* project 1999.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
ASN1_INTEGER *inhibitPolicyMapping;
} POLICY_CONSTRAINTS;
+/* Proxy certificate structures, see RFC 3820 */
+typedef struct PROXY_POLICY_st
+ {
+ ASN1_OBJECT *policyLanguage;
+ ASN1_OCTET_STRING *policy;
+ } PROXY_POLICY;
+
+typedef struct PROXY_CERT_INFO_EXTENSION_st
+ {
+ ASN1_INTEGER *pcPathLengthConstraint;
+ PROXY_POLICY *proxyPolicy;
+ } PROXY_CERT_INFO_EXTENSION;
+
+DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
+DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
+
+typedef struct ISSUING_DIST_POINT_st
+ {
+ DIST_POINT_NAME *distpoint;
+ int onlyuser;
+ int onlyCA;
+ ASN1_BIT_STRING *onlysomereasons;
+ int indirectCRL;
+ int onlyattr;
+ } ISSUING_DIST_POINT;
+
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
",name:", val->name, ",value:", val->value);
#define EXFLAG_INVALID 0x80
#define EXFLAG_SET 0x100
#define EXFLAG_CRITICAL 0x200
+#define EXFLAG_PROXY 0x400
#define EXFLAG_INVALID_POLICY 0x400
DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
DECLARE_ASN1_FUNCTIONS(DIST_POINT)
DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
int X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent);
+int X509_check_ca(X509 *x);
int X509_check_purpose(X509 *x, int id, int ca);
int X509_supported_extension(X509_EXTENSION *ex);
int X509_PURPOSE_set(int *p, int purpose);
int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
unsigned long chtype);
+void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
#define X509V3_F_DO_DIRNAME 144
#define X509V3_F_DO_EXT_CONF 124
#define X509V3_F_DO_EXT_I2D 135
+#define X509V3_F_DO_EXT_NCONF 151
#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
+#define X509V3_F_GNAMES_FROM_SECTNAME 156
#define X509V3_F_HEX_TO_STRING 111
#define X509V3_F_I2S_ASN1_ENUMERATED 121
+#define X509V3_F_I2S_ASN1_IA5STRING 149
#define X509V3_F_I2S_ASN1_INTEGER 120
#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
#define X509V3_F_NOTICE_SECTION 132
#define X509V3_F_NREF_NOS 133
#define X509V3_F_POLICY_SECTION 131
+#define X509V3_F_PROCESS_PCI_VALUE 150
#define X509V3_F_R2I_CERTPOL 130
+#define X509V3_F_R2I_PCI 149
#define X509V3_F_S2I_ASN1_IA5STRING 100
#define X509V3_F_S2I_ASN1_INTEGER 108
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
#define X509V3_F_S2I_ASN1_SKEY_ID 114
-#define X509V3_F_S2I_S2I_SKEY_ID 115
+#define X509V3_F_S2I_SKEY_ID 115
+#define X509V3_F_SET_DIST_POINT_NAME 155
#define X509V3_F_STRING_TO_HEX 113
-#define X509V3_F_SXNET_ADD_ASC 125
+#define X509V3_F_SXNET_ADD_ID_ASC 125
#define X509V3_F_SXNET_ADD_ID_INTEGER 126
#define X509V3_F_SXNET_ADD_ID_ULONG 127
#define X509V3_F_SXNET_GET_ID_ASC 128
#define X509V3_F_SXNET_GET_ID_ULONG 129
-#define X509V3_F_V2I_ACCESS_DESCRIPTION 139
#define X509V3_F_V2I_ASN1_BIT_STRING 101
+#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139
#define X509V3_F_V2I_AUTHORITY_KEYID 119
#define X509V3_F_V2I_BASIC_CONSTRAINTS 102
#define X509V3_F_V2I_CRLD 134
-#define X509V3_F_V2I_EXT_KU 103
-#define X509V3_F_V2I_GENERAL_NAME 117
+#define X509V3_F_V2I_EXTENDED_KEY_USAGE 103
#define X509V3_F_V2I_GENERAL_NAMES 118
+#define X509V3_F_V2I_GENERAL_NAME_EX 117
+#define X509V3_F_V2I_IDP 157
+#define X509V3_F_V2I_ISSUER_ALT 153
#define X509V3_F_V2I_NAME_CONSTRAINTS 147
#define X509V3_F_V2I_POLICY_CONSTRAINTS 146
#define X509V3_F_V2I_POLICY_MAPPINGS 145
+#define X509V3_F_V2I_SUBJECT_ALT 154
#define X509V3_F_V3_GENERIC_EXTENSION 116
-#define X509V3_F_X509V3_ADD_I2D 140
+#define X509V3_F_X509V3_ADD1_I2D 140
#define X509V3_F_X509V3_ADD_VALUE 105
#define X509V3_F_X509V3_EXT_ADD 104
#define X509V3_F_X509V3_EXT_ADD_ALIAS 106
#define X509V3_F_X509V3_EXT_CONF 107
#define X509V3_F_X509V3_EXT_I2D 136
+#define X509V3_F_X509V3_EXT_NCONF 152
#define X509V3_F_X509V3_GET_SECTION 142
#define X509V3_F_X509V3_GET_STRING 143
#define X509V3_F_X509V3_GET_VALUE_BOOL 110
#define X509V3_R_BN_DEC2BN_ERROR 100
#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
#define X509V3_R_DIRNAME_ERROR 149
+#define X509V3_R_DISTPOINT_ALREADY_SET 160
#define X509V3_R_DUPLICATE_ZONE_ID 133
#define X509V3_R_ERROR_CONVERTING_ZONE 131
#define X509V3_R_ERROR_CREATING_EXTENSION 144
#define X509V3_R_EXTENSION_VALUE_ERROR 116
#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
#define X509V3_R_ILLEGAL_HEX_DIGIT 113
+#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
+#define X509V3_R_INVAID_MULTIPLE_RDNS 161
#define X509V3_R_INVALID_BOOLEAN_STRING 104
#define X509V3_R_INVALID_EXTENSION_STRING 105
#define X509V3_R_INVALID_NAME 106
#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
#define X509V3_R_INVALID_OPTION 138
#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
+#define X509V3_R_INVALID_PROXY_POLICY_SETTING 153
#define X509V3_R_INVALID_PURPOSE 146
#define X509V3_R_INVALID_SECTION 135
#define X509V3_R_INVALID_SYNTAX 143
#define X509V3_R_NO_ISSUER_CERTIFICATE 121
#define X509V3_R_NO_ISSUER_DETAILS 127
#define X509V3_R_NO_POLICY_IDENTIFIER 139
+#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154
#define X509V3_R_NO_PUBLIC_KEY 114
#define X509V3_R_NO_SUBJECT_DETAILS 125
#define X509V3_R_ODD_NUMBER_OF_DIGITS 112
#define X509V3_R_OPERATION_NOT_DEFINED 148
#define X509V3_R_OTHERNAME_ERROR 147
+#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155
+#define X509V3_R_POLICY_PATH_LENGTH 156
+#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157
+#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
+#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
#define X509V3_R_SECTION_NOT_FOUND 150
#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
projects / openssl.git / blobdiff