X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fx509v3%2Fx509v3.h;h=82c5ca78caa41cb74914ac0484664db7a78ab850;hp=f80dc74682c585e999a7ea1321ceed7c880a7363;hb=a716d727347d6cd81534327901b509c6f5763f83;hpb=397f703892d66df668d2a7192d89227dcd0ffad4

diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index f80dc74682..82c5ca78ca 100644
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -64,6 +64,7 @@ extern "C" {
 
 #include <openssl/bio.h>
 #include <openssl/x509.h>
+#include <openssl/conf.h>
 
 /* Forward reference */
 struct v3_ext_method;
@@ -71,16 +72,16 @@ struct v3_ext_ctx;
 
 /* Useful typedefs */
 
-typedef char * (*X509V3_EXT_NEW)();
-typedef void (*X509V3_EXT_FREE)();
-typedef char * (*X509V3_EXT_D2I)();
-typedef int (*X509V3_EXT_I2D)();
-typedef STACK * (*X509V3_EXT_I2V)(struct v3_ext_method *method, char *ext, STACK *extlist);
-typedef char * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK *values);
-typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, char *ext);
-typedef char * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, char *ext, BIO *out, int indent);
-typedef char * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
+typedef void * (*X509V3_EXT_NEW)(void);
+typedef void (*X509V3_EXT_FREE)(void *);
+typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long);
+typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
+typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist);
+typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values);
+typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
+typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
+typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent);
+typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
 
 /* V3 extension structure */
 
@@ -109,9 +110,9 @@ void *usr_data;	/* Any extension specific data */
 
 typedef struct X509V3_CONF_METHOD_st {
 char * (*get_string)(void *db, char *section, char *value);
-STACK * (*get_section)(void *db, char *section);
+STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
 void (*free_string)(void *db, char * string);
-void (*free_section)(void *db, STACK *section);
+void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
 } X509V3_CONF_METHOD;
 
 /* Context specific info */
@@ -135,12 +136,6 @@ typedef struct v3_ext_ctx X509V3_CTX;
 #define X509V3_EXT_CTX_DEP	0x2
 #define X509V3_EXT_MULTILINE	0x4
 
-typedef struct BIT_STRING_BITNAME_st {
-int bitnum;
-const char *lname;
-const char *sname;
-} BIT_STRING_BITNAME;
-
 typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
 
 typedef struct BASIC_CONSTRAINTS_st {
@@ -154,6 +149,11 @@ ASN1_GENERALIZEDTIME *notBefore;
 ASN1_GENERALIZEDTIME *notAfter;
 } PKEY_USAGE_PERIOD;
 
+typedef struct otherName_st {
+ASN1_OBJECT *type_id;
+ASN1_TYPE *value;
+} OTHERNAME;
+
 typedef struct GENERAL_NAME_st {
 
 #define GEN_OTHERNAME	(0|V_ASN1_CONTEXT_SPECIFIC)
@@ -173,7 +173,8 @@ union {
 	ASN1_OCTET_STRING *ip; /* iPAddress */
 	X509_NAME *dirn;		/* dirn */
 	ASN1_OBJECT *rid; /* registeredID */
-	ASN1_TYPE *other; /* otherName, ediPartyName, x400Address */
+	OTHERNAME *otherName; /* otherName */
+	ASN1_TYPE *other; /* ediPartyName, x400Address */
 } d;
 } GENERAL_NAME;
 
@@ -254,9 +255,10 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
 #define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
 
 #define EXT_BITSTRING(nid, table) { nid, 0, \
-			(X509V3_EXT_NEW)asn1_bit_string_new, ASN1_STRING_free, \
+			(X509V3_EXT_NEW)ASN1_BIT_STRING_new, \
+			(X509V3_EXT_FREE)ASN1_BIT_STRING_free, \
 			(X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
-			i2d_ASN1_BIT_STRING, \
+			(X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
 			NULL, NULL, \
 			(X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
 			(X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
@@ -264,9 +266,10 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
 			(char *)table}
 
 #define EXT_IA5STRING(nid) { nid, 0, \
-			(X509V3_EXT_NEW)ia5string_new, ASN1_STRING_free, \
+			(X509V3_EXT_NEW)ASN1_IA5STRING_new, \
+			(X509V3_EXT_FREE)ASN1_IA5STRING_free, \
 			(X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
-			i2d_ASN1_IA5STRING, \
+			(X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
 			(X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
 			(X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
 			NULL, NULL, NULL, NULL, \
@@ -276,6 +279,60 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
 			 NULL, NULL, NULL, NULL, \
 			 NULL}
 
+
+/* X509_PURPOSE stuff */
+
+#define EXFLAG_BCONS		0x1
+#define EXFLAG_KUSAGE		0x2
+#define EXFLAG_XKUSAGE		0x4
+#define EXFLAG_NSCERT		0x8
+
+#define EXFLAG_CA		0x10
+#define EXFLAG_SS		0x20
+#define EXFLAG_V1		0x40
+#define EXFLAG_INVALID		0x80
+#define EXFLAG_SET		0x100
+
+#define KU_DIGITAL_SIGNATURE	0x0080
+#define KU_NON_REPUDIATION	0x0040
+#define KU_KEY_ENCIPHERMENT	0x0020
+#define KU_DATA_ENCIPHERMENT	0x0010
+#define KU_KEY_AGREEMENT	0x0008
+#define KU_KEY_CERT_SIGN	0x0004
+#define KU_CRL_SIGN		0x0002
+#define KU_ENCIPHER_ONLY	0x0001
+#define KU_DECIPHER_ONLY	0x8000
+
+#define NS_SSL_CLIENT		0x80
+#define NS_SSL_SERVER		0x40
+#define NS_SMIME		0x20
+#define NS_OBJSIGN		0x10
+#define NS_SSL_CA		0x04
+#define NS_SMIME_CA		0x02
+#define NS_OBJSIGN_CA		0x01
+
+#define XKU_SSL_SERVER		0x1	
+#define XKU_SSL_CLIENT		0x2
+#define XKU_SMIME		0x4
+#define XKU_CODE_SIGN		0x8
+#define XKU_SGC			0x10
+
+#define X509_PURPOSE_DYNAMIC	0x1
+#define X509_PURPOSE_DYNAMIC_NAME	0x2
+
+typedef struct x509_purpose_st {
+	int purpose_id;
+	int purpose_flags;
+	int (*check_purpose)(struct x509_purpose_st *, X509 *, int);
+	char *purpose_name;
+	/* void *usr_data; */ /* if we enable this it needs a free function */
+} X509_PURPOSE;
+
+DECLARE_STACK_OF(X509_PURPOSE)
+
+
+
+
 void ERR_load_X509V3_strings(void);
 int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp);
 BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length);
@@ -286,7 +343,7 @@ int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp);
 GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, long length);
 GENERAL_NAME *GENERAL_NAME_new(void);
 void GENERAL_NAME_free(GENERAL_NAME *a);
-STACK *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK *ret);
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
 
 int i2d_SXNET(SXNET *a, unsigned char **pp);
 SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length);
@@ -320,16 +377,24 @@ STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new(void);
 void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a);
 STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, unsigned char **pp, long length);
 int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp);
-STACK *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, STACK_OF(GENERAL_NAME) *gen, STACK *extlist);
-STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+		STACK_OF(GENERAL_NAME) *gen, STACK_OF(CONF_VALUE) *extlist);
+STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+
+int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp);
+OTHERNAME *OTHERNAME_new(void);
+OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length);
+void OTHERNAME_free(OTHERNAME *a);
 
 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
 ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
 
-int i2d_ext_ku(STACK *a, unsigned char **pp);
-STACK *d2i_ext_ku(STACK **a, unsigned char **pp, long length);
-void ext_ku_free(STACK *a);
-STACK *ext_ku_new(void);
+int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp);
+STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
+					unsigned char **pp, long length);
+void ext_ku_free(STACK_OF(ASN1_OBJECT) *a);
+STACK_OF(ASN1_OBJECT) *ext_ku_new(void);
 
 int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp);
 STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void);
@@ -380,25 +445,30 @@ void X509V3_conf_free(CONF_VALUE *val);
 X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value);
 X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
 int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
+int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
 int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
-int X509V3_add_value_bool_nf(char *name, int asn1_bool, STACK **extlist);
+int X509V3_add_value_bool_nf(char *name, int asn1_bool,
+						STACK_OF(CONF_VALUE) **extlist);
 int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
 int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
 void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
 #endif
 
 char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
-STACK * X509V3_get_section(X509V3_CTX *ctx, char *section);
+STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
 void X509V3_string_free(X509V3_CTX *ctx, char *str);
-void X509V3_section_free( X509V3_CTX *ctx, STACK *section);
+void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
 void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
 				 X509_REQ *req, X509_CRL *crl, int flags);
 
-int X509V3_add_value(const char *name, const char *value, STACK **extlist);
+int X509V3_add_value(const char *name, const char *value,
+						STACK_OF(CONF_VALUE) **extlist);
 int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-			   STACK **extlist);
-int X509V3_add_value_bool(const char *name, int asn1_bool, STACK **extlist);
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, STACK **extlist);
+						STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_bool(const char *name, int asn1_bool,
+						STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+						STACK_OF(CONF_VALUE) **extlist);
 char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
 ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
 char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
@@ -411,18 +481,32 @@ void X509V3_EXT_cleanup(void);
 X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
 X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
 int X509V3_add_standard_extensions(void);
-STACK *X509V3_parse_list(char *line);
+STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line);
 void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
+void *X509V3_X509_get_d2i(X509 *x, int nid, int *crit, int *idx);
+void *X509V3_CRL_get_d2i(X509_CRL *x, int nid, int *crit, int *idx);
+void *X509V3_REVOKED_get_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
+
 X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
 
 char *hex_to_string(unsigned char *buffer, long len);
 unsigned char *string_to_hex(char *str, long *len);
 int name_cmp(const char *name, const char *cmp);
 
-void X509V3_EXT_val_prn(BIO *out, STACK *val, int indent, int ml);
+void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
+								 int ml);
 int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
 int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 
+int X509_check_purpose(X509 *x, int id, int ca);
+int X509_PURPOSE_add(X509_PURPOSE *xp);
+void X509_PURPOSE_cleanup(void);
+void X509_PURPOSE_add_standard(void);
+int X509_PURPOSE_enum(int (*efunc)(X509_PURPOSE *, void *), void *usr);
+int X509_PURPOSE_get_id(X509_PURPOSE *);
+char * X509_PURPOSE_get_name(X509_PURPOSE *);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -468,6 +552,7 @@ int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 #define X509V3_F_X509V3_EXT_I2D				 136
 #define X509V3_F_X509V3_GET_VALUE_BOOL			 110
 #define X509V3_F_X509V3_PARSE_LIST			 109
+#define X509V3_F_X509_PURPOSE_ADD			 137
 
 /* Reason codes. */
 #define X509V3_R_BAD_IP_ADDRESS				 118