summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509v3.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509/x509v3.h')
-rw-r--r--src/lib/libcrypto/x509/x509v3.h1041
1 files changed, 0 insertions, 1041 deletions
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h
deleted file mode 100644
index fa31279280..0000000000
--- a/src/lib/libcrypto/x509/x509v3.h
+++ /dev/null
@@ -1,1041 +0,0 @@
1/* $OpenBSD: x509v3.h,v 1.40 2024/12/23 09:57:23 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58#ifndef HEADER_X509V3_H
59#define HEADER_X509V3_H
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/bio.h>
64#include <openssl/x509.h>
65#include <openssl/conf.h>
66
67#ifdef __cplusplus
68extern "C" {
69#endif
70
71/* Forward reference */
72struct v3_ext_method;
73struct v3_ext_ctx;
74
75/* Useful typedefs */
76
77typedef void * (*X509V3_EXT_NEW)(void);
78typedef void (*X509V3_EXT_FREE)(void *);
79typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long);
80typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
81typedef STACK_OF(CONF_VALUE) *
82 (*X509V3_EXT_I2V)(const struct v3_ext_method *method, void *ext,
83 STACK_OF(CONF_VALUE) *extlist);
84typedef void * (*X509V3_EXT_V2I)(const struct v3_ext_method *method,
85 struct v3_ext_ctx *ctx,
86 STACK_OF(CONF_VALUE) *values);
87typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext);
88typedef void * (*X509V3_EXT_S2I)(const struct v3_ext_method *method,
89 struct v3_ext_ctx *ctx, const char *str);
90typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext,
91 BIO *out, int indent);
92typedef void * (*X509V3_EXT_R2I)(const struct v3_ext_method *method,
93 struct v3_ext_ctx *ctx, const char *str);
94
95/* V3 extension structure */
96
97struct v3_ext_method {
98 int ext_nid;
99 int ext_flags;
100 /* If this is set the following four fields are ignored */
101 ASN1_ITEM_EXP *it;
102 /* Old style ASN1 calls */
103 X509V3_EXT_NEW ext_new;
104 X509V3_EXT_FREE ext_free;
105 X509V3_EXT_D2I d2i;
106 X509V3_EXT_I2D i2d;
107
108 /* The following pair is used for string extensions */
109 X509V3_EXT_I2S i2s;
110 X509V3_EXT_S2I s2i;
111
112 /* The following pair is used for multi-valued extensions */
113 X509V3_EXT_I2V i2v;
114 X509V3_EXT_V2I v2i;
115
116 /* The following are used for raw extensions */
117 X509V3_EXT_I2R i2r;
118 X509V3_EXT_R2I r2i;
119
120 const void *usr_data; /* Any extension specific data */
121};
122
123struct v3_ext_ctx {
124 #define CTX_TEST 0x1
125 int flags;
126 X509 *issuer_cert;
127 X509 *subject_cert;
128 X509_REQ *subject_req;
129 X509_CRL *crl;
130 void *db;
131};
132
133typedef struct v3_ext_method X509V3_EXT_METHOD;
134
135DECLARE_STACK_OF(X509V3_EXT_METHOD)
136
137/* XXX - can this be made internal? */
138#define X509V3_EXT_MULTILINE 0x4
139
140/* XXX - remove it anyway? */
141/* Guess who uses this... Yes, of course, it's xca. */
142typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
143
144typedef struct BASIC_CONSTRAINTS_st {
145 int ca;
146 ASN1_INTEGER *pathlen;
147} BASIC_CONSTRAINTS;
148
149
150typedef struct PKEY_USAGE_PERIOD_st {
151 ASN1_GENERALIZEDTIME *notBefore;
152 ASN1_GENERALIZEDTIME *notAfter;
153} PKEY_USAGE_PERIOD;
154
155typedef struct otherName_st {
156 ASN1_OBJECT *type_id;
157 ASN1_TYPE *value;
158} OTHERNAME;
159
160typedef struct EDIPartyName_st {
161 ASN1_STRING *nameAssigner;
162 ASN1_STRING *partyName;
163} EDIPARTYNAME;
164
165typedef struct GENERAL_NAME_st {
166
167 #define GEN_OTHERNAME 0
168 #define GEN_EMAIL 1
169 #define GEN_DNS 2
170 #define GEN_X400 3
171 #define GEN_DIRNAME 4
172 #define GEN_EDIPARTY 5
173 #define GEN_URI 6
174 #define GEN_IPADD 7
175 #define GEN_RID 8
176
177 int type;
178 union {
179 char *ptr;
180 OTHERNAME *otherName; /* otherName */
181 ASN1_IA5STRING *rfc822Name;
182 ASN1_IA5STRING *dNSName;
183 ASN1_STRING *x400Address;
184 X509_NAME *directoryName;
185 EDIPARTYNAME *ediPartyName;
186 ASN1_IA5STRING *uniformResourceIdentifier;
187 ASN1_OCTET_STRING *iPAddress;
188 ASN1_OBJECT *registeredID;
189
190 /* Old names */
191 ASN1_OCTET_STRING *ip; /* iPAddress */
192 X509_NAME *dirn; /* dirn */
193 ASN1_IA5STRING *ia5; /* rfc822Name, dNSName, uniformResourceIdentifier */
194 ASN1_OBJECT *rid; /* registeredID */
195 } d;
196} GENERAL_NAME;
197
198typedef struct ACCESS_DESCRIPTION_st {
199 ASN1_OBJECT *method;
200 GENERAL_NAME *location;
201} ACCESS_DESCRIPTION;
202
203typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
204
205typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
206
207DECLARE_STACK_OF(GENERAL_NAME)
208
209typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
210DECLARE_STACK_OF(GENERAL_NAMES)
211
212DECLARE_STACK_OF(ACCESS_DESCRIPTION)
213
214typedef struct DIST_POINT_NAME_st {
215 int type;
216 union {
217 GENERAL_NAMES *fullname;
218 STACK_OF(X509_NAME_ENTRY) *relativename;
219 } name;
220 /* If relativename then this contains the full distribution point name */
221 X509_NAME *dpname;
222} DIST_POINT_NAME;
223/* All existing reasons */
224#define CRLDP_ALL_REASONS 0x807f
225
226#define CRL_REASON_NONE -1
227#define CRL_REASON_UNSPECIFIED 0
228#define CRL_REASON_KEY_COMPROMISE 1
229#define CRL_REASON_CA_COMPROMISE 2
230#define CRL_REASON_AFFILIATION_CHANGED 3
231#define CRL_REASON_SUPERSEDED 4
232#define CRL_REASON_CESSATION_OF_OPERATION 5
233#define CRL_REASON_CERTIFICATE_HOLD 6
234#define CRL_REASON_REMOVE_FROM_CRL 8
235#define CRL_REASON_PRIVILEGE_WITHDRAWN 9
236#define CRL_REASON_AA_COMPROMISE 10
237
238struct DIST_POINT_st {
239 DIST_POINT_NAME *distpoint;
240 ASN1_BIT_STRING *reasons;
241 GENERAL_NAMES *CRLissuer;
242 int dp_reasons;
243};
244
245typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
246
247DECLARE_STACK_OF(DIST_POINT)
248
249struct AUTHORITY_KEYID_st {
250 ASN1_OCTET_STRING *keyid;
251 GENERAL_NAMES *issuer;
252 ASN1_INTEGER *serial;
253};
254
255typedef struct NOTICEREF_st {
256 ASN1_STRING *organization;
257 STACK_OF(ASN1_INTEGER) *noticenos;
258} NOTICEREF;
259
260typedef struct USERNOTICE_st {
261 NOTICEREF *noticeref;
262 ASN1_STRING *exptext;
263} USERNOTICE;
264
265typedef struct POLICYQUALINFO_st {
266 ASN1_OBJECT *pqualid;
267 union {
268 ASN1_IA5STRING *cpsuri;
269 USERNOTICE *usernotice;
270 ASN1_TYPE *other;
271 } d;
272} POLICYQUALINFO;
273
274DECLARE_STACK_OF(POLICYQUALINFO)
275
276typedef struct POLICYINFO_st {
277 ASN1_OBJECT *policyid;
278 STACK_OF(POLICYQUALINFO) *qualifiers;
279} POLICYINFO;
280
281typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
282
283DECLARE_STACK_OF(POLICYINFO)
284
285typedef struct POLICY_MAPPING_st {
286 ASN1_OBJECT *issuerDomainPolicy;
287 ASN1_OBJECT *subjectDomainPolicy;
288} POLICY_MAPPING;
289
290DECLARE_STACK_OF(POLICY_MAPPING)
291
292typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
293
294typedef struct GENERAL_SUBTREE_st {
295 GENERAL_NAME *base;
296 ASN1_INTEGER *minimum;
297 ASN1_INTEGER *maximum;
298} GENERAL_SUBTREE;
299
300DECLARE_STACK_OF(GENERAL_SUBTREE)
301
302struct NAME_CONSTRAINTS_st {
303 STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
304 STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
305};
306
307typedef struct POLICY_CONSTRAINTS_st {
308 ASN1_INTEGER *requireExplicitPolicy;
309 ASN1_INTEGER *inhibitPolicyMapping;
310} POLICY_CONSTRAINTS;
311
312struct ISSUING_DIST_POINT_st {
313 DIST_POINT_NAME *distpoint;
314 int onlyuser;
315 int onlyCA;
316 ASN1_BIT_STRING *onlysomereasons;
317 int indirectCRL;
318 int onlyattr;
319};
320
321/* Values in idp_flags field */
322/* IDP present */
323#define IDP_PRESENT 0x1
324/* IDP values inconsistent */
325#define IDP_INVALID 0x2
326/* onlyuser true */
327#define IDP_ONLYUSER 0x4
328/* onlyCA true */
329#define IDP_ONLYCA 0x8
330/* onlyattr true */
331#define IDP_ONLYATTR 0x10
332/* indirectCRL true */
333#define IDP_INDIRECT 0x20
334/* onlysomereasons present */
335#define IDP_REASONS 0x40
336
337#define X509V3_conf_err(val) ERR_asprintf_error_data( \
338 "section:%s,name:%s,value:%s", val->section, \
339 val->name, val->value);
340
341#define X509V3_set_ctx_test(ctx) \
342 X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
343#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
344
345/* X509_PURPOSE stuff */
346
347#define EXFLAG_BCONS 0x0001
348#define EXFLAG_KUSAGE 0x0002
349#define EXFLAG_XKUSAGE 0x0004
350#define EXFLAG_NSCERT 0x0008
351
352#define EXFLAG_CA 0x0010
353#define EXFLAG_SI 0x0020 /* Self issued. */
354#define EXFLAG_V1 0x0040
355#define EXFLAG_INVALID 0x0080
356#define EXFLAG_SET 0x0100
357#define EXFLAG_CRITICAL 0x0200
358#if !defined(LIBRESSL_INTERNAL)
359#define EXFLAG_PROXY 0x0400
360#endif
361#define EXFLAG_INVALID_POLICY 0x0800
362#define EXFLAG_FRESHEST 0x1000
363#define EXFLAG_SS 0x2000 /* Self signed. */
364
365#define KU_DIGITAL_SIGNATURE 0x0080
366#define KU_NON_REPUDIATION 0x0040
367#define KU_KEY_ENCIPHERMENT 0x0020
368#define KU_DATA_ENCIPHERMENT 0x0010
369#define KU_KEY_AGREEMENT 0x0008
370#define KU_KEY_CERT_SIGN 0x0004
371#define KU_CRL_SIGN 0x0002
372#define KU_ENCIPHER_ONLY 0x0001
373#define KU_DECIPHER_ONLY 0x8000
374
375#define NS_SSL_CLIENT 0x80
376#define NS_SSL_SERVER 0x40
377#define NS_SMIME 0x20
378#define NS_OBJSIGN 0x10
379#define NS_SSL_CA 0x04
380#define NS_SMIME_CA 0x02
381#define NS_OBJSIGN_CA 0x01
382#define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA)
383
384#define XKU_SSL_SERVER 0x1
385#define XKU_SSL_CLIENT 0x2
386#define XKU_SMIME 0x4
387#define XKU_CODE_SIGN 0x8
388#define XKU_SGC 0x10
389#define XKU_OCSP_SIGN 0x20
390#define XKU_TIMESTAMP 0x40
391#define XKU_DVCS 0x80
392#define XKU_ANYEKU 0x100
393
394#define X509_PURPOSE_DYNAMIC 0x1
395#define X509_PURPOSE_DYNAMIC_NAME 0x2
396
397typedef struct x509_purpose_st X509_PURPOSE;
398
399#define X509_PURPOSE_SSL_CLIENT 1
400#define X509_PURPOSE_SSL_SERVER 2
401#define X509_PURPOSE_NS_SSL_SERVER 3
402#define X509_PURPOSE_SMIME_SIGN 4
403#define X509_PURPOSE_SMIME_ENCRYPT 5
404#define X509_PURPOSE_CRL_SIGN 6
405#define X509_PURPOSE_ANY 7
406#define X509_PURPOSE_OCSP_HELPER 8
407#define X509_PURPOSE_TIMESTAMP_SIGN 9
408
409#define X509_PURPOSE_MIN 1
410#define X509_PURPOSE_MAX 9
411
412/* Flags for X509V3_EXT_print() */
413
414#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
415/* Return error for unknown extensions */
416#define X509V3_EXT_DEFAULT 0
417/* Print error for unknown extensions */
418#define X509V3_EXT_ERROR_UNKNOWN (1L << 16)
419/* ASN1 parse unknown extensions */
420#define X509V3_EXT_PARSE_UNKNOWN (2L << 16)
421/* BIO_dump unknown extensions */
422#define X509V3_EXT_DUMP_UNKNOWN (3L << 16)
423
424/* Flags for X509V3_add1_i2d */
425
426#define X509V3_ADD_OP_MASK 0xfL
427#define X509V3_ADD_DEFAULT 0L
428#define X509V3_ADD_APPEND 1L
429#define X509V3_ADD_REPLACE 2L
430#define X509V3_ADD_REPLACE_EXISTING 3L
431#define X509V3_ADD_KEEP_EXISTING 4L
432#define X509V3_ADD_DELETE 5L
433#define X509V3_ADD_SILENT 0x10
434
435DECLARE_STACK_OF(X509_PURPOSE)
436
437BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void);
438void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a);
439BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, const unsigned char **in, long len);
440int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **out);
441extern const ASN1_ITEM BASIC_CONSTRAINTS_it;
442
443AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);
444void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a);
445AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, const unsigned char **in, long len);
446int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **out);
447extern const ASN1_ITEM AUTHORITY_KEYID_it;
448
449PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void);
450void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a);
451PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, const unsigned char **in, long len);
452int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **out);
453extern const ASN1_ITEM PKEY_USAGE_PERIOD_it;
454
455GENERAL_NAME *GENERAL_NAME_new(void);
456void GENERAL_NAME_free(GENERAL_NAME *a);
457GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, const unsigned char **in, long len);
458int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **out);
459extern const ASN1_ITEM GENERAL_NAME_it;
460GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
461int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
462
463
464
465ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
466 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
467STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
468 ASN1_BIT_STRING *bits,
469 STACK_OF(CONF_VALUE) *extlist);
470
471STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
472int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
473
474GENERAL_NAMES *GENERAL_NAMES_new(void);
475void GENERAL_NAMES_free(GENERAL_NAMES *a);
476GENERAL_NAMES *d2i_GENERAL_NAMES(GENERAL_NAMES **a, const unsigned char **in, long len);
477int i2d_GENERAL_NAMES(GENERAL_NAMES *a, unsigned char **out);
478extern const ASN1_ITEM GENERAL_NAMES_it;
479
480STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
481 GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
482GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
483 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
484
485OTHERNAME *OTHERNAME_new(void);
486void OTHERNAME_free(OTHERNAME *a);
487OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, const unsigned char **in, long len);
488int i2d_OTHERNAME(OTHERNAME *a, unsigned char **out);
489extern const ASN1_ITEM OTHERNAME_it;
490EDIPARTYNAME *EDIPARTYNAME_new(void);
491void EDIPARTYNAME_free(EDIPARTYNAME *a);
492EDIPARTYNAME *d2i_EDIPARTYNAME(EDIPARTYNAME **a, const unsigned char **in, long len);
493int i2d_EDIPARTYNAME(EDIPARTYNAME *a, unsigned char **out);
494extern const ASN1_ITEM EDIPARTYNAME_it;
495int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
496void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
497void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
498int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
499 ASN1_OBJECT *oid, ASN1_TYPE *value);
500int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
501 ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
502
503char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
504 const ASN1_OCTET_STRING *ia5);
505ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
506 X509V3_CTX *ctx, const char *str);
507
508EXTENDED_KEY_USAGE *EXTENDED_KEY_USAGE_new(void);
509void EXTENDED_KEY_USAGE_free(EXTENDED_KEY_USAGE *a);
510EXTENDED_KEY_USAGE *d2i_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE **a, const unsigned char **in, long len);
511int i2d_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE *a, unsigned char **out);
512extern const ASN1_ITEM EXTENDED_KEY_USAGE_it;
513int i2a_ACCESS_DESCRIPTION(BIO *bp, const ACCESS_DESCRIPTION* a);
514
515CERTIFICATEPOLICIES *CERTIFICATEPOLICIES_new(void);
516void CERTIFICATEPOLICIES_free(CERTIFICATEPOLICIES *a);
517CERTIFICATEPOLICIES *d2i_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES **a, const unsigned char **in, long len);
518int i2d_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES *a, unsigned char **out);
519extern const ASN1_ITEM CERTIFICATEPOLICIES_it;
520POLICYINFO *POLICYINFO_new(void);
521void POLICYINFO_free(POLICYINFO *a);
522POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, const unsigned char **in, long len);
523int i2d_POLICYINFO(POLICYINFO *a, unsigned char **out);
524extern const ASN1_ITEM POLICYINFO_it;
525POLICYQUALINFO *POLICYQUALINFO_new(void);
526void POLICYQUALINFO_free(POLICYQUALINFO *a);
527POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, const unsigned char **in, long len);
528int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **out);
529extern const ASN1_ITEM POLICYQUALINFO_it;
530USERNOTICE *USERNOTICE_new(void);
531void USERNOTICE_free(USERNOTICE *a);
532USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, const unsigned char **in, long len);
533int i2d_USERNOTICE(USERNOTICE *a, unsigned char **out);
534extern const ASN1_ITEM USERNOTICE_it;
535NOTICEREF *NOTICEREF_new(void);
536void NOTICEREF_free(NOTICEREF *a);
537NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, const unsigned char **in, long len);
538int i2d_NOTICEREF(NOTICEREF *a, unsigned char **out);
539extern const ASN1_ITEM NOTICEREF_it;
540
541CRL_DIST_POINTS *CRL_DIST_POINTS_new(void);
542void CRL_DIST_POINTS_free(CRL_DIST_POINTS *a);
543CRL_DIST_POINTS *d2i_CRL_DIST_POINTS(CRL_DIST_POINTS **a, const unsigned char **in, long len);
544int i2d_CRL_DIST_POINTS(CRL_DIST_POINTS *a, unsigned char **out);
545extern const ASN1_ITEM CRL_DIST_POINTS_it;
546DIST_POINT *DIST_POINT_new(void);
547void DIST_POINT_free(DIST_POINT *a);
548DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, const unsigned char **in, long len);
549int i2d_DIST_POINT(DIST_POINT *a, unsigned char **out);
550extern const ASN1_ITEM DIST_POINT_it;
551DIST_POINT_NAME *DIST_POINT_NAME_new(void);
552void DIST_POINT_NAME_free(DIST_POINT_NAME *a);
553DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, const unsigned char **in, long len);
554int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **out);
555extern const ASN1_ITEM DIST_POINT_NAME_it;
556ISSUING_DIST_POINT *ISSUING_DIST_POINT_new(void);
557void ISSUING_DIST_POINT_free(ISSUING_DIST_POINT *a);
558ISSUING_DIST_POINT *d2i_ISSUING_DIST_POINT(ISSUING_DIST_POINT **a, const unsigned char **in, long len);
559int i2d_ISSUING_DIST_POINT(ISSUING_DIST_POINT *a, unsigned char **out);
560extern const ASN1_ITEM ISSUING_DIST_POINT_it;
561
562int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
563
564int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
565
566ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void);
567void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a);
568ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, const unsigned char **in, long len);
569int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **out);
570extern const ASN1_ITEM ACCESS_DESCRIPTION_it;
571AUTHORITY_INFO_ACCESS *AUTHORITY_INFO_ACCESS_new(void);
572void AUTHORITY_INFO_ACCESS_free(AUTHORITY_INFO_ACCESS *a);
573AUTHORITY_INFO_ACCESS *d2i_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS **a, const unsigned char **in, long len);
574int i2d_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS *a, unsigned char **out);
575extern const ASN1_ITEM AUTHORITY_INFO_ACCESS_it;
576
577extern const ASN1_ITEM POLICY_MAPPING_it;
578POLICY_MAPPING *POLICY_MAPPING_new(void);
579void POLICY_MAPPING_free(POLICY_MAPPING *a);
580extern const ASN1_ITEM POLICY_MAPPINGS_it;
581
582extern const ASN1_ITEM GENERAL_SUBTREE_it;
583GENERAL_SUBTREE *GENERAL_SUBTREE_new(void);
584void GENERAL_SUBTREE_free(GENERAL_SUBTREE *a);
585
586extern const ASN1_ITEM NAME_CONSTRAINTS_it;
587NAME_CONSTRAINTS *NAME_CONSTRAINTS_new(void);
588void NAME_CONSTRAINTS_free(NAME_CONSTRAINTS *a);
589
590POLICY_CONSTRAINTS *POLICY_CONSTRAINTS_new(void);
591void POLICY_CONSTRAINTS_free(POLICY_CONSTRAINTS *a);
592extern const ASN1_ITEM POLICY_CONSTRAINTS_it;
593
594GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
595 const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
596 int gen_type, const char *value, int is_nc);
597
598#ifdef HEADER_CONF_H
599GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
600 CONF_VALUE *cnf);
601GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
602 const X509V3_EXT_METHOD *method,
603 X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
604void X509V3_conf_free(CONF_VALUE *val);
605
606X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
607 const char *value);
608X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name,
609 const char *value);
610int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, const char *section,
611 STACK_OF(X509_EXTENSION) **sk);
612int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
613 X509 *cert);
614int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
615 X509_REQ *req);
616int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
617 X509_CRL *crl);
618
619X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
620 int ext_nid, const char *value);
621X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
622 const char *name, const char *value);
623
624void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
625#endif
626
627void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
628 X509_REQ *req, X509_CRL *crl, int flags);
629
630char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const ASN1_INTEGER *aint);
631ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const char *value);
632char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, const ASN1_ENUMERATED *aint);
633char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
634 const ASN1_ENUMERATED *aint);
635
636const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
637const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
638int X509V3_add_standard_extensions(void);
639STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
640void *X509V3_EXT_d2i(X509_EXTENSION *ext);
641void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
642 int *idx);
643
644X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
645int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags);
646
647char *hex_to_string(const unsigned char *buffer, long len);
648unsigned char *string_to_hex(const char *str, long *len);
649
650void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
651 int ml);
652int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent);
653int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
654
655int X509V3_extensions_print(BIO *out, const char *title,
656 const STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent);
657
658int X509_check_ca(X509 *x);
659int X509_check_purpose(X509 *x, int id, int ca);
660int X509_supported_extension(X509_EXTENSION *ex);
661int X509_check_issued(X509 *issuer, X509 *subject);
662int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
663
664int X509_PURPOSE_get_count(void);
665const X509_PURPOSE *X509_PURPOSE_get0(int idx);
666int X509_PURPOSE_get_by_sname(const char *sname);
667const char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp);
668const char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp);
669int X509_PURPOSE_get_id(const X509_PURPOSE *);
670uint32_t X509_get_extension_flags(X509 *x);
671uint32_t X509_get_key_usage(X509 *x);
672uint32_t X509_get_extended_key_usage(X509 *x);
673
674STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
675STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
676void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
677STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
678
679/* Flags for X509_check_* functions */
680/* Always check subject name for host match even if subject alt names present */
681#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT 0x1
682/* Disable wildcard matching for dnsName fields and common name. */
683#define X509_CHECK_FLAG_NO_WILDCARDS 0x2
684/* Wildcards must not match a partial label. */
685#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4
686/* Allow (non-partial) wildcards to match multiple labels. */
687#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8
688/* Constraint verifier subdomain patterns to match a single labels. */
689#define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10
690/* Disable checking the CN for a hostname, to support modern validation */
691#define X509_CHECK_FLAG_NEVER_CHECK_SUBJECT 0x20
692
693int X509_check_host(X509 *x, const char *chk, size_t chklen,
694 unsigned int flags, char **peername);
695int X509_check_email(X509 *x, const char *chk, size_t chklen,
696 unsigned int flags);
697int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
698 unsigned int flags);
699int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags);
700
701ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
702ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
703int a2i_ipadd(unsigned char *ipout, const char *ipasc);
704int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
705 unsigned long chtype);
706
707#ifndef OPENSSL_NO_RFC3779
708typedef struct ASRange_st {
709 ASN1_INTEGER *min;
710 ASN1_INTEGER *max;
711} ASRange;
712
713#define ASIdOrRange_id 0
714#define ASIdOrRange_range 1
715
716typedef struct ASIdOrRange_st {
717 int type;
718 union {
719 ASN1_INTEGER *id;
720 ASRange *range;
721 } u;
722} ASIdOrRange;
723
724typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
725DECLARE_STACK_OF(ASIdOrRange)
726
727#define ASIdentifierChoice_inherit 0
728#define ASIdentifierChoice_asIdsOrRanges 1
729
730typedef struct ASIdentifierChoice_st {
731 int type;
732 union {
733 ASN1_NULL *inherit;
734 ASIdOrRanges *asIdsOrRanges;
735 } u;
736} ASIdentifierChoice;
737
738typedef struct ASIdentifiers_st {
739 ASIdentifierChoice *asnum;
740 ASIdentifierChoice *rdi;
741} ASIdentifiers;
742
743ASRange *ASRange_new(void);
744void ASRange_free(ASRange *a);
745ASRange *d2i_ASRange(ASRange **a, const unsigned char **in, long len);
746int i2d_ASRange(ASRange *a, unsigned char **out);
747extern const ASN1_ITEM ASRange_it;
748
749ASIdOrRange *ASIdOrRange_new(void);
750void ASIdOrRange_free(ASIdOrRange *a);
751ASIdOrRange *d2i_ASIdOrRange(ASIdOrRange **a, const unsigned char **in,
752 long len);
753int i2d_ASIdOrRange(ASIdOrRange *a, unsigned char **out);
754extern const ASN1_ITEM ASIdOrRange_it;
755
756ASIdentifierChoice *ASIdentifierChoice_new(void);
757void ASIdentifierChoice_free(ASIdentifierChoice *a);
758ASIdentifierChoice *d2i_ASIdentifierChoice(ASIdentifierChoice **a,
759 const unsigned char **in, long len);
760int i2d_ASIdentifierChoice(ASIdentifierChoice *a, unsigned char **out);
761extern const ASN1_ITEM ASIdentifierChoice_it;
762
763ASIdentifiers *ASIdentifiers_new(void);
764void ASIdentifiers_free(ASIdentifiers *a);
765ASIdentifiers *d2i_ASIdentifiers(ASIdentifiers **a, const unsigned char **in,
766 long len);
767int i2d_ASIdentifiers(ASIdentifiers *a, unsigned char **out);
768extern const ASN1_ITEM ASIdentifiers_it;
769
770typedef struct IPAddressRange_st {
771 ASN1_BIT_STRING *min;
772 ASN1_BIT_STRING *max;
773} IPAddressRange;
774
775#define IPAddressOrRange_addressPrefix 0
776#define IPAddressOrRange_addressRange 1
777
778typedef struct IPAddressOrRange_st {
779 int type;
780 union {
781 ASN1_BIT_STRING *addressPrefix;
782 IPAddressRange *addressRange;
783 } u;
784} IPAddressOrRange;
785
786typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
787DECLARE_STACK_OF(IPAddressOrRange)
788
789#define IPAddressChoice_inherit 0
790#define IPAddressChoice_addressesOrRanges 1
791
792typedef struct IPAddressChoice_st {
793 int type;
794 union {
795 ASN1_NULL *inherit;
796 IPAddressOrRanges *addressesOrRanges;
797 } u;
798} IPAddressChoice;
799
800typedef struct IPAddressFamily_st {
801 ASN1_OCTET_STRING *addressFamily;
802 IPAddressChoice *ipAddressChoice;
803} IPAddressFamily;
804
805typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
806DECLARE_STACK_OF(IPAddressFamily)
807
808IPAddressRange *IPAddressRange_new(void);
809void IPAddressRange_free(IPAddressRange *a);
810IPAddressRange *d2i_IPAddressRange(IPAddressRange **a,
811 const unsigned char **in, long len);
812int i2d_IPAddressRange(IPAddressRange *a, unsigned char **out);
813extern const ASN1_ITEM IPAddressRange_it;
814
815IPAddressOrRange *IPAddressOrRange_new(void);
816void IPAddressOrRange_free(IPAddressOrRange *a);
817IPAddressOrRange *d2i_IPAddressOrRange(IPAddressOrRange **a,
818 const unsigned char **in, long len);
819int i2d_IPAddressOrRange(IPAddressOrRange *a, unsigned char **out);
820extern const ASN1_ITEM IPAddressOrRange_it;
821
822IPAddressChoice *IPAddressChoice_new(void);
823void IPAddressChoice_free(IPAddressChoice *a);
824IPAddressChoice *d2i_IPAddressChoice(IPAddressChoice **a,
825 const unsigned char **in, long len);
826int i2d_IPAddressChoice(IPAddressChoice *a, unsigned char **out);
827extern const ASN1_ITEM IPAddressChoice_it;
828
829IPAddressFamily *IPAddressFamily_new(void);
830void IPAddressFamily_free(IPAddressFamily *a);
831IPAddressFamily *d2i_IPAddressFamily(IPAddressFamily **a,
832 const unsigned char **in, long len);
833int i2d_IPAddressFamily(IPAddressFamily *a, unsigned char **out);
834extern const ASN1_ITEM IPAddressFamily_it;
835
836/*
837 * API tag for elements of the ASIdentifer SEQUENCE.
838 */
839#define V3_ASID_ASNUM 0
840#define V3_ASID_RDI 1
841
842/*
843 * AFI values, assigned by IANA. It'd be nice to make the AFI
844 * handling code totally generic, but there are too many little things
845 * that would need to be defined for other address families for it to
846 * be worth the trouble.
847 */
848#define IANA_AFI_IPV4 1
849#define IANA_AFI_IPV6 2
850
851/*
852 * Utilities to construct and extract values from RFC3779 extensions,
853 * since some of the encodings (particularly for IP address prefixes
854 * and ranges) are a bit tedious to work with directly.
855 */
856int X509v3_asid_add_inherit(ASIdentifiers *asid, int which);
857int X509v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
858 ASN1_INTEGER *min, ASN1_INTEGER *max);
859int X509v3_addr_add_inherit(IPAddrBlocks *addr, const unsigned afi,
860 const unsigned *safi);
861int X509v3_addr_add_prefix(IPAddrBlocks *addr, const unsigned afi,
862 const unsigned *safi, unsigned char *a, const int prefixlen);
863int X509v3_addr_add_range(IPAddrBlocks *addr, const unsigned afi,
864 const unsigned *safi, unsigned char *min, unsigned char *max);
865unsigned X509v3_addr_get_afi(const IPAddressFamily *f);
866int X509v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
867 unsigned char *min, unsigned char *max, const int length);
868
869/*
870 * Canonical forms.
871 */
872int X509v3_asid_is_canonical(ASIdentifiers *asid);
873int X509v3_addr_is_canonical(IPAddrBlocks *addr);
874int X509v3_asid_canonize(ASIdentifiers *asid);
875int X509v3_addr_canonize(IPAddrBlocks *addr);
876
877/*
878 * Tests for inheritance and containment.
879 */
880int X509v3_asid_inherits(ASIdentifiers *asid);
881int X509v3_addr_inherits(IPAddrBlocks *addr);
882int X509v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b);
883int X509v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
884
885/*
886 * Check whether RFC 3779 extensions nest properly in chains.
887 */
888int X509v3_asid_validate_path(X509_STORE_CTX *);
889int X509v3_addr_validate_path(X509_STORE_CTX *);
890int X509v3_asid_validate_resource_set(STACK_OF(X509) *chain, ASIdentifiers *ext,
891 int allow_inheritance);
892int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain, IPAddrBlocks *ext,
893 int allow_inheritance);
894
895#endif /* !OPENSSL_NO_RFC3779 */
896
897void ERR_load_X509V3_strings(void);
898
899/* Error codes for the X509V3 functions. */
900
901/* Function codes. */
902#define X509V3_F_A2I_GENERAL_NAME 164
903#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161
904#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162
905#define X509V3_F_COPY_EMAIL 122
906#define X509V3_F_COPY_ISSUER 123
907#define X509V3_F_DO_DIRNAME 144
908#define X509V3_F_DO_EXT_CONF 124
909#define X509V3_F_DO_EXT_I2D 135
910#define X509V3_F_DO_EXT_NCONF 151
911#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
912#define X509V3_F_GNAMES_FROM_SECTNAME 156
913#define X509V3_F_HEX_TO_STRING 111
914#define X509V3_F_I2S_ASN1_ENUMERATED 121
915#define X509V3_F_I2S_ASN1_IA5STRING 149
916#define X509V3_F_I2S_ASN1_INTEGER 120
917#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
918#define X509V3_F_NOTICE_SECTION 132
919#define X509V3_F_NREF_NOS 133
920#define X509V3_F_POLICY_SECTION 131
921#define X509V3_F_PROCESS_PCI_VALUE 150
922#define X509V3_F_R2I_CERTPOL 130
923#define X509V3_F_R2I_PCI 155
924#define X509V3_F_S2I_ASN1_IA5STRING 100
925#define X509V3_F_S2I_ASN1_INTEGER 108
926#define X509V3_F_S2I_ASN1_OCTET_STRING 112
927#define X509V3_F_S2I_ASN1_SKEY_ID 114
928#define X509V3_F_S2I_SKEY_ID 115
929#define X509V3_F_SET_DIST_POINT_NAME 158
930#define X509V3_F_STRING_TO_HEX 113
931#define X509V3_F_SXNET_ADD_ID_ASC 125
932#define X509V3_F_SXNET_ADD_ID_INTEGER 126
933#define X509V3_F_SXNET_ADD_ID_ULONG 127
934#define X509V3_F_SXNET_GET_ID_ASC 128
935#define X509V3_F_SXNET_GET_ID_ULONG 129
936#define X509V3_F_V2I_ASIDENTIFIERS 163
937#define X509V3_F_V2I_ASN1_BIT_STRING 101
938#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139
939#define X509V3_F_V2I_AUTHORITY_KEYID 119
940#define X509V3_F_V2I_BASIC_CONSTRAINTS 102
941#define X509V3_F_V2I_CRLD 134
942#define X509V3_F_V2I_EXTENDED_KEY_USAGE 103
943#define X509V3_F_V2I_GENERAL_NAMES 118
944#define X509V3_F_V2I_GENERAL_NAME_EX 117
945#define X509V3_F_V2I_IDP 157
946#define X509V3_F_V2I_IPADDRBLOCKS 159
947#define X509V3_F_V2I_ISSUER_ALT 153
948#define X509V3_F_V2I_NAME_CONSTRAINTS 147
949#define X509V3_F_V2I_POLICY_CONSTRAINTS 146
950#define X509V3_F_V2I_POLICY_MAPPINGS 145
951#define X509V3_F_V2I_SUBJECT_ALT 154
952#define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL 160
953#define X509V3_F_V3_GENERIC_EXTENSION 116
954#define X509V3_F_X509V3_ADD1_I2D 140
955#define X509V3_F_X509V3_ADD_VALUE 105
956#define X509V3_F_X509V3_EXT_ADD 104
957#define X509V3_F_X509V3_EXT_ADD_ALIAS 106
958#define X509V3_F_X509V3_EXT_CONF 107
959#define X509V3_F_X509V3_EXT_I2D 136
960#define X509V3_F_X509V3_EXT_NCONF 152
961#define X509V3_F_X509V3_GET_SECTION 142
962#define X509V3_F_X509V3_GET_STRING 143
963#define X509V3_F_X509V3_GET_VALUE_BOOL 110
964#define X509V3_F_X509V3_PARSE_LIST 109
965#define X509V3_F_X509_PURPOSE_ADD 137
966#define X509V3_F_X509_PURPOSE_SET 141
967
968/* Reason codes. */
969#define X509V3_R_BAD_IP_ADDRESS 118
970#define X509V3_R_BAD_OBJECT 119
971#define X509V3_R_BN_DEC2BN_ERROR 100
972#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
973#define X509V3_R_DIRNAME_ERROR 149
974#define X509V3_R_DISTPOINT_ALREADY_SET 160
975#define X509V3_R_DUPLICATE_ZONE_ID 133
976#define X509V3_R_ERROR_CONVERTING_ZONE 131
977#define X509V3_R_ERROR_CREATING_EXTENSION 144
978#define X509V3_R_ERROR_IN_EXTENSION 128
979#define X509V3_R_EXPECTED_A_SECTION_NAME 137
980#define X509V3_R_EXTENSION_EXISTS 145
981#define X509V3_R_EXTENSION_NAME_ERROR 115
982#define X509V3_R_EXTENSION_NOT_FOUND 102
983#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103
984#define X509V3_R_EXTENSION_VALUE_ERROR 116
985#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
986#define X509V3_R_ILLEGAL_HEX_DIGIT 113
987#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
988#define X509V3_R_INVALID_MULTIPLE_RDNS 161
989#define X509V3_R_INVALID_ASNUMBER 162
990#define X509V3_R_INVALID_ASRANGE 163
991#define X509V3_R_INVALID_BOOLEAN_STRING 104
992#define X509V3_R_INVALID_EXTENSION_STRING 105
993#define X509V3_R_INVALID_INHERITANCE 165
994#define X509V3_R_INVALID_IPADDRESS 166
995#define X509V3_R_INVALID_NAME 106
996#define X509V3_R_INVALID_NULL_ARGUMENT 107
997#define X509V3_R_INVALID_NULL_NAME 108
998#define X509V3_R_INVALID_NULL_VALUE 109
999#define X509V3_R_INVALID_NUMBER 140
1000#define X509V3_R_INVALID_NUMBERS 141
1001#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
1002#define X509V3_R_INVALID_OPTION 138
1003#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
1004#define X509V3_R_INVALID_PROXY_POLICY_SETTING 153
1005#define X509V3_R_INVALID_PURPOSE 146
1006#define X509V3_R_INVALID_SAFI 164
1007#define X509V3_R_INVALID_SECTION 135
1008#define X509V3_R_INVALID_SYNTAX 143
1009#define X509V3_R_ISSUER_DECODE_ERROR 126
1010#define X509V3_R_MISSING_VALUE 124
1011#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142
1012#define X509V3_R_NO_CONFIG_DATABASE 136
1013#define X509V3_R_NO_ISSUER_CERTIFICATE 121
1014#define X509V3_R_NO_ISSUER_DETAILS 127
1015#define X509V3_R_NO_POLICY_IDENTIFIER 139
1016#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154
1017#define X509V3_R_NO_PUBLIC_KEY 114
1018#define X509V3_R_NO_SUBJECT_DETAILS 125
1019#define X509V3_R_ODD_NUMBER_OF_DIGITS 112
1020#define X509V3_R_OPERATION_NOT_DEFINED 148
1021#define X509V3_R_OTHERNAME_ERROR 147
1022#define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155
1023#define X509V3_R_POLICY_PATH_LENGTH 156
1024#define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157
1025#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
1026#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
1027#define X509V3_R_SECTION_NOT_FOUND 150
1028#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
1029#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
1030#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111
1031#define X509V3_R_UNKNOWN_EXTENSION 129
1032#define X509V3_R_UNKNOWN_EXTENSION_NAME 130
1033#define X509V3_R_UNKNOWN_OPTION 120
1034#define X509V3_R_UNSUPPORTED_OPTION 117
1035#define X509V3_R_UNSUPPORTED_TYPE 167
1036#define X509V3_R_USER_TOO_LONG 132
1037
1038#ifdef __cplusplus
1039}
1040#endif
1041#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-06 16:50:25 +0000