Add functionality needed to process proxy certificates.

[openssl.git] / crypto / x509v3 / x509v3.h

diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 4ade7cf6ec6035b0c8019f5da7acc3b5724847b8..c1662e2acdd13a963d1611b7a376ae717fe96ce0 100644 (file)
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -313,6 +313,23 @@ typedef struct POLICY_CONSTRAINTS_st {
        ASN1_INTEGER *inhibitPolicyMapping;
 } POLICY_CONSTRAINTS;
 
+/* Proxy certificate structures, see RFC 3820 */
+typedef struct PROXY_POLICY_st
+       {
+       ASN1_OBJECT *policyLanguage;
+       ASN1_OCTET_STRING *policy;
+       } PROXY_POLICY;
+
+typedef struct PROXY_CERT_INFO_EXTENSION_st
+       {
+       ASN1_INTEGER *pcPathLengthConstraint;
+       PROXY_POLICY *proxyPolicy;
+       } PROXY_CERT_INFO_EXTENSION;
+
+DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
+DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
+
+
 #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
 ",name:", val->name, ",value:", val->value);
 
@@ -351,6 +368,7 @@ typedef struct POLICY_CONSTRAINTS_st {
 #define EXFLAG_INVALID         0x80
 #define EXFLAG_SET             0x100
 #define EXFLAG_CRITICAL                0x200
+#define EXFLAG_PROXY           0x400
 
 #define EXFLAG_INVALID_POLICY  0x400
 
@@ -631,6 +649,7 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_F_NREF_NOS                               133
 #define X509V3_F_POLICY_SECTION                                 131
 #define X509V3_F_R2I_CERTPOL                            130
+#define X509V3_F_R2I_PCI                                149
 #define X509V3_F_S2I_ASN1_IA5STRING                     100
 #define X509V3_F_S2I_ASN1_INTEGER                       108
 #define X509V3_F_S2I_ASN1_OCTET_STRING                  112
@@ -685,6 +704,7 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_EXTENSION_VALUE_ERROR                  116
 #define X509V3_R_ILLEGAL_EMPTY_EXTENSION                151
 #define X509V3_R_ILLEGAL_HEX_DIGIT                      113
+#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG            152
 #define X509V3_R_INVALID_BOOLEAN_STRING                         104
 #define X509V3_R_INVALID_EXTENSION_STRING               105
 #define X509V3_R_INVALID_NAME                           106
@@ -696,6 +716,7 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_INVALID_OBJECT_IDENTIFIER              110
 #define X509V3_R_INVALID_OPTION                                 138
 #define X509V3_R_INVALID_POLICY_IDENTIFIER              134
+#define X509V3_R_INVALID_PROXY_POLICY_SETTING           153
 #define X509V3_R_INVALID_PURPOSE                        146
 #define X509V3_R_INVALID_SECTION                        135
 #define X509V3_R_INVALID_SYNTAX                                 143
@@ -706,11 +727,16 @@ void ERR_load_X509V3_strings(void);
 #define X509V3_R_NO_ISSUER_CERTIFICATE                  121
 #define X509V3_R_NO_ISSUER_DETAILS                      127
 #define X509V3_R_NO_POLICY_IDENTIFIER                   139
+#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED  154
 #define X509V3_R_NO_PUBLIC_KEY                          114
 #define X509V3_R_NO_SUBJECT_DETAILS                     125
 #define X509V3_R_ODD_NUMBER_OF_DIGITS                   112
 #define X509V3_R_OPERATION_NOT_DEFINED                  148
 #define X509V3_R_OTHERNAME_ERROR                        147
+#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED       155
+#define X509V3_R_POLICY_PATH_LENGTH                     156
+#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED    157
+#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED  158
 #define X509V3_R_SECTION_NOT_FOUND                      150
 #define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS           122
 #define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID             123