Improve support for running everything as a monolithic application.

[openssl.git] / crypto / x509v3 / x509v3.h

diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 229146ac7cb2b1412fbae8d0b2088b56ac5089fb..2e2756f72f48c680dfa877b86424d7f13ba0b81a 100644 (file)
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -255,8 +255,8 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
 #define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
 
 #define EXT_BITSTRING(nid, table) { nid, 0, \
-                       (X509V3_EXT_NEW)asn1_bit_string_new, \
-                       (X509V3_EXT_FREE)ASN1_STRING_free, \
+                       (X509V3_EXT_NEW)ASN1_BIT_STRING_new, \
+                       (X509V3_EXT_FREE)ASN1_BIT_STRING_free, \
                        (X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
                        (X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
                        NULL, NULL, \
@@ -266,8 +266,8 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
                        (char *)table}
 
 #define EXT_IA5STRING(nid) { nid, 0, \
-                       (X509V3_EXT_NEW)ia5string_new, \
-                       (X509V3_EXT_FREE)ASN1_STRING_free, \
+                       (X509V3_EXT_NEW)ASN1_IA5STRING_new, \
+                       (X509V3_EXT_FREE)ASN1_IA5STRING_free, \
                        (X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
                        (X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
                        (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
@@ -279,6 +279,60 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
                         NULL, NULL, NULL, NULL, \
                         NULL}
 
+
+/* X509_PURPOSE stuff */
+
+#define EXFLAG_BCONS           0x1
+#define EXFLAG_KUSAGE          0x2
+#define EXFLAG_XKUSAGE         0x4
+#define EXFLAG_NSCERT          0x8
+
+#define EXFLAG_CA              0x10
+#define EXFLAG_SS              0x20
+#define EXFLAG_V1              0x40
+#define EXFLAG_INVALID         0x80
+#define EXFLAG_SET             0x100
+
+#define KU_DIGITAL_SIGNATURE   0x0080
+#define KU_NON_REPUDIATION     0x0040
+#define KU_KEY_ENCIPHERMENT    0x0020
+#define KU_DATA_ENCIPHERMENT   0x0010
+#define KU_KEY_AGREEMENT       0x0008
+#define KU_KEY_CERT_SIGN       0x0004
+#define KU_CRL_SIGN            0x0002
+#define KU_ENCIPHER_ONLY       0x0001
+#define KU_DECIPHER_ONLY       0x8000
+
+#define NS_SSL_CLIENT          0x80
+#define NS_SSL_SERVER          0x40
+#define NS_SMIME               0x20
+#define NS_OBJSIGN             0x10
+#define NS_SSL_CA              0x04
+#define NS_SMIME_CA            0x02
+#define NS_OBJSIGN_CA          0x01
+
+#define XKU_SSL_SERVER         0x1     
+#define XKU_SSL_CLIENT         0x2
+#define XKU_SMIME              0x4
+#define XKU_CODE_SIGN          0x8
+#define XKU_SGC                        0x10
+
+#define X509_PURPOSE_DYNAMIC   0x1
+#define X509_PURPOSE_DYNAMIC_NAME      0x2
+
+typedef struct x509_purpose_st {
+       int purpose_id;
+       int purpose_flags;
+       int (*check_purpose)(struct x509_purpose_st *, X509 *, int);
+       char *purpose_name;
+       /* void *usr_data; */ /* if we enable this it needs a free function */
+} X509_PURPOSE;
+
+DECLARE_STACK_OF(X509_PURPOSE)
+
+
+
+
 void ERR_load_X509V3_strings(void);
 int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp);
 BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length);
@@ -440,6 +494,14 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
 int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
 int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 
+int X509_check_purpose(X509 *x, int id, int ca);
+int X509_PURPOSE_add(X509_PURPOSE *xp);
+void X509_PURPOSE_cleanup(void);
+void X509_PURPOSE_add_standard(void);
+int X509_PURPOSE_enum(int (*efunc)(X509_PURPOSE *, void *), void *usr);
+int X509_PURPOSE_get_id(X509_PURPOSE *);
+char * X509_PURPOSE_get_name(X509_PURPOSE *);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -485,6 +547,7 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 #define X509V3_F_X509V3_EXT_I2D                                 136
 #define X509V3_F_X509V3_GET_VALUE_BOOL                  110
 #define X509V3_F_X509V3_PARSE_LIST                      109
+#define X509V3_F_X509_PURPOSE_ADD                       137
 
 /* Reason codes. */
 #define X509V3_R_BAD_IP_ADDRESS                                 118