1 /* Copyright (C) 1995-1998 Eric Young ([email protected]) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young ([email protected]). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson ([email protected]). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young ([email protected])" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson ([email protected])" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] 56 */ 57 /* ==================================================================== 58 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 59 * ECDH support in OpenSSL originally developed by 60 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 61 */ 62 63 #ifndef OPENSSL_HEADER_X509_H 64 #define OPENSSL_HEADER_X509_H 65 66 #include <openssl/base.h> 67 68 #include <time.h> 69 70 #include <openssl/asn1.h> 71 #include <openssl/bio.h> 72 #include <openssl/cipher.h> 73 #include <openssl/conf.h> 74 #include <openssl/dh.h> 75 #include <openssl/dsa.h> 76 #include <openssl/ec.h> 77 #include <openssl/ecdh.h> 78 #include <openssl/ecdsa.h> 79 #include <openssl/evp.h> 80 #include <openssl/lhash.h> 81 #include <openssl/obj.h> 82 #include <openssl/pkcs7.h> 83 #include <openssl/pool.h> 84 #include <openssl/rsa.h> 85 #include <openssl/sha.h> 86 #include <openssl/stack.h> 87 #include <openssl/thread.h> 88 #include <openssl/x509v3_errors.h> // IWYU pragma: export 89 90 #if defined(__cplusplus) 91 extern "C" { 92 #endif 93 94 95 // Legacy X.509 library. 96 // 97 // This header is part of OpenSSL's X.509 implementation. It is retained for 98 // compatibility but should not be used by new code. The functions are difficult 99 // to use correctly, and have buggy or non-standard behaviors. They are thus 100 // particularly prone to behavior changes and API removals, as BoringSSL 101 // iterates on these issues. 102 // 103 // In the future, a replacement library will be available. Meanwhile, minimize 104 // dependencies on this header where possible. 105 106 107 // Certificates. 108 // 109 // An |X509| object represents an X.509 certificate, defined in RFC 5280. 110 // 111 // Although an |X509| is a mutable object, mutating an |X509| can give incorrect 112 // results. Callers typically obtain |X509|s by parsing some input with 113 // |d2i_X509|, etc. Such objects carry information such as the serialized 114 // TBSCertificate and decoded extensions, which will become inconsistent when 115 // mutated. 116 // 117 // Instead, mutation functions should only be used when issuing new 118 // certificates, as described in a later section. 119 120 DEFINE_STACK_OF(X509) 121 122 // X509 is an |ASN1_ITEM| whose ASN.1 type is X.509 Certificate (RFC 5280) and C 123 // type is |X509*|. 124 DECLARE_ASN1_ITEM(X509) 125 126 // X509_up_ref adds one to the reference count of |x509| and returns one. 127 OPENSSL_EXPORT int X509_up_ref(X509 *x509); 128 129 // X509_chain_up_ref returns a newly-allocated |STACK_OF(X509)| containing a 130 // shallow copy of |chain|, or NULL on error. That is, the return value has the 131 // same contents as |chain|, and each |X509|'s reference count is incremented by 132 // one. 133 OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain); 134 135 // X509_dup returns a newly-allocated copy of |x509|, or NULL on error. This 136 // function works by serializing the structure, so auxiliary properties (see 137 // |i2d_X509_AUX|) are not preserved. Additionally, if |x509| is incomplete, 138 // this function may fail. 139 // 140 // TODO(https://crbug.com/boringssl/407): This function should be const and 141 // thread-safe but is currently neither in some cases, notably if |crl| was 142 // mutated. 143 OPENSSL_EXPORT X509 *X509_dup(X509 *x509); 144 145 // X509_free decrements |x509|'s reference count and, if zero, releases memory 146 // associated with |x509|. 147 OPENSSL_EXPORT void X509_free(X509 *x509); 148 149 // d2i_X509 parses up to |len| bytes from |*inp| as a DER-encoded X.509 150 // Certificate (RFC 5280), as described in |d2i_SAMPLE|. 151 OPENSSL_EXPORT X509 *d2i_X509(X509 **out, const uint8_t **inp, long len); 152 153 // X509_parse_from_buffer parses an X.509 structure from |buf| and returns a 154 // fresh X509 or NULL on error. There must not be any trailing data in |buf|. 155 // The returned structure (if any) holds a reference to |buf| rather than 156 // copying parts of it as a normal |d2i_X509| call would do. 157 OPENSSL_EXPORT X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf); 158 159 // i2d_X509 marshals |x509| as a DER-encoded X.509 Certificate (RFC 5280), as 160 // described in |i2d_SAMPLE|. 161 // 162 // TODO(https://crbug.com/boringssl/407): This function should be const and 163 // thread-safe but is currently neither in some cases, notably if |x509| was 164 // mutated. 165 OPENSSL_EXPORT int i2d_X509(X509 *x509, uint8_t **outp); 166 167 // X509_VERSION_* are X.509 version numbers. Note the numerical values of all 168 // defined X.509 versions are one less than the named version. 169 #define X509_VERSION_1 0 170 #define X509_VERSION_2 1 171 #define X509_VERSION_3 2 172 173 // X509_get_version returns the numerical value of |x509|'s version, which will 174 // be one of the |X509_VERSION_*| constants. 175 OPENSSL_EXPORT long X509_get_version(const X509 *x509); 176 177 // X509_get0_serialNumber returns |x509|'s serial number. 178 OPENSSL_EXPORT const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x509); 179 180 // X509_get0_notBefore returns |x509|'s notBefore time. 181 OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x509); 182 183 // X509_get0_notAfter returns |x509|'s notAfter time. 184 OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x509); 185 186 // X509_get_issuer_name returns |x509|'s issuer. 187 OPENSSL_EXPORT X509_NAME *X509_get_issuer_name(const X509 *x509); 188 189 // X509_get_subject_name returns |x509|'s subject. 190 OPENSSL_EXPORT X509_NAME *X509_get_subject_name(const X509 *x509); 191 192 // X509_get_X509_PUBKEY returns the public key of |x509|. Note this function is 193 // not const-correct for legacy reasons. Callers should not modify the returned 194 // object. 195 OPENSSL_EXPORT X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509); 196 197 // X509_get0_pubkey returns |x509|'s public key as an |EVP_PKEY|, or NULL if the 198 // public key was unsupported or could not be decoded. The |EVP_PKEY| is cached 199 // in |x509|, so callers must not mutate the result. 200 OPENSSL_EXPORT EVP_PKEY *X509_get0_pubkey(const X509 *x509); 201 202 // X509_get_pubkey behaves like |X509_get0_pubkey| but increments the reference 203 // count on the |EVP_PKEY|. The caller must release the result with 204 // |EVP_PKEY_free| when done. The |EVP_PKEY| is cached in |x509|, so callers 205 // must not mutate the result. 206 OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(const X509 *x509); 207 208 // X509_get0_pubkey_bitstr returns the BIT STRING portion of |x509|'s public 209 // key. Note this does not contain the AlgorithmIdentifier portion. 210 // 211 // WARNING: This function returns a non-const pointer for OpenSSL compatibility, 212 // but the caller must not modify the resulting object. Doing so will break 213 // internal invariants in |x509|. 214 OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x509); 215 216 // X509_check_private_key returns one if |x509|'s public key matches |pkey| and 217 // zero otherwise. 218 OPENSSL_EXPORT int X509_check_private_key(const X509 *x509, 219 const EVP_PKEY *pkey); 220 221 // X509_get0_uids sets |*out_issuer_uid| to a non-owning pointer to the 222 // issuerUID field of |x509|, or NULL if |x509| has no issuerUID. It similarly 223 // outputs |x509|'s subjectUID field to |*out_subject_uid|. 224 // 225 // Callers may pass NULL to either |out_issuer_uid| or |out_subject_uid| to 226 // ignore the corresponding field. 227 OPENSSL_EXPORT void X509_get0_uids(const X509 *x509, 228 const ASN1_BIT_STRING **out_issuer_uid, 229 const ASN1_BIT_STRING **out_subject_uid); 230 231 // The following bits are returned from |X509_get_extension_flags|. 232 233 // EXFLAG_BCONS indicates the certificate has a basic constraints extension. 234 #define EXFLAG_BCONS 0x1 235 // EXFLAG_KUSAGE indicates the certifcate has a key usage extension. 236 #define EXFLAG_KUSAGE 0x2 237 // EXFLAG_XKUSAGE indicates the certifcate has an extended key usage extension. 238 #define EXFLAG_XKUSAGE 0x4 239 // EXFLAG_CA indicates the certificate has a basic constraints extension with 240 // the CA bit set. 241 #define EXFLAG_CA 0x10 242 // EXFLAG_SI indicates the certificate is self-issued, i.e. its subject and 243 // issuer names match. 244 #define EXFLAG_SI 0x20 245 // EXFLAG_V1 indicates an X.509v1 certificate. 246 #define EXFLAG_V1 0x40 247 // EXFLAG_INVALID indicates an error processing some extension. The certificate 248 // should not be accepted. Note the lack of this bit does not imply all 249 // extensions are valid, only those used to compute extension flags. 250 #define EXFLAG_INVALID 0x80 251 // EXFLAG_SET is an internal bit that indicates extension flags were computed. 252 #define EXFLAG_SET 0x100 253 // EXFLAG_CRITICAL indicates an unsupported critical extension. The certificate 254 // should not be accepted. 255 #define EXFLAG_CRITICAL 0x200 256 // EXFLAG_SS indicates the certificate is likely self-signed. That is, if it is 257 // self-issued, its authority key identifier (if any) matches itself, and its 258 // key usage extension (if any) allows certificate signatures. The signature 259 // itself is not checked in computing this bit. 260 #define EXFLAG_SS 0x2000 261 262 // X509_get_extension_flags decodes a set of extensions from |x509| and returns 263 // a collection of |EXFLAG_*| bits which reflect |x509|. If there was an error 264 // in computing this bitmask, the result will include the |EXFLAG_INVALID| bit. 265 OPENSSL_EXPORT uint32_t X509_get_extension_flags(X509 *x509); 266 267 // X509_get_pathlen returns path length constraint from the basic constraints 268 // extension in |x509|. (See RFC 5280, section 4.2.1.9.) It returns -1 if the 269 // constraint is not present, or if some extension in |x509| was invalid. 270 // 271 // TODO(crbug.com/boringssl/381): Decoding an |X509| object will not check for 272 // invalid extensions. To detect the error case, call 273 // |X509_get_extension_flags| and check the |EXFLAG_INVALID| bit. 274 OPENSSL_EXPORT long X509_get_pathlen(X509 *x509); 275 276 // X509v3_KU_* are key usage bits returned from |X509_get_key_usage|. 277 #define X509v3_KU_DIGITAL_SIGNATURE 0x0080 278 #define X509v3_KU_NON_REPUDIATION 0x0040 279 #define X509v3_KU_KEY_ENCIPHERMENT 0x0020 280 #define X509v3_KU_DATA_ENCIPHERMENT 0x0010 281 #define X509v3_KU_KEY_AGREEMENT 0x0008 282 #define X509v3_KU_KEY_CERT_SIGN 0x0004 283 #define X509v3_KU_CRL_SIGN 0x0002 284 #define X509v3_KU_ENCIPHER_ONLY 0x0001 285 #define X509v3_KU_DECIPHER_ONLY 0x8000 286 287 // X509_get_key_usage returns a bitmask of key usages (see Section 4.2.1.3 of 288 // RFC 5280) which |x509| is valid for. This function only reports the first 16 289 // bits, in a little-endian byte order, but big-endian bit order. That is, bits 290 // 0 though 7 are reported at 1<<7 through 1<<0, and bits 8 through 15 are 291 // reported at 1<<15 through 1<<8. 292 // 293 // Instead of depending on this bit order, callers should compare against the 294 // |X509v3_KU_*| constants. 295 // 296 // If |x509| has no key usage extension, all key usages are valid and this 297 // function returns |UINT32_MAX|. If there was an error processing |x509|'s 298 // extensions, or if the first 16 bits in the key usage extension were all zero, 299 // this function returns zero. 300 OPENSSL_EXPORT uint32_t X509_get_key_usage(X509 *x509); 301 302 // XKU_* are extended key usage bits returned from 303 // |X509_get_extended_key_usage|. 304 #define XKU_SSL_SERVER 0x1 305 #define XKU_SSL_CLIENT 0x2 306 #define XKU_SMIME 0x4 307 #define XKU_CODE_SIGN 0x8 308 #define XKU_SGC 0x10 309 #define XKU_OCSP_SIGN 0x20 310 #define XKU_TIMESTAMP 0x40 311 #define XKU_DVCS 0x80 312 #define XKU_ANYEKU 0x100 313 314 // X509_get_extended_key_usage returns a bitmask of extended key usages (see 315 // Section 4.2.1.12 of RFC 5280) which |x509| is valid for. The result will be 316 // a combination of |XKU_*| constants. If checking an extended key usage not 317 // defined above, callers should extract the extended key usage extension 318 // separately, e.g. via |X509_get_ext_d2i|. 319 // 320 // If |x509| has no extended key usage extension, all extended key usages are 321 // valid and this function returns |UINT32_MAX|. If there was an error 322 // processing |x509|'s extensions, or if |x509|'s extended key usage extension 323 // contained no recognized usages, this function returns zero. 324 OPENSSL_EXPORT uint32_t X509_get_extended_key_usage(X509 *x509); 325 326 // X509_get0_subject_key_id returns |x509|'s subject key identifier, if present. 327 // (See RFC 5280, section 4.2.1.2.) It returns NULL if the extension is not 328 // present or if some extension in |x509| was invalid. 329 // 330 // TODO(crbug.com/boringssl/381): Decoding an |X509| object will not check for 331 // invalid extensions. To detect the error case, call 332 // |X509_get_extension_flags| and check the |EXFLAG_INVALID| bit. 333 OPENSSL_EXPORT const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x509); 334 335 // X509_get0_authority_key_id returns keyIdentifier of |x509|'s authority key 336 // identifier, if the extension and field are present. (See RFC 5280, 337 // section 4.2.1.1.) It returns NULL if the extension is not present, if it is 338 // present but lacks a keyIdentifier field, or if some extension in |x509| was 339 // invalid. 340 // 341 // TODO(crbug.com/boringssl/381): Decoding an |X509| object will not check for 342 // invalid extensions. To detect the error case, call 343 // |X509_get_extension_flags| and check the |EXFLAG_INVALID| bit. 344 OPENSSL_EXPORT const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x509); 345 346 DEFINE_STACK_OF(GENERAL_NAME) 347 typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; 348 349 // X509_get0_authority_issuer returns the authorityCertIssuer of |x509|'s 350 // authority key identifier, if the extension and field are present. (See 351 // RFC 5280, section 4.2.1.1.) It returns NULL if the extension is not present, 352 // if it is present but lacks a authorityCertIssuer field, or if some extension 353 // in |x509| was invalid. 354 // 355 // TODO(crbug.com/boringssl/381): Decoding an |X509| object will not check for 356 // invalid extensions. To detect the error case, call 357 // |X509_get_extension_flags| and check the |EXFLAG_INVALID| bit. 358 OPENSSL_EXPORT const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x509); 359 360 // X509_get0_authority_serial returns the authorityCertSerialNumber of |x509|'s 361 // authority key identifier, if the extension and field are present. (See 362 // RFC 5280, section 4.2.1.1.) It returns NULL if the extension is not present, 363 // if it is present but lacks a authorityCertSerialNumber field, or if some 364 // extension in |x509| was invalid. 365 // 366 // TODO(crbug.com/boringssl/381): Decoding an |X509| object will not check for 367 // invalid extensions. To detect the error case, call 368 // |X509_get_extension_flags| and check the |EXFLAG_INVALID| bit. 369 OPENSSL_EXPORT const ASN1_INTEGER *X509_get0_authority_serial(X509 *x509); 370 371 // X509_get0_extensions returns |x509|'s extension list, or NULL if |x509| omits 372 // it. 373 OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_get0_extensions( 374 const X509 *x509); 375 376 // X509_get_ext_count returns the number of extensions in |x|. 377 OPENSSL_EXPORT int X509_get_ext_count(const X509 *x); 378 379 // X509_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for 380 // extensions in |x|. 381 OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos); 382 383 // X509_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for 384 // extensions in |x|. 385 OPENSSL_EXPORT int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, 386 int lastpos); 387 388 // X509_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but 389 // searches for extensions in |x|. 390 OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit, 391 int lastpos); 392 393 // X509_get_ext returns the extension in |x| at index |loc|, or NULL if |loc| is 394 // out of bounds. This function returns a non-const pointer for OpenSSL 395 // compatibility, but callers should not mutate the result. 396 OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc); 397 398 // X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in 399 // |x509|'s extension list. 400 // 401 // WARNING: This function is difficult to use correctly. See the documentation 402 // for |X509V3_get_d2i| for details. 403 OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid, 404 int *out_critical, int *out_idx); 405 406 // X509_get0_tbs_sigalg returns the signature algorithm in |x509|'s 407 // TBSCertificate. For the outer signature algorithm, see |X509_get0_signature|. 408 // 409 // Certificates with mismatched signature algorithms will successfully parse, 410 // but they will be rejected when verifying. 411 OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x509); 412 413 // X509_get0_signature sets |*out_sig| and |*out_alg| to the signature and 414 // signature algorithm of |x509|, respectively. Either output pointer may be 415 // NULL to ignore the value. 416 // 417 // This function outputs the outer signature algorithm. For the one in the 418 // TBSCertificate, see |X509_get0_tbs_sigalg|. Certificates with mismatched 419 // signature algorithms will successfully parse, but they will be rejected when 420 // verifying. 421 OPENSSL_EXPORT void X509_get0_signature(const ASN1_BIT_STRING **out_sig, 422 const X509_ALGOR **out_alg, 423 const X509 *x509); 424 425 // X509_get_signature_nid returns the NID corresponding to |x509|'s signature 426 // algorithm, or |NID_undef| if the signature algorithm does not correspond to 427 // a known NID. 428 OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x509); 429 430 // i2d_X509_tbs serializes the TBSCertificate portion of |x509|, as described in 431 // |i2d_SAMPLE|. 432 // 433 // This function preserves the original encoding of the TBSCertificate and may 434 // not reflect modifications made to |x509|. It may be used to manually verify 435 // the signature of an existing certificate. To generate certificates, use 436 // |i2d_re_X509_tbs| instead. 437 OPENSSL_EXPORT int i2d_X509_tbs(X509 *x509, unsigned char **outp); 438 439 // X509_verify checks that |x509| has a valid signature by |pkey|. It returns 440 // one if the signature is valid and zero otherwise. Note this function only 441 // checks the signature itself and does not perform a full certificate 442 // validation. 443 OPENSSL_EXPORT int X509_verify(X509 *x509, EVP_PKEY *pkey); 444 445 // X509_get1_email returns a newly-allocated list of NUL-terminated strings 446 // containing all email addresses in |x509|'s subject and all rfc822name names 447 // in |x509|'s subject alternative names. Email addresses which contain embedded 448 // NUL bytes are skipped. 449 // 450 // On error, or if there are no such email addresses, it returns NULL. When 451 // done, the caller must release the result with |X509_email_free|. 452 OPENSSL_EXPORT STACK_OF(OPENSSL_STRING) *X509_get1_email(const X509 *x509); 453 454 // X509_get1_ocsp returns a newly-allocated list of NUL-terminated strings 455 // containing all OCSP URIs in |x509|. That is, it collects all URI 456 // AccessDescriptions with an accessMethod of id-ad-ocsp in |x509|'s authority 457 // information access extension. URIs which contain embedded NUL bytes are 458 // skipped. 459 // 460 // On error, or if there are no such URIs, it returns NULL. When done, the 461 // caller must release the result with |X509_email_free|. 462 OPENSSL_EXPORT STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(const X509 *x509); 463 464 // X509_email_free releases memory associated with |sk|, including |sk| itself. 465 // Each |OPENSSL_STRING| in |sk| must be a NUL-terminated string allocated with 466 // |OPENSSL_malloc|. If |sk| is NULL, no action is taken. 467 OPENSSL_EXPORT void X509_email_free(STACK_OF(OPENSSL_STRING) *sk); 468 469 // X509_cmp compares |a| and |b| and returns zero if they are equal, a negative 470 // number if |b| sorts after |a| and a negative number if |a| sorts after |b|. 471 // The sort order implemented by this function is arbitrary and does not 472 // reflect properties of the certificate such as expiry. Applications should not 473 // rely on the order itself. 474 // 475 // TODO(https://crbug.com/boringssl/355): This function works by comparing a 476 // cached hash of the encoded certificate. If |a| or |b| could not be 477 // serialized, the current behavior is to compare all unencodable certificates 478 // as equal. This function should only be used with |X509| objects that were 479 // parsed from bytes and never mutated. 480 // 481 // TODO(https://crbug.com/boringssl/407): This function is const, but it is not 482 // always thread-safe, notably if |a| and |b| were mutated. 483 OPENSSL_EXPORT int X509_cmp(const X509 *a, const X509 *b); 484 485 486 // Issuing certificates. 487 // 488 // An |X509| object may also represent an incomplete certificate. Callers may 489 // construct empty |X509| objects, fill in fields individually, and finally sign 490 // the result. The following functions may be used for this purpose. 491 492 // X509_new returns a newly-allocated, empty |X509| object, or NULL on error. 493 // This produces an incomplete certificate which may be filled in to issue a new 494 // certificate. 495 OPENSSL_EXPORT X509 *X509_new(void); 496 497 // X509_set_version sets |x509|'s version to |version|, which should be one of 498 // the |X509V_VERSION_*| constants. It returns one on success and zero on error. 499 // 500 // If unsure, use |X509_VERSION_3|. 501 OPENSSL_EXPORT int X509_set_version(X509 *x509, long version); 502 503 // X509_set_serialNumber sets |x509|'s serial number to |serial|. It returns one 504 // on success and zero on error. 505 OPENSSL_EXPORT int X509_set_serialNumber(X509 *x509, 506 const ASN1_INTEGER *serial); 507 508 // X509_set1_notBefore sets |x509|'s notBefore time to |tm|. It returns one on 509 // success and zero on error. 510 OPENSSL_EXPORT int X509_set1_notBefore(X509 *x509, const ASN1_TIME *tm); 511 512 // X509_set1_notAfter sets |x509|'s notAfter time to |tm|. it returns one on 513 // success and zero on error. 514 OPENSSL_EXPORT int X509_set1_notAfter(X509 *x509, const ASN1_TIME *tm); 515 516 // X509_getm_notBefore returns a mutable pointer to |x509|'s notBefore time. 517 OPENSSL_EXPORT ASN1_TIME *X509_getm_notBefore(X509 *x509); 518 519 // X509_getm_notAfter returns a mutable pointer to |x509|'s notAfter time. 520 OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x); 521 522 // X509_set_issuer_name sets |x509|'s issuer to a copy of |name|. It returns one 523 // on success and zero on error. 524 OPENSSL_EXPORT int X509_set_issuer_name(X509 *x509, X509_NAME *name); 525 526 // X509_set_subject_name sets |x509|'s subject to a copy of |name|. It returns 527 // one on success and zero on error. 528 OPENSSL_EXPORT int X509_set_subject_name(X509 *x509, X509_NAME *name); 529 530 // X509_set_pubkey sets |x509|'s public key to |pkey|. It returns one on success 531 // and zero on error. This function does not take ownership of |pkey| and 532 // internally copies and updates reference counts as needed. 533 OPENSSL_EXPORT int X509_set_pubkey(X509 *x509, EVP_PKEY *pkey); 534 535 // X509_delete_ext removes the extension in |x| at index |loc| and returns the 536 // removed extension, or NULL if |loc| was out of bounds. If non-NULL, the 537 // caller must release the result with |X509_EXTENSION_free|. 538 OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc); 539 540 // X509_add_ext adds a copy of |ex| to |x|. It returns one on success and zero 541 // on failure. The caller retains ownership of |ex| and can release it 542 // independently of |x|. 543 // 544 // The new extension is inserted at index |loc|, shifting extensions to the 545 // right. If |loc| is -1 or out of bounds, the new extension is appended to the 546 // list. 547 OPENSSL_EXPORT int X509_add_ext(X509 *x, const X509_EXTENSION *ex, int loc); 548 549 // X509_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension to 550 // |x|'s extension list. 551 // 552 // WARNING: This function may return zero or -1 on error. The caller must also 553 // ensure |value|'s type matches |nid|. See the documentation for 554 // |X509V3_add1_i2d| for details. 555 OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, 556 unsigned long flags); 557 558 // X509_sign signs |x509| with |pkey| and replaces the signature algorithm and 559 // signature fields. It returns the length of the signature on success and zero 560 // on error. This function uses digest algorithm |md|, or |pkey|'s default if 561 // NULL. Other signing parameters use |pkey|'s defaults. To customize them, use 562 // |X509_sign_ctx|. 563 OPENSSL_EXPORT int X509_sign(X509 *x509, EVP_PKEY *pkey, const EVP_MD *md); 564 565 // X509_sign_ctx signs |x509| with |ctx| and replaces the signature algorithm 566 // and signature fields. It returns the length of the signature on success and 567 // zero on error. The signature algorithm and parameters come from |ctx|, which 568 // must have been initialized with |EVP_DigestSignInit|. The caller should 569 // configure the corresponding |EVP_PKEY_CTX| before calling this function. 570 // 571 // On success or failure, this function mutates |ctx| and resets it to the empty 572 // state. Caller should not rely on its contents after the function returns. 573 OPENSSL_EXPORT int X509_sign_ctx(X509 *x509, EVP_MD_CTX *ctx); 574 575 // i2d_re_X509_tbs serializes the TBSCertificate portion of |x509|, as described 576 // in |i2d_SAMPLE|. 577 // 578 // This function re-encodes the TBSCertificate and may not reflect |x509|'s 579 // original encoding. It may be used to manually generate a signature for a new 580 // certificate. To verify certificates, use |i2d_X509_tbs| instead. 581 OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x509, unsigned char **outp); 582 583 // X509_set1_signature_algo sets |x509|'s signature algorithm to |algo| and 584 // returns one on success or zero on error. It updates both the signature field 585 // of the TBSCertificate structure, and the signatureAlgorithm field of the 586 // Certificate. 587 OPENSSL_EXPORT int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo); 588 589 // X509_set1_signature_value sets |x509|'s signature to a copy of the |sig_len| 590 // bytes pointed by |sig|. It returns one on success and zero on error. 591 // 592 // Due to a specification error, X.509 certificates store signatures in ASN.1 593 // BIT STRINGs, but signature algorithms return byte strings rather than bit 594 // strings. This function creates a BIT STRING containing a whole number of 595 // bytes, with the bit order matching the DER encoding. This matches the 596 // encoding used by all X.509 signature algorithms. 597 OPENSSL_EXPORT int X509_set1_signature_value(X509 *x509, const uint8_t *sig, 598 size_t sig_len); 599 600 601 // Auxiliary certificate properties. 602 // 603 // |X509| objects optionally maintain auxiliary properties. These are not part 604 // of the certificates themselves, and thus are not covered by signatures or 605 // preserved by the standard serialization. They are used as inputs or outputs 606 // to other functions in this library. 607 608 // i2d_X509_AUX marshals |x509| as a DER-encoded X.509 Certificate (RFC 5280), 609 // followed optionally by a separate, OpenSSL-specific structure with auxiliary 610 // properties. It behaves as described in |i2d_SAMPLE|. 611 // 612 // Unlike similarly-named functions, this function does not output a single 613 // ASN.1 element. Directly embedding the output in a larger ASN.1 structure will 614 // not behave correctly. 615 // 616 // TODO(crbug.com/boringssl/407): |x509| should be const. 617 OPENSSL_EXPORT int i2d_X509_AUX(X509 *x509, uint8_t **outp); 618 619 // d2i_X509_AUX parses up to |length| bytes from |*inp| as a DER-encoded X.509 620 // Certificate (RFC 5280), followed optionally by a separate, OpenSSL-specific 621 // structure with auxiliary properties. It behaves as described in |d2i_SAMPLE|. 622 // 623 // WARNING: Passing untrusted input to this function allows an attacker to 624 // control auxiliary properties. This can allow unexpected influence over the 625 // application if the certificate is used in a context that reads auxiliary 626 // properties. This includes PKCS#12 serialization, trusted certificates in 627 // |X509_STORE|, and callers of |X509_alias_get0| or |X509_keyid_get0|. 628 // 629 // Unlike similarly-named functions, this function does not parse a single 630 // ASN.1 element. Trying to parse data directly embedded in a larger ASN.1 631 // structure will not behave correctly. 632 OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **x509, const uint8_t **inp, 633 long length); 634 635 // X509_alias_set1 sets |x509|'s alias to |len| bytes from |name|. If |name| is 636 // NULL, the alias is cleared instead. Aliases are not part of the certificate 637 // itself and will not be serialized by |i2d_X509|. If |x509| is serialized in 638 // a PKCS#12 structure, the friendlyName attribute (RFC 2985) will contain this 639 // alias. 640 OPENSSL_EXPORT int X509_alias_set1(X509 *x509, const uint8_t *name, 641 ossl_ssize_t len); 642 643 // X509_keyid_set1 sets |x509|'s key ID to |len| bytes from |id|. If |id| is 644 // NULL, the key ID is cleared instead. Key IDs are not part of the certificate 645 // itself and will not be serialized by |i2d_X509|. 646 OPENSSL_EXPORT int X509_keyid_set1(X509 *x509, const uint8_t *id, 647 ossl_ssize_t len); 648 649 // X509_alias_get0 looks up |x509|'s alias. If found, it sets |*out_len| to the 650 // alias's length and returns a pointer to a buffer containing the contents. If 651 // not found, it outputs the empty string by returning NULL and setting 652 // |*out_len| to zero. 653 // 654 // If |x509| was parsed from a PKCS#12 structure (see 655 // |PKCS12_get_key_and_certs|), the alias will reflect the friendlyName 656 // attribute (RFC 2985). 657 // 658 // WARNING: In OpenSSL, this function did not set |*out_len| when the alias was 659 // missing. Callers that target both OpenSSL and BoringSSL should set the value 660 // to zero before calling this function. 661 OPENSSL_EXPORT const uint8_t *X509_alias_get0(const X509 *x509, int *out_len); 662 663 // X509_keyid_get0 looks up |x509|'s key ID. If found, it sets |*out_len| to the 664 // key ID's length and returns a pointer to a buffer containing the contents. If 665 // not found, it outputs the empty string by returning NULL and setting 666 // |*out_len| to zero. 667 // 668 // WARNING: In OpenSSL, this function did not set |*out_len| when the alias was 669 // missing. Callers that target both OpenSSL and BoringSSL should set the value 670 // to zero before calling this function. 671 OPENSSL_EXPORT const uint8_t *X509_keyid_get0(const X509 *x509, int *out_len); 672 673 // X509_add1_trust_object configures |x509| as a valid trust anchor for |obj|. 674 // It returns one on success and zero on error. |obj| should be a certificate 675 // usage OID associated with an |X509_TRUST_*| constant. 676 // 677 // See |X509_VERIFY_PARAM_set_trust| for details on how this value is evaluated. 678 // Note this only takes effect if |x509| was configured as a trusted certificate 679 // via |X509_STORE|. 680 OPENSSL_EXPORT int X509_add1_trust_object(X509 *x509, const ASN1_OBJECT *obj); 681 682 // X509_add1_reject_object configures |x509| as distrusted for |obj|. It returns 683 // one on success and zero on error. |obj| should be a certificate usage OID 684 // associated with an |X509_TRUST_*| constant. 685 // 686 // See |X509_VERIFY_PARAM_set_trust| for details on how this value is evaluated. 687 // Note this only takes effect if |x509| was configured as a trusted certificate 688 // via |X509_STORE|. 689 OPENSSL_EXPORT int X509_add1_reject_object(X509 *x509, const ASN1_OBJECT *obj); 690 691 // X509_trust_clear clears the list of OIDs for which |x509| is trusted. See 692 // also |X509_add1_trust_object|. 693 OPENSSL_EXPORT void X509_trust_clear(X509 *x509); 694 695 // X509_reject_clear clears the list of OIDs for which |x509| is distrusted. See 696 // also |X509_add1_reject_object|. 697 OPENSSL_EXPORT void X509_reject_clear(X509 *x509); 698 699 700 // Certificate revocation lists. 701 // 702 // An |X509_CRL| object represents an X.509 certificate revocation list (CRL), 703 // defined in RFC 5280. A CRL is a signed list of certificates, the 704 // revokedCertificates field, which are no longer considered valid. Each entry 705 // of this list is represented with an |X509_REVOKED| object, documented in the 706 // "CRL entries" section below. 707 // 708 // Although an |X509_CRL| is a mutable object, mutating an |X509_CRL| or its 709 // |X509_REVOKED|s can give incorrect results. Callers typically obtain 710 // |X509_CRL|s by parsing some input with |d2i_X509_CRL|, etc. Such objects 711 // carry information such as the serialized TBSCertList and decoded extensions, 712 // which will become inconsistent when mutated. 713 // 714 // Instead, mutation functions should only be used when issuing new CRLs, as 715 // described in a later section. 716 717 DEFINE_STACK_OF(X509_CRL) 718 DEFINE_STACK_OF(X509_REVOKED) 719 720 // X509_CRL_up_ref adds one to the reference count of |crl| and returns one. 721 OPENSSL_EXPORT int X509_CRL_up_ref(X509_CRL *crl); 722 723 // X509_CRL_dup returns a newly-allocated copy of |crl|, or NULL on error. This 724 // function works by serializing the structure, so if |crl| is incomplete, it 725 // may fail. 726 // 727 // TODO(https://crbug.com/boringssl/407): This function should be const and 728 // thread-safe but is currently neither in some cases, notably if |crl| was 729 // mutated. 730 OPENSSL_EXPORT X509_CRL *X509_CRL_dup(X509_CRL *crl); 731 732 // X509_CRL_free decrements |crl|'s reference count and, if zero, releases 733 // memory associated with |crl|. 734 OPENSSL_EXPORT void X509_CRL_free(X509_CRL *crl); 735 736 // d2i_X509_CRL parses up to |len| bytes from |*inp| as a DER-encoded X.509 737 // CertificateList (RFC 5280), as described in |d2i_SAMPLE|. 738 OPENSSL_EXPORT X509_CRL *d2i_X509_CRL(X509_CRL **out, const uint8_t **inp, 739 long len); 740 741 // i2d_X509_CRL marshals |crl| as a X.509 CertificateList (RFC 5280), as 742 // described in |i2d_SAMPLE|. 743 // 744 // TODO(https://crbug.com/boringssl/407): This function should be const and 745 // thread-safe but is currently neither in some cases, notably if |crl| was 746 // mutated. 747 OPENSSL_EXPORT int i2d_X509_CRL(X509_CRL *crl, uint8_t **outp); 748 749 // X509_CRL_match compares |a| and |b| and returns zero if they are equal, a 750 // negative number if |b| sorts after |a| and a negative number if |a| sorts 751 // after |b|. The sort order implemented by this function is arbitrary and does 752 // not reflect properties of the CRL such as expiry. Applications should not 753 // rely on the order itself. 754 // 755 // TODO(https://crbug.com/boringssl/355): This function works by comparing a 756 // cached hash of the encoded CRL. This cached hash is computed when the CRL is 757 // parsed, but not when mutating or issuing CRLs. This function should only be 758 // used with |X509_CRL| objects that were parsed from bytes and never mutated. 759 OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); 760 761 #define X509_CRL_VERSION_1 0 762 #define X509_CRL_VERSION_2 1 763 764 // X509_CRL_get_version returns the numerical value of |crl|'s version, which 765 // will be one of the |X509_CRL_VERSION_*| constants. 766 OPENSSL_EXPORT long X509_CRL_get_version(const X509_CRL *crl); 767 768 // X509_CRL_get0_lastUpdate returns |crl|'s thisUpdate time. The OpenSSL API 769 // refers to this field as lastUpdate. 770 OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl); 771 772 // X509_CRL_get0_nextUpdate returns |crl|'s nextUpdate time, or NULL if |crl| 773 // has none. 774 OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl); 775 776 // X509_CRL_get_issuer returns |crl|'s issuer name. Note this function is not 777 // const-correct for legacy reasons. 778 OPENSSL_EXPORT X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl); 779 780 // X509_CRL_get0_by_serial finds the entry in |crl| whose serial number is 781 // |serial|. If found, it sets |*out| to the entry and returns one. If not 782 // found, it returns zero. 783 // 784 // On success, |*out| continues to be owned by |crl|. It is an error to free or 785 // otherwise modify |*out|. 786 // 787 // TODO(crbug.com/boringssl/600): Ideally |crl| would be const. It is broadly 788 // thread-safe, but changes the order of entries in |crl|. It cannot be called 789 // concurrently with |i2d_X509_CRL|. 790 OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **out, 791 const ASN1_INTEGER *serial); 792 793 // X509_CRL_get0_by_cert behaves like |X509_CRL_get0_by_serial|, except it looks 794 // for the entry that matches |x509|. 795 OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **out, 796 X509 *x509); 797 798 // X509_CRL_get_REVOKED returns the list of revoked certificates in |crl|, or 799 // NULL if |crl| omits it. 800 // 801 // TOOD(davidben): This function was originally a macro, without clear const 802 // semantics. It should take a const input and give const output, but the latter 803 // would break existing callers. For now, we match upstream. 804 OPENSSL_EXPORT STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl); 805 806 // X509_CRL_get0_extensions returns |crl|'s extension list, or NULL if |crl| 807 // omits it. A CRL can have extensions on individual entries, which is 808 // |X509_REVOKED_get0_extensions|, or on the overall CRL, which is this 809 // function. 810 OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions( 811 const X509_CRL *crl); 812 813 // X509_CRL_get_ext_count returns the number of extensions in |x|. 814 OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x); 815 816 // X509_CRL_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for 817 // extensions in |x|. 818 OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, 819 int lastpos); 820 821 // X509_CRL_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for 822 // extensions in |x|. 823 OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, 824 const ASN1_OBJECT *obj, int lastpos); 825 826 // X509_CRL_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but 827 // searches for extensions in |x|. 828 OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, 829 int lastpos); 830 831 // X509_CRL_get_ext returns the extension in |x| at index |loc|, or NULL if 832 // |loc| is out of bounds. This function returns a non-const pointer for OpenSSL 833 // compatibility, but callers should not mutate the result. 834 OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc); 835 836 // X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the 837 // extension in |crl|'s extension list. 838 // 839 // WARNING: This function is difficult to use correctly. See the documentation 840 // for |X509V3_get_d2i| for details. 841 OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, 842 int *out_critical, int *out_idx); 843 844 // X509_CRL_get0_signature sets |*out_sig| and |*out_alg| to the signature and 845 // signature algorithm of |crl|, respectively. Either output pointer may be NULL 846 // to ignore the value. 847 // 848 // This function outputs the outer signature algorithm, not the one in the 849 // TBSCertList. CRLs with mismatched signature algorithms will successfully 850 // parse, but they will be rejected when verifying. 851 OPENSSL_EXPORT void X509_CRL_get0_signature(const X509_CRL *crl, 852 const ASN1_BIT_STRING **out_sig, 853 const X509_ALGOR **out_alg); 854 855 // X509_CRL_get_signature_nid returns the NID corresponding to |crl|'s signature 856 // algorithm, or |NID_undef| if the signature algorithm does not correspond to 857 // a known NID. 858 OPENSSL_EXPORT int X509_CRL_get_signature_nid(const X509_CRL *crl); 859 860 // i2d_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described in 861 // |i2d_SAMPLE|. 862 // 863 // This function preserves the original encoding of the TBSCertList and may not 864 // reflect modifications made to |crl|. It may be used to manually verify the 865 // signature of an existing CRL. To generate CRLs, use |i2d_re_X509_CRL_tbs| 866 // instead. 867 OPENSSL_EXPORT int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp); 868 869 // X509_CRL_verify checks that |crl| has a valid signature by |pkey|. It returns 870 // one if the signature is valid and zero otherwise. 871 OPENSSL_EXPORT int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *pkey); 872 873 874 // Issuing certificate revocation lists. 875 // 876 // An |X509_CRL| object may also represent an incomplete CRL. Callers may 877 // construct empty |X509_CRL| objects, fill in fields individually, and finally 878 // sign the result. The following functions may be used for this purpose. 879 880 // X509_CRL_new returns a newly-allocated, empty |X509_CRL| object, or NULL on 881 // error. This object may be filled in and then signed to construct a CRL. 882 OPENSSL_EXPORT X509_CRL *X509_CRL_new(void); 883 884 // X509_CRL_set_version sets |crl|'s version to |version|, which should be one 885 // of the |X509_CRL_VERSION_*| constants. It returns one on success and zero on 886 // error. 887 // 888 // If unsure, use |X509_CRL_VERSION_2|. Note that, unlike certificates, CRL 889 // versions are only defined up to v2. Callers should not use |X509_VERSION_3|. 890 OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *crl, long version); 891 892 // X509_CRL_set_issuer_name sets |crl|'s issuer to a copy of |name|. It returns 893 // one on success and zero on error. 894 OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *crl, X509_NAME *name); 895 896 // X509_CRL_set1_lastUpdate sets |crl|'s thisUpdate time to |tm|. It returns one 897 // on success and zero on error. The OpenSSL API refers to this field as 898 // lastUpdate. 899 OPENSSL_EXPORT int X509_CRL_set1_lastUpdate(X509_CRL *crl, const ASN1_TIME *tm); 900 901 // X509_CRL_set1_nextUpdate sets |crl|'s nextUpdate time to |tm|. It returns one 902 // on success and zero on error. 903 OPENSSL_EXPORT int X509_CRL_set1_nextUpdate(X509_CRL *crl, const ASN1_TIME *tm); 904 905 // X509_CRL_add0_revoked adds |rev| to |crl|. On success, it takes ownership of 906 // |rev| and returns one. On error, it returns zero. If this function fails, the 907 // caller retains ownership of |rev| and must release it when done. 908 OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); 909 910 // X509_CRL_sort sorts the entries in |crl| by serial number. It returns one on 911 // success and zero on error. 912 OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl); 913 914 // X509_CRL_delete_ext removes the extension in |x| at index |loc| and returns 915 // the removed extension, or NULL if |loc| was out of bounds. If non-NULL, the 916 // caller must release the result with |X509_EXTENSION_free|. 917 OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); 918 919 // X509_CRL_add_ext adds a copy of |ex| to |x|. It returns one on success and 920 // zero on failure. The caller retains ownership of |ex| and can release it 921 // independently of |x|. 922 // 923 // The new extension is inserted at index |loc|, shifting extensions to the 924 // right. If |loc| is -1 or out of bounds, the new extension is appended to the 925 // list. 926 OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, const X509_EXTENSION *ex, 927 int loc); 928 929 // X509_CRL_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension 930 // to |x|'s extension list. 931 // 932 // WARNING: This function may return zero or -1 on error. The caller must also 933 // ensure |value|'s type matches |nid|. See the documentation for 934 // |X509V3_add1_i2d| for details. 935 OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, 936 int crit, unsigned long flags); 937 938 // X509_CRL_sign signs |crl| with |pkey| and replaces the signature algorithm 939 // and signature fields. It returns the length of the signature on success and 940 // zero on error. This function uses digest algorithm |md|, or |pkey|'s default 941 // if NULL. Other signing parameters use |pkey|'s defaults. To customize them, 942 // use |X509_CRL_sign_ctx|. 943 OPENSSL_EXPORT int X509_CRL_sign(X509_CRL *crl, EVP_PKEY *pkey, 944 const EVP_MD *md); 945 946 // X509_CRL_sign_ctx signs |crl| with |ctx| and replaces the signature algorithm 947 // and signature fields. It returns the length of the signature on success and 948 // zero on error. The signature algorithm and parameters come from |ctx|, which 949 // must have been initialized with |EVP_DigestSignInit|. The caller should 950 // configure the corresponding |EVP_PKEY_CTX| before calling this function. 951 // 952 // On success or failure, this function mutates |ctx| and resets it to the empty 953 // state. Caller should not rely on its contents after the function returns. 954 OPENSSL_EXPORT int X509_CRL_sign_ctx(X509_CRL *crl, EVP_MD_CTX *ctx); 955 956 // i2d_re_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described 957 // in |i2d_SAMPLE|. 958 // 959 // This function re-encodes the TBSCertList and may not reflect |crl|'s original 960 // encoding. It may be used to manually generate a signature for a new CRL. To 961 // verify CRLs, use |i2d_X509_CRL_tbs| instead. 962 OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp); 963 964 // X509_CRL_set1_signature_algo sets |crl|'s signature algorithm to |algo| and 965 // returns one on success or zero on error. It updates both the signature field 966 // of the TBSCertList structure, and the signatureAlgorithm field of the CRL. 967 OPENSSL_EXPORT int X509_CRL_set1_signature_algo(X509_CRL *crl, 968 const X509_ALGOR *algo); 969 970 // X509_CRL_set1_signature_value sets |crl|'s signature to a copy of the 971 // |sig_len| bytes pointed by |sig|. It returns one on success and zero on 972 // error. 973 // 974 // Due to a specification error, X.509 CRLs store signatures in ASN.1 BIT 975 // STRINGs, but signature algorithms return byte strings rather than bit 976 // strings. This function creates a BIT STRING containing a whole number of 977 // bytes, with the bit order matching the DER encoding. This matches the 978 // encoding used by all X.509 signature algorithms. 979 OPENSSL_EXPORT int X509_CRL_set1_signature_value(X509_CRL *crl, 980 const uint8_t *sig, 981 size_t sig_len); 982 983 984 // CRL entries. 985 // 986 // Each entry of a CRL is represented as an |X509_REVOKED| object, which 987 // describes a revoked certificate by serial number. 988 // 989 // When an |X509_REVOKED| is obtained from an |X509_CRL| object, it is an error 990 // to mutate the object. Doing so may break |X509_CRL|'s and cause the library 991 // to behave incorrectly. 992 993 // X509_REVOKED_new returns a newly-allocated, empty |X509_REVOKED| object, or 994 // NULL on allocation error. 995 OPENSSL_EXPORT X509_REVOKED *X509_REVOKED_new(void); 996 997 // X509_REVOKED_free releases memory associated with |rev|. 998 OPENSSL_EXPORT void X509_REVOKED_free(X509_REVOKED *rev); 999 1000 // d2i_X509_REVOKED parses up to |len| bytes from |*inp| as a DER-encoded X.509 1001 // CRL entry, as described in |d2i_SAMPLE|. 1002 OPENSSL_EXPORT X509_REVOKED *d2i_X509_REVOKED(X509_REVOKED **out, 1003 const uint8_t **inp, long len); 1004 1005 // i2d_X509_REVOKED marshals |alg| as a DER-encoded X.509 CRL entry, as 1006 // described in |i2d_SAMPLE|. 1007 OPENSSL_EXPORT int i2d_X509_REVOKED(const X509_REVOKED *alg, uint8_t **outp); 1008 1009 // X509_REVOKED_dup returns a newly-allocated copy of |rev|, or NULL on error. 1010 // This function works by serializing the structure, so if |rev| is incomplete, 1011 // it may fail. 1012 OPENSSL_EXPORT X509_REVOKED *X509_REVOKED_dup(const X509_REVOKED *rev); 1013 1014 // X509_REVOKED_get0_serialNumber returns the serial number of the certificate 1015 // revoked by |revoked|. 1016 OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber( 1017 const X509_REVOKED *revoked); 1018 1019 // X509_REVOKED_set_serialNumber sets |revoked|'s serial number to |serial|. It 1020 // returns one on success or zero on error. 1021 OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked, 1022 const ASN1_INTEGER *serial); 1023 1024 // X509_REVOKED_get0_revocationDate returns the revocation time of the 1025 // certificate revoked by |revoked|. 1026 OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate( 1027 const X509_REVOKED *revoked); 1028 1029 // X509_REVOKED_set_revocationDate sets |revoked|'s revocation time to |tm|. It 1030 // returns one on success or zero on error. 1031 OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked, 1032 const ASN1_TIME *tm); 1033 1034 // X509_REVOKED_get0_extensions returns |r|'s extensions list, or NULL if |r| 1035 // omits it. A CRL can have extensions on individual entries, which is this 1036 // function, or on the overall CRL, which is |X509_CRL_get0_extensions|. 1037 OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions( 1038 const X509_REVOKED *r); 1039 1040 // X509_REVOKED_get_ext_count returns the number of extensions in |x|. 1041 OPENSSL_EXPORT int X509_REVOKED_get_ext_count(const X509_REVOKED *x); 1042 1043 // X509_REVOKED_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches 1044 // for extensions in |x|. 1045 OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, 1046 int lastpos); 1047 1048 // X509_REVOKED_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches 1049 // for extensions in |x|. 1050 OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, 1051 const ASN1_OBJECT *obj, 1052 int lastpos); 1053 1054 // X509_REVOKED_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| 1055 // but searches for extensions in |x|. 1056 OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, 1057 int crit, int lastpos); 1058 1059 // X509_REVOKED_get_ext returns the extension in |x| at index |loc|, or NULL if 1060 // |loc| is out of bounds. This function returns a non-const pointer for OpenSSL 1061 // compatibility, but callers should not mutate the result. 1062 OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, 1063 int loc); 1064 1065 // X509_REVOKED_delete_ext removes the extension in |x| at index |loc| and 1066 // returns the removed extension, or NULL if |loc| was out of bounds. If 1067 // non-NULL, the caller must release the result with |X509_EXTENSION_free|. 1068 OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, 1069 int loc); 1070 1071 // X509_REVOKED_add_ext adds a copy of |ex| to |x|. It returns one on success 1072 // and zero on failure. The caller retains ownership of |ex| and can release it 1073 // independently of |x|. 1074 // 1075 // The new extension is inserted at index |loc|, shifting extensions to the 1076 // right. If |loc| is -1 or out of bounds, the new extension is appended to the 1077 // list. 1078 OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, 1079 const X509_EXTENSION *ex, int loc); 1080 1081 // X509_REVOKED_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the 1082 // extension in |revoked|'s extension list. 1083 // 1084 // WARNING: This function is difficult to use correctly. See the documentation 1085 // for |X509V3_get_d2i| for details. 1086 OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked, 1087 int nid, int *out_critical, 1088 int *out_idx); 1089 1090 // X509_REVOKED_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the 1091 // extension to |x|'s extension list. 1092 // 1093 // WARNING: This function may return zero or -1 on error. The caller must also 1094 // ensure |value|'s type matches |nid|. See the documentation for 1095 // |X509V3_add1_i2d| for details. 1096 OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, 1097 void *value, int crit, 1098 unsigned long flags); 1099 1100 1101 // Certificate requests. 1102 // 1103 // An |X509_REQ| represents a PKCS #10 certificate request (RFC 2986). These are 1104 // also referred to as certificate signing requests or CSRs. CSRs are a common 1105 // format used to request a certificate from a CA. 1106 // 1107 // Although an |X509_REQ| is a mutable object, mutating an |X509_REQ| can give 1108 // incorrect results. Callers typically obtain |X509_REQ|s by parsing some input 1109 // with |d2i_X509_REQ|, etc. Such objects carry information such as the 1110 // serialized CertificationRequestInfo, which will become inconsistent when 1111 // mutated. 1112 // 1113 // Instead, mutation functions should only be used when issuing new CRLs, as 1114 // described in a later section. 1115 1116 // X509_REQ_dup returns a newly-allocated copy of |req|, or NULL on error. This 1117 // function works by serializing the structure, so if |req| is incomplete, it 1118 // may fail. 1119 // 1120 // TODO(https://crbug.com/boringssl/407): This function should be const and 1121 // thread-safe but is currently neither in some cases, notably if |req| was 1122 // mutated. 1123 OPENSSL_EXPORT X509_REQ *X509_REQ_dup(X509_REQ *req); 1124 1125 // X509_REQ_free releases memory associated with |req|. 1126 OPENSSL_EXPORT void X509_REQ_free(X509_REQ *req); 1127 1128 // d2i_X509_REQ parses up to |len| bytes from |*inp| as a DER-encoded 1129 // CertificateRequest (RFC 2986), as described in |d2i_SAMPLE|. 1130 OPENSSL_EXPORT X509_REQ *d2i_X509_REQ(X509_REQ **out, const uint8_t **inp, 1131 long len); 1132 1133 // i2d_X509_REQ marshals |req| as a CertificateRequest (RFC 2986), as described 1134 // in |i2d_SAMPLE|. 1135 // 1136 // TODO(https://crbug.com/boringssl/407): This function should be const and 1137 // thread-safe but is currently neither in some cases, notably if |req| was 1138 // mutated. 1139 OPENSSL_EXPORT int i2d_X509_REQ(X509_REQ *req, uint8_t **outp); 1140 1141 // X509_REQ_VERSION_1 is the version constant for |X509_REQ| objects. No other 1142 // versions are defined. 1143 #define X509_REQ_VERSION_1 0 1144 1145 // X509_REQ_get_version returns the numerical value of |req|'s version. This 1146 // will always be |X509_REQ_VERSION_1| for valid CSRs. For compatibility, 1147 // |d2i_X509_REQ| also accepts some invalid version numbers, in which case this 1148 // function may return other values. 1149 OPENSSL_EXPORT long X509_REQ_get_version(const X509_REQ *req); 1150 1151 // X509_REQ_get_subject_name returns |req|'s subject name. Note this function is 1152 // not const-correct for legacy reasons. 1153 OPENSSL_EXPORT X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req); 1154 1155 // X509_REQ_get0_pubkey returns |req|'s public key as an |EVP_PKEY|, or NULL if 1156 // the public key was unsupported or could not be decoded. The |EVP_PKEY| is 1157 // cached in |req|, so callers must not mutate the result. 1158 OPENSSL_EXPORT EVP_PKEY *X509_REQ_get0_pubkey(const X509_REQ *req); 1159 1160 // X509_REQ_get_pubkey behaves like |X509_REQ_get0_pubkey| but increments the 1161 // reference count on the |EVP_PKEY|. The caller must release the result with 1162 // |EVP_PKEY_free| when done. The |EVP_PKEY| is cached in |req|, so callers must 1163 // not mutate the result. 1164 OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(const X509_REQ *req); 1165 1166 // X509_REQ_check_private_key returns one if |req|'s public key matches |pkey| 1167 // and zero otherwise. 1168 OPENSSL_EXPORT int X509_REQ_check_private_key(const X509_REQ *req, 1169 const EVP_PKEY *pkey); 1170 1171 // X509_REQ_get_attr_count returns the number of attributes in |req|. 1172 OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req); 1173 1174 // X509_REQ_get_attr returns the attribute at index |loc| in |req|, or NULL if 1175 // out of bounds. 1176 OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); 1177 1178 // X509_REQ_get_attr_by_NID returns the index of the attribute in |req| of type 1179 // |nid|, or a negative number if not found. If found, callers can use 1180 // |X509_REQ_get_attr| to look up the attribute by index. 1181 // 1182 // If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers 1183 // can thus loop over all matching attributes by first passing -1 and then 1184 // passing the previously-returned value until no match is returned. 1185 OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, 1186 int lastpos); 1187 1188 // X509_REQ_get_attr_by_OBJ behaves like |X509_REQ_get_attr_by_NID| but looks 1189 // for attributes of type |obj|. 1190 OPENSSL_EXPORT int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, 1191 const ASN1_OBJECT *obj, 1192 int lastpos); 1193 1194 // X509_REQ_extension_nid returns one if |nid| is a supported CSR attribute type 1195 // for carrying extensions and zero otherwise. The supported types are 1196 // |NID_ext_req| (pkcs-9-at-extensionRequest from RFC 2985) and |NID_ms_ext_req| 1197 // (a Microsoft szOID_CERT_EXTENSIONS variant). 1198 OPENSSL_EXPORT int X509_REQ_extension_nid(int nid); 1199 1200 // X509_REQ_get_extensions decodes the most preferred list of requested 1201 // extensions in |req| and returns a newly-allocated |STACK_OF(X509_EXTENSION)| 1202 // containing the result. It returns NULL on error, or if |req| did not request 1203 // extensions. 1204 // 1205 // CSRs do not store extensions directly. Instead there are attribute types 1206 // which are defined to hold extensions. See |X509_REQ_extension_nid|. This 1207 // function supports both pkcs-9-at-extensionRequest from RFC 2985 and the 1208 // Microsoft szOID_CERT_EXTENSIONS variant. If both are present, 1209 // pkcs-9-at-extensionRequest is preferred. 1210 OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions( 1211 const X509_REQ *req); 1212 1213 // X509_REQ_get0_signature sets |*out_sig| and |*out_alg| to the signature and 1214 // signature algorithm of |req|, respectively. Either output pointer may be NULL 1215 // to ignore the value. 1216 OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req, 1217 const ASN1_BIT_STRING **out_sig, 1218 const X509_ALGOR **out_alg); 1219 1220 // X509_REQ_get_signature_nid returns the NID corresponding to |req|'s signature 1221 // algorithm, or |NID_undef| if the signature algorithm does not correspond to 1222 // a known NID. 1223 OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req); 1224 1225 // X509_REQ_verify checks that |req| has a valid signature by |pkey|. It returns 1226 // one if the signature is valid and zero otherwise. 1227 OPENSSL_EXPORT int X509_REQ_verify(X509_REQ *req, EVP_PKEY *pkey); 1228 1229 // X509_REQ_get1_email returns a newly-allocated list of NUL-terminated strings 1230 // containing all email addresses in |req|'s subject and all rfc822name names 1231 // in |req|'s subject alternative names. The subject alternative names extension 1232 // is extracted from the result of |X509_REQ_get_extensions|. Email addresses 1233 // which contain embedded NUL bytes are skipped. 1234 // 1235 // On error, or if there are no such email addresses, it returns NULL. When 1236 // done, the caller must release the result with |X509_email_free|. 1237 OPENSSL_EXPORT STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email( 1238 const X509_REQ *req); 1239 1240 1241 // Issuing certificate requests. 1242 // 1243 // An |X509_REQ| object may also represent an incomplete CSR. Callers may 1244 // construct empty |X509_REQ| objects, fill in fields individually, and finally 1245 // sign the result. The following functions may be used for this purpose. 1246 1247 // X509_REQ_new returns a newly-allocated, empty |X509_REQ| object, or NULL on 1248 // error. This object may be filled in and then signed to construct a CSR. 1249 OPENSSL_EXPORT X509_REQ *X509_REQ_new(void); 1250 1251 // X509_REQ_set_version sets |req|'s version to |version|, which should be 1252 // |X509_REQ_VERSION_1|. It returns one on success and zero on error. 1253 // 1254 // The only defined CSR version is |X509_REQ_VERSION_1|, so there is no need to 1255 // call this function. 1256 OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *req, long version); 1257 1258 // X509_REQ_set_subject_name sets |req|'s subject to a copy of |name|. It 1259 // returns one on success and zero on error. 1260 OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name); 1261 1262 // X509_REQ_set_pubkey sets |req|'s public key to |pkey|. It returns one on 1263 // success and zero on error. This function does not take ownership of |pkey| 1264 // and internally copies and updates reference counts as needed. 1265 OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *req, EVP_PKEY *pkey); 1266 1267 // X509_REQ_delete_attr removes the attribute at index |loc| in |req|. It 1268 // returns the removed attribute to the caller, or NULL if |loc| was out of 1269 // bounds. If non-NULL, the caller must release the result with 1270 // |X509_ATTRIBUTE_free| when done. It is also safe, but not necessary, to call 1271 // |X509_ATTRIBUTE_free| if the result is NULL. 1272 OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); 1273 1274 // X509_REQ_add1_attr appends a copy of |attr| to |req|'s list of attributes. It 1275 // returns one on success and zero on error. 1276 OPENSSL_EXPORT int X509_REQ_add1_attr(X509_REQ *req, 1277 const X509_ATTRIBUTE *attr); 1278 1279 // X509_REQ_add1_attr_by_OBJ appends a new attribute to |req| with type |obj|. 1280 // It returns one on success and zero on error. The value is determined by 1281 // |X509_ATTRIBUTE_set1_data|. 1282 // 1283 // WARNING: The interpretation of |attrtype|, |data|, and |len| is complex and 1284 // error-prone. See |X509_ATTRIBUTE_set1_data| for details. 1285 OPENSSL_EXPORT int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, 1286 const ASN1_OBJECT *obj, 1287 int attrtype, 1288 const unsigned char *data, 1289 int len); 1290 1291 // X509_REQ_add1_attr_by_NID behaves like |X509_REQ_add1_attr_by_OBJ| except the 1292 // attribute type is determined by |nid|. 1293 OPENSSL_EXPORT int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid, 1294 int attrtype, 1295 const unsigned char *data, 1296 int len); 1297 1298 // X509_REQ_add1_attr_by_txt behaves like |X509_REQ_add1_attr_by_OBJ| except the 1299 // attribute type is determined by calling |OBJ_txt2obj| with |attrname|. 1300 OPENSSL_EXPORT int X509_REQ_add1_attr_by_txt(X509_REQ *req, 1301 const char *attrname, int attrtype, 1302 const unsigned char *data, 1303 int len); 1304 1305 // X509_REQ_add_extensions_nid adds an attribute to |req| of type |nid|, to 1306 // request the certificate extensions in |exts|. It returns one on success and 1307 // zero on error. |nid| should be |NID_ext_req| or |NID_ms_ext_req|. 1308 OPENSSL_EXPORT int X509_REQ_add_extensions_nid( 1309 X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts, int nid); 1310 1311 // X509_REQ_add_extensions behaves like |X509_REQ_add_extensions_nid|, using the 1312 // standard |NID_ext_req| for the attribute type. 1313 OPENSSL_EXPORT int X509_REQ_add_extensions( 1314 X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts); 1315 1316 // X509_REQ_sign signs |req| with |pkey| and replaces the signature algorithm 1317 // and signature fields. It returns the length of the signature on success and 1318 // zero on error. This function uses digest algorithm |md|, or |pkey|'s default 1319 // if NULL. Other signing parameters use |pkey|'s defaults. To customize them, 1320 // use |X509_REQ_sign_ctx|. 1321 OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *req, EVP_PKEY *pkey, 1322 const EVP_MD *md); 1323 1324 // X509_REQ_sign_ctx signs |req| with |ctx| and replaces the signature algorithm 1325 // and signature fields. It returns the length of the signature on success and 1326 // zero on error. The signature algorithm and parameters come from |ctx|, which 1327 // must have been initialized with |EVP_DigestSignInit|. The caller should 1328 // configure the corresponding |EVP_PKEY_CTX| before calling this function. 1329 // 1330 // On success or failure, this function mutates |ctx| and resets it to the empty 1331 // state. Caller should not rely on its contents after the function returns. 1332 OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *req, EVP_MD_CTX *ctx); 1333 1334 // i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see RFC 2986) 1335 // portion of |req|, as described in |i2d_SAMPLE|. 1336 // 1337 // This function re-encodes the CertificationRequestInfo and may not reflect 1338 // |req|'s original encoding. It may be used to manually generate a signature 1339 // for a new certificate request. 1340 OPENSSL_EXPORT int i2d_re_X509_REQ_tbs(X509_REQ *req, uint8_t **outp); 1341 1342 // X509_REQ_set1_signature_algo sets |req|'s signature algorithm to |algo| and 1343 // returns one on success or zero on error. 1344 OPENSSL_EXPORT int X509_REQ_set1_signature_algo(X509_REQ *req, 1345 const X509_ALGOR *algo); 1346 1347 // X509_REQ_set1_signature_value sets |req|'s signature to a copy of the 1348 // |sig_len| bytes pointed by |sig|. It returns one on success and zero on 1349 // error. 1350 // 1351 // Due to a specification error, PKCS#10 certificate requests store signatures 1352 // in ASN.1 BIT STRINGs, but signature algorithms return byte strings rather 1353 // than bit strings. This function creates a BIT STRING containing a whole 1354 // number of bytes, with the bit order matching the DER encoding. This matches 1355 // the encoding used by all X.509 signature algorithms. 1356 OPENSSL_EXPORT int X509_REQ_set1_signature_value(X509_REQ *req, 1357 const uint8_t *sig, 1358 size_t sig_len); 1359 1360 1361 // Names. 1362 // 1363 // An |X509_NAME| represents an X.509 Name structure (RFC 5280). X.509 names are 1364 // a complex, hierarchical structure over a collection of attributes. Each name 1365 // is sequence of relative distinguished names (RDNs), decreasing in 1366 // specificity. For example, the first RDN may specify the country, while the 1367 // next RDN may specify a locality. Each RDN is, itself, a set of attributes. 1368 // Having more than one attribute in an RDN is uncommon, but possible. Within an 1369 // RDN, attributes have the same level in specificity. Attribute types are 1370 // OBJECT IDENTIFIERs. This determines the ASN.1 type of the value, which is 1371 // commonly a string but may be other types. 1372 // 1373 // The |X509_NAME| representation flattens this two-level structure into a 1374 // single list of attributes. Each attribute is stored in an |X509_NAME_ENTRY|, 1375 // with also maintains the index of the RDN it is part of, accessible via 1376 // |X509_NAME_ENTRY_set|. This can be used to recover the two-level structure. 1377 // 1378 // X.509 names are largely vestigial. Historically, DNS names were parsed out of 1379 // the subject's common name attribute, but this is deprecated and has since 1380 // moved to the subject alternative name extension. In modern usage, X.509 names 1381 // are primarily opaque identifiers to link a certificate with its issuer. 1382 1383 DEFINE_STACK_OF(X509_NAME_ENTRY) 1384 DEFINE_STACK_OF(X509_NAME) 1385 1386 // X509_NAME is an |ASN1_ITEM| whose ASN.1 type is X.509 Name (RFC 5280) and C 1387 // type is |X509_NAME*|. 1388 DECLARE_ASN1_ITEM(X509_NAME) 1389 1390 // X509_NAME_new returns a new, empty |X509_NAME|, or NULL on error. 1391 OPENSSL_EXPORT X509_NAME *X509_NAME_new(void); 1392 1393 // X509_NAME_free releases memory associated with |name|. 1394 OPENSSL_EXPORT void X509_NAME_free(X509_NAME *name); 1395 1396 // d2i_X509_NAME parses up to |len| bytes from |*inp| as a DER-encoded X.509 1397 // Name (RFC 5280), as described in |d2i_SAMPLE|. 1398 OPENSSL_EXPORT X509_NAME *d2i_X509_NAME(X509_NAME **out, const uint8_t **inp, 1399 long len); 1400 1401 // i2d_X509_NAME marshals |in| as a DER-encoded X.509 Name (RFC 5280), as 1402 // described in |i2d_SAMPLE|. 1403 // 1404 // TODO(https://crbug.com/boringssl/407): This function should be const and 1405 // thread-safe but is currently neither in some cases, notably if |in| was 1406 // mutated. 1407 OPENSSL_EXPORT int i2d_X509_NAME(X509_NAME *in, uint8_t **outp); 1408 1409 // X509_NAME_dup returns a newly-allocated copy of |name|, or NULL on error. 1410 // 1411 // TODO(https://crbug.com/boringssl/407): This function should be const and 1412 // thread-safe but is currently neither in some cases, notably if |name| was 1413 // mutated. 1414 OPENSSL_EXPORT X509_NAME *X509_NAME_dup(X509_NAME *name); 1415 1416 // X509_NAME_cmp compares |a| and |b|'s canonicalized forms. It returns zero if 1417 // they are equal, one if |a| sorts after |b|, -1 if |b| sorts after |a|, and -2 1418 // on error. 1419 // 1420 // TODO(https://crbug.com/boringssl/407): This function is const, but it is not 1421 // always thread-safe, notably if |name| was mutated. 1422 // 1423 // TODO(https://crbug.com/boringssl/355): The -2 return is very inconvenient to 1424 // pass to a sorting function. Can we make this infallible? In the meantime, 1425 // prefer to use this function only for equality checks rather than comparisons. 1426 // Although even the library itself passes this to a sorting function. 1427 OPENSSL_EXPORT int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); 1428 1429 // X509_NAME_get0_der marshals |name| as a DER-encoded X.509 Name (RFC 5280). On 1430 // success, it returns one and sets |*out_der| and |*out_der_len| to a buffer 1431 // containing the result. Otherwise, it returns zero. |*out_der| is owned by 1432 // |name| and must not be freed by the caller. It is invalidated after |name| is 1433 // mutated or freed. 1434 // 1435 // Avoid this function and prefer |i2d_X509_NAME|. It is one of the reasons 1436 // |X509_NAME| functions, including this one, are not consistently thread-safe 1437 // or const-correct. Depending on the resolution of 1438 // https://crbug.com/boringssl/407, this function may be removed or cause poor 1439 // performance. 1440 OPENSSL_EXPORT int X509_NAME_get0_der(X509_NAME *name, const uint8_t **out_der, 1441 size_t *out_der_len); 1442 1443 // X509_NAME_set makes a copy of |name|. On success, it frees |*xn|, sets |*xn| 1444 // to the copy, and returns one. Otherwise, it returns zero. 1445 // 1446 // TODO(https://crbug.com/boringssl/407): This function should be const and 1447 // thread-safe but is currently neither in some cases, notably if |name| was 1448 // mutated. 1449 OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name); 1450 1451 // X509_NAME_entry_count returns the number of entries in |name|. 1452 OPENSSL_EXPORT int X509_NAME_entry_count(const X509_NAME *name); 1453 1454 // X509_NAME_get_index_by_NID returns the zero-based index of the first 1455 // attribute in |name| with type |nid|, or -1 if there is none. |nid| should be 1456 // one of the |NID_*| constants. If |lastpos| is non-negative, it begins 1457 // searching at |lastpos+1|. To search all attributes, pass in -1, not zero. 1458 // 1459 // Indices from this function refer to |X509_NAME|'s flattened representation. 1460 OPENSSL_EXPORT int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, 1461 int lastpos); 1462 1463 // X509_NAME_get_index_by_OBJ behaves like |X509_NAME_get_index_by_NID| but 1464 // looks for attributes with type |obj|. 1465 OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(const X509_NAME *name, 1466 const ASN1_OBJECT *obj, 1467 int lastpos); 1468 1469 // X509_NAME_get_entry returns the attribute in |name| at index |loc|, or NULL 1470 // if |loc| is out of range. |loc| is interpreted using |X509_NAME|'s flattened 1471 // representation. This function returns a non-const pointer for OpenSSL 1472 // compatibility, but callers should not mutate the result. Doing so will break 1473 // internal invariants in the library. 1474 OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, 1475 int loc); 1476 1477 // X509_NAME_delete_entry removes and returns the attribute in |name| at index 1478 // |loc|, or NULL if |loc| is out of range. |loc| is interpreted using 1479 // |X509_NAME|'s flattened representation. If the attribute is found, the caller 1480 // is responsible for releasing the result with |X509_NAME_ENTRY_free|. 1481 // 1482 // This function will internally update RDN indices (see |X509_NAME_ENTRY_set|) 1483 // so they continue to be consecutive. 1484 OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, 1485 int loc); 1486 1487 // X509_NAME_add_entry adds a copy of |entry| to |name| and returns one on 1488 // success or zero on error. If |loc| is -1, the entry is appended to |name|. 1489 // Otherwise, it is inserted at index |loc|. If |set| is -1, the entry is added 1490 // to the previous entry's RDN. If it is 0, the entry becomes a singleton RDN. 1491 // If 1, it is added to next entry's RDN. 1492 // 1493 // This function will internally update RDN indices (see |X509_NAME_ENTRY_set|) 1494 // so they continue to be consecutive. 1495 OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name, 1496 const X509_NAME_ENTRY *entry, int loc, 1497 int set); 1498 1499 // X509_NAME_add_entry_by_OBJ adds a new entry to |name| and returns one on 1500 // success or zero on error. The entry's attribute type is |obj|. The entry's 1501 // attribute value is determined by |type|, |bytes|, and |len|, as in 1502 // |X509_NAME_ENTRY_set_data|. The entry's position is determined by |loc| and 1503 // |set| as in |X509_NAME_add_entry|. 1504 OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, 1505 const ASN1_OBJECT *obj, int type, 1506 const uint8_t *bytes, 1507 ossl_ssize_t len, int loc, 1508 int set); 1509 1510 // X509_NAME_add_entry_by_NID behaves like |X509_NAME_add_entry_by_OBJ| but sets 1511 // the entry's attribute type to |nid|, which should be one of the |NID_*| 1512 // constants. 1513 OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, 1514 int type, const uint8_t *bytes, 1515 ossl_ssize_t len, int loc, 1516 int set); 1517 1518 // X509_NAME_add_entry_by_txt behaves like |X509_NAME_add_entry_by_OBJ| but sets 1519 // the entry's attribute type to |field|, which is passed to |OBJ_txt2obj|. 1520 OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name, 1521 const char *field, int type, 1522 const uint8_t *bytes, 1523 ossl_ssize_t len, int loc, 1524 int set); 1525 1526 // X509_NAME_ENTRY_new returns a new, empty |X509_NAME_ENTRY|, or NULL on error. 1527 OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_new(void); 1528 1529 // X509_NAME_ENTRY_free releases memory associated with |entry|. 1530 OPENSSL_EXPORT void X509_NAME_ENTRY_free(X509_NAME_ENTRY *entry); 1531 1532 // X509_NAME_ENTRY_dup returns a newly-allocated copy of |entry|, or NULL on 1533 // error. 1534 OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_dup( 1535 const X509_NAME_ENTRY *entry); 1536 1537 // X509_NAME_ENTRY_get_object returns |entry|'s attribute type. This function 1538 // returns a non-const pointer for OpenSSL compatibility, but callers should not 1539 // mutate the result. Doing so will break internal invariants in the library. 1540 OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object( 1541 const X509_NAME_ENTRY *entry); 1542 1543 // X509_NAME_ENTRY_set_object sets |entry|'s attribute type to |obj|. It returns 1544 // one on success and zero on error. 1545 OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *entry, 1546 const ASN1_OBJECT *obj); 1547 1548 // X509_NAME_ENTRY_get_data returns |entry|'s attribute value, represented as an 1549 // |ASN1_STRING|. This value may have any ASN.1 type, so callers must check the 1550 // type before interpreting the contents. This function returns a non-const 1551 // pointer for OpenSSL compatibility, but callers should not mutate the result. 1552 // Doing so will break internal invariants in the library. 1553 // 1554 // TODO(https://crbug.com/boringssl/412): Although the spec says any ASN.1 type 1555 // is allowed, we currently only allow an ad-hoc set of types. Additionally, it 1556 // is unclear if some types can even be represented by this function. 1557 OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data( 1558 const X509_NAME_ENTRY *entry); 1559 1560 // X509_NAME_ENTRY_set_data sets |entry|'s value to |len| bytes from |bytes|. It 1561 // returns one on success and zero on error. If |len| is -1, |bytes| must be a 1562 // NUL-terminated C string and the length is determined by |strlen|. |bytes| is 1563 // converted to an ASN.1 type as follows: 1564 // 1565 // If |type| is a |MBSTRING_*| constant, the value is an ASN.1 string. The 1566 // string is determined by decoding |bytes| in the encoding specified by |type|, 1567 // and then re-encoding it in a form appropriate for |entry|'s attribute type. 1568 // See |ASN1_STRING_set_by_NID| for details. 1569 // 1570 // Otherwise, the value is an |ASN1_STRING| with type |type| and value |bytes|. 1571 // See |ASN1_STRING| for how to format ASN.1 types as an |ASN1_STRING|. If 1572 // |type| is |V_ASN1_UNDEF| the previous |ASN1_STRING| type is reused. 1573 OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *entry, int type, 1574 const uint8_t *bytes, 1575 ossl_ssize_t len); 1576 1577 // X509_NAME_ENTRY_set returns the zero-based index of the RDN which contains 1578 // |entry|. Consecutive entries with the same index are part of the same RDN. 1579 OPENSSL_EXPORT int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *entry); 1580 1581 // X509_NAME_ENTRY_create_by_OBJ creates a new |X509_NAME_ENTRY| with attribute 1582 // type |obj|. The attribute value is determined from |type|, |bytes|, and |len| 1583 // as in |X509_NAME_ENTRY_set_data|. It returns the |X509_NAME_ENTRY| on success 1584 // and NULL on error. 1585 // 1586 // If |out| is non-NULL and |*out| is NULL, it additionally sets |*out| to the 1587 // result on success. If both |out| and |*out| are non-NULL, it updates the 1588 // object at |*out| instead of allocating a new one. 1589 OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ( 1590 X509_NAME_ENTRY **out, const ASN1_OBJECT *obj, int type, 1591 const uint8_t *bytes, ossl_ssize_t len); 1592 1593 // X509_NAME_ENTRY_create_by_NID behaves like |X509_NAME_ENTRY_create_by_OBJ| 1594 // except the attribute type is |nid|, which should be one of the |NID_*| 1595 // constants. 1596 OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID( 1597 X509_NAME_ENTRY **out, int nid, int type, const uint8_t *bytes, 1598 ossl_ssize_t len); 1599 1600 // X509_NAME_ENTRY_create_by_txt behaves like |X509_NAME_ENTRY_create_by_OBJ| 1601 // except the attribute type is |field|, which is passed to |OBJ_txt2obj|. 1602 OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt( 1603 X509_NAME_ENTRY **out, const char *field, int type, const uint8_t *bytes, 1604 ossl_ssize_t len); 1605 1606 1607 // Public keys. 1608 // 1609 // X.509 encodes public keys as SubjectPublicKeyInfo (RFC 5280), sometimes 1610 // referred to as SPKI. These are represented in this library by |X509_PUBKEY|. 1611 1612 // X509_PUBKEY_new returns a newly-allocated, empty |X509_PUBKEY| object, or 1613 // NULL on error. 1614 OPENSSL_EXPORT X509_PUBKEY *X509_PUBKEY_new(void); 1615 1616 // X509_PUBKEY_free releases memory associated with |key|. 1617 OPENSSL_EXPORT void X509_PUBKEY_free(X509_PUBKEY *key); 1618 1619 // d2i_X509_PUBKEY parses up to |len| bytes from |*inp| as a DER-encoded 1620 // SubjectPublicKeyInfo, as described in |d2i_SAMPLE|. 1621 OPENSSL_EXPORT X509_PUBKEY *d2i_X509_PUBKEY(X509_PUBKEY **out, 1622 const uint8_t **inp, long len); 1623 1624 // i2d_X509_PUBKEY marshals |key| as a DER-encoded SubjectPublicKeyInfo, as 1625 // described in |i2d_SAMPLE|. 1626 OPENSSL_EXPORT int i2d_X509_PUBKEY(const X509_PUBKEY *key, uint8_t **outp); 1627 1628 // X509_PUBKEY_set serializes |pkey| into a newly-allocated |X509_PUBKEY| 1629 // structure. On success, it frees |*x| if non-NULL, then sets |*x| to the new 1630 // object, and returns one. Otherwise, it returns zero. 1631 OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); 1632 1633 // X509_PUBKEY_get0 returns |key| as an |EVP_PKEY|, or NULL if |key| either 1634 // could not be parsed or is an unrecognized algorithm. The |EVP_PKEY| is cached 1635 // in |key|, so callers must not mutate the result. 1636 OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key); 1637 1638 // X509_PUBKEY_get behaves like |X509_PUBKEY_get0| but increments the reference 1639 // count on the |EVP_PKEY|. The caller must release the result with 1640 // |EVP_PKEY_free| when done. The |EVP_PKEY| is cached in |key|, so callers must 1641 // not mutate the result. 1642 OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key); 1643 1644 // X509_PUBKEY_set0_param sets |pub| to a key with AlgorithmIdentifier 1645 // determined by |obj|, |param_type|, and |param_value|, and an encoded 1646 // public key of |key|. On success, it gives |pub| ownership of all the other 1647 // parameters and returns one. Otherwise, it returns zero. |key| must have been 1648 // allocated by |OPENSSL_malloc|. |obj| and, if applicable, |param_value| must 1649 // not be freed after a successful call, and must have been allocated in a 1650 // manner compatible with |ASN1_OBJECT_free| or |ASN1_STRING_free|. 1651 // 1652 // |obj|, |param_type|, and |param_value| are interpreted as in 1653 // |X509_ALGOR_set0|. See |X509_ALGOR_set0| for details. 1654 OPENSSL_EXPORT int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *obj, 1655 int param_type, void *param_value, 1656 uint8_t *key, int key_len); 1657 1658 // X509_PUBKEY_get0_param outputs fields of |pub| and returns one. If |out_obj| 1659 // is not NULL, it sets |*out_obj| to AlgorithmIdentifier's OID. If |out_key| 1660 // is not NULL, it sets |*out_key| and |*out_key_len| to the encoded public key. 1661 // If |out_alg| is not NULL, it sets |*out_alg| to the AlgorithmIdentifier. 1662 // 1663 // All pointers outputted by this function are internal to |pub| and must not be 1664 // freed by the caller. Additionally, although some outputs are non-const, 1665 // callers must not mutate the resulting objects. 1666 // 1667 // Note: X.509 SubjectPublicKeyInfo structures store the encoded public key as a 1668 // BIT STRING. |*out_key| and |*out_key_len| will silently pad the key with zero 1669 // bits if |pub| did not contain a whole number of bytes. Use 1670 // |X509_PUBKEY_get0_public_key| to preserve this information. 1671 OPENSSL_EXPORT int X509_PUBKEY_get0_param(ASN1_OBJECT **out_obj, 1672 const uint8_t **out_key, 1673 int *out_key_len, 1674 X509_ALGOR **out_alg, 1675 X509_PUBKEY *pub); 1676 1677 // X509_PUBKEY_get0_public_key returns |pub|'s encoded public key. 1678 OPENSSL_EXPORT const ASN1_BIT_STRING *X509_PUBKEY_get0_public_key( 1679 const X509_PUBKEY *pub); 1680 1681 1682 // Extensions. 1683 // 1684 // X.509 certificates and CRLs may contain a list of extensions (RFC 5280). 1685 // Extensions have a type, specified by an object identifier (|ASN1_OBJECT|) and 1686 // a byte string value, which should a DER-encoded structure whose type is 1687 // determined by the extension type. This library represents extensions with the 1688 // |X509_EXTENSION| type. 1689 1690 // X509_EXTENSION is an |ASN1_ITEM| whose ASN.1 type is X.509 Extension (RFC 1691 // 5280) and C type is |X509_EXTENSION*|. 1692 DECLARE_ASN1_ITEM(X509_EXTENSION) 1693 1694 // X509_EXTENSION_new returns a newly-allocated, empty |X509_EXTENSION| object 1695 // or NULL on error. 1696 OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_new(void); 1697 1698 // X509_EXTENSION_free releases memory associated with |ex|. 1699 OPENSSL_EXPORT void X509_EXTENSION_free(X509_EXTENSION *ex); 1700 1701 // d2i_X509_EXTENSION parses up to |len| bytes from |*inp| as a DER-encoded 1702 // X.509 Extension (RFC 5280), as described in |d2i_SAMPLE|. 1703 OPENSSL_EXPORT X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **out, 1704 const uint8_t **inp, 1705 long len); 1706 1707 // i2d_X509_EXTENSION marshals |ex| as a DER-encoded X.509 Extension (RFC 1708 // 5280), as described in |i2d_SAMPLE|. 1709 OPENSSL_EXPORT int i2d_X509_EXTENSION(const X509_EXTENSION *ex, uint8_t **outp); 1710 1711 // X509_EXTENSION_dup returns a newly-allocated copy of |ex|, or NULL on error. 1712 // This function works by serializing the structure, so if |ex| is incomplete, 1713 // it may fail. 1714 OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_dup(const X509_EXTENSION *ex); 1715 1716 // X509_EXTENSION_create_by_NID creates a new |X509_EXTENSION| with type |nid|, 1717 // value |data|, and critical bit |crit|. It returns an |X509_EXTENSION| on 1718 // success, and NULL on error. |nid| should be a |NID_*| constant. 1719 // 1720 // If |ex| and |*ex| are both non-NULL, |*ex| is used to hold the result, 1721 // otherwise a new object is allocated. If |ex| is non-NULL and |*ex| is NULL, 1722 // the function sets |*ex| to point to the newly allocated result, in addition 1723 // to returning the result. 1724 OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID( 1725 X509_EXTENSION **ex, int nid, int crit, const ASN1_OCTET_STRING *data); 1726 1727 // X509_EXTENSION_create_by_OBJ behaves like |X509_EXTENSION_create_by_NID|, but 1728 // the extension type is determined by an |ASN1_OBJECT|. 1729 OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ( 1730 X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit, 1731 const ASN1_OCTET_STRING *data); 1732 1733 // X509_EXTENSION_get_object returns |ex|'s extension type. This function 1734 // returns a non-const pointer for OpenSSL compatibility, but callers should not 1735 // mutate the result. 1736 OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(const X509_EXTENSION *ex); 1737 1738 // X509_EXTENSION_get_data returns |ne|'s extension value. This function returns 1739 // a non-const pointer for OpenSSL compatibility, but callers should not mutate 1740 // the result. 1741 OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data( 1742 const X509_EXTENSION *ne); 1743 1744 // X509_EXTENSION_get_critical returns one if |ex| is critical and zero 1745 // otherwise. 1746 OPENSSL_EXPORT int X509_EXTENSION_get_critical(const X509_EXTENSION *ex); 1747 1748 // X509_EXTENSION_set_object sets |ex|'s extension type to |obj|. It returns one 1749 // on success and zero on error. 1750 OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex, 1751 const ASN1_OBJECT *obj); 1752 1753 // X509_EXTENSION_set_critical sets |ex| to critical if |crit| is non-zero and 1754 // to non-critical if |crit| is zero. 1755 OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); 1756 1757 // X509_EXTENSION_set_data set's |ex|'s extension value to a copy of |data|. It 1758 // returns one on success and zero on error. 1759 OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex, 1760 const ASN1_OCTET_STRING *data); 1761 1762 1763 // Extension lists. 1764 // 1765 // The following functions manipulate lists of extensions. Most of them have 1766 // corresponding functions on the containing |X509|, |X509_CRL|, or 1767 // |X509_REVOKED|. 1768 1769 DEFINE_STACK_OF(X509_EXTENSION) 1770 typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; 1771 1772 // d2i_X509_EXTENSIONS parses up to |len| bytes from |*inp| as a DER-encoded 1773 // SEQUENCE OF Extension (RFC 5280), as described in |d2i_SAMPLE|. 1774 OPENSSL_EXPORT X509_EXTENSIONS *d2i_X509_EXTENSIONS(X509_EXTENSIONS **out, 1775 const uint8_t **inp, 1776 long len); 1777 1778 // i2d_X509_EXTENSIONS marshals |alg| as a DER-encoded SEQUENCE OF Extension 1779 // (RFC 5280), as described in |i2d_SAMPLE|. 1780 OPENSSL_EXPORT int i2d_X509_EXTENSIONS(const X509_EXTENSIONS *alg, 1781 uint8_t **outp); 1782 1783 // X509v3_get_ext_count returns the number of extensions in |x|. 1784 OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); 1785 1786 // X509v3_get_ext_by_NID returns the index of the first extension in |x| with 1787 // type |nid|, or a negative number if not found. If found, callers can use 1788 // |X509v3_get_ext| to look up the extension by index. 1789 // 1790 // If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers 1791 // can thus loop over all matching extensions by first passing -1 and then 1792 // passing the previously-returned value until no match is returned. 1793 OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, 1794 int nid, int lastpos); 1795 1796 // X509v3_get_ext_by_OBJ behaves like |X509v3_get_ext_by_NID| but looks for 1797 // extensions matching |obj|. 1798 OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, 1799 const ASN1_OBJECT *obj, int lastpos); 1800 1801 // X509v3_get_ext_by_critical returns the index of the first extension in |x| 1802 // whose critical bit matches |crit|, or a negative number if no such extension 1803 // was found. 1804 // 1805 // If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers 1806 // can thus loop over all matching extensions by first passing -1 and then 1807 // passing the previously-returned value until no match is returned. 1808 OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, 1809 int crit, int lastpos); 1810 1811 // X509v3_get_ext returns the extension in |x| at index |loc|, or NULL if |loc| 1812 // is out of bounds. This function returns a non-const pointer for OpenSSL 1813 // compatibility, but callers should not mutate the result. 1814 OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, 1815 int loc); 1816 1817 // X509v3_delete_ext removes the extension in |x| at index |loc| and returns the 1818 // removed extension, or NULL if |loc| was out of bounds. If an extension was 1819 // returned, the caller must release it with |X509_EXTENSION_free|. 1820 OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, 1821 int loc); 1822 1823 // X509v3_add_ext adds a copy of |ex| to the extension list in |*x|. If |*x| is 1824 // NULL, it allocates a new |STACK_OF(X509_EXTENSION)| to hold the copy and sets 1825 // |*x| to the new list. It returns |*x| on success and NULL on error. The 1826 // caller retains ownership of |ex| and can release it independently of |*x|. 1827 // 1828 // The new extension is inserted at index |loc|, shifting extensions to the 1829 // right. If |loc| is -1 or out of bounds, the new extension is appended to the 1830 // list. 1831 OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext( 1832 STACK_OF(X509_EXTENSION) **x, const X509_EXTENSION *ex, int loc); 1833 1834 1835 // Built-in extensions. 1836 // 1837 // Several functions in the library encode and decode extension values into a 1838 // C structure to that extension. The following extensions are supported: 1839 // 1840 // - |NID_authority_key_identifier| with type |AUTHORITY_KEYID| 1841 // - |NID_basic_constraints| with type |BASIC_CONSTRAINTS| 1842 // - |NID_certificate_issuer| with type |GENERAL_NAMES| 1843 // - |NID_certificate_policies| with type |CERTIFICATEPOLICIES| 1844 // - |NID_crl_distribution_points| with type |CRL_DIST_POINTS| 1845 // - |NID_crl_number| with type |ASN1_INTEGER| 1846 // - |NID_crl_reason| with type |ASN1_ENUMERATED| 1847 // - |NID_delta_crl| with type |ASN1_INTEGER| 1848 // - |NID_ext_key_usage| with type |EXTENDED_KEY_USAGE| 1849 // - |NID_freshest_crl| with type |ISSUING_DIST_POINT| 1850 // - |NID_id_pkix_OCSP_noCheck| with type |ASN1_NULL| 1851 // - |NID_info_access| with type |AUTHORITY_INFO_ACCESS| 1852 // - |NID_inhibit_any_policy| with type |ASN1_INTEGER| 1853 // - |NID_invalidity_date| with type |ASN1_GENERALIZEDTIME| 1854 // - |NID_issuer_alt_name| with type |GENERAL_NAMES| 1855 // - |NID_issuing_distribution_point| with type |ISSUING_DIST_POINT| 1856 // - |NID_key_usage| with type |ASN1_BIT_STRING| 1857 // - |NID_name_constraints| with type |NAME_CONSTRAINTS| 1858 // - |NID_netscape_base_url| with type |ASN1_IA5STRING| 1859 // - |NID_netscape_ca_policy_url| with type |ASN1_IA5STRING| 1860 // - |NID_netscape_ca_revocation_url| with type |ASN1_IA5STRING| 1861 // - |NID_netscape_cert_type| with type |ASN1_BIT_STRING| 1862 // - |NID_netscape_comment| with type |ASN1_IA5STRING| 1863 // - |NID_netscape_renewal_url| with type |ASN1_IA5STRING| 1864 // - |NID_netscape_revocation_url| with type |ASN1_IA5STRING| 1865 // - |NID_netscape_ssl_server_name| with type |ASN1_IA5STRING| 1866 // - |NID_policy_constraints| with type |POLICY_CONSTRAINTS| 1867 // - |NID_policy_mappings| with type |POLICY_MAPPINGS| 1868 // - |NID_sinfo_access| with type |AUTHORITY_INFO_ACCESS| 1869 // - |NID_subject_alt_name| with type |GENERAL_NAMES| 1870 // - |NID_subject_key_identifier| with type |ASN1_OCTET_STRING| 1871 // 1872 // If an extension does not appear in this list, e.g. for a custom extension, 1873 // callers can instead use functions such as |X509_get_ext_by_OBJ|, 1874 // |X509_EXTENSION_get_data|, and |X509_EXTENSION_create_by_OBJ| to inspect or 1875 // create extensions directly. Although the |X509V3_EXT_METHOD| mechanism allows 1876 // registering custom extensions, doing so is deprecated and may result in 1877 // threading or memory errors. 1878 1879 // X509V3_EXT_d2i decodes |ext| and returns a pointer to a newly-allocated 1880 // structure, with type dependent on the type of the extension. It returns NULL 1881 // if |ext| is an unsupported extension or if there was a syntax error in the 1882 // extension. The caller should cast the return value to the expected type and 1883 // free the structure when done. 1884 // 1885 // WARNING: Casting the return value to the wrong type is a potentially 1886 // exploitable memory error, so callers must not use this function before 1887 // checking |ext| is of a known type. See the list at the top of this section 1888 // for the correct types. 1889 OPENSSL_EXPORT void *X509V3_EXT_d2i(const X509_EXTENSION *ext); 1890 1891 // X509V3_get_d2i finds and decodes the extension in |extensions| of type |nid|. 1892 // If found, it decodes it and returns a newly-allocated structure, with type 1893 // dependent on |nid|. If the extension is not found or on error, it returns 1894 // NULL. The caller may distinguish these cases using the |out_critical| value. 1895 // 1896 // If |out_critical| is not NULL, this function sets |*out_critical| to one if 1897 // the extension is found and critical, zero if it is found and not critical, -1 1898 // if it is not found, and -2 if there is an invalid duplicate extension. Note 1899 // this function may set |*out_critical| to one or zero and still return NULL if 1900 // the extension is found but has a syntax error. 1901 // 1902 // If |out_idx| is not NULL, this function looks for the first occurrence of the 1903 // extension after |*out_idx|. It then sets |*out_idx| to the index of the 1904 // extension, or -1 if not found. If |out_idx| is non-NULL, duplicate extensions 1905 // are not treated as an error. Callers, however, should not rely on this 1906 // behavior as it may be removed in the future. Duplicate extensions are 1907 // forbidden in RFC 5280. 1908 // 1909 // WARNING: This function is difficult to use correctly. Callers should pass a 1910 // non-NULL |out_critical| and check both the return value and |*out_critical| 1911 // to handle errors. If the return value is NULL and |*out_critical| is not -1, 1912 // there was an error. Otherwise, the function succeeded and but may return NULL 1913 // for a missing extension. Callers should pass NULL to |out_idx| so that 1914 // duplicate extensions are handled correctly. 1915 // 1916 // Additionally, casting the return value to the wrong type is a potentially 1917 // exploitable memory error, so callers must ensure the cast and |nid| match. 1918 // See the list at the top of this section for the correct types. 1919 OPENSSL_EXPORT void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *extensions, 1920 int nid, int *out_critical, int *out_idx); 1921 1922 // X509V3_EXT_free casts |ext_data| into the type that corresponds to |nid| and 1923 // releases memory associated with it. It returns one on success and zero if 1924 // |nid| is not a known extension. 1925 // 1926 // WARNING: Casting |ext_data| to the wrong type is a potentially exploitable 1927 // memory error, so callers must ensure |ext_data|'s type matches |nid|. See the 1928 // list at the top of this section for the correct types. 1929 // 1930 // TODO(davidben): OpenSSL upstream no longer exposes this function. Remove it? 1931 OPENSSL_EXPORT int X509V3_EXT_free(int nid, void *ext_data); 1932 1933 // X509V3_EXT_i2d casts |ext_struc| into the type that corresponds to 1934 // |ext_nid|, serializes it, and returns a newly-allocated |X509_EXTENSION| 1935 // object containing the serialization, or NULL on error. The |X509_EXTENSION| 1936 // has OID |ext_nid| and is critical if |crit| is one. 1937 // 1938 // WARNING: Casting |ext_struc| to the wrong type is a potentially exploitable 1939 // memory error, so callers must ensure |ext_struct|'s type matches |ext_nid|. 1940 // See the list at the top of this section for the correct types. 1941 OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, 1942 void *ext_struc); 1943 1944 // The following constants control the behavior of |X509V3_add1_i2d| and related 1945 // functions. 1946 1947 // X509V3_ADD_OP_MASK can be ANDed with the flags to determine how duplicate 1948 // extensions are processed. 1949 #define X509V3_ADD_OP_MASK 0xfL 1950 1951 // X509V3_ADD_DEFAULT causes the function to fail if the extension was already 1952 // present. 1953 #define X509V3_ADD_DEFAULT 0L 1954 1955 // X509V3_ADD_APPEND causes the function to unconditionally appended the new 1956 // extension to to the extensions list, even if there is a duplicate. 1957 #define X509V3_ADD_APPEND 1L 1958 1959 // X509V3_ADD_REPLACE causes the function to replace the existing extension, or 1960 // append if it is not present. 1961 #define X509V3_ADD_REPLACE 2L 1962 1963 // X509V3_ADD_REPLACE_EXISTING causes the function to replace the existing 1964 // extension and fail if it is not present. 1965 #define X509V3_ADD_REPLACE_EXISTING 3L 1966 1967 // X509V3_ADD_KEEP_EXISTING causes the function to succeed without replacing the 1968 // extension if already present. 1969 #define X509V3_ADD_KEEP_EXISTING 4L 1970 1971 // X509V3_ADD_DELETE causes the function to remove the matching extension. No 1972 // new extension is added. If there is no matching extension, the function 1973 // fails. The |value| parameter is ignored in this mode. 1974 #define X509V3_ADD_DELETE 5L 1975 1976 // X509V3_ADD_SILENT may be ORed into one of the values above to indicate the 1977 // function should not add to the error queue on duplicate or missing extension. 1978 // The function will continue to return zero in those cases, and it will 1979 // continue to return -1 and add to the error queue on other errors. 1980 #define X509V3_ADD_SILENT 0x10 1981 1982 // X509V3_add1_i2d casts |value| to the type that corresponds to |nid|, 1983 // serializes it, and appends it to the extension list in |*x|. If |*x| is NULL, 1984 // it will set |*x| to a newly-allocated |STACK_OF(X509_EXTENSION)| as needed. 1985 // The |crit| parameter determines whether the new extension is critical. 1986 // |flags| may be some combination of the |X509V3_ADD_*| constants to control 1987 // the function's behavior on duplicate extension. 1988 // 1989 // This function returns one on success, zero if the operation failed due to a 1990 // missing or duplicate extension, and -1 on other errors. 1991 // 1992 // WARNING: Casting |value| to the wrong type is a potentially exploitable 1993 // memory error, so callers must ensure |value|'s type matches |nid|. See the 1994 // list at the top of this section for the correct types. 1995 OPENSSL_EXPORT int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, 1996 void *value, int crit, unsigned long flags); 1997 1998 1999 // Basic constraints. 2000 // 2001 // The basic constraints extension (RFC 5280, section 4.2.1.9) determines 2002 // whether a certificate is a CA certificate and, if so, optionally constrains 2003 // the maximum depth of the certificate chain. 2004 2005 // A BASIC_CONSTRAINTS_st, aka |BASIC_CONSTRAINTS| represents an 2006 // BasicConstraints structure (RFC 5280). 2007 struct BASIC_CONSTRAINTS_st { 2008 ASN1_BOOLEAN ca; 2009 ASN1_INTEGER *pathlen; 2010 } /* BASIC_CONSTRAINTS */; 2011 2012 // BASIC_CONSTRAINTS is an |ASN1_ITEM| whose ASN.1 type is BasicConstraints (RFC 2013 // 5280) and C type is |BASIC_CONSTRAINTS*|. 2014 DECLARE_ASN1_ITEM(BASIC_CONSTRAINTS) 2015 2016 // BASIC_CONSTRAINTS_new returns a newly-allocated, empty |BASIC_CONSTRAINTS| 2017 // object, or NULL on error. 2018 OPENSSL_EXPORT BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void); 2019 2020 // BASIC_CONSTRAINTS_free releases memory associated with |bcons|. 2021 OPENSSL_EXPORT void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *bcons); 2022 2023 // d2i_BASIC_CONSTRAINTS parses up to |len| bytes from |*inp| as a DER-encoded 2024 // BasicConstraints (RFC 5280), as described in |d2i_SAMPLE|. 2025 OPENSSL_EXPORT BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **out, 2026 const uint8_t **inp, 2027 long len); 2028 2029 // i2d_BASIC_CONSTRAINTS marshals |bcons| as a DER-encoded BasicConstraints (RFC 2030 // 5280), as described in |i2d_SAMPLE|. 2031 OPENSSL_EXPORT int i2d_BASIC_CONSTRAINTS(const BASIC_CONSTRAINTS *bcons, 2032 uint8_t **outp); 2033 2034 2035 // Extended key usage. 2036 // 2037 // The extended key usage extension (RFC 5280, section 4.2.1.12) indicates the 2038 // purposes of the certificate's public key. Such constraints are important to 2039 // avoid cross-protocol attacks. 2040 2041 typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE; 2042 2043 // EXTENDED_KEY_USAGE is an |ASN1_ITEM| whose ASN.1 type is ExtKeyUsageSyntax 2044 // (RFC 5280) and C type is |STACK_OF(ASN1_OBJECT)*|, or |EXTENDED_KEY_USAGE*|. 2045 DECLARE_ASN1_ITEM(EXTENDED_KEY_USAGE) 2046 2047 // EXTENDED_KEY_USAGE_new returns a newly-allocated, empty |EXTENDED_KEY_USAGE| 2048 // object, or NULL on error. 2049 OPENSSL_EXPORT EXTENDED_KEY_USAGE *EXTENDED_KEY_USAGE_new(void); 2050 2051 // EXTENDED_KEY_USAGE_free releases memory associated with |eku|. 2052 OPENSSL_EXPORT void EXTENDED_KEY_USAGE_free(EXTENDED_KEY_USAGE *eku); 2053 2054 // d2i_EXTENDED_KEY_USAGE parses up to |len| bytes from |*inp| as a DER-encoded 2055 // ExtKeyUsageSyntax (RFC 5280), as described in |d2i_SAMPLE|. 2056 OPENSSL_EXPORT EXTENDED_KEY_USAGE *d2i_EXTENDED_KEY_USAGE( 2057 EXTENDED_KEY_USAGE **out, const uint8_t **inp, long len); 2058 2059 // i2d_EXTENDED_KEY_USAGE marshals |eku| as a DER-encoded ExtKeyUsageSyntax (RFC 2060 // 5280), as described in |i2d_SAMPLE|. 2061 OPENSSL_EXPORT int i2d_EXTENDED_KEY_USAGE(const EXTENDED_KEY_USAGE *eku, 2062 uint8_t **outp); 2063 2064 2065 // General names. 2066 // 2067 // A |GENERAL_NAME| represents an X.509 GeneralName structure, defined in RFC 2068 // 5280, Section 4.2.1.6. General names are distinct from names (|X509_NAME|). A 2069 // general name is a CHOICE type which may contain one of several name types, 2070 // most commonly a DNS name or an IP address. General names most commonly appear 2071 // in the subject alternative name (SAN) extension, though they are also used in 2072 // other extensions. 2073 // 2074 // Many extensions contain a SEQUENCE OF GeneralName, or GeneralNames, so 2075 // |STACK_OF(GENERAL_NAME)| is defined and aliased to |GENERAL_NAMES|. 2076 2077 typedef struct otherName_st { 2078 ASN1_OBJECT *type_id; 2079 ASN1_TYPE *value; 2080 } OTHERNAME; 2081 2082 typedef struct EDIPartyName_st { 2083 ASN1_STRING *nameAssigner; 2084 ASN1_STRING *partyName; 2085 } EDIPARTYNAME; 2086 2087 // GEN_* are constants for the |type| field of |GENERAL_NAME|, defined below. 2088 #define GEN_OTHERNAME 0 2089 #define GEN_EMAIL 1 2090 #define GEN_DNS 2 2091 #define GEN_X400 3 2092 #define GEN_DIRNAME 4 2093 #define GEN_EDIPARTY 5 2094 #define GEN_URI 6 2095 #define GEN_IPADD 7 2096 #define GEN_RID 8 2097 2098 // A GENERAL_NAME_st, aka |GENERAL_NAME|, represents an X.509 GeneralName. The 2099 // |type| field determines which member of |d| is active. A |GENERAL_NAME| may 2100 // also be empty, in which case |type| is -1 and |d| is NULL. Empty 2101 // |GENERAL_NAME|s are invalid and will never be returned from the parser, but 2102 // may be created temporarily, e.g. by |GENERAL_NAME_new|. 2103 // 2104 // WARNING: |type| and |d| must be kept consistent. An inconsistency will result 2105 // in a potentially exploitable memory error. 2106 struct GENERAL_NAME_st { 2107 int type; 2108 union { 2109 char *ptr; 2110 OTHERNAME *otherName; 2111 ASN1_IA5STRING *rfc822Name; 2112 ASN1_IA5STRING *dNSName; 2113 ASN1_STRING *x400Address; 2114 X509_NAME *directoryName; 2115 EDIPARTYNAME *ediPartyName; 2116 ASN1_IA5STRING *uniformResourceIdentifier; 2117 ASN1_OCTET_STRING *iPAddress; 2118 ASN1_OBJECT *registeredID; 2119 2120 // Old names 2121 ASN1_OCTET_STRING *ip; // iPAddress 2122 X509_NAME *dirn; // dirn 2123 ASN1_IA5STRING *ia5; // rfc822Name, dNSName, uniformResourceIdentifier 2124 ASN1_OBJECT *rid; // registeredID 2125 } d; 2126 } /* GENERAL_NAME */; 2127 2128 // GENERAL_NAME_new returns a new, empty |GENERAL_NAME|, or NULL on error. 2129 OPENSSL_EXPORT GENERAL_NAME *GENERAL_NAME_new(void); 2130 2131 // GENERAL_NAME_free releases memory associated with |gen|. 2132 OPENSSL_EXPORT void GENERAL_NAME_free(GENERAL_NAME *gen); 2133 2134 // d2i_GENERAL_NAME parses up to |len| bytes from |*inp| as a DER-encoded X.509 2135 // GeneralName (RFC 5280), as described in |d2i_SAMPLE|. 2136 OPENSSL_EXPORT GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **out, 2137 const uint8_t **inp, long len); 2138 2139 // i2d_GENERAL_NAME marshals |in| as a DER-encoded X.509 GeneralName (RFC 5280), 2140 // as described in |i2d_SAMPLE|. 2141 // 2142 // TODO(https://crbug.com/boringssl/407): This function should be const and 2143 // thread-safe but is currently neither in some cases, notably if |in| is an 2144 // directoryName and the |X509_NAME| has been modified. 2145 OPENSSL_EXPORT int i2d_GENERAL_NAME(GENERAL_NAME *in, uint8_t **outp); 2146 2147 // GENERAL_NAME_dup returns a newly-allocated copy of |gen|, or NULL on error. 2148 // This function works by serializing the structure, so it will fail if |gen| is 2149 // empty. 2150 // 2151 // TODO(https://crbug.com/boringssl/407): This function should be const and 2152 // thread-safe but is currently neither in some cases, notably if |gen| is an 2153 // directoryName and the |X509_NAME| has been modified. 2154 OPENSSL_EXPORT GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *gen); 2155 2156 // GENERAL_NAMES_new returns a new, empty |GENERAL_NAMES|, or NULL on error. 2157 OPENSSL_EXPORT GENERAL_NAMES *GENERAL_NAMES_new(void); 2158 2159 // GENERAL_NAMES_free releases memory associated with |gens|. 2160 OPENSSL_EXPORT void GENERAL_NAMES_free(GENERAL_NAMES *gens); 2161 2162 // d2i_GENERAL_NAMES parses up to |len| bytes from |*inp| as a DER-encoded 2163 // SEQUENCE OF GeneralName, as described in |d2i_SAMPLE|. 2164 OPENSSL_EXPORT GENERAL_NAMES *d2i_GENERAL_NAMES(GENERAL_NAMES **out, 2165 const uint8_t **inp, long len); 2166 2167 // i2d_GENERAL_NAMES marshals |in| as a DER-encoded SEQUENCE OF GeneralName, as 2168 // described in |i2d_SAMPLE|. 2169 // 2170 // TODO(https://crbug.com/boringssl/407): This function should be const and 2171 // thread-safe but is currently neither in some cases, notably if some element 2172 // of |in| is an directoryName and the |X509_NAME| has been modified. 2173 OPENSSL_EXPORT int i2d_GENERAL_NAMES(GENERAL_NAMES *in, uint8_t **outp); 2174 2175 // OTHERNAME_new returns a new, empty |OTHERNAME|, or NULL on error. 2176 OPENSSL_EXPORT OTHERNAME *OTHERNAME_new(void); 2177 2178 // OTHERNAME_free releases memory associated with |name|. 2179 OPENSSL_EXPORT void OTHERNAME_free(OTHERNAME *name); 2180 2181 // EDIPARTYNAME_new returns a new, empty |EDIPARTYNAME|, or NULL on error. 2182 // EDIPartyName is rarely used in practice, so callers are unlikely to need this 2183 // function. 2184 OPENSSL_EXPORT EDIPARTYNAME *EDIPARTYNAME_new(void); 2185 2186 // EDIPARTYNAME_free releases memory associated with |name|. EDIPartyName is 2187 // rarely used in practice, so callers are unlikely to need this function. 2188 OPENSSL_EXPORT void EDIPARTYNAME_free(EDIPARTYNAME *name); 2189 2190 // GENERAL_NAME_set0_value set |gen|'s type and value to |type| and |value|. 2191 // |type| must be a |GEN_*| constant and |value| must be an object of the 2192 // corresponding type. |gen| takes ownership of |value|, so |value| must have 2193 // been an allocated object. 2194 // 2195 // WARNING: |gen| must be empty (typically as returned from |GENERAL_NAME_new|) 2196 // before calling this function. If |gen| already contained a value, the 2197 // previous contents will be leaked. 2198 OPENSSL_EXPORT void GENERAL_NAME_set0_value(GENERAL_NAME *gen, int type, 2199 void *value); 2200 2201 // GENERAL_NAME_get0_value returns the in-memory representation of |gen|'s 2202 // contents and, |out_type| is not NULL, sets |*out_type| to the type of |gen|, 2203 // which will be a |GEN_*| constant. If |gen| is incomplete, the return value 2204 // will be NULL and the type will be -1. 2205 // 2206 // WARNING: Casting the result of this function to the wrong type is a 2207 // potentially exploitable memory error. Callers must check |gen|'s type, either 2208 // via |*out_type| or checking |gen->type| directly, before inspecting the 2209 // result. 2210 // 2211 // WARNING: This function is not const-correct. The return value should be 2212 // const. Callers shoudl not mutate the returned object. 2213 OPENSSL_EXPORT void *GENERAL_NAME_get0_value(const GENERAL_NAME *gen, 2214 int *out_type); 2215 2216 // GENERAL_NAME_set0_othername sets |gen| to be an OtherName with type |oid| and 2217 // value |value|. On success, it returns one and takes ownership of |oid| and 2218 // |value|, which must be created in a way compatible with |ASN1_OBJECT_free| 2219 // and |ASN1_TYPE_free|, respectively. On allocation failure, it returns zero. 2220 // In the failure case, the caller retains ownership of |oid| and |value| and 2221 // must release them when done. 2222 // 2223 // WARNING: |gen| must be empty (typically as returned from |GENERAL_NAME_new|) 2224 // before calling this function. If |gen| already contained a value, the 2225 // previously contents will be leaked. 2226 OPENSSL_EXPORT int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, 2227 ASN1_OBJECT *oid, 2228 ASN1_TYPE *value); 2229 2230 // GENERAL_NAME_get0_otherName, if |gen| is an OtherName, sets |*out_oid| and 2231 // |*out_value| to the OtherName's type-id and value, respectively, and returns 2232 // one. If |gen| is not an OtherName, it returns zero and leaves |*out_oid| and 2233 // |*out_value| unmodified. Either of |out_oid| or |out_value| may be NULL to 2234 // ignore the value. 2235 // 2236 // WARNING: This function is not const-correct. |out_oid| and |out_value| are 2237 // not const, but callers should not mutate the resulting objects. 2238 OPENSSL_EXPORT int GENERAL_NAME_get0_otherName(const GENERAL_NAME *gen, 2239 ASN1_OBJECT **out_oid, 2240 ASN1_TYPE **out_value); 2241 2242 2243 // Authority key identifier. 2244 // 2245 // The authority key identifier extension (RFC 5280, section 4.2.1.1) allows a 2246 // certificate to more precisely identify its issuer. This is helpful when 2247 // multiple certificates share a name. Only the keyIdentifier (|keyid| in 2248 // |AUTHORITY_KEYID|) field is used in practice. 2249 2250 // A AUTHORITY_KEYID_st, aka |AUTHORITY_KEYID|, represents an 2251 // AuthorityKeyIdentifier structure (RFC 5280). 2252 struct AUTHORITY_KEYID_st { 2253 ASN1_OCTET_STRING *keyid; 2254 GENERAL_NAMES *issuer; 2255 ASN1_INTEGER *serial; 2256 } /* AUTHORITY_KEYID */; 2257 2258 // AUTHORITY_KEYID is an |ASN1_ITEM| whose ASN.1 type is AuthorityKeyIdentifier 2259 // (RFC 5280) and C type is |AUTHORITY_KEYID*|. 2260 DECLARE_ASN1_ITEM(AUTHORITY_KEYID) 2261 2262 // AUTHORITY_KEYID_new returns a newly-allocated, empty |AUTHORITY_KEYID| 2263 // object, or NULL on error. 2264 OPENSSL_EXPORT AUTHORITY_KEYID *AUTHORITY_KEYID_new(void); 2265 2266 // AUTHORITY_KEYID_free releases memory associated with |akid|. 2267 OPENSSL_EXPORT void AUTHORITY_KEYID_free(AUTHORITY_KEYID *akid); 2268 2269 // d2i_AUTHORITY_KEYID parses up to |len| bytes from |*inp| as a DER-encoded 2270 // AuthorityKeyIdentifier (RFC 5280), as described in |d2i_SAMPLE|. 2271 OPENSSL_EXPORT AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **out, 2272 const uint8_t **inp, 2273 long len); 2274 2275 // i2d_AUTHORITY_KEYID marshals |akid| as a DER-encoded AuthorityKeyIdentifier 2276 // (RFC 5280), as described in |i2d_SAMPLE|. 2277 // 2278 // TODO(https://crbug.com/boringssl/407): |akid| is not const because it 2279 // contains an |X509_NAME|. 2280 OPENSSL_EXPORT int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *akid, uint8_t **outp); 2281 2282 2283 // Name constraints. 2284 // 2285 // The name constraints extension (RFC 5280, section 4.2.1.10) constrains which 2286 // names may be asserted by certificates issued by some CA. For example, a 2287 // general CA may issue an intermediate certificate to the owner of example.com, 2288 // but constrained to ".example.com". 2289 2290 // A GENERAL_SUBTREE represents a GeneralSubtree structure (RFC 5280). 2291 typedef struct GENERAL_SUBTREE_st { 2292 GENERAL_NAME *base; 2293 ASN1_INTEGER *minimum; 2294 ASN1_INTEGER *maximum; 2295 } GENERAL_SUBTREE; 2296 2297 DEFINE_STACK_OF(GENERAL_SUBTREE) 2298 2299 // GENERAL_SUBTREE_new returns a newly-allocated, empty |GENERAL_SUBTREE| 2300 // object, or NULL on error. 2301 OPENSSL_EXPORT GENERAL_SUBTREE *GENERAL_SUBTREE_new(void); 2302 2303 // GENERAL_SUBTREE_free releases memory associated with |subtree|. 2304 OPENSSL_EXPORT void GENERAL_SUBTREE_free(GENERAL_SUBTREE *subtree); 2305 2306 // A NAME_CONSTRAINTS_st, aka |NAME_CONSTRAINTS|, represents a NameConstraints 2307 // structure (RFC 5280). 2308 struct NAME_CONSTRAINTS_st { 2309 STACK_OF(GENERAL_SUBTREE) *permittedSubtrees; 2310 STACK_OF(GENERAL_SUBTREE) *excludedSubtrees; 2311 } /* NAME_CONSTRAINTS */; 2312 2313 // NAME_CONSTRAINTS is an |ASN1_ITEM| whose ASN.1 type is NameConstraints (RFC 2314 // 5280) and C type is |NAME_CONSTRAINTS*|. 2315 DECLARE_ASN1_ITEM(NAME_CONSTRAINTS) 2316 2317 // NAME_CONSTRAINTS_new returns a newly-allocated, empty |NAME_CONSTRAINTS| 2318 // object, or NULL on error. 2319 OPENSSL_EXPORT NAME_CONSTRAINTS *NAME_CONSTRAINTS_new(void); 2320 2321 // NAME_CONSTRAINTS_free releases memory associated with |ncons|. 2322 OPENSSL_EXPORT void NAME_CONSTRAINTS_free(NAME_CONSTRAINTS *ncons); 2323 2324 2325 // Authority information access. 2326 // 2327 // The authority information access extension (RFC 5280, 4.2.2.1) describes 2328 // where to obtain information about the issuer of a certificate. It is most 2329 // commonly used with accessMethod values of id-ad-caIssuers and id-ad-ocsp, to 2330 // indicate where to fetch the issuer certificate (if not provided in-band) and 2331 // the issuer's OCSP responder, respectively. 2332 2333 // An ACCESS_DESCRIPTION represents an AccessDescription structure (RFC 5280). 2334 typedef struct ACCESS_DESCRIPTION_st { 2335 ASN1_OBJECT *method; 2336 GENERAL_NAME *location; 2337 } ACCESS_DESCRIPTION; 2338 2339 DEFINE_STACK_OF(ACCESS_DESCRIPTION) 2340 2341 // ACCESS_DESCRIPTION_new returns a newly-allocated, empty |ACCESS_DESCRIPTION| 2342 // object, or NULL on error. 2343 OPENSSL_EXPORT ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void); 2344 2345 // ACCESS_DESCRIPTION_free releases memory associated with |desc|. 2346 OPENSSL_EXPORT void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *desc); 2347 2348 typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; 2349 2350 // AUTHORITY_INFO_ACCESS is an |ASN1_ITEM| whose ASN.1 type is 2351 // AuthorityInfoAccessSyntax (RFC 5280) and C type is 2352 // |STACK_OF(ACCESS_DESCRIPTION)*|, or |AUTHORITY_INFO_ACCESS*|. 2353 DECLARE_ASN1_ITEM(AUTHORITY_INFO_ACCESS) 2354 2355 // AUTHORITY_INFO_ACCESS_new returns a newly-allocated, empty 2356 // |AUTHORITY_INFO_ACCESS| object, or NULL on error. 2357 OPENSSL_EXPORT AUTHORITY_INFO_ACCESS *AUTHORITY_INFO_ACCESS_new(void); 2358 2359 // AUTHORITY_INFO_ACCESS_free releases memory associated with |aia|. 2360 OPENSSL_EXPORT void AUTHORITY_INFO_ACCESS_free(AUTHORITY_INFO_ACCESS *aia); 2361 2362 // d2i_AUTHORITY_INFO_ACCESS parses up to |len| bytes from |*inp| as a 2363 // DER-encoded AuthorityInfoAccessSyntax (RFC 5280), as described in 2364 // |d2i_SAMPLE|. 2365 OPENSSL_EXPORT AUTHORITY_INFO_ACCESS *d2i_AUTHORITY_INFO_ACCESS( 2366 AUTHORITY_INFO_ACCESS **out, const uint8_t **inp, long len); 2367 2368 // i2d_AUTHORITY_INFO_ACCESS marshals |aia| as a DER-encoded 2369 // AuthorityInfoAccessSyntax (RFC 5280), as described in |i2d_SAMPLE|. 2370 // 2371 // TODO(https://crbug.com/boringssl/407): |aia| is not const because it 2372 // contains an |X509_NAME|. 2373 OPENSSL_EXPORT int i2d_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS *aia, 2374 uint8_t **outp); 2375 2376 2377 // CRL distribution points. 2378 // 2379 // The CRL distribution points extension (RFC 5280, 4.2.1.13) indicates where to 2380 // fetch a certificate issuer's CRL. The corresponding issuing distribution 2381 // point CRL extension (RFC 5280, section 5.2.5) matches against this extension. 2382 2383 // A DIST_POINT_NAME represents a DistributionPointName structure (RFC 5280). 2384 // The |name| field contains the CHOICE value and is determined by |type|. If 2385 // |type| is zero, |name| must be a |fullname|. If |type| is one, |name| must be 2386 // a |relativename|. 2387 // 2388 // WARNING: |type| and |name| must be kept consistent. An inconsistency will 2389 // result in a potentially exploitable memory error. 2390 typedef struct DIST_POINT_NAME_st { 2391 int type; 2392 union { 2393 GENERAL_NAMES *fullname; 2394 STACK_OF(X509_NAME_ENTRY) *relativename; 2395 } name; 2396 // If relativename then this contains the full distribution point name 2397 X509_NAME *dpname; 2398 } DIST_POINT_NAME; 2399 2400 // DIST_POINT_NAME_new returns a newly-allocated, empty |DIST_POINT_NAME| 2401 // object, or NULL on error. 2402 OPENSSL_EXPORT DIST_POINT_NAME *DIST_POINT_NAME_new(void); 2403 2404 // DIST_POINT_NAME_free releases memory associated with |name|. 2405 OPENSSL_EXPORT void DIST_POINT_NAME_free(DIST_POINT_NAME *name); 2406 2407 // A DIST_POINT_st, aka |DIST_POINT|, represents a DistributionPoint structure 2408 // (RFC 5280). 2409 struct DIST_POINT_st { 2410 DIST_POINT_NAME *distpoint; 2411 ASN1_BIT_STRING *reasons; 2412 GENERAL_NAMES *CRLissuer; 2413 } /* DIST_POINT */; 2414 2415 DEFINE_STACK_OF(DIST_POINT) 2416 2417 // DIST_POINT_new returns a newly-allocated, empty |DIST_POINT| object, or NULL 2418 // on error. 2419 OPENSSL_EXPORT DIST_POINT *DIST_POINT_new(void); 2420 2421 // DIST_POINT_free releases memory associated with |dp|. 2422 OPENSSL_EXPORT void DIST_POINT_free(DIST_POINT *dp); 2423 2424 typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS; 2425 2426 // CRL_DIST_POINTS is an |ASN1_ITEM| whose ASN.1 type is CRLDistributionPoints 2427 // (RFC 5280) and C type is |CRL_DIST_POINTS*|. 2428 DECLARE_ASN1_ITEM(CRL_DIST_POINTS) 2429 2430 // CRL_DIST_POINTS_new returns a newly-allocated, empty |CRL_DIST_POINTS| 2431 // object, or NULL on error. 2432 OPENSSL_EXPORT CRL_DIST_POINTS *CRL_DIST_POINTS_new(void); 2433 2434 // CRL_DIST_POINTS_free releases memory associated with |crldp|. 2435 OPENSSL_EXPORT void CRL_DIST_POINTS_free(CRL_DIST_POINTS *crldp); 2436 2437 // d2i_CRL_DIST_POINTS parses up to |len| bytes from |*inp| as a DER-encoded 2438 // CRLDistributionPoints (RFC 5280), as described in |d2i_SAMPLE|. 2439 OPENSSL_EXPORT CRL_DIST_POINTS *d2i_CRL_DIST_POINTS(CRL_DIST_POINTS **out, 2440 const uint8_t **inp, 2441 long len); 2442 2443 // i2d_CRL_DIST_POINTS marshals |crldp| as a DER-encoded CRLDistributionPoints 2444 // (RFC 5280), as described in |i2d_SAMPLE|. 2445 // 2446 // TODO(https://crbug.com/boringssl/407): |crldp| is not const because it 2447 // contains an |X509_NAME|. 2448 OPENSSL_EXPORT int i2d_CRL_DIST_POINTS(CRL_DIST_POINTS *crldp, uint8_t **outp); 2449 2450 // A ISSUING_DIST_POINT_st, aka |ISSUING_DIST_POINT|, represents a 2451 // IssuingDistributionPoint structure (RFC 5280). 2452 struct ISSUING_DIST_POINT_st { 2453 DIST_POINT_NAME *distpoint; 2454 ASN1_BOOLEAN onlyuser; 2455 ASN1_BOOLEAN onlyCA; 2456 ASN1_BIT_STRING *onlysomereasons; 2457 ASN1_BOOLEAN indirectCRL; 2458 ASN1_BOOLEAN onlyattr; 2459 } /* ISSUING_DIST_POINT */; 2460 2461 // ISSUING_DIST_POINT is an |ASN1_ITEM| whose ASN.1 type is 2462 // IssuingDistributionPoint (RFC 5280) and C type is |ISSUING_DIST_POINT*|. 2463 DECLARE_ASN1_ITEM(ISSUING_DIST_POINT) 2464 2465 // ISSUING_DIST_POINT_new returns a newly-allocated, empty |ISSUING_DIST_POINT| 2466 // object, or NULL on error. 2467 OPENSSL_EXPORT ISSUING_DIST_POINT *ISSUING_DIST_POINT_new(void); 2468 2469 // ISSUING_DIST_POINT_free releases memory associated with |idp|. 2470 OPENSSL_EXPORT void ISSUING_DIST_POINT_free(ISSUING_DIST_POINT *idp); 2471 2472 // d2i_ISSUING_DIST_POINT parses up to |len| bytes from |*inp| as a DER-encoded 2473 // IssuingDistributionPoint (RFC 5280), as described in |d2i_SAMPLE|. 2474 OPENSSL_EXPORT ISSUING_DIST_POINT *d2i_ISSUING_DIST_POINT( 2475 ISSUING_DIST_POINT **out, const uint8_t **inp, long len); 2476 2477 // i2d_ISSUING_DIST_POINT marshals |idp| as a DER-encoded 2478 // IssuingDistributionPoint (RFC 5280), as described in |i2d_SAMPLE|. 2479 // 2480 // TODO(https://crbug.com/boringssl/407): |idp| is not const because it 2481 // contains an |X509_NAME|. 2482 OPENSSL_EXPORT int i2d_ISSUING_DIST_POINT(ISSUING_DIST_POINT *idp, 2483 uint8_t **outp); 2484 2485 2486 // Certificate policies. 2487 // 2488 // The certificate policies extension (RFC 5280, section 4.2.1.4), along with a 2489 // suite of related extensions determines the "policies" that apply to a 2490 // certificate path. Evaluating these policies is extremely complex and has led 2491 // to denial-of-service vulnerabilities in several X.509 implementations. See 2492 // draft-ietf-lamps-x509-policy-graph. 2493 // 2494 // Do not use this mechanism. 2495 2496 // A NOTICEREF represents a NoticeReference structure (RFC 5280). 2497 typedef struct NOTICEREF_st { 2498 ASN1_STRING *organization; 2499 STACK_OF(ASN1_INTEGER) *noticenos; 2500 } NOTICEREF; 2501 2502 // NOTICEREF_new returns a newly-allocated, empty |NOTICEREF| object, or NULL 2503 // on error. 2504 OPENSSL_EXPORT NOTICEREF *NOTICEREF_new(void); 2505 2506 // NOTICEREF_free releases memory associated with |ref|. 2507 OPENSSL_EXPORT void NOTICEREF_free(NOTICEREF *ref); 2508 2509 // A USERNOTICE represents a UserNotice structure (RFC 5280). 2510 typedef struct USERNOTICE_st { 2511 NOTICEREF *noticeref; 2512 ASN1_STRING *exptext; 2513 } USERNOTICE; 2514 2515 // USERNOTICE_new returns a newly-allocated, empty |USERNOTICE| object, or NULL 2516 // on error. 2517 OPENSSL_EXPORT USERNOTICE *USERNOTICE_new(void); 2518 2519 // USERNOTICE_free releases memory associated with |notice|. 2520 OPENSSL_EXPORT void USERNOTICE_free(USERNOTICE *notice); 2521 2522 // A POLICYQUALINFO represents a PolicyQualifierInfo structure (RFC 5280). |d| 2523 // contains the qualifier field of the PolicyQualifierInfo. Its type is 2524 // determined by |pqualid|. If |pqualid| is |NID_id_qt_cps|, |d| must be 2525 // |cpsuri|. If |pqualid| is |NID_id_qt_unotice|, |d| must be |usernotice|. 2526 // Otherwise, |d| must be |other|. 2527 // 2528 // WARNING: |pqualid| and |d| must be kept consistent. An inconsistency will 2529 // result in a potentially exploitable memory error. 2530 typedef struct POLICYQUALINFO_st { 2531 ASN1_OBJECT *pqualid; 2532 union { 2533 ASN1_IA5STRING *cpsuri; 2534 USERNOTICE *usernotice; 2535 ASN1_TYPE *other; 2536 } d; 2537 } POLICYQUALINFO; 2538 2539 DEFINE_STACK_OF(POLICYQUALINFO) 2540 2541 // POLICYQUALINFO_new returns a newly-allocated, empty |POLICYQUALINFO| object, 2542 // or NULL on error. 2543 OPENSSL_EXPORT POLICYQUALINFO *POLICYQUALINFO_new(void); 2544 2545 // POLICYQUALINFO_free releases memory associated with |info|. 2546 OPENSSL_EXPORT void POLICYQUALINFO_free(POLICYQUALINFO *info); 2547 2548 // A POLICYINFO represents a PolicyInformation structure (RFC 5280). 2549 typedef struct POLICYINFO_st { 2550 ASN1_OBJECT *policyid; 2551 STACK_OF(POLICYQUALINFO) *qualifiers; 2552 } POLICYINFO; 2553 2554 DEFINE_STACK_OF(POLICYINFO) 2555 2556 // POLICYINFO_new returns a newly-allocated, empty |POLICYINFO| object, or NULL 2557 // on error. 2558 OPENSSL_EXPORT POLICYINFO *POLICYINFO_new(void); 2559 2560 // POLICYINFO_free releases memory associated with |info|. 2561 OPENSSL_EXPORT void POLICYINFO_free(POLICYINFO *info); 2562 2563 typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; 2564 2565 // CERTIFICATEPOLICIES is an |ASN1_ITEM| whose ASN.1 type is CertificatePolicies 2566 // (RFC 5280) and C type is |STACK_OF(POLICYINFO)*|, or |CERTIFICATEPOLICIES*|. 2567 DECLARE_ASN1_ITEM(CERTIFICATEPOLICIES) 2568 2569 // CERTIFICATEPOLICIES_new returns a newly-allocated, empty 2570 // |CERTIFICATEPOLICIES| object, or NULL on error. 2571 OPENSSL_EXPORT CERTIFICATEPOLICIES *CERTIFICATEPOLICIES_new(void); 2572 2573 // CERTIFICATEPOLICIES_free releases memory associated with |policies|. 2574 OPENSSL_EXPORT void CERTIFICATEPOLICIES_free(CERTIFICATEPOLICIES *policies); 2575 2576 // d2i_CERTIFICATEPOLICIES parses up to |len| bytes from |*inp| as a DER-encoded 2577 // CertificatePolicies (RFC 5280), as described in |d2i_SAMPLE|. 2578 OPENSSL_EXPORT CERTIFICATEPOLICIES *d2i_CERTIFICATEPOLICIES( 2579 CERTIFICATEPOLICIES **out, const uint8_t **inp, long len); 2580 2581 // i2d_CERTIFICATEPOLICIES marshals |policies| as a DER-encoded 2582 // CertificatePolicies (RFC 5280), as described in |i2d_SAMPLE|. 2583 OPENSSL_EXPORT int i2d_CERTIFICATEPOLICIES(const CERTIFICATEPOLICIES *policies, 2584 uint8_t **outp); 2585 2586 // A POLICY_MAPPING represents an individual element of a PolicyMappings 2587 // structure (RFC 5280). 2588 typedef struct POLICY_MAPPING_st { 2589 ASN1_OBJECT *issuerDomainPolicy; 2590 ASN1_OBJECT *subjectDomainPolicy; 2591 } POLICY_MAPPING; 2592 2593 DEFINE_STACK_OF(POLICY_MAPPING) 2594 2595 // POLICY_MAPPING_new returns a newly-allocated, empty |POLICY_MAPPING| object, 2596 // or NULL on error. 2597 OPENSSL_EXPORT POLICY_MAPPING *POLICY_MAPPING_new(void); 2598 2599 // POLICY_MAPPING_free releases memory associated with |mapping|. 2600 OPENSSL_EXPORT void POLICY_MAPPING_free(POLICY_MAPPING *mapping); 2601 2602 typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS; 2603 2604 // POLICY_MAPPINGS is an |ASN1_ITEM| whose ASN.1 type is PolicyMappings (RFC 2605 // 5280) and C type is |STACK_OF(POLICY_MAPPING)*|, or |POLICY_MAPPINGS*|. 2606 DECLARE_ASN1_ITEM(POLICY_MAPPINGS) 2607 2608 // A POLICY_CONSTRAINTS represents a PolicyConstraints structure (RFC 5280). 2609 typedef struct POLICY_CONSTRAINTS_st { 2610 ASN1_INTEGER *requireExplicitPolicy; 2611 ASN1_INTEGER *inhibitPolicyMapping; 2612 } POLICY_CONSTRAINTS; 2613 2614 // POLICY_CONSTRAINTS is an |ASN1_ITEM| whose ASN.1 type is PolicyConstraints 2615 // (RFC 5280) and C type is |POLICY_CONSTRAINTS*|. 2616 DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS) 2617 2618 // POLICY_CONSTRAINTS_new returns a newly-allocated, empty |POLICY_CONSTRAINTS| 2619 // object, or NULL on error. 2620 OPENSSL_EXPORT POLICY_CONSTRAINTS *POLICY_CONSTRAINTS_new(void); 2621 2622 // POLICY_CONSTRAINTS_free releases memory associated with |pcons|. 2623 OPENSSL_EXPORT void POLICY_CONSTRAINTS_free(POLICY_CONSTRAINTS *pcons); 2624 2625 2626 // Algorithm identifiers. 2627 // 2628 // An |X509_ALGOR| represents an AlgorithmIdentifier structure, used in X.509 2629 // to represent signature algorithms and public key algorithms. 2630 2631 DEFINE_STACK_OF(X509_ALGOR) 2632 2633 // X509_ALGOR is an |ASN1_ITEM| whose ASN.1 type is AlgorithmIdentifier and C 2634 // type is |X509_ALGOR*|. 2635 DECLARE_ASN1_ITEM(X509_ALGOR) 2636 2637 // X509_ALGOR_new returns a newly-allocated, empty |X509_ALGOR| object, or NULL 2638 // on error. 2639 OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_new(void); 2640 2641 // X509_ALGOR_dup returns a newly-allocated copy of |alg|, or NULL on error. 2642 // This function works by serializing the structure, so if |alg| is incomplete, 2643 // it may fail. 2644 OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_dup(const X509_ALGOR *alg); 2645 2646 // X509_ALGOR_free releases memory associated with |alg|. 2647 OPENSSL_EXPORT void X509_ALGOR_free(X509_ALGOR *alg); 2648 2649 // d2i_X509_ALGOR parses up to |len| bytes from |*inp| as a DER-encoded 2650 // AlgorithmIdentifier, as described in |d2i_SAMPLE|. 2651 OPENSSL_EXPORT X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **out, const uint8_t **inp, 2652 long len); 2653 2654 // i2d_X509_ALGOR marshals |alg| as a DER-encoded AlgorithmIdentifier, as 2655 // described in |i2d_SAMPLE|. 2656 OPENSSL_EXPORT int i2d_X509_ALGOR(const X509_ALGOR *alg, uint8_t **outp); 2657 2658 // X509_ALGOR_set0 sets |alg| to an AlgorithmIdentifier with algorithm |obj| and 2659 // parameter determined by |param_type| and |param_value|. It returns one on 2660 // success and zero on error. This function takes ownership of |obj| and 2661 // |param_value| on success. 2662 // 2663 // If |param_type| is |V_ASN1_UNDEF|, the parameter is omitted. If |param_type| 2664 // is zero, the parameter is left unchanged. Otherwise, |param_type| and 2665 // |param_value| are interpreted as in |ASN1_TYPE_set|. 2666 // 2667 // Note omitting the parameter (|V_ASN1_UNDEF|) and encoding an explicit NULL 2668 // value (|V_ASN1_NULL|) are different. Some algorithms require one and some the 2669 // other. Consult the relevant specification before calling this function. The 2670 // correct parameter for an RSASSA-PKCS1-v1_5 signature is |V_ASN1_NULL|. The 2671 // correct one for an ECDSA or Ed25519 signature is |V_ASN1_UNDEF|. 2672 OPENSSL_EXPORT int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *obj, 2673 int param_type, void *param_value); 2674 2675 // X509_ALGOR_get0 sets |*out_obj| to the |alg|'s algorithm. If |alg|'s 2676 // parameter is omitted, it sets |*out_param_type| and |*out_param_value| to 2677 // |V_ASN1_UNDEF| and NULL. Otherwise, it sets |*out_param_type| and 2678 // |*out_param_value| to the parameter, using the same representation as 2679 // |ASN1_TYPE_set0|. See |ASN1_TYPE_set0| and |ASN1_TYPE| for details. 2680 // 2681 // Callers that require the parameter in serialized form should, after checking 2682 // for |V_ASN1_UNDEF|, use |ASN1_TYPE_set1| and |d2i_ASN1_TYPE|, rather than 2683 // inspecting |*out_param_value|. 2684 // 2685 // Each of |out_obj|, |out_param_type|, and |out_param_value| may be NULL to 2686 // ignore the output. If |out_param_type| is NULL, |out_param_value| is ignored. 2687 // 2688 // WARNING: If |*out_param_type| is set to |V_ASN1_UNDEF|, OpenSSL and older 2689 // revisions of BoringSSL leave |*out_param_value| unset rather than setting it 2690 // to NULL. Callers that support both OpenSSL and BoringSSL should not assume 2691 // |*out_param_value| is uniformly initialized. 2692 OPENSSL_EXPORT void X509_ALGOR_get0(const ASN1_OBJECT **out_obj, 2693 int *out_param_type, 2694 const void **out_param_value, 2695 const X509_ALGOR *alg); 2696 2697 // X509_ALGOR_set_md sets |alg| to the hash function |md|. Note this 2698 // AlgorithmIdentifier represents the hash function itself, not a signature 2699 // algorithm that uses |md|. It returns one on success and zero on error. 2700 // 2701 // Due to historical specification mistakes (see Section 2.1 of RFC 4055), the 2702 // parameters field is sometimes omitted and sometimes a NULL value. When used 2703 // in RSASSA-PSS and RSAES-OAEP, it should be a NULL value. In other contexts, 2704 // the parameters should be omitted. This function assumes the caller is 2705 // constructing a RSASSA-PSS or RSAES-OAEP AlgorithmIdentifier and includes a 2706 // NULL parameter. This differs from OpenSSL's behavior. 2707 // 2708 // TODO(davidben): Rename this function, or perhaps just add a bespoke API for 2709 // constructing PSS and move on. 2710 OPENSSL_EXPORT int X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); 2711 2712 // X509_ALGOR_cmp returns zero if |a| and |b| are equal, and some non-zero value 2713 // otherwise. Note this function can only be used for equality checks, not an 2714 // ordering. 2715 OPENSSL_EXPORT int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); 2716 2717 2718 // Attributes. 2719 // 2720 // Unlike certificates and CRLs, CSRs use a separate Attribute structure (RFC 2721 // 2985, RFC 2986) for extensibility. This is represented by the library as 2722 // |X509_ATTRIBUTE|. 2723 2724 DEFINE_STACK_OF(X509_ATTRIBUTE) 2725 2726 // X509_ATTRIBUTE_new returns a newly-allocated, empty |X509_ATTRIBUTE| object, 2727 // or NULL on error. |X509_ATTRIBUTE_set1_*| may be used to finish initializing 2728 // it. 2729 OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_new(void); 2730 2731 // X509_ATTRIBUTE_dup returns a newly-allocated copy of |attr|, or NULL on 2732 // error. This function works by serializing the structure, so if |attr| is 2733 // incomplete, it may fail. 2734 OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_dup(const X509_ATTRIBUTE *attr); 2735 2736 // X509_ATTRIBUTE_free releases memory associated with |attr|. 2737 OPENSSL_EXPORT void X509_ATTRIBUTE_free(X509_ATTRIBUTE *attr); 2738 2739 // d2i_X509_ATTRIBUTE parses up to |len| bytes from |*inp| as a DER-encoded 2740 // Attribute (RFC 2986), as described in |d2i_SAMPLE|. 2741 OPENSSL_EXPORT X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **out, 2742 const uint8_t **inp, 2743 long len); 2744 2745 // i2d_X509_ATTRIBUTE marshals |alg| as a DER-encoded Attribute (RFC 2986), as 2746 // described in |i2d_SAMPLE|. 2747 OPENSSL_EXPORT int i2d_X509_ATTRIBUTE(const X509_ATTRIBUTE *alg, 2748 uint8_t **outp); 2749 2750 // X509_ATTRIBUTE_create returns a newly-allocated |X509_ATTRIBUTE|, or NULL on 2751 // error. The attribute has type |nid| and contains a single value determined by 2752 // |attrtype| and |value|, which are interpreted as in |ASN1_TYPE_set|. Note 2753 // this function takes ownership of |value|. 2754 OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int attrtype, 2755 void *value); 2756 2757 // X509_ATTRIBUTE_create_by_NID returns a newly-allocated |X509_ATTRIBUTE| of 2758 // type |nid|, or NULL on error. The value is determined as in 2759 // |X509_ATTRIBUTE_set1_data|. 2760 // 2761 // If |attr| is non-NULL, the resulting |X509_ATTRIBUTE| is also written to 2762 // |*attr|. If |*attr| was non-NULL when the function was called, |*attr| is 2763 // reused instead of creating a new object. 2764 // 2765 // WARNING: The interpretation of |attrtype|, |data|, and |len| is complex and 2766 // error-prone. See |X509_ATTRIBUTE_set1_data| for details. 2767 // 2768 // WARNING: The object reuse form is deprecated and may be removed in the 2769 // future. It also currently incorrectly appends to the reused object's value 2770 // set rather than overwriting it. 2771 OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID( 2772 X509_ATTRIBUTE **attr, int nid, int attrtype, const void *data, int len); 2773 2774 // X509_ATTRIBUTE_create_by_OBJ behaves like |X509_ATTRIBUTE_create_by_NID| 2775 // except the attribute's type is determined by |obj|. 2776 OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ( 2777 X509_ATTRIBUTE **attr, const ASN1_OBJECT *obj, int attrtype, 2778 const void *data, int len); 2779 2780 // X509_ATTRIBUTE_create_by_txt behaves like |X509_ATTRIBUTE_create_by_NID| 2781 // except the attribute's type is determined by calling |OBJ_txt2obj| with 2782 // |attrname|. 2783 OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt( 2784 X509_ATTRIBUTE **attr, const char *attrname, int type, 2785 const unsigned char *bytes, int len); 2786 2787 // X509_ATTRIBUTE_set1_object sets |attr|'s type to |obj|. It returns one on 2788 // success and zero on error. 2789 OPENSSL_EXPORT int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, 2790 const ASN1_OBJECT *obj); 2791 2792 // X509_ATTRIBUTE_set1_data appends a value to |attr|'s value set and returns 2793 // one on success or zero on error. The value is determined as follows: 2794 // 2795 // If |attrtype| is zero, this function returns one and does nothing. This form 2796 // may be used when calling |X509_ATTRIBUTE_create_by_*| to create an attribute 2797 // with an empty value set. Such attributes are invalid, but OpenSSL supports 2798 // creating them. 2799 // 2800 // Otherwise, if |attrtype| is a |MBSTRING_*| constant, the value is an ASN.1 2801 // string. The string is determined by decoding |len| bytes from |data| in the 2802 // encoding specified by |attrtype|, and then re-encoding it in a form 2803 // appropriate for |attr|'s type. If |len| is -1, |strlen(data)| is used 2804 // instead. See |ASN1_STRING_set_by_NID| for details. 2805 // 2806 // Otherwise, if |len| is not -1, the value is an ASN.1 string. |attrtype| is an 2807 // |ASN1_STRING| type value and the |len| bytes from |data| are copied as the 2808 // type-specific representation of |ASN1_STRING|. See |ASN1_STRING| for details. 2809 // 2810 // Otherwise, if |len| is -1, the value is constructed by passing |attrtype| and 2811 // |data| to |ASN1_TYPE_set1|. That is, |attrtype| is an |ASN1_TYPE| type value, 2812 // and |data| is cast to the corresponding pointer type. 2813 // 2814 // WARNING: Despite the name, this function appends to |attr|'s value set, 2815 // rather than overwriting it. To overwrite the value set, create a new 2816 // |X509_ATTRIBUTE| with |X509_ATTRIBUTE_new|. 2817 // 2818 // WARNING: If using the |MBSTRING_*| form, pass a length rather than relying on 2819 // |strlen|. In particular, |strlen| will not behave correctly if the input is 2820 // |MBSTRING_BMP| or |MBSTRING_UNIV|. 2821 // 2822 // WARNING: This function currently misinterprets |V_ASN1_OTHER| as an 2823 // |MBSTRING_*| constant. This matches OpenSSL but means it is impossible to 2824 // construct a value with a non-universal tag. 2825 OPENSSL_EXPORT int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, 2826 const void *data, int len); 2827 2828 // X509_ATTRIBUTE_get0_data returns the |idx|th value of |attr| in a 2829 // type-specific representation to |attrtype|, or NULL if out of bounds or the 2830 // type does not match. |attrtype| is one of the type values in |ASN1_TYPE|. On 2831 // match, the return value uses the same representation as |ASN1_TYPE_set0|. See 2832 // |ASN1_TYPE| for details. 2833 OPENSSL_EXPORT void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, 2834 int attrtype, void *unused); 2835 2836 // X509_ATTRIBUTE_count returns the number of values in |attr|. 2837 OPENSSL_EXPORT int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr); 2838 2839 // X509_ATTRIBUTE_get0_object returns the type of |attr|. 2840 OPENSSL_EXPORT ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); 2841 2842 // X509_ATTRIBUTE_get0_type returns the |idx|th value in |attr|, or NULL if out 2843 // of bounds. Note this function returns one of |attr|'s values, not the type. 2844 OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, 2845 int idx); 2846 2847 2848 // Certificate stores. 2849 // 2850 // An |X509_STORE| contains trusted certificates, CRLs, and verification 2851 // parameters that are shared between multiple certificate verifications. 2852 // 2853 // Certificates in an |X509_STORE| are referred to as "trusted certificates", 2854 // but an individual certificate verification may not necessarily treat every 2855 // trusted certificate as a trust anchor. See |X509_VERIFY_PARAM_set_trust| for 2856 // details. 2857 // 2858 // WARNING: Although a trusted certificate which fails the 2859 // |X509_VERIFY_PARAM_set_trust| check is functionally an untrusted 2860 // intermediate certificate, callers should not rely on this to configure 2861 // untrusted intermediates in an |X509_STORE|. The trust check is complex, so 2862 // this risks inadvertently treating it as a trust anchor. Instead, configure 2863 // untrusted intermediates with the |chain| parameter of |X509_STORE_CTX_init|. 2864 // 2865 // Certificates in |X509_STORE| may be specified in several ways: 2866 // - Added by |X509_STORE_add_cert|. 2867 // - Returned by an |X509_LOOKUP| added by |X509_STORE_add_lookup|. 2868 // 2869 // |X509_STORE|s are reference-counted and may be shared by certificate 2870 // verifications running concurrently on multiple threads. However, an 2871 // |X509_STORE|'s verification parameters may not be modified concurrently with 2872 // certificate verification or other operations. Unless otherwise documented, 2873 // functions which take const pointer may be used concurrently, while 2874 // functions which take a non-const pointer may not. Callers that wish to modify 2875 // verification parameters in a shared |X509_STORE| should instead modify 2876 // |X509_STORE_CTX|s individually. 2877 // 2878 // Objects in an |X509_STORE| are represented as an |X509_OBJECT|. Some 2879 // functions in this library return values with this type. 2880 2881 // X509_STORE_new returns a newly-allocated |X509_STORE|, or NULL on error. 2882 OPENSSL_EXPORT X509_STORE *X509_STORE_new(void); 2883 2884 // X509_STORE_up_ref adds one to the reference count of |store| and returns one. 2885 // Although |store| is not const, this function's use of |store| is thread-safe. 2886 OPENSSL_EXPORT int X509_STORE_up_ref(X509_STORE *store); 2887 2888 // X509_STORE_free releases memory associated with |store|. 2889 OPENSSL_EXPORT void X509_STORE_free(X509_STORE *store); 2890 2891 // X509_STORE_add_cert adds |x509| to |store| as a trusted certificate. It 2892 // returns one on success and zero on error. This function internally increments 2893 // |x509|'s reference count, so the caller retains ownership of |x509|. 2894 // 2895 // Certificates configured by this function are still subject to the checks 2896 // described in |X509_VERIFY_PARAM_set_trust|. 2897 // 2898 // Although |store| is not const, this function's use of |store| is thread-safe. 2899 // However, if this function is called concurrently with |X509_verify_cert|, it 2900 // is a race condition whether |x509| is available for issuer lookups. 2901 // Moreover, the result may differ for each issuer lookup performed by a single 2902 // |X509_verify_cert| call. 2903 OPENSSL_EXPORT int X509_STORE_add_cert(X509_STORE *store, X509 *x509); 2904 2905 // X509_STORE_add_crl adds |crl| to |store|. It returns one on success and zero 2906 // on error. This function internally increments |crl|'s reference count, so the 2907 // caller retains ownership of |crl|. CRLs added in this way are candidates for 2908 // CRL lookup when |X509_V_FLAG_CRL_CHECK| is set. 2909 // 2910 // Although |store| is not const, this function's use of |store| is thread-safe. 2911 // However, if this function is called concurrently with |X509_verify_cert|, it 2912 // is a race condition whether |crl| is available for CRL checks. Moreover, the 2913 // result may differ for each CRL check performed by a single 2914 // |X509_verify_cert| call. 2915 // 2916 // Note there are no supported APIs to remove CRLs from |store| once inserted. 2917 // To vary the set of CRLs over time, callers should either create a new 2918 // |X509_STORE| or configure CRLs on a per-verification basis with 2919 // |X509_STORE_CTX_set0_crls|. 2920 OPENSSL_EXPORT int X509_STORE_add_crl(X509_STORE *store, X509_CRL *crl); 2921 2922 // X509_STORE_get0_param returns |store|'s verification parameters. This object 2923 // is mutable and may be modified by the caller. For an individual certificate 2924 // verification operation, |X509_STORE_CTX_init| initializes the 2925 // |X509_STORE_CTX|'s parameters with these parameters. 2926 // 2927 // WARNING: |X509_STORE_CTX_init| applies some default parameters (as in 2928 // |X509_VERIFY_PARAM_inherit|) after copying |store|'s parameters. This means 2929 // it is impossible to leave some parameters unset at |store|. They must be 2930 // explicitly unset after creating the |X509_STORE_CTX|. 2931 // 2932 // As of writing these late defaults are a depth limit (see 2933 // |X509_VERIFY_PARAM_set_depth|) and the |X509_V_FLAG_TRUSTED_FIRST| flag. This 2934 // warning does not apply if the parameters were set in |store|. 2935 // 2936 // TODO(crbug.com/boringssl/441): This behavior is very surprising. Can we 2937 // remove this notion of late defaults? The unsettable value at |X509_STORE| is 2938 // -1, which rejects everything but explicitly-trusted self-signed certificates. 2939 // |X509_V_FLAG_TRUSTED_FIRST| is mostly a workaround for poor path-building. 2940 OPENSSL_EXPORT X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *store); 2941 2942 // X509_STORE_set1_param copies verification parameters from |param| as in 2943 // |X509_VERIFY_PARAM_set1|. It returns one on success and zero on error. 2944 OPENSSL_EXPORT int X509_STORE_set1_param(X509_STORE *store, 2945 const X509_VERIFY_PARAM *param); 2946 2947 // X509_STORE_set_flags enables all values in |flags| in |store|'s verification 2948 // flags. |flags| should be a combination of |X509_V_FLAG_*| constants. 2949 // 2950 // WARNING: These flags will be combined with default flags when copied to an 2951 // |X509_STORE_CTX|. This means it is impossible to unset those defaults from 2952 // the |X509_STORE|. See discussion in |X509_STORE_get0_param|. 2953 OPENSSL_EXPORT int X509_STORE_set_flags(X509_STORE *store, unsigned long flags); 2954 2955 // X509_STORE_set_depth configures |store| to, by default, limit certificate 2956 // chains to |depth| intermediate certificates. This count excludes both the 2957 // target certificate and the trust anchor (root certificate). 2958 OPENSSL_EXPORT int X509_STORE_set_depth(X509_STORE *store, int depth); 2959 2960 // X509_STORE_set_purpose configures the purpose check for |store|. See 2961 // |X509_VERIFY_PARAM_set_purpose| for details. 2962 OPENSSL_EXPORT int X509_STORE_set_purpose(X509_STORE *store, int purpose); 2963 2964 // X509_STORE_set_trust configures the trust check for |store|. See 2965 // |X509_VERIFY_PARAM_set_trust| for details. 2966 OPENSSL_EXPORT int X509_STORE_set_trust(X509_STORE *store, int trust); 2967 2968 // The following constants indicate the type of an |X509_OBJECT|. 2969 #define X509_LU_NONE 0 2970 #define X509_LU_X509 1 2971 #define X509_LU_CRL 2 2972 #define X509_LU_PKEY 3 2973 2974 DEFINE_STACK_OF(X509_OBJECT) 2975 2976 // X509_OBJECT_new returns a newly-allocated, empty |X509_OBJECT| or NULL on 2977 // error. 2978 OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_new(void); 2979 2980 // X509_OBJECT_free releases memory associated with |obj|. 2981 OPENSSL_EXPORT void X509_OBJECT_free(X509_OBJECT *obj); 2982 2983 // X509_OBJECT_get_type returns the type of |obj|, which will be one of the 2984 // |X509_LU_*| constants. 2985 OPENSSL_EXPORT int X509_OBJECT_get_type(const X509_OBJECT *obj); 2986 2987 // X509_OBJECT_get0_X509 returns |obj| as a certificate, or NULL if |obj| is not 2988 // a certificate. 2989 OPENSSL_EXPORT X509 *X509_OBJECT_get0_X509(const X509_OBJECT *obj); 2990 2991 // X509_STORE_get1_objects returns a newly-allocated stack containing the 2992 // contents of |store|, or NULL on error. The caller must release the result 2993 // with |sk_X509_OBJECT_pop_free| and |X509_OBJECT_free| when done. 2994 // 2995 // The result will include all certificates and CRLs added via 2996 // |X509_STORE_add_cert| and |X509_STORE_add_crl|, as well as any cached objects 2997 // added by |X509_LOOKUP_add_dir|. The last of these may change over time, as 2998 // different objects are loaded from the filesystem. Callers should not depend 2999 // on this caching behavior. The objects are returned in no particular order. 3000 OPENSSL_EXPORT STACK_OF(X509_OBJECT) *X509_STORE_get1_objects( 3001 X509_STORE *store); 3002 3003 3004 // Certificate verification. 3005 // 3006 // An |X509_STORE_CTX| object represents a single certificate verification 3007 // operation. To verify a certificate chain, callers construct an 3008 // |X509_STORE_CTX|, initialize it with |X509_STORE_CTX_init|, configure extra 3009 // parameters with |X509_STORE_CTX_get0_param|, and call |X509_verify_cert|. 3010 3011 // X509_STORE_CTX_new returns a newly-allocated, empty |X509_STORE_CTX|, or NULL 3012 // on error. 3013 OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_new(void); 3014 3015 // X509_STORE_CTX_free releases memory associated with |ctx|. 3016 OPENSSL_EXPORT void X509_STORE_CTX_free(X509_STORE_CTX *ctx); 3017 3018 // X509_STORE_CTX_init initializes |ctx| to verify |x509|, using trusted 3019 // certificates and parameters in |store|. It returns one on success and zero on 3020 // error. |chain| is a list of untrusted intermediate certificates to use in 3021 // verification. 3022 // 3023 // |ctx| stores pointers to |store|, |x509|, and |chain|. Each of these objects 3024 // must outlive |ctx| and may not be mutated for the duration of the certificate 3025 // verification. 3026 OPENSSL_EXPORT int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, 3027 X509 *x509, STACK_OF(X509) *chain); 3028 3029 // X509_verify_cert performs certifice verification with |ctx|, which must have 3030 // been initialized with |X509_STORE_CTX_init|. It returns one on success and 3031 // zero on error. On success, |X509_STORE_CTX_get0_chain| or 3032 // |X509_STORE_CTX_get1_chain| may be used to return the verified certificate 3033 // chain. On error, |X509_STORE_CTX_get_error| may be used to return additional 3034 // error information. 3035 // 3036 // WARNING: Most failure conditions from this function do not use the error 3037 // queue. Use |X509_STORE_CTX_get_error| to determine the cause of the error. 3038 OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx); 3039 3040 // X509_STORE_CTX_get0_chain, after a successful |X509_verify_cert| call, 3041 // returns the verified certificate chain. The chain begins with the leaf and 3042 // ends with trust anchor. 3043 // 3044 // At other points, such as after a failed verification or during the deprecated 3045 // verification callback, it returns the partial chain built so far. Callers 3046 // should avoid relying on this as this exposes unstable library implementation 3047 // details. 3048 OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get0_chain( 3049 const X509_STORE_CTX *ctx); 3050 3051 // X509_STORE_CTX_get1_chain behaves like |X509_STORE_CTX_get0_chain| but 3052 // returns a newly-allocated |STACK_OF(X509)| containing the completed chain, 3053 // with each certificate's reference count incremented. Callers must free the 3054 // result with |sk_X509_pop_free| and |X509_free| when done. 3055 OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get1_chain( 3056 const X509_STORE_CTX *ctx); 3057 3058 // The following values are possible outputs of |X509_STORE_CTX_get_error|. 3059 #define X509_V_OK 0 3060 #define X509_V_ERR_UNSPECIFIED 1 3061 #define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 3062 #define X509_V_ERR_UNABLE_TO_GET_CRL 3 3063 #define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 3064 #define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 3065 #define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 3066 #define X509_V_ERR_CERT_SIGNATURE_FAILURE 7 3067 #define X509_V_ERR_CRL_SIGNATURE_FAILURE 8 3068 #define X509_V_ERR_CERT_NOT_YET_VALID 9 3069 #define X509_V_ERR_CERT_HAS_EXPIRED 10 3070 #define X509_V_ERR_CRL_NOT_YET_VALID 11 3071 #define X509_V_ERR_CRL_HAS_EXPIRED 12 3072 #define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 3073 #define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 3074 #define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 3075 #define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16 3076 #define X509_V_ERR_OUT_OF_MEM 17 3077 #define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18 3078 #define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19 3079 #define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20 3080 #define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21 3081 #define X509_V_ERR_CERT_CHAIN_TOO_LONG 22 3082 #define X509_V_ERR_CERT_REVOKED 23 3083 #define X509_V_ERR_INVALID_CA 24 3084 #define X509_V_ERR_PATH_LENGTH_EXCEEDED 25 3085 #define X509_V_ERR_INVALID_PURPOSE 26 3086 #define X509_V_ERR_CERT_UNTRUSTED 27 3087 #define X509_V_ERR_CERT_REJECTED 28 3088 #define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29 3089 #define X509_V_ERR_AKID_SKID_MISMATCH 30 3090 #define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31 3091 #define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32 3092 #define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33 3093 #define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34 3094 #define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35 3095 #define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36 3096 #define X509_V_ERR_INVALID_NON_CA 37 3097 #define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38 3098 #define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 3099 #define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 3100 #define X509_V_ERR_INVALID_EXTENSION 41 3101 #define X509_V_ERR_INVALID_POLICY_EXTENSION 42 3102 #define X509_V_ERR_NO_EXPLICIT_POLICY 43 3103 #define X509_V_ERR_DIFFERENT_CRL_SCOPE 44 3104 #define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45 3105 #define X509_V_ERR_UNNESTED_RESOURCE 46 3106 #define X509_V_ERR_PERMITTED_VIOLATION 47 3107 #define X509_V_ERR_EXCLUDED_VIOLATION 48 3108 #define X509_V_ERR_SUBTREE_MINMAX 49 3109 #define X509_V_ERR_APPLICATION_VERIFICATION 50 3110 #define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51 3111 #define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52 3112 #define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53 3113 #define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54 3114 #define X509_V_ERR_HOSTNAME_MISMATCH 62 3115 #define X509_V_ERR_EMAIL_MISMATCH 63 3116 #define X509_V_ERR_IP_ADDRESS_MISMATCH 64 3117 #define X509_V_ERR_INVALID_CALL 65 3118 #define X509_V_ERR_STORE_LOOKUP 66 3119 #define X509_V_ERR_NAME_CONSTRAINTS_WITHOUT_SANS 67 3120 3121 // X509_STORE_CTX_get_error, after |X509_verify_cert| returns, returns 3122 // |X509_V_OK| if verification succeeded or an |X509_V_ERR_*| describing why 3123 // verification failed. This will be consistent with |X509_verify_cert|'s return 3124 // value, unless the caller used the deprecated verification callback (see 3125 // |X509_STORE_CTX_set_verify_cb|) in a way that breaks |ctx|'s invariants. 3126 // 3127 // If called during the deprecated verification callback when |ok| is zero, it 3128 // returns the current error under consideration. 3129 OPENSSL_EXPORT int X509_STORE_CTX_get_error(const X509_STORE_CTX *ctx); 3130 3131 // X509_STORE_CTX_set_error sets |ctx|'s error to |err|, which should be 3132 // |X509_V_OK| or an |X509_V_ERR_*| constant. It is not expected to be called in 3133 // typical |X509_STORE_CTX| usage, but may be used in callback APIs where 3134 // applications synthesize |X509_STORE_CTX| error conditions. See also 3135 // |X509_STORE_CTX_set_verify_cb| and |SSL_CTX_set_cert_verify_callback|. 3136 OPENSSL_EXPORT void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err); 3137 3138 // X509_verify_cert_error_string returns |err| as a human-readable string, where 3139 // |err| should be one of the |X509_V_*| values. If |err| is unknown, it returns 3140 // a default description. 3141 OPENSSL_EXPORT const char *X509_verify_cert_error_string(long err); 3142 3143 // X509_STORE_CTX_get_error_depth returns the depth at which the error returned 3144 // by |X509_STORE_CTX_get_error| occured. This is zero-indexed integer into the 3145 // certificate chain. Zero indicates the target certificate, one its issuer, and 3146 // so on. 3147 OPENSSL_EXPORT int X509_STORE_CTX_get_error_depth(const X509_STORE_CTX *ctx); 3148 3149 // X509_STORE_CTX_get_current_cert returns the certificate which caused the 3150 // error returned by |X509_STORE_CTX_get_error|. 3151 OPENSSL_EXPORT X509 *X509_STORE_CTX_get_current_cert(const X509_STORE_CTX *ctx); 3152 3153 // X509_STORE_CTX_get0_current_crl returns the CRL which caused the error 3154 // returned by |X509_STORE_CTX_get_error|. 3155 OPENSSL_EXPORT X509_CRL *X509_STORE_CTX_get0_current_crl( 3156 const X509_STORE_CTX *ctx); 3157 3158 // X509_STORE_CTX_get0_store returns the |X509_STORE| that |ctx| uses. 3159 OPENSSL_EXPORT X509_STORE *X509_STORE_CTX_get0_store(const X509_STORE_CTX *ctx); 3160 3161 // X509_STORE_CTX_get0_cert returns the leaf certificate that |ctx| is 3162 // verifying. 3163 OPENSSL_EXPORT X509 *X509_STORE_CTX_get0_cert(const X509_STORE_CTX *ctx); 3164 3165 // X509_STORE_CTX_get0_untrusted returns the stack of untrusted intermediates 3166 // used by |ctx| for certificate verification. 3167 OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get0_untrusted( 3168 const X509_STORE_CTX *ctx); 3169 3170 // X509_STORE_CTX_set0_trusted_stack configures |ctx| to trust the certificates 3171 // in |sk|. |sk| must remain valid for the duration of |ctx|. Calling this 3172 // function causes |ctx| to ignore any certificates configured in the 3173 // |X509_STORE|. Certificates in |sk| are still subject to the check described 3174 // in |X509_VERIFY_PARAM_set_trust|. 3175 // 3176 // WARNING: This function differs from most |set0| functions in that it does not 3177 // take ownership of its input. The caller is required to ensure the lifetimes 3178 // are consistent. 3179 OPENSSL_EXPORT void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, 3180 STACK_OF(X509) *sk); 3181 3182 // X509_STORE_CTX_set0_crls configures |ctx| to consider the CRLs in |sk| as 3183 // candidates for CRL lookup. |sk| must remain valid for the duration of |ctx|. 3184 // These CRLs are considered in addition to CRLs found in |X509_STORE|. 3185 // 3186 // WARNING: This function differs from most |set0| functions in that it does not 3187 // take ownership of its input. The caller is required to ensure the lifetimes 3188 // are consistent. 3189 OPENSSL_EXPORT void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, 3190 STACK_OF(X509_CRL) *sk); 3191 3192 // X509_STORE_CTX_set_default looks up the set of parameters named |name| and 3193 // applies those default verification parameters for |ctx|. As in 3194 // |X509_VERIFY_PARAM_inherit|, only unset parameters are changed. This function 3195 // returns one on success and zero on error. 3196 // 3197 // The supported values of |name| are: 3198 // - "default" is an internal value which configures some late defaults. See the 3199 // discussion in |X509_STORE_get0_param|. 3200 // - "pkcs7" configures default trust and purpose checks for PKCS#7 signatures. 3201 // - "smime_sign" configures trust and purpose checks for S/MIME signatures. 3202 // - "ssl_client" configures trust and purpose checks for TLS clients. 3203 // - "ssl_server" configures trust and purpose checks for TLS servers. 3204 // 3205 // TODO(crbug.com/boringssl/441): Make "default" a no-op. 3206 OPENSSL_EXPORT int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, 3207 const char *name); 3208 3209 // X509_STORE_CTX_get0_param returns |ctx|'s verification parameters. This 3210 // object is mutable and may be modified by the caller. 3211 OPENSSL_EXPORT X509_VERIFY_PARAM *X509_STORE_CTX_get0_param( 3212 X509_STORE_CTX *ctx); 3213 3214 // X509_STORE_CTX_set0_param returns |ctx|'s verification parameters to |param| 3215 // and takes ownership of |param|. After this function returns, the caller 3216 // should not free |param|. 3217 // 3218 // WARNING: This function discards any values which were previously applied in 3219 // |ctx|, including the "default" parameters applied late in 3220 // |X509_STORE_CTX_init|. These late defaults are not applied to parameters 3221 // created standalone by |X509_VERIFY_PARAM_new|. 3222 // 3223 // TODO(crbug.com/boringssl/441): This behavior is very surprising. Should we 3224 // re-apply the late defaults in |param|, or somehow avoid this notion of late 3225 // defaults altogether? 3226 OPENSSL_EXPORT void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, 3227 X509_VERIFY_PARAM *param); 3228 3229 // X509_STORE_CTX_set_flags enables all values in |flags| in |ctx|'s 3230 // verification flags. |flags| should be a combination of |X509_V_FLAG_*| 3231 // constants. 3232 OPENSSL_EXPORT void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, 3233 unsigned long flags); 3234 3235 // X509_STORE_CTX_set_time configures certificate verification to use |t| 3236 // instead of the current time. |flags| is ignored and should be zero. 3237 OPENSSL_EXPORT void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, 3238 unsigned long flags, time_t t); 3239 3240 // X509_STORE_CTX_set_time_posix configures certificate verification to use |t| 3241 // instead of the current time. |t| is interpreted as a POSIX timestamp in 3242 // seconds. |flags| is ignored and should be zero. 3243 OPENSSL_EXPORT void X509_STORE_CTX_set_time_posix(X509_STORE_CTX *ctx, 3244 unsigned long flags, 3245 int64_t t); 3246 3247 // X509_STORE_CTX_set_depth configures |ctx| to, by default, limit certificate 3248 // chains to |depth| intermediate certificates. This count excludes both the 3249 // target certificate and the trust anchor (root certificate). 3250 OPENSSL_EXPORT void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); 3251 3252 // X509_STORE_CTX_set_purpose simultaneously configures |ctx|'s purpose and 3253 // trust checks, if unset. It returns one on success and zero if |purpose| is 3254 // not a valid purpose value. |purpose| should be an |X509_PURPOSE_*| constant. 3255 // If so, it configures |ctx| with a purpose check of |purpose| and a trust 3256 // check of |purpose|'s corresponding trust value. If either the purpose or 3257 // trust check had already been specified for |ctx|, that corresponding 3258 // modification is silently dropped. 3259 // 3260 // See |X509_VERIFY_PARAM_set_purpose| and |X509_VERIFY_PARAM_set_trust| for 3261 // details on the purpose and trust checks, respectively. 3262 // 3263 // If |purpose| is |X509_PURPOSE_ANY|, this function returns an error because it 3264 // has no corresponding |X509_TRUST_*| value. It is not possible to set 3265 // |X509_PURPOSE_ANY| with this function, only |X509_VERIFY_PARAM_set_purpose|. 3266 // 3267 // WARNING: Unlike similarly named functions in this header, this function 3268 // silently does not behave the same as |X509_VERIFY_PARAM_set_purpose|. Callers 3269 // may use |X509_VERIFY_PARAM_set_purpose| with |X509_STORE_CTX_get0_param| to 3270 // avoid this difference. 3271 OPENSSL_EXPORT int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); 3272 3273 // X509_STORE_CTX_set_trust configures |ctx|'s trust check, if unset. It returns 3274 // one on success and zero if |trust| is not a valid trust value. |trust| should 3275 // be an |X509_TRUST_*| constant. If so, it configures |ctx| with a trust check 3276 // of |trust|. If the trust check had already been specified for |ctx|, it 3277 // silently does nothing. 3278 // 3279 // See |X509_VERIFY_PARAM_set_trust| for details on the purpose and trust check. 3280 // 3281 // WARNING: Unlike similarly named functions in this header, this function 3282 // does not behave the same as |X509_VERIFY_PARAM_set_trust|. Callers may use 3283 // |X509_VERIFY_PARAM_set_trust| with |X509_STORE_CTX_get0_param| to avoid this 3284 // difference. 3285 OPENSSL_EXPORT int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); 3286 3287 3288 // Verification parameters. 3289 // 3290 // An |X509_VERIFY_PARAM| contains a set of parameters for certificate 3291 // verification. 3292 3293 // X509_VERIFY_PARAM_new returns a newly-allocated |X509_VERIFY_PARAM|, or NULL 3294 // on error. 3295 OPENSSL_EXPORT X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void); 3296 3297 // X509_VERIFY_PARAM_free releases memory associated with |param|. 3298 OPENSSL_EXPORT void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param); 3299 3300 // X509_VERIFY_PARAM_inherit applies |from| as the default values for |to|. That 3301 // is, for each parameter that is unset in |to|, it copies the value in |from|. 3302 // This function returns one on success and zero on error. 3303 OPENSSL_EXPORT int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to, 3304 const X509_VERIFY_PARAM *from); 3305 3306 // X509_VERIFY_PARAM_set1 copies parameters from |from| to |to|. If a parameter 3307 // is unset in |from|, the existing value in |to| is preserved. This function 3308 // returns one on success and zero on error. 3309 OPENSSL_EXPORT int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, 3310 const X509_VERIFY_PARAM *from); 3311 3312 // X509_V_FLAG_* are flags for |X509_VERIFY_PARAM_set_flags| and 3313 // |X509_VERIFY_PARAM_clear_flags|. 3314 3315 // X509_V_FLAG_CB_ISSUER_CHECK causes the deprecated verify callback (see 3316 // |X509_STORE_CTX_set_verify_cb|) to be called for errors while matching 3317 // subject and issuer certificates. 3318 #define X509_V_FLAG_CB_ISSUER_CHECK 0x1 3319 // X509_V_FLAG_USE_CHECK_TIME is an internal flag used to track whether 3320 // |X509_STORE_CTX_set_time| has been used. If cleared, the system time is 3321 // restored. 3322 #define X509_V_FLAG_USE_CHECK_TIME 0x2 3323 // X509_V_FLAG_CRL_CHECK enables CRL lookup and checking for the leaf. 3324 #define X509_V_FLAG_CRL_CHECK 0x4 3325 // X509_V_FLAG_CRL_CHECK_ALL enables CRL lookup and checking for the entire 3326 // certificate chain. |X509_V_FLAG_CRL_CHECK| must be set for this flag to take 3327 // effect. 3328 #define X509_V_FLAG_CRL_CHECK_ALL 0x8 3329 // X509_V_FLAG_IGNORE_CRITICAL ignores unhandled critical extensions. Do not use 3330 // this option. Critical extensions ensure the verifier does not bypass 3331 // unrecognized security restrictions in certificates. 3332 #define X509_V_FLAG_IGNORE_CRITICAL 0x10 3333 // X509_V_FLAG_X509_STRICT does nothing. Its functionality has been enabled by 3334 // default. 3335 #define X509_V_FLAG_X509_STRICT 0x00 3336 // X509_V_FLAG_ALLOW_PROXY_CERTS does nothing. Proxy certificate support has 3337 // been removed. 3338 #define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40 3339 // X509_V_FLAG_POLICY_CHECK does nothing. Policy checking is always enabled. 3340 #define X509_V_FLAG_POLICY_CHECK 0x80 3341 // X509_V_FLAG_EXPLICIT_POLICY requires some policy OID to be asserted by the 3342 // final certificate chain. See initial-explicit-policy from RFC 5280, 3343 // section 6.1.1. 3344 #define X509_V_FLAG_EXPLICIT_POLICY 0x100 3345 // X509_V_FLAG_INHIBIT_ANY inhibits the anyPolicy OID. See 3346 // initial-any-policy-inhibit from RFC 5280, section 6.1.1. 3347 #define X509_V_FLAG_INHIBIT_ANY 0x200 3348 // X509_V_FLAG_INHIBIT_MAP inhibits policy mapping. See 3349 // initial-policy-mapping-inhibit from RFC 5280, section 6.1.1. 3350 #define X509_V_FLAG_INHIBIT_MAP 0x400 3351 // X509_V_FLAG_NOTIFY_POLICY does nothing. Its functionality has been removed. 3352 #define X509_V_FLAG_NOTIFY_POLICY 0x800 3353 // X509_V_FLAG_EXTENDED_CRL_SUPPORT causes all verifications to fail. Extended 3354 // CRL features have been removed. 3355 #define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000 3356 // X509_V_FLAG_USE_DELTAS causes all verifications to fail. Delta CRL support 3357 // has been removed. 3358 #define X509_V_FLAG_USE_DELTAS 0x2000 3359 // X509_V_FLAG_CHECK_SS_SIGNATURE checks the redundant signature on self-signed 3360 // trust anchors. This check provides no security benefit and only wastes CPU. 3361 #define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000 3362 // X509_V_FLAG_TRUSTED_FIRST, during path-building, checks for a match in the 3363 // trust store before considering an untrusted intermediate. This flag is 3364 // enabled by default. 3365 #define X509_V_FLAG_TRUSTED_FIRST 0x8000 3366 // X509_V_FLAG_PARTIAL_CHAIN treats all trusted certificates as trust anchors, 3367 // independent of the |X509_VERIFY_PARAM_set_trust| setting. 3368 #define X509_V_FLAG_PARTIAL_CHAIN 0x80000 3369 // X509_V_FLAG_NO_ALT_CHAINS disables building alternative chains if the initial 3370 // one was rejected. 3371 #define X509_V_FLAG_NO_ALT_CHAINS 0x100000 3372 // X509_V_FLAG_NO_CHECK_TIME disables all time checks in certificate 3373 // verification. 3374 #define X509_V_FLAG_NO_CHECK_TIME 0x200000 3375 3376 // X509_VERIFY_PARAM_set_flags enables all values in |flags| in |param|'s 3377 // verification flags and returns one. |flags| should be a combination of 3378 // |X509_V_FLAG_*| constants. 3379 OPENSSL_EXPORT int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, 3380 unsigned long flags); 3381 3382 // X509_VERIFY_PARAM_clear_flags disables all values in |flags| in |param|'s 3383 // verification flags and returns one. |flags| should be a combination of 3384 // |X509_V_FLAG_*| constants. 3385 OPENSSL_EXPORT int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, 3386 unsigned long flags); 3387 3388 // X509_VERIFY_PARAM_get_flags returns |param|'s verification flags. 3389 OPENSSL_EXPORT unsigned long X509_VERIFY_PARAM_get_flags( 3390 const X509_VERIFY_PARAM *param); 3391 3392 // X509_VERIFY_PARAM_set_depth configures |param| to limit certificate chains to 3393 // |depth| intermediate certificates. This count excludes both the target 3394 // certificate and the trust anchor (root certificate). 3395 OPENSSL_EXPORT void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, 3396 int depth); 3397 3398 // X509_VERIFY_PARAM_get_depth returns the maximum depth configured in |param|. 3399 // See |X509_VERIFY_PARAM_set_depth|. 3400 OPENSSL_EXPORT int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param); 3401 3402 // X509_VERIFY_PARAM_set_time configures certificate verification to use |t| 3403 // instead of the current time. 3404 OPENSSL_EXPORT void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, 3405 time_t t); 3406 3407 // X509_VERIFY_PARAM_set_time_posix configures certificate verification to use 3408 // |t| instead of the current time. |t| is interpreted as a POSIX timestamp in 3409 // seconds. 3410 OPENSSL_EXPORT void X509_VERIFY_PARAM_set_time_posix(X509_VERIFY_PARAM *param, 3411 int64_t t); 3412 3413 // X509_VERIFY_PARAM_add0_policy adds |policy| to the user-initial-policy-set 3414 // (see Section 6.1.1 of RFC 5280). On success, it takes ownership of 3415 // |policy| and returns one. Otherwise, it returns zero and the caller retains 3416 // owneship of |policy|. 3417 OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, 3418 ASN1_OBJECT *policy); 3419 3420 // X509_VERIFY_PARAM_set1_policies sets the user-initial-policy-set (see 3421 // Section 6.1.1 of RFC 5280) to a copy of |policies|. It returns one on success 3422 // and zero on error. 3423 OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_policies( 3424 X509_VERIFY_PARAM *param, const STACK_OF(ASN1_OBJECT) *policies); 3425 3426 // X509_VERIFY_PARAM_set1_host configures |param| to check for the DNS name 3427 // specified by |name|. It returns one on success and zero on error. 3428 // 3429 // By default, both subject alternative names and the subject's common name 3430 // attribute are checked. The latter has long been deprecated, so callers should 3431 // call |X509_VERIFY_PARAM_set_hostflags| with 3432 // |X509_CHECK_FLAG_NEVER_CHECK_SUBJECT| to use the standard behavior. 3433 // https://crbug.com/boringssl/464 tracks fixing the default. 3434 OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, 3435 const char *name, 3436 size_t name_len); 3437 3438 // X509_VERIFY_PARAM_add1_host adds |name| to the list of names checked by 3439 // |param|. If any configured DNS name matches the certificate, verification 3440 // succeeds. It returns one on success and zero on error. 3441 // 3442 // By default, both subject alternative names and the subject's common name 3443 // attribute are checked. The latter has long been deprecated, so callers should 3444 // call |X509_VERIFY_PARAM_set_hostflags| with 3445 // |X509_CHECK_FLAG_NEVER_CHECK_SUBJECT| to use the standard behavior. 3446 // https://crbug.com/boringssl/464 tracks fixing the default. 3447 OPENSSL_EXPORT int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, 3448 const char *name, 3449 size_t name_len); 3450 3451 // X509_CHECK_FLAG_NO_WILDCARDS disables wildcard matching for DNS names. 3452 #define X509_CHECK_FLAG_NO_WILDCARDS 0x2 3453 3454 // X509_CHECK_FLAG_NEVER_CHECK_SUBJECT disables the subject fallback, normally 3455 // enabled when subjectAltNames is missing. 3456 #define X509_CHECK_FLAG_NEVER_CHECK_SUBJECT 0x20 3457 3458 // X509_VERIFY_PARAM_set_hostflags sets the name-checking flags on |param| to 3459 // |flags|. |flags| should be a combination of |X509_CHECK_FLAG_*| constants. 3460 OPENSSL_EXPORT void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, 3461 unsigned int flags); 3462 3463 // X509_VERIFY_PARAM_set1_email configures |param| to check for the email 3464 // address specified by |email|. It returns one on success and zero on error. 3465 // 3466 // By default, both subject alternative names and the subject's email address 3467 // attribute are checked. The |X509_CHECK_FLAG_NEVER_CHECK_SUBJECT| flag may be 3468 // used to change this behavior. 3469 OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, 3470 const char *email, 3471 size_t email_len); 3472 3473 // X509_VERIFY_PARAM_set1_ip configures |param| to check for the IP address 3474 // specified by |ip|. It returns one on success and zero on error. The IP 3475 // address is specified in its binary representation. |ip_len| must be 4 for an 3476 // IPv4 address and 16 for an IPv6 address. 3477 OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, 3478 const uint8_t *ip, size_t ip_len); 3479 3480 // X509_VERIFY_PARAM_set1_ip_asc decodes |ipasc| as the ASCII representation of 3481 // an IPv4 or IPv6 address, and configures |param| to check for it. It returns 3482 // one on success and zero on error. 3483 OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, 3484 const char *ipasc); 3485 3486 // X509_PURPOSE_SSL_CLIENT validates TLS client certificates. It checks for the 3487 // id-kp-clientAuth EKU and one of digitalSignature or keyAgreement key usages. 3488 // The TLS library is expected to check for the key usage specific to the 3489 // negotiated TLS parameters. 3490 #define X509_PURPOSE_SSL_CLIENT 1 3491 // X509_PURPOSE_SSL_SERVER validates TLS server certificates. It checks for the 3492 // id-kp-clientAuth EKU and one of digitalSignature, keyAgreement, or 3493 // keyEncipherment key usages. The TLS library is expected to check for the key 3494 // usage specific to the negotiated TLS parameters. 3495 #define X509_PURPOSE_SSL_SERVER 2 3496 // X509_PURPOSE_NS_SSL_SERVER is a legacy mode. It behaves like 3497 // |X509_PURPOSE_SSL_SERVER|, but only accepts the keyEncipherment key usage, 3498 // used by SSL 2.0 and RSA key exchange. Do not use this. 3499 #define X509_PURPOSE_NS_SSL_SERVER 3 3500 // X509_PURPOSE_SMIME_SIGN validates S/MIME signing certificates. It checks for 3501 // the id-kp-emailProtection EKU and one of digitalSignature or nonRepudiation 3502 // key usages. 3503 #define X509_PURPOSE_SMIME_SIGN 4 3504 // X509_PURPOSE_SMIME_ENCRYPT validates S/MIME encryption certificates. It 3505 // checks for the id-kp-emailProtection EKU and keyEncipherment key usage. 3506 #define X509_PURPOSE_SMIME_ENCRYPT 5 3507 // X509_PURPOSE_CRL_SIGN validates indirect CRL signers. It checks for the 3508 // cRLSign key usage. BoringSSL does not support indirect CRLs and does not use 3509 // this mode. 3510 #define X509_PURPOSE_CRL_SIGN 6 3511 // X509_PURPOSE_ANY performs no EKU or key usage checks. Such checks are the 3512 // responsibility of the caller. 3513 #define X509_PURPOSE_ANY 7 3514 // X509_PURPOSE_OCSP_HELPER performs no EKU or key usage checks. It was 3515 // historically used in OpenSSL's OCSP implementation, which left those checks 3516 // to the OCSP implementation itself. 3517 #define X509_PURPOSE_OCSP_HELPER 8 3518 // X509_PURPOSE_TIMESTAMP_SIGN validates Time Stamping Authority (RFC 3161) 3519 // certificates. It checks for the id-kp-timeStamping EKU and one of 3520 // digitalSignature or nonRepudiation key usages. It additionally checks that 3521 // the EKU extension is critical and that no other EKUs or key usages are 3522 // asserted. 3523 #define X509_PURPOSE_TIMESTAMP_SIGN 9 3524 3525 // X509_VERIFY_PARAM_set_purpose configures |param| to validate certificates for 3526 // a specified purpose. It returns one on success and zero if |purpose| is not a 3527 // valid purpose type. |purpose| should be one of the |X509_PURPOSE_*| values. 3528 // 3529 // This option controls checking the extended key usage (EKU) and key usage 3530 // extensions. These extensions specify how a certificate's public key may be 3531 // used and are important to avoid cross-protocol attacks, particularly in PKIs 3532 // that may issue certificates for multiple protocols, or for protocols that use 3533 // keys in multiple ways. If not configured, these security checks are the 3534 // caller's responsibility. 3535 // 3536 // This library applies the EKU checks to all untrusted intermediates. Although 3537 // not defined in RFC 5280, this matches widely-deployed practice. It also does 3538 // not accept anyExtendedKeyUsage. 3539 // 3540 // Many purpose values have a corresponding trust value, which is not configured 3541 // by this function. See |X509_VERIFY_PARAM_set_trust| for details. Callers 3542 // that wish to configure both should either call both functions, or use 3543 // |X509_STORE_CTX_set_purpose|. 3544 // 3545 // It is currently not possible to configure custom EKU OIDs or key usage bits. 3546 // Contact the BoringSSL maintainers if your application needs to do so. OpenSSL 3547 // had an |X509_PURPOSE_add| API, but it was not thread-safe and relied on 3548 // global mutable state, so we removed it. 3549 // 3550 // TODO(davidben): This function additionally configures checking the legacy 3551 // Netscape certificate type extension. Remove this. 3552 OPENSSL_EXPORT int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, 3553 int purpose); 3554 3555 // X509_TRUST_COMPAT evaluates trust using only the self-signed fallback. Trust 3556 // and distrust OIDs are ignored. 3557 #define X509_TRUST_COMPAT 1 3558 // X509_TRUST_SSL_CLIENT evaluates trust with the |NID_client_auth| OID, for 3559 // validating TLS client certificates. 3560 #define X509_TRUST_SSL_CLIENT 2 3561 // X509_TRUST_SSL_SERVER evaluates trust with the |NID_server_auth| OID, for 3562 // validating TLS server certificates. 3563 #define X509_TRUST_SSL_SERVER 3 3564 // X509_TRUST_EMAIL evaluates trust with the |NID_email_protect| OID, for 3565 // validating S/MIME email certificates. 3566 #define X509_TRUST_EMAIL 4 3567 // X509_TRUST_OBJECT_SIGN evaluates trust with the |NID_code_sign| OID, for 3568 // validating code signing certificates. 3569 #define X509_TRUST_OBJECT_SIGN 5 3570 // X509_TRUST_TSA evaluates trust with the |NID_time_stamp| OID, for validating 3571 // Time Stamping Authority (RFC 3161) certificates. 3572 #define X509_TRUST_TSA 8 3573 3574 // X509_VERIFY_PARAM_set_trust configures which certificates from |X509_STORE| 3575 // are trust anchors. It returns one on success and zero if |trust| is not a 3576 // valid trust value. |trust| should be one of the |X509_TRUST_*| constants. 3577 // This function allows applications to vary trust anchors when the same set of 3578 // trusted certificates is used in multiple contexts. 3579 // 3580 // Two properties determine whether a certificate is a trust anchor: 3581 // 3582 // - Whether it is trusted or distrusted for some OID, via auxiliary information 3583 // configured by |X509_add1_trust_object| or |X509_add1_reject_object|. 3584 // 3585 // - Whether it is "self-signed". That is, whether |X509_get_extension_flags| 3586 // includes |EXFLAG_SS|. The signature itself is not checked. 3587 // 3588 // When this function is called, |trust| determines the OID to check in the 3589 // first case. If the certificate is not explicitly trusted or distrusted for 3590 // any OID, it is trusted if self-signed instead. 3591 // 3592 // If unset, the default behavior is to check for the |NID_anyExtendedKeyUsage| 3593 // OID. If the certificate is not explicitly trusted or distrusted for this OID, 3594 // it is trusted if self-signed instead. Note this slightly differs from the 3595 // above. 3596 // 3597 // If the |X509_V_FLAG_PARTIAL_CHAIN| is set, every certificate from 3598 // |X509_STORE| is a trust anchor, unless it was explicitly distrusted for the 3599 // OID. 3600 // 3601 // It is currently not possible to configure custom trust OIDs. Contact the 3602 // BoringSSL maintainers if your application needs to do so. OpenSSL had an 3603 // |X509_TRUST_add| API, but it was not thread-safe and relied on global mutable 3604 // state, so we removed it. 3605 OPENSSL_EXPORT int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, 3606 int trust); 3607 3608 3609 // Filesystem-based certificate stores. 3610 // 3611 // An |X509_STORE| may be configured to get its contents from the filesystem. 3612 // This is done by adding |X509_LOOKUP| structures to the |X509_STORE| with 3613 // |X509_STORE_add_lookup| and then configuring the |X509_LOOKUP| with paths. 3614 // 3615 // Most cases can use |X509_STORE_load_locations|, which configures the same 3616 // thing but is simpler to use. 3617 3618 // X509_STORE_load_locations configures |store| to load data from filepaths 3619 // |file| and |dir|. It returns one on success and zero on error. Either of 3620 // |file| or |dir| may be NULL, but at least one must be non-NULL. 3621 // 3622 // If |file| is non-NULL, it loads CRLs and trusted certificates in PEM format 3623 // from the file at |file|, and them to |store|, as in |X509_load_cert_crl_file| 3624 // with |X509_FILETYPE_PEM|. 3625 // 3626 // If |dir| is non-NULL, it configures |store| to load CRLs and trusted 3627 // certificates from the directory at |dir| in PEM format, as in 3628 // |X509_LOOKUP_add_dir| with |X509_FILETYPE_PEM|. 3629 OPENSSL_EXPORT int X509_STORE_load_locations(X509_STORE *store, 3630 const char *file, const char *dir); 3631 3632 // X509_STORE_add_lookup returns an |X509_LOOKUP| associated with |store| with 3633 // type |method|, or NULL on error. The result is owned by |store|, so callers 3634 // are not expected to free it. This may be used with |X509_LOOKUP_add_dir| or 3635 // |X509_LOOKUP_load_file|, depending on |method|, to configure |store|. 3636 // 3637 // A single |X509_LOOKUP| may be configured with multiple paths, and an 3638 // |X509_STORE| only contains one |X509_LOOKUP| of each type, so there is no 3639 // need to call this function multiple times for a single type. Calling it 3640 // multiple times will return the previous |X509_LOOKUP| of that type. 3641 OPENSSL_EXPORT X509_LOOKUP *X509_STORE_add_lookup( 3642 X509_STORE *store, const X509_LOOKUP_METHOD *method); 3643 3644 // X509_LOOKUP_hash_dir creates |X509_LOOKUP|s that may be used with 3645 // |X509_LOOKUP_add_dir|. 3646 OPENSSL_EXPORT const X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void); 3647 3648 // X509_LOOKUP_file creates |X509_LOOKUP|s that may be used with 3649 // |X509_LOOKUP_load_file|. 3650 // 3651 // Although this is modeled as an |X509_LOOKUP|, this function is redundant. It 3652 // has the same effect as loading a certificate or CRL from the filesystem, in 3653 // the caller's desired format, and then adding it with |X509_STORE_add_cert| 3654 // and |X509_STORE_add_crl|. 3655 OPENSSL_EXPORT const X509_LOOKUP_METHOD *X509_LOOKUP_file(void); 3656 3657 // The following constants are used to specify the format of files in an 3658 // |X509_LOOKUP|. 3659 #define X509_FILETYPE_PEM 1 3660 #define X509_FILETYPE_ASN1 2 3661 #define X509_FILETYPE_DEFAULT 3 3662 3663 // X509_LOOKUP_load_file calls |X509_load_cert_crl_file|. |lookup| must have 3664 // been constructed with |X509_LOOKUP_file|. 3665 // 3666 // If |type| is |X509_FILETYPE_DEFAULT|, it ignores |file| and instead uses some 3667 // default system path with |X509_FILETYPE_PEM|. See also 3668 // |X509_STORE_set_default_paths|. 3669 OPENSSL_EXPORT int X509_LOOKUP_load_file(X509_LOOKUP *lookup, const char *file, 3670 int type); 3671 3672 // X509_LOOKUP_add_dir configures |lookup| to load CRLs and trusted certificates 3673 // from the directories in |path|. It returns one on success and zero on error. 3674 // |lookup| must have been constructed with |X509_LOOKUP_hash_dir|. 3675 // 3676 // WARNING: |path| is interpreted as a colon-separated (semicolon-separated on 3677 // Windows) list of paths. It is not possible to configure a path containing the 3678 // separator character. https://crbug.com/boringssl/691 tracks removing this 3679 // behavior. 3680 // 3681 // |type| should be one of the |X509_FILETYPE_*| constants and determines the 3682 // format of the files. If |type| is |X509_FILETYPE_DEFAULT|, |path| is ignored 3683 // and some default system path is used with |X509_FILETYPE_PEM|. See also 3684 // |X509_STORE_set_default_paths|. 3685 // 3686 // Trusted certificates should be named HASH.N and CRLs should be 3687 // named HASH.rN. HASH is |X509_NAME_hash| of the certificate subject and CRL 3688 // issuer, respectively, in hexadecimal. N is in decimal and counts hash 3689 // collisions consecutively, starting from zero. For example, "002c0b4f.0" and 3690 // "002c0b4f.r0". 3691 // 3692 // WARNING: Objects from |path| are loaded on demand, but cached in memory on 3693 // the |X509_STORE|. If a CA is removed from the directory, existing 3694 // |X509_STORE|s will continue to trust it. Cache entries are not evicted for 3695 // the lifetime of the |X509_STORE|. 3696 // 3697 // WARNING: This mechanism is also not well-suited for CRL updates. 3698 // |X509_STORE|s rely on this cache and never load the same CRL file twice. CRL 3699 // updates must use a new file, with an incremented suffix, to be reflected in 3700 // existing |X509_STORE|s. However, this means each CRL update will use 3701 // additional storage and memory. Instead, configure inputs that vary per 3702 // verification, such as CRLs, on each |X509_STORE_CTX| separately, using 3703 // functions like |X509_STORE_CTX_set0_crl|. 3704 OPENSSL_EXPORT int X509_LOOKUP_add_dir(X509_LOOKUP *lookup, const char *path, 3705 int type); 3706 3707 // X509_L_* are commands for |X509_LOOKUP_ctrl|. 3708 #define X509_L_FILE_LOAD 1 3709 #define X509_L_ADD_DIR 2 3710 3711 // X509_LOOKUP_ctrl implements commands on |lookup|. |cmd| specifies the 3712 // command. The other arguments specify the operation in a command-specific way. 3713 // Use |X509_LOOKUP_load_file| or |X509_LOOKUP_add_dir| instead. 3714 OPENSSL_EXPORT int X509_LOOKUP_ctrl(X509_LOOKUP *lookup, int cmd, 3715 const char *argc, long argl, char **ret); 3716 3717 // X509_load_cert_file loads trusted certificates from |file| and adds them to 3718 // |lookup|'s |X509_STORE|. It returns one on success and zero on error. 3719 // 3720 // If |type| is |X509_FILETYPE_ASN1|, it loads a single DER-encoded certificate. 3721 // If |type| is |X509_FILETYPE_PEM|, it loads a sequence of PEM-encoded 3722 // certificates. |type| may not be |X509_FILETYPE_DEFAULT|. 3723 OPENSSL_EXPORT int X509_load_cert_file(X509_LOOKUP *lookup, const char *file, 3724 int type); 3725 3726 // X509_load_crl_file loads CRLs from |file| and add them it to |lookup|'s 3727 // |X509_STORE|. It returns one on success and zero on error. 3728 // 3729 // If |type| is |X509_FILETYPE_ASN1|, it loads a single DER-encoded CRL. If 3730 // |type| is |X509_FILETYPE_PEM|, it loads a sequence of PEM-encoded CRLs. 3731 // |type| may not be |X509_FILETYPE_DEFAULT|. 3732 OPENSSL_EXPORT int X509_load_crl_file(X509_LOOKUP *lookup, const char *file, 3733 int type); 3734 3735 // X509_load_cert_crl_file loads CRLs and trusted certificates from |file| and 3736 // adds them to |lookup|'s |X509_STORE|. It returns one on success and zero on 3737 // error. 3738 // 3739 // If |type| is |X509_FILETYPE_ASN1|, it loads a single DER-encoded certificate. 3740 // This function cannot be used to load a DER-encoded CRL. If |type| is 3741 // |X509_FILETYPE_PEM|, it loads a sequence of PEM-encoded certificates and 3742 // CRLs. |type| may not be |X509_FILETYPE_DEFAULT|. 3743 OPENSSL_EXPORT int X509_load_cert_crl_file(X509_LOOKUP *lookup, 3744 const char *file, int type); 3745 3746 // X509_NAME_hash returns a hash of |name|, or zero on error. This is the new 3747 // hash used by |X509_LOOKUP_add_dir|. 3748 // 3749 // This hash is specific to the |X509_LOOKUP_add_dir| filesystem format and is 3750 // not suitable for general-purpose X.509 name processing. It is very short, so 3751 // there will be hash collisions. It also depends on an OpenSSL-specific 3752 // canonicalization process. 3753 // 3754 // TODO(https://crbug.com/boringssl/407): This should be const and thread-safe 3755 // but currently is neither, notably if |name| was modified from its parsed 3756 // value. 3757 OPENSSL_EXPORT uint32_t X509_NAME_hash(X509_NAME *name); 3758 3759 // X509_NAME_hash_old returns a hash of |name|, or zero on error. This is the 3760 // legacy hash used by |X509_LOOKUP_add_dir|, which is still supported for 3761 // compatibility. 3762 // 3763 // This hash is specific to the |X509_LOOKUP_add_dir| filesystem format and is 3764 // not suitable for general-purpose X.509 name processing. It is very short, so 3765 // there will be hash collisions. 3766 // 3767 // TODO(https://crbug.com/boringssl/407): This should be const and thread-safe 3768 // but currently is neither, notably if |name| was modified from its parsed 3769 // value. 3770 OPENSSL_EXPORT uint32_t X509_NAME_hash_old(X509_NAME *name); 3771 3772 // X509_STORE_set_default_paths configures |store| to read from some "default" 3773 // filesystem paths. It returns one on success and zero on error. The filesystem 3774 // paths are determined by a combination of hardcoded paths and the SSL_CERT_DIR 3775 // and SSL_CERT_FILE environment variables. 3776 // 3777 // Using this function is not recommended. In OpenSSL, these defaults are 3778 // determined by OpenSSL's install prefix. There is no corresponding concept for 3779 // BoringSSL. Future versions of BoringSSL may change or remove this 3780 // functionality. 3781 OPENSSL_EXPORT int X509_STORE_set_default_paths(X509_STORE *store); 3782 3783 // The following functions return filesystem paths used to determine the above 3784 // "default" paths, when the corresponding environment variables are not set. 3785 // 3786 // Using these functions is not recommended. In OpenSSL, these defaults are 3787 // determined by OpenSSL's install prefix. There is no corresponding concept for 3788 // BoringSSL. Future versions of BoringSSL may change or remove this 3789 // functionality. 3790 OPENSSL_EXPORT const char *X509_get_default_cert_area(void); 3791 OPENSSL_EXPORT const char *X509_get_default_cert_dir(void); 3792 OPENSSL_EXPORT const char *X509_get_default_cert_file(void); 3793 OPENSSL_EXPORT const char *X509_get_default_private_dir(void); 3794 3795 // X509_get_default_cert_dir_env returns "SSL_CERT_DIR", an environment variable 3796 // used to determine the above "default" paths. 3797 OPENSSL_EXPORT const char *X509_get_default_cert_dir_env(void); 3798 3799 // X509_get_default_cert_file_env returns "SSL_CERT_FILE", an environment 3800 // variable used to determine the above "default" paths. 3801 OPENSSL_EXPORT const char *X509_get_default_cert_file_env(void); 3802 3803 3804 // SignedPublicKeyAndChallenge structures. 3805 // 3806 // The SignedPublicKeyAndChallenge (SPKAC) is a legacy structure to request 3807 // certificates, primarily in the legacy <keygen> HTML tag. An SPKAC structure 3808 // is represented by a |NETSCAPE_SPKI| structure. 3809 // 3810 // The structure is described in 3811 // https://developer.mozilla.org/en-US/docs/Web/HTML/Element/keygen 3812 3813 // A Netscape_spki_st, or |NETSCAPE_SPKI|, represents a 3814 // SignedPublicKeyAndChallenge structure. Although this structure contains a 3815 // |spkac| field of type |NETSCAPE_SPKAC|, these are misnamed. The SPKAC is the 3816 // entire structure, not the signed portion. 3817 struct Netscape_spki_st { 3818 NETSCAPE_SPKAC *spkac; 3819 X509_ALGOR *sig_algor; 3820 ASN1_BIT_STRING *signature; 3821 } /* NETSCAPE_SPKI */; 3822 3823 // NETSCAPE_SPKI_new returns a newly-allocated, empty |NETSCAPE_SPKI| object, or 3824 // NULL on error. 3825 OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_new(void); 3826 3827 // NETSCAPE_SPKI_free releases memory associated with |spki|. 3828 OPENSSL_EXPORT void NETSCAPE_SPKI_free(NETSCAPE_SPKI *spki); 3829 3830 // d2i_NETSCAPE_SPKI parses up to |len| bytes from |*inp| as a DER-encoded 3831 // SignedPublicKeyAndChallenge structure, as described in |d2i_SAMPLE|. 3832 OPENSSL_EXPORT NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **out, 3833 const uint8_t **inp, long len); 3834 3835 // i2d_NETSCAPE_SPKI marshals |spki| as a DER-encoded 3836 // SignedPublicKeyAndChallenge structure, as described in |i2d_SAMPLE|. 3837 OPENSSL_EXPORT int i2d_NETSCAPE_SPKI(const NETSCAPE_SPKI *spki, uint8_t **outp); 3838 3839 // NETSCAPE_SPKI_verify checks that |spki| has a valid signature by |pkey|. It 3840 // returns one if the signature is valid and zero otherwise. 3841 OPENSSL_EXPORT int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *spki, EVP_PKEY *pkey); 3842 3843 // NETSCAPE_SPKI_b64_decode decodes |len| bytes from |str| as a base64-encoded 3844 // SignedPublicKeyAndChallenge structure. It returns a newly-allocated 3845 // |NETSCAPE_SPKI| structure with the result, or NULL on error. If |len| is 0 or 3846 // negative, the length is calculated with |strlen| and |str| must be a 3847 // NUL-terminated C string. 3848 OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, 3849 ossl_ssize_t len); 3850 3851 // NETSCAPE_SPKI_b64_encode encodes |spki| as a base64-encoded 3852 // SignedPublicKeyAndChallenge structure. It returns a newly-allocated 3853 // NUL-terminated C string with the result, or NULL on error. The caller must 3854 // release the memory with |OPENSSL_free| when done. 3855 OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki); 3856 3857 // NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an 3858 // |EVP_PKEY|, or NULL on error. The caller takes ownership of the resulting 3859 // pointer and must call |EVP_PKEY_free| when done. 3860 OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(const NETSCAPE_SPKI *spki); 3861 3862 // NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one 3863 // on success or zero on error. This function does not take ownership of |pkey|, 3864 // so the caller may continue to manage its lifetime independently of |spki|. 3865 OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *spki, 3866 EVP_PKEY *pkey); 3867 3868 // NETSCAPE_SPKI_sign signs |spki| with |pkey| and replaces the signature 3869 // algorithm and signature fields. It returns the length of the signature on 3870 // success and zero on error. This function uses digest algorithm |md|, or 3871 // |pkey|'s default if NULL. Other signing parameters use |pkey|'s defaults. 3872 OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *spki, EVP_PKEY *pkey, 3873 const EVP_MD *md); 3874 3875 // A Netscape_spkac_st, or |NETSCAPE_SPKAC|, represents a PublicKeyAndChallenge 3876 // structure. This type is misnamed. The full SPKAC includes the signature, 3877 // which is represented with the |NETSCAPE_SPKI| type. 3878 struct Netscape_spkac_st { 3879 X509_PUBKEY *pubkey; 3880 ASN1_IA5STRING *challenge; 3881 } /* NETSCAPE_SPKAC */; 3882 3883 // NETSCAPE_SPKAC_new returns a newly-allocated, empty |NETSCAPE_SPKAC| object, 3884 // or NULL on error. 3885 OPENSSL_EXPORT NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void); 3886 3887 // NETSCAPE_SPKAC_free releases memory associated with |spkac|. 3888 OPENSSL_EXPORT void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *spkac); 3889 3890 // d2i_NETSCAPE_SPKAC parses up to |len| bytes from |*inp| as a DER-encoded 3891 // PublicKeyAndChallenge structure, as described in |d2i_SAMPLE|. 3892 OPENSSL_EXPORT NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **out, 3893 const uint8_t **inp, 3894 long len); 3895 3896 // i2d_NETSCAPE_SPKAC marshals |spkac| as a DER-encoded PublicKeyAndChallenge 3897 // structure, as described in |i2d_SAMPLE|. 3898 OPENSSL_EXPORT int i2d_NETSCAPE_SPKAC(const NETSCAPE_SPKAC *spkac, 3899 uint8_t **outp); 3900 3901 3902 // RSASSA-PSS Parameters. 3903 // 3904 // In X.509, RSASSA-PSS signatures and keys use a complex parameter structure, 3905 // defined in RFC 4055. The following functions are provided for compatibility 3906 // with some OpenSSL APIs relating to this. Use of RSASSA-PSS in X.509 is 3907 // discouraged. The parameters structure is very complex, and it takes more 3908 // bytes to merely encode parameters than an entire P-256 ECDSA signature. 3909 3910 // An rsa_pss_params_st, aka |RSA_PSS_PARAMS|, represents a parsed 3911 // RSASSA-PSS-params structure, as defined in (RFC 4055). 3912 struct rsa_pss_params_st { 3913 X509_ALGOR *hashAlgorithm; 3914 X509_ALGOR *maskGenAlgorithm; 3915 ASN1_INTEGER *saltLength; 3916 ASN1_INTEGER *trailerField; 3917 // OpenSSL caches the MGF hash on |RSA_PSS_PARAMS| in some cases. None of the 3918 // cases apply to BoringSSL, so this is always NULL, but Node expects the 3919 // field to be present. 3920 X509_ALGOR *maskHash; 3921 } /* RSA_PSS_PARAMS */; 3922 3923 // RSA_PSS_PARAMS is an |ASN1_ITEM| whose ASN.1 type is RSASSA-PSS-params (RFC 3924 // 4055) and C type is |RSA_PSS_PARAMS*|. 3925 DECLARE_ASN1_ITEM(RSA_PSS_PARAMS) 3926 3927 // RSA_PSS_PARAMS_new returns a new, empty |RSA_PSS_PARAMS|, or NULL on error. 3928 OPENSSL_EXPORT RSA_PSS_PARAMS *RSA_PSS_PARAMS_new(void); 3929 3930 // RSA_PSS_PARAMS_free releases memory associated with |params|. 3931 OPENSSL_EXPORT void RSA_PSS_PARAMS_free(RSA_PSS_PARAMS *params); 3932 3933 // d2i_RSA_PSS_PARAMS parses up to |len| bytes from |*inp| as a DER-encoded 3934 // RSASSA-PSS-params (RFC 4055), as described in |d2i_SAMPLE|. 3935 OPENSSL_EXPORT RSA_PSS_PARAMS *d2i_RSA_PSS_PARAMS(RSA_PSS_PARAMS **out, 3936 const uint8_t **inp, 3937 long len); 3938 3939 // i2d_RSA_PSS_PARAMS marshals |in| as a DER-encoded RSASSA-PSS-params (RFC 3940 // 4055), as described in |i2d_SAMPLE|. 3941 OPENSSL_EXPORT int i2d_RSA_PSS_PARAMS(const RSA_PSS_PARAMS *in, uint8_t **outp); 3942 3943 3944 // PKCS#8 private keys. 3945 // 3946 // The |PKCS8_PRIV_KEY_INFO| type represents a PKCS#8 PrivateKeyInfo (RFC 5208) 3947 // structure. This is analogous to SubjectPublicKeyInfo and uses the same 3948 // AlgorithmIdentifiers, but carries private keys and is not part of X.509 3949 // itself. 3950 // 3951 // TODO(davidben): Do these functions really belong in this header? 3952 3953 // PKCS8_PRIV_KEY_INFO_new returns a newly-allocated, empty 3954 // |PKCS8_PRIV_KEY_INFO| object, or NULL on error. 3955 OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void); 3956 3957 // PKCS8_PRIV_KEY_INFO_free releases memory associated with |key|. 3958 OPENSSL_EXPORT void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *key); 3959 3960 // d2i_PKCS8_PRIV_KEY_INFO parses up to |len| bytes from |*inp| as a DER-encoded 3961 // PrivateKeyInfo, as described in |d2i_SAMPLE|. 3962 OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO( 3963 PKCS8_PRIV_KEY_INFO **out, const uint8_t **inp, long len); 3964 3965 // i2d_PKCS8_PRIV_KEY_INFO marshals |key| as a DER-encoded PrivateKeyInfo, as 3966 // described in |i2d_SAMPLE|. 3967 OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO(const PKCS8_PRIV_KEY_INFO *key, 3968 uint8_t **outp); 3969 3970 // EVP_PKCS82PKEY returns |p8| as a newly-allocated |EVP_PKEY|, or NULL if the 3971 // key was unsupported or could not be decoded. The caller must release the 3972 // result with |EVP_PKEY_free| when done. 3973 // 3974 // Use |EVP_parse_private_key| instead. 3975 OPENSSL_EXPORT EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8); 3976 3977 // EVP_PKEY2PKCS8 encodes |pkey| as a PKCS#8 PrivateKeyInfo (RFC 5208), 3978 // represented as a newly-allocated |PKCS8_PRIV_KEY_INFO|, or NULL on error. The 3979 // caller must release the result with |PKCS8_PRIV_KEY_INFO_free| when done. 3980 // 3981 // Use |EVP_marshal_private_key| instead. 3982 OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey); 3983 3984 3985 // Algorithm and octet string pairs. 3986 // 3987 // The |X509_SIG| type represents an ASN.1 SEQUENCE type of an 3988 // AlgorithmIdentifier and an OCTET STRING. Although named |X509_SIG|, there is 3989 // no type in X.509 which matches this format. The two common types which do are 3990 // DigestInfo (RFC 2315 and RFC 8017), and EncryptedPrivateKeyInfo (RFC 5208). 3991 3992 // X509_SIG_new returns a newly-allocated, empty |X509_SIG| object, or NULL on 3993 // error. 3994 OPENSSL_EXPORT X509_SIG *X509_SIG_new(void); 3995 3996 // X509_SIG_free releases memory associated with |key|. 3997 OPENSSL_EXPORT void X509_SIG_free(X509_SIG *key); 3998 3999 // d2i_X509_SIG parses up to |len| bytes from |*inp| as a DER-encoded algorithm 4000 // and octet string pair, as described in |d2i_SAMPLE|. 4001 OPENSSL_EXPORT X509_SIG *d2i_X509_SIG(X509_SIG **out, const uint8_t **inp, 4002 long len); 4003 4004 // i2d_X509_SIG marshals |sig| as a DER-encoded algorithm 4005 // and octet string pair, as described in |i2d_SAMPLE|. 4006 OPENSSL_EXPORT int i2d_X509_SIG(const X509_SIG *sig, uint8_t **outp); 4007 4008 // X509_SIG_get0 sets |*out_alg| and |*out_digest| to non-owning pointers to 4009 // |sig|'s algorithm and digest fields, respectively. Either |out_alg| and 4010 // |out_digest| may be NULL to skip those fields. 4011 OPENSSL_EXPORT void X509_SIG_get0(const X509_SIG *sig, 4012 const X509_ALGOR **out_alg, 4013 const ASN1_OCTET_STRING **out_digest); 4014 4015 // X509_SIG_getm behaves like |X509_SIG_get0| but returns mutable pointers. 4016 OPENSSL_EXPORT void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **out_alg, 4017 ASN1_OCTET_STRING **out_digest); 4018 4019 4020 // Printing functions. 4021 // 4022 // The following functions output human-readable representations of 4023 // X.509-related structures. They should only be used for debugging or logging 4024 // and not parsed programmatically. In many cases, the outputs are ambiguous, so 4025 // attempting to parse them can lead to string injection vulnerabilities. 4026 4027 // The following flags control |X509_print_ex| and |X509_REQ_print_ex|. These 4028 // flags co-exist with |X509V3_EXT_*|, so avoid collisions when adding new ones. 4029 4030 // X509_FLAG_COMPAT disables all flags. It additionally causes names to be 4031 // printed with a 16-byte indent. 4032 #define X509_FLAG_COMPAT 0 4033 4034 // X509_FLAG_NO_HEADER skips a header identifying the type of object printed. 4035 #define X509_FLAG_NO_HEADER 1L 4036 4037 // X509_FLAG_NO_VERSION skips printing the X.509 version number. 4038 #define X509_FLAG_NO_VERSION (1L << 1) 4039 4040 // X509_FLAG_NO_SERIAL skips printing the serial number. It is ignored in 4041 // |X509_REQ_print_fp|. 4042 #define X509_FLAG_NO_SERIAL (1L << 2) 4043 4044 // X509_FLAG_NO_SIGNAME skips printing the signature algorithm in the 4045 // TBSCertificate. It is ignored in |X509_REQ_print_fp|. 4046 #define X509_FLAG_NO_SIGNAME (1L << 3) 4047 4048 // X509_FLAG_NO_ISSUER skips printing the issuer. 4049 #define X509_FLAG_NO_ISSUER (1L << 4) 4050 4051 // X509_FLAG_NO_VALIDITY skips printing the notBefore and notAfter times. It is 4052 // ignored in |X509_REQ_print_fp|. 4053 #define X509_FLAG_NO_VALIDITY (1L << 5) 4054 4055 // X509_FLAG_NO_SUBJECT skips printing the subject. 4056 #define X509_FLAG_NO_SUBJECT (1L << 6) 4057 4058 // X509_FLAG_NO_PUBKEY skips printing the public key. 4059 #define X509_FLAG_NO_PUBKEY (1L << 7) 4060 4061 // X509_FLAG_NO_EXTENSIONS skips printing the extension list. It is ignored in 4062 // |X509_REQ_print_fp|. CSRs instead have attributes, which is controlled by 4063 // |X509_FLAG_NO_ATTRIBUTES|. 4064 #define X509_FLAG_NO_EXTENSIONS (1L << 8) 4065 4066 // X509_FLAG_NO_SIGDUMP skips printing the signature and outer signature 4067 // algorithm. 4068 #define X509_FLAG_NO_SIGDUMP (1L << 9) 4069 4070 // X509_FLAG_NO_AUX skips printing auxiliary properties. (See |d2i_X509_AUX| and 4071 // related functions.) 4072 #define X509_FLAG_NO_AUX (1L << 10) 4073 4074 // X509_FLAG_NO_ATTRIBUTES skips printing CSR attributes. It does nothing for 4075 // certificates and CRLs. 4076 #define X509_FLAG_NO_ATTRIBUTES (1L << 11) 4077 4078 // X509_FLAG_NO_IDS skips printing the issuerUniqueID and subjectUniqueID in a 4079 // certificate. It is ignored in |X509_REQ_print_fp|. 4080 #define X509_FLAG_NO_IDS (1L << 12) 4081 4082 // The following flags control |X509_print_ex|, |X509_REQ_print_ex|, 4083 // |X509V3_EXT_print|, and |X509V3_extensions_print|. These flags coexist with 4084 // |X509_FLAG_*|, so avoid collisions when adding new ones. 4085 4086 // X509V3_EXT_UNKNOWN_MASK is a mask that determines how unknown extensions are 4087 // processed. 4088 #define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) 4089 4090 // X509V3_EXT_DEFAULT causes unknown extensions or syntax errors to return 4091 // failure. 4092 #define X509V3_EXT_DEFAULT 0 4093 4094 // X509V3_EXT_ERROR_UNKNOWN causes unknown extensions or syntax errors to print 4095 // as "<Not Supported>" or "<Parse Error>", respectively. 4096 #define X509V3_EXT_ERROR_UNKNOWN (1L << 16) 4097 4098 // X509V3_EXT_PARSE_UNKNOWN is deprecated and behaves like 4099 // |X509V3_EXT_DUMP_UNKNOWN|. 4100 #define X509V3_EXT_PARSE_UNKNOWN (2L << 16) 4101 4102 // X509V3_EXT_DUMP_UNKNOWN causes unknown extensions to be displayed as a 4103 // hexdump. 4104 #define X509V3_EXT_DUMP_UNKNOWN (3L << 16) 4105 4106 // X509_print_ex writes a human-readable representation of |x| to |bp|. It 4107 // returns one on success and zero on error. |nmflags| is the flags parameter 4108 // for |X509_NAME_print_ex| when printing the subject and issuer. |cflag| should 4109 // be some combination of the |X509_FLAG_*| and |X509V3_EXT_*| constants. 4110 OPENSSL_EXPORT int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag, 4111 unsigned long cflag); 4112 4113 // X509_print_ex_fp behaves like |X509_print_ex| but writes to |fp|. 4114 OPENSSL_EXPORT int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, 4115 unsigned long cflag); 4116 4117 // X509_print calls |X509_print_ex| with |XN_FLAG_COMPAT| and |X509_FLAG_COMPAT| 4118 // flags. 4119 OPENSSL_EXPORT int X509_print(BIO *bp, X509 *x); 4120 4121 // X509_print_fp behaves like |X509_print| but writes to |fp|. 4122 OPENSSL_EXPORT int X509_print_fp(FILE *fp, X509 *x); 4123 4124 // X509_CRL_print writes a human-readable representation of |x| to |bp|. It 4125 // returns one on success and zero on error. 4126 OPENSSL_EXPORT int X509_CRL_print(BIO *bp, X509_CRL *x); 4127 4128 // X509_CRL_print_fp behaves like |X509_CRL_print| but writes to |fp|. 4129 OPENSSL_EXPORT int X509_CRL_print_fp(FILE *fp, X509_CRL *x); 4130 4131 // X509_REQ_print_ex writes a human-readable representation of |x| to |bp|. It 4132 // returns one on success and zero on error. |nmflags| is the flags parameter 4133 // for |X509_NAME_print_ex|, when printing the subject. |cflag| should be some 4134 // combination of the |X509_FLAG_*| and |X509V3_EXT_*| constants. 4135 OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, 4136 unsigned long cflag); 4137 4138 // X509_REQ_print calls |X509_REQ_print_ex| with |XN_FLAG_COMPAT| and 4139 // |X509_FLAG_COMPAT| flags. 4140 OPENSSL_EXPORT int X509_REQ_print(BIO *bp, X509_REQ *req); 4141 4142 // X509_REQ_print_fp behaves like |X509_REQ_print| but writes to |fp|. 4143 OPENSSL_EXPORT int X509_REQ_print_fp(FILE *fp, X509_REQ *req); 4144 4145 // The following flags are control |X509_NAME_print_ex|. They must not collide 4146 // with |ASN1_STRFLGS_*|. 4147 // 4148 // TODO(davidben): This is far, far too many options and most of them are 4149 // useless. Trim this down. 4150 4151 // XN_FLAG_COMPAT prints with |X509_NAME_print|'s format and return value 4152 // convention. 4153 #define XN_FLAG_COMPAT 0ul 4154 4155 // XN_FLAG_SEP_MASK determines the separators to use between attributes. 4156 #define XN_FLAG_SEP_MASK (0xful << 16) 4157 4158 // XN_FLAG_SEP_COMMA_PLUS separates RDNs with "," and attributes within an RDN 4159 // with "+", as in RFC 2253. 4160 #define XN_FLAG_SEP_COMMA_PLUS (1ul << 16) 4161 4162 // XN_FLAG_SEP_CPLUS_SPC behaves like |XN_FLAG_SEP_COMMA_PLUS| but adds spaces 4163 // between the separators. 4164 #define XN_FLAG_SEP_CPLUS_SPC (2ul << 16) 4165 4166 // XN_FLAG_SEP_SPLUS_SPC separates RDNs with "; " and attributes within an RDN 4167 // with " + ". 4168 #define XN_FLAG_SEP_SPLUS_SPC (3ul << 16) 4169 4170 // XN_FLAG_SEP_MULTILINE prints each attribute on one line. 4171 #define XN_FLAG_SEP_MULTILINE (4ul << 16) 4172 4173 // XN_FLAG_DN_REV prints RDNs in reverse, from least significant to most 4174 // significant, as RFC 2253. 4175 #define XN_FLAG_DN_REV (1ul << 20) 4176 4177 // XN_FLAG_FN_MASK determines how attribute types are displayed. 4178 #define XN_FLAG_FN_MASK (0x3ul << 21) 4179 4180 // XN_FLAG_FN_SN uses the attribute type's short name, when available. 4181 #define XN_FLAG_FN_SN 0ul 4182 4183 // XN_FLAG_SPC_EQ wraps the "=" operator with spaces when printing attributes. 4184 #define XN_FLAG_SPC_EQ (1ul << 23) 4185 4186 // XN_FLAG_DUMP_UNKNOWN_FIELDS causes unknown attribute types to be printed in 4187 // hex, as in RFC 2253. 4188 #define XN_FLAG_DUMP_UNKNOWN_FIELDS (1ul << 24) 4189 4190 // XN_FLAG_RFC2253 prints like RFC 2253. 4191 #define XN_FLAG_RFC2253 \ 4192 (ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \ 4193 XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS) 4194 4195 // XN_FLAG_ONELINE prints a one-line representation of the name. 4196 #define XN_FLAG_ONELINE \ 4197 (ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | \ 4198 XN_FLAG_SPC_EQ | XN_FLAG_FN_SN) 4199 4200 // X509_NAME_print_ex writes a human-readable representation of |nm| to |out|. 4201 // Each line of output is indented by |indent| spaces. It returns the number of 4202 // bytes written on success, and -1 on error. If |out| is NULL, it returns the 4203 // number of bytes it would have written but does not write anything. |flags| 4204 // should be some combination of |XN_FLAG_*| and |ASN1_STRFLGS_*| values and 4205 // determines the output. If unsure, use |XN_FLAG_RFC2253|. 4206 // 4207 // If |flags| is |XN_FLAG_COMPAT|, or zero, this function calls 4208 // |X509_NAME_print| instead. In that case, it returns one on success, rather 4209 // than the output length. 4210 OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, 4211 unsigned long flags); 4212 4213 // X509_NAME_print prints a human-readable representation of |name| to |bp|. It 4214 // returns one on success and zero on error. |obase| is ignored. 4215 // 4216 // This function outputs a legacy format that does not correctly handle string 4217 // encodings and other cases. Prefer |X509_NAME_print_ex| if printing a name for 4218 // debugging purposes. 4219 OPENSSL_EXPORT int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase); 4220 4221 // X509_NAME_oneline writes a human-readable representation to |name| to a 4222 // buffer as a NUL-terminated C string. 4223 // 4224 // If |buf| is NULL, returns a newly-allocated buffer containing the result on 4225 // success, or NULL on error. The buffer must be released with |OPENSSL_free| 4226 // when done. 4227 // 4228 // If |buf| is non-NULL, at most |size| bytes of output are written to |buf| 4229 // instead. |size| includes the trailing NUL. The function then returns |buf| on 4230 // success or NULL on error. If the output does not fit in |size| bytes, the 4231 // output is silently truncated at an attribute boundary. 4232 // 4233 // This function outputs a legacy format that does not correctly handle string 4234 // encodings and other cases. Prefer |X509_NAME_print_ex| if printing a name for 4235 // debugging purposes. 4236 OPENSSL_EXPORT char *X509_NAME_oneline(const X509_NAME *name, char *buf, int size); 4237 4238 // X509_NAME_print_ex_fp behaves like |X509_NAME_print_ex| but writes to |fp|. 4239 OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, 4240 int indent, unsigned long flags); 4241 4242 // X509_signature_dump writes a human-readable representation of |sig| to |bio|, 4243 // indented with |indent| spaces. It returns one on success and zero on error. 4244 OPENSSL_EXPORT int X509_signature_dump(BIO *bio, const ASN1_STRING *sig, 4245 int indent); 4246 4247 // X509_signature_print writes a human-readable representation of |alg| and 4248 // |sig| to |bio|. It returns one on success and zero on error. 4249 OPENSSL_EXPORT int X509_signature_print(BIO *bio, const X509_ALGOR *alg, 4250 const ASN1_STRING *sig); 4251 4252 // X509V3_EXT_print prints a human-readable representation of |ext| to out. It 4253 // returns one on success and zero on error. The output is indented by |indent| 4254 // spaces. |flag| is one of the |X509V3_EXT_*| constants and controls printing 4255 // of unknown extensions and syntax errors. 4256 // 4257 // WARNING: Although some applications programmatically parse the output of this 4258 // function to process X.509 extensions, this is not safe. In many cases, the 4259 // outputs are ambiguous to attempting to parse them can lead to string 4260 // injection vulnerabilities. These functions should only be used for debugging 4261 // or logging. 4262 OPENSSL_EXPORT int X509V3_EXT_print(BIO *out, const X509_EXTENSION *ext, 4263 unsigned long flag, int indent); 4264 4265 // X509V3_EXT_print_fp behaves like |X509V3_EXT_print| but writes to a |FILE| 4266 // instead of a |BIO|. 4267 OPENSSL_EXPORT int X509V3_EXT_print_fp(FILE *out, const X509_EXTENSION *ext, 4268 int flag, int indent); 4269 4270 // X509V3_extensions_print prints |title|, followed by a human-readable 4271 // representation of |exts| to |out|. It returns one on success and zero on 4272 // error. The output is indented by |indent| spaces. |flag| is one of the 4273 // |X509V3_EXT_*| constants and controls printing of unknown extensions and 4274 // syntax errors. 4275 OPENSSL_EXPORT int X509V3_extensions_print(BIO *out, const char *title, 4276 const STACK_OF(X509_EXTENSION) *exts, 4277 unsigned long flag, int indent); 4278 4279 // GENERAL_NAME_print prints a human-readable representation of |gen| to |out|. 4280 // It returns one on success and zero on error. 4281 // 4282 // TODO(davidben): Actually, it just returns one and doesn't check for I/O or 4283 // allocation errors. But it should return zero on error. 4284 OPENSSL_EXPORT int GENERAL_NAME_print(BIO *out, const GENERAL_NAME *gen); 4285 4286 4287 // Convenience functions. 4288 4289 // X509_pubkey_digest hashes the contents of the BIT STRING in |x509|'s 4290 // subjectPublicKeyInfo field with |md| and writes the result to |out|. 4291 // |EVP_MD_CTX_size| bytes are written, which is at most |EVP_MAX_MD_SIZE|. If 4292 // |out_len| is not NULL, |*out_len| is set to the number of bytes written. This 4293 // function returns one on success and zero on error. 4294 // 4295 // This hash omits the BIT STRING tag, length, and number of unused bits. It 4296 // also omits the AlgorithmIdentifier which describes the key type. It 4297 // corresponds to the OCSP KeyHash definition and is not suitable for other 4298 // purposes. 4299 OPENSSL_EXPORT int X509_pubkey_digest(const X509 *x509, const EVP_MD *md, 4300 uint8_t *out, unsigned *out_len); 4301 4302 // X509_digest hashes |x509|'s DER encoding with |md| and writes the result to 4303 // |out|. |EVP_MD_CTX_size| bytes are written, which is at most 4304 // |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number 4305 // of bytes written. This function returns one on success and zero on error. 4306 // Note this digest covers the entire certificate, not just the signed portion. 4307 OPENSSL_EXPORT int X509_digest(const X509 *x509, const EVP_MD *md, uint8_t *out, 4308 unsigned *out_len); 4309 4310 // X509_CRL_digest hashes |crl|'s DER encoding with |md| and writes the result 4311 // to |out|. |EVP_MD_CTX_size| bytes are written, which is at most 4312 // |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number 4313 // of bytes written. This function returns one on success and zero on error. 4314 // Note this digest covers the entire CRL, not just the signed portion. 4315 OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *crl, const EVP_MD *md, 4316 uint8_t *out, unsigned *out_len); 4317 4318 // X509_REQ_digest hashes |req|'s DER encoding with |md| and writes the result 4319 // to |out|. |EVP_MD_CTX_size| bytes are written, which is at most 4320 // |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number 4321 // of bytes written. This function returns one on success and zero on error. 4322 // Note this digest covers the entire certificate request, not just the signed 4323 // portion. 4324 OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *req, const EVP_MD *md, 4325 uint8_t *out, unsigned *out_len); 4326 4327 // X509_NAME_digest hashes |name|'s DER encoding with |md| and writes the result 4328 // to |out|. |EVP_MD_CTX_size| bytes are written, which is at most 4329 // |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number 4330 // of bytes written. This function returns one on success and zero on error. 4331 OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *name, const EVP_MD *md, 4332 uint8_t *out, unsigned *out_len); 4333 4334 // The following functions behave like the corresponding unsuffixed |d2i_*| 4335 // functions, but read the result from |bp| instead. Callers using these 4336 // functions with memory |BIO|s to parse structures already in memory should use 4337 // |d2i_*| instead. 4338 OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp, X509 **x509); 4339 OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl); 4340 OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req); 4341 OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa); 4342 OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa); 4343 OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa); 4344 OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); 4345 OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); 4346 OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); 4347 OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); 4348 OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8); 4349 OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio( 4350 BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf); 4351 OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); 4352 OPENSSL_EXPORT DH *d2i_DHparams_bio(BIO *bp, DH **dh); 4353 4354 // d2i_PrivateKey_bio behaves like |d2i_AutoPrivateKey|, but reads from |bp| 4355 // instead. 4356 OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); 4357 4358 // The following functions behave like the corresponding unsuffixed |i2d_*| 4359 // functions, but write the result to |bp|. They return one on success and zero 4360 // on error. Callers using them with memory |BIO|s to encode structures to 4361 // memory should use |i2d_*| directly instead. 4362 OPENSSL_EXPORT int i2d_X509_bio(BIO *bp, X509 *x509); 4363 OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl); 4364 OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req); 4365 OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa); 4366 OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa); 4367 OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa); 4368 OPENSSL_EXPORT int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); 4369 OPENSSL_EXPORT int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); 4370 OPENSSL_EXPORT int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); 4371 OPENSSL_EXPORT int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); 4372 OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8); 4373 OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 4374 PKCS8_PRIV_KEY_INFO *p8inf); 4375 OPENSSL_EXPORT int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); 4376 OPENSSL_EXPORT int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); 4377 OPENSSL_EXPORT int i2d_DHparams_bio(BIO *bp, const DH *dh); 4378 4379 // i2d_PKCS8PrivateKeyInfo_bio encodes |key| as a PKCS#8 PrivateKeyInfo 4380 // structure (see |EVP_marshal_private_key|) and writes the result to |bp|. It 4381 // returns one on success and zero on error. 4382 OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); 4383 4384 // The following functions behave like the corresponding |d2i_*_bio| functions, 4385 // but read from |fp| instead. 4386 OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509); 4387 OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl); 4388 OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req); 4389 OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa); 4390 OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa); 4391 OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa); 4392 OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); 4393 OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); 4394 OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); 4395 OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); 4396 OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8); 4397 OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp( 4398 FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf); 4399 OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); 4400 OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); 4401 4402 // The following functions behave like the corresponding |i2d_*_bio| functions, 4403 // but write to |fp| instead. 4404 OPENSSL_EXPORT int i2d_X509_fp(FILE *fp, X509 *x509); 4405 OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl); 4406 OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req); 4407 OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa); 4408 OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa); 4409 OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa); 4410 OPENSSL_EXPORT int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); 4411 OPENSSL_EXPORT int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); 4412 OPENSSL_EXPORT int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); 4413 OPENSSL_EXPORT int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); 4414 OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8); 4415 OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 4416 PKCS8_PRIV_KEY_INFO *p8inf); 4417 OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); 4418 OPENSSL_EXPORT int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); 4419 OPENSSL_EXPORT int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); 4420 4421 // X509_find_by_issuer_and_serial returns the first |X509| in |sk| whose issuer 4422 // and serial are |name| and |serial|, respectively. If no match is found, it 4423 // returns NULL. 4424 OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(const STACK_OF(X509) *sk, 4425 X509_NAME *name, 4426 const ASN1_INTEGER *serial); 4427 4428 // X509_find_by_subject returns the first |X509| in |sk| whose subject is 4429 // |name|. If no match is found, it returns NULL. 4430 OPENSSL_EXPORT X509 *X509_find_by_subject(const STACK_OF(X509) *sk, 4431 X509_NAME *name); 4432 4433 // X509_cmp_time compares |s| against |*t|. On success, it returns a negative 4434 // number if |s| <= |*t| and a positive number if |s| > |*t|. On error, it 4435 // returns zero. If |t| is NULL, it uses the current time instead of |*t|. 4436 // 4437 // WARNING: Unlike most comparison functions, this function returns zero on 4438 // error, not equality. 4439 OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, const time_t *t); 4440 4441 // X509_cmp_time_posix compares |s| against |t|. On success, it returns a 4442 // negative number if |s| <= |t| and a positive number if |s| > |t|. On error, 4443 // it returns zero. 4444 // 4445 // WARNING: Unlike most comparison functions, this function returns zero on 4446 // error, not equality. 4447 OPENSSL_EXPORT int X509_cmp_time_posix(const ASN1_TIME *s, int64_t t); 4448 4449 // X509_cmp_current_time behaves like |X509_cmp_time| but compares |s| against 4450 // the current time. 4451 OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s); 4452 4453 // X509_time_adj calls |X509_time_adj_ex| with |offset_day| equal to zero. 4454 OPENSSL_EXPORT ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, 4455 const time_t *t); 4456 4457 // X509_time_adj_ex behaves like |ASN1_TIME_adj|, but adds an offset to |*t|. If 4458 // |t| is NULL, it uses the current time instead of |*t|. 4459 OPENSSL_EXPORT ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day, 4460 long offset_sec, const time_t *t); 4461 4462 // X509_gmtime_adj behaves like |X509_time_adj_ex| but adds |offset_sec| to the 4463 // current time. 4464 OPENSSL_EXPORT ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec); 4465 4466 // X509_issuer_name_cmp behaves like |X509_NAME_cmp|, but compares |a| and |b|'s 4467 // issuer names. 4468 OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b); 4469 4470 // X509_subject_name_cmp behaves like |X509_NAME_cmp|, but compares |a| and 4471 // |b|'s subject names. 4472 OPENSSL_EXPORT int X509_subject_name_cmp(const X509 *a, const X509 *b); 4473 4474 // X509_CRL_cmp behaves like |X509_NAME_cmp|, but compares |a| and |b|'s 4475 // issuer names. 4476 // 4477 // WARNING: This function is misnamed. It does not compare other parts of the 4478 // CRL, only the issuer fields using |X509_NAME_cmp|. 4479 OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); 4480 4481 // X509_issuer_name_hash returns the hash of |x509|'s issuer name with 4482 // |X509_NAME_hash|. 4483 // 4484 // This hash is specific to the |X509_LOOKUP_add_dir| filesystem format and is 4485 // not suitable for general-purpose X.509 name processing. It is very short, so 4486 // there will be hash collisions. It also depends on an OpenSSL-specific 4487 // canonicalization process. 4488 OPENSSL_EXPORT uint32_t X509_issuer_name_hash(X509 *x509); 4489 4490 // X509_subject_name_hash returns the hash of |x509|'s subject name with 4491 // |X509_NAME_hash|. 4492 // 4493 // This hash is specific to the |X509_LOOKUP_add_dir| filesystem format and is 4494 // not suitable for general-purpose X.509 name processing. It is very short, so 4495 // there will be hash collisions. It also depends on an OpenSSL-specific 4496 // canonicalization process. 4497 OPENSSL_EXPORT uint32_t X509_subject_name_hash(X509 *x509); 4498 4499 // X509_issuer_name_hash_old returns the hash of |x509|'s issuer name with 4500 // |X509_NAME_hash_old|. 4501 // 4502 // This hash is specific to the |X509_LOOKUP_add_dir| filesystem format and is 4503 // not suitable for general-purpose X.509 name processing. It is very short, so 4504 // there will be hash collisions. 4505 OPENSSL_EXPORT uint32_t X509_issuer_name_hash_old(X509 *x509); 4506 4507 // X509_subject_name_hash_old returns the hash of |x509|'s usjbect name with 4508 // |X509_NAME_hash_old|. 4509 // 4510 // This hash is specific to the |X509_LOOKUP_add_dir| filesystem format and is 4511 // not suitable for general-purpose X.509 name processing. It is very short, so 4512 // there will be hash collisions. 4513 OPENSSL_EXPORT uint32_t X509_subject_name_hash_old(X509 *x509); 4514 4515 4516 // ex_data functions. 4517 // 4518 // See |ex_data.h| for details. 4519 4520 OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp, 4521 CRYPTO_EX_unused *unused, 4522 CRYPTO_EX_dup *dup_unused, 4523 CRYPTO_EX_free *free_func); 4524 OPENSSL_EXPORT int X509_set_ex_data(X509 *r, int idx, void *arg); 4525 OPENSSL_EXPORT void *X509_get_ex_data(X509 *r, int idx); 4526 4527 OPENSSL_EXPORT int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, 4528 CRYPTO_EX_unused *unused, 4529 CRYPTO_EX_dup *dup_unused, 4530 CRYPTO_EX_free *free_func); 4531 OPENSSL_EXPORT int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, 4532 void *data); 4533 OPENSSL_EXPORT void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx); 4534 4535 #define X509_STORE_CTX_set_app_data(ctx, data) \ 4536 X509_STORE_CTX_set_ex_data(ctx, 0, data) 4537 #define X509_STORE_CTX_get_app_data(ctx) X509_STORE_CTX_get_ex_data(ctx, 0) 4538 4539 4540 // Hashing and signing ASN.1 structures. 4541 4542 // ASN1_digest serializes |data| with |i2d| and then hashes the result with 4543 // |type|. On success, it returns one, writes the digest to |md|, and sets 4544 // |*len| to the digest length if non-NULL. On error, it returns zero. 4545 // 4546 // |EVP_MD_CTX_size| bytes are written, which is at most |EVP_MAX_MD_SIZE|. The 4547 // buffer must have sufficient space for this output. 4548 OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, 4549 unsigned char *md, unsigned int *len); 4550 4551 // ASN1_item_digest serializes |data| with |it| and then hashes the result with 4552 // |type|. On success, it returns one, writes the digest to |md|, and sets 4553 // |*len| to the digest length if non-NULL. On error, it returns zero. 4554 // 4555 // |EVP_MD_CTX_size| bytes are written, which is at most |EVP_MAX_MD_SIZE|. The 4556 // buffer must have sufficient space for this output. 4557 // 4558 // WARNING: |data| must be a pointer with the same type as |it|'s corresponding 4559 // C type. Using the wrong type is a potentially exploitable memory error. 4560 OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, 4561 void *data, unsigned char *md, 4562 unsigned int *len); 4563 4564 // ASN1_item_verify serializes |data| with |it| and then verifies |signature| is 4565 // a valid signature for the result with |algor1| and |pkey|. It returns one on 4566 // success and zero on error. The signature and algorithm are interpreted as in 4567 // X.509. 4568 // 4569 // WARNING: |data| must be a pointer with the same type as |it|'s corresponding 4570 // C type. Using the wrong type is a potentially exploitable memory error. 4571 OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it, 4572 const X509_ALGOR *algor1, 4573 const ASN1_BIT_STRING *signature, 4574 void *data, EVP_PKEY *pkey); 4575 4576 // ASN1_item_sign serializes |data| with |it| and then signs the result with 4577 // the private key |pkey|. It returns the length of the signature on success and 4578 // zero on error. On success, it writes the signature to |signature| and the 4579 // signature algorithm to each of |algor1| and |algor2|. Either of |algor1| or 4580 // |algor2| may be NULL to ignore them. This function uses digest algorithm 4581 // |md|, or |pkey|'s default if NULL. Other signing parameters use |pkey|'s 4582 // defaults. To customize them, use |ASN1_item_sign_ctx|. 4583 // 4584 // WARNING: |data| must be a pointer with the same type as |it|'s corresponding 4585 // C type. Using the wrong type is a potentially exploitable memory error. 4586 OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, 4587 X509_ALGOR *algor2, 4588 ASN1_BIT_STRING *signature, void *data, 4589 EVP_PKEY *pkey, const EVP_MD *type); 4590 4591 // ASN1_item_sign_ctx behaves like |ASN1_item_sign| except the signature is 4592 // signed with |ctx|, |ctx|, which must have been initialized with 4593 // |EVP_DigestSignInit|. The caller should configure the corresponding 4594 // |EVP_PKEY_CTX| with any additional parameters before calling this function. 4595 // 4596 // On success or failure, this function mutates |ctx| and resets it to the empty 4597 // state. Caller should not rely on its contents after the function returns. 4598 // 4599 // WARNING: |data| must be a pointer with the same type as |it|'s corresponding 4600 // C type. Using the wrong type is a potentially exploitable memory error. 4601 OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, 4602 X509_ALGOR *algor2, 4603 ASN1_BIT_STRING *signature, void *asn, 4604 EVP_MD_CTX *ctx); 4605 4606 4607 // Verification internals. 4608 // 4609 // The following functions expose portions of certificate validation. They are 4610 // exported for compatibility with existing callers, or to support some obscure 4611 // use cases. Most callers, however, will not need these functions and should 4612 // instead use |X509_STORE_CTX| APIs. 4613 4614 // X509_supported_extension returns one if |ex| is a critical X.509 certificate 4615 // extension, supported by |X509_verify_cert|, and zero otherwise. 4616 // 4617 // Note this function only reports certificate extensions (as opposed to CRL or 4618 // CRL extensions), and only extensions that are expected to be marked critical. 4619 // Additionally, |X509_verify_cert| checks for unsupported critical extensions 4620 // internally, so most callers will not need to call this function separately. 4621 OPENSSL_EXPORT int X509_supported_extension(const X509_EXTENSION *ex); 4622 4623 // X509_check_ca returns one if |x509| may be considered a CA certificate, 4624 // according to basic constraints and key usage extensions. Otherwise, it 4625 // returns zero. If |x509| is an X509v1 certificate, and thus has no extensions, 4626 // it is considered eligible. 4627 // 4628 // This function returning one does not indicate that |x509| is trusted, only 4629 // that it is eligible to be a CA. 4630 // 4631 // TODO(crbug.com/boringssl/407): |x509| should be const. 4632 OPENSSL_EXPORT int X509_check_ca(X509 *x509); 4633 4634 // X509_check_issued checks if |issuer| and |subject|'s name, authority key 4635 // identifier, and key usage fields allow |issuer| to have issued |subject|. It 4636 // returns |X509_V_OK| on success and an |X509_V_ERR_*| value otherwise. 4637 // 4638 // This function does not check the signature on |subject|. Rather, it is 4639 // intended to prune the set of possible issuer certificates during 4640 // path-building. 4641 // 4642 // TODO(crbug.com/boringssl/407): Both parameters should be const. 4643 OPENSSL_EXPORT int X509_check_issued(X509 *issuer, X509 *subject); 4644 4645 // NAME_CONSTRAINTS_check checks if |x509| satisfies name constraints in |nc|. 4646 // It returns |X509_V_OK| on success and some |X509_V_ERR_*| constant on error. 4647 // 4648 // TODO(crbug.com/boringssl/407): Both parameters should be const. 4649 OPENSSL_EXPORT int NAME_CONSTRAINTS_check(X509 *x509, NAME_CONSTRAINTS *nc); 4650 4651 // X509_check_host checks if |x509| matches the DNS name |chk|. It returns one 4652 // on match, zero on mismatch, or a negative number on error. |flags| should be 4653 // some combination of |X509_CHECK_FLAG_*| and modifies the behavior. On match, 4654 // if |out_peername| is non-NULL, it additionally sets |*out_peername| to a 4655 // newly-allocated, NUL-terminated string containing the DNS name or wildcard in 4656 // the certificate which matched. The caller must then free |*out_peername| with 4657 // |OPENSSL_free| when done. 4658 // 4659 // By default, both subject alternative names and the subject's common name 4660 // attribute are checked. The latter has long been deprecated, so callers should 4661 // include |X509_CHECK_FLAG_NEVER_CHECK_SUBJECT| in |flags| to use the standard 4662 // behavior. https://crbug.com/boringssl/464 tracks fixing the default. 4663 // 4664 // This function does not check if |x509| is a trusted certificate, only if, 4665 // were it trusted, it would match |chk|. 4666 // 4667 // WARNING: This function differs from the usual calling convention and may 4668 // return either 0 or a negative number on error. 4669 // 4670 // TODO(davidben): Make the error case also return zero. 4671 OPENSSL_EXPORT int X509_check_host(const X509 *x509, const char *chk, 4672 size_t chklen, unsigned int flags, 4673 char **out_peername); 4674 4675 // X509_check_email checks if |x509| matches the email address |chk|. It returns 4676 // one on match, zero on mismatch, or a negative number on error. |flags| should 4677 // be some combination of |X509_CHECK_FLAG_*| and modifies the behavior. 4678 // 4679 // By default, both subject alternative names and the subject's email address 4680 // attribute are checked. The |X509_CHECK_FLAG_NEVER_CHECK_SUBJECT| flag may be 4681 // used to change this behavior. 4682 // 4683 // This function does not check if |x509| is a trusted certificate, only if, 4684 // were it trusted, it would match |chk|. 4685 // 4686 // WARNING: This function differs from the usual calling convention and may 4687 // return either 0 or a negative number on error. 4688 // 4689 // TODO(davidben): Make the error case also return zero. 4690 OPENSSL_EXPORT int X509_check_email(const X509 *x509, const char *chk, 4691 size_t chklen, unsigned int flags); 4692 4693 // X509_check_ip checks if |x509| matches the IP address |chk|. The IP address 4694 // is represented in byte form and should be 4 bytes for an IPv4 address and 16 4695 // bytes for an IPv6 address. It returns one on match, zero on mismatch, or a 4696 // negative number on error. |flags| should be some combination of 4697 // |X509_CHECK_FLAG_*| and modifies the behavior. 4698 // 4699 // This function does not check if |x509| is a trusted certificate, only if, 4700 // were it trusted, it would match |chk|. 4701 // 4702 // WARNING: This function differs from the usual calling convention and may 4703 // return either 0 or a negative number on error. 4704 // 4705 // TODO(davidben): Make the error case also return zero. 4706 OPENSSL_EXPORT int X509_check_ip(const X509 *x509, const uint8_t *chk, 4707 size_t chklen, unsigned int flags); 4708 4709 // X509_check_ip_asc behaves like |X509_check_ip| except the IP address is 4710 // specified in textual form in |ipasc|. 4711 // 4712 // WARNING: This function differs from the usual calling convention and may 4713 // return either 0 or a negative number on error. 4714 // 4715 // TODO(davidben): Make the error case also return zero. 4716 OPENSSL_EXPORT int X509_check_ip_asc(const X509 *x509, const char *ipasc, 4717 unsigned int flags); 4718 4719 // X509_STORE_CTX_get1_issuer looks up a candidate trusted issuer for |x509| out 4720 // of |ctx|'s |X509_STORE|, based on the criteria in |X509_check_issued|. If one 4721 // was found, it returns one and sets |*out_issuer| to the issuer. The caller 4722 // must release |*out_issuer| with |X509_free| when done. If none was found, it 4723 // returns zero and leaves |*out_issuer| unchanged. 4724 // 4725 // This function only searches for trusted issuers. It does not consider 4726 // untrusted intermediates passed in to |X509_STORE_CTX_init|. 4727 // 4728 // TODO(crbug.com/boringssl/407): |x509| should be const. 4729 OPENSSL_EXPORT int X509_STORE_CTX_get1_issuer(X509 **out_issuer, 4730 X509_STORE_CTX *ctx, X509 *x509); 4731 4732 // X509_check_purpose performs checks if |x509|'s basic constraints, key usage, 4733 // and extended key usage extensions for the specified purpose. |purpose| should 4734 // be one of |X509_PURPOSE_*| constants. See |X509_VERIFY_PARAM_set_purpose| for 4735 // details. It returns one if |x509|'s extensions are consistent with |purpose| 4736 // and zero otherwise. If |ca| is non-zero, |x509| is checked as a CA 4737 // certificate. Otherwise, it is checked as an end-entity certificate. 4738 // 4739 // If |purpose| is -1, this function performs no purpose checks, but it parses 4740 // some extensions in |x509| and may return zero on syntax error. Historically, 4741 // callers primarily used this function to trigger this parsing, but this is no 4742 // longer necessary. Functions acting on |X509| will internally parse as needed. 4743 OPENSSL_EXPORT int X509_check_purpose(X509 *x509, int purpose, int ca); 4744 4745 #define X509_TRUST_TRUSTED 1 4746 #define X509_TRUST_REJECTED 2 4747 #define X509_TRUST_UNTRUSTED 3 4748 4749 // X509_check_trust checks if |x509| is a valid trust anchor for trust type 4750 // |id|. See |X509_VERIFY_PARAM_set_trust| for details. It returns 4751 // |X509_TRUST_TRUSTED| if |x509| is a trust anchor, |X509_TRUST_REJECTED| if it 4752 // was distrusted, and |X509_TRUST_UNTRUSTED| otherwise. |id| should be one of 4753 // the |X509_TRUST_*| constants, or zero to indicate the default behavior. 4754 // |flags| should be zero and is ignored. 4755 OPENSSL_EXPORT int X509_check_trust(X509 *x509, int id, int flags); 4756 4757 // X509_STORE_CTX_get1_certs returns a newly-allocated stack containing all 4758 // trusted certificates in |ctx|'s |X509_STORE| whose subject matches |name|, or 4759 // NULL on error. The caller must release the result with |sk_X509_pop_free| and 4760 // |X509_free| when done. 4761 // 4762 // TODO(crbug.com/boringssl/407): |name| should be const. 4763 OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, 4764 X509_NAME *name); 4765 4766 // X509_STORE_CTX_get1_crls returns a newly-allocated stack containing all 4767 // CRLs in |ctx|'s |X509_STORE| whose subject matches |name|, or NULL on error. 4768 // The caller must release the result with |sk_X509_CRL_pop_free| and 4769 // |X509_CRL_free| when done. 4770 // 4771 // TODO(crbug.com/boringssl/407): |name| should be const. 4772 OPENSSL_EXPORT STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *ctx, 4773 X509_NAME *name); 4774 4775 // X509_STORE_CTX_get_by_subject looks up an object of type |type| in |ctx|'s 4776 // |X509_STORE| that matches |name|. |type| should be one of the |X509_LU_*| 4777 // constants to indicate the type of object. If a match was found, it stores the 4778 // result in |ret| and returns one. Otherwise, it returns zero. If multiple 4779 // objects match, this function outputs an arbitray one. 4780 // 4781 // WARNING: |ret| must be in the empty state, as returned by |X509_OBJECT_new|. 4782 // Otherwise, the object currently in |ret| will be leaked when overwritten. 4783 // https://crbug.com/boringssl/685 tracks fixing this. 4784 // 4785 // WARNING: Multiple trusted certificates or CRLs may share a name. In this 4786 // case, this function returns an arbitrary match. Use 4787 // |X509_STORE_CTX_get1_certs| or |X509_STORE_CTX_get1_crls| instead. 4788 // 4789 // TODO(crbug.com/boringssl/407): |name| should be const. 4790 OPENSSL_EXPORT int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *ctx, int type, 4791 X509_NAME *name, 4792 X509_OBJECT *ret); 4793 4794 4795 // X.509 information. 4796 // 4797 // |X509_INFO| is the return type for |PEM_X509_INFO_read_bio|, defined in 4798 // <openssl/pem.h>. It is used to store a certificate, CRL, or private key. This 4799 // type is defined in this header for OpenSSL compatibility. 4800 4801 struct private_key_st { 4802 EVP_PKEY *dec_pkey; 4803 } /* X509_PKEY */; 4804 4805 struct X509_info_st { 4806 X509 *x509; 4807 X509_CRL *crl; 4808 X509_PKEY *x_pkey; 4809 4810 EVP_CIPHER_INFO enc_cipher; 4811 int enc_len; 4812 char *enc_data; 4813 } /* X509_INFO */; 4814 4815 DEFINE_STACK_OF(X509_INFO) 4816 4817 // X509_INFO_free releases memory associated with |info|. 4818 OPENSSL_EXPORT void X509_INFO_free(X509_INFO *info); 4819 4820 4821 // Deprecated custom extension registration. 4822 // 4823 // The following functions allow callers to register custom extensions for use 4824 // with |X509V3_EXT_d2i| and related functions. This mechanism is deprecated and 4825 // will be removed in the future. As discussed in |X509V3_EXT_add|, it is not 4826 // possible to safely register a custom extension without risking race 4827 // conditions and memory errors when linked with other users of BoringSSL. 4828 // 4829 // Moreover, it is not necessary to register a custom extension to process 4830 // extensions unknown to BoringSSL. Registration does not impact certificate 4831 // verification. Caller should instead use functions such as 4832 // |ASN1_OBJECT_create|, |X509_get_ext_by_OBJ|, |X509_EXTENSION_get_data|, and 4833 // |X509_EXTENSION_create_by_OBJ| to inspect or create extensions directly. 4834 4835 // The following function pointer types are used in |X509V3_EXT_METHOD|. 4836 typedef void *(*X509V3_EXT_NEW)(void); 4837 typedef void (*X509V3_EXT_FREE)(void *ext); 4838 typedef void *(*X509V3_EXT_D2I)(void *ext, const uint8_t **inp, long len); 4839 typedef int (*X509V3_EXT_I2D)(void *ext, uint8_t **outp); 4840 typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V)(const X509V3_EXT_METHOD *method, 4841 void *ext, 4842 STACK_OF(CONF_VALUE) *extlist); 4843 typedef void *(*X509V3_EXT_V2I)(const X509V3_EXT_METHOD *method, 4844 const X509V3_CTX *ctx, 4845 const STACK_OF(CONF_VALUE) *values); 4846 typedef char *(*X509V3_EXT_I2S)(const X509V3_EXT_METHOD *method, void *ext); 4847 typedef void *(*X509V3_EXT_S2I)(const X509V3_EXT_METHOD *method, 4848 const X509V3_CTX *ctx, const char *str); 4849 typedef int (*X509V3_EXT_I2R)(const X509V3_EXT_METHOD *method, void *ext, 4850 BIO *out, int indent); 4851 typedef void *(*X509V3_EXT_R2I)(const X509V3_EXT_METHOD *method, 4852 const X509V3_CTX *ctx, const char *str); 4853 4854 // A v3_ext_method, aka |X509V3_EXT_METHOD|, is a deprecated type which defines 4855 // a custom extension. 4856 struct v3_ext_method { 4857 // ext_nid is the NID of the extension. 4858 int ext_nid; 4859 4860 // ext_flags is a combination of |X509V3_EXT_*| constants. 4861 int ext_flags; 4862 4863 // it determines how values of this extension are allocated, released, parsed, 4864 // and marshalled. This must be non-NULL. 4865 ASN1_ITEM_EXP *it; 4866 4867 // The following functions are ignored in favor of |it|. They are retained in 4868 // the struct only for source compatibility with existing struct definitions. 4869 X509V3_EXT_NEW ext_new; 4870 X509V3_EXT_FREE ext_free; 4871 X509V3_EXT_D2I d2i; 4872 X509V3_EXT_I2D i2d; 4873 4874 // The following functions are used for string extensions. 4875 X509V3_EXT_I2S i2s; 4876 X509V3_EXT_S2I s2i; 4877 4878 // The following functions are used for multi-valued extensions. 4879 X509V3_EXT_I2V i2v; 4880 X509V3_EXT_V2I v2i; 4881 4882 // The following functions are used for "raw" extensions, which implement 4883 // custom printing behavior. 4884 X509V3_EXT_I2R i2r; 4885 X509V3_EXT_R2I r2i; 4886 4887 void *usr_data; // Any extension specific data 4888 } /* X509V3_EXT_METHOD */; 4889 4890 // X509V3_EXT_MULTILINE causes the result of an |X509V3_EXT_METHOD|'s |i2v| 4891 // function to be printed on separate lines, rather than separated by commas. 4892 #define X509V3_EXT_MULTILINE 0x4 4893 4894 // X509V3_EXT_get returns the |X509V3_EXT_METHOD| corresponding to |ext|'s 4895 // extension type, or NULL if none was registered. 4896 OPENSSL_EXPORT const X509V3_EXT_METHOD *X509V3_EXT_get( 4897 const X509_EXTENSION *ext); 4898 4899 // X509V3_EXT_get_nid returns the |X509V3_EXT_METHOD| corresponding to |nid|, or 4900 // NULL if none was registered. 4901 OPENSSL_EXPORT const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); 4902 4903 // X509V3_EXT_add registers |ext| as a custom extension for the extension type 4904 // |ext->ext_nid|. |ext| must be valid for the remainder of the address space's 4905 // lifetime. It returns one on success and zero on error. 4906 // 4907 // WARNING: This function modifies global state. If other code in the same 4908 // address space also registers an extension with type |ext->ext_nid|, the two 4909 // registrations will conflict. Which registration takes effect is undefined. If 4910 // the two registrations use incompatible in-memory representations, code 4911 // expecting the other registration will then cast a type to the wrong type, 4912 // resulting in a potentially exploitable memory error. This conflict can also 4913 // occur if BoringSSL later adds support for |ext->ext_nid|, with a different 4914 // in-memory representation than the one expected by |ext|. 4915 // 4916 // This function, additionally, is not thread-safe and cannot be called 4917 // concurrently with any other BoringSSL function. 4918 // 4919 // As a result, it is impossible to safely use this function. Registering a 4920 // custom extension has no impact on certificate verification so, instead, 4921 // callers should simply handle the custom extension with the byte-based 4922 // |X509_EXTENSION| APIs directly. Registering |ext| with the library has little 4923 // practical value. 4924 OPENSSL_EXPORT OPENSSL_DEPRECATED int X509V3_EXT_add(X509V3_EXT_METHOD *ext); 4925 4926 // X509V3_EXT_add_alias registers a custom extension with NID |nid_to|. The 4927 // corresponding ASN.1 type is copied from |nid_from|. It returns one on success 4928 // and zero on error. 4929 // 4930 // WARNING: Do not use this function. See |X509V3_EXT_add|. 4931 OPENSSL_EXPORT OPENSSL_DEPRECATED int X509V3_EXT_add_alias(int nid_to, 4932 int nid_from); 4933 4934 4935 // Deprecated config-based extension creation. 4936 // 4937 // The following functions allow specifying X.509 extensions using OpenSSL's 4938 // config file syntax, from the OpenSSL command-line tool. They are retained, 4939 // for now, for compatibility with legacy software but may be removed in the 4940 // future. Construct the extensions using the typed C APIs instead. 4941 // 4942 // Callers should especially avoid these functions if passing in non-constant 4943 // values. They use ad-hoc, string-based formats which are prone to injection 4944 // vulnerabilities. For a CA, this means using them risks misissuance. 4945 // 4946 // These functions are not safe to use with untrusted inputs. The string formats 4947 // may implicitly reference context information and, in OpenSSL (though not 4948 // BoringSSL), one even allows reading arbitrary files. Many formats can also 4949 // produce far larger outputs than their inputs, so untrusted inputs may lead to 4950 // denial-of-service attacks. Finally, the parsers see much less testing and 4951 // review than most of the library and may have bugs including memory leaks or 4952 // crashes. 4953 4954 // v3_ext_ctx, aka |X509V3_CTX|, contains additional context information for 4955 // constructing extensions. Some string formats reference additional values in 4956 // these objects. It must be initialized with |X509V3_set_ctx| or 4957 // |X509V3_set_ctx_test| before use. 4958 struct v3_ext_ctx { 4959 int flags; 4960 const X509 *issuer_cert; 4961 const X509 *subject_cert; 4962 const X509_REQ *subject_req; 4963 const X509_CRL *crl; 4964 const CONF *db; 4965 }; 4966 4967 #define X509V3_CTX_TEST 0x1 4968 4969 // X509V3_set_ctx initializes |ctx| with the specified objects. Some string 4970 // formats will reference fields in these objects. Each object may be NULL to 4971 // omit it, in which case those formats cannot be used. |flags| should be zero, 4972 // unless called via |X509V3_set_ctx_test|. 4973 // 4974 // |issuer|, |subject|, |req|, and |crl|, if non-NULL, must outlive |ctx|. 4975 OPENSSL_EXPORT void X509V3_set_ctx(X509V3_CTX *ctx, const X509 *issuer, 4976 const X509 *subject, const X509_REQ *req, 4977 const X509_CRL *crl, int flags); 4978 4979 // X509V3_set_ctx_test calls |X509V3_set_ctx| without any reference objects and 4980 // mocks out some features that use them. The resulting extensions may be 4981 // incomplete and should be discarded. This can be used to partially validate 4982 // syntax. 4983 // 4984 // TODO(davidben): Can we remove this? 4985 #define X509V3_set_ctx_test(ctx) \ 4986 X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, X509V3_CTX_TEST) 4987 4988 // X509V3_set_nconf sets |ctx| to use |conf| as the config database. |ctx| must 4989 // have previously been initialized by |X509V3_set_ctx| or 4990 // |X509V3_set_ctx_test|. Some string formats will reference sections in |conf|. 4991 // |conf| may be NULL, in which case these formats cannot be used. If non-NULL, 4992 // |conf| must outlive |ctx|. 4993 OPENSSL_EXPORT void X509V3_set_nconf(X509V3_CTX *ctx, const CONF *conf); 4994 4995 // X509V3_set_ctx_nodb calls |X509V3_set_nconf| with no config database. 4996 #define X509V3_set_ctx_nodb(ctx) X509V3_set_nconf(ctx, NULL) 4997 4998 // X509V3_EXT_nconf constructs an extension of type specified by |name|, and 4999 // value specified by |value|. It returns a newly-allocated |X509_EXTENSION| 5000 // object on success, or NULL on error. |conf| and |ctx| specify additional 5001 // information referenced by some formats. Either |conf| or |ctx| may be NULL, 5002 // in which case features which use it will be disabled. 5003 // 5004 // If non-NULL, |ctx| must be initialized with |X509V3_set_ctx| or 5005 // |X509V3_set_ctx_test|. 5006 // 5007 // Both |conf| and |ctx| provide a |CONF| object. When |ctx| is non-NULL, most 5008 // features use the |ctx| copy, configured with |X509V3_set_ctx|, but some use 5009 // |conf|. Callers should ensure the two match to avoid surprisingly behavior. 5010 OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf(const CONF *conf, 5011 const X509V3_CTX *ctx, 5012 const char *name, 5013 const char *value); 5014 5015 // X509V3_EXT_nconf_nid behaves like |X509V3_EXT_nconf|, except the extension 5016 // type is specified as a NID. 5017 OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf_nid(const CONF *conf, 5018 const X509V3_CTX *ctx, 5019 int ext_nid, 5020 const char *value); 5021 5022 // X509V3_EXT_conf_nid calls |X509V3_EXT_nconf_nid|. |conf| must be NULL. 5023 // 5024 // TODO(davidben): This is the only exposed instance of an LHASH in our public 5025 // headers. cryptography.io wraps this function so we cannot, yet, replace the 5026 // type with a dummy struct. 5027 OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, 5028 const X509V3_CTX *ctx, 5029 int ext_nid, 5030 const char *value); 5031 5032 // X509V3_EXT_add_nconf_sk looks up the section named |section| in |conf|. For 5033 // each |CONF_VALUE| in the section, it constructs an extension as in 5034 // |X509V3_EXT_nconf|, taking |name| and |value| from the |CONF_VALUE|. Each new 5035 // extension is appended to |*sk|. If |*sk| is non-NULL, and at least one 5036 // extension is added, it sets |*sk| to a newly-allocated 5037 // |STACK_OF(X509_EXTENSION)|. It returns one on success and zero on error. 5038 OPENSSL_EXPORT int X509V3_EXT_add_nconf_sk(const CONF *conf, 5039 const X509V3_CTX *ctx, 5040 const char *section, 5041 STACK_OF(X509_EXTENSION) **sk); 5042 5043 // X509V3_EXT_add_nconf adds extensions to |cert| as in 5044 // |X509V3_EXT_add_nconf_sk|. It returns one on success and zero on error. 5045 OPENSSL_EXPORT int X509V3_EXT_add_nconf(const CONF *conf, const X509V3_CTX *ctx, 5046 const char *section, X509 *cert); 5047 5048 // X509V3_EXT_REQ_add_nconf adds extensions to |req| as in 5049 // |X509V3_EXT_add_nconf_sk|. It returns one on success and zero on error. 5050 OPENSSL_EXPORT int X509V3_EXT_REQ_add_nconf(const CONF *conf, 5051 const X509V3_CTX *ctx, 5052 const char *section, X509_REQ *req); 5053 5054 // X509V3_EXT_CRL_add_nconf adds extensions to |crl| as in 5055 // |X509V3_EXT_add_nconf_sk|. It returns one on success and zero on error. 5056 OPENSSL_EXPORT int X509V3_EXT_CRL_add_nconf(const CONF *conf, 5057 const X509V3_CTX *ctx, 5058 const char *section, X509_CRL *crl); 5059 5060 // i2s_ASN1_OCTET_STRING returns a human-readable representation of |oct| as a 5061 // newly-allocated, NUL-terminated string, or NULL on error. |method| is 5062 // ignored. The caller must release the result with |OPENSSL_free| when done. 5063 OPENSSL_EXPORT char *i2s_ASN1_OCTET_STRING(const X509V3_EXT_METHOD *method, 5064 const ASN1_OCTET_STRING *oct); 5065 5066 // s2i_ASN1_OCTET_STRING decodes |str| as a hexdecimal byte string, with 5067 // optional colon separators between bytes. It returns a newly-allocated 5068 // |ASN1_OCTET_STRING| with the result on success, or NULL on error. |method| 5069 // and |ctx| are ignored. 5070 OPENSSL_EXPORT ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING( 5071 const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, const char *str); 5072 5073 // i2s_ASN1_INTEGER returns a human-readable representation of |aint| as a 5074 // newly-allocated, NUL-terminated string, or NULL on error. |method| is 5075 // ignored. The caller must release the result with |OPENSSL_free| when done. 5076 OPENSSL_EXPORT char *i2s_ASN1_INTEGER(const X509V3_EXT_METHOD *method, 5077 const ASN1_INTEGER *aint); 5078 5079 // s2i_ASN1_INTEGER decodes |value| as the ASCII representation of an integer, 5080 // and returns a newly-allocated |ASN1_INTEGER| containing the result, or NULL 5081 // on error. |method| is ignored. If |value| begins with "0x" or "0X", the input 5082 // is decoded in hexadecimal, otherwise decimal. 5083 OPENSSL_EXPORT ASN1_INTEGER *s2i_ASN1_INTEGER(const X509V3_EXT_METHOD *method, 5084 const char *value); 5085 5086 // i2s_ASN1_ENUMERATED returns a human-readable representation of |aint| as a 5087 // newly-allocated, NUL-terminated string, or NULL on error. |method| is 5088 // ignored. The caller must release the result with |OPENSSL_free| when done. 5089 OPENSSL_EXPORT char *i2s_ASN1_ENUMERATED(const X509V3_EXT_METHOD *method, 5090 const ASN1_ENUMERATED *aint); 5091 5092 // X509V3_conf_free releases memory associated with |CONF_VALUE|. 5093 OPENSSL_EXPORT void X509V3_conf_free(CONF_VALUE *val); 5094 5095 // i2v_GENERAL_NAME serializes |gen| as a |CONF_VALUE|. If |ret| is non-NULL, it 5096 // appends the value to |ret| and returns |ret| on success or NULL on error. If 5097 // it returns NULL, the caller is still responsible for freeing |ret|. If |ret| 5098 // is NULL, it returns a newly-allocated |STACK_OF(CONF_VALUE)| containing the 5099 // result. |method| is ignored. When done, the caller should release the result 5100 // with |sk_CONF_VALUE_pop_free| and |X509V3_conf_free|. 5101 // 5102 // Do not use this function. This is an internal implementation detail of the 5103 // human-readable print functions. If extracting a SAN list from a certificate, 5104 // look at |gen| directly. 5105 OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME( 5106 const X509V3_EXT_METHOD *method, const GENERAL_NAME *gen, 5107 STACK_OF(CONF_VALUE) *ret); 5108 5109 // i2v_GENERAL_NAMES serializes |gen| as a list of |CONF_VALUE|s. If |ret| is 5110 // non-NULL, it appends the values to |ret| and returns |ret| on success or NULL 5111 // on error. If it returns NULL, the caller is still responsible for freeing 5112 // |ret|. If |ret| is NULL, it returns a newly-allocated |STACK_OF(CONF_VALUE)| 5113 // containing the results. |method| is ignored. 5114 // 5115 // Do not use this function. This is an internal implementation detail of the 5116 // human-readable print functions. If extracting a SAN list from a certificate, 5117 // look at |gen| directly. 5118 OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES( 5119 const X509V3_EXT_METHOD *method, const GENERAL_NAMES *gen, 5120 STACK_OF(CONF_VALUE) *extlist); 5121 5122 // a2i_IPADDRESS decodes |ipasc| as the textual representation of an IPv4 or 5123 // IPv6 address. On success, it returns a newly-allocated |ASN1_OCTET_STRING| 5124 // containing the decoded IP address. IPv4 addresses are represented as 4-byte 5125 // strings and IPv6 addresses as 16-byte strings. On failure, it returns NULL. 5126 OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc); 5127 5128 // a2i_IPADDRESS_NC decodes |ipasc| as the textual representation of an IPv4 or 5129 // IPv6 address range. On success, it returns a newly-allocated 5130 // |ASN1_OCTET_STRING| containing the decoded IP address, followed by the 5131 // decoded mask. IPv4 ranges are represented as 8-byte strings and IPv6 ranges 5132 // as 32-byte strings. On failure, it returns NULL. 5133 // 5134 // The text format decoded by this function is not the standard CIDR notiation. 5135 // Instead, the mask after the "/" is represented as another IP address. For 5136 // example, "192.168.0.0/16" would be written "192.168.0.0/255.255.0.0". 5137 OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc); 5138 5139 5140 // Deprecated functions. 5141 5142 // X509_get_notBefore returns |x509|'s notBefore time. Note this function is not 5143 // const-correct for legacy reasons. Use |X509_get0_notBefore| or 5144 // |X509_getm_notBefore| instead. 5145 OPENSSL_EXPORT ASN1_TIME *X509_get_notBefore(const X509 *x509); 5146 5147 // X509_get_notAfter returns |x509|'s notAfter time. Note this function is not 5148 // const-correct for legacy reasons. Use |X509_get0_notAfter| or 5149 // |X509_getm_notAfter| instead. 5150 OPENSSL_EXPORT ASN1_TIME *X509_get_notAfter(const X509 *x509); 5151 5152 // X509_set_notBefore calls |X509_set1_notBefore|. Use |X509_set1_notBefore| 5153 // instead. 5154 OPENSSL_EXPORT int X509_set_notBefore(X509 *x509, const ASN1_TIME *tm); 5155 5156 // X509_set_notAfter calls |X509_set1_notAfter|. Use |X509_set1_notAfter| 5157 // instead. 5158 OPENSSL_EXPORT int X509_set_notAfter(X509 *x509, const ASN1_TIME *tm); 5159 5160 // X509_CRL_get_lastUpdate returns a mutable pointer to |crl|'s thisUpdate time. 5161 // The OpenSSL API refers to this field as lastUpdate. 5162 // 5163 // Use |X509_CRL_get0_lastUpdate| or |X509_CRL_set1_lastUpdate| instead. 5164 OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl); 5165 5166 // X509_CRL_get_nextUpdate returns a mutable pointer to |crl|'s nextUpdate time, 5167 // or NULL if |crl| has none. Use |X509_CRL_get0_nextUpdate| or 5168 // |X509_CRL_set1_nextUpdate| instead. 5169 OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl); 5170 5171 // X509_extract_key is a legacy alias to |X509_get_pubkey|. Use 5172 // |X509_get_pubkey| instead. 5173 #define X509_extract_key(x) X509_get_pubkey(x) 5174 5175 // X509_REQ_extract_key is a legacy alias for |X509_REQ_get_pubkey|. 5176 #define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) 5177 5178 // X509_name_cmp is a legacy alias for |X509_NAME_cmp|. 5179 #define X509_name_cmp(a, b) X509_NAME_cmp((a), (b)) 5180 5181 // The following symbols are deprecated aliases to |X509_CRL_set1_*|. 5182 #define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate 5183 #define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate 5184 5185 // X509_get_serialNumber returns a mutable pointer to |x509|'s serial number. 5186 // Prefer |X509_get0_serialNumber|. 5187 OPENSSL_EXPORT ASN1_INTEGER *X509_get_serialNumber(X509 *x509); 5188 5189 // X509_NAME_get_text_by_OBJ finds the first attribute with type |obj| in 5190 // |name|. If found, it writes the value's UTF-8 representation to |buf|. 5191 // followed by a NUL byte, and returns the number of bytes in the output, 5192 // excluding the NUL byte. This is unlike OpenSSL which returns the raw 5193 // ASN1_STRING data. The UTF-8 encoding of the |ASN1_STRING| may not contain a 0 5194 // codepoint. 5195 // 5196 // This function writes at most |len| bytes, including the NUL byte. If |buf| 5197 // is NULL, it writes nothing and returns the number of bytes in the 5198 // output, excluding the NUL byte that would be required for the full UTF-8 5199 // output. 5200 // 5201 // This function may return -1 if an error occurs for any reason, including the 5202 // value not being a recognized string type, |len| being of insufficient size to 5203 // hold the full UTF-8 encoding and NUL byte, memory allocation failures, an 5204 // object with type |obj| not existing in |name|, or if the UTF-8 encoding of 5205 // the string contains a zero byte. 5206 OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(const X509_NAME *name, 5207 const ASN1_OBJECT *obj, char *buf, 5208 int len); 5209 5210 // X509_NAME_get_text_by_NID behaves like |X509_NAME_get_text_by_OBJ| except it 5211 // finds an attribute of type |nid|, which should be one of the |NID_*| 5212 // constants. 5213 OPENSSL_EXPORT int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid, 5214 char *buf, int len); 5215 5216 // X509_STORE_CTX_get0_parent_ctx returns NULL. 5217 OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx( 5218 const X509_STORE_CTX *ctx); 5219 5220 // X509_OBJECT_free_contents sets |obj| to the empty object, freeing any values 5221 // that were previously there. 5222 // 5223 // TODO(davidben): Unexport this function after rust-openssl is fixed to no 5224 // longer call it. 5225 OPENSSL_EXPORT void X509_OBJECT_free_contents(X509_OBJECT *obj); 5226 5227 // X509_LOOKUP_free releases memory associated with |ctx|. This function should 5228 // never be used outside the library. No function in the public API hands 5229 // ownership of an |X509_LOOKUP| to the caller. 5230 // 5231 // TODO(davidben): Unexport this function after rust-openssl is fixed to no 5232 // longer call it. 5233 OPENSSL_EXPORT void X509_LOOKUP_free(X509_LOOKUP *ctx); 5234 5235 // X509_STORE_CTX_cleanup resets |ctx| to the empty state. 5236 // 5237 // This function is a remnant of when |X509_STORE_CTX| was stack-allocated and 5238 // should not be used. If releasing |ctx|, call |X509_STORE_CTX_free|. If 5239 // reusing |ctx| for a new verification, release the old one and create a new 5240 // one. 5241 OPENSSL_EXPORT void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); 5242 5243 // X509V3_add_standard_extensions returns one. 5244 OPENSSL_EXPORT int X509V3_add_standard_extensions(void); 5245 5246 // The following symbols are legacy aliases for |X509_STORE_CTX| functions. 5247 #define X509_STORE_get_by_subject X509_STORE_CTX_get_by_subject 5248 #define X509_STORE_get1_certs X509_STORE_CTX_get1_certs 5249 #define X509_STORE_get1_crls X509_STORE_CTX_get1_crls 5250 5251 // X509_STORE_CTX_get_chain is a legacy alias for |X509_STORE_CTX_get0_chain|. 5252 OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get_chain( 5253 const X509_STORE_CTX *ctx); 5254 5255 // X509_STORE_CTX_trusted_stack is a deprecated alias for 5256 // |X509_STORE_CTX_set0_trusted_stack|. 5257 OPENSSL_EXPORT void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, 5258 STACK_OF(X509) *sk); 5259 5260 typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *); 5261 5262 // X509_STORE_CTX_set_verify_cb configures a callback function for |ctx| that is 5263 // called multiple times during |X509_verify_cert|. The callback returns zero to 5264 // fail verification and one to proceed. Typically, it will return |ok|, which 5265 // preserves the default behavior. Returning one when |ok| is zero will proceed 5266 // past some error. The callback may inspect |ctx| and the error queue to 5267 // attempt to determine the current stage of certificate verification, but this 5268 // is often unreliable. When synthesizing an error, callbacks should use 5269 // |X509_STORE_CTX_set_error| to set a corresponding error. 5270 // 5271 // WARNING: Do not use this function. It is extremely fragile and unpredictable. 5272 // This callback exposes implementation details of certificate verification, 5273 // which change as the library evolves. Attempting to use it for security checks 5274 // can introduce vulnerabilities if making incorrect assumptions about when the 5275 // callback is called. Some errors, when suppressed, may implicitly suppress 5276 // other errors due to internal implementation details. Additionally, overriding 5277 // |ok| may leave |ctx| in an inconsistent state and break invariants. 5278 // 5279 // Instead, customize certificate verification by configuring options on the 5280 // |X509_STORE_CTX| before verification, or applying additional checks after 5281 // |X509_verify_cert| completes successfully. 5282 OPENSSL_EXPORT void X509_STORE_CTX_set_verify_cb( 5283 X509_STORE_CTX *ctx, int (*verify_cb)(int ok, X509_STORE_CTX *ctx)); 5284 5285 // X509_STORE_set_verify_cb acts like |X509_STORE_CTX_set_verify_cb| but sets 5286 // the verify callback for any |X509_STORE_CTX| created from this |X509_STORE| 5287 // 5288 // Do not use this function. See |X509_STORE_CTX_set_verify_cb| for details. 5289 OPENSSL_EXPORT void X509_STORE_set_verify_cb( 5290 X509_STORE *store, X509_STORE_CTX_verify_cb verify_cb); 5291 5292 // X509_STORE_set_verify_cb_func is a deprecated alias for 5293 // |X509_STORE_set_verify_cb|. 5294 #define X509_STORE_set_verify_cb_func(store, func) \ 5295 X509_STORE_set_verify_cb((store), (func)) 5296 5297 // X509_STORE_CTX_set_chain configures |ctx| to use |sk| for untrusted 5298 // intermediate certificates to use in verification. This function is redundant 5299 // with the |chain| parameter of |X509_STORE_CTX_init|. Use the parameter 5300 // instead. 5301 // 5302 // WARNING: Despite the similar name, this function is unrelated to 5303 // |X509_STORE_CTX_get0_chain|. 5304 // 5305 // WARNING: This function saves a pointer to |sk| without copying or 5306 // incrementing reference counts. |sk| must outlive |ctx| and may not be mutated 5307 // for the duration of the certificate verification. 5308 OPENSSL_EXPORT void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, 5309 STACK_OF(X509) *sk); 5310 5311 // The following flags do nothing. The corresponding non-standard options have 5312 // been removed. 5313 #define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT 0 5314 #define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0 5315 #define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0 5316 5317 // X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS does nothing, but is necessary in 5318 // OpenSSL to enable standard wildcard matching. In BoringSSL, this behavior is 5319 // always enabled. 5320 #define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0 5321 5322 // X509_STORE_get0_objects returns a non-owning pointer of |store|'s internal 5323 // object list. Although this function is not const, callers must not modify 5324 // the result of this function. 5325 // 5326 // WARNING: This function is not thread-safe. If |store| is shared across 5327 // multiple threads, callers cannot safely inspect the result of this function, 5328 // because another thread may have concurrently added to it. In particular, 5329 // |X509_LOOKUP_add_dir| treats this list as a cache and may add to it in the 5330 // course of certificate verification. This API additionally prevents fixing 5331 // some quadratic worst-case behavior in |X509_STORE| and may be removed in the 5332 // future. Use |X509_STORE_get1_objects| instead. 5333 OPENSSL_EXPORT STACK_OF(X509_OBJECT) *X509_STORE_get0_objects( 5334 X509_STORE *store); 5335 5336 // X509_PURPOSE_get_by_sname returns the |X509_PURPOSE_*| constant corresponding 5337 // a short name |sname|, or -1 if |sname| was not recognized. 5338 // 5339 // Use |X509_PURPOSE_*| constants directly instead. The short names used by this 5340 // function look like "sslserver" or "smimeencrypt", so they do not make 5341 // especially good APIs. 5342 // 5343 // This function differs from OpenSSL, which returns an "index" to be passed to 5344 // |X509_PURPOSE_get0|, followed by |X509_PURPOSE_get_id|, to finally obtain an 5345 // |X509_PURPOSE_*| value suitable for use with |X509_VERIFY_PARAM_set_purpose|. 5346 OPENSSL_EXPORT int X509_PURPOSE_get_by_sname(const char *sname); 5347 5348 // X509_PURPOSE_get0 returns the |X509_PURPOSE| object corresponding to |id|, 5349 // which should be one of the |X509_PURPOSE_*| constants, or NULL if none 5350 // exists. 5351 // 5352 // This function differs from OpenSSL, which takes an "index", returned from 5353 // |X509_PURPOSE_get_by_sname|. In BoringSSL, indices and |X509_PURPOSE_*| IDs 5354 // are the same. 5355 OPENSSL_EXPORT const X509_PURPOSE *X509_PURPOSE_get0(int id); 5356 5357 // X509_PURPOSE_get_id returns |purpose|'s ID. This will be one of the 5358 // |X509_PURPOSE_*| constants. 5359 OPENSSL_EXPORT int X509_PURPOSE_get_id(const X509_PURPOSE *purpose); 5360 5361 // The following constants are values for the legacy Netscape certificate type 5362 // X.509 extension, a precursor to extended key usage. These values correspond 5363 // to the DER encoding of the first byte of the BIT STRING. That is, 0x80 is 5364 // bit zero and 0x01 is bit seven. 5365 // 5366 // TODO(davidben): These constants are only used by OpenVPN, which deprecated 5367 // the feature in 2017. The documentation says it was removed, but they did not 5368 // actually remove it. See if OpenVPN will accept a patch to finish this. 5369 #define NS_SSL_CLIENT 0x80 5370 #define NS_SSL_SERVER 0x40 5371 #define NS_SMIME 0x20 5372 #define NS_OBJSIGN 0x10 5373 #define NS_SSL_CA 0x04 5374 #define NS_SMIME_CA 0x02 5375 #define NS_OBJSIGN_CA 0x01 5376 #define NS_ANY_CA (NS_SSL_CA | NS_SMIME_CA | NS_OBJSIGN_CA) 5377 5378 5379 // Private structures. 5380 5381 struct X509_algor_st { 5382 ASN1_OBJECT *algorithm; 5383 ASN1_TYPE *parameter; 5384 } /* X509_ALGOR */; 5385 5386 5387 #if defined(__cplusplus) 5388 } // extern C 5389 #endif 5390 5391 #if !defined(BORINGSSL_NO_CXX) 5392 extern "C++" { 5393 5394 BSSL_NAMESPACE_BEGIN 5395 5396 BORINGSSL_MAKE_DELETER(ACCESS_DESCRIPTION, ACCESS_DESCRIPTION_free) 5397 BORINGSSL_MAKE_DELETER(AUTHORITY_KEYID, AUTHORITY_KEYID_free) 5398 BORINGSSL_MAKE_DELETER(BASIC_CONSTRAINTS, BASIC_CONSTRAINTS_free) 5399 // TODO(davidben): Move this to conf.h and rename to CONF_VALUE_free. 5400 BORINGSSL_MAKE_DELETER(CONF_VALUE, X509V3_conf_free) 5401 BORINGSSL_MAKE_DELETER(DIST_POINT, DIST_POINT_free) 5402 BORINGSSL_MAKE_DELETER(GENERAL_NAME, GENERAL_NAME_free) 5403 BORINGSSL_MAKE_DELETER(GENERAL_SUBTREE, GENERAL_SUBTREE_free) 5404 BORINGSSL_MAKE_DELETER(NAME_CONSTRAINTS, NAME_CONSTRAINTS_free) 5405 BORINGSSL_MAKE_DELETER(NETSCAPE_SPKI, NETSCAPE_SPKI_free) 5406 BORINGSSL_MAKE_DELETER(POLICY_MAPPING, POLICY_MAPPING_free) 5407 BORINGSSL_MAKE_DELETER(POLICYINFO, POLICYINFO_free) 5408 BORINGSSL_MAKE_DELETER(RSA_PSS_PARAMS, RSA_PSS_PARAMS_free) 5409 BORINGSSL_MAKE_DELETER(X509, X509_free) 5410 BORINGSSL_MAKE_UP_REF(X509, X509_up_ref) 5411 BORINGSSL_MAKE_DELETER(X509_ALGOR, X509_ALGOR_free) 5412 BORINGSSL_MAKE_DELETER(X509_ATTRIBUTE, X509_ATTRIBUTE_free) 5413 BORINGSSL_MAKE_DELETER(X509_CRL, X509_CRL_free) 5414 BORINGSSL_MAKE_UP_REF(X509_CRL, X509_CRL_up_ref) 5415 BORINGSSL_MAKE_DELETER(X509_EXTENSION, X509_EXTENSION_free) 5416 BORINGSSL_MAKE_DELETER(X509_INFO, X509_INFO_free) 5417 BORINGSSL_MAKE_DELETER(X509_LOOKUP, X509_LOOKUP_free) 5418 BORINGSSL_MAKE_DELETER(X509_NAME, X509_NAME_free) 5419 BORINGSSL_MAKE_DELETER(X509_NAME_ENTRY, X509_NAME_ENTRY_free) 5420 BORINGSSL_MAKE_DELETER(X509_OBJECT, X509_OBJECT_free) 5421 BORINGSSL_MAKE_DELETER(X509_PUBKEY, X509_PUBKEY_free) 5422 BORINGSSL_MAKE_DELETER(X509_REQ, X509_REQ_free) 5423 BORINGSSL_MAKE_DELETER(X509_REVOKED, X509_REVOKED_free) 5424 BORINGSSL_MAKE_DELETER(X509_SIG, X509_SIG_free) 5425 BORINGSSL_MAKE_DELETER(X509_STORE, X509_STORE_free) 5426 BORINGSSL_MAKE_UP_REF(X509_STORE, X509_STORE_up_ref) 5427 BORINGSSL_MAKE_DELETER(X509_STORE_CTX, X509_STORE_CTX_free) 5428 BORINGSSL_MAKE_DELETER(X509_VERIFY_PARAM, X509_VERIFY_PARAM_free) 5429 5430 BSSL_NAMESPACE_END 5431 5432 } // extern C++ 5433 #endif // !BORINGSSL_NO_CXX 5434 5435 #define X509_R_AKID_MISMATCH 100 5436 #define X509_R_BAD_PKCS7_VERSION 101 5437 #define X509_R_BAD_X509_FILETYPE 102 5438 #define X509_R_BASE64_DECODE_ERROR 103 5439 #define X509_R_CANT_CHECK_DH_KEY 104 5440 #define X509_R_CERT_ALREADY_IN_HASH_TABLE 105 5441 #define X509_R_CRL_ALREADY_DELTA 106 5442 #define X509_R_CRL_VERIFY_FAILURE 107 5443 #define X509_R_IDP_MISMATCH 108 5444 #define X509_R_INVALID_BIT_STRING_BITS_LEFT 109 5445 #define X509_R_INVALID_DIRECTORY 110 5446 #define X509_R_INVALID_FIELD_NAME 111 5447 #define X509_R_INVALID_PSS_PARAMETERS 112 5448 #define X509_R_INVALID_TRUST 113 5449 #define X509_R_ISSUER_MISMATCH 114 5450 #define X509_R_KEY_TYPE_MISMATCH 115 5451 #define X509_R_KEY_VALUES_MISMATCH 116 5452 #define X509_R_LOADING_CERT_DIR 117 5453 #define X509_R_LOADING_DEFAULTS 118 5454 #define X509_R_NEWER_CRL_NOT_NEWER 119 5455 #define X509_R_NOT_PKCS7_SIGNED_DATA 120 5456 #define X509_R_NO_CERTIFICATES_INCLUDED 121 5457 #define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 122 5458 #define X509_R_NO_CRLS_INCLUDED 123 5459 #define X509_R_NO_CRL_NUMBER 124 5460 #define X509_R_PUBLIC_KEY_DECODE_ERROR 125 5461 #define X509_R_PUBLIC_KEY_ENCODE_ERROR 126 5462 #define X509_R_SHOULD_RETRY 127 5463 #define X509_R_UNKNOWN_KEY_TYPE 128 5464 #define X509_R_UNKNOWN_NID 129 5465 #define X509_R_UNKNOWN_PURPOSE_ID 130 5466 #define X509_R_UNKNOWN_TRUST_ID 131 5467 #define X509_R_UNSUPPORTED_ALGORITHM 132 5468 #define X509_R_WRONG_LOOKUP_TYPE 133 5469 #define X509_R_WRONG_TYPE 134 5470 #define X509_R_NAME_TOO_LONG 135 5471 #define X509_R_INVALID_PARAMETER 136 5472 #define X509_R_SIGNATURE_ALGORITHM_MISMATCH 137 5473 #define X509_R_DELTA_CRL_WITHOUT_CRL_NUMBER 138 5474 #define X509_R_INVALID_FIELD_FOR_VERSION 139 5475 #define X509_R_INVALID_VERSION 140 5476 #define X509_R_NO_CERTIFICATE_FOUND 141 5477 #define X509_R_NO_CERTIFICATE_OR_CRL_FOUND 142 5478 #define X509_R_NO_CRL_FOUND 143 5479 #define X509_R_INVALID_POLICY_EXTENSION 144 5480 5481 #endif // OPENSSL_HEADER_X509_H 5482