Loading openssl-sys/src/ossl_typ.rs +0 −2 Original line number Diff line number Diff line Loading @@ -341,8 +341,6 @@ cfg_if! { } } } pub enum X509_CRL {} stack!(stack_st_X509_CRL); pub enum X509_NAME {} Loading openssl-sys/src/pem.rs +7 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,13 @@ extern "C" { user_data: *mut c_void, ) -> *mut X509; pub fn PEM_write_bio_X509(bio: *mut BIO, x509: *mut X509) -> c_int; pub fn PEM_read_bio_X509_CRL( bio: *mut BIO, out: *mut *mut X509_CRL, callback: pem_password_cb, user_data: *mut c_void, ) -> *mut X509_CRL; pub fn PEM_write_bio_X509_CRL(bio: *mut BIO, x509: *mut X509_CRL) -> c_int; pub fn PEM_read_bio_X509_REQ( bio: *mut BIO, out: *mut *mut X509_REQ, Loading openssl-sys/src/x509.rs +252 −0 Original line number Diff line number Diff line Loading @@ -37,6 +37,69 @@ cfg_if! { } } cfg_if! { if #[cfg(ossl110)] { pub enum X509_CRL {} } else { #[repr(C)] pub struct X509_CRL { pub crl: *mut X509_CRL_INFO, sig_alg: *mut X509_ALGOR, signature: *mut c_void, references: c_int, flags: c_int, akid: *mut c_void, idp: *mut c_void, idp_flags: c_int, idp_reasons: c_int, crl_number: *mut ASN1_INTEGER, base_crl_number: *mut ASN1_INTEGER, sha1_hash: [c_uchar; 20], issuers: *mut c_void, meth: *const c_void, meth_data: *mut c_void, } } } stack!(stack_st_X509_CRL); cfg_if! { if #[cfg(ossl110)] { pub enum X509_CRL_INFO {} } else { #[repr(C)] pub struct X509_CRL_INFO { version: *mut ASN1_INTEGER, sig_alg: *mut X509_ALGOR, pub issuer: *mut X509_NAME, pub lastUpdate: *mut ASN1_TIME, pub nextUpdate: *mut ASN1_TIME, pub revoked: *mut stack_st_X509_REVOKED, extensions: *mut stack_st_X509_EXTENSION, enc: ASN1_ENCODING, } } } cfg_if! { if #[cfg(ossl110)] { pub enum X509_REVOKED {} } else { #[repr(C)] pub struct X509_REVOKED { pub serialNumber: *mut ASN1_INTEGER, pub revocationDate: *mut ASN1_TIME, extensions: *mut stack_st_X509_EXTENSION, issuer: *mut stack_st_GENERAL_NAME, reason: c_int, sequence: c_int, } } } stack!(stack_st_X509_REVOKED); cfg_if! { if #[cfg(ossl110)] { pub enum X509_REQ {} Loading Loading @@ -177,6 +240,23 @@ extern "C" { pub fn X509_ALGOR_free(x: *mut X509_ALGOR); pub fn X509_REVOKED_new() -> *mut X509_REVOKED; pub fn X509_REVOKED_free(x: *mut X509_REVOKED); pub fn d2i_X509_REVOKED( a: *mut *mut X509_REVOKED, pp: *mut *const c_uchar, length: c_long, ) -> *mut X509_REVOKED; pub fn i2d_X509_REVOKED(x: *mut X509_REVOKED, buf: *mut *mut u8) -> c_int; pub fn X509_CRL_new() -> *mut X509_CRL; pub fn X509_CRL_free(x: *mut X509_CRL); pub fn d2i_X509_CRL( a: *mut *mut X509_CRL, pp: *mut *const c_uchar, length: c_long, ) -> *mut X509_CRL; pub fn i2d_X509_CRL(x: *mut X509_CRL, buf: *mut *mut u8) -> c_int; pub fn X509_REQ_new() -> *mut X509_REQ; pub fn X509_REQ_free(x: *mut X509_REQ); pub fn d2i_X509_REQ( Loading Loading @@ -290,8 +370,65 @@ extern "C" { #[cfg(any(ossl110, libressl273))] pub fn X509_up_ref(x: *mut X509) -> c_int; #[cfg(any(ossl110, libressl270))] pub fn X509_REVOKED_get0_serialNumber(req: *const X509_REVOKED) -> *const ASN1_INTEGER; #[cfg(any(ossl110, libressl270))] pub fn X509_REVOKED_get0_revocationDate(req: *const X509_REVOKED) -> *const ASN1_TIME; #[cfg(any(ossl110, libressl270))] pub fn X509_REVOKED_get0_extensions(r: *const X509_REVOKED) -> *const stack_st_X509_EXTENSION; pub fn X509_CRL_sign(x: *mut X509_CRL, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; pub fn X509_CRL_digest( x: *const X509_CRL, digest: *const EVP_MD, md: *mut c_uchar, len: *mut c_uint, ) -> c_int; pub fn X509_CRL_verify(crl: *mut X509_CRL, pkey: *mut EVP_PKEY) -> c_int; pub fn X509_CRL_get0_by_cert( x: *mut X509_CRL, ret: *mut *mut X509_REVOKED, cert: *mut X509, ) -> c_int; pub fn X509_CRL_get0_by_serial( x: *mut X509_CRL, ret: *mut *mut X509_REVOKED, serial: *mut ASN1_INTEGER, ) -> c_int; #[cfg(ossl110)] pub fn X509_CRL_get_REVOKED(crl: *mut X509_CRL) -> *mut stack_st_X509_REVOKED; #[cfg(ossl110)] pub fn X509_CRL_get0_nextUpdate(x: *const X509_CRL) -> *const ASN1_TIME; #[cfg(ossl110)] pub fn X509_CRL_get0_lastUpdate(x: *const X509_CRL) -> *const ASN1_TIME; #[cfg(ossl110)] pub fn X509_CRL_get_issuer(x: *const X509_CRL) -> *mut X509_NAME; #[cfg(ossl110)] pub fn X509_get0_extensions(req: *const ::X509) -> *const stack_st_X509_EXTENSION; pub fn X509_CRL_set_version(crl: *mut X509_CRL, version: c_long) -> c_int; pub fn X509_CRL_set_issuer_name(crl: *mut X509_CRL, name: *mut X509_NAME) -> c_int; pub fn X509_CRL_sort(crl: *mut X509_CRL) -> c_int; #[cfg(any(ossl110, libressl270))] pub fn X509_CRL_up_ref(crl: *mut X509_CRL) -> c_int; pub fn X509_CRL_add0_revoked(crl: *mut X509_CRL, rev: *mut X509_REVOKED) -> c_int; } cfg_if! { if #[cfg(any(ossl110, libressl270))] { extern "C" { pub fn X509_CRL_set1_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; pub fn X509_CRL_set1_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; } } else { // libressl270 kept them, ossl110 "#define"s them to the variants above extern "C" { pub fn X509_CRL_set_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; pub fn X509_CRL_set_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; } } } cfg_if! { Loading Loading @@ -360,27 +497,142 @@ extern "C" { loc: c_int, set: c_int, ) -> c_int; } // "raw" X509_EXTENSION related functions extern "C" { // in X509 pub fn X509_delete_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; pub fn X509_add1_ext_i2d( x: *mut X509, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong, ) -> c_int; // in X509_CRL pub fn X509_CRL_delete_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_CRL_add_ext(x: *mut X509_CRL, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; pub fn X509_CRL_add1_ext_i2d( x: *mut X509_CRL, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong, ) -> c_int; // in X509_REVOKED pub fn X509_REVOKED_delete_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_REVOKED_add_ext( x: *mut X509_REVOKED, ext: *mut X509_EXTENSION, loc: c_int, ) -> c_int; pub fn X509_REVOKED_add1_ext_i2d( x: *mut X509_REVOKED, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong, ) -> c_int; // X509_EXTENSION itself pub fn X509_EXTENSION_create_by_NID( ex: *mut *mut X509_EXTENSION, nid: c_int, crit: c_int, data: *mut ASN1_OCTET_STRING, ) -> *mut X509_EXTENSION; pub fn X509_EXTENSION_set_critical(ex: *mut X509_EXTENSION, crit: c_int) -> c_int; pub fn X509_EXTENSION_set_data(ex: *mut X509_EXTENSION, data: *mut ASN1_OCTET_STRING) -> c_int; pub fn X509_EXTENSION_get_object(ext: *mut X509_EXTENSION) -> *mut ASN1_OBJECT; pub fn X509_EXTENSION_get_data(ext: *mut X509_EXTENSION) -> *mut ASN1_STRING; } cfg_if! { if #[cfg(any(ossl110, libressl280))] { extern "C" { // in X509 pub fn X509_get_ext_count(x: *const X509) -> c_int; pub fn X509_get_ext_by_NID(x: *const X509, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_get_ext_by_OBJ(x: *const X509, obj: *const ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_get_ext_by_critical(x: *const X509, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_get_ext(x: *const X509, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_get_ext_d2i( x: *const ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // in X509_CRL pub fn X509_CRL_get_ext_count(x: *const X509_CRL) -> c_int; pub fn X509_CRL_get_ext_by_NID(x: *const X509_CRL, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext_by_OBJ(x: *const X509_CRL, obj: *const ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext_by_critical(x: *const X509_CRL, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext(x: *const X509_CRL, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_CRL_get_ext_d2i( x: *const ::X509_CRL, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // in X509_REVOKED pub fn X509_REVOKED_get_ext_count(x: *const X509_REVOKED) -> c_int; pub fn X509_REVOKED_get_ext_by_NID(x: *const X509_REVOKED, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext_by_OBJ(x: *const X509_REVOKED, obj: *const ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext_by_critical(x: *const X509_REVOKED, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext(x: *const X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_REVOKED_get_ext_d2i( x: *const ::X509_REVOKED, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // X509_EXTENSION itself pub fn X509_EXTENSION_create_by_OBJ(ex: *mut *mut X509_EXTENSION, obj: *const ASN1_OBJECT, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION; pub fn X509_EXTENSION_set_object(ex: *mut X509_EXTENSION, obj: *const ASN1_OBJECT) -> c_int; pub fn X509_EXTENSION_get_critical(ex: *const X509_EXTENSION) -> c_int; } } else { extern "C" { // in X509 pub fn X509_get_ext_count(x: *mut X509) -> c_int; pub fn X509_get_ext_by_NID(x: *mut X509, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_get_ext_by_OBJ(x: *mut X509, obj: *mut ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_get_ext_by_critical(x: *mut X509, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_get_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_get_ext_d2i( x: *mut ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // in X509_CRL pub fn X509_CRL_get_ext_count(x: *mut X509_CRL) -> c_int; pub fn X509_CRL_get_ext_by_NID(x: *mut X509_CRL, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext_by_OBJ(x: *mut X509_CRL, obj: *mut ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext_by_critical(x: *mut X509_CRL, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_CRL_get_ext_d2i( x: *mut ::X509_CRL, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // in X509_REVOKED pub fn X509_REVOKED_get_ext_count(x: *mut X509_REVOKED) -> c_int; pub fn X509_REVOKED_get_ext_by_NID(x: *mut X509_REVOKED, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext_by_OBJ(x: *mut X509_REVOKED, obj: *mut ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext_by_critical(x: *mut X509_REVOKED, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_REVOKED_get_ext_d2i( x: *mut ::X509_REVOKED, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // X509_EXTENSION itself pub fn X509_EXTENSION_create_by_OBJ(ex: *mut *mut X509_EXTENSION, obj: *mut ASN1_OBJECT, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION; pub fn X509_EXTENSION_set_object(ex: *mut X509_EXTENSION, obj: *mut ASN1_OBJECT) -> c_int; pub fn X509_EXTENSION_get_critical(ex: *mut X509_EXTENSION) -> c_int; } } } Loading openssl-sys/src/x509v3.rs +122 −0 Original line number Diff line number Diff line Loading @@ -27,6 +27,17 @@ extern "C" { pub fn GENERAL_NAME_free(name: *mut GENERAL_NAME); } #[repr(C)] pub struct AUTHORITY_KEYID { pub keyid: *mut ASN1_STRING, pub issuer: *mut stack_st_GENERAL_NAME, pub serial: *mut ASN1_INTEGER, } extern "C" { pub fn AUTHORITY_KEYID_free(akid: *mut AUTHORITY_KEYID); } #[cfg(any(ossl102, libressl261))] pub const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT: c_uint = 0x1; #[cfg(any(ossl102, libressl261))] Loading Loading @@ -91,3 +102,114 @@ extern "C" { pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; } cfg_if! { if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn X509V3_get_d2i( x: *const stack_st_X509_EXTENSION, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; pub fn X509V3_extensions_print(out: *mut BIO, title: *const c_char, exts: *const stack_st_X509_EXTENSION, flag: c_ulong, indent: c_int) -> c_int; } } else { extern "C" { pub fn X509V3_get_d2i( x: *mut stack_st_X509_EXTENSION, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; pub fn X509V3_extensions_print(out: *mut BIO, title: *mut c_char, exts: *mut stack_st_X509_EXTENSION, flag: c_ulong, indent: c_int) -> c_int; } } } // X509V3_add1_i2d (and *_add1_ext_i2d) pub const X509V3_ADD_DEFAULT: c_ulong = 0; pub const X509V3_ADD_APPEND: c_ulong = 1; pub const X509V3_ADD_REPLACE: c_ulong = 2; pub const X509V3_ADD_REPLACE_EXISTING: c_ulong = 3; pub const X509V3_ADD_KEEP_EXISTING: c_ulong = 4; pub const X509V3_ADD_DELETE: c_ulong = 5; pub const X509V3_ADD_SILENT: c_ulong = 0x10; // X509_get_extension_flags pub const EXFLAG_BCONS: u32 = 0x1; pub const EXFLAG_KUSAGE: u32 = 0x2; pub const EXFLAG_XKUSAGE: u32 = 0x4; pub const EXFLAG_NSCERT: u32 = 0x8; pub const EXFLAG_CA: u32 = 0x10; pub const EXFLAG_SI: u32 = 0x20; pub const EXFLAG_V1: u32 = 0x40; pub const EXFLAG_INVALID: u32 = 0x80; pub const EXFLAG_SET: u32 = 0x100; pub const EXFLAG_CRITICAL: u32 = 0x200; pub const EXFLAG_PROXY: u32 = 0x400; pub const EXFLAG_INVALID_POLICY: u32 = 0x800; pub const EXFLAG_FRESHEST: u32 = 0x1000; // before ossl102 / libressl260 EXFLAG_SS was 0x20 (the same as EXFLAG_SI); probably not useful semantic #[cfg(any(ossl102, libressl261))] pub const EXFLAG_SS: u32 = 0x2000; /* cfg_if! { // probably gonna be in openssl-3.0.0-alpha7 if #[cfg(any(ossl300))] { pub const EXFLAG_BCONS_CRITICAL: u32 = 0x10000; pub const EXFLAG_AKID_CRITICAL: u32 = 0x20000; pub const EXFLAG_SKID_CRITICAL: u32 = 0x40000; pub const EXFLAG_SAN_CRITICAL: u32 = 0x80000; } } */ // X509_get_key_usage pub const X509v3_KU_DIGITAL_SIGNATURE: u32 = 0x0080; pub const X509v3_KU_NON_REPUDIATION: u32 = 0x0040; pub const X509v3_KU_KEY_ENCIPHERMENT: u32 = 0x0020; pub const X509v3_KU_DATA_ENCIPHERMENT: u32 = 0x0010; pub const X509v3_KU_KEY_AGREEMENT: u32 = 0x0008; pub const X509v3_KU_KEY_CERT_SIGN: u32 = 0x0004; pub const X509v3_KU_CRL_SIGN: u32 = 0x0002; pub const X509v3_KU_ENCIPHER_ONLY: u32 = 0x0001; pub const X509v3_KU_DECIPHER_ONLY: u32 = 0x8000; pub const X509v3_KU_UNDEF: u32 = 0xffff; // X509_get_extended_key_usage pub const XKU_SSL_SERVER: u32 = 0x1; pub const XKU_SSL_CLIENT: u32 = 0x2; pub const XKU_SMIME: u32 = 0x4; pub const XKU_CODE_SIGN: u32 = 0x8; pub const XKU_SGC: u32 = 0x10; pub const XKU_OCSP_SIGN: u32 = 0x20; pub const XKU_TIMESTAMP: u32 = 0x40; pub const XKU_DVCS: u32 = 0x80; #[cfg(ossl110)] pub const XKU_ANYEKU: u32 = 0x100; extern "C" { pub fn X509V3_EXT_d2i(ext: *mut X509_EXTENSION) -> *mut c_void; pub fn X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: *mut c_void) -> *mut X509_EXTENSION; pub fn X509V3_add1_i2d( x: *mut *mut stack_st_X509_EXTENSION, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong, ) -> c_int; pub fn X509V3_EXT_print( out: *mut BIO, ext: *mut X509_EXTENSION, flag: c_ulong, indent: c_int, ) -> c_int; #[cfg(ossl110)] pub fn X509_get_extension_flags(x: *mut X509) -> u32; #[cfg(ossl110)] pub fn X509_get_key_usage(x: *mut X509) -> u32; #[cfg(ossl110)] pub fn X509_get_extended_key_usage(x: *mut X509) -> u32; } Loading
openssl-sys/src/ossl_typ.rs +0 −2 Original line number Diff line number Diff line Loading @@ -341,8 +341,6 @@ cfg_if! { } } } pub enum X509_CRL {} stack!(stack_st_X509_CRL); pub enum X509_NAME {} Loading
openssl-sys/src/pem.rs +7 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,13 @@ extern "C" { user_data: *mut c_void, ) -> *mut X509; pub fn PEM_write_bio_X509(bio: *mut BIO, x509: *mut X509) -> c_int; pub fn PEM_read_bio_X509_CRL( bio: *mut BIO, out: *mut *mut X509_CRL, callback: pem_password_cb, user_data: *mut c_void, ) -> *mut X509_CRL; pub fn PEM_write_bio_X509_CRL(bio: *mut BIO, x509: *mut X509_CRL) -> c_int; pub fn PEM_read_bio_X509_REQ( bio: *mut BIO, out: *mut *mut X509_REQ, Loading
openssl-sys/src/x509.rs +252 −0 Original line number Diff line number Diff line Loading @@ -37,6 +37,69 @@ cfg_if! { } } cfg_if! { if #[cfg(ossl110)] { pub enum X509_CRL {} } else { #[repr(C)] pub struct X509_CRL { pub crl: *mut X509_CRL_INFO, sig_alg: *mut X509_ALGOR, signature: *mut c_void, references: c_int, flags: c_int, akid: *mut c_void, idp: *mut c_void, idp_flags: c_int, idp_reasons: c_int, crl_number: *mut ASN1_INTEGER, base_crl_number: *mut ASN1_INTEGER, sha1_hash: [c_uchar; 20], issuers: *mut c_void, meth: *const c_void, meth_data: *mut c_void, } } } stack!(stack_st_X509_CRL); cfg_if! { if #[cfg(ossl110)] { pub enum X509_CRL_INFO {} } else { #[repr(C)] pub struct X509_CRL_INFO { version: *mut ASN1_INTEGER, sig_alg: *mut X509_ALGOR, pub issuer: *mut X509_NAME, pub lastUpdate: *mut ASN1_TIME, pub nextUpdate: *mut ASN1_TIME, pub revoked: *mut stack_st_X509_REVOKED, extensions: *mut stack_st_X509_EXTENSION, enc: ASN1_ENCODING, } } } cfg_if! { if #[cfg(ossl110)] { pub enum X509_REVOKED {} } else { #[repr(C)] pub struct X509_REVOKED { pub serialNumber: *mut ASN1_INTEGER, pub revocationDate: *mut ASN1_TIME, extensions: *mut stack_st_X509_EXTENSION, issuer: *mut stack_st_GENERAL_NAME, reason: c_int, sequence: c_int, } } } stack!(stack_st_X509_REVOKED); cfg_if! { if #[cfg(ossl110)] { pub enum X509_REQ {} Loading Loading @@ -177,6 +240,23 @@ extern "C" { pub fn X509_ALGOR_free(x: *mut X509_ALGOR); pub fn X509_REVOKED_new() -> *mut X509_REVOKED; pub fn X509_REVOKED_free(x: *mut X509_REVOKED); pub fn d2i_X509_REVOKED( a: *mut *mut X509_REVOKED, pp: *mut *const c_uchar, length: c_long, ) -> *mut X509_REVOKED; pub fn i2d_X509_REVOKED(x: *mut X509_REVOKED, buf: *mut *mut u8) -> c_int; pub fn X509_CRL_new() -> *mut X509_CRL; pub fn X509_CRL_free(x: *mut X509_CRL); pub fn d2i_X509_CRL( a: *mut *mut X509_CRL, pp: *mut *const c_uchar, length: c_long, ) -> *mut X509_CRL; pub fn i2d_X509_CRL(x: *mut X509_CRL, buf: *mut *mut u8) -> c_int; pub fn X509_REQ_new() -> *mut X509_REQ; pub fn X509_REQ_free(x: *mut X509_REQ); pub fn d2i_X509_REQ( Loading Loading @@ -290,8 +370,65 @@ extern "C" { #[cfg(any(ossl110, libressl273))] pub fn X509_up_ref(x: *mut X509) -> c_int; #[cfg(any(ossl110, libressl270))] pub fn X509_REVOKED_get0_serialNumber(req: *const X509_REVOKED) -> *const ASN1_INTEGER; #[cfg(any(ossl110, libressl270))] pub fn X509_REVOKED_get0_revocationDate(req: *const X509_REVOKED) -> *const ASN1_TIME; #[cfg(any(ossl110, libressl270))] pub fn X509_REVOKED_get0_extensions(r: *const X509_REVOKED) -> *const stack_st_X509_EXTENSION; pub fn X509_CRL_sign(x: *mut X509_CRL, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; pub fn X509_CRL_digest( x: *const X509_CRL, digest: *const EVP_MD, md: *mut c_uchar, len: *mut c_uint, ) -> c_int; pub fn X509_CRL_verify(crl: *mut X509_CRL, pkey: *mut EVP_PKEY) -> c_int; pub fn X509_CRL_get0_by_cert( x: *mut X509_CRL, ret: *mut *mut X509_REVOKED, cert: *mut X509, ) -> c_int; pub fn X509_CRL_get0_by_serial( x: *mut X509_CRL, ret: *mut *mut X509_REVOKED, serial: *mut ASN1_INTEGER, ) -> c_int; #[cfg(ossl110)] pub fn X509_CRL_get_REVOKED(crl: *mut X509_CRL) -> *mut stack_st_X509_REVOKED; #[cfg(ossl110)] pub fn X509_CRL_get0_nextUpdate(x: *const X509_CRL) -> *const ASN1_TIME; #[cfg(ossl110)] pub fn X509_CRL_get0_lastUpdate(x: *const X509_CRL) -> *const ASN1_TIME; #[cfg(ossl110)] pub fn X509_CRL_get_issuer(x: *const X509_CRL) -> *mut X509_NAME; #[cfg(ossl110)] pub fn X509_get0_extensions(req: *const ::X509) -> *const stack_st_X509_EXTENSION; pub fn X509_CRL_set_version(crl: *mut X509_CRL, version: c_long) -> c_int; pub fn X509_CRL_set_issuer_name(crl: *mut X509_CRL, name: *mut X509_NAME) -> c_int; pub fn X509_CRL_sort(crl: *mut X509_CRL) -> c_int; #[cfg(any(ossl110, libressl270))] pub fn X509_CRL_up_ref(crl: *mut X509_CRL) -> c_int; pub fn X509_CRL_add0_revoked(crl: *mut X509_CRL, rev: *mut X509_REVOKED) -> c_int; } cfg_if! { if #[cfg(any(ossl110, libressl270))] { extern "C" { pub fn X509_CRL_set1_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; pub fn X509_CRL_set1_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; } } else { // libressl270 kept them, ossl110 "#define"s them to the variants above extern "C" { pub fn X509_CRL_set_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; pub fn X509_CRL_set_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; } } } cfg_if! { Loading Loading @@ -360,27 +497,142 @@ extern "C" { loc: c_int, set: c_int, ) -> c_int; } // "raw" X509_EXTENSION related functions extern "C" { // in X509 pub fn X509_delete_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; pub fn X509_add1_ext_i2d( x: *mut X509, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong, ) -> c_int; // in X509_CRL pub fn X509_CRL_delete_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_CRL_add_ext(x: *mut X509_CRL, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; pub fn X509_CRL_add1_ext_i2d( x: *mut X509_CRL, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong, ) -> c_int; // in X509_REVOKED pub fn X509_REVOKED_delete_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_REVOKED_add_ext( x: *mut X509_REVOKED, ext: *mut X509_EXTENSION, loc: c_int, ) -> c_int; pub fn X509_REVOKED_add1_ext_i2d( x: *mut X509_REVOKED, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong, ) -> c_int; // X509_EXTENSION itself pub fn X509_EXTENSION_create_by_NID( ex: *mut *mut X509_EXTENSION, nid: c_int, crit: c_int, data: *mut ASN1_OCTET_STRING, ) -> *mut X509_EXTENSION; pub fn X509_EXTENSION_set_critical(ex: *mut X509_EXTENSION, crit: c_int) -> c_int; pub fn X509_EXTENSION_set_data(ex: *mut X509_EXTENSION, data: *mut ASN1_OCTET_STRING) -> c_int; pub fn X509_EXTENSION_get_object(ext: *mut X509_EXTENSION) -> *mut ASN1_OBJECT; pub fn X509_EXTENSION_get_data(ext: *mut X509_EXTENSION) -> *mut ASN1_STRING; } cfg_if! { if #[cfg(any(ossl110, libressl280))] { extern "C" { // in X509 pub fn X509_get_ext_count(x: *const X509) -> c_int; pub fn X509_get_ext_by_NID(x: *const X509, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_get_ext_by_OBJ(x: *const X509, obj: *const ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_get_ext_by_critical(x: *const X509, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_get_ext(x: *const X509, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_get_ext_d2i( x: *const ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // in X509_CRL pub fn X509_CRL_get_ext_count(x: *const X509_CRL) -> c_int; pub fn X509_CRL_get_ext_by_NID(x: *const X509_CRL, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext_by_OBJ(x: *const X509_CRL, obj: *const ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext_by_critical(x: *const X509_CRL, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext(x: *const X509_CRL, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_CRL_get_ext_d2i( x: *const ::X509_CRL, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // in X509_REVOKED pub fn X509_REVOKED_get_ext_count(x: *const X509_REVOKED) -> c_int; pub fn X509_REVOKED_get_ext_by_NID(x: *const X509_REVOKED, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext_by_OBJ(x: *const X509_REVOKED, obj: *const ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext_by_critical(x: *const X509_REVOKED, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext(x: *const X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_REVOKED_get_ext_d2i( x: *const ::X509_REVOKED, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // X509_EXTENSION itself pub fn X509_EXTENSION_create_by_OBJ(ex: *mut *mut X509_EXTENSION, obj: *const ASN1_OBJECT, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION; pub fn X509_EXTENSION_set_object(ex: *mut X509_EXTENSION, obj: *const ASN1_OBJECT) -> c_int; pub fn X509_EXTENSION_get_critical(ex: *const X509_EXTENSION) -> c_int; } } else { extern "C" { // in X509 pub fn X509_get_ext_count(x: *mut X509) -> c_int; pub fn X509_get_ext_by_NID(x: *mut X509, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_get_ext_by_OBJ(x: *mut X509, obj: *mut ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_get_ext_by_critical(x: *mut X509, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_get_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_get_ext_d2i( x: *mut ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // in X509_CRL pub fn X509_CRL_get_ext_count(x: *mut X509_CRL) -> c_int; pub fn X509_CRL_get_ext_by_NID(x: *mut X509_CRL, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext_by_OBJ(x: *mut X509_CRL, obj: *mut ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext_by_critical(x: *mut X509_CRL, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_CRL_get_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_CRL_get_ext_d2i( x: *mut ::X509_CRL, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // in X509_REVOKED pub fn X509_REVOKED_get_ext_count(x: *mut X509_REVOKED) -> c_int; pub fn X509_REVOKED_get_ext_by_NID(x: *mut X509_REVOKED, nid: c_int, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext_by_OBJ(x: *mut X509_REVOKED, obj: *mut ASN1_OBJECT, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext_by_critical(x: *mut X509_REVOKED, crit: c_int, lastpos: c_int) -> c_int; pub fn X509_REVOKED_get_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; pub fn X509_REVOKED_get_ext_d2i( x: *mut ::X509_REVOKED, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; // X509_EXTENSION itself pub fn X509_EXTENSION_create_by_OBJ(ex: *mut *mut X509_EXTENSION, obj: *mut ASN1_OBJECT, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION; pub fn X509_EXTENSION_set_object(ex: *mut X509_EXTENSION, obj: *mut ASN1_OBJECT) -> c_int; pub fn X509_EXTENSION_get_critical(ex: *mut X509_EXTENSION) -> c_int; } } } Loading
openssl-sys/src/x509v3.rs +122 −0 Original line number Diff line number Diff line Loading @@ -27,6 +27,17 @@ extern "C" { pub fn GENERAL_NAME_free(name: *mut GENERAL_NAME); } #[repr(C)] pub struct AUTHORITY_KEYID { pub keyid: *mut ASN1_STRING, pub issuer: *mut stack_st_GENERAL_NAME, pub serial: *mut ASN1_INTEGER, } extern "C" { pub fn AUTHORITY_KEYID_free(akid: *mut AUTHORITY_KEYID); } #[cfg(any(ossl102, libressl261))] pub const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT: c_uint = 0x1; #[cfg(any(ossl102, libressl261))] Loading Loading @@ -91,3 +102,114 @@ extern "C" { pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; } cfg_if! { if #[cfg(any(ossl110, libressl280))] { extern "C" { pub fn X509V3_get_d2i( x: *const stack_st_X509_EXTENSION, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; pub fn X509V3_extensions_print(out: *mut BIO, title: *const c_char, exts: *const stack_st_X509_EXTENSION, flag: c_ulong, indent: c_int) -> c_int; } } else { extern "C" { pub fn X509V3_get_d2i( x: *mut stack_st_X509_EXTENSION, nid: c_int, crit: *mut c_int, idx: *mut c_int, ) -> *mut c_void; pub fn X509V3_extensions_print(out: *mut BIO, title: *mut c_char, exts: *mut stack_st_X509_EXTENSION, flag: c_ulong, indent: c_int) -> c_int; } } } // X509V3_add1_i2d (and *_add1_ext_i2d) pub const X509V3_ADD_DEFAULT: c_ulong = 0; pub const X509V3_ADD_APPEND: c_ulong = 1; pub const X509V3_ADD_REPLACE: c_ulong = 2; pub const X509V3_ADD_REPLACE_EXISTING: c_ulong = 3; pub const X509V3_ADD_KEEP_EXISTING: c_ulong = 4; pub const X509V3_ADD_DELETE: c_ulong = 5; pub const X509V3_ADD_SILENT: c_ulong = 0x10; // X509_get_extension_flags pub const EXFLAG_BCONS: u32 = 0x1; pub const EXFLAG_KUSAGE: u32 = 0x2; pub const EXFLAG_XKUSAGE: u32 = 0x4; pub const EXFLAG_NSCERT: u32 = 0x8; pub const EXFLAG_CA: u32 = 0x10; pub const EXFLAG_SI: u32 = 0x20; pub const EXFLAG_V1: u32 = 0x40; pub const EXFLAG_INVALID: u32 = 0x80; pub const EXFLAG_SET: u32 = 0x100; pub const EXFLAG_CRITICAL: u32 = 0x200; pub const EXFLAG_PROXY: u32 = 0x400; pub const EXFLAG_INVALID_POLICY: u32 = 0x800; pub const EXFLAG_FRESHEST: u32 = 0x1000; // before ossl102 / libressl260 EXFLAG_SS was 0x20 (the same as EXFLAG_SI); probably not useful semantic #[cfg(any(ossl102, libressl261))] pub const EXFLAG_SS: u32 = 0x2000; /* cfg_if! { // probably gonna be in openssl-3.0.0-alpha7 if #[cfg(any(ossl300))] { pub const EXFLAG_BCONS_CRITICAL: u32 = 0x10000; pub const EXFLAG_AKID_CRITICAL: u32 = 0x20000; pub const EXFLAG_SKID_CRITICAL: u32 = 0x40000; pub const EXFLAG_SAN_CRITICAL: u32 = 0x80000; } } */ // X509_get_key_usage pub const X509v3_KU_DIGITAL_SIGNATURE: u32 = 0x0080; pub const X509v3_KU_NON_REPUDIATION: u32 = 0x0040; pub const X509v3_KU_KEY_ENCIPHERMENT: u32 = 0x0020; pub const X509v3_KU_DATA_ENCIPHERMENT: u32 = 0x0010; pub const X509v3_KU_KEY_AGREEMENT: u32 = 0x0008; pub const X509v3_KU_KEY_CERT_SIGN: u32 = 0x0004; pub const X509v3_KU_CRL_SIGN: u32 = 0x0002; pub const X509v3_KU_ENCIPHER_ONLY: u32 = 0x0001; pub const X509v3_KU_DECIPHER_ONLY: u32 = 0x8000; pub const X509v3_KU_UNDEF: u32 = 0xffff; // X509_get_extended_key_usage pub const XKU_SSL_SERVER: u32 = 0x1; pub const XKU_SSL_CLIENT: u32 = 0x2; pub const XKU_SMIME: u32 = 0x4; pub const XKU_CODE_SIGN: u32 = 0x8; pub const XKU_SGC: u32 = 0x10; pub const XKU_OCSP_SIGN: u32 = 0x20; pub const XKU_TIMESTAMP: u32 = 0x40; pub const XKU_DVCS: u32 = 0x80; #[cfg(ossl110)] pub const XKU_ANYEKU: u32 = 0x100; extern "C" { pub fn X509V3_EXT_d2i(ext: *mut X509_EXTENSION) -> *mut c_void; pub fn X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: *mut c_void) -> *mut X509_EXTENSION; pub fn X509V3_add1_i2d( x: *mut *mut stack_st_X509_EXTENSION, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong, ) -> c_int; pub fn X509V3_EXT_print( out: *mut BIO, ext: *mut X509_EXTENSION, flag: c_ulong, indent: c_int, ) -> c_int; #[cfg(ossl110)] pub fn X509_get_extension_flags(x: *mut X509) -> u32; #[cfg(ossl110)] pub fn X509_get_key_usage(x: *mut X509) -> u32; #[cfg(ossl110)] pub fn X509_get_extended_key_usage(x: *mut X509) -> u32; }
