1 use libc::*; 2 3 use *; 4 5 #[cfg(any(libressl, all(ossl102, not(ossl110))))] 6 pub enum X509_VERIFY_PARAM_ID {} 7 8 pub const X509_V_OK: c_int = 0; 9 #[cfg(ossl102f)] 10 pub const X509_V_ERR_UNSPECIFIED: c_int = 1; 11 pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: c_int = 2; 12 pub const X509_V_ERR_UNABLE_TO_GET_CRL: c_int = 3; 13 pub const X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: c_int = 4; 14 pub const X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: c_int = 5; 15 pub const X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: c_int = 6; 16 pub const X509_V_ERR_CERT_SIGNATURE_FAILURE: c_int = 7; 17 pub const X509_V_ERR_CRL_SIGNATURE_FAILURE: c_int = 8; 18 pub const X509_V_ERR_CERT_NOT_YET_VALID: c_int = 9; 19 pub const X509_V_ERR_CERT_HAS_EXPIRED: c_int = 10; 20 pub const X509_V_ERR_CRL_NOT_YET_VALID: c_int = 11; 21 pub const X509_V_ERR_CRL_HAS_EXPIRED: c_int = 12; 22 pub const X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: c_int = 13; 23 pub const X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: c_int = 14; 24 pub const X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: c_int = 15; 25 pub const X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: c_int = 16; 26 pub const X509_V_ERR_OUT_OF_MEM: c_int = 17; 27 pub const X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: c_int = 18; 28 pub const X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: c_int = 19; 29 pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: c_int = 20; 30 pub const X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: c_int = 21; 31 pub const X509_V_ERR_CERT_CHAIN_TOO_LONG: c_int = 22; 32 pub const X509_V_ERR_CERT_REVOKED: c_int = 23; 33 pub const X509_V_ERR_INVALID_CA: c_int = 24; 34 pub const X509_V_ERR_PATH_LENGTH_EXCEEDED: c_int = 25; 35 pub const X509_V_ERR_INVALID_PURPOSE: c_int = 26; 36 pub const X509_V_ERR_CERT_UNTRUSTED: c_int = 27; 37 pub const X509_V_ERR_CERT_REJECTED: c_int = 28; 38 pub const X509_V_ERR_SUBJECT_ISSUER_MISMATCH: c_int = 29; 39 pub const X509_V_ERR_AKID_SKID_MISMATCH: c_int = 30; 40 pub const X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: c_int = 31; 41 pub const X509_V_ERR_KEYUSAGE_NO_CERTSIGN: c_int = 32; 42 pub const X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: c_int = 33; 43 pub const X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: c_int = 34; 44 pub const X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: c_int = 35; 45 pub const X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: c_int = 36; 46 pub const X509_V_ERR_INVALID_NON_CA: c_int = 37; 47 pub const X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: c_int = 38; 48 pub const X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: c_int = 39; 49 pub const X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: c_int = 40; 50 pub const X509_V_ERR_INVALID_EXTENSION: c_int = 41; 51 pub const X509_V_ERR_INVALID_POLICY_EXTENSION: c_int = 42; 52 pub const X509_V_ERR_NO_EXPLICIT_POLICY: c_int = 43; 53 pub const X509_V_ERR_DIFFERENT_CRL_SCOPE: c_int = 44; 54 pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45; 55 pub const X509_V_ERR_UNNESTED_RESOURCE: c_int = 46; 56 pub const X509_V_ERR_PERMITTED_VIOLATION: c_int = 47; 57 pub const X509_V_ERR_EXCLUDED_VIOLATION: c_int = 48; 58 pub const X509_V_ERR_SUBTREE_MINMAX: c_int = 49; 59 pub const X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50; 60 pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: c_int = 51; 61 pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: c_int = 52; 62 pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53; 63 pub const X509_V_ERR_CRL_PATH_VALIDATION_ERROR: c_int = 54; 64 #[cfg(ossl102)] 65 pub const X509_V_ERR_SUITE_B_INVALID_VERSION: c_int = 56; 66 #[cfg(ossl102)] 67 pub const X509_V_ERR_SUITE_B_INVALID_ALGORITHM: c_int = 57; 68 #[cfg(ossl102)] 69 pub const X509_V_ERR_SUITE_B_INVALID_CURVE: c_int = 58; 70 #[cfg(ossl102)] 71 pub const X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: c_int = 59; 72 #[cfg(ossl102)] 73 pub const X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: c_int = 60; 74 #[cfg(ossl102)] 75 pub const X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: c_int = 61; 76 #[cfg(ossl102)] 77 pub const X509_V_ERR_HOSTNAME_MISMATCH: c_int = 62; 78 #[cfg(ossl102)] 79 pub const X509_V_ERR_EMAIL_MISMATCH: c_int = 63; 80 #[cfg(ossl102)] 81 pub const X509_V_ERR_IP_ADDRESS_MISMATCH: c_int = 64; 82 cfg_if! { 83 if #[cfg(ossl110)] { 84 pub const X509_V_ERR_DANE_NO_MATCH: c_int = 65; 85 pub const X509_V_ERR_EE_KEY_TOO_SMALL: c_int = 66; 86 pub const X509_V_ERR_CA_KEY_TOO_SMALL: c_int = 67; 87 pub const X509_V_ERR_CA_MD_TOO_WEAK: c_int = 68; 88 pub const X509_V_ERR_INVALID_CALL: c_int = 69; 89 pub const X509_V_ERR_STORE_LOOKUP: c_int = 70; 90 pub const X509_V_ERR_NO_VALID_SCTS: c_int = 71; 91 } else if #[cfg(ossl102h)] { 92 pub const X509_V_ERR_INVALID_CALL: c_int = 65; 93 pub const X509_V_ERR_STORE_LOOKUP: c_int = 66; 94 pub const X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION: c_int = 67; 95 } 96 } 97 98 extern "C" { X509_STORE_new() -> *mut X509_STORE99 pub fn X509_STORE_new() -> *mut X509_STORE; X509_STORE_free(store: *mut X509_STORE)100 pub fn X509_STORE_free(store: *mut X509_STORE); 101 X509_STORE_CTX_new() -> *mut X509_STORE_CTX102 pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX; 103 X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX)104 pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX); X509_STORE_CTX_init( ctx: *mut X509_STORE_CTX, store: *mut X509_STORE, x509: *mut X509, chain: *mut stack_st_X509, ) -> c_int105 pub fn X509_STORE_CTX_init( 106 ctx: *mut X509_STORE_CTX, 107 store: *mut X509_STORE, 108 x509: *mut X509, 109 chain: *mut stack_st_X509, 110 ) -> c_int; X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX)111 pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX); 112 X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int113 pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; 114 X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int115 pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int; 116 X509_STORE_CTX_get_ex_data(ctx: *mut X509_STORE_CTX, idx: c_int) -> *mut c_void117 pub fn X509_STORE_CTX_get_ex_data(ctx: *mut X509_STORE_CTX, idx: c_int) -> *mut c_void; X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int118 pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int; X509_STORE_CTX_set_error(ctx: *mut X509_STORE_CTX, error: c_int)119 pub fn X509_STORE_CTX_set_error(ctx: *mut X509_STORE_CTX, error: c_int); X509_STORE_CTX_get_error_depth(ctx: *mut X509_STORE_CTX) -> c_int120 pub fn X509_STORE_CTX_get_error_depth(ctx: *mut X509_STORE_CTX) -> c_int; X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509121 pub fn X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509; 122 } 123 cfg_if! { 124 if #[cfg(ossl110)] { 125 extern "C" { 126 pub fn X509_STORE_CTX_get0_chain(ctx: *mut X509_STORE_CTX) -> *mut stack_st_X509; 127 } 128 } else { 129 extern "C" { 130 pub fn X509_STORE_CTX_get_chain(ctx: *mut X509_STORE_CTX) -> *mut stack_st_X509; 131 } 132 } 133 } 134 135 extern "C" { 136 #[cfg(any(ossl102, libressl261))] X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM)137 pub fn X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM); 138 139 #[cfg(any(ossl102, libressl261))] X509_VERIFY_PARAM_set1_host( param: *mut X509_VERIFY_PARAM, name: *const c_char, namelen: size_t, ) -> c_int140 pub fn X509_VERIFY_PARAM_set1_host( 141 param: *mut X509_VERIFY_PARAM, 142 name: *const c_char, 143 namelen: size_t, 144 ) -> c_int; 145 #[cfg(any(ossl102, libressl261))] X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint)146 pub fn X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint); 147 #[cfg(any(ossl102, libressl261))] X509_VERIFY_PARAM_set1_ip( param: *mut X509_VERIFY_PARAM, ip: *const c_uchar, iplen: size_t, ) -> c_int148 pub fn X509_VERIFY_PARAM_set1_ip( 149 param: *mut X509_VERIFY_PARAM, 150 ip: *const c_uchar, 151 iplen: size_t, 152 ) -> c_int; 153 } 154