#define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
#define EXT_BITSTRING(nid, table) { nid, 0, \
- (X509V3_EXT_NEW)asn1_bit_string_new, \
- (X509V3_EXT_FREE)ASN1_STRING_free, \
+ (X509V3_EXT_NEW)ASN1_BIT_STRING_new, \
+ (X509V3_EXT_FREE)ASN1_BIT_STRING_free, \
(X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
(X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
NULL, NULL, \
(char *)table}
#define EXT_IA5STRING(nid) { nid, 0, \
- (X509V3_EXT_NEW)ia5string_new, \
- (X509V3_EXT_FREE)ASN1_STRING_free, \
+ (X509V3_EXT_NEW)ASN1_IA5STRING_new, \
+ (X509V3_EXT_FREE)ASN1_IA5STRING_free, \
(X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
(X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
(X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
NULL, NULL, NULL, NULL, \
NULL}
+
+/* X509_PURPOSE stuff */
+
+#define EXFLAG_BCONS 0x1
+#define EXFLAG_KUSAGE 0x2
+#define EXFLAG_XKUSAGE 0x4
+#define EXFLAG_NSCERT 0x8
+
+#define EXFLAG_CA 0x10
+#define EXFLAG_SS 0x20
+#define EXFLAG_V1 0x40
+#define EXFLAG_INVALID 0x80
+#define EXFLAG_SET 0x100
+
+#define KU_DIGITAL_SIGNATURE 0x0080
+#define KU_NON_REPUDIATION 0x0040
+#define KU_KEY_ENCIPHERMENT 0x0020
+#define KU_DATA_ENCIPHERMENT 0x0010
+#define KU_KEY_AGREEMENT 0x0008
+#define KU_KEY_CERT_SIGN 0x0004
+#define KU_CRL_SIGN 0x0002
+#define KU_ENCIPHER_ONLY 0x0001
+#define KU_DECIPHER_ONLY 0x8000
+
+#define NS_SSL_CLIENT 0x80
+#define NS_SSL_SERVER 0x40
+#define NS_SMIME 0x20
+#define NS_OBJSIGN 0x10
+#define NS_SSL_CA 0x04
+#define NS_SMIME_CA 0x02
+#define NS_OBJSIGN_CA 0x01
+
+#define XKU_SSL_SERVER 0x1
+#define XKU_SSL_CLIENT 0x2
+#define XKU_SMIME 0x4
+#define XKU_CODE_SIGN 0x8
+#define XKU_SGC 0x10
+
+#define X509_PURPOSE_DYNAMIC 0x1
+#define X509_PURPOSE_DYNAMIC_NAME 0x2
+
+typedef struct x509_purpose_st {
+ int purpose_id;
+ int purpose_flags;
+ int (*check_purpose)(struct x509_purpose_st *, X509 *, int);
+ char *purpose_name;
+ /* void *usr_data; */ /* if we enable this it needs a free function */
+} X509_PURPOSE;
+
+DECLARE_STACK_OF(X509_PURPOSE)
+
+
+
+
void ERR_load_X509V3_strings(void);
int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp);
BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length);
int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
+int X509_check_purpose(X509 *x, int id, int ca);
+int X509_PURPOSE_add(X509_PURPOSE *xp);
+void X509_PURPOSE_cleanup(void);
+void X509_PURPOSE_add_standard(void);
+int X509_PURPOSE_enum(int (*efunc)(X509_PURPOSE *, void *), void *usr);
+int X509_PURPOSE_get_id(X509_PURPOSE *);
+char * X509_PURPOSE_get_name(X509_PURPOSE *);
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
#define X509V3_F_X509V3_EXT_I2D 136
#define X509V3_F_X509V3_GET_VALUE_BOOL 110
#define X509V3_F_X509V3_PARSE_LIST 109
+#define X509V3_F_X509_PURPOSE_ADD 137
/* Reason codes. */
#define X509V3_R_BAD_IP_ADDRESS 118