1 use libc::*;
2
3 use *;
4
5 #[cfg(any(libressl, all(ossl102, not(ossl110))))]
6 pub enum X509_VERIFY_PARAM_ID {}
7
8 pub const X509_V_OK: c_int = 0;
9 #[cfg(ossl102f)]
10 pub const X509_V_ERR_UNSPECIFIED: c_int = 1;
11 pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: c_int = 2;
12 pub const X509_V_ERR_UNABLE_TO_GET_CRL: c_int = 3;
13 pub const X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: c_int = 4;
14 pub const X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: c_int = 5;
15 pub const X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: c_int = 6;
16 pub const X509_V_ERR_CERT_SIGNATURE_FAILURE: c_int = 7;
17 pub const X509_V_ERR_CRL_SIGNATURE_FAILURE: c_int = 8;
18 pub const X509_V_ERR_CERT_NOT_YET_VALID: c_int = 9;
19 pub const X509_V_ERR_CERT_HAS_EXPIRED: c_int = 10;
20 pub const X509_V_ERR_CRL_NOT_YET_VALID: c_int = 11;
21 pub const X509_V_ERR_CRL_HAS_EXPIRED: c_int = 12;
22 pub const X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: c_int = 13;
23 pub const X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: c_int = 14;
24 pub const X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: c_int = 15;
25 pub const X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: c_int = 16;
26 pub const X509_V_ERR_OUT_OF_MEM: c_int = 17;
27 pub const X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: c_int = 18;
28 pub const X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: c_int = 19;
29 pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: c_int = 20;
30 pub const X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: c_int = 21;
31 pub const X509_V_ERR_CERT_CHAIN_TOO_LONG: c_int = 22;
32 pub const X509_V_ERR_CERT_REVOKED: c_int = 23;
33 cfg_if! {
34 if #[cfg(ossl300)] {
35 pub const X509_V_ERR_NO_ISSUER_PUBLIC_KEY: c_int = 24;
36 } else {
37 pub const X509_V_ERR_INVALID_CA: c_int = 24;
38 }
39 }
40 pub const X509_V_ERR_PATH_LENGTH_EXCEEDED: c_int = 25;
41 pub const X509_V_ERR_INVALID_PURPOSE: c_int = 26;
42 pub const X509_V_ERR_CERT_UNTRUSTED: c_int = 27;
43 pub const X509_V_ERR_CERT_REJECTED: c_int = 28;
44 pub const X509_V_ERR_SUBJECT_ISSUER_MISMATCH: c_int = 29;
45 pub const X509_V_ERR_AKID_SKID_MISMATCH: c_int = 30;
46 pub const X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: c_int = 31;
47 pub const X509_V_ERR_KEYUSAGE_NO_CERTSIGN: c_int = 32;
48 pub const X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: c_int = 33;
49 pub const X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: c_int = 34;
50 pub const X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: c_int = 35;
51 pub const X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: c_int = 36;
52 pub const X509_V_ERR_INVALID_NON_CA: c_int = 37;
53 pub const X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: c_int = 38;
54 pub const X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: c_int = 39;
55 pub const X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: c_int = 40;
56 pub const X509_V_ERR_INVALID_EXTENSION: c_int = 41;
57 pub const X509_V_ERR_INVALID_POLICY_EXTENSION: c_int = 42;
58 pub const X509_V_ERR_NO_EXPLICIT_POLICY: c_int = 43;
59 pub const X509_V_ERR_DIFFERENT_CRL_SCOPE: c_int = 44;
60 pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45;
61 pub const X509_V_ERR_UNNESTED_RESOURCE: c_int = 46;
62 pub const X509_V_ERR_PERMITTED_VIOLATION: c_int = 47;
63 pub const X509_V_ERR_EXCLUDED_VIOLATION: c_int = 48;
64 pub const X509_V_ERR_SUBTREE_MINMAX: c_int = 49;
65 pub const X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50;
66 pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: c_int = 51;
67 pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: c_int = 52;
68 pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53;
69 pub const X509_V_ERR_CRL_PATH_VALIDATION_ERROR: c_int = 54;
70 #[cfg(ossl102)]
71 pub const X509_V_ERR_SUITE_B_INVALID_VERSION: c_int = 56;
72 #[cfg(ossl102)]
73 pub const X509_V_ERR_SUITE_B_INVALID_ALGORITHM: c_int = 57;
74 #[cfg(ossl102)]
75 pub const X509_V_ERR_SUITE_B_INVALID_CURVE: c_int = 58;
76 #[cfg(ossl102)]
77 pub const X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: c_int = 59;
78 #[cfg(ossl102)]
79 pub const X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: c_int = 60;
80 #[cfg(ossl102)]
81 pub const X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: c_int = 61;
82 #[cfg(ossl102)]
83 pub const X509_V_ERR_HOSTNAME_MISMATCH: c_int = 62;
84 #[cfg(ossl102)]
85 pub const X509_V_ERR_EMAIL_MISMATCH: c_int = 63;
86 #[cfg(ossl102)]
87 pub const X509_V_ERR_IP_ADDRESS_MISMATCH: c_int = 64;
88 cfg_if! {
89 if #[cfg(ossl110)] {
90 pub const X509_V_ERR_DANE_NO_MATCH: c_int = 65;
91 pub const X509_V_ERR_EE_KEY_TOO_SMALL: c_int = 66;
92 pub const X509_V_ERR_CA_KEY_TOO_SMALL: c_int = 67;
93 pub const X509_V_ERR_CA_MD_TOO_WEAK: c_int = 68;
94 pub const X509_V_ERR_INVALID_CALL: c_int = 69;
95 pub const X509_V_ERR_STORE_LOOKUP: c_int = 70;
96 pub const X509_V_ERR_NO_VALID_SCTS: c_int = 71;
97 } else if #[cfg(ossl102h)] {
98 pub const X509_V_ERR_INVALID_CALL: c_int = 65;
99 pub const X509_V_ERR_STORE_LOOKUP: c_int = 66;
100 pub const X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION: c_int = 67;
101 }
102 }
103
104 #[cfg(not(ossl110))]
105 pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x1;
106 #[cfg(ossl110)]
107 pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x0;
108 pub const X509_V_FLAG_USE_CHECK_TIME: c_ulong = 0x2;
109 pub const X509_V_FLAG_CRL_CHECK: c_ulong = 0x4;
110 pub const X509_V_FLAG_CRL_CHECK_ALL: c_ulong = 0x8;
111 pub const X509_V_FLAG_IGNORE_CRITICAL: c_ulong = 0x10;
112 pub const X509_V_FLAG_X509_STRICT: c_ulong = 0x20;
113 pub const X509_V_FLAG_ALLOW_PROXY_CERTS: c_ulong = 0x40;
114 pub const X509_V_FLAG_POLICY_CHECK: c_ulong = 0x80;
115 pub const X509_V_FLAG_EXPLICIT_POLICY: c_ulong = 0x100;
116 pub const X509_V_FLAG_INHIBIT_ANY: c_ulong = 0x200;
117 pub const X509_V_FLAG_INHIBIT_MAP: c_ulong = 0x400;
118 pub const X509_V_FLAG_NOTIFY_POLICY: c_ulong = 0x800;
119 pub const X509_V_FLAG_EXTENDED_CRL_SUPPORT: c_ulong = 0x1000;
120 pub const X509_V_FLAG_USE_DELTAS: c_ulong = 0x2000;
121 pub const X509_V_FLAG_CHECK_SS_SIGNATURE: c_ulong = 0x4000;
122 #[cfg(ossl102)]
123 pub const X509_V_FLAG_TRUSTED_FIRST: c_ulong = 0x8000;
124 #[cfg(ossl102)]
125 pub const X509_V_FLAG_SUITEB_128_LOS_ONLY: c_ulong = 0x10000;
126 #[cfg(ossl102)]
127 pub const X509_V_FLAG_SUITEB_192_LOS: c_ulong = 0x20000;
128 #[cfg(ossl102)]
129 pub const X509_V_FLAG_SUITEB_128_LOS: c_ulong = 0x30000;
130 #[cfg(ossl102)]
131 pub const X509_V_FLAG_PARTIAL_CHAIN: c_ulong = 0x80000;
132 #[cfg(ossl110)]
133 pub const X509_V_FLAG_NO_ALT_CHAINS: c_ulong = 0x100000;
134 #[cfg(ossl110)]
135 pub const X509_V_FLAG_NO_CHECK_TIME: c_ulong = 0x200000;
136
137 extern "C" {
138 #[cfg(ossl110)]
X509_LOOKUP_meth_free(method: *mut X509_LOOKUP_METHOD)139 pub fn X509_LOOKUP_meth_free(method: *mut X509_LOOKUP_METHOD);
140 }
141
142 extern "C" {
X509_LOOKUP_free(ctx: *mut X509_LOOKUP)143 pub fn X509_LOOKUP_free(ctx: *mut X509_LOOKUP);
X509_LOOKUP_hash_dir() -> *mut X509_LOOKUP_METHOD144 pub fn X509_LOOKUP_hash_dir() -> *mut X509_LOOKUP_METHOD;
X509_LOOKUP_ctrl( ctx: *mut X509_LOOKUP, cmd: c_int, argc: *const c_char, argl: c_long, ret: *mut *mut c_char, ) -> c_int145 pub fn X509_LOOKUP_ctrl(
146 ctx: *mut X509_LOOKUP,
147 cmd: c_int,
148 argc: *const c_char,
149 argl: c_long,
150 ret: *mut *mut c_char,
151 ) -> c_int;
152 }
153
X509_LOOKUP_add_dir( ctx: *mut X509_LOOKUP, name: *const c_char, _type: c_int, ) -> c_int154 pub unsafe fn X509_LOOKUP_add_dir(
155 ctx: *mut X509_LOOKUP,
156 name: *const c_char,
157 _type: c_int,
158 ) -> c_int {
159 const X509_L_ADD_DIR: c_int = 2;
160 X509_LOOKUP_ctrl(
161 ctx,
162 X509_L_ADD_DIR,
163 name,
164 _type as c_long,
165 std::ptr::null_mut(),
166 )
167 }
168
169 extern "C" {
X509_STORE_new() -> *mut X509_STORE170 pub fn X509_STORE_new() -> *mut X509_STORE;
X509_STORE_free(store: *mut X509_STORE)171 pub fn X509_STORE_free(store: *mut X509_STORE);
172
X509_STORE_CTX_new() -> *mut X509_STORE_CTX173 pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX;
174
X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX)175 pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX);
X509_STORE_CTX_init( ctx: *mut X509_STORE_CTX, store: *mut X509_STORE, x509: *mut X509, chain: *mut stack_st_X509, ) -> c_int176 pub fn X509_STORE_CTX_init(
177 ctx: *mut X509_STORE_CTX,
178 store: *mut X509_STORE,
179 x509: *mut X509,
180 chain: *mut stack_st_X509,
181 ) -> c_int;
X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX)182 pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX);
183
X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int184 pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int;
185
X509_STORE_add_lookup( store: *mut X509_STORE, meth: *mut X509_LOOKUP_METHOD, ) -> *mut X509_LOOKUP186 pub fn X509_STORE_add_lookup(
187 store: *mut X509_STORE,
188 meth: *mut X509_LOOKUP_METHOD,
189 ) -> *mut X509_LOOKUP;
190
X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int191 pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int;
X509_STORE_set_flags(store: *mut X509_STORE, flags: c_ulong) -> c_int192 pub fn X509_STORE_set_flags(store: *mut X509_STORE, flags: c_ulong) -> c_int;
193 }
194
195 const_ptr_api! {
196 extern "C" {
197 pub fn X509_STORE_CTX_get_ex_data(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX, idx: c_int) -> *mut c_void;
198 pub fn X509_STORE_CTX_get_error(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> c_int;
199 pub fn X509_STORE_CTX_get_error_depth(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> c_int;
200 pub fn X509_STORE_CTX_get_current_cert(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> *mut X509;
201 }
202 }
203 extern "C" {
X509_STORE_CTX_set_error(ctx: *mut X509_STORE_CTX, error: c_int)204 pub fn X509_STORE_CTX_set_error(ctx: *mut X509_STORE_CTX, error: c_int);
205 }
206 cfg_if! {
207 if #[cfg(ossl110)] {
208 const_ptr_api! {
209 extern "C" {
210 pub fn X509_STORE_CTX_get0_chain(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> *mut stack_st_X509;
211 }
212 }
213 } else {
214 extern "C" {
215 pub fn X509_STORE_CTX_get_chain(ctx: *mut X509_STORE_CTX) -> *mut stack_st_X509;
216 }
217 }
218 }
219
220 extern "C" {
221 #[cfg(any(ossl102, libressl261))]
X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM)222 pub fn X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM);
223
224 #[cfg(any(ossl102, libressl261))]
X509_VERIFY_PARAM_set_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int225 pub fn X509_VERIFY_PARAM_set_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int;
226 #[cfg(any(ossl102, libressl261))]
X509_VERIFY_PARAM_clear_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int227 pub fn X509_VERIFY_PARAM_clear_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int;
228 }
229 const_ptr_api! {
230 extern "C" {
231 #[cfg(any(ossl102, libressl261))]
232 pub fn X509_VERIFY_PARAM_get_flags(param: #[const_ptr_if(ossl300)] X509_VERIFY_PARAM) -> c_ulong;
233 }
234 }
235
236 extern "C" {
237 #[cfg(any(ossl102, libressl261))]
X509_VERIFY_PARAM_set1_host( param: *mut X509_VERIFY_PARAM, name: *const c_char, namelen: size_t, ) -> c_int238 pub fn X509_VERIFY_PARAM_set1_host(
239 param: *mut X509_VERIFY_PARAM,
240 name: *const c_char,
241 namelen: size_t,
242 ) -> c_int;
243 #[cfg(any(ossl102, libressl261))]
X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint)244 pub fn X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint);
245 #[cfg(any(ossl102, libressl261))]
X509_VERIFY_PARAM_set1_ip( param: *mut X509_VERIFY_PARAM, ip: *const c_uchar, iplen: size_t, ) -> c_int246 pub fn X509_VERIFY_PARAM_set1_ip(
247 param: *mut X509_VERIFY_PARAM,
248 ip: *const c_uchar,
249 iplen: size_t,
250 ) -> c_int;
251 }
252