LTKCPP-- LLRP Toolkit C Plus Plus Library
x509v3.h
00001 /* x509v3.h */
00002 /*
00003  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
00004  * 1999.
00005  */
00006 /* ====================================================================
00007  * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
00008  *
00009  * Redistribution and use in source and binary forms, with or without
00010  * modification, are permitted provided that the following conditions
00011  * are met:
00012  *
00013  * 1. Redistributions of source code must retain the above copyright
00014  *    notice, this list of conditions and the following disclaimer.
00015  *
00016  * 2. Redistributions in binary form must reproduce the above copyright
00017  *    notice, this list of conditions and the following disclaimer in
00018  *    the documentation and/or other materials provided with the
00019  *    distribution.
00020  *
00021  * 3. All advertising materials mentioning features or use of this
00022  *    software must display the following acknowledgment:
00023  *    "This product includes software developed by the OpenSSL Project
00024  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
00025  *
00026  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
00027  *    endorse or promote products derived from this software without
00028  *    prior written permission. For written permission, please contact
00029  *    licensing@OpenSSL.org.
00030  *
00031  * 5. Products derived from this software may not be called "OpenSSL"
00032  *    nor may "OpenSSL" appear in their names without prior written
00033  *    permission of the OpenSSL Project.
00034  *
00035  * 6. Redistributions of any form whatsoever must retain the following
00036  *    acknowledgment:
00037  *    "This product includes software developed by the OpenSSL Project
00038  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
00039  *
00040  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
00041  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00042  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
00043  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
00044  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
00045  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
00046  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
00047  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
00048  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
00049  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
00050  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
00051  * OF THE POSSIBILITY OF SUCH DAMAGE.
00052  * ====================================================================
00053  *
00054  * This product includes cryptographic software written by Eric Young
00055  * (eay@cryptsoft.com).  This product includes software written by Tim
00056  * Hudson (tjh@cryptsoft.com).
00057  *
00058  */
00059 #ifndef HEADER_X509V3_H
00060 # define HEADER_X509V3_H
00061 
00062 # include <openssl/bio.h>
00063 # include <openssl/x509.h>
00064 # include <openssl/conf.h>
00065 
00066 #ifdef __cplusplus
00067 extern "C" {
00068 #endif
00069 
00070 # ifdef OPENSSL_SYS_WIN32
00071 /* Under Win32 these are defined in wincrypt.h */
00072 #  undef X509_NAME
00073 #  undef X509_CERT_PAIR
00074 #  undef X509_EXTENSIONS
00075 # endif
00076 
00077 /* Forward reference */
00078 struct v3_ext_method;
00079 struct v3_ext_ctx;
00080 
00081 /* Useful typedefs */
00082 
00083 typedef void *(*X509V3_EXT_NEW)(void);
00084 typedef void (*X509V3_EXT_FREE) (void *);
00085 typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
00086 typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
00087 typedef STACK_OF(CONF_VALUE) *
00088     (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
00089                        STACK_OF(CONF_VALUE) *extlist);
00090 typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
00091                                 struct v3_ext_ctx *ctx,
00092                                 STACK_OF(CONF_VALUE) *values);
00093 typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method,
00094                                 void *ext);
00095 typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
00096                                 struct v3_ext_ctx *ctx, const char *str);
00097 typedef int (*X509V3_EXT_I2R) (const struct v3_ext_method *method, void *ext,
00098                                BIO *out, int indent);
00099 typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method,
00100                                 struct v3_ext_ctx *ctx, const char *str);
00101 
00102 /* V3 extension structure */
00103 
00104 struct v3_ext_method {
00105     int ext_nid;
00106     int ext_flags;
00107 /* If this is set the following four fields are ignored */
00108     ASN1_ITEM_EXP *it;
00109 /* Old style ASN1 calls */
00110     X509V3_EXT_NEW ext_new;
00111     X509V3_EXT_FREE ext_free;
00112     X509V3_EXT_D2I d2i;
00113     X509V3_EXT_I2D i2d;
00114 /* The following pair is used for string extensions */
00115     X509V3_EXT_I2S i2s;
00116     X509V3_EXT_S2I s2i;
00117 /* The following pair is used for multi-valued extensions */
00118     X509V3_EXT_I2V i2v;
00119     X509V3_EXT_V2I v2i;
00120 /* The following are used for raw extensions */
00121     X509V3_EXT_I2R i2r;
00122     X509V3_EXT_R2I r2i;
00123     void *usr_data;             /* Any extension specific data */
00124 };
00125 
00126 typedef struct X509V3_CONF_METHOD_st {
00127     char *(*get_string) (void *db, char *section, char *value);
00128     STACK_OF(CONF_VALUE) *(*get_section) (void *db, char *section);
00129     void (*free_string) (void *db, char *string);
00130     void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
00131 } X509V3_CONF_METHOD;
00132 
00133 /* Context specific info */
00134 struct v3_ext_ctx {
00135 # define CTX_TEST 0x1
00136     int flags;
00137     X509 *issuer_cert;
00138     X509 *subject_cert;
00139     X509_REQ *subject_req;
00140     X509_CRL *crl;
00141     X509V3_CONF_METHOD *db_meth;
00142     void *db;
00143 /* Maybe more here */
00144 };
00145 
00146 typedef struct v3_ext_method X509V3_EXT_METHOD;
00147 
00148 DECLARE_STACK_OF(X509V3_EXT_METHOD)
00149 
00150 /* ext_flags values */
00151 # define X509V3_EXT_DYNAMIC      0x1
00152 # define X509V3_EXT_CTX_DEP      0x2
00153 # define X509V3_EXT_MULTILINE    0x4
00154 
00155 typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
00156 
00157 typedef struct BASIC_CONSTRAINTS_st {
00158     int ca;
00159     ASN1_INTEGER *pathlen;
00160 } BASIC_CONSTRAINTS;
00161 
00162 typedef struct PKEY_USAGE_PERIOD_st {
00163     ASN1_GENERALIZEDTIME *notBefore;
00164     ASN1_GENERALIZEDTIME *notAfter;
00165 } PKEY_USAGE_PERIOD;
00166 
00167 typedef struct otherName_st {
00168     ASN1_OBJECT *type_id;
00169     ASN1_TYPE *value;
00170 } OTHERNAME;
00171 
00172 typedef struct EDIPartyName_st {
00173     ASN1_STRING *nameAssigner;
00174     ASN1_STRING *partyName;
00175 } EDIPARTYNAME;
00176 
00177 typedef struct GENERAL_NAME_st {
00178 # define GEN_OTHERNAME   0
00179 # define GEN_EMAIL       1
00180 # define GEN_DNS         2
00181 # define GEN_X400        3
00182 # define GEN_DIRNAME     4
00183 # define GEN_EDIPARTY    5
00184 # define GEN_URI         6
00185 # define GEN_IPADD       7
00186 # define GEN_RID         8
00187     int type;
00188     union {
00189         char *ptr;
00190         OTHERNAME *otherName;   /* otherName */
00191         ASN1_IA5STRING *rfc822Name;
00192         ASN1_IA5STRING *dNSName;
00193         ASN1_TYPE *x400Address;
00194         X509_NAME *directoryName;
00195         EDIPARTYNAME *ediPartyName;
00196         ASN1_IA5STRING *uniformResourceIdentifier;
00197         ASN1_OCTET_STRING *iPAddress;
00198         ASN1_OBJECT *registeredID;
00199         /* Old names */
00200         ASN1_OCTET_STRING *ip;  /* iPAddress */
00201         X509_NAME *dirn;        /* dirn */
00202         ASN1_IA5STRING *ia5;    /* rfc822Name, dNSName,
00203                                  * uniformResourceIdentifier */
00204         ASN1_OBJECT *rid;       /* registeredID */
00205         ASN1_TYPE *other;       /* x400Address */
00206     } d;
00207 } GENERAL_NAME;
00208 
00209 typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
00210 
00211 typedef struct ACCESS_DESCRIPTION_st {
00212     ASN1_OBJECT *method;
00213     GENERAL_NAME *location;
00214 } ACCESS_DESCRIPTION;
00215 
00216 typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
00217 
00218 typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
00219 
00220 DECLARE_STACK_OF(GENERAL_NAME)
00221 DECLARE_ASN1_SET_OF(GENERAL_NAME)
00222 
00223 DECLARE_STACK_OF(ACCESS_DESCRIPTION)
00224 DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
00225 
00226 typedef struct DIST_POINT_NAME_st {
00227     int type;
00228     union {
00229         GENERAL_NAMES *fullname;
00230         STACK_OF(X509_NAME_ENTRY) *relativename;
00231     } name;
00232 /* If relativename then this contains the full distribution point name */
00233     X509_NAME *dpname;
00234 } DIST_POINT_NAME;
00235 /* All existing reasons */
00236 # define CRLDP_ALL_REASONS       0x807f
00237 
00238 # define CRL_REASON_NONE                         -1
00239 # define CRL_REASON_UNSPECIFIED                  0
00240 # define CRL_REASON_KEY_COMPROMISE               1
00241 # define CRL_REASON_CA_COMPROMISE                2
00242 # define CRL_REASON_AFFILIATION_CHANGED          3
00243 # define CRL_REASON_SUPERSEDED                   4
00244 # define CRL_REASON_CESSATION_OF_OPERATION       5
00245 # define CRL_REASON_CERTIFICATE_HOLD             6
00246 # define CRL_REASON_REMOVE_FROM_CRL              8
00247 # define CRL_REASON_PRIVILEGE_WITHDRAWN          9
00248 # define CRL_REASON_AA_COMPROMISE                10
00249 
00250 struct DIST_POINT_st {
00251     DIST_POINT_NAME *distpoint;
00252     ASN1_BIT_STRING *reasons;
00253     GENERAL_NAMES *CRLissuer;
00254     int dp_reasons;
00255 };
00256 
00257 typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
00258 
00259 DECLARE_STACK_OF(DIST_POINT)
00260 DECLARE_ASN1_SET_OF(DIST_POINT)
00261 
00262 struct AUTHORITY_KEYID_st {
00263     ASN1_OCTET_STRING *keyid;
00264     GENERAL_NAMES *issuer;
00265     ASN1_INTEGER *serial;
00266 };
00267 
00268 /* Strong extranet structures */
00269 
00270 typedef struct SXNET_ID_st {
00271     ASN1_INTEGER *zone;
00272     ASN1_OCTET_STRING *user;
00273 } SXNETID;
00274 
00275 DECLARE_STACK_OF(SXNETID)
00276 DECLARE_ASN1_SET_OF(SXNETID)
00277 
00278 typedef struct SXNET_st {
00279     ASN1_INTEGER *version;
00280     STACK_OF(SXNETID) *ids;
00281 } SXNET;
00282 
00283 typedef struct NOTICEREF_st {
00284     ASN1_STRING *organization;
00285     STACK_OF(ASN1_INTEGER) *noticenos;
00286 } NOTICEREF;
00287 
00288 typedef struct USERNOTICE_st {
00289     NOTICEREF *noticeref;
00290     ASN1_STRING *exptext;
00291 } USERNOTICE;
00292 
00293 typedef struct POLICYQUALINFO_st {
00294     ASN1_OBJECT *pqualid;
00295     union {
00296         ASN1_IA5STRING *cpsuri;
00297         USERNOTICE *usernotice;
00298         ASN1_TYPE *other;
00299     } d;
00300 } POLICYQUALINFO;
00301 
00302 DECLARE_STACK_OF(POLICYQUALINFO)
00303 DECLARE_ASN1_SET_OF(POLICYQUALINFO)
00304 
00305 typedef struct POLICYINFO_st {
00306     ASN1_OBJECT *policyid;
00307     STACK_OF(POLICYQUALINFO) *qualifiers;
00308 } POLICYINFO;
00309 
00310 typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
00311 
00312 DECLARE_STACK_OF(POLICYINFO)
00313 DECLARE_ASN1_SET_OF(POLICYINFO)
00314 
00315 typedef struct POLICY_MAPPING_st {
00316     ASN1_OBJECT *issuerDomainPolicy;
00317     ASN1_OBJECT *subjectDomainPolicy;
00318 } POLICY_MAPPING;
00319 
00320 DECLARE_STACK_OF(POLICY_MAPPING)
00321 
00322 typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
00323 
00324 typedef struct GENERAL_SUBTREE_st {
00325     GENERAL_NAME *base;
00326     ASN1_INTEGER *minimum;
00327     ASN1_INTEGER *maximum;
00328 } GENERAL_SUBTREE;
00329 
00330 DECLARE_STACK_OF(GENERAL_SUBTREE)
00331 
00332 struct NAME_CONSTRAINTS_st {
00333     STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
00334     STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
00335 };
00336 
00337 typedef struct POLICY_CONSTRAINTS_st {
00338     ASN1_INTEGER *requireExplicitPolicy;
00339     ASN1_INTEGER *inhibitPolicyMapping;
00340 } POLICY_CONSTRAINTS;
00341 
00342 /* Proxy certificate structures, see RFC 3820 */
00343 typedef struct PROXY_POLICY_st {
00344     ASN1_OBJECT *policyLanguage;
00345     ASN1_OCTET_STRING *policy;
00346 } PROXY_POLICY;
00347 
00348 typedef struct PROXY_CERT_INFO_EXTENSION_st {
00349     ASN1_INTEGER *pcPathLengthConstraint;
00350     PROXY_POLICY *proxyPolicy;
00351 } PROXY_CERT_INFO_EXTENSION;
00352 
00353 DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
00354 DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
00355 
00356 struct ISSUING_DIST_POINT_st {
00357     DIST_POINT_NAME *distpoint;
00358     int onlyuser;
00359     int onlyCA;
00360     ASN1_BIT_STRING *onlysomereasons;
00361     int indirectCRL;
00362     int onlyattr;
00363 };
00364 
00365 /* Values in idp_flags field */
00366 /* IDP present */
00367 # define IDP_PRESENT     0x1
00368 /* IDP values inconsistent */
00369 # define IDP_INVALID     0x2
00370 /* onlyuser true */
00371 # define IDP_ONLYUSER    0x4
00372 /* onlyCA true */
00373 # define IDP_ONLYCA      0x8
00374 /* onlyattr true */
00375 # define IDP_ONLYATTR    0x10
00376 /* indirectCRL true */
00377 # define IDP_INDIRECT    0x20
00378 /* onlysomereasons present */
00379 # define IDP_REASONS     0x40
00380 
00381 # define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
00382 ",name:", val->name, ",value:", val->value);
00383 
00384 # define X509V3_set_ctx_test(ctx) \
00385                         X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
00386 # define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
00387 
00388 # define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
00389                         0,0,0,0, \
00390                         0,0, \
00391                         (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
00392                         (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
00393                         NULL, NULL, \
00394                         table}
00395 
00396 # define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
00397                         0,0,0,0, \
00398                         (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
00399                         (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
00400                         0,0,0,0, \
00401                         NULL}
00402 
00403 # define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
00404 
00405 /* X509_PURPOSE stuff */
00406 
00407 # define EXFLAG_BCONS            0x1
00408 # define EXFLAG_KUSAGE           0x2
00409 # define EXFLAG_XKUSAGE          0x4
00410 # define EXFLAG_NSCERT           0x8
00411 
00412 # define EXFLAG_CA               0x10
00413 /* Really self issued not necessarily self signed */
00414 # define EXFLAG_SI               0x20
00415 # define EXFLAG_V1               0x40
00416 # define EXFLAG_INVALID          0x80
00417 # define EXFLAG_SET              0x100
00418 # define EXFLAG_CRITICAL         0x200
00419 # define EXFLAG_PROXY            0x400
00420 
00421 # define EXFLAG_INVALID_POLICY   0x800
00422 # define EXFLAG_FRESHEST         0x1000
00423 /* Self signed */
00424 # define EXFLAG_SS               0x2000
00425 
00426 # define KU_DIGITAL_SIGNATURE    0x0080
00427 # define KU_NON_REPUDIATION      0x0040
00428 # define KU_KEY_ENCIPHERMENT     0x0020
00429 # define KU_DATA_ENCIPHERMENT    0x0010
00430 # define KU_KEY_AGREEMENT        0x0008
00431 # define KU_KEY_CERT_SIGN        0x0004
00432 # define KU_CRL_SIGN             0x0002
00433 # define KU_ENCIPHER_ONLY        0x0001
00434 # define KU_DECIPHER_ONLY        0x8000
00435 
00436 # define NS_SSL_CLIENT           0x80
00437 # define NS_SSL_SERVER           0x40
00438 # define NS_SMIME                0x20
00439 # define NS_OBJSIGN              0x10
00440 # define NS_SSL_CA               0x04
00441 # define NS_SMIME_CA             0x02
00442 # define NS_OBJSIGN_CA           0x01
00443 # define NS_ANY_CA               (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA)
00444 
00445 # define XKU_SSL_SERVER          0x1
00446 # define XKU_SSL_CLIENT          0x2
00447 # define XKU_SMIME               0x4
00448 # define XKU_CODE_SIGN           0x8
00449 # define XKU_SGC                 0x10
00450 # define XKU_OCSP_SIGN           0x20
00451 # define XKU_TIMESTAMP           0x40
00452 # define XKU_DVCS                0x80
00453 # define XKU_ANYEKU              0x100
00454 
00455 # define X509_PURPOSE_DYNAMIC    0x1
00456 # define X509_PURPOSE_DYNAMIC_NAME       0x2
00457 
00458 typedef struct x509_purpose_st {
00459     int purpose;
00460     int trust;                  /* Default trust ID */
00461     int flags;
00462     int (*check_purpose) (const struct x509_purpose_st *, const X509 *, int);
00463     char *name;
00464     char *sname;
00465     void *usr_data;
00466 } X509_PURPOSE;
00467 
00468 # define X509_PURPOSE_SSL_CLIENT         1
00469 # define X509_PURPOSE_SSL_SERVER         2
00470 # define X509_PURPOSE_NS_SSL_SERVER      3
00471 # define X509_PURPOSE_SMIME_SIGN         4
00472 # define X509_PURPOSE_SMIME_ENCRYPT      5
00473 # define X509_PURPOSE_CRL_SIGN           6
00474 # define X509_PURPOSE_ANY                7
00475 # define X509_PURPOSE_OCSP_HELPER        8
00476 # define X509_PURPOSE_TIMESTAMP_SIGN     9
00477 
00478 # define X509_PURPOSE_MIN                1
00479 # define X509_PURPOSE_MAX                9
00480 
00481 /* Flags for X509V3_EXT_print() */
00482 
00483 # define X509V3_EXT_UNKNOWN_MASK         (0xfL << 16)
00484 /* Return error for unknown extensions */
00485 # define X509V3_EXT_DEFAULT              0
00486 /* Print error for unknown extensions */
00487 # define X509V3_EXT_ERROR_UNKNOWN        (1L << 16)
00488 /* ASN1 parse unknown extensions */
00489 # define X509V3_EXT_PARSE_UNKNOWN        (2L << 16)
00490 /* BIO_dump unknown extensions */
00491 # define X509V3_EXT_DUMP_UNKNOWN         (3L << 16)
00492 
00493 /* Flags for X509V3_add1_i2d */
00494 
00495 # define X509V3_ADD_OP_MASK              0xfL
00496 # define X509V3_ADD_DEFAULT              0L
00497 # define X509V3_ADD_APPEND               1L
00498 # define X509V3_ADD_REPLACE              2L
00499 # define X509V3_ADD_REPLACE_EXISTING     3L
00500 # define X509V3_ADD_KEEP_EXISTING        4L
00501 # define X509V3_ADD_DELETE               5L
00502 # define X509V3_ADD_SILENT               0x10
00503 
00504 DECLARE_STACK_OF(X509_PURPOSE)
00505 
00506 DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
00507 
00508 DECLARE_ASN1_FUNCTIONS(SXNET)
00509 DECLARE_ASN1_FUNCTIONS(SXNETID)
00510 
00511 int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen);
00512 int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
00513                        int userlen);
00514 int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user,
00515                          int userlen);
00516 
00517 ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
00518 ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
00519 ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
00520 
00521 DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
00522 
00523 DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
00524 
00525 DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
00526 GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
00527 int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
00528 
00529 ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
00530                                      X509V3_CTX *ctx,
00531                                      STACK_OF(CONF_VALUE) *nval);
00532 STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
00533                                           ASN1_BIT_STRING *bits,
00534                                           STACK_OF(CONF_VALUE) *extlist);
00535 
00536 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
00537                                        GENERAL_NAME *gen,
00538                                        STACK_OF(CONF_VALUE) *ret);
00539 int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
00540 
00541 DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
00542 
00543 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
00544                                         GENERAL_NAMES *gen,
00545                                         STACK_OF(CONF_VALUE) *extlist);
00546 GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
00547                                  X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
00548 
00549 DECLARE_ASN1_FUNCTIONS(OTHERNAME)
00550 DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
00551 int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
00552 void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
00553 void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
00554 int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
00555                                 ASN1_OBJECT *oid, ASN1_TYPE *value);
00556 int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
00557                                 ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
00558 
00559 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
00560                             ASN1_OCTET_STRING *ia5);
00561 ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
00562                                          X509V3_CTX *ctx, char *str);
00563 
00564 DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
00565 int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION *a);
00566 
00567 DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
00568 DECLARE_ASN1_FUNCTIONS(POLICYINFO)
00569 DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
00570 DECLARE_ASN1_FUNCTIONS(USERNOTICE)
00571 DECLARE_ASN1_FUNCTIONS(NOTICEREF)
00572 
00573 DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
00574 DECLARE_ASN1_FUNCTIONS(DIST_POINT)
00575 DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
00576 DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
00577 
00578 int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
00579 
00580 int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
00581 
00582 DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
00583 DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
00584 
00585 DECLARE_ASN1_ITEM(POLICY_MAPPING)
00586 DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
00587 DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
00588 
00589 DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
00590 DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
00591 
00592 DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
00593 DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
00594 
00595 DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
00596 DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
00597 
00598 GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
00599                                const X509V3_EXT_METHOD *method,
00600                                X509V3_CTX *ctx, int gen_type, char *value,
00601                                int is_nc);
00602 
00603 # ifdef HEADER_CONF_H
00604 GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
00605                                X509V3_CTX *ctx, CONF_VALUE *cnf);
00606 GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
00607                                   const X509V3_EXT_METHOD *method,
00608                                   X509V3_CTX *ctx, CONF_VALUE *cnf,
00609                                   int is_nc);
00610 void X509V3_conf_free(CONF_VALUE *val);
00611 
00612 X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
00613                                      char *value);
00614 X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
00615                                  char *value);
00616 int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
00617                             STACK_OF(X509_EXTENSION) **sk);
00618 int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
00619                          X509 *cert);
00620 int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
00621                              X509_REQ *req);
00622 int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
00623                              X509_CRL *crl);
00624 
00625 X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
00626                                     X509V3_CTX *ctx, int ext_nid,
00627                                     char *value);
00628 X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
00629                                 char *name, char *value);
00630 int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
00631                         char *section, X509 *cert);
00632 int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
00633                             char *section, X509_REQ *req);
00634 int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
00635                             char *section, X509_CRL *crl);
00636 
00637 int X509V3_add_value_bool_nf(char *name, int asn1_bool,
00638                              STACK_OF(CONF_VALUE) **extlist);
00639 int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
00640 int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
00641 void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
00642 void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
00643 # endif
00644 
00645 char *X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
00646 STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, char *section);
00647 void X509V3_string_free(X509V3_CTX *ctx, char *str);
00648 void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
00649 void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
00650                     X509_REQ *req, X509_CRL *crl, int flags);
00651 
00652 int X509V3_add_value(const char *name, const char *value,
00653                      STACK_OF(CONF_VALUE) **extlist);
00654 int X509V3_add_value_uchar(const char *name, const unsigned char *value,
00655                            STACK_OF(CONF_VALUE) **extlist);
00656 int X509V3_add_value_bool(const char *name, int asn1_bool,
00657                           STACK_OF(CONF_VALUE) **extlist);
00658 int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
00659                          STACK_OF(CONF_VALUE) **extlist);
00660 char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
00661 ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
00662 char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
00663 char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
00664                                 ASN1_ENUMERATED *aint);
00665 int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
00666 int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
00667 int X509V3_EXT_add_alias(int nid_to, int nid_from);
00668 void X509V3_EXT_cleanup(void);
00669 
00670 const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
00671 const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
00672 int X509V3_add_standard_extensions(void);
00673 STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
00674 void *X509V3_EXT_d2i(X509_EXTENSION *ext);
00675 void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
00676                      int *idx);
00677 int X509V3_EXT_free(int nid, void *ext_data);
00678 
00679 X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
00680 int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
00681                     int crit, unsigned long flags);
00682 
00683 char *hex_to_string(const unsigned char *buffer, long len);
00684 unsigned char *string_to_hex(const char *str, long *len);
00685 int name_cmp(const char *name, const char *cmp);
00686 
00687 void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
00688                         int ml);
00689 int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
00690                      int indent);
00691 int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
00692 
00693 int X509V3_extensions_print(BIO *out, char *title,
00694                             STACK_OF(X509_EXTENSION) *exts,
00695                             unsigned long flag, int indent);
00696 
00697 int X509_check_ca(X509 *x);
00698 int X509_check_purpose(X509 *x, int id, int ca);
00699 int X509_supported_extension(X509_EXTENSION *ex);
00700 int X509_PURPOSE_set(int *p, int purpose);
00701 int X509_check_issued(X509 *issuer, X509 *subject);
00702 int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
00703 int X509_PURPOSE_get_count(void);
00704 X509_PURPOSE *X509_PURPOSE_get0(int idx);
00705 int X509_PURPOSE_get_by_sname(char *sname);
00706 int X509_PURPOSE_get_by_id(int id);
00707 int X509_PURPOSE_add(int id, int trust, int flags,
00708                      int (*ck) (const X509_PURPOSE *, const X509 *, int),
00709                      char *name, char *sname, void *arg);
00710 char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
00711 char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
00712 int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
00713 void X509_PURPOSE_cleanup(void);
00714 int X509_PURPOSE_get_id(X509_PURPOSE *);
00715 
00716 STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
00717 STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
00718 void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
00719 STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
00720 /* Flags for X509_check_* functions */
00721 
00722 /*
00723  * Always check subject name for host match even if subject alt names present
00724  */
00725 # define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT    0x1
00726 /* Disable wildcard matching for dnsName fields and common name. */
00727 # define X509_CHECK_FLAG_NO_WILDCARDS    0x2
00728 /* Wildcards must not match a partial label. */
00729 # define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4
00730 /* Allow (non-partial) wildcards to match multiple labels. */
00731 # define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8
00732 /* Constraint verifier subdomain patterns to match a single labels. */
00733 # define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10
00734 /*
00735  * Match reference identifiers starting with "." to any sub-domain.
00736  * This is a non-public flag, turned on implicitly when the subject
00737  * reference identity is a DNS name.
00738  */
00739 # define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000
00740 
00741 int X509_check_host(X509 *x, const char *chk, size_t chklen,
00742                     unsigned int flags, char **peername);
00743 int X509_check_email(X509 *x, const char *chk, size_t chklen,
00744                      unsigned int flags);
00745 int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
00746                   unsigned int flags);
00747 int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags);
00748 
00749 ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
00750 ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
00751 int a2i_ipadd(unsigned char *ipout, const char *ipasc);
00752 int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk,
00753                              unsigned long chtype);
00754 
00755 void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
00756 DECLARE_STACK_OF(X509_POLICY_NODE)
00757 
00758 # ifndef OPENSSL_NO_RFC3779
00759 
00760 typedef struct ASRange_st {
00761     ASN1_INTEGER *min, *max;
00762 } ASRange;
00763 
00764 #  define ASIdOrRange_id          0
00765 #  define ASIdOrRange_range       1
00766 
00767 typedef struct ASIdOrRange_st {
00768     int type;
00769     union {
00770         ASN1_INTEGER *id;
00771         ASRange *range;
00772     } u;
00773 } ASIdOrRange;
00774 
00775 typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
00776 DECLARE_STACK_OF(ASIdOrRange)
00777 
00778 #  define ASIdentifierChoice_inherit              0
00779 #  define ASIdentifierChoice_asIdsOrRanges        1
00780 
00781 typedef struct ASIdentifierChoice_st {
00782     int type;
00783     union {
00784         ASN1_NULL *inherit;
00785         ASIdOrRanges *asIdsOrRanges;
00786     } u;
00787 } ASIdentifierChoice;
00788 
00789 typedef struct ASIdentifiers_st {
00790     ASIdentifierChoice *asnum, *rdi;
00791 } ASIdentifiers;
00792 
00793 DECLARE_ASN1_FUNCTIONS(ASRange)
00794 DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
00795 DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
00796 DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
00797 
00798 typedef struct IPAddressRange_st {
00799     ASN1_BIT_STRING *min, *max;
00800 } IPAddressRange;
00801 
00802 #  define IPAddressOrRange_addressPrefix  0
00803 #  define IPAddressOrRange_addressRange   1
00804 
00805 typedef struct IPAddressOrRange_st {
00806     int type;
00807     union {
00808         ASN1_BIT_STRING *addressPrefix;
00809         IPAddressRange *addressRange;
00810     } u;
00811 } IPAddressOrRange;
00812 
00813 typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
00814 DECLARE_STACK_OF(IPAddressOrRange)
00815 
00816 #  define IPAddressChoice_inherit                 0
00817 #  define IPAddressChoice_addressesOrRanges       1
00818 
00819 typedef struct IPAddressChoice_st {
00820     int type;
00821     union {
00822         ASN1_NULL *inherit;
00823         IPAddressOrRanges *addressesOrRanges;
00824     } u;
00825 } IPAddressChoice;
00826 
00827 typedef struct IPAddressFamily_st {
00828     ASN1_OCTET_STRING *addressFamily;
00829     IPAddressChoice *ipAddressChoice;
00830 } IPAddressFamily;
00831 
00832 typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
00833 DECLARE_STACK_OF(IPAddressFamily)
00834 
00835 DECLARE_ASN1_FUNCTIONS(IPAddressRange)
00836 DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
00837 DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
00838 DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
00839 
00840 /*
00841  * API tag for elements of the ASIdentifer SEQUENCE.
00842  */
00843 #  define V3_ASID_ASNUM   0
00844 #  define V3_ASID_RDI     1
00845 
00846 /*
00847  * AFI values, assigned by IANA.  It'd be nice to make the AFI
00848  * handling code totally generic, but there are too many little things
00849  * that would need to be defined for other address families for it to
00850  * be worth the trouble.
00851  */
00852 #  define IANA_AFI_IPV4   1
00853 #  define IANA_AFI_IPV6   2
00854 
00855 /*
00856  * Utilities to construct and extract values from RFC3779 extensions,
00857  * since some of the encodings (particularly for IP address prefixes
00858  * and ranges) are a bit tedious to work with directly.
00859  */
00860 int v3_asid_add_inherit(ASIdentifiers *asid, int which);
00861 int v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
00862                             ASN1_INTEGER *min, ASN1_INTEGER *max);
00863 int v3_addr_add_inherit(IPAddrBlocks *addr,
00864                         const unsigned afi, const unsigned *safi);
00865 int v3_addr_add_prefix(IPAddrBlocks *addr,
00866                        const unsigned afi, const unsigned *safi,
00867                        unsigned char *a, const int prefixlen);
00868 int v3_addr_add_range(IPAddrBlocks *addr,
00869                       const unsigned afi, const unsigned *safi,
00870                       unsigned char *min, unsigned char *max);
00871 unsigned v3_addr_get_afi(const IPAddressFamily *f);
00872 int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
00873                       unsigned char *min, unsigned char *max,
00874                       const int length);
00875 
00876 /*
00877  * Canonical forms.
00878  */
00879 int v3_asid_is_canonical(ASIdentifiers *asid);
00880 int v3_addr_is_canonical(IPAddrBlocks *addr);
00881 int v3_asid_canonize(ASIdentifiers *asid);
00882 int v3_addr_canonize(IPAddrBlocks *addr);
00883 
00884 /*
00885  * Tests for inheritance and containment.
00886  */
00887 int v3_asid_inherits(ASIdentifiers *asid);
00888 int v3_addr_inherits(IPAddrBlocks *addr);
00889 int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b);
00890 int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
00891 
00892 /*
00893  * Check whether RFC 3779 extensions nest properly in chains.
00894  */
00895 int v3_asid_validate_path(X509_STORE_CTX *);
00896 int v3_addr_validate_path(X509_STORE_CTX *);
00897 int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
00898                                   ASIdentifiers *ext, int allow_inheritance);
00899 int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
00900                                   IPAddrBlocks *ext, int allow_inheritance);
00901 
00902 # endif                         /* OPENSSL_NO_RFC3779 */
00903 
00904 /* BEGIN ERROR CODES */
00905 /*
00906  * The following lines are auto generated by the script mkerr.pl. Any changes
00907  * made after this point may be overwritten when the script is next run.
00908  */
00909 void ERR_load_X509V3_strings(void);
00910 
00911 /* Error codes for the X509V3 functions. */
00912 
00913 /* Function codes. */
00914 # define X509V3_F_A2I_GENERAL_NAME                        164
00915 # define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE             161
00916 # define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL         162
00917 # define X509V3_F_COPY_EMAIL                              122
00918 # define X509V3_F_COPY_ISSUER                             123
00919 # define X509V3_F_DO_DIRNAME                              144
00920 # define X509V3_F_DO_EXT_CONF                             124
00921 # define X509V3_F_DO_EXT_I2D                              135
00922 # define X509V3_F_DO_EXT_NCONF                            151
00923 # define X509V3_F_DO_I2V_NAME_CONSTRAINTS                 148
00924 # define X509V3_F_GNAMES_FROM_SECTNAME                    156
00925 # define X509V3_F_HEX_TO_STRING                           111
00926 # define X509V3_F_I2S_ASN1_ENUMERATED                     121
00927 # define X509V3_F_I2S_ASN1_IA5STRING                      149
00928 # define X509V3_F_I2S_ASN1_INTEGER                        120
00929 # define X509V3_F_I2V_AUTHORITY_INFO_ACCESS               138
00930 # define X509V3_F_NOTICE_SECTION                          132
00931 # define X509V3_F_NREF_NOS                                133
00932 # define X509V3_F_POLICY_SECTION                          131
00933 # define X509V3_F_PROCESS_PCI_VALUE                       150
00934 # define X509V3_F_R2I_CERTPOL                             130
00935 # define X509V3_F_R2I_PCI                                 155
00936 # define X509V3_F_S2I_ASN1_IA5STRING                      100
00937 # define X509V3_F_S2I_ASN1_INTEGER                        108
00938 # define X509V3_F_S2I_ASN1_OCTET_STRING                   112
00939 # define X509V3_F_S2I_ASN1_SKEY_ID                        114
00940 # define X509V3_F_S2I_SKEY_ID                             115
00941 # define X509V3_F_SET_DIST_POINT_NAME                     158
00942 # define X509V3_F_STRING_TO_HEX                           113
00943 # define X509V3_F_SXNET_ADD_ID_ASC                        125
00944 # define X509V3_F_SXNET_ADD_ID_INTEGER                    126
00945 # define X509V3_F_SXNET_ADD_ID_ULONG                      127
00946 # define X509V3_F_SXNET_GET_ID_ASC                        128
00947 # define X509V3_F_SXNET_GET_ID_ULONG                      129
00948 # define X509V3_F_V2I_ASIDENTIFIERS                       163
00949 # define X509V3_F_V2I_ASN1_BIT_STRING                     101
00950 # define X509V3_F_V2I_AUTHORITY_INFO_ACCESS               139
00951 # define X509V3_F_V2I_AUTHORITY_KEYID                     119
00952 # define X509V3_F_V2I_BASIC_CONSTRAINTS                   102
00953 # define X509V3_F_V2I_CRLD                                134
00954 # define X509V3_F_V2I_EXTENDED_KEY_USAGE                  103
00955 # define X509V3_F_V2I_GENERAL_NAMES                       118
00956 # define X509V3_F_V2I_GENERAL_NAME_EX                     117
00957 # define X509V3_F_V2I_IDP                                 157
00958 # define X509V3_F_V2I_IPADDRBLOCKS                        159
00959 # define X509V3_F_V2I_ISSUER_ALT                          153
00960 # define X509V3_F_V2I_NAME_CONSTRAINTS                    147
00961 # define X509V3_F_V2I_POLICY_CONSTRAINTS                  146
00962 # define X509V3_F_V2I_POLICY_MAPPINGS                     145
00963 # define X509V3_F_V2I_SUBJECT_ALT                         154
00964 # define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL          160
00965 # define X509V3_F_V3_GENERIC_EXTENSION                    116
00966 # define X509V3_F_X509V3_ADD1_I2D                         140
00967 # define X509V3_F_X509V3_ADD_VALUE                        105
00968 # define X509V3_F_X509V3_EXT_ADD                          104
00969 # define X509V3_F_X509V3_EXT_ADD_ALIAS                    106
00970 # define X509V3_F_X509V3_EXT_CONF                         107
00971 # define X509V3_F_X509V3_EXT_FREE                         165
00972 # define X509V3_F_X509V3_EXT_I2D                          136
00973 # define X509V3_F_X509V3_EXT_NCONF                        152
00974 # define X509V3_F_X509V3_GET_SECTION                      142
00975 # define X509V3_F_X509V3_GET_STRING                       143
00976 # define X509V3_F_X509V3_GET_VALUE_BOOL                   110
00977 # define X509V3_F_X509V3_PARSE_LIST                       109
00978 # define X509V3_F_X509_PURPOSE_ADD                        137
00979 # define X509V3_F_X509_PURPOSE_SET                        141
00980 
00981 /* Reason codes. */
00982 # define X509V3_R_BAD_IP_ADDRESS                          118
00983 # define X509V3_R_BAD_OBJECT                              119
00984 # define X509V3_R_BN_DEC2BN_ERROR                         100
00985 # define X509V3_R_BN_TO_ASN1_INTEGER_ERROR                101
00986 # define X509V3_R_CANNOT_FIND_FREE_FUNCTION               168
00987 # define X509V3_R_DIRNAME_ERROR                           149
00988 # define X509V3_R_DISTPOINT_ALREADY_SET                   160
00989 # define X509V3_R_DUPLICATE_ZONE_ID                       133
00990 # define X509V3_R_ERROR_CONVERTING_ZONE                   131
00991 # define X509V3_R_ERROR_CREATING_EXTENSION                144
00992 # define X509V3_R_ERROR_IN_EXTENSION                      128
00993 # define X509V3_R_EXPECTED_A_SECTION_NAME                 137
00994 # define X509V3_R_EXTENSION_EXISTS                        145
00995 # define X509V3_R_EXTENSION_NAME_ERROR                    115
00996 # define X509V3_R_EXTENSION_NOT_FOUND                     102
00997 # define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED         103
00998 # define X509V3_R_EXTENSION_VALUE_ERROR                   116
00999 # define X509V3_R_ILLEGAL_EMPTY_EXTENSION                 151
01000 # define X509V3_R_ILLEGAL_HEX_DIGIT                       113
01001 # define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG             152
01002 # define X509V3_R_INVALID_ASNUMBER                        162
01003 # define X509V3_R_INVALID_ASRANGE                         163
01004 # define X509V3_R_INVALID_BOOLEAN_STRING                  104
01005 # define X509V3_R_INVALID_EXTENSION_STRING                105
01006 # define X509V3_R_INVALID_INHERITANCE                     165
01007 # define X509V3_R_INVALID_IPADDRESS                       166
01008 # define X509V3_R_INVALID_MULTIPLE_RDNS                   161
01009 # define X509V3_R_INVALID_NAME                            106
01010 # define X509V3_R_INVALID_NULL_ARGUMENT                   107
01011 # define X509V3_R_INVALID_NULL_NAME                       108
01012 # define X509V3_R_INVALID_NULL_VALUE                      109
01013 # define X509V3_R_INVALID_NUMBER                          140
01014 # define X509V3_R_INVALID_NUMBERS                         141
01015 # define X509V3_R_INVALID_OBJECT_IDENTIFIER               110
01016 # define X509V3_R_INVALID_OPTION                          138
01017 # define X509V3_R_INVALID_POLICY_IDENTIFIER               134
01018 # define X509V3_R_INVALID_PROXY_POLICY_SETTING            153
01019 # define X509V3_R_INVALID_PURPOSE                         146
01020 # define X509V3_R_INVALID_SAFI                            164
01021 # define X509V3_R_INVALID_SECTION                         135
01022 # define X509V3_R_INVALID_SYNTAX                          143
01023 # define X509V3_R_ISSUER_DECODE_ERROR                     126
01024 # define X509V3_R_MISSING_VALUE                           124
01025 # define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS           142
01026 # define X509V3_R_NO_CONFIG_DATABASE                      136
01027 # define X509V3_R_NO_ISSUER_CERTIFICATE                   121
01028 # define X509V3_R_NO_ISSUER_DETAILS                       127
01029 # define X509V3_R_NO_POLICY_IDENTIFIER                    139
01030 # define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED   154
01031 # define X509V3_R_NO_PUBLIC_KEY                           114
01032 # define X509V3_R_NO_SUBJECT_DETAILS                      125
01033 # define X509V3_R_ODD_NUMBER_OF_DIGITS                    112
01034 # define X509V3_R_OPERATION_NOT_DEFINED                   148
01035 # define X509V3_R_OTHERNAME_ERROR                         147
01036 # define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED         155
01037 # define X509V3_R_POLICY_PATH_LENGTH                      156
01038 # define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED      157
01039 # define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED   158
01040 # define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
01041 # define X509V3_R_SECTION_NOT_FOUND                       150
01042 # define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS            122
01043 # define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID              123
01044 # define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT             111
01045 # define X509V3_R_UNKNOWN_EXTENSION                       129
01046 # define X509V3_R_UNKNOWN_EXTENSION_NAME                  130
01047 # define X509V3_R_UNKNOWN_OPTION                          120
01048 # define X509V3_R_UNSUPPORTED_OPTION                      117
01049 # define X509V3_R_UNSUPPORTED_TYPE                        167
01050 # define X509V3_R_USER_TOO_LONG                           132
01051 
01052 #ifdef  __cplusplus
01053 }
01054 #endif
01055 #endif