1 /* Copyright (c) 2023, Google Inc. 2 * 3 * Permission to use, copy, modify, and/or distribute this software for any 4 * purpose with or without fee is hereby granted, provided that the above 5 * copyright notice and this permission notice appear in all copies. 6 * 7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ 14 15 #ifndef OPENSSL_HEADER_X509V3_H 16 #define OPENSSL_HEADER_X509V3_H 17 18 // This header primarily exists in order to make compiling against code that 19 // expects OpenSSL easier. We have merged this header into <openssl/x509.h>. 20 // However, due to conflicts, some deprecated symbols are defined here. 21 #include <openssl/x509.h> 22 23 24 // CRL reason constants. 25 26 // TODO(davidben): These constants live here because strongswan defines 27 // conflicting symbols and has been relying on them only being defined in 28 // <openssl/x509v3.h>. Defining the constants in <openssl/x509.h> would break 29 // strongswan, but we would also like for new code to only need 30 // <openssl/x509.h>. Introduce properly namespaced versions of these constants 31 // and, separately, see if we can fix strongswan to similarly avoid the 32 // conflict. Between OpenSSL, strongswan, and wincrypt.h all defining these 33 // constants, it seems best for everyone to just avoid them going forward. 34 #define CRL_REASON_NONE (-1) 35 #define CRL_REASON_UNSPECIFIED 0 36 #define CRL_REASON_KEY_COMPROMISE 1 37 #define CRL_REASON_CA_COMPROMISE 2 38 #define CRL_REASON_AFFILIATION_CHANGED 3 39 #define CRL_REASON_SUPERSEDED 4 40 #define CRL_REASON_CESSATION_OF_OPERATION 5 41 #define CRL_REASON_CERTIFICATE_HOLD 6 42 #define CRL_REASON_REMOVE_FROM_CRL 8 43 #define CRL_REASON_PRIVILEGE_WITHDRAWN 9 44 #define CRL_REASON_AA_COMPROMISE 10 45 46 47 // Deprecated constants. 48 49 // The following constants are legacy aliases for |X509v3_KU_*|. They are 50 // defined here instead of in <openssl/x509.h> because NSS's public headers use 51 // the same symbols. Some callers have inadvertently relied on the conflicts 52 // only being defined in this header. 53 #define KU_DIGITAL_SIGNATURE X509v3_KU_DIGITAL_SIGNATURE 54 #define KU_NON_REPUDIATION X509v3_KU_NON_REPUDIATION 55 #define KU_KEY_ENCIPHERMENT X509v3_KU_KEY_ENCIPHERMENT 56 #define KU_DATA_ENCIPHERMENT X509v3_KU_DATA_ENCIPHERMENT 57 #define KU_KEY_AGREEMENT X509v3_KU_KEY_AGREEMENT 58 #define KU_KEY_CERT_SIGN X509v3_KU_KEY_CERT_SIGN 59 #define KU_CRL_SIGN X509v3_KU_CRL_SIGN 60 #define KU_ENCIPHER_ONLY X509v3_KU_ENCIPHER_ONLY 61 #define KU_DECIPHER_ONLY X509v3_KU_DECIPHER_ONLY 62 63 #endif // OPENSSL_HEADER_X509V3_H 64