHECK_POLICY 145 1211#define X509_F_DIR_CTRL 102 1212#define X509_F_GET_CERT_BY_SUBJECT 103 1213#define X509_F_NETSCAPE_SPKI_B64_DECODE 129 1214#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 1215#define X509_F_X509AT_ADD1_ATTR 135 1216#define X509_F_X509V3_ADD_EXT 104 1217#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 1218#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 1219#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 1220#define X509_F_X509_ATTRIBUTE_GET0_DATA 139 1221#define X509_F_X509_ATTRIBUTE_SET1_DATA 138 1222#define X509_F_X509_CHECK_PRIVATE_KEY 128 1223#define X509_F_X509_CRL_PRINT_FP 147 1224#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 1225#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 1226#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 1227#define X509_F_X509_LOAD_CERT_CRL_FILE 132 1228#define X509_F_X509_LOAD_CERT_FILE 111 1229#define X509_F_X509_LOAD_CRL_FILE 112 1230#define X509_F_X509_NAME_ADD_ENTRY 113 1231#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 1232#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131 1233#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 1234#define X509_F_X509_NAME_ONELINE 116 1235#define X509_F_X509_NAME_PRINT 117 1236#define X509_F_X509_PRINT_EX_FP 118 1237#define X509_F_X509_PUBKEY_GET 119 1238#define X509_F_X509_PUBKEY_SET 120 1239#define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144 1240#define X509_F_X509_REQ_PRINT_EX 121 1241#define X509_F_X509_REQ_PRINT_FP 122 1242#define X509_F_X509_REQ_TO_X509 123 1243#define X509_F_X509_STORE_ADD_CERT 124 1244#define X509_F_X509_STORE_ADD_CRL 125 1245#define X509_F_X509_STORE_CTX_GET1_ISSUER 146 1246#define X509_F_X509_STORE_CTX_INIT 143 1247#define X509_F_X509_STORE_CTX_NEW 142 1248#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 1249#define X509_F_X509_TO_X509_REQ 126 1250#define X509_F_X509_TRUST_ADD 133 1251#define X509_F_X509_TRUST_SET 141 1252#define X509_F_X509_VERIFY_CERT 127 1253 1254/* Reason codes. */ 1255#define X509_R_BAD_X509_FILETYPE 100 1256#define X509_R_BASE64_DECODE_ERROR 118 1257#define X509_R_CANT_CHECK_DH_KEY 114 1258#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 1259#define X509_R_ERR_ASN1_LIB 102 1260#define X509_R_INVALID_DIRECTORY 113 1261#define X509_R_INVALID_FIELD_NAME 119 1262#define X509_R_INVALID_TRUST 123 1263#define X509_R_KEY_TYPE_MISMATCH 115 1264#define X509_R_KEY_VALUES_MISMATCH 116 1265#define X509_R_LOADING_CERT_DIR 103 1266#define X509_R_LOADING_DEFAULTS 104 1267#define X509_R_METHOD_NOT_SUPPORTED 124 1268#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 1269#define X509_R_PUBLIC_KEY_DECODE_ERROR 125 1270#define X509_R_PUBLIC_KEY_ENCODE_ERROR 126 1271#define X509_R_SHOULD_RETRY 106 1272#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 1273#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 1274#define X509_R_UNKNOWN_KEY_TYPE 117 1275#define X509_R_UNKNOWN_NID 109 1276#define X509_R_UNKNOWN_PURPOSE_ID 121 1277#define X509_R_UNKNOWN_TRUST_ID 120 1278#define X509_R_UNSUPPORTED_ALGORITHM 111 1279#define X509_R_WRONG_LOOKUP_TYPE 112 1280#define X509_R_WRONG_TYPE 122 1281 1282#ifdef __cplusplus 1283} 1284#endif 1285#endif 1286