1 use libc::*; 2 3 use *; 4 5 pub enum CONF_METHOD {} 6 7 pub const GEN_OTHERNAME: c_int = 0; 8 pub const GEN_EMAIL: c_int = 1; 9 pub const GEN_DNS: c_int = 2; 10 pub const GEN_X400: c_int = 3; 11 pub const GEN_DIRNAME: c_int = 4; 12 pub const GEN_EDIPARTY: c_int = 5; 13 pub const GEN_URI: c_int = 6; 14 pub const GEN_IPADD: c_int = 7; 15 pub const GEN_RID: c_int = 8; 16 17 #[repr(C)] 18 pub struct GENERAL_NAME { 19 pub type_: c_int, 20 // FIXME should be a union 21 pub d: *mut c_void, 22 } 23 24 stack!(stack_st_GENERAL_NAME); 25 26 extern "C" { GENERAL_NAME_free(name: *mut GENERAL_NAME)27 pub fn GENERAL_NAME_free(name: *mut GENERAL_NAME); 28 } 29 30 #[repr(C)] 31 pub struct ACCESS_DESCRIPTION { 32 pub method: *mut ASN1_OBJECT, 33 pub location: *mut GENERAL_NAME, 34 } 35 36 stack!(stack_st_ACCESS_DESCRIPTION); 37 38 extern "C" { ACCESS_DESCRIPTION_free(ad: *mut ACCESS_DESCRIPTION)39 pub fn ACCESS_DESCRIPTION_free(ad: *mut ACCESS_DESCRIPTION); 40 } 41 42 #[repr(C)] 43 pub struct AUTHORITY_KEYID { 44 pub keyid: *mut ASN1_OCTET_STRING, 45 pub issuer: *mut stack_st_GENERAL_NAME, 46 pub serial: *mut ASN1_INTEGER, 47 } 48 49 extern "C" { AUTHORITY_KEYID_free(akid: *mut AUTHORITY_KEYID)50 pub fn AUTHORITY_KEYID_free(akid: *mut AUTHORITY_KEYID); 51 } 52 53 #[cfg(any(ossl102, libressl261))] 54 pub const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT: c_uint = 0x1; 55 #[cfg(any(ossl102, libressl261))] 56 pub const X509_CHECK_FLAG_NO_WILDCARDS: c_uint = 0x2; 57 #[cfg(any(ossl102, libressl261))] 58 pub const X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS: c_uint = 0x4; 59 #[cfg(any(ossl102, libressl261))] 60 pub const X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS: c_uint = 0x8; 61 #[cfg(any(ossl102, libressl261))] 62 pub const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS: c_uint = 0x10; 63 #[cfg(ossl110)] 64 pub const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT: c_uint = 0x20; 65 66 const_ptr_api! { 67 extern "C" { 68 pub fn X509V3_EXT_nconf_nid( 69 conf: *mut CONF, 70 ctx: *mut X509V3_CTX, 71 ext_nid: c_int, 72 value: #[const_ptr_if(any(ossl110, libressl280))] c_char, 73 ) -> *mut X509_EXTENSION; 74 pub fn X509V3_EXT_nconf( 75 conf: *mut CONF, 76 ctx: *mut X509V3_CTX, 77 name: #[const_ptr_if(any(ossl110, libressl280))] c_char, 78 value: #[const_ptr_if(any(ossl110, libressl280))] c_char, 79 ) -> *mut X509_EXTENSION; 80 } 81 } 82 83 extern "C" { X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int84 pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int; X509_verify(req: *mut X509, pkey: *mut EVP_PKEY) -> c_int85 pub fn X509_verify(req: *mut X509, pkey: *mut EVP_PKEY) -> c_int; 86 X509V3_set_nconf(ctx: *mut X509V3_CTX, conf: *mut CONF)87 pub fn X509V3_set_nconf(ctx: *mut X509V3_CTX, conf: *mut CONF); 88 X509V3_set_ctx( ctx: *mut X509V3_CTX, issuer: *mut X509, subject: *mut X509, req: *mut X509_REQ, crl: *mut X509_CRL, flags: c_int, )89 pub fn X509V3_set_ctx( 90 ctx: *mut X509V3_CTX, 91 issuer: *mut X509, 92 subject: *mut X509, 93 req: *mut X509_REQ, 94 crl: *mut X509_CRL, 95 flags: c_int, 96 ); 97 X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING98 pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; 99 } 100 101 const_ptr_api! { 102 extern "C" { 103 pub fn X509V3_get_d2i( 104 x: #[const_ptr_if(any(ossl110, libressl280))] stack_st_X509_EXTENSION, 105 nid: c_int, 106 crit: *mut c_int, 107 idx: *mut c_int, 108 ) -> *mut c_void; 109 pub fn X509V3_extensions_print(out: *mut BIO, title: #[const_ptr_if(any(ossl110, libressl280))] c_char, exts: #[const_ptr_if(any(ossl110, libressl280))] stack_st_X509_EXTENSION, flag: c_ulong, indent: c_int) -> c_int; 110 } 111 } 112 113 // X509V3_add1_i2d (and *_add1_ext_i2d) 114 pub const X509V3_ADD_DEFAULT: c_ulong = 0; 115 pub const X509V3_ADD_APPEND: c_ulong = 1; 116 pub const X509V3_ADD_REPLACE: c_ulong = 2; 117 pub const X509V3_ADD_REPLACE_EXISTING: c_ulong = 3; 118 pub const X509V3_ADD_KEEP_EXISTING: c_ulong = 4; 119 pub const X509V3_ADD_DELETE: c_ulong = 5; 120 pub const X509V3_ADD_SILENT: c_ulong = 0x10; 121 122 // X509_get_extension_flags 123 pub const EXFLAG_BCONS: u32 = 0x1; 124 pub const EXFLAG_KUSAGE: u32 = 0x2; 125 pub const EXFLAG_XKUSAGE: u32 = 0x4; 126 pub const EXFLAG_NSCERT: u32 = 0x8; 127 pub const EXFLAG_CA: u32 = 0x10; 128 pub const EXFLAG_SI: u32 = 0x20; 129 pub const EXFLAG_V1: u32 = 0x40; 130 pub const EXFLAG_INVALID: u32 = 0x80; 131 pub const EXFLAG_SET: u32 = 0x100; 132 pub const EXFLAG_CRITICAL: u32 = 0x200; 133 pub const EXFLAG_PROXY: u32 = 0x400; 134 pub const EXFLAG_INVALID_POLICY: u32 = 0x800; 135 pub const EXFLAG_FRESHEST: u32 = 0x1000; 136 // before ossl102 / libressl260 EXFLAG_SS was 0x20 (the same as EXFLAG_SI); probably not useful semantic 137 #[cfg(any(ossl102, libressl261))] 138 pub const EXFLAG_SS: u32 = 0x2000; 139 /* 140 cfg_if! { 141 // probably gonna be in openssl-3.0.0-alpha7 142 if #[cfg(any(ossl300))] { 143 pub const EXFLAG_BCONS_CRITICAL: u32 = 0x10000; 144 pub const EXFLAG_AKID_CRITICAL: u32 = 0x20000; 145 pub const EXFLAG_SKID_CRITICAL: u32 = 0x40000; 146 pub const EXFLAG_SAN_CRITICAL: u32 = 0x80000; 147 } 148 } 149 */ 150 151 // X509_get_key_usage 152 pub const X509v3_KU_DIGITAL_SIGNATURE: u32 = 0x0080; 153 pub const X509v3_KU_NON_REPUDIATION: u32 = 0x0040; 154 pub const X509v3_KU_KEY_ENCIPHERMENT: u32 = 0x0020; 155 pub const X509v3_KU_DATA_ENCIPHERMENT: u32 = 0x0010; 156 pub const X509v3_KU_KEY_AGREEMENT: u32 = 0x0008; 157 pub const X509v3_KU_KEY_CERT_SIGN: u32 = 0x0004; 158 pub const X509v3_KU_CRL_SIGN: u32 = 0x0002; 159 pub const X509v3_KU_ENCIPHER_ONLY: u32 = 0x0001; 160 pub const X509v3_KU_DECIPHER_ONLY: u32 = 0x8000; 161 pub const X509v3_KU_UNDEF: u32 = 0xffff; 162 163 // X509_get_extended_key_usage 164 pub const XKU_SSL_SERVER: u32 = 0x1; 165 pub const XKU_SSL_CLIENT: u32 = 0x2; 166 pub const XKU_SMIME: u32 = 0x4; 167 pub const XKU_CODE_SIGN: u32 = 0x8; 168 pub const XKU_SGC: u32 = 0x10; 169 pub const XKU_OCSP_SIGN: u32 = 0x20; 170 pub const XKU_TIMESTAMP: u32 = 0x40; 171 pub const XKU_DVCS: u32 = 0x80; 172 #[cfg(ossl110)] 173 pub const XKU_ANYEKU: u32 = 0x100; 174 175 extern "C" { X509V3_EXT_d2i(ext: *mut X509_EXTENSION) -> *mut c_void176 pub fn X509V3_EXT_d2i(ext: *mut X509_EXTENSION) -> *mut c_void; X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: *mut c_void) -> *mut X509_EXTENSION177 pub fn X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: *mut c_void) -> *mut X509_EXTENSION; X509V3_add1_i2d( x: *mut *mut stack_st_X509_EXTENSION, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong, ) -> c_int178 pub fn X509V3_add1_i2d( 179 x: *mut *mut stack_st_X509_EXTENSION, 180 nid: c_int, 181 value: *mut c_void, 182 crit: c_int, 183 flags: c_ulong, 184 ) -> c_int; X509V3_EXT_print( out: *mut BIO, ext: *mut X509_EXTENSION, flag: c_ulong, indent: c_int, ) -> c_int185 pub fn X509V3_EXT_print( 186 out: *mut BIO, 187 ext: *mut X509_EXTENSION, 188 flag: c_ulong, 189 indent: c_int, 190 ) -> c_int; 191 192 #[cfg(ossl110)] X509_get_extension_flags(x: *mut X509) -> u32193 pub fn X509_get_extension_flags(x: *mut X509) -> u32; 194 #[cfg(ossl110)] X509_get_key_usage(x: *mut X509) -> u32195 pub fn X509_get_key_usage(x: *mut X509) -> u32; 196 #[cfg(ossl110)] X509_get_extended_key_usage(x: *mut X509) -> u32197 pub fn X509_get_extended_key_usage(x: *mut X509) -> u32; 198 } 199