1*66bae5e7Schristos/* 2*66bae5e7Schristos * {- join("\n * ", @autowarntext) -} 3*66bae5e7Schristos * 4*66bae5e7Schristos * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. 5*66bae5e7Schristos * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved 6*66bae5e7Schristos * 7*66bae5e7Schristos * Licensed under the Apache License 2.0 (the "License"). You may not use 8*66bae5e7Schristos * this file except in compliance with the License. You can obtain a copy 9*66bae5e7Schristos * in the file LICENSE in the source distribution or at 10*66bae5e7Schristos * https://www.openssl.org/source/license.html 11*66bae5e7Schristos */ 12*66bae5e7Schristos 13*66bae5e7Schristos{- 14*66bae5e7Schristosuse OpenSSL::stackhash qw(generate_stack_macros); 15*66bae5e7Schristos-} 16*66bae5e7Schristos 17*66bae5e7Schristos#ifndef OPENSSL_X509_H 18*66bae5e7Schristos# define OPENSSL_X509_H 19*66bae5e7Schristos# pragma once 20*66bae5e7Schristos 21*66bae5e7Schristos# include <openssl/macros.h> 22*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 23*66bae5e7Schristos# define HEADER_X509_H 24*66bae5e7Schristos# endif 25*66bae5e7Schristos 26*66bae5e7Schristos# include <openssl/e_os2.h> 27*66bae5e7Schristos# include <openssl/types.h> 28*66bae5e7Schristos# include <openssl/symhacks.h> 29*66bae5e7Schristos# include <openssl/buffer.h> 30*66bae5e7Schristos# include <openssl/evp.h> 31*66bae5e7Schristos# include <openssl/bio.h> 32*66bae5e7Schristos# include <openssl/asn1.h> 33*66bae5e7Schristos# include <openssl/safestack.h> 34*66bae5e7Schristos# include <openssl/ec.h> 35*66bae5e7Schristos 36*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_1_1_0 37*66bae5e7Schristos# include <openssl/rsa.h> 38*66bae5e7Schristos# include <openssl/dsa.h> 39*66bae5e7Schristos# include <openssl/dh.h> 40*66bae5e7Schristos# endif 41*66bae5e7Schristos 42*66bae5e7Schristos# include <openssl/sha.h> 43*66bae5e7Schristos# include <openssl/x509err.h> 44*66bae5e7Schristos 45*66bae5e7Schristos#ifdef __cplusplus 46*66bae5e7Schristosextern "C" { 47*66bae5e7Schristos#endif 48*66bae5e7Schristos 49*66bae5e7Schristos/* Needed stacks for types defined in other headers */ 50*66bae5e7Schristos{- 51*66bae5e7Schristos generate_stack_macros("X509_NAME") 52*66bae5e7Schristos .generate_stack_macros("X509") 53*66bae5e7Schristos .generate_stack_macros("X509_REVOKED") 54*66bae5e7Schristos .generate_stack_macros("X509_CRL"); 55*66bae5e7Schristos-} 56*66bae5e7Schristos 57*66bae5e7Schristos/* Flags for X509_get_signature_info() */ 58*66bae5e7Schristos/* Signature info is valid */ 59*66bae5e7Schristos# define X509_SIG_INFO_VALID 0x1 60*66bae5e7Schristos/* Signature is suitable for TLS use */ 61*66bae5e7Schristos# define X509_SIG_INFO_TLS 0x2 62*66bae5e7Schristos 63*66bae5e7Schristos# define X509_FILETYPE_PEM 1 64*66bae5e7Schristos# define X509_FILETYPE_ASN1 2 65*66bae5e7Schristos# define X509_FILETYPE_DEFAULT 3 66*66bae5e7Schristos 67*66bae5e7Schristos# define X509v3_KU_DIGITAL_SIGNATURE 0x0080 68*66bae5e7Schristos# define X509v3_KU_NON_REPUDIATION 0x0040 69*66bae5e7Schristos# define X509v3_KU_KEY_ENCIPHERMENT 0x0020 70*66bae5e7Schristos# define X509v3_KU_DATA_ENCIPHERMENT 0x0010 71*66bae5e7Schristos# define X509v3_KU_KEY_AGREEMENT 0x0008 72*66bae5e7Schristos# define X509v3_KU_KEY_CERT_SIGN 0x0004 73*66bae5e7Schristos# define X509v3_KU_CRL_SIGN 0x0002 74*66bae5e7Schristos# define X509v3_KU_ENCIPHER_ONLY 0x0001 75*66bae5e7Schristos# define X509v3_KU_DECIPHER_ONLY 0x8000 76*66bae5e7Schristos# define X509v3_KU_UNDEF 0xffff 77*66bae5e7Schristos 78*66bae5e7Schristosstruct X509_algor_st { 79*66bae5e7Schristos ASN1_OBJECT *algorithm; 80*66bae5e7Schristos ASN1_TYPE *parameter; 81*66bae5e7Schristos} /* X509_ALGOR */ ; 82*66bae5e7Schristos 83*66bae5e7Schristostypedef STACK_OF(X509_ALGOR) X509_ALGORS; 84*66bae5e7Schristos 85*66bae5e7Schristostypedef struct X509_val_st { 86*66bae5e7Schristos ASN1_TIME *notBefore; 87*66bae5e7Schristos ASN1_TIME *notAfter; 88*66bae5e7Schristos} X509_VAL; 89*66bae5e7Schristos 90*66bae5e7Schristostypedef struct X509_sig_st X509_SIG; 91*66bae5e7Schristos 92*66bae5e7Schristostypedef struct X509_name_entry_st X509_NAME_ENTRY; 93*66bae5e7Schristos 94*66bae5e7Schristos{- 95*66bae5e7Schristos generate_stack_macros("X509_NAME_ENTRY"); 96*66bae5e7Schristos-} 97*66bae5e7Schristos 98*66bae5e7Schristos# define X509_EX_V_NETSCAPE_HACK 0x8000 99*66bae5e7Schristos# define X509_EX_V_INIT 0x0001 100*66bae5e7Schristostypedef struct X509_extension_st X509_EXTENSION; 101*66bae5e7Schristos{- 102*66bae5e7Schristos generate_stack_macros("X509_EXTENSION"); 103*66bae5e7Schristos-} 104*66bae5e7Schristostypedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; 105*66bae5e7Schristostypedef struct x509_attributes_st X509_ATTRIBUTE; 106*66bae5e7Schristos{- 107*66bae5e7Schristos generate_stack_macros("X509_ATTRIBUTE"); 108*66bae5e7Schristos-} 109*66bae5e7Schristostypedef struct X509_req_info_st X509_REQ_INFO; 110*66bae5e7Schristostypedef struct X509_req_st X509_REQ; 111*66bae5e7Schristostypedef struct x509_cert_aux_st X509_CERT_AUX; 112*66bae5e7Schristostypedef struct x509_cinf_st X509_CINF; 113*66bae5e7Schristos 114*66bae5e7Schristos/* Flags for X509_print_ex() */ 115*66bae5e7Schristos 116*66bae5e7Schristos# define X509_FLAG_COMPAT 0 117*66bae5e7Schristos# define X509_FLAG_NO_HEADER 1L 118*66bae5e7Schristos# define X509_FLAG_NO_VERSION (1L << 1) 119*66bae5e7Schristos# define X509_FLAG_NO_SERIAL (1L << 2) 120*66bae5e7Schristos# define X509_FLAG_NO_SIGNAME (1L << 3) 121*66bae5e7Schristos# define X509_FLAG_NO_ISSUER (1L << 4) 122*66bae5e7Schristos# define X509_FLAG_NO_VALIDITY (1L << 5) 123*66bae5e7Schristos# define X509_FLAG_NO_SUBJECT (1L << 6) 124*66bae5e7Schristos# define X509_FLAG_NO_PUBKEY (1L << 7) 125*66bae5e7Schristos# define X509_FLAG_NO_EXTENSIONS (1L << 8) 126*66bae5e7Schristos# define X509_FLAG_NO_SIGDUMP (1L << 9) 127*66bae5e7Schristos# define X509_FLAG_NO_AUX (1L << 10) 128*66bae5e7Schristos# define X509_FLAG_NO_ATTRIBUTES (1L << 11) 129*66bae5e7Schristos# define X509_FLAG_NO_IDS (1L << 12) 130*66bae5e7Schristos# define X509_FLAG_EXTENSIONS_ONLY_KID (1L << 13) 131*66bae5e7Schristos 132*66bae5e7Schristos/* Flags specific to X509_NAME_print_ex() */ 133*66bae5e7Schristos 134*66bae5e7Schristos/* The field separator information */ 135*66bae5e7Schristos 136*66bae5e7Schristos# define XN_FLAG_SEP_MASK (0xf << 16) 137*66bae5e7Schristos 138*66bae5e7Schristos# define XN_FLAG_COMPAT 0/* Traditional; use old X509_NAME_print */ 139*66bae5e7Schristos# define XN_FLAG_SEP_COMMA_PLUS (1 << 16)/* RFC2253 ,+ */ 140*66bae5e7Schristos# define XN_FLAG_SEP_CPLUS_SPC (2 << 16)/* ,+ spaced: more readable */ 141*66bae5e7Schristos# define XN_FLAG_SEP_SPLUS_SPC (3 << 16)/* ;+ spaced */ 142*66bae5e7Schristos# define XN_FLAG_SEP_MULTILINE (4 << 16)/* One line per field */ 143*66bae5e7Schristos 144*66bae5e7Schristos# define XN_FLAG_DN_REV (1 << 20)/* Reverse DN order */ 145*66bae5e7Schristos 146*66bae5e7Schristos/* How the field name is shown */ 147*66bae5e7Schristos 148*66bae5e7Schristos# define XN_FLAG_FN_MASK (0x3 << 21) 149*66bae5e7Schristos 150*66bae5e7Schristos# define XN_FLAG_FN_SN 0/* Object short name */ 151*66bae5e7Schristos# define XN_FLAG_FN_LN (1 << 21)/* Object long name */ 152*66bae5e7Schristos# define XN_FLAG_FN_OID (2 << 21)/* Always use OIDs */ 153*66bae5e7Schristos# define XN_FLAG_FN_NONE (3 << 21)/* No field names */ 154*66bae5e7Schristos 155*66bae5e7Schristos# define XN_FLAG_SPC_EQ (1 << 23)/* Put spaces round '=' */ 156*66bae5e7Schristos 157*66bae5e7Schristos/* 158*66bae5e7Schristos * This determines if we dump fields we don't recognise: RFC2253 requires 159*66bae5e7Schristos * this. 160*66bae5e7Schristos */ 161*66bae5e7Schristos 162*66bae5e7Schristos# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) 163*66bae5e7Schristos 164*66bae5e7Schristos# define XN_FLAG_FN_ALIGN (1 << 25)/* Align field names to 20 165*66bae5e7Schristos * characters */ 166*66bae5e7Schristos 167*66bae5e7Schristos/* Complete set of RFC2253 flags */ 168*66bae5e7Schristos 169*66bae5e7Schristos# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ 170*66bae5e7Schristos XN_FLAG_SEP_COMMA_PLUS | \ 171*66bae5e7Schristos XN_FLAG_DN_REV | \ 172*66bae5e7Schristos XN_FLAG_FN_SN | \ 173*66bae5e7Schristos XN_FLAG_DUMP_UNKNOWN_FIELDS) 174*66bae5e7Schristos 175*66bae5e7Schristos/* readable oneline form */ 176*66bae5e7Schristos 177*66bae5e7Schristos# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ 178*66bae5e7Schristos ASN1_STRFLGS_ESC_QUOTE | \ 179*66bae5e7Schristos XN_FLAG_SEP_CPLUS_SPC | \ 180*66bae5e7Schristos XN_FLAG_SPC_EQ | \ 181*66bae5e7Schristos XN_FLAG_FN_SN) 182*66bae5e7Schristos 183*66bae5e7Schristos/* readable multiline form */ 184*66bae5e7Schristos 185*66bae5e7Schristos# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ 186*66bae5e7Schristos ASN1_STRFLGS_ESC_MSB | \ 187*66bae5e7Schristos XN_FLAG_SEP_MULTILINE | \ 188*66bae5e7Schristos XN_FLAG_SPC_EQ | \ 189*66bae5e7Schristos XN_FLAG_FN_LN | \ 190*66bae5e7Schristos XN_FLAG_FN_ALIGN) 191*66bae5e7Schristos 192*66bae5e7Schristostypedef struct X509_crl_info_st X509_CRL_INFO; 193*66bae5e7Schristos 194*66bae5e7Schristostypedef struct private_key_st { 195*66bae5e7Schristos int version; 196*66bae5e7Schristos /* The PKCS#8 data types */ 197*66bae5e7Schristos X509_ALGOR *enc_algor; 198*66bae5e7Schristos ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ 199*66bae5e7Schristos /* When decrypted, the following will not be NULL */ 200*66bae5e7Schristos EVP_PKEY *dec_pkey; 201*66bae5e7Schristos /* used to encrypt and decrypt */ 202*66bae5e7Schristos int key_length; 203*66bae5e7Schristos char *key_data; 204*66bae5e7Schristos int key_free; /* true if we should auto free key_data */ 205*66bae5e7Schristos /* expanded version of 'enc_algor' */ 206*66bae5e7Schristos EVP_CIPHER_INFO cipher; 207*66bae5e7Schristos} X509_PKEY; 208*66bae5e7Schristos 209*66bae5e7Schristostypedef struct X509_info_st { 210*66bae5e7Schristos X509 *x509; 211*66bae5e7Schristos X509_CRL *crl; 212*66bae5e7Schristos X509_PKEY *x_pkey; 213*66bae5e7Schristos EVP_CIPHER_INFO enc_cipher; 214*66bae5e7Schristos int enc_len; 215*66bae5e7Schristos char *enc_data; 216*66bae5e7Schristos} X509_INFO; 217*66bae5e7Schristos{- 218*66bae5e7Schristos generate_stack_macros("X509_INFO"); 219*66bae5e7Schristos-} 220*66bae5e7Schristos 221*66bae5e7Schristos/* 222*66bae5e7Schristos * The next 2 structures and their 8 routines are used to manipulate Netscape's 223*66bae5e7Schristos * spki structures - useful if you are writing a CA web page 224*66bae5e7Schristos */ 225*66bae5e7Schristostypedef struct Netscape_spkac_st { 226*66bae5e7Schristos X509_PUBKEY *pubkey; 227*66bae5e7Schristos ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ 228*66bae5e7Schristos} NETSCAPE_SPKAC; 229*66bae5e7Schristos 230*66bae5e7Schristostypedef struct Netscape_spki_st { 231*66bae5e7Schristos NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ 232*66bae5e7Schristos X509_ALGOR sig_algor; 233*66bae5e7Schristos ASN1_BIT_STRING *signature; 234*66bae5e7Schristos} NETSCAPE_SPKI; 235*66bae5e7Schristos 236*66bae5e7Schristos/* Netscape certificate sequence structure */ 237*66bae5e7Schristostypedef struct Netscape_certificate_sequence { 238*66bae5e7Schristos ASN1_OBJECT *type; 239*66bae5e7Schristos STACK_OF(X509) *certs; 240*66bae5e7Schristos} NETSCAPE_CERT_SEQUENCE; 241*66bae5e7Schristos 242*66bae5e7Schristos/*- Unused (and iv length is wrong) 243*66bae5e7Schristostypedef struct CBCParameter_st 244*66bae5e7Schristos { 245*66bae5e7Schristos unsigned char iv[8]; 246*66bae5e7Schristos } CBC_PARAM; 247*66bae5e7Schristos*/ 248*66bae5e7Schristos 249*66bae5e7Schristos/* Password based encryption structure */ 250*66bae5e7Schristos 251*66bae5e7Schristostypedef struct PBEPARAM_st { 252*66bae5e7Schristos ASN1_OCTET_STRING *salt; 253*66bae5e7Schristos ASN1_INTEGER *iter; 254*66bae5e7Schristos} PBEPARAM; 255*66bae5e7Schristos 256*66bae5e7Schristos/* Password based encryption V2 structures */ 257*66bae5e7Schristos 258*66bae5e7Schristostypedef struct PBE2PARAM_st { 259*66bae5e7Schristos X509_ALGOR *keyfunc; 260*66bae5e7Schristos X509_ALGOR *encryption; 261*66bae5e7Schristos} PBE2PARAM; 262*66bae5e7Schristos 263*66bae5e7Schristostypedef struct PBKDF2PARAM_st { 264*66bae5e7Schristos/* Usually OCTET STRING but could be anything */ 265*66bae5e7Schristos ASN1_TYPE *salt; 266*66bae5e7Schristos ASN1_INTEGER *iter; 267*66bae5e7Schristos ASN1_INTEGER *keylength; 268*66bae5e7Schristos X509_ALGOR *prf; 269*66bae5e7Schristos} PBKDF2PARAM; 270*66bae5e7Schristos 271*66bae5e7Schristos#ifndef OPENSSL_NO_SCRYPT 272*66bae5e7Schristostypedef struct SCRYPT_PARAMS_st { 273*66bae5e7Schristos ASN1_OCTET_STRING *salt; 274*66bae5e7Schristos ASN1_INTEGER *costParameter; 275*66bae5e7Schristos ASN1_INTEGER *blockSize; 276*66bae5e7Schristos ASN1_INTEGER *parallelizationParameter; 277*66bae5e7Schristos ASN1_INTEGER *keyLength; 278*66bae5e7Schristos} SCRYPT_PARAMS; 279*66bae5e7Schristos#endif 280*66bae5e7Schristos 281*66bae5e7Schristos#ifdef __cplusplus 282*66bae5e7Schristos} 283*66bae5e7Schristos#endif 284*66bae5e7Schristos 285*66bae5e7Schristos# include <openssl/x509_vfy.h> 286*66bae5e7Schristos# include <openssl/pkcs7.h> 287*66bae5e7Schristos 288*66bae5e7Schristos#ifdef __cplusplus 289*66bae5e7Schristosextern "C" { 290*66bae5e7Schristos#endif 291*66bae5e7Schristos 292*66bae5e7Schristos# define X509_EXT_PACK_UNKNOWN 1 293*66bae5e7Schristos# define X509_EXT_PACK_STRING 2 294*66bae5e7Schristos 295*66bae5e7Schristos# define X509_extract_key(x) X509_get_pubkey(x)/*****/ 296*66bae5e7Schristos# define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) 297*66bae5e7Schristos# define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) 298*66bae5e7Schristos 299*66bae5e7Schristosvoid X509_CRL_set_default_method(const X509_CRL_METHOD *meth); 300*66bae5e7SchristosX509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl), 301*66bae5e7Schristos int (*crl_free) (X509_CRL *crl), 302*66bae5e7Schristos int (*crl_lookup) (X509_CRL *crl, 303*66bae5e7Schristos X509_REVOKED **ret, 304*66bae5e7Schristos const 305*66bae5e7Schristos ASN1_INTEGER *serial, 306*66bae5e7Schristos const 307*66bae5e7Schristos X509_NAME *issuer), 308*66bae5e7Schristos int (*crl_verify) (X509_CRL *crl, 309*66bae5e7Schristos EVP_PKEY *pk)); 310*66bae5e7Schristosvoid X509_CRL_METHOD_free(X509_CRL_METHOD *m); 311*66bae5e7Schristos 312*66bae5e7Schristosvoid X509_CRL_set_meth_data(X509_CRL *crl, void *dat); 313*66bae5e7Schristosvoid *X509_CRL_get_meth_data(X509_CRL *crl); 314*66bae5e7Schristos 315*66bae5e7Schristosconst char *X509_verify_cert_error_string(long n); 316*66bae5e7Schristos 317*66bae5e7Schristosint X509_verify(X509 *a, EVP_PKEY *r); 318*66bae5e7Schristosint X509_self_signed(X509 *cert, int verify_signature); 319*66bae5e7Schristos 320*66bae5e7Schristosint X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OSSL_LIB_CTX *libctx, 321*66bae5e7Schristos const char *propq); 322*66bae5e7Schristosint X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); 323*66bae5e7Schristosint X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); 324*66bae5e7Schristosint NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); 325*66bae5e7Schristos 326*66bae5e7SchristosNETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len); 327*66bae5e7Schristoschar *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); 328*66bae5e7SchristosEVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); 329*66bae5e7Schristosint NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); 330*66bae5e7Schristos 331*66bae5e7Schristosint NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); 332*66bae5e7Schristos 333*66bae5e7Schristosint X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent); 334*66bae5e7Schristosint X509_signature_print(BIO *bp, const X509_ALGOR *alg, 335*66bae5e7Schristos const ASN1_STRING *sig); 336*66bae5e7Schristos 337*66bae5e7Schristosint X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 338*66bae5e7Schristosint X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx); 339*66bae5e7Schristosint X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); 340*66bae5e7Schristosint X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx); 341*66bae5e7Schristosint X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); 342*66bae5e7Schristosint X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx); 343*66bae5e7Schristosint NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); 344*66bae5e7Schristos 345*66bae5e7Schristosint X509_pubkey_digest(const X509 *data, const EVP_MD *type, 346*66bae5e7Schristos unsigned char *md, unsigned int *len); 347*66bae5e7Schristosint X509_digest(const X509 *data, const EVP_MD *type, 348*66bae5e7Schristos unsigned char *md, unsigned int *len); 349*66bae5e7SchristosASN1_OCTET_STRING *X509_digest_sig(const X509 *cert, 350*66bae5e7Schristos EVP_MD **md_used, int *md_is_fallback); 351*66bae5e7Schristosint X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, 352*66bae5e7Schristos unsigned char *md, unsigned int *len); 353*66bae5e7Schristosint X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, 354*66bae5e7Schristos unsigned char *md, unsigned int *len); 355*66bae5e7Schristosint X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, 356*66bae5e7Schristos unsigned char *md, unsigned int *len); 357*66bae5e7Schristos 358*66bae5e7SchristosX509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout); 359*66bae5e7SchristosX509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout); 360*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 361*66bae5e7Schristos# include <openssl/http.h> /* OSSL_HTTP_REQ_CTX_nbio_d2i */ 362*66bae5e7Schristos# define X509_http_nbio(rctx, pcert) \ 363*66bae5e7Schristos OSSL_HTTP_REQ_CTX_nbio_d2i(rctx, pcert, ASN1_ITEM_rptr(X509)) 364*66bae5e7Schristos# define X509_CRL_http_nbio(rctx, pcrl) \ 365*66bae5e7Schristos OSSL_HTTP_REQ_CTX_nbio_d2i(rctx, pcrl, ASN1_ITEM_rptr(X509_CRL)) 366*66bae5e7Schristos# endif 367*66bae5e7Schristos 368*66bae5e7Schristos# ifndef OPENSSL_NO_STDIO 369*66bae5e7SchristosX509 *d2i_X509_fp(FILE *fp, X509 **x509); 370*66bae5e7Schristosint i2d_X509_fp(FILE *fp, const X509 *x509); 371*66bae5e7SchristosX509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl); 372*66bae5e7Schristosint i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl); 373*66bae5e7SchristosX509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req); 374*66bae5e7Schristosint i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req); 375*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 376*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa); 377*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa); 378*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa); 379*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa); 380*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa); 381*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa); 382*66bae5e7Schristos# endif 383*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 384*66bae5e7Schristos# ifndef OPENSSL_NO_DSA 385*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); 386*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa); 387*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); 388*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa); 389*66bae5e7Schristos# endif 390*66bae5e7Schristos# endif 391*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 392*66bae5e7Schristos# ifndef OPENSSL_NO_EC 393*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); 394*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey); 395*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); 396*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey); 397*66bae5e7Schristos# endif /* OPENSSL_NO_EC */ 398*66bae5e7Schristos# endif /* OPENSSL_NO_DEPRECATED_3_0 */ 399*66bae5e7SchristosX509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8); 400*66bae5e7Schristosint i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8); 401*66bae5e7SchristosX509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk); 402*66bae5e7Schristosint i2d_X509_PUBKEY_fp(FILE *fp, const X509_PUBKEY *xpk); 403*66bae5e7SchristosPKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 404*66bae5e7Schristos PKCS8_PRIV_KEY_INFO **p8inf); 405*66bae5e7Schristosint i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf); 406*66bae5e7Schristosint i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key); 407*66bae5e7Schristosint i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey); 408*66bae5e7SchristosEVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, 409*66bae5e7Schristos const char *propq); 410*66bae5e7SchristosEVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); 411*66bae5e7Schristosint i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey); 412*66bae5e7SchristosEVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); 413*66bae5e7Schristos# endif 414*66bae5e7Schristos 415*66bae5e7SchristosX509 *d2i_X509_bio(BIO *bp, X509 **x509); 416*66bae5e7Schristosint i2d_X509_bio(BIO *bp, const X509 *x509); 417*66bae5e7SchristosX509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl); 418*66bae5e7Schristosint i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl); 419*66bae5e7SchristosX509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req); 420*66bae5e7Schristosint i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req); 421*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 422*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa); 423*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa); 424*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa); 425*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa); 426*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa); 427*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa); 428*66bae5e7Schristos# endif 429*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 430*66bae5e7Schristos# ifndef OPENSSL_NO_DSA 431*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); 432*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa); 433*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); 434*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa); 435*66bae5e7Schristos# endif 436*66bae5e7Schristos# endif 437*66bae5e7Schristos 438*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 439*66bae5e7Schristos# ifndef OPENSSL_NO_EC 440*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); 441*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *eckey); 442*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); 443*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey); 444*66bae5e7Schristos# endif /* OPENSSL_NO_EC */ 445*66bae5e7Schristos# endif /* OPENSSL_NO_DEPRECATED_3_0 */ 446*66bae5e7Schristos 447*66bae5e7SchristosX509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8); 448*66bae5e7Schristosint i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8); 449*66bae5e7SchristosX509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk); 450*66bae5e7Schristosint i2d_X509_PUBKEY_bio(BIO *bp, const X509_PUBKEY *xpk); 451*66bae5e7SchristosPKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 452*66bae5e7Schristos PKCS8_PRIV_KEY_INFO **p8inf); 453*66bae5e7Schristosint i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf); 454*66bae5e7Schristosint i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key); 455*66bae5e7Schristosint i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey); 456*66bae5e7SchristosEVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, 457*66bae5e7Schristos const char *propq); 458*66bae5e7SchristosEVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); 459*66bae5e7Schristosint i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey); 460*66bae5e7SchristosEVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); 461*66bae5e7Schristos 462*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509) 463*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509_ALGOR) 464*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509_ATTRIBUTE) 465*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509_CRL) 466*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509_EXTENSION) 467*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509_PUBKEY) 468*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509_REQ) 469*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509_REVOKED) 470*66bae5e7Schristosint X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, 471*66bae5e7Schristos void *pval); 472*66bae5e7Schristosvoid X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, 473*66bae5e7Schristos const void **ppval, const X509_ALGOR *algor); 474*66bae5e7Schristosvoid X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); 475*66bae5e7Schristosint X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); 476*66bae5e7Schristosint X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src); 477*66bae5e7Schristos 478*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509_NAME) 479*66bae5e7SchristosDECLARE_ASN1_DUP_FUNCTION(X509_NAME_ENTRY) 480*66bae5e7Schristos 481*66bae5e7Schristosint X509_cmp_time(const ASN1_TIME *s, time_t *t); 482*66bae5e7Schristosint X509_cmp_current_time(const ASN1_TIME *s); 483*66bae5e7Schristosint X509_cmp_timeframe(const X509_VERIFY_PARAM *vpm, 484*66bae5e7Schristos const ASN1_TIME *start, const ASN1_TIME *end); 485*66bae5e7SchristosASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t); 486*66bae5e7SchristosASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, 487*66bae5e7Schristos int offset_day, long offset_sec, time_t *t); 488*66bae5e7SchristosASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj); 489*66bae5e7Schristos 490*66bae5e7Schristosconst char *X509_get_default_cert_area(void); 491*66bae5e7Schristosconst char *X509_get_default_cert_dir(void); 492*66bae5e7Schristosconst char *X509_get_default_cert_file(void); 493*66bae5e7Schristosconst char *X509_get_default_cert_dir_env(void); 494*66bae5e7Schristosconst char *X509_get_default_cert_file_env(void); 495*66bae5e7Schristosconst char *X509_get_default_private_dir(void); 496*66bae5e7Schristos 497*66bae5e7SchristosX509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 498*66bae5e7SchristosX509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey); 499*66bae5e7Schristos 500*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_ALGOR) 501*66bae5e7SchristosDECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS) 502*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_VAL) 503*66bae5e7Schristos 504*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_PUBKEY) 505*66bae5e7Schristos 506*66bae5e7SchristosX509_PUBKEY *X509_PUBKEY_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 507*66bae5e7Schristosint X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); 508*66bae5e7SchristosEVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key); 509*66bae5e7SchristosEVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key); 510*66bae5e7Schristosint X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain); 511*66bae5e7Schristoslong X509_get_pathlen(X509 *x); 512*66bae5e7SchristosDECLARE_ASN1_ENCODE_FUNCTIONS_only(EVP_PKEY, PUBKEY) 513*66bae5e7SchristosEVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length, 514*66bae5e7Schristos OSSL_LIB_CTX *libctx, const char *propq); 515*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 516*66bae5e7SchristosDECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,RSA, RSA_PUBKEY) 517*66bae5e7Schristos# endif 518*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 519*66bae5e7Schristos# ifndef OPENSSL_NO_DSA 520*66bae5e7SchristosDECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,DSA, DSA_PUBKEY) 521*66bae5e7Schristos# endif 522*66bae5e7Schristos# endif 523*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_3_0 524*66bae5e7Schristos# ifndef OPENSSL_NO_EC 525*66bae5e7SchristosDECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0, EC_KEY, EC_PUBKEY) 526*66bae5e7Schristos# endif 527*66bae5e7Schristos# endif 528*66bae5e7Schristos 529*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_SIG) 530*66bae5e7Schristosvoid X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **palg, 531*66bae5e7Schristos const ASN1_OCTET_STRING **pdigest); 532*66bae5e7Schristosvoid X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg, 533*66bae5e7Schristos ASN1_OCTET_STRING **pdigest); 534*66bae5e7Schristos 535*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_REQ_INFO) 536*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_REQ) 537*66bae5e7SchristosX509_REQ *X509_REQ_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 538*66bae5e7Schristos 539*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) 540*66bae5e7SchristosX509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); 541*66bae5e7Schristos 542*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_EXTENSION) 543*66bae5e7SchristosDECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) 544*66bae5e7Schristos 545*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) 546*66bae5e7Schristos 547*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_NAME) 548*66bae5e7Schristos 549*66bae5e7Schristosint X509_NAME_set(X509_NAME **xn, const X509_NAME *name); 550*66bae5e7Schristos 551*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_CINF) 552*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509) 553*66bae5e7SchristosX509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 554*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) 555*66bae5e7Schristos 556*66bae5e7Schristos#define X509_get_ex_new_index(l, p, newf, dupf, freef) \ 557*66bae5e7Schristos CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, l, p, newf, dupf, freef) 558*66bae5e7Schristosint X509_set_ex_data(X509 *r, int idx, void *arg); 559*66bae5e7Schristosvoid *X509_get_ex_data(const X509 *r, int idx); 560*66bae5e7SchristosDECLARE_ASN1_ENCODE_FUNCTIONS_only(X509,X509_AUX) 561*66bae5e7Schristos 562*66bae5e7Schristosint i2d_re_X509_tbs(X509 *x, unsigned char **pp); 563*66bae5e7Schristos 564*66bae5e7Schristosint X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid, 565*66bae5e7Schristos int *secbits, uint32_t *flags); 566*66bae5e7Schristosvoid X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid, 567*66bae5e7Schristos int secbits, uint32_t flags); 568*66bae5e7Schristos 569*66bae5e7Schristosint X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits, 570*66bae5e7Schristos uint32_t *flags); 571*66bae5e7Schristos 572*66bae5e7Schristosvoid X509_get0_signature(const ASN1_BIT_STRING **psig, 573*66bae5e7Schristos const X509_ALGOR **palg, const X509 *x); 574*66bae5e7Schristosint X509_get_signature_nid(const X509 *x); 575*66bae5e7Schristos 576*66bae5e7Schristosvoid X509_set0_distinguishing_id(X509 *x, ASN1_OCTET_STRING *d_id); 577*66bae5e7SchristosASN1_OCTET_STRING *X509_get0_distinguishing_id(X509 *x); 578*66bae5e7Schristosvoid X509_REQ_set0_distinguishing_id(X509_REQ *x, ASN1_OCTET_STRING *d_id); 579*66bae5e7SchristosASN1_OCTET_STRING *X509_REQ_get0_distinguishing_id(X509_REQ *x); 580*66bae5e7Schristos 581*66bae5e7Schristosint X509_alias_set1(X509 *x, const unsigned char *name, int len); 582*66bae5e7Schristosint X509_keyid_set1(X509 *x, const unsigned char *id, int len); 583*66bae5e7Schristosunsigned char *X509_alias_get0(X509 *x, int *len); 584*66bae5e7Schristosunsigned char *X509_keyid_get0(X509 *x, int *len); 585*66bae5e7Schristos 586*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_REVOKED) 587*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_CRL_INFO) 588*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(X509_CRL) 589*66bae5e7SchristosX509_CRL *X509_CRL_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 590*66bae5e7Schristos 591*66bae5e7Schristosint X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); 592*66bae5e7Schristosint X509_CRL_get0_by_serial(X509_CRL *crl, 593*66bae5e7Schristos X509_REVOKED **ret, const ASN1_INTEGER *serial); 594*66bae5e7Schristosint X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x); 595*66bae5e7Schristos 596*66bae5e7SchristosX509_PKEY *X509_PKEY_new(void); 597*66bae5e7Schristosvoid X509_PKEY_free(X509_PKEY *a); 598*66bae5e7Schristos 599*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) 600*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) 601*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE) 602*66bae5e7Schristos 603*66bae5e7SchristosX509_INFO *X509_INFO_new(void); 604*66bae5e7Schristosvoid X509_INFO_free(X509_INFO *a); 605*66bae5e7Schristoschar *X509_NAME_oneline(const X509_NAME *a, char *buf, int size); 606*66bae5e7Schristos 607*66bae5e7Schristos#ifndef OPENSSL_NO_DEPRECATED_3_0 608*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 609*66bae5e7Schristosint ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1, 610*66bae5e7Schristos ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey); 611*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 612*66bae5e7Schristosint ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, 613*66bae5e7Schristos unsigned char *md, unsigned int *len); 614*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 615*66bae5e7Schristosint ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, 616*66bae5e7Schristos ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, 617*66bae5e7Schristos const EVP_MD *type); 618*66bae5e7Schristos#endif 619*66bae5e7Schristosint ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data, 620*66bae5e7Schristos unsigned char *md, unsigned int *len); 621*66bae5e7Schristosint ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg, 622*66bae5e7Schristos const ASN1_BIT_STRING *signature, const void *data, 623*66bae5e7Schristos EVP_PKEY *pkey); 624*66bae5e7Schristosint ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg, 625*66bae5e7Schristos const ASN1_BIT_STRING *signature, const void *data, 626*66bae5e7Schristos EVP_MD_CTX *ctx); 627*66bae5e7Schristosint ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, 628*66bae5e7Schristos ASN1_BIT_STRING *signature, const void *data, 629*66bae5e7Schristos EVP_PKEY *pkey, const EVP_MD *md); 630*66bae5e7Schristosint ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, 631*66bae5e7Schristos X509_ALGOR *algor2, ASN1_BIT_STRING *signature, 632*66bae5e7Schristos const void *data, EVP_MD_CTX *ctx); 633*66bae5e7Schristos 634*66bae5e7Schristos#define X509_VERSION_1 0 635*66bae5e7Schristos#define X509_VERSION_2 1 636*66bae5e7Schristos#define X509_VERSION_3 2 637*66bae5e7Schristos 638*66bae5e7Schristoslong X509_get_version(const X509 *x); 639*66bae5e7Schristosint X509_set_version(X509 *x, long version); 640*66bae5e7Schristosint X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); 641*66bae5e7SchristosASN1_INTEGER *X509_get_serialNumber(X509 *x); 642*66bae5e7Schristosconst ASN1_INTEGER *X509_get0_serialNumber(const X509 *x); 643*66bae5e7Schristosint X509_set_issuer_name(X509 *x, const X509_NAME *name); 644*66bae5e7SchristosX509_NAME *X509_get_issuer_name(const X509 *a); 645*66bae5e7Schristosint X509_set_subject_name(X509 *x, const X509_NAME *name); 646*66bae5e7SchristosX509_NAME *X509_get_subject_name(const X509 *a); 647*66bae5e7Schristosconst ASN1_TIME * X509_get0_notBefore(const X509 *x); 648*66bae5e7SchristosASN1_TIME *X509_getm_notBefore(const X509 *x); 649*66bae5e7Schristosint X509_set1_notBefore(X509 *x, const ASN1_TIME *tm); 650*66bae5e7Schristosconst ASN1_TIME *X509_get0_notAfter(const X509 *x); 651*66bae5e7SchristosASN1_TIME *X509_getm_notAfter(const X509 *x); 652*66bae5e7Schristosint X509_set1_notAfter(X509 *x, const ASN1_TIME *tm); 653*66bae5e7Schristosint X509_set_pubkey(X509 *x, EVP_PKEY *pkey); 654*66bae5e7Schristosint X509_up_ref(X509 *x); 655*66bae5e7Schristosint X509_get_signature_type(const X509 *x); 656*66bae5e7Schristos 657*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_1_1_0 658*66bae5e7Schristos# define X509_get_notBefore X509_getm_notBefore 659*66bae5e7Schristos# define X509_get_notAfter X509_getm_notAfter 660*66bae5e7Schristos# define X509_set_notBefore X509_set1_notBefore 661*66bae5e7Schristos# define X509_set_notAfter X509_set1_notAfter 662*66bae5e7Schristos#endif 663*66bae5e7Schristos 664*66bae5e7Schristos 665*66bae5e7Schristos/* 666*66bae5e7Schristos * This one is only used so that a binary form can output, as in 667*66bae5e7Schristos * i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &buf) 668*66bae5e7Schristos */ 669*66bae5e7SchristosX509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x); 670*66bae5e7Schristosconst STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x); 671*66bae5e7Schristosvoid X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **piuid, 672*66bae5e7Schristos const ASN1_BIT_STRING **psuid); 673*66bae5e7Schristosconst X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x); 674*66bae5e7Schristos 675*66bae5e7SchristosEVP_PKEY *X509_get0_pubkey(const X509 *x); 676*66bae5e7SchristosEVP_PKEY *X509_get_pubkey(X509 *x); 677*66bae5e7SchristosASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x); 678*66bae5e7Schristos 679*66bae5e7Schristos#define X509_REQ_VERSION_1 0 680*66bae5e7Schristos 681*66bae5e7Schristoslong X509_REQ_get_version(const X509_REQ *req); 682*66bae5e7Schristosint X509_REQ_set_version(X509_REQ *x, long version); 683*66bae5e7SchristosX509_NAME *X509_REQ_get_subject_name(const X509_REQ *req); 684*66bae5e7Schristosint X509_REQ_set_subject_name(X509_REQ *req, const X509_NAME *name); 685*66bae5e7Schristosvoid X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, 686*66bae5e7Schristos const X509_ALGOR **palg); 687*66bae5e7Schristosvoid X509_REQ_set0_signature(X509_REQ *req, ASN1_BIT_STRING *psig); 688*66bae5e7Schristosint X509_REQ_set1_signature_algo(X509_REQ *req, X509_ALGOR *palg); 689*66bae5e7Schristosint X509_REQ_get_signature_nid(const X509_REQ *req); 690*66bae5e7Schristosint i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp); 691*66bae5e7Schristosint X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); 692*66bae5e7SchristosEVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req); 693*66bae5e7SchristosEVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req); 694*66bae5e7SchristosX509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *req); 695*66bae5e7Schristosint X509_REQ_extension_nid(int nid); 696*66bae5e7Schristosint *X509_REQ_get_extension_nids(void); 697*66bae5e7Schristosvoid X509_REQ_set_extension_nids(int *nids); 698*66bae5e7SchristosSTACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); 699*66bae5e7Schristosint X509_REQ_add_extensions_nid(X509_REQ *req, 700*66bae5e7Schristos const STACK_OF(X509_EXTENSION) *exts, int nid); 701*66bae5e7Schristosint X509_REQ_add_extensions(X509_REQ *req, const STACK_OF(X509_EXTENSION) *ext); 702*66bae5e7Schristosint X509_REQ_get_attr_count(const X509_REQ *req); 703*66bae5e7Schristosint X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos); 704*66bae5e7Schristosint X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj, 705*66bae5e7Schristos int lastpos); 706*66bae5e7SchristosX509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); 707*66bae5e7SchristosX509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); 708*66bae5e7Schristosint X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); 709*66bae5e7Schristosint X509_REQ_add1_attr_by_OBJ(X509_REQ *req, 710*66bae5e7Schristos const ASN1_OBJECT *obj, int type, 711*66bae5e7Schristos const unsigned char *bytes, int len); 712*66bae5e7Schristosint X509_REQ_add1_attr_by_NID(X509_REQ *req, 713*66bae5e7Schristos int nid, int type, 714*66bae5e7Schristos const unsigned char *bytes, int len); 715*66bae5e7Schristosint X509_REQ_add1_attr_by_txt(X509_REQ *req, 716*66bae5e7Schristos const char *attrname, int type, 717*66bae5e7Schristos const unsigned char *bytes, int len); 718*66bae5e7Schristos 719*66bae5e7Schristos#define X509_CRL_VERSION_1 0 720*66bae5e7Schristos#define X509_CRL_VERSION_2 1 721*66bae5e7Schristos 722*66bae5e7Schristosint X509_CRL_set_version(X509_CRL *x, long version); 723*66bae5e7Schristosint X509_CRL_set_issuer_name(X509_CRL *x, const X509_NAME *name); 724*66bae5e7Schristosint X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); 725*66bae5e7Schristosint X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); 726*66bae5e7Schristosint X509_CRL_sort(X509_CRL *crl); 727*66bae5e7Schristosint X509_CRL_up_ref(X509_CRL *crl); 728*66bae5e7Schristos 729*66bae5e7Schristos# ifndef OPENSSL_NO_DEPRECATED_1_1_0 730*66bae5e7Schristos# define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate 731*66bae5e7Schristos# define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate 732*66bae5e7Schristos#endif 733*66bae5e7Schristos 734*66bae5e7Schristoslong X509_CRL_get_version(const X509_CRL *crl); 735*66bae5e7Schristosconst ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl); 736*66bae5e7Schristosconst ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl); 737*66bae5e7Schristos#ifndef OPENSSL_NO_DEPRECATED_1_1_0 738*66bae5e7SchristosOSSL_DEPRECATEDIN_1_1_0 ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl); 739*66bae5e7SchristosOSSL_DEPRECATEDIN_1_1_0 ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl); 740*66bae5e7Schristos#endif 741*66bae5e7SchristosX509_NAME *X509_CRL_get_issuer(const X509_CRL *crl); 742*66bae5e7Schristosconst STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl); 743*66bae5e7SchristosSTACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl); 744*66bae5e7Schristosvoid X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, 745*66bae5e7Schristos const X509_ALGOR **palg); 746*66bae5e7Schristosint X509_CRL_get_signature_nid(const X509_CRL *crl); 747*66bae5e7Schristosint i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp); 748*66bae5e7Schristos 749*66bae5e7Schristosconst ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *x); 750*66bae5e7Schristosint X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); 751*66bae5e7Schristosconst ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *x); 752*66bae5e7Schristosint X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); 753*66bae5e7Schristosconst STACK_OF(X509_EXTENSION) * 754*66bae5e7SchristosX509_REVOKED_get0_extensions(const X509_REVOKED *r); 755*66bae5e7Schristos 756*66bae5e7SchristosX509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, 757*66bae5e7Schristos EVP_PKEY *skey, const EVP_MD *md, unsigned int flags); 758*66bae5e7Schristos 759*66bae5e7Schristosint X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey); 760*66bae5e7Schristos 761*66bae5e7Schristosint X509_check_private_key(const X509 *x509, const EVP_PKEY *pkey); 762*66bae5e7Schristosint X509_chain_check_suiteb(int *perror_depth, 763*66bae5e7Schristos X509 *x, STACK_OF(X509) *chain, 764*66bae5e7Schristos unsigned long flags); 765*66bae5e7Schristosint X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags); 766*66bae5e7SchristosSTACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain); 767*66bae5e7Schristos 768*66bae5e7Schristosint X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); 769*66bae5e7Schristosunsigned long X509_issuer_and_serial_hash(X509 *a); 770*66bae5e7Schristos 771*66bae5e7Schristosint X509_issuer_name_cmp(const X509 *a, const X509 *b); 772*66bae5e7Schristosunsigned long X509_issuer_name_hash(X509 *a); 773*66bae5e7Schristos 774*66bae5e7Schristosint X509_subject_name_cmp(const X509 *a, const X509 *b); 775*66bae5e7Schristosunsigned long X509_subject_name_hash(X509 *x); 776*66bae5e7Schristos 777*66bae5e7Schristos# ifndef OPENSSL_NO_MD5 778*66bae5e7Schristosunsigned long X509_issuer_name_hash_old(X509 *a); 779*66bae5e7Schristosunsigned long X509_subject_name_hash_old(X509 *x); 780*66bae5e7Schristos# endif 781*66bae5e7Schristos 782*66bae5e7Schristos# define X509_ADD_FLAG_DEFAULT 0 783*66bae5e7Schristos# define X509_ADD_FLAG_UP_REF 0x1 784*66bae5e7Schristos# define X509_ADD_FLAG_PREPEND 0x2 785*66bae5e7Schristos# define X509_ADD_FLAG_NO_DUP 0x4 786*66bae5e7Schristos# define X509_ADD_FLAG_NO_SS 0x8 787*66bae5e7Schristosint X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags); 788*66bae5e7Schristosint X509_add_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs, int flags); 789*66bae5e7Schristos 790*66bae5e7Schristosint X509_cmp(const X509 *a, const X509 *b); 791*66bae5e7Schristosint X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); 792*66bae5e7Schristos#ifndef OPENSSL_NO_DEPRECATED_3_0 793*66bae5e7Schristos# define X509_NAME_hash(x) X509_NAME_hash_ex(x, NULL, NULL, NULL) 794*66bae5e7SchristosOSSL_DEPRECATEDIN_3_0 int X509_certificate_type(const X509 *x, 795*66bae5e7Schristos const EVP_PKEY *pubkey); 796*66bae5e7Schristos#endif 797*66bae5e7Schristosunsigned long X509_NAME_hash_ex(const X509_NAME *x, OSSL_LIB_CTX *libctx, 798*66bae5e7Schristos const char *propq, int *ok); 799*66bae5e7Schristosunsigned long X509_NAME_hash_old(const X509_NAME *x); 800*66bae5e7Schristos 801*66bae5e7Schristosint X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); 802*66bae5e7Schristosint X509_CRL_match(const X509_CRL *a, const X509_CRL *b); 803*66bae5e7Schristosint X509_aux_print(BIO *out, X509 *x, int indent); 804*66bae5e7Schristos# ifndef OPENSSL_NO_STDIO 805*66bae5e7Schristosint X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag, 806*66bae5e7Schristos unsigned long cflag); 807*66bae5e7Schristosint X509_print_fp(FILE *bp, X509 *x); 808*66bae5e7Schristosint X509_CRL_print_fp(FILE *bp, X509_CRL *x); 809*66bae5e7Schristosint X509_REQ_print_fp(FILE *bp, X509_REQ *req); 810*66bae5e7Schristosint X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, 811*66bae5e7Schristos unsigned long flags); 812*66bae5e7Schristos# endif 813*66bae5e7Schristos 814*66bae5e7Schristosint X509_NAME_print(BIO *bp, const X509_NAME *name, int obase); 815*66bae5e7Schristosint X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, 816*66bae5e7Schristos unsigned long flags); 817*66bae5e7Schristosint X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag, 818*66bae5e7Schristos unsigned long cflag); 819*66bae5e7Schristosint X509_print(BIO *bp, X509 *x); 820*66bae5e7Schristosint X509_ocspid_print(BIO *bp, X509 *x); 821*66bae5e7Schristosint X509_CRL_print_ex(BIO *out, X509_CRL *x, unsigned long nmflag); 822*66bae5e7Schristosint X509_CRL_print(BIO *bp, X509_CRL *x); 823*66bae5e7Schristosint X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, 824*66bae5e7Schristos unsigned long cflag); 825*66bae5e7Schristosint X509_REQ_print(BIO *bp, X509_REQ *req); 826*66bae5e7Schristos 827*66bae5e7Schristosint X509_NAME_entry_count(const X509_NAME *name); 828*66bae5e7Schristosint X509_NAME_get_text_by_NID(const X509_NAME *name, int nid, 829*66bae5e7Schristos char *buf, int len); 830*66bae5e7Schristosint X509_NAME_get_text_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj, 831*66bae5e7Schristos char *buf, int len); 832*66bae5e7Schristos 833*66bae5e7Schristos/* 834*66bae5e7Schristos * NOTE: you should be passing -1, not 0 as lastpos. The functions that use 835*66bae5e7Schristos * lastpos, search after that position on. 836*66bae5e7Schristos */ 837*66bae5e7Schristosint X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos); 838*66bae5e7Schristosint X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj, 839*66bae5e7Schristos int lastpos); 840*66bae5e7SchristosX509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc); 841*66bae5e7SchristosX509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); 842*66bae5e7Schristosint X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, 843*66bae5e7Schristos int loc, int set); 844*66bae5e7Schristosint X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type, 845*66bae5e7Schristos const unsigned char *bytes, int len, int loc, 846*66bae5e7Schristos int set); 847*66bae5e7Schristosint X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, 848*66bae5e7Schristos const unsigned char *bytes, int len, int loc, 849*66bae5e7Schristos int set); 850*66bae5e7SchristosX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, 851*66bae5e7Schristos const char *field, int type, 852*66bae5e7Schristos const unsigned char *bytes, 853*66bae5e7Schristos int len); 854*66bae5e7SchristosX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, 855*66bae5e7Schristos int type, 856*66bae5e7Schristos const unsigned char *bytes, 857*66bae5e7Schristos int len); 858*66bae5e7Schristosint X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, 859*66bae5e7Schristos const unsigned char *bytes, int len, int loc, 860*66bae5e7Schristos int set); 861*66bae5e7SchristosX509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, 862*66bae5e7Schristos const ASN1_OBJECT *obj, int type, 863*66bae5e7Schristos const unsigned char *bytes, 864*66bae5e7Schristos int len); 865*66bae5e7Schristosint X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj); 866*66bae5e7Schristosint X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, 867*66bae5e7Schristos const unsigned char *bytes, int len); 868*66bae5e7SchristosASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne); 869*66bae5e7SchristosASN1_STRING * X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne); 870*66bae5e7Schristosint X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne); 871*66bae5e7Schristos 872*66bae5e7Schristosint X509_NAME_get0_der(const X509_NAME *nm, const unsigned char **pder, 873*66bae5e7Schristos size_t *pderlen); 874*66bae5e7Schristos 875*66bae5e7Schristosint X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); 876*66bae5e7Schristosint X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, 877*66bae5e7Schristos int nid, int lastpos); 878*66bae5e7Schristosint X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, 879*66bae5e7Schristos const ASN1_OBJECT *obj, int lastpos); 880*66bae5e7Schristosint X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, 881*66bae5e7Schristos int crit, int lastpos); 882*66bae5e7SchristosX509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); 883*66bae5e7SchristosX509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); 884*66bae5e7SchristosSTACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, 885*66bae5e7Schristos X509_EXTENSION *ex, int loc); 886*66bae5e7Schristos 887*66bae5e7Schristosint X509_get_ext_count(const X509 *x); 888*66bae5e7Schristosint X509_get_ext_by_NID(const X509 *x, int nid, int lastpos); 889*66bae5e7Schristosint X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos); 890*66bae5e7Schristosint X509_get_ext_by_critical(const X509 *x, int crit, int lastpos); 891*66bae5e7SchristosX509_EXTENSION *X509_get_ext(const X509 *x, int loc); 892*66bae5e7SchristosX509_EXTENSION *X509_delete_ext(X509 *x, int loc); 893*66bae5e7Schristosint X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); 894*66bae5e7Schristosvoid *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx); 895*66bae5e7Schristosint X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, 896*66bae5e7Schristos unsigned long flags); 897*66bae5e7Schristos 898*66bae5e7Schristosint X509_CRL_get_ext_count(const X509_CRL *x); 899*66bae5e7Schristosint X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos); 900*66bae5e7Schristosint X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, 901*66bae5e7Schristos int lastpos); 902*66bae5e7Schristosint X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos); 903*66bae5e7SchristosX509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc); 904*66bae5e7SchristosX509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); 905*66bae5e7Schristosint X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); 906*66bae5e7Schristosvoid *X509_CRL_get_ext_d2i(const X509_CRL *x, int nid, int *crit, int *idx); 907*66bae5e7Schristosint X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit, 908*66bae5e7Schristos unsigned long flags); 909*66bae5e7Schristos 910*66bae5e7Schristosint X509_REVOKED_get_ext_count(const X509_REVOKED *x); 911*66bae5e7Schristosint X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos); 912*66bae5e7Schristosint X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj, 913*66bae5e7Schristos int lastpos); 914*66bae5e7Schristosint X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, 915*66bae5e7Schristos int lastpos); 916*66bae5e7SchristosX509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc); 917*66bae5e7SchristosX509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); 918*66bae5e7Schristosint X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); 919*66bae5e7Schristosvoid *X509_REVOKED_get_ext_d2i(const X509_REVOKED *x, int nid, int *crit, 920*66bae5e7Schristos int *idx); 921*66bae5e7Schristosint X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit, 922*66bae5e7Schristos unsigned long flags); 923*66bae5e7Schristos 924*66bae5e7SchristosX509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, 925*66bae5e7Schristos int nid, int crit, 926*66bae5e7Schristos ASN1_OCTET_STRING *data); 927*66bae5e7SchristosX509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, 928*66bae5e7Schristos const ASN1_OBJECT *obj, int crit, 929*66bae5e7Schristos ASN1_OCTET_STRING *data); 930*66bae5e7Schristosint X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj); 931*66bae5e7Schristosint X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); 932*66bae5e7Schristosint X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data); 933*66bae5e7SchristosASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex); 934*66bae5e7SchristosASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); 935*66bae5e7Schristosint X509_EXTENSION_get_critical(const X509_EXTENSION *ex); 936*66bae5e7Schristos 937*66bae5e7Schristosint X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); 938*66bae5e7Schristosint X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, 939*66bae5e7Schristos int lastpos); 940*66bae5e7Schristosint X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, 941*66bae5e7Schristos const ASN1_OBJECT *obj, int lastpos); 942*66bae5e7SchristosX509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); 943*66bae5e7SchristosX509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); 944*66bae5e7SchristosSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, 945*66bae5e7Schristos X509_ATTRIBUTE *attr); 946*66bae5e7SchristosSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) 947*66bae5e7Schristos **x, const ASN1_OBJECT *obj, 948*66bae5e7Schristos int type, 949*66bae5e7Schristos const unsigned char *bytes, 950*66bae5e7Schristos int len); 951*66bae5e7SchristosSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) 952*66bae5e7Schristos **x, int nid, int type, 953*66bae5e7Schristos const unsigned char *bytes, 954*66bae5e7Schristos int len); 955*66bae5e7SchristosSTACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) 956*66bae5e7Schristos **x, const char *attrname, 957*66bae5e7Schristos int type, 958*66bae5e7Schristos const unsigned char *bytes, 959*66bae5e7Schristos int len); 960*66bae5e7Schristosvoid *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x, 961*66bae5e7Schristos const ASN1_OBJECT *obj, int lastpos, int type); 962*66bae5e7SchristosX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, 963*66bae5e7Schristos int atrtype, const void *data, 964*66bae5e7Schristos int len); 965*66bae5e7SchristosX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, 966*66bae5e7Schristos const ASN1_OBJECT *obj, 967*66bae5e7Schristos int atrtype, const void *data, 968*66bae5e7Schristos int len); 969*66bae5e7SchristosX509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, 970*66bae5e7Schristos const char *atrname, int type, 971*66bae5e7Schristos const unsigned char *bytes, 972*66bae5e7Schristos int len); 973*66bae5e7Schristosint X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); 974*66bae5e7Schristosint X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, 975*66bae5e7Schristos const void *data, int len); 976*66bae5e7Schristosvoid *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, 977*66bae5e7Schristos void *data); 978*66bae5e7Schristosint X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr); 979*66bae5e7SchristosASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); 980*66bae5e7SchristosASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); 981*66bae5e7Schristos 982*66bae5e7Schristosint EVP_PKEY_get_attr_count(const EVP_PKEY *key); 983*66bae5e7Schristosint EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos); 984*66bae5e7Schristosint EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, const ASN1_OBJECT *obj, 985*66bae5e7Schristos int lastpos); 986*66bae5e7SchristosX509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc); 987*66bae5e7SchristosX509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc); 988*66bae5e7Schristosint EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr); 989*66bae5e7Schristosint EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, 990*66bae5e7Schristos const ASN1_OBJECT *obj, int type, 991*66bae5e7Schristos const unsigned char *bytes, int len); 992*66bae5e7Schristosint EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, 993*66bae5e7Schristos int nid, int type, 994*66bae5e7Schristos const unsigned char *bytes, int len); 995*66bae5e7Schristosint EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, 996*66bae5e7Schristos const char *attrname, int type, 997*66bae5e7Schristos const unsigned char *bytes, int len); 998*66bae5e7Schristos 999*66bae5e7Schristos/* lookup a cert from a X509 STACK */ 1000*66bae5e7SchristosX509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, const X509_NAME *name, 1001*66bae5e7Schristos const ASN1_INTEGER *serial); 1002*66bae5e7SchristosX509 *X509_find_by_subject(STACK_OF(X509) *sk, const X509_NAME *name); 1003*66bae5e7Schristos 1004*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(PBEPARAM) 1005*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(PBE2PARAM) 1006*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(PBKDF2PARAM) 1007*66bae5e7Schristos#ifndef OPENSSL_NO_SCRYPT 1008*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(SCRYPT_PARAMS) 1009*66bae5e7Schristos#endif 1010*66bae5e7Schristos 1011*66bae5e7Schristosint PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, 1012*66bae5e7Schristos const unsigned char *salt, int saltlen); 1013*66bae5e7Schristosint PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter, 1014*66bae5e7Schristos const unsigned char *salt, int saltlen, 1015*66bae5e7Schristos OSSL_LIB_CTX *libctx); 1016*66bae5e7Schristos 1017*66bae5e7SchristosX509_ALGOR *PKCS5_pbe_set(int alg, int iter, 1018*66bae5e7Schristos const unsigned char *salt, int saltlen); 1019*66bae5e7SchristosX509_ALGOR *PKCS5_pbe_set_ex(int alg, int iter, 1020*66bae5e7Schristos const unsigned char *salt, int saltlen, 1021*66bae5e7Schristos OSSL_LIB_CTX *libctx); 1022*66bae5e7Schristos 1023*66bae5e7SchristosX509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, 1024*66bae5e7Schristos unsigned char *salt, int saltlen); 1025*66bae5e7SchristosX509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, 1026*66bae5e7Schristos unsigned char *salt, int saltlen, 1027*66bae5e7Schristos unsigned char *aiv, int prf_nid); 1028*66bae5e7SchristosX509_ALGOR *PKCS5_pbe2_set_iv_ex(const EVP_CIPHER *cipher, int iter, 1029*66bae5e7Schristos unsigned char *salt, int saltlen, 1030*66bae5e7Schristos unsigned char *aiv, int prf_nid, 1031*66bae5e7Schristos OSSL_LIB_CTX *libctx); 1032*66bae5e7Schristos 1033*66bae5e7Schristos#ifndef OPENSSL_NO_SCRYPT 1034*66bae5e7SchristosX509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher, 1035*66bae5e7Schristos const unsigned char *salt, int saltlen, 1036*66bae5e7Schristos unsigned char *aiv, uint64_t N, uint64_t r, 1037*66bae5e7Schristos uint64_t p); 1038*66bae5e7Schristos#endif 1039*66bae5e7Schristos 1040*66bae5e7SchristosX509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, 1041*66bae5e7Schristos int prf_nid, int keylen); 1042*66bae5e7SchristosX509_ALGOR *PKCS5_pbkdf2_set_ex(int iter, unsigned char *salt, int saltlen, 1043*66bae5e7Schristos int prf_nid, int keylen, 1044*66bae5e7Schristos OSSL_LIB_CTX *libctx); 1045*66bae5e7Schristos 1046*66bae5e7Schristos/* PKCS#8 utilities */ 1047*66bae5e7Schristos 1048*66bae5e7SchristosDECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) 1049*66bae5e7Schristos 1050*66bae5e7SchristosEVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8); 1051*66bae5e7SchristosEVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OSSL_LIB_CTX *libctx, 1052*66bae5e7Schristos const char *propq); 1053*66bae5e7SchristosPKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey); 1054*66bae5e7Schristos 1055*66bae5e7Schristosint PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, 1056*66bae5e7Schristos int version, int ptype, void *pval, 1057*66bae5e7Schristos unsigned char *penc, int penclen); 1058*66bae5e7Schristosint PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg, 1059*66bae5e7Schristos const unsigned char **pk, int *ppklen, 1060*66bae5e7Schristos const X509_ALGOR **pa, const PKCS8_PRIV_KEY_INFO *p8); 1061*66bae5e7Schristos 1062*66bae5e7Schristosconst STACK_OF(X509_ATTRIBUTE) * 1063*66bae5e7SchristosPKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8); 1064*66bae5e7Schristosint PKCS8_pkey_add1_attr(PKCS8_PRIV_KEY_INFO *p8, X509_ATTRIBUTE *attr); 1065*66bae5e7Schristosint PKCS8_pkey_add1_attr_by_NID(PKCS8_PRIV_KEY_INFO *p8, int nid, int type, 1066*66bae5e7Schristos const unsigned char *bytes, int len); 1067*66bae5e7Schristosint PKCS8_pkey_add1_attr_by_OBJ(PKCS8_PRIV_KEY_INFO *p8, const ASN1_OBJECT *obj, 1068*66bae5e7Schristos int type, const unsigned char *bytes, int len); 1069*66bae5e7Schristos 1070*66bae5e7Schristos 1071*66bae5e7Schristosint X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, 1072*66bae5e7Schristos int ptype, void *pval, 1073*66bae5e7Schristos unsigned char *penc, int penclen); 1074*66bae5e7Schristosint X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, 1075*66bae5e7Schristos const unsigned char **pk, int *ppklen, 1076*66bae5e7Schristos X509_ALGOR **pa, const X509_PUBKEY *pub); 1077*66bae5e7Schristosint X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b); 1078*66bae5e7Schristos 1079*66bae5e7Schristos# ifdef __cplusplus 1080*66bae5e7Schristos} 1081*66bae5e7Schristos# endif 1082*66bae5e7Schristos#endif 1083