1/* 2 * {- join("\n * ", @autowarntext) -} 3 * 4 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. 5 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved 6 * 7 * Licensed under the Apache License 2.0 (the "License"). You may not use 8 * this file except in compliance with the License. You can obtain a copy 9 * in the file LICENSE in the source distribution or at 10 * https://www.openssl.org/source/license.html 11 */ 12 13{- 14use OpenSSL::stackhash qw(generate_stack_macros); 15-} 16 17#ifndef OPENSSL_X509_H 18# define OPENSSL_X509_H 19# pragma once 20 21# include <openssl/macros.h> 22# ifndef OPENSSL_NO_DEPRECATED_3_0 23# define HEADER_X509_H 24# endif 25 26# include <openssl/e_os2.h> 27# include <openssl/types.h> 28# include <openssl/symhacks.h> 29# include <openssl/buffer.h> 30# include <openssl/evp.h> 31# include <openssl/bio.h> 32# include <openssl/asn1.h> 33# include <openssl/safestack.h> 34# include <openssl/ec.h> 35 36# ifndef OPENSSL_NO_DEPRECATED_1_1_0 37# include <openssl/rsa.h> 38# include <openssl/dsa.h> 39# include <openssl/dh.h> 40# endif 41 42# include <openssl/sha.h> 43# include <openssl/x509err.h> 44 45#ifdef __cplusplus 46extern "C" { 47#endif 48 49/* Needed stacks for types defined in other headers */ 50{- 51 generate_stack_macros("X509_NAME") 52 .generate_stack_macros("X509") 53 .generate_stack_macros("X509_REVOKED") 54 .generate_stack_macros("X509_CRL"); 55-} 56 57/* Flags for X509_get_signature_info() */ 58/* Signature info is valid */ 59# define X509_SIG_INFO_VALID 0x1 60/* Signature is suitable for TLS use */ 61# define X509_SIG_INFO_TLS 0x2 62 63# define X509_FILETYPE_PEM 1 64# define X509_FILETYPE_ASN1 2 65# define X509_FILETYPE_DEFAULT 3 66 67# define X509v3_KU_DIGITAL_SIGNATURE 0x0080 68# define X509v3_KU_NON_REPUDIATION 0x0040 69# define X509v3_KU_KEY_ENCIPHERMENT 0x0020 70# define X509v3_KU_DATA_ENCIPHERMENT 0x0010 71# define X509v3_KU_KEY_AGREEMENT 0x0008 72# define X509v3_KU_KEY_CERT_SIGN 0x0004 73# define X509v3_KU_CRL_SIGN 0x0002 74# define X509v3_KU_ENCIPHER_ONLY 0x0001 75# define X509v3_KU_DECIPHER_ONLY 0x8000 76# define X509v3_KU_UNDEF 0xffff 77 78struct X509_algor_st { 79 ASN1_OBJECT *algorithm; 80 ASN1_TYPE *parameter; 81} /* X509_ALGOR */ ; 82 83typedef STACK_OF(X509_ALGOR) X509_ALGORS; 84 85typedef struct X509_val_st { 86 ASN1_TIME *notBefore; 87 ASN1_TIME *notAfter; 88} X509_VAL; 89 90typedef struct X509_sig_st X509_SIG; 91 92typedef struct X509_name_entry_st X509_NAME_ENTRY; 93 94{- 95 generate_stack_macros("X509_NAME_ENTRY"); 96-} 97 98# define X509_EX_V_NETSCAPE_HACK 0x8000 99# define X509_EX_V_INIT 0x0001 100typedef struct X509_extension_st X509_EXTENSION; 101{- 102 generate_stack_macros("X509_EXTENSION"); 103-} 104typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; 105typedef struct x509_attributes_st X509_ATTRIBUTE; 106{- 107 generate_stack_macros("X509_ATTRIBUTE"); 108-} 109typedef struct X509_req_info_st X509_REQ_INFO; 110typedef struct X509_req_st X509_REQ; 111typedef struct x509_cert_aux_st X509_CERT_AUX; 112typedef struct x509_cinf_st X509_CINF; 113 114/* Flags for X509_print_ex() */ 115 116# define X509_FLAG_COMPAT 0 117# define X509_FLAG_NO_HEADER 1L 118# define X509_FLAG_NO_VERSION (1L << 1) 119# define X509_FLAG_NO_SERIAL (1L << 2) 120# define X509_FLAG_NO_SIGNAME (1L << 3) 121# define X509_FLAG_NO_ISSUER (1L << 4) 122# define X509_FLAG_NO_VALIDITY (1L << 5) 123# define X509_FLAG_NO_SUBJECT (1L << 6) 124# define X509_FLAG_NO_PUBKEY (1L << 7) 125# define X509_FLAG_NO_EXTENSIONS (1L << 8) 126# define X509_FLAG_NO_SIGDUMP (1L << 9) 127# define X509_FLAG_NO_AUX (1L << 10) 128# define X509_FLAG_NO_ATTRIBUTES (1L << 11) 129# define X509_FLAG_NO_IDS (1L << 12) 130# define X509_FLAG_EXTENSIONS_ONLY_KID (1L << 13) 131 132/* Flags specific to X509_NAME_print_ex() */ 133 134/* The field separator information */ 135 136# define XN_FLAG_SEP_MASK (0xf << 16) 137 138# define XN_FLAG_COMPAT 0/* Traditional; use old X509_NAME_print */ 139# define XN_FLAG_SEP_COMMA_PLUS (1 << 16)/* RFC2253 ,+ */ 140# define XN_FLAG_SEP_CPLUS_SPC (2 << 16)/* ,+ spaced: more readable */ 141# define XN_FLAG_SEP_SPLUS_SPC (3 << 16)/* ;+ spaced */ 142# define XN_FLAG_SEP_MULTILINE (4 << 16)/* One line per field */ 143 144# define XN_FLAG_DN_REV (1 << 20)/* Reverse DN order */ 145 146/* How the field name is shown */ 147 148# define XN_FLAG_FN_MASK (0x3 << 21) 149 150# define XN_FLAG_FN_SN 0/* Object short name */ 151# define XN_FLAG_FN_LN (1 << 21)/* Object long name */ 152# define XN_FLAG_FN_OID (2 << 21)/* Always use OIDs */ 153# define XN_FLAG_FN_NONE (3 << 21)/* No field names */ 154 155# define XN_FLAG_SPC_EQ (1 << 23)/* Put spaces round '=' */ 156 157/* 158 * This determines if we dump fields we don't recognise: RFC2253 requires 159 * this. 160 */ 161 162# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) 163 164# define XN_FLAG_FN_ALIGN (1 << 25)/* Align field names to 20 165 * characters */ 166 167/* Complete set of RFC2253 flags */ 168 169# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ 170 XN_FLAG_SEP_COMMA_PLUS | \ 171 XN_FLAG_DN_REV | \ 172 XN_FLAG_FN_SN | \ 173 XN_FLAG_DUMP_UNKNOWN_FIELDS) 174 175/* readable oneline form */ 176 177# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ 178 ASN1_STRFLGS_ESC_QUOTE | \ 179 XN_FLAG_SEP_CPLUS_SPC | \ 180 XN_FLAG_SPC_EQ | \ 181 XN_FLAG_FN_SN) 182 183/* readable multiline form */ 184 185# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ 186 ASN1_STRFLGS_ESC_MSB | \ 187 XN_FLAG_SEP_MULTILINE | \ 188 XN_FLAG_SPC_EQ | \ 189 XN_FLAG_FN_LN | \ 190 XN_FLAG_FN_ALIGN) 191 192typedef struct X509_crl_info_st X509_CRL_INFO; 193 194typedef struct private_key_st { 195 int version; 196 /* The PKCS#8 data types */ 197 X509_ALGOR *enc_algor; 198 ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ 199 /* When decrypted, the following will not be NULL */ 200 EVP_PKEY *dec_pkey; 201 /* used to encrypt and decrypt */ 202 int key_length; 203 char *key_data; 204 int key_free; /* true if we should auto free key_data */ 205 /* expanded version of 'enc_algor' */ 206 EVP_CIPHER_INFO cipher; 207} X509_PKEY; 208 209typedef struct X509_info_st { 210 X509 *x509; 211 X509_CRL *crl; 212 X509_PKEY *x_pkey; 213 EVP_CIPHER_INFO enc_cipher; 214 int enc_len; 215 char *enc_data; 216} X509_INFO; 217{- 218 generate_stack_macros("X509_INFO"); 219-} 220 221/* 222 * The next 2 structures and their 8 routines are used to manipulate Netscape's 223 * spki structures - useful if you are writing a CA web page 224 */ 225typedef struct Netscape_spkac_st { 226 X509_PUBKEY *pubkey; 227 ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ 228} NETSCAPE_SPKAC; 229 230typedef struct Netscape_spki_st { 231 NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ 232 X509_ALGOR sig_algor; 233 ASN1_BIT_STRING *signature; 234} NETSCAPE_SPKI; 235 236/* Netscape certificate sequence structure */ 237typedef struct Netscape_certificate_sequence { 238 ASN1_OBJECT *type; 239 STACK_OF(X509) *certs; 240} NETSCAPE_CERT_SEQUENCE; 241 242/*- Unused (and iv length is wrong) 243typedef struct CBCParameter_st 244 { 245 unsigned char iv[8]; 246 } CBC_PARAM; 247*/ 248 249/* Password based encryption structure */ 250 251typedef struct PBEPARAM_st { 252 ASN1_OCTET_STRING *salt; 253 ASN1_INTEGER *iter; 254} PBEPARAM; 255 256/* Password based encryption V2 structures */ 257 258typedef struct PBE2PARAM_st { 259 X509_ALGOR *keyfunc; 260 X509_ALGOR *encryption; 261} PBE2PARAM; 262 263typedef struct PBKDF2PARAM_st { 264/* Usually OCTET STRING but could be anything */ 265 ASN1_TYPE *salt; 266 ASN1_INTEGER *iter; 267 ASN1_INTEGER *keylength; 268 X509_ALGOR *prf; 269} PBKDF2PARAM; 270 271#ifndef OPENSSL_NO_SCRYPT 272typedef struct SCRYPT_PARAMS_st { 273 ASN1_OCTET_STRING *salt; 274 ASN1_INTEGER *costParameter; 275 ASN1_INTEGER *blockSize; 276 ASN1_INTEGER *parallelizationParameter; 277 ASN1_INTEGER *keyLength; 278} SCRYPT_PARAMS; 279#endif 280 281#ifdef __cplusplus 282} 283#endif 284 285# include <openssl/x509_vfy.h> 286# include <openssl/pkcs7.h> 287 288#ifdef __cplusplus 289extern "C" { 290#endif 291 292# define X509_EXT_PACK_UNKNOWN 1 293# define X509_EXT_PACK_STRING 2 294 295# define X509_extract_key(x) X509_get_pubkey(x)/*****/ 296# define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) 297# define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) 298 299void X509_CRL_set_default_method(const X509_CRL_METHOD *meth); 300X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl), 301 int (*crl_free) (X509_CRL *crl), 302 int (*crl_lookup) (X509_CRL *crl, 303 X509_REVOKED **ret, 304 const 305 ASN1_INTEGER *serial, 306 const 307 X509_NAME *issuer), 308 int (*crl_verify) (X509_CRL *crl, 309 EVP_PKEY *pk)); 310void X509_CRL_METHOD_free(X509_CRL_METHOD *m); 311 312void X509_CRL_set_meth_data(X509_CRL *crl, void *dat); 313void *X509_CRL_get_meth_data(X509_CRL *crl); 314 315const char *X509_verify_cert_error_string(long n); 316 317int X509_verify(X509 *a, EVP_PKEY *r); 318int X509_self_signed(X509 *cert, int verify_signature); 319 320int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OSSL_LIB_CTX *libctx, 321 const char *propq); 322int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); 323int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); 324int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); 325 326NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len); 327char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); 328EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); 329int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); 330 331int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); 332 333int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent); 334int X509_signature_print(BIO *bp, const X509_ALGOR *alg, 335 const ASN1_STRING *sig); 336 337int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 338int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx); 339int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); 340int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx); 341int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); 342int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx); 343int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); 344 345int X509_pubkey_digest(const X509 *data, const EVP_MD *type, 346 unsigned char *md, unsigned int *len); 347int X509_digest(const X509 *data, const EVP_MD *type, 348 unsigned char *md, unsigned int *len); 349ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert, 350 EVP_MD **md_used, int *md_is_fallback); 351int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, 352 unsigned char *md, unsigned int *len); 353int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, 354 unsigned char *md, unsigned int *len); 355int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, 356 unsigned char *md, unsigned int *len); 357 358X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout); 359X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout); 360# ifndef OPENSSL_NO_DEPRECATED_3_0 361# include <openssl/http.h> /* OSSL_HTTP_REQ_CTX_nbio_d2i */ 362# define X509_http_nbio(rctx, pcert) \ 363 OSSL_HTTP_REQ_CTX_nbio_d2i(rctx, pcert, ASN1_ITEM_rptr(X509)) 364# define X509_CRL_http_nbio(rctx, pcrl) \ 365 OSSL_HTTP_REQ_CTX_nbio_d2i(rctx, pcrl, ASN1_ITEM_rptr(X509_CRL)) 366# endif 367 368# ifndef OPENSSL_NO_STDIO 369X509 *d2i_X509_fp(FILE *fp, X509 **x509); 370int i2d_X509_fp(FILE *fp, const X509 *x509); 371X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl); 372int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl); 373X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req); 374int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req); 375# ifndef OPENSSL_NO_DEPRECATED_3_0 376OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa); 377OSSL_DEPRECATEDIN_3_0 int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa); 378OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa); 379OSSL_DEPRECATEDIN_3_0 int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa); 380OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa); 381OSSL_DEPRECATEDIN_3_0 int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa); 382# endif 383# ifndef OPENSSL_NO_DEPRECATED_3_0 384# ifndef OPENSSL_NO_DSA 385OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); 386OSSL_DEPRECATEDIN_3_0 int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa); 387OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); 388OSSL_DEPRECATEDIN_3_0 int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa); 389# endif 390# endif 391# ifndef OPENSSL_NO_DEPRECATED_3_0 392# ifndef OPENSSL_NO_EC 393OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); 394OSSL_DEPRECATEDIN_3_0 int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey); 395OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); 396OSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey); 397# endif /* OPENSSL_NO_EC */ 398# endif /* OPENSSL_NO_DEPRECATED_3_0 */ 399X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8); 400int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8); 401X509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk); 402int i2d_X509_PUBKEY_fp(FILE *fp, const X509_PUBKEY *xpk); 403PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 404 PKCS8_PRIV_KEY_INFO **p8inf); 405int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf); 406int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key); 407int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey); 408EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, 409 const char *propq); 410EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); 411int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey); 412EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); 413# endif 414 415X509 *d2i_X509_bio(BIO *bp, X509 **x509); 416int i2d_X509_bio(BIO *bp, const X509 *x509); 417X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl); 418int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl); 419X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req); 420int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req); 421# ifndef OPENSSL_NO_DEPRECATED_3_0 422OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa); 423OSSL_DEPRECATEDIN_3_0 int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa); 424OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa); 425OSSL_DEPRECATEDIN_3_0 int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa); 426OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa); 427OSSL_DEPRECATEDIN_3_0 int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa); 428# endif 429# ifndef OPENSSL_NO_DEPRECATED_3_0 430# ifndef OPENSSL_NO_DSA 431OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); 432OSSL_DEPRECATEDIN_3_0 int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa); 433OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); 434OSSL_DEPRECATEDIN_3_0 int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa); 435# endif 436# endif 437 438# ifndef OPENSSL_NO_DEPRECATED_3_0 439# ifndef OPENSSL_NO_EC 440OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); 441OSSL_DEPRECATEDIN_3_0 int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *eckey); 442OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); 443OSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey); 444# endif /* OPENSSL_NO_EC */ 445# endif /* OPENSSL_NO_DEPRECATED_3_0 */ 446 447X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8); 448int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8); 449X509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk); 450int i2d_X509_PUBKEY_bio(BIO *bp, const X509_PUBKEY *xpk); 451PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 452 PKCS8_PRIV_KEY_INFO **p8inf); 453int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf); 454int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key); 455int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey); 456EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, 457 const char *propq); 458EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); 459int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey); 460EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); 461 462DECLARE_ASN1_DUP_FUNCTION(X509) 463DECLARE_ASN1_DUP_FUNCTION(X509_ALGOR) 464DECLARE_ASN1_DUP_FUNCTION(X509_ATTRIBUTE) 465DECLARE_ASN1_DUP_FUNCTION(X509_CRL) 466DECLARE_ASN1_DUP_FUNCTION(X509_EXTENSION) 467DECLARE_ASN1_DUP_FUNCTION(X509_PUBKEY) 468DECLARE_ASN1_DUP_FUNCTION(X509_REQ) 469DECLARE_ASN1_DUP_FUNCTION(X509_REVOKED) 470int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, 471 void *pval); 472void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, 473 const void **ppval, const X509_ALGOR *algor); 474void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); 475int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); 476int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src); 477 478DECLARE_ASN1_DUP_FUNCTION(X509_NAME) 479DECLARE_ASN1_DUP_FUNCTION(X509_NAME_ENTRY) 480 481int X509_cmp_time(const ASN1_TIME *s, time_t *t); 482int X509_cmp_current_time(const ASN1_TIME *s); 483int X509_cmp_timeframe(const X509_VERIFY_PARAM *vpm, 484 const ASN1_TIME *start, const ASN1_TIME *end); 485ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t); 486ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, 487 int offset_day, long offset_sec, time_t *t); 488ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj); 489 490const char *X509_get_default_cert_area(void); 491const char *X509_get_default_cert_dir(void); 492const char *X509_get_default_cert_file(void); 493const char *X509_get_default_cert_dir_env(void); 494const char *X509_get_default_cert_file_env(void); 495const char *X509_get_default_private_dir(void); 496 497X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); 498X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey); 499 500DECLARE_ASN1_FUNCTIONS(X509_ALGOR) 501DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS) 502DECLARE_ASN1_FUNCTIONS(X509_VAL) 503 504DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) 505 506X509_PUBKEY *X509_PUBKEY_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 507int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); 508EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key); 509EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key); 510int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain); 511long X509_get_pathlen(X509 *x); 512DECLARE_ASN1_ENCODE_FUNCTIONS_only(EVP_PKEY, PUBKEY) 513EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length, 514 OSSL_LIB_CTX *libctx, const char *propq); 515# ifndef OPENSSL_NO_DEPRECATED_3_0 516DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,RSA, RSA_PUBKEY) 517# endif 518# ifndef OPENSSL_NO_DEPRECATED_3_0 519# ifndef OPENSSL_NO_DSA 520DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,DSA, DSA_PUBKEY) 521# endif 522# endif 523# ifndef OPENSSL_NO_DEPRECATED_3_0 524# ifndef OPENSSL_NO_EC 525DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0, EC_KEY, EC_PUBKEY) 526# endif 527# endif 528 529DECLARE_ASN1_FUNCTIONS(X509_SIG) 530void X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **palg, 531 const ASN1_OCTET_STRING **pdigest); 532void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg, 533 ASN1_OCTET_STRING **pdigest); 534 535DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO) 536DECLARE_ASN1_FUNCTIONS(X509_REQ) 537X509_REQ *X509_REQ_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 538 539DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) 540X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); 541 542DECLARE_ASN1_FUNCTIONS(X509_EXTENSION) 543DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) 544 545DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) 546 547DECLARE_ASN1_FUNCTIONS(X509_NAME) 548 549int X509_NAME_set(X509_NAME **xn, const X509_NAME *name); 550 551DECLARE_ASN1_FUNCTIONS(X509_CINF) 552DECLARE_ASN1_FUNCTIONS(X509) 553X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 554DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) 555 556#define X509_get_ex_new_index(l, p, newf, dupf, freef) \ 557 CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, l, p, newf, dupf, freef) 558int X509_set_ex_data(X509 *r, int idx, void *arg); 559void *X509_get_ex_data(const X509 *r, int idx); 560DECLARE_ASN1_ENCODE_FUNCTIONS_only(X509,X509_AUX) 561 562int i2d_re_X509_tbs(X509 *x, unsigned char **pp); 563 564int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid, 565 int *secbits, uint32_t *flags); 566void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid, 567 int secbits, uint32_t flags); 568 569int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits, 570 uint32_t *flags); 571 572void X509_get0_signature(const ASN1_BIT_STRING **psig, 573 const X509_ALGOR **palg, const X509 *x); 574int X509_get_signature_nid(const X509 *x); 575 576void X509_set0_distinguishing_id(X509 *x, ASN1_OCTET_STRING *d_id); 577ASN1_OCTET_STRING *X509_get0_distinguishing_id(X509 *x); 578void X509_REQ_set0_distinguishing_id(X509_REQ *x, ASN1_OCTET_STRING *d_id); 579ASN1_OCTET_STRING *X509_REQ_get0_distinguishing_id(X509_REQ *x); 580 581int X509_alias_set1(X509 *x, const unsigned char *name, int len); 582int X509_keyid_set1(X509 *x, const unsigned char *id, int len); 583unsigned char *X509_alias_get0(X509 *x, int *len); 584unsigned char *X509_keyid_get0(X509 *x, int *len); 585 586DECLARE_ASN1_FUNCTIONS(X509_REVOKED) 587DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO) 588DECLARE_ASN1_FUNCTIONS(X509_CRL) 589X509_CRL *X509_CRL_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 590 591int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); 592int X509_CRL_get0_by_serial(X509_CRL *crl, 593 X509_REVOKED **ret, const ASN1_INTEGER *serial); 594int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x); 595 596X509_PKEY *X509_PKEY_new(void); 597void X509_PKEY_free(X509_PKEY *a); 598 599DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) 600DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) 601DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE) 602 603X509_INFO *X509_INFO_new(void); 604void X509_INFO_free(X509_INFO *a); 605char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size); 606 607#ifndef OPENSSL_NO_DEPRECATED_3_0 608OSSL_DEPRECATEDIN_3_0 609int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1, 610 ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey); 611OSSL_DEPRECATEDIN_3_0 612int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, 613 unsigned char *md, unsigned int *len); 614OSSL_DEPRECATEDIN_3_0 615int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, 616 ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, 617 const EVP_MD *type); 618#endif 619int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data, 620 unsigned char *md, unsigned int *len); 621int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg, 622 const ASN1_BIT_STRING *signature, const void *data, 623 EVP_PKEY *pkey); 624int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg, 625 const ASN1_BIT_STRING *signature, const void *data, 626 EVP_MD_CTX *ctx); 627int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, 628 ASN1_BIT_STRING *signature, const void *data, 629 EVP_PKEY *pkey, const EVP_MD *md); 630int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, 631 X509_ALGOR *algor2, ASN1_BIT_STRING *signature, 632 const void *data, EVP_MD_CTX *ctx); 633 634#define X509_VERSION_1 0 635#define X509_VERSION_2 1 636#define X509_VERSION_3 2 637 638long X509_get_version(const X509 *x); 639int X509_set_version(X509 *x, long version); 640int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); 641ASN1_INTEGER *X509_get_serialNumber(X509 *x); 642const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x); 643int X509_set_issuer_name(X509 *x, const X509_NAME *name); 644X509_NAME *X509_get_issuer_name(const X509 *a); 645int X509_set_subject_name(X509 *x, const X509_NAME *name); 646X509_NAME *X509_get_subject_name(const X509 *a); 647const ASN1_TIME * X509_get0_notBefore(const X509 *x); 648ASN1_TIME *X509_getm_notBefore(const X509 *x); 649int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm); 650const ASN1_TIME *X509_get0_notAfter(const X509 *x); 651ASN1_TIME *X509_getm_notAfter(const X509 *x); 652int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm); 653int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); 654int X509_up_ref(X509 *x); 655int X509_get_signature_type(const X509 *x); 656 657# ifndef OPENSSL_NO_DEPRECATED_1_1_0 658# define X509_get_notBefore X509_getm_notBefore 659# define X509_get_notAfter X509_getm_notAfter 660# define X509_set_notBefore X509_set1_notBefore 661# define X509_set_notAfter X509_set1_notAfter 662#endif 663 664 665/* 666 * This one is only used so that a binary form can output, as in 667 * i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &buf) 668 */ 669X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x); 670const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x); 671void X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **piuid, 672 const ASN1_BIT_STRING **psuid); 673const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x); 674 675EVP_PKEY *X509_get0_pubkey(const X509 *x); 676EVP_PKEY *X509_get_pubkey(X509 *x); 677ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x); 678 679#define X509_REQ_VERSION_1 0 680 681long X509_REQ_get_version(const X509_REQ *req); 682int X509_REQ_set_version(X509_REQ *x, long version); 683X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req); 684int X509_REQ_set_subject_name(X509_REQ *req, const X509_NAME *name); 685void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, 686 const X509_ALGOR **palg); 687void X509_REQ_set0_signature(X509_REQ *req, ASN1_BIT_STRING *psig); 688int X509_REQ_set1_signature_algo(X509_REQ *req, X509_ALGOR *palg); 689int X509_REQ_get_signature_nid(const X509_REQ *req); 690int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp); 691int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); 692EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req); 693EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req); 694X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *req); 695int X509_REQ_extension_nid(int nid); 696int *X509_REQ_get_extension_nids(void); 697void X509_REQ_set_extension_nids(int *nids); 698STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); 699int X509_REQ_add_extensions_nid(X509_REQ *req, 700 const STACK_OF(X509_EXTENSION) *exts, int nid); 701int X509_REQ_add_extensions(X509_REQ *req, const STACK_OF(X509_EXTENSION) *ext); 702int X509_REQ_get_attr_count(const X509_REQ *req); 703int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos); 704int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj, 705 int lastpos); 706X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); 707X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); 708int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); 709int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, 710 const ASN1_OBJECT *obj, int type, 711 const unsigned char *bytes, int len); 712int X509_REQ_add1_attr_by_NID(X509_REQ *req, 713 int nid, int type, 714 const unsigned char *bytes, int len); 715int X509_REQ_add1_attr_by_txt(X509_REQ *req, 716 const char *attrname, int type, 717 const unsigned char *bytes, int len); 718 719#define X509_CRL_VERSION_1 0 720#define X509_CRL_VERSION_2 1 721 722int X509_CRL_set_version(X509_CRL *x, long version); 723int X509_CRL_set_issuer_name(X509_CRL *x, const X509_NAME *name); 724int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); 725int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); 726int X509_CRL_sort(X509_CRL *crl); 727int X509_CRL_up_ref(X509_CRL *crl); 728 729# ifndef OPENSSL_NO_DEPRECATED_1_1_0 730# define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate 731# define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate 732#endif 733 734long X509_CRL_get_version(const X509_CRL *crl); 735const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl); 736const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl); 737#ifndef OPENSSL_NO_DEPRECATED_1_1_0 738OSSL_DEPRECATEDIN_1_1_0 ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl); 739OSSL_DEPRECATEDIN_1_1_0 ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl); 740#endif 741X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl); 742const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl); 743STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl); 744void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, 745 const X509_ALGOR **palg); 746int X509_CRL_get_signature_nid(const X509_CRL *crl); 747int i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp); 748 749const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *x); 750int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); 751const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *x); 752int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); 753const STACK_OF(X509_EXTENSION) * 754X509_REVOKED_get0_extensions(const X509_REVOKED *r); 755 756X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, 757 EVP_PKEY *skey, const EVP_MD *md, unsigned int flags); 758 759int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey); 760 761int X509_check_private_key(const X509 *x509, const EVP_PKEY *pkey); 762int X509_chain_check_suiteb(int *perror_depth, 763 X509 *x, STACK_OF(X509) *chain, 764 unsigned long flags); 765int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags); 766STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain); 767 768int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); 769unsigned long X509_issuer_and_serial_hash(X509 *a); 770 771int X509_issuer_name_cmp(const X509 *a, const X509 *b); 772unsigned long X509_issuer_name_hash(X509 *a); 773 774int X509_subject_name_cmp(const X509 *a, const X509 *b); 775unsigned long X509_subject_name_hash(X509 *x); 776 777# ifndef OPENSSL_NO_MD5 778unsigned long X509_issuer_name_hash_old(X509 *a); 779unsigned long X509_subject_name_hash_old(X509 *x); 780# endif 781 782# define X509_ADD_FLAG_DEFAULT 0 783# define X509_ADD_FLAG_UP_REF 0x1 784# define X509_ADD_FLAG_PREPEND 0x2 785# define X509_ADD_FLAG_NO_DUP 0x4 786# define X509_ADD_FLAG_NO_SS 0x8 787int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags); 788int X509_add_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs, int flags); 789 790int X509_cmp(const X509 *a, const X509 *b); 791int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); 792#ifndef OPENSSL_NO_DEPRECATED_3_0 793# define X509_NAME_hash(x) X509_NAME_hash_ex(x, NULL, NULL, NULL) 794OSSL_DEPRECATEDIN_3_0 int X509_certificate_type(const X509 *x, 795 const EVP_PKEY *pubkey); 796#endif 797unsigned long X509_NAME_hash_ex(const X509_NAME *x, OSSL_LIB_CTX *libctx, 798 const char *propq, int *ok); 799unsigned long X509_NAME_hash_old(const X509_NAME *x); 800 801int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); 802int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); 803int X509_aux_print(BIO *out, X509 *x, int indent); 804# ifndef OPENSSL_NO_STDIO 805int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag, 806 unsigned long cflag); 807int X509_print_fp(FILE *bp, X509 *x); 808int X509_CRL_print_fp(FILE *bp, X509_CRL *x); 809int X509_REQ_print_fp(FILE *bp, X509_REQ *req); 810int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, 811 unsigned long flags); 812# endif 813 814int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase); 815int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, 816 unsigned long flags); 817int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag, 818 unsigned long cflag); 819int X509_print(BIO *bp, X509 *x); 820int X509_ocspid_print(BIO *bp, X509 *x); 821int X509_CRL_print_ex(BIO *out, X509_CRL *x, unsigned long nmflag); 822int X509_CRL_print(BIO *bp, X509_CRL *x); 823int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, 824 unsigned long cflag); 825int X509_REQ_print(BIO *bp, X509_REQ *req); 826 827int X509_NAME_entry_count(const X509_NAME *name); 828int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid, 829 char *buf, int len); 830int X509_NAME_get_text_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj, 831 char *buf, int len); 832 833/* 834 * NOTE: you should be passing -1, not 0 as lastpos. The functions that use 835 * lastpos, search after that position on. 836 */ 837int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos); 838int X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj, 839 int lastpos); 840X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc); 841X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); 842int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, 843 int loc, int set); 844int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type, 845 const unsigned char *bytes, int len, int loc, 846 int set); 847int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, 848 const unsigned char *bytes, int len, int loc, 849 int set); 850X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, 851 const char *field, int type, 852 const unsigned char *bytes, 853 int len); 854X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, 855 int type, 856 const unsigned char *bytes, 857 int len); 858int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, 859 const unsigned char *bytes, int len, int loc, 860 int set); 861X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, 862 const ASN1_OBJECT *obj, int type, 863 const unsigned char *bytes, 864 int len); 865int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj); 866int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, 867 const unsigned char *bytes, int len); 868ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne); 869ASN1_STRING * X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne); 870int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne); 871 872int X509_NAME_get0_der(const X509_NAME *nm, const unsigned char **pder, 873 size_t *pderlen); 874 875int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); 876int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, 877 int nid, int lastpos); 878int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, 879 const ASN1_OBJECT *obj, int lastpos); 880int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, 881 int crit, int lastpos); 882X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); 883X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); 884STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, 885 X509_EXTENSION *ex, int loc); 886 887int X509_get_ext_count(const X509 *x); 888int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos); 889int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos); 890int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos); 891X509_EXTENSION *X509_get_ext(const X509 *x, int loc); 892X509_EXTENSION *X509_delete_ext(X509 *x, int loc); 893int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); 894void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx); 895int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, 896 unsigned long flags); 897 898int X509_CRL_get_ext_count(const X509_CRL *x); 899int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos); 900int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, 901 int lastpos); 902int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos); 903X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc); 904X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); 905int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); 906void *X509_CRL_get_ext_d2i(const X509_CRL *x, int nid, int *crit, int *idx); 907int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit, 908 unsigned long flags); 909 910int X509_REVOKED_get_ext_count(const X509_REVOKED *x); 911int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos); 912int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj, 913 int lastpos); 914int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, 915 int lastpos); 916X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc); 917X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); 918int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); 919void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *x, int nid, int *crit, 920 int *idx); 921int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit, 922 unsigned long flags); 923 924X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, 925 int nid, int crit, 926 ASN1_OCTET_STRING *data); 927X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, 928 const ASN1_OBJECT *obj, int crit, 929 ASN1_OCTET_STRING *data); 930int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj); 931int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); 932int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data); 933ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex); 934ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); 935int X509_EXTENSION_get_critical(const X509_EXTENSION *ex); 936 937int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); 938int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, 939 int lastpos); 940int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, 941 const ASN1_OBJECT *obj, int lastpos); 942X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); 943X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); 944STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, 945 X509_ATTRIBUTE *attr); 946STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) 947 **x, const ASN1_OBJECT *obj, 948 int type, 949 const unsigned char *bytes, 950 int len); 951STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) 952 **x, int nid, int type, 953 const unsigned char *bytes, 954 int len); 955STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) 956 **x, const char *attrname, 957 int type, 958 const unsigned char *bytes, 959 int len); 960void *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x, 961 const ASN1_OBJECT *obj, int lastpos, int type); 962X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, 963 int atrtype, const void *data, 964 int len); 965X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, 966 const ASN1_OBJECT *obj, 967 int atrtype, const void *data, 968 int len); 969X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, 970 const char *atrname, int type, 971 const unsigned char *bytes, 972 int len); 973int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); 974int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, 975 const void *data, int len); 976void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, 977 void *data); 978int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr); 979ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); 980ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); 981 982int EVP_PKEY_get_attr_count(const EVP_PKEY *key); 983int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos); 984int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, const ASN1_OBJECT *obj, 985 int lastpos); 986X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc); 987X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc); 988int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr); 989int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, 990 const ASN1_OBJECT *obj, int type, 991 const unsigned char *bytes, int len); 992int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, 993 int nid, int type, 994 const unsigned char *bytes, int len); 995int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, 996 const char *attrname, int type, 997 const unsigned char *bytes, int len); 998 999/* lookup a cert from a X509 STACK */ 1000X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, const X509_NAME *name, 1001 const ASN1_INTEGER *serial); 1002X509 *X509_find_by_subject(STACK_OF(X509) *sk, const X509_NAME *name); 1003 1004DECLARE_ASN1_FUNCTIONS(PBEPARAM) 1005DECLARE_ASN1_FUNCTIONS(PBE2PARAM) 1006DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM) 1007#ifndef OPENSSL_NO_SCRYPT 1008DECLARE_ASN1_FUNCTIONS(SCRYPT_PARAMS) 1009#endif 1010 1011int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, 1012 const unsigned char *salt, int saltlen); 1013int PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter, 1014 const unsigned char *salt, int saltlen, 1015 OSSL_LIB_CTX *libctx); 1016 1017X509_ALGOR *PKCS5_pbe_set(int alg, int iter, 1018 const unsigned char *salt, int saltlen); 1019X509_ALGOR *PKCS5_pbe_set_ex(int alg, int iter, 1020 const unsigned char *salt, int saltlen, 1021 OSSL_LIB_CTX *libctx); 1022 1023X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, 1024 unsigned char *salt, int saltlen); 1025X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, 1026 unsigned char *salt, int saltlen, 1027 unsigned char *aiv, int prf_nid); 1028X509_ALGOR *PKCS5_pbe2_set_iv_ex(const EVP_CIPHER *cipher, int iter, 1029 unsigned char *salt, int saltlen, 1030 unsigned char *aiv, int prf_nid, 1031 OSSL_LIB_CTX *libctx); 1032 1033#ifndef OPENSSL_NO_SCRYPT 1034X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher, 1035 const unsigned char *salt, int saltlen, 1036 unsigned char *aiv, uint64_t N, uint64_t r, 1037 uint64_t p); 1038#endif 1039 1040X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, 1041 int prf_nid, int keylen); 1042X509_ALGOR *PKCS5_pbkdf2_set_ex(int iter, unsigned char *salt, int saltlen, 1043 int prf_nid, int keylen, 1044 OSSL_LIB_CTX *libctx); 1045 1046/* PKCS#8 utilities */ 1047 1048DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) 1049 1050EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8); 1051EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OSSL_LIB_CTX *libctx, 1052 const char *propq); 1053PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey); 1054 1055int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, 1056 int version, int ptype, void *pval, 1057 unsigned char *penc, int penclen); 1058int PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg, 1059 const unsigned char **pk, int *ppklen, 1060 const X509_ALGOR **pa, const PKCS8_PRIV_KEY_INFO *p8); 1061 1062const STACK_OF(X509_ATTRIBUTE) * 1063PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8); 1064int PKCS8_pkey_add1_attr(PKCS8_PRIV_KEY_INFO *p8, X509_ATTRIBUTE *attr); 1065int PKCS8_pkey_add1_attr_by_NID(PKCS8_PRIV_KEY_INFO *p8, int nid, int type, 1066 const unsigned char *bytes, int len); 1067int PKCS8_pkey_add1_attr_by_OBJ(PKCS8_PRIV_KEY_INFO *p8, const ASN1_OBJECT *obj, 1068 int type, const unsigned char *bytes, int len); 1069 1070 1071int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, 1072 int ptype, void *pval, 1073 unsigned char *penc, int penclen); 1074int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, 1075 const unsigned char **pk, int *ppklen, 1076 X509_ALGOR **pa, const X509_PUBKEY *pub); 1077int X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b); 1078 1079# ifdef __cplusplus 1080} 1081# endif 1082#endif 1083