diff --git a/.circleci/config.yml b/.circleci/config.yml index f9791eafce69a90a418cf369a8bf72f881c632ba..958b923928202821ea62578686da346a0bddba38 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -17,7 +17,7 @@ save_openssl: &SAVE_OPENSSL paths: - /openssl deps_key: &DEPS_KEY - key: deps-1.19.0-{{ checksum "Cargo.lock" }}-{{ checksum "~/lib_key" }}-2 + key: deps-1.20.0-{{ checksum "Cargo.lock" }}-{{ checksum "~/lib_key" }}-2 restore_deps: &RESTORE_DEPS restore_cache: <<: *DEPS_KEY @@ -31,7 +31,7 @@ save_deps: &SAVE_DEPS job: &JOB working_directory: ~/build docker: - - image: rust:1.19.0 + - image: rust:1.20.0 steps: - checkout - run: apt-get update @@ -77,7 +77,7 @@ macos_job: &MACOS_JOB - checkout - run: sudo mkdir /opt - run: sudo chown -R $USER /usr/local /opt - - run: curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain 1.19.0 + - run: curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain 1.20.0 - run: sudo ln -s $CARGO_HOME/bin/* /usr/local/bin - *RESTORE_REGISTRY - run: cargo generate-lockfile diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml index 07f03bc733a7f67959206231d203cb29aae5d035..7aa3eddd68d75a2e27bb6f36bc9d9d618c271323 100644 --- a/openssl/Cargo.toml +++ b/openssl/Cargo.toml @@ -19,7 +19,7 @@ v102 = [] v110 = [] [dependencies] -bitflags = "0.9" +bitflags = "1.0" foreign-types = "0.3.1" lazy_static = "1" libc = "0.2" diff --git a/openssl/examples/mk_certs.rs b/openssl/examples/mk_certs.rs index c64dc007ff9348a07c1371d538fae241edd420d4..1dcdef25a6d99a333fd715208fd2456822f3245e 100644 --- a/openssl/examples/mk_certs.rs +++ b/openssl/examples/mk_certs.rs @@ -4,7 +4,7 @@ extern crate openssl; use openssl::asn1::Asn1Time; -use openssl::bn::{BigNum, MSB_MAYBE_ZERO}; +use openssl::bn::{BigNum, MsbOption}; use openssl::error::ErrorStack; use openssl::hash::MessageDigest; use openssl::pkey::{PKey, PKeyRef}; @@ -30,7 +30,7 @@ fn mk_ca_cert() -> Result<(X509, PKey), ErrorStack> { cert_builder.set_version(2)?; let serial_number = { let mut serial = BigNum::new()?; - serial.rand(159, MSB_MAYBE_ZERO, false)?; + serial.rand(159, MsbOption::MAYBE_ZERO, false)?; serial.to_asn1_integer()? }; cert_builder.set_serial_number(&serial_number)?; @@ -88,7 +88,7 @@ fn mk_ca_signed_cert(ca_cert: &X509Ref, ca_privkey: &PKeyRef) -> Result<(X509, P cert_builder.set_version(2)?; let serial_number = { let mut serial = BigNum::new()?; - serial.rand(159, MSB_MAYBE_ZERO, false)?; + serial.rand(159, MsbOption::MAYBE_ZERO, false)?; serial.to_asn1_integer()? }; cert_builder.set_serial_number(&serial_number)?; @@ -109,8 +109,8 @@ fn mk_ca_signed_cert(ca_cert: &X509Ref, ca_privkey: &PKeyRef) -> Result<(X509, P .key_encipherment() .build()?)?; - let subject_key_identifier = SubjectKeyIdentifier::new() - .build(&cert_builder.x509v3_context(Some(ca_cert), None))?; + let subject_key_identifier = + SubjectKeyIdentifier::new().build(&cert_builder.x509v3_context(Some(ca_cert), None))?; cert_builder.append_extension(subject_key_identifier)?; let auth_key_identifier = AuthorityKeyIdentifier::new() diff --git a/openssl/src/bn.rs b/openssl/src/bn.rs index 82ec38b64717028df393530e3bbfddbfd125ce37..25dae93d26190cbba9bca714886290d7c0728770 100644 --- a/openssl/src/bn.rs +++ b/openssl/src/bn.rs @@ -30,16 +30,16 @@ use libc::c_int; use std::cmp::Ordering; use std::ffi::CString; use std::{fmt, ptr}; -use std::ops::{Add, Div, Mul, Neg, Rem, Shl, Shr, Sub, Deref}; +use std::ops::{Add, Deref, Div, Mul, Neg, Rem, Shl, Shr, Sub}; -use {cvt, cvt_p, cvt_n}; +use {cvt, cvt_n, cvt_p}; use asn1::Asn1Integer; use error::ErrorStack; use string::OpensslString; #[cfg(ossl10x)] -use ffi::{get_rfc2409_prime_768 as BN_get_rfc2409_prime_768, - get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024, +use ffi::{get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024, + get_rfc2409_prime_768 as BN_get_rfc2409_prime_768, get_rfc3526_prime_1536 as BN_get_rfc3526_prime_1536, get_rfc3526_prime_2048 as BN_get_rfc3526_prime_2048, get_rfc3526_prime_3072 as BN_get_rfc3526_prime_3072, @@ -48,24 +48,26 @@ use ffi::{get_rfc2409_prime_768 as BN_get_rfc2409_prime_768, get_rfc3526_prime_8192 as BN_get_rfc3526_prime_8192}; #[cfg(ossl110)] -use ffi::{BN_get_rfc2409_prime_768, BN_get_rfc2409_prime_1024, BN_get_rfc3526_prime_1536, +use ffi::{BN_get_rfc2409_prime_1024, BN_get_rfc2409_prime_768, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192}; /// Options for the most significant bits of a randomly generated `BigNum`. pub struct MsbOption(c_int); -/// The most significant bit of the number may be 0. -pub const MSB_MAYBE_ZERO: MsbOption = MsbOption(-1); +impl MsbOption { + /// The most significant bit of the number may be 0. + pub const MAYBE_ZERO: MsbOption = MsbOption(-1); -/// The most significant bit of the number must be 1. -pub const MSB_ONE: MsbOption = MsbOption(0); + /// The most significant bit of the number must be 1. + pub const ONE: MsbOption = MsbOption(0); -/// The most significant two bits of the number must be 1. -/// -/// The number of bits in the product of two such numbers will always be exactly twice the number -/// of bits in the original numbers. -pub const TWO_MSB_ONE: MsbOption = MsbOption(1); + /// The most significant two bits of the number must be 1. + /// + /// The number of bits in the product of two such numbers will always be exactly twice the + /// number of bits in the original numbers. + pub const TWO_ONES: MsbOption = MsbOption(1); +} foreign_type_and_impl_send_sync! { type CType = ffi::BN_CTX; @@ -396,14 +398,14 @@ impl BigNumRef { /// # Examples /// /// ``` - /// use openssl::bn::{BigNum,MSB_MAYBE_ZERO}; + /// use openssl::bn::{BigNum, MsbOption}; /// use openssl::error::ErrorStack; /// /// fn generate_random() -> Result< BigNum, ErrorStack > { /// let mut big = BigNum::new()?; /// /// // Generates a 128-bit odd random number - /// big.rand(128, MSB_MAYBE_ZERO, true); + /// big.rand(128, MsbOption::MAYBE_ZERO, true); /// Ok((big)) /// } /// ``` @@ -1345,7 +1347,7 @@ impl Neg for BigNum { #[cfg(test)] mod tests { - use bn::{BigNumContext, BigNum}; + use bn::{BigNum, BigNumContext}; #[test] fn test_to_from_slice() { diff --git a/openssl/src/ec.rs b/openssl/src/ec.rs index 97b095d093bb645fd6700e7b4991795830709507..7f1721ce42283c891e830ccfcc81235cd335f486 100644 --- a/openssl/src/ec.rs +++ b/openssl/src/ec.rs @@ -20,10 +20,10 @@ //! //! ``` //! use openssl::ec::{EcGroup, EcPoint}; -//! use openssl::nid; +//! use openssl::nid::Nid; //! use openssl::error::ErrorStack; -//! fn get_ec_point() -> Result< EcPoint, ErrorStack > { -//! let group = EcGroup::from_curve_name(nid::SECP224R1)?; +//! fn get_ec_point() -> Result { +//! let group = EcGroup::from_curve_name(Nid::SECP224R1)?; //! let point = EcPoint::new(&group)?; //! Ok(point) //! } @@ -38,47 +38,10 @@ use std::mem; use libc::c_int; use {cvt, cvt_n, cvt_p, init}; -use bn::{BigNumRef, BigNumContextRef}; +use bn::{BigNumContextRef, BigNumRef}; use error::ErrorStack; use nid::Nid; -/// Compressed conversion from point value (Default) -pub const POINT_CONVERSION_COMPRESSED: PointConversionForm = - PointConversionForm(ffi::point_conversion_form_t::POINT_CONVERSION_COMPRESSED); - -/// Uncompressed conversion from point value (Binary curve default) -pub const POINT_CONVERSION_UNCOMPRESSED: PointConversionForm = - PointConversionForm(ffi::point_conversion_form_t::POINT_CONVERSION_UNCOMPRESSED); - -/// Performs both compressed and uncompressed conversions -pub const POINT_CONVERSION_HYBRID: PointConversionForm = - PointConversionForm(ffi::point_conversion_form_t::POINT_CONVERSION_HYBRID); - -/// Curve defined using polynomial parameters -/// -/// Most applications use a named EC_GROUP curve, however, support -/// is included to explicitly define the curve used to calculate keys -/// This information would need to be known by both endpoint to make communication -/// effective. -/// -/// OPENSSL_EC_EXPLICIT_CURVE, but that was only added in 1.1. -/// Man page documents that 0 can be used in older versions. -/// -/// OpenSSL documentation at [`EC_GROUP`] -/// -/// [`EC_GROUP`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_GROUP_get_seed_len.html -pub const EXPLICIT_CURVE: Asn1Flag = Asn1Flag(0); - -/// Standard Curves -/// -/// Curves that make up the typical encryption use cases. The collection of curves -/// are well known but extensible. -/// -/// OpenSSL documentation at [`EC_GROUP`] -/// -/// [`EC_GROUP`]: https://www.openssl.org/docs/manmaster/man3/EC_GROUP_order_bits.html -pub const NAMED_CURVE: Asn1Flag = Asn1Flag(ffi::OPENSSL_EC_NAMED_CURVE); - /// Compressed or Uncompressed conversion /// /// Conversion from the binary value of the point on the curve is performed in one of @@ -91,13 +54,53 @@ pub const NAMED_CURVE: Asn1Flag = Asn1Flag(ffi::OPENSSL_EC_NAMED_CURVE); #[derive(Copy, Clone)] pub struct PointConversionForm(ffi::point_conversion_form_t); +impl PointConversionForm { + /// Compressed conversion from point value. + pub const COMPRESSED: PointConversionForm = + PointConversionForm(ffi::point_conversion_form_t::POINT_CONVERSION_COMPRESSED); + + /// Uncompressed conversion from point value. + pub const UNCOMPRESSED: PointConversionForm = + PointConversionForm(ffi::point_conversion_form_t::POINT_CONVERSION_UNCOMPRESSED); + + /// Performs both compressed and uncompressed conversions. + pub const HYBRID: PointConversionForm = + PointConversionForm(ffi::point_conversion_form_t::POINT_CONVERSION_HYBRID); +} + /// Named Curve or Explicit /// -/// This type acts as a boolean as to whether the EC_Group is named or -/// explicit. +/// This type acts as a boolean as to whether the `EcGroup` is named or explicit. #[derive(Copy, Clone)] pub struct Asn1Flag(c_int); +impl Asn1Flag { + /// Curve defined using polynomial parameters + /// + /// Most applications use a named EC_GROUP curve, however, support + /// is included to explicitly define the curve used to calculate keys + /// This information would need to be known by both endpoint to make communication + /// effective. + /// + /// OPENSSL_EC_EXPLICIT_CURVE, but that was only added in 1.1. + /// Man page documents that 0 can be used in older versions. + /// + /// OpenSSL documentation at [`EC_GROUP`] + /// + /// [`EC_GROUP`]: https://www.openssl.org/docs/man1.1.0/crypto/EC_GROUP_get_seed_len.html + pub const EXPLICIT_CURVE: Asn1Flag = Asn1Flag(0); + + /// Standard Curves + /// + /// Curves that make up the typical encryption use cases. The collection of curves + /// are well known but extensible. + /// + /// OpenSSL documentation at [`EC_GROUP`] + /// + /// [`EC_GROUP`]: https://www.openssl.org/docs/manmaster/man3/EC_GROUP_order_bits.html + pub const NAMED_CURVE: Asn1Flag = Asn1Flag(ffi::OPENSSL_EC_NAMED_CURVE); +} + foreign_type_and_impl_send_sync! { type CType = ffi::EC_GROUP; fn drop = ffi::EC_GROUP_free; @@ -606,14 +609,14 @@ impl EcKey { /// ```no_run /// use openssl::bn::BigNumContext; /// use openssl::ec::*; - /// use openssl::nid; + /// use openssl::nid::Nid; /// use openssl::pkey::PKey; /// /// // get bytes from somewhere, i.e. this will not produce a valid key /// let public_key: Vec = vec![]; /// /// // create an EcKey from the binary form of a EcPoint - /// let group = EcGroup::from_curve_name(nid::SECP256K1).unwrap(); + /// let group = EcGroup::from_curve_name(Nid::SECP256K1).unwrap(); /// let mut ctx = BigNumContext::new().unwrap(); /// let point = EcPoint::from_bytes(&group, &public_key, &mut ctx).unwrap(); /// let key = EcKey::from_public_key(&group, &point); @@ -645,7 +648,6 @@ impl EcKey { private_key_from_der!(EcKey, ffi::d2i_ECPrivateKey); } - foreign_type_and_impl_send_sync! { type CType = ffi::EC_KEY; fn drop = ffi::EC_KEY_free; @@ -731,18 +733,18 @@ impl EcKeyBuilderRef { #[cfg(test)] mod test { use bn::{BigNum, BigNumContext}; - use nid; + use nid::Nid; use data_encoding::BASE64URL_NOPAD; use super::*; #[test] fn key_new_by_curve_name() { - EcKey::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + EcKey::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); } #[test] fn generate() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); let key = EcKey::generate(&group).unwrap(); key.public_key().unwrap(); key.private_key().unwrap(); @@ -750,25 +752,25 @@ mod test { #[test] fn dup() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); let key = EcKey::generate(&group).unwrap(); key.to_owned().unwrap(); } #[test] fn point_new() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); EcPoint::new(&group).unwrap(); } #[test] fn point_bytes() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); let key = EcKey::generate(&group).unwrap(); let point = key.public_key().unwrap(); let mut ctx = BigNumContext::new().unwrap(); let bytes = point - .to_bytes(&group, POINT_CONVERSION_COMPRESSED, &mut ctx) + .to_bytes(&group, PointConversionForm::COMPRESSED, &mut ctx) .unwrap(); let point2 = EcPoint::from_bytes(&group, &bytes, &mut ctx).unwrap(); assert!(point.eq(&group, &point2, &mut ctx).unwrap()); @@ -776,7 +778,7 @@ mod test { #[test] fn mul_generator() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); let key = EcKey::generate(&group).unwrap(); let mut ctx = BigNumContext::new().unwrap(); let mut public_key = EcPoint::new(&group).unwrap(); @@ -792,12 +794,12 @@ mod test { #[test] fn key_from_public_key() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); let key = EcKey::generate(&group).unwrap(); let mut ctx = BigNumContext::new().unwrap(); let bytes = key.public_key() .unwrap() - .to_bytes(&group, POINT_CONVERSION_COMPRESSED, &mut ctx) + .to_bytes(&group, PointConversionForm::COMPRESSED, &mut ctx) .unwrap(); drop(key); @@ -810,13 +812,13 @@ mod test { #[test] fn key_from_affine_coordinates() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); - let x = BASE64URL_NOPAD.decode( - "MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4".as_bytes(), - ).unwrap(); - let y = BASE64URL_NOPAD.decode( - "4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM".as_bytes(), - ).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); + let x = BASE64URL_NOPAD + .decode("MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4".as_bytes()) + .unwrap(); + let y = BASE64URL_NOPAD + .decode("4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM".as_bytes()) + .unwrap(); let xbn = BigNum::from_slice(&x).unwrap(); let ybn = BigNum::from_slice(&y).unwrap(); @@ -834,10 +836,10 @@ mod test { #[test] fn set_private_key() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); - let d = BASE64URL_NOPAD.decode( - "870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE".as_bytes(), - ).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); + let d = BASE64URL_NOPAD + .decode("870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE".as_bytes()) + .unwrap(); let dbn = BigNum::from_slice(&d).unwrap(); @@ -851,13 +853,13 @@ mod test { #[test] fn get_affine_coordinates() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); - let x = BASE64URL_NOPAD.decode( - "MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4".as_bytes(), - ).unwrap(); - let y = BASE64URL_NOPAD.decode( - "4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM".as_bytes(), - ).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); + let x = BASE64URL_NOPAD + .decode("MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4".as_bytes()) + .unwrap(); + let y = BASE64URL_NOPAD + .decode("4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM".as_bytes()) + .unwrap(); let xbn = BigNum::from_slice(&x).unwrap(); let ybn = BigNum::from_slice(&y).unwrap(); diff --git a/openssl/src/nid.rs b/openssl/src/nid.rs index df1090c15019c923811195fd9fbbe5543730e905..7c04123620b054f5bb00bc05fc59beee9b9c77c1 100644 --- a/openssl/src/nid.rs +++ b/openssl/src/nid.rs @@ -16,9 +16,9 @@ use libc::c_int; /// To view the integer representation of a `Nid`: /// /// ``` -/// use openssl::nid; +/// use openssl::nid::Nid; /// -/// assert!(nid::AES_256_GCM.as_raw() == 901); +/// assert!(Nid::AES_256_GCM.as_raw() == 901); /// ``` /// /// # External Documentation @@ -41,942 +41,953 @@ impl Nid { pub fn as_raw(&self) -> c_int { self.0 } -} -pub const UNDEF: Nid = Nid(ffi::NID_undef); -pub const ITU_T: Nid = Nid(ffi::NID_itu_t); -pub const CCITT: Nid = Nid(ffi::NID_ccitt); -pub const ISO: Nid = Nid(ffi::NID_iso); -pub const JOINT_ISO_ITU_T: Nid = Nid(ffi::NID_joint_iso_itu_t); -pub const JOINT_ISO_CCITT: Nid = Nid(ffi::NID_joint_iso_ccitt); -pub const MEMBER_BODY: Nid = Nid(ffi::NID_member_body); -pub const IDENTIFIED_ORGANIZATION: Nid = Nid(ffi::NID_identified_organization); -pub const HMAC_MD5: Nid = Nid(ffi::NID_hmac_md5); -pub const HMAC_SHA1: Nid = Nid(ffi::NID_hmac_sha1); -pub const CERTICOM_ARC: Nid = Nid(ffi::NID_certicom_arc); -pub const INTERNATIONAL_ORGANIZATIONS: Nid = Nid(ffi::NID_international_organizations); -pub const WAP: Nid = Nid(ffi::NID_wap); -pub const WAP_WSG: Nid = Nid(ffi::NID_wap_wsg); -pub const SELECTED_ATTRIBUTE_TYPES: Nid = Nid(ffi::NID_selected_attribute_types); -pub const CLEARANCE: Nid = Nid(ffi::NID_clearance); -pub const ISO_US: Nid = Nid(ffi::NID_ISO_US); -pub const X9_57: Nid = Nid(ffi::NID_X9_57); -pub const X9CM: Nid = Nid(ffi::NID_X9cm); -pub const DSA: Nid = Nid(ffi::NID_dsa); -pub const DSAWITHSHA1: Nid = Nid(ffi::NID_dsaWithSHA1); -pub const ANSI_X9_62: Nid = Nid(ffi::NID_ansi_X9_62); -pub const X9_62_PRIME_FIELD: Nid = Nid(ffi::NID_X9_62_prime_field); -pub const X9_62_CHARACTERISTIC_TWO_FIELD: Nid = Nid(ffi::NID_X9_62_characteristic_two_field); -pub const X9_62_ID_CHARACTERISTIC_TWO_BASIS: Nid = Nid(ffi::NID_X9_62_id_characteristic_two_basis); -pub const X9_62_ONBASIS: Nid = Nid(ffi::NID_X9_62_onBasis); -pub const X9_62_TPBASIS: Nid = Nid(ffi::NID_X9_62_tpBasis); -pub const X9_62_PPBASIS: Nid = Nid(ffi::NID_X9_62_ppBasis); -pub const X9_62_ID_ECPUBLICKEY: Nid = Nid(ffi::NID_X9_62_id_ecPublicKey); -pub const X9_62_C2PNB163V1: Nid = Nid(ffi::NID_X9_62_c2pnb163v1); -pub const X9_62_C2PNB163V2: Nid = Nid(ffi::NID_X9_62_c2pnb163v2); -pub const X9_62_C2PNB163V3: Nid = Nid(ffi::NID_X9_62_c2pnb163v3); -pub const X9_62_C2PNB176V1: Nid = Nid(ffi::NID_X9_62_c2pnb176v1); -pub const X9_62_C2TNB191V1: Nid = Nid(ffi::NID_X9_62_c2tnb191v1); -pub const X9_62_C2TNB191V2: Nid = Nid(ffi::NID_X9_62_c2tnb191v2); -pub const X9_62_C2TNB191V3: Nid = Nid(ffi::NID_X9_62_c2tnb191v3); -pub const X9_62_C2ONB191V4: Nid = Nid(ffi::NID_X9_62_c2onb191v4); -pub const X9_62_C2ONB191V5: Nid = Nid(ffi::NID_X9_62_c2onb191v5); -pub const X9_62_C2PNB208W1: Nid = Nid(ffi::NID_X9_62_c2pnb208w1); -pub const X9_62_C2TNB239V1: Nid = Nid(ffi::NID_X9_62_c2tnb239v1); -pub const X9_62_C2TNB239V2: Nid = Nid(ffi::NID_X9_62_c2tnb239v2); -pub const X9_62_C2TNB239V3: Nid = Nid(ffi::NID_X9_62_c2tnb239v3); -pub const X9_62_C2ONB239V4: Nid = Nid(ffi::NID_X9_62_c2onb239v4); -pub const X9_62_C2ONB239V5: Nid = Nid(ffi::NID_X9_62_c2onb239v5); -pub const X9_62_C2PNB272W1: Nid = Nid(ffi::NID_X9_62_c2pnb272w1); -pub const X9_62_C2PNB304W1: Nid = Nid(ffi::NID_X9_62_c2pnb304w1); -pub const X9_62_C2TNB359V1: Nid = Nid(ffi::NID_X9_62_c2tnb359v1); -pub const X9_62_C2PNB368W1: Nid = Nid(ffi::NID_X9_62_c2pnb368w1); -pub const X9_62_C2TNB431R1: Nid = Nid(ffi::NID_X9_62_c2tnb431r1); -pub const X9_62_PRIME192V1: Nid = Nid(ffi::NID_X9_62_prime192v1); -pub const X9_62_PRIME192V2: Nid = Nid(ffi::NID_X9_62_prime192v2); -pub const X9_62_PRIME192V3: Nid = Nid(ffi::NID_X9_62_prime192v3); -pub const X9_62_PRIME239V1: Nid = Nid(ffi::NID_X9_62_prime239v1); -pub const X9_62_PRIME239V2: Nid = Nid(ffi::NID_X9_62_prime239v2); -pub const X9_62_PRIME239V3: Nid = Nid(ffi::NID_X9_62_prime239v3); -pub const X9_62_PRIME256V1: Nid = Nid(ffi::NID_X9_62_prime256v1); -pub const ECDSA_WITH_SHA1: Nid = Nid(ffi::NID_ecdsa_with_SHA1); -pub const ECDSA_WITH_RECOMMENDED: Nid = Nid(ffi::NID_ecdsa_with_Recommended); -pub const ECDSA_WITH_SPECIFIED: Nid = Nid(ffi::NID_ecdsa_with_Specified); -pub const ECDSA_WITH_SHA224: Nid = Nid(ffi::NID_ecdsa_with_SHA224); -pub const ECDSA_WITH_SHA256: Nid = Nid(ffi::NID_ecdsa_with_SHA256); -pub const ECDSA_WITH_SHA384: Nid = Nid(ffi::NID_ecdsa_with_SHA384); -pub const ECDSA_WITH_SHA512: Nid = Nid(ffi::NID_ecdsa_with_SHA512); -pub const SECP112R1: Nid = Nid(ffi::NID_secp112r1); -pub const SECP112R2: Nid = Nid(ffi::NID_secp112r2); -pub const SECP128R1: Nid = Nid(ffi::NID_secp128r1); -pub const SECP128R2: Nid = Nid(ffi::NID_secp128r2); -pub const SECP160K1: Nid = Nid(ffi::NID_secp160k1); -pub const SECP160R1: Nid = Nid(ffi::NID_secp160r1); -pub const SECP160R2: Nid = Nid(ffi::NID_secp160r2); -pub const SECP192K1: Nid = Nid(ffi::NID_secp192k1); -pub const SECP224K1: Nid = Nid(ffi::NID_secp224k1); -pub const SECP224R1: Nid = Nid(ffi::NID_secp224r1); -pub const SECP256K1: Nid = Nid(ffi::NID_secp256k1); -pub const SECP384R1: Nid = Nid(ffi::NID_secp384r1); -pub const SECP521R1: Nid = Nid(ffi::NID_secp521r1); -pub const SECT113R1: Nid = Nid(ffi::NID_sect113r1); -pub const SECT113R2: Nid = Nid(ffi::NID_sect113r2); -pub const SECT131R1: Nid = Nid(ffi::NID_sect131r1); -pub const SECT131R2: Nid = Nid(ffi::NID_sect131r2); -pub const SECT163K1: Nid = Nid(ffi::NID_sect163k1); -pub const SECT163R1: Nid = Nid(ffi::NID_sect163r1); -pub const SECT163R2: Nid = Nid(ffi::NID_sect163r2); -pub const SECT193R1: Nid = Nid(ffi::NID_sect193r1); -pub const SECT193R2: Nid = Nid(ffi::NID_sect193r2); -pub const SECT233K1: Nid = Nid(ffi::NID_sect233k1); -pub const SECT233R1: Nid = Nid(ffi::NID_sect233r1); -pub const SECT239K1: Nid = Nid(ffi::NID_sect239k1); -pub const SECT283K1: Nid = Nid(ffi::NID_sect283k1); -pub const SECT283R1: Nid = Nid(ffi::NID_sect283r1); -pub const SECT409K1: Nid = Nid(ffi::NID_sect409k1); -pub const SECT409R1: Nid = Nid(ffi::NID_sect409r1); -pub const SECT571K1: Nid = Nid(ffi::NID_sect571k1); -pub const SECT571R1: Nid = Nid(ffi::NID_sect571r1); -pub const WAP_WSG_IDM_ECID_WTLS1: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls1); -pub const WAP_WSG_IDM_ECID_WTLS3: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls3); -pub const WAP_WSG_IDM_ECID_WTLS4: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls4); -pub const WAP_WSG_IDM_ECID_WTLS5: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls5); -pub const WAP_WSG_IDM_ECID_WTLS6: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls6); -pub const WAP_WSG_IDM_ECID_WTLS7: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls7); -pub const WAP_WSG_IDM_ECID_WTLS8: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls8); -pub const WAP_WSG_IDM_ECID_WTLS9: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls9); -pub const WAP_WSG_IDM_ECID_WTLS10: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls10); -pub const WAP_WSG_IDM_ECID_WTLS11: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls11); -pub const WAP_WSG_IDM_ECID_WTLS12: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls12); -pub const CAST5_CBC: Nid = Nid(ffi::NID_cast5_cbc); -pub const CAST5_ECB: Nid = Nid(ffi::NID_cast5_ecb); -pub const CAST5_CFB64: Nid = Nid(ffi::NID_cast5_cfb64); -pub const CAST5_OFB64: Nid = Nid(ffi::NID_cast5_ofb64); -pub const PBEWITHMD5ANDCAST5_CBC: Nid = Nid(ffi::NID_pbeWithMD5AndCast5_CBC); -pub const ID_PASSWORDBASEDMAC: Nid = Nid(ffi::NID_id_PasswordBasedMAC); -pub const ID_DHBASEDMAC: Nid = Nid(ffi::NID_id_DHBasedMac); -pub const RSADSI: Nid = Nid(ffi::NID_rsadsi); -pub const PKCS: Nid = Nid(ffi::NID_pkcs); -pub const PKCS1: Nid = Nid(ffi::NID_pkcs1); -pub const RSAENCRYPTION: Nid = Nid(ffi::NID_rsaEncryption); -pub const MD2WITHRSAENCRYPTION: Nid = Nid(ffi::NID_md2WithRSAEncryption); -pub const MD4WITHRSAENCRYPTION: Nid = Nid(ffi::NID_md4WithRSAEncryption); -pub const MD5WITHRSAENCRYPTION: Nid = Nid(ffi::NID_md5WithRSAEncryption); -pub const SHA1WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha1WithRSAEncryption); -pub const RSAESOAEP: Nid = Nid(ffi::NID_rsaesOaep); -pub const MGF1: Nid = Nid(ffi::NID_mgf1); -pub const RSASSAPSS: Nid = Nid(ffi::NID_rsassaPss); -pub const SHA256WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha256WithRSAEncryption); -pub const SHA384WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha384WithRSAEncryption); -pub const SHA512WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha512WithRSAEncryption); -pub const SHA224WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha224WithRSAEncryption); -pub const PKCS3: Nid = Nid(ffi::NID_pkcs3); -pub const DHKEYAGREEMENT: Nid = Nid(ffi::NID_dhKeyAgreement); -pub const PKCS5: Nid = Nid(ffi::NID_pkcs5); -pub const PBEWITHMD2ANDDES_CBC: Nid = Nid(ffi::NID_pbeWithMD2AndDES_CBC); -pub const PBEWITHMD5ANDDES_CBC: Nid = Nid(ffi::NID_pbeWithMD5AndDES_CBC); -pub const PBEWITHMD2ANDRC2_CBC: Nid = Nid(ffi::NID_pbeWithMD2AndRC2_CBC); -pub const PBEWITHMD5ANDRC2_CBC: Nid = Nid(ffi::NID_pbeWithMD5AndRC2_CBC); -pub const PBEWITHSHA1ANDDES_CBC: Nid = Nid(ffi::NID_pbeWithSHA1AndDES_CBC); -pub const PBEWITHSHA1ANDRC2_CBC: Nid = Nid(ffi::NID_pbeWithSHA1AndRC2_CBC); -pub const ID_PBKDF2: Nid = Nid(ffi::NID_id_pbkdf2); -pub const PBES2: Nid = Nid(ffi::NID_pbes2); -pub const PBMAC1: Nid = Nid(ffi::NID_pbmac1); -pub const PKCS7: Nid = Nid(ffi::NID_pkcs7); -pub const PKCS7_DATA: Nid = Nid(ffi::NID_pkcs7_data); -pub const PKCS7_SIGNED: Nid = Nid(ffi::NID_pkcs7_signed); -pub const PKCS7_ENVELOPED: Nid = Nid(ffi::NID_pkcs7_enveloped); -pub const PKCS7_SIGNEDANDENVELOPED: Nid = Nid(ffi::NID_pkcs7_signedAndEnveloped); -pub const PKCS7_DIGEST: Nid = Nid(ffi::NID_pkcs7_digest); -pub const PKCS7_ENCRYPTED: Nid = Nid(ffi::NID_pkcs7_encrypted); -pub const PKCS9: Nid = Nid(ffi::NID_pkcs9); -pub const PKCS9_EMAILADDRESS: Nid = Nid(ffi::NID_pkcs9_emailAddress); -pub const PKCS9_UNSTRUCTUREDNAME: Nid = Nid(ffi::NID_pkcs9_unstructuredName); -pub const PKCS9_CONTENTTYPE: Nid = Nid(ffi::NID_pkcs9_contentType); -pub const PKCS9_MESSAGEDIGEST: Nid = Nid(ffi::NID_pkcs9_messageDigest); -pub const PKCS9_SIGNINGTIME: Nid = Nid(ffi::NID_pkcs9_signingTime); -pub const PKCS9_COUNTERSIGNATURE: Nid = Nid(ffi::NID_pkcs9_countersignature); -pub const PKCS9_CHALLENGEPASSWORD: Nid = Nid(ffi::NID_pkcs9_challengePassword); -pub const PKCS9_UNSTRUCTUREDADDRESS: Nid = Nid(ffi::NID_pkcs9_unstructuredAddress); -pub const PKCS9_EXTCERTATTRIBUTES: Nid = Nid(ffi::NID_pkcs9_extCertAttributes); -pub const EXT_REQ: Nid = Nid(ffi::NID_ext_req); -pub const SMIMECAPABILITIES: Nid = Nid(ffi::NID_SMIMECapabilities); -pub const SMIME: Nid = Nid(ffi::NID_SMIME); -pub const ID_SMIME_MOD: Nid = Nid(ffi::NID_id_smime_mod); -pub const ID_SMIME_CT: Nid = Nid(ffi::NID_id_smime_ct); -pub const ID_SMIME_AA: Nid = Nid(ffi::NID_id_smime_aa); -pub const ID_SMIME_ALG: Nid = Nid(ffi::NID_id_smime_alg); -pub const ID_SMIME_CD: Nid = Nid(ffi::NID_id_smime_cd); -pub const ID_SMIME_SPQ: Nid = Nid(ffi::NID_id_smime_spq); -pub const ID_SMIME_CTI: Nid = Nid(ffi::NID_id_smime_cti); -pub const ID_SMIME_MOD_CMS: Nid = Nid(ffi::NID_id_smime_mod_cms); -pub const ID_SMIME_MOD_ESS: Nid = Nid(ffi::NID_id_smime_mod_ess); -pub const ID_SMIME_MOD_OID: Nid = Nid(ffi::NID_id_smime_mod_oid); -pub const ID_SMIME_MOD_MSG_V3: Nid = Nid(ffi::NID_id_smime_mod_msg_v3); -pub const ID_SMIME_MOD_ETS_ESIGNATURE_88: Nid = Nid(ffi::NID_id_smime_mod_ets_eSignature_88); -pub const ID_SMIME_MOD_ETS_ESIGNATURE_97: Nid = Nid(ffi::NID_id_smime_mod_ets_eSignature_97); -pub const ID_SMIME_MOD_ETS_ESIGPOLICY_88: Nid = Nid(ffi::NID_id_smime_mod_ets_eSigPolicy_88); -pub const ID_SMIME_MOD_ETS_ESIGPOLICY_97: Nid = Nid(ffi::NID_id_smime_mod_ets_eSigPolicy_97); -pub const ID_SMIME_CT_RECEIPT: Nid = Nid(ffi::NID_id_smime_ct_receipt); -pub const ID_SMIME_CT_AUTHDATA: Nid = Nid(ffi::NID_id_smime_ct_authData); -pub const ID_SMIME_CT_PUBLISHCERT: Nid = Nid(ffi::NID_id_smime_ct_publishCert); -pub const ID_SMIME_CT_TSTINFO: Nid = Nid(ffi::NID_id_smime_ct_TSTInfo); -pub const ID_SMIME_CT_TDTINFO: Nid = Nid(ffi::NID_id_smime_ct_TDTInfo); -pub const ID_SMIME_CT_CONTENTINFO: Nid = Nid(ffi::NID_id_smime_ct_contentInfo); -pub const ID_SMIME_CT_DVCSREQUESTDATA: Nid = Nid(ffi::NID_id_smime_ct_DVCSRequestData); -pub const ID_SMIME_CT_DVCSRESPONSEDATA: Nid = Nid(ffi::NID_id_smime_ct_DVCSResponseData); -pub const ID_SMIME_CT_COMPRESSEDDATA: Nid = Nid(ffi::NID_id_smime_ct_compressedData); -pub const ID_CT_ASCIITEXTWITHCRLF: Nid = Nid(ffi::NID_id_ct_asciiTextWithCRLF); -pub const ID_SMIME_AA_RECEIPTREQUEST: Nid = Nid(ffi::NID_id_smime_aa_receiptRequest); -pub const ID_SMIME_AA_SECURITYLABEL: Nid = Nid(ffi::NID_id_smime_aa_securityLabel); -pub const ID_SMIME_AA_MLEXPANDHISTORY: Nid = Nid(ffi::NID_id_smime_aa_mlExpandHistory); -pub const ID_SMIME_AA_CONTENTHINT: Nid = Nid(ffi::NID_id_smime_aa_contentHint); -pub const ID_SMIME_AA_MSGSIGDIGEST: Nid = Nid(ffi::NID_id_smime_aa_msgSigDigest); -pub const ID_SMIME_AA_ENCAPCONTENTTYPE: Nid = Nid(ffi::NID_id_smime_aa_encapContentType); -pub const ID_SMIME_AA_CONTENTIDENTIFIER: Nid = Nid(ffi::NID_id_smime_aa_contentIdentifier); -pub const ID_SMIME_AA_MACVALUE: Nid = Nid(ffi::NID_id_smime_aa_macValue); -pub const ID_SMIME_AA_EQUIVALENTLABELS: Nid = Nid(ffi::NID_id_smime_aa_equivalentLabels); -pub const ID_SMIME_AA_CONTENTREFERENCE: Nid = Nid(ffi::NID_id_smime_aa_contentReference); -pub const ID_SMIME_AA_ENCRYPKEYPREF: Nid = Nid(ffi::NID_id_smime_aa_encrypKeyPref); -pub const ID_SMIME_AA_SIGNINGCERTIFICATE: Nid = Nid(ffi::NID_id_smime_aa_signingCertificate); -pub const ID_SMIME_AA_SMIMEENCRYPTCERTS: Nid = Nid(ffi::NID_id_smime_aa_smimeEncryptCerts); -pub const ID_SMIME_AA_TIMESTAMPTOKEN: Nid = Nid(ffi::NID_id_smime_aa_timeStampToken); -pub const ID_SMIME_AA_ETS_SIGPOLICYID: Nid = Nid(ffi::NID_id_smime_aa_ets_sigPolicyId); -pub const ID_SMIME_AA_ETS_COMMITMENTTYPE: Nid = Nid(ffi::NID_id_smime_aa_ets_commitmentType); -pub const ID_SMIME_AA_ETS_SIGNERLOCATION: Nid = Nid(ffi::NID_id_smime_aa_ets_signerLocation); -pub const ID_SMIME_AA_ETS_SIGNERATTR: Nid = Nid(ffi::NID_id_smime_aa_ets_signerAttr); -pub const ID_SMIME_AA_ETS_OTHERSIGCERT: Nid = Nid(ffi::NID_id_smime_aa_ets_otherSigCert); -pub const ID_SMIME_AA_ETS_CONTENTTIMESTAMP: Nid = Nid(ffi::NID_id_smime_aa_ets_contentTimestamp); -pub const ID_SMIME_AA_ETS_CERTIFICATEREFS: Nid = Nid(ffi::NID_id_smime_aa_ets_CertificateRefs); -pub const ID_SMIME_AA_ETS_REVOCATIONREFS: Nid = Nid(ffi::NID_id_smime_aa_ets_RevocationRefs); -pub const ID_SMIME_AA_ETS_CERTVALUES: Nid = Nid(ffi::NID_id_smime_aa_ets_certValues); -pub const ID_SMIME_AA_ETS_REVOCATIONVALUES: Nid = Nid(ffi::NID_id_smime_aa_ets_revocationValues); -pub const ID_SMIME_AA_ETS_ESCTIMESTAMP: Nid = Nid(ffi::NID_id_smime_aa_ets_escTimeStamp); -pub const ID_SMIME_AA_ETS_CERTCRLTIMESTAMP: Nid = Nid(ffi::NID_id_smime_aa_ets_certCRLTimestamp); -pub const ID_SMIME_AA_ETS_ARCHIVETIMESTAMP: Nid = Nid(ffi::NID_id_smime_aa_ets_archiveTimeStamp); -pub const ID_SMIME_AA_SIGNATURETYPE: Nid = Nid(ffi::NID_id_smime_aa_signatureType); -pub const ID_SMIME_AA_DVCS_DVC: Nid = Nid(ffi::NID_id_smime_aa_dvcs_dvc); -pub const ID_SMIME_ALG_ESDHWITH3DES: Nid = Nid(ffi::NID_id_smime_alg_ESDHwith3DES); -pub const ID_SMIME_ALG_ESDHWITHRC2: Nid = Nid(ffi::NID_id_smime_alg_ESDHwithRC2); -pub const ID_SMIME_ALG_3DESWRAP: Nid = Nid(ffi::NID_id_smime_alg_3DESwrap); -pub const ID_SMIME_ALG_RC2WRAP: Nid = Nid(ffi::NID_id_smime_alg_RC2wrap); -pub const ID_SMIME_ALG_ESDH: Nid = Nid(ffi::NID_id_smime_alg_ESDH); -pub const ID_SMIME_ALG_CMS3DESWRAP: Nid = Nid(ffi::NID_id_smime_alg_CMS3DESwrap); -pub const ID_SMIME_ALG_CMSRC2WRAP: Nid = Nid(ffi::NID_id_smime_alg_CMSRC2wrap); -pub const ID_ALG_PWRI_KEK: Nid = Nid(ffi::NID_id_alg_PWRI_KEK); -pub const ID_SMIME_CD_LDAP: Nid = Nid(ffi::NID_id_smime_cd_ldap); -pub const ID_SMIME_SPQ_ETS_SQT_URI: Nid = Nid(ffi::NID_id_smime_spq_ets_sqt_uri); -pub const ID_SMIME_SPQ_ETS_SQT_UNOTICE: Nid = Nid(ffi::NID_id_smime_spq_ets_sqt_unotice); -pub const ID_SMIME_CTI_ETS_PROOFOFORIGIN: Nid = Nid(ffi::NID_id_smime_cti_ets_proofOfOrigin); -pub const ID_SMIME_CTI_ETS_PROOFOFRECEIPT: Nid = Nid(ffi::NID_id_smime_cti_ets_proofOfReceipt); -pub const ID_SMIME_CTI_ETS_PROOFOFDELIVERY: Nid = Nid(ffi::NID_id_smime_cti_ets_proofOfDelivery); -pub const ID_SMIME_CTI_ETS_PROOFOFSENDER: Nid = Nid(ffi::NID_id_smime_cti_ets_proofOfSender); -pub const ID_SMIME_CTI_ETS_PROOFOFAPPROVAL: Nid = Nid(ffi::NID_id_smime_cti_ets_proofOfApproval); -pub const ID_SMIME_CTI_ETS_PROOFOFCREATION: Nid = Nid(ffi::NID_id_smime_cti_ets_proofOfCreation); -pub const FRIENDLYNAME: Nid = Nid(ffi::NID_friendlyName); -pub const LOCALKEYID: Nid = Nid(ffi::NID_localKeyID); -pub const MS_CSP_NAME: Nid = Nid(ffi::NID_ms_csp_name); -pub const LOCALKEYSET: Nid = Nid(ffi::NID_LocalKeySet); -pub const X509CERTIFICATE: Nid = Nid(ffi::NID_x509Certificate); -pub const SDSICERTIFICATE: Nid = Nid(ffi::NID_sdsiCertificate); -pub const X509CRL: Nid = Nid(ffi::NID_x509Crl); -pub const PBE_WITHSHA1AND128BITRC4: Nid = Nid(ffi::NID_pbe_WithSHA1And128BitRC4); -pub const PBE_WITHSHA1AND40BITRC4: Nid = Nid(ffi::NID_pbe_WithSHA1And40BitRC4); -pub const PBE_WITHSHA1AND3_KEY_TRIPLEDES_CBC: Nid = - Nid(ffi::NID_pbe_WithSHA1And3_Key_TripleDES_CBC); -pub const PBE_WITHSHA1AND2_KEY_TRIPLEDES_CBC: Nid = - Nid(ffi::NID_pbe_WithSHA1And2_Key_TripleDES_CBC); -pub const PBE_WITHSHA1AND128BITRC2_CBC: Nid = Nid(ffi::NID_pbe_WithSHA1And128BitRC2_CBC); -pub const PBE_WITHSHA1AND40BITRC2_CBC: Nid = Nid(ffi::NID_pbe_WithSHA1And40BitRC2_CBC); -pub const KEYBAG: Nid = Nid(ffi::NID_keyBag); -pub const PKCS8SHROUDEDKEYBAG: Nid = Nid(ffi::NID_pkcs8ShroudedKeyBag); -pub const CERTBAG: Nid = Nid(ffi::NID_certBag); -pub const CRLBAG: Nid = Nid(ffi::NID_crlBag); -pub const SECRETBAG: Nid = Nid(ffi::NID_secretBag); -pub const SAFECONTENTSBAG: Nid = Nid(ffi::NID_safeContentsBag); -pub const MD2: Nid = Nid(ffi::NID_md2); -pub const MD4: Nid = Nid(ffi::NID_md4); -pub const MD5: Nid = Nid(ffi::NID_md5); -pub const MD5_SHA1: Nid = Nid(ffi::NID_md5_sha1); -pub const HMACWITHMD5: Nid = Nid(ffi::NID_hmacWithMD5); -pub const HMACWITHSHA1: Nid = Nid(ffi::NID_hmacWithSHA1); -pub const HMACWITHSHA224: Nid = Nid(ffi::NID_hmacWithSHA224); -pub const HMACWITHSHA256: Nid = Nid(ffi::NID_hmacWithSHA256); -pub const HMACWITHSHA384: Nid = Nid(ffi::NID_hmacWithSHA384); -pub const HMACWITHSHA512: Nid = Nid(ffi::NID_hmacWithSHA512); -pub const RC2_CBC: Nid = Nid(ffi::NID_rc2_cbc); -pub const RC2_ECB: Nid = Nid(ffi::NID_rc2_ecb); -pub const RC2_CFB64: Nid = Nid(ffi::NID_rc2_cfb64); -pub const RC2_OFB64: Nid = Nid(ffi::NID_rc2_ofb64); -pub const RC2_40_CBC: Nid = Nid(ffi::NID_rc2_40_cbc); -pub const RC2_64_CBC: Nid = Nid(ffi::NID_rc2_64_cbc); -pub const RC4: Nid = Nid(ffi::NID_rc4); -pub const RC4_40: Nid = Nid(ffi::NID_rc4_40); -pub const DES_EDE3_CBC: Nid = Nid(ffi::NID_des_ede3_cbc); -pub const RC5_CBC: Nid = Nid(ffi::NID_rc5_cbc); -pub const RC5_ECB: Nid = Nid(ffi::NID_rc5_ecb); -pub const RC5_CFB64: Nid = Nid(ffi::NID_rc5_cfb64); -pub const RC5_OFB64: Nid = Nid(ffi::NID_rc5_ofb64); -pub const MS_EXT_REQ: Nid = Nid(ffi::NID_ms_ext_req); -pub const MS_CODE_IND: Nid = Nid(ffi::NID_ms_code_ind); -pub const MS_CODE_COM: Nid = Nid(ffi::NID_ms_code_com); -pub const MS_CTL_SIGN: Nid = Nid(ffi::NID_ms_ctl_sign); -pub const MS_SGC: Nid = Nid(ffi::NID_ms_sgc); -pub const MS_EFS: Nid = Nid(ffi::NID_ms_efs); -pub const MS_SMARTCARD_LOGIN: Nid = Nid(ffi::NID_ms_smartcard_login); -pub const MS_UPN: Nid = Nid(ffi::NID_ms_upn); -pub const IDEA_CBC: Nid = Nid(ffi::NID_idea_cbc); -pub const IDEA_ECB: Nid = Nid(ffi::NID_idea_ecb); -pub const IDEA_CFB64: Nid = Nid(ffi::NID_idea_cfb64); -pub const IDEA_OFB64: Nid = Nid(ffi::NID_idea_ofb64); -pub const BF_CBC: Nid = Nid(ffi::NID_bf_cbc); -pub const BF_ECB: Nid = Nid(ffi::NID_bf_ecb); -pub const BF_CFB64: Nid = Nid(ffi::NID_bf_cfb64); -pub const BF_OFB64: Nid = Nid(ffi::NID_bf_ofb64); -pub const ID_PKIX: Nid = Nid(ffi::NID_id_pkix); -pub const ID_PKIX_MOD: Nid = Nid(ffi::NID_id_pkix_mod); -pub const ID_PE: Nid = Nid(ffi::NID_id_pe); -pub const ID_QT: Nid = Nid(ffi::NID_id_qt); -pub const ID_KP: Nid = Nid(ffi::NID_id_kp); -pub const ID_IT: Nid = Nid(ffi::NID_id_it); -pub const ID_PKIP: Nid = Nid(ffi::NID_id_pkip); -pub const ID_ALG: Nid = Nid(ffi::NID_id_alg); -pub const ID_CMC: Nid = Nid(ffi::NID_id_cmc); -pub const ID_ON: Nid = Nid(ffi::NID_id_on); -pub const ID_PDA: Nid = Nid(ffi::NID_id_pda); -pub const ID_ACA: Nid = Nid(ffi::NID_id_aca); -pub const ID_QCS: Nid = Nid(ffi::NID_id_qcs); -pub const ID_CCT: Nid = Nid(ffi::NID_id_cct); -pub const ID_PPL: Nid = Nid(ffi::NID_id_ppl); -pub const ID_AD: Nid = Nid(ffi::NID_id_ad); -pub const ID_PKIX1_EXPLICIT_88: Nid = Nid(ffi::NID_id_pkix1_explicit_88); -pub const ID_PKIX1_IMPLICIT_88: Nid = Nid(ffi::NID_id_pkix1_implicit_88); -pub const ID_PKIX1_EXPLICIT_93: Nid = Nid(ffi::NID_id_pkix1_explicit_93); -pub const ID_PKIX1_IMPLICIT_93: Nid = Nid(ffi::NID_id_pkix1_implicit_93); -pub const ID_MOD_CRMF: Nid = Nid(ffi::NID_id_mod_crmf); -pub const ID_MOD_CMC: Nid = Nid(ffi::NID_id_mod_cmc); -pub const ID_MOD_KEA_PROFILE_88: Nid = Nid(ffi::NID_id_mod_kea_profile_88); -pub const ID_MOD_KEA_PROFILE_93: Nid = Nid(ffi::NID_id_mod_kea_profile_93); -pub const ID_MOD_CMP: Nid = Nid(ffi::NID_id_mod_cmp); -pub const ID_MOD_QUALIFIED_CERT_88: Nid = Nid(ffi::NID_id_mod_qualified_cert_88); -pub const ID_MOD_QUALIFIED_CERT_93: Nid = Nid(ffi::NID_id_mod_qualified_cert_93); -pub const ID_MOD_ATTRIBUTE_CERT: Nid = Nid(ffi::NID_id_mod_attribute_cert); -pub const ID_MOD_TIMESTAMP_PROTOCOL: Nid = Nid(ffi::NID_id_mod_timestamp_protocol); -pub const ID_MOD_OCSP: Nid = Nid(ffi::NID_id_mod_ocsp); -pub const ID_MOD_DVCS: Nid = Nid(ffi::NID_id_mod_dvcs); -pub const ID_MOD_CMP2000: Nid = Nid(ffi::NID_id_mod_cmp2000); -pub const INFO_ACCESS: Nid = Nid(ffi::NID_info_access); -pub const BIOMETRICINFO: Nid = Nid(ffi::NID_biometricInfo); -pub const QCSTATEMENTS: Nid = Nid(ffi::NID_qcStatements); -pub const AC_AUDITENTITY: Nid = Nid(ffi::NID_ac_auditEntity); -pub const AC_TARGETING: Nid = Nid(ffi::NID_ac_targeting); -pub const AACONTROLS: Nid = Nid(ffi::NID_aaControls); -pub const SBGP_IPADDRBLOCK: Nid = Nid(ffi::NID_sbgp_ipAddrBlock); -pub const SBGP_AUTONOMOUSSYSNUM: Nid = Nid(ffi::NID_sbgp_autonomousSysNum); -pub const SBGP_ROUTERIDENTIFIER: Nid = Nid(ffi::NID_sbgp_routerIdentifier); -pub const AC_PROXYING: Nid = Nid(ffi::NID_ac_proxying); -pub const SINFO_ACCESS: Nid = Nid(ffi::NID_sinfo_access); -pub const PROXYCERTINFO: Nid = Nid(ffi::NID_proxyCertInfo); -pub const ID_QT_CPS: Nid = Nid(ffi::NID_id_qt_cps); -pub const ID_QT_UNOTICE: Nid = Nid(ffi::NID_id_qt_unotice); -pub const TEXTNOTICE: Nid = Nid(ffi::NID_textNotice); -pub const SERVER_AUTH: Nid = Nid(ffi::NID_server_auth); -pub const CLIENT_AUTH: Nid = Nid(ffi::NID_client_auth); -pub const CODE_SIGN: Nid = Nid(ffi::NID_code_sign); -pub const EMAIL_PROTECT: Nid = Nid(ffi::NID_email_protect); -pub const IPSECENDSYSTEM: Nid = Nid(ffi::NID_ipsecEndSystem); -pub const IPSECTUNNEL: Nid = Nid(ffi::NID_ipsecTunnel); -pub const IPSECUSER: Nid = Nid(ffi::NID_ipsecUser); -pub const TIME_STAMP: Nid = Nid(ffi::NID_time_stamp); -pub const OCSP_SIGN: Nid = Nid(ffi::NID_OCSP_sign); -pub const DVCS: Nid = Nid(ffi::NID_dvcs); -pub const ID_IT_CAPROTENCCERT: Nid = Nid(ffi::NID_id_it_caProtEncCert); -pub const ID_IT_SIGNKEYPAIRTYPES: Nid = Nid(ffi::NID_id_it_signKeyPairTypes); -pub const ID_IT_ENCKEYPAIRTYPES: Nid = Nid(ffi::NID_id_it_encKeyPairTypes); -pub const ID_IT_PREFERREDSYMMALG: Nid = Nid(ffi::NID_id_it_preferredSymmAlg); -pub const ID_IT_CAKEYUPDATEINFO: Nid = Nid(ffi::NID_id_it_caKeyUpdateInfo); -pub const ID_IT_CURRENTCRL: Nid = Nid(ffi::NID_id_it_currentCRL); -pub const ID_IT_UNSUPPORTEDOIDS: Nid = Nid(ffi::NID_id_it_unsupportedOIDs); -pub const ID_IT_SUBSCRIPTIONREQUEST: Nid = Nid(ffi::NID_id_it_subscriptionRequest); -pub const ID_IT_SUBSCRIPTIONRESPONSE: Nid = Nid(ffi::NID_id_it_subscriptionResponse); -pub const ID_IT_KEYPAIRPARAMREQ: Nid = Nid(ffi::NID_id_it_keyPairParamReq); -pub const ID_IT_KEYPAIRPARAMREP: Nid = Nid(ffi::NID_id_it_keyPairParamRep); -pub const ID_IT_REVPASSPHRASE: Nid = Nid(ffi::NID_id_it_revPassphrase); -pub const ID_IT_IMPLICITCONFIRM: Nid = Nid(ffi::NID_id_it_implicitConfirm); -pub const ID_IT_CONFIRMWAITTIME: Nid = Nid(ffi::NID_id_it_confirmWaitTime); -pub const ID_IT_ORIGPKIMESSAGE: Nid = Nid(ffi::NID_id_it_origPKIMessage); -pub const ID_IT_SUPPLANGTAGS: Nid = Nid(ffi::NID_id_it_suppLangTags); -pub const ID_REGCTRL: Nid = Nid(ffi::NID_id_regCtrl); -pub const ID_REGINFO: Nid = Nid(ffi::NID_id_regInfo); -pub const ID_REGCTRL_REGTOKEN: Nid = Nid(ffi::NID_id_regCtrl_regToken); -pub const ID_REGCTRL_AUTHENTICATOR: Nid = Nid(ffi::NID_id_regCtrl_authenticator); -pub const ID_REGCTRL_PKIPUBLICATIONINFO: Nid = Nid(ffi::NID_id_regCtrl_pkiPublicationInfo); -pub const ID_REGCTRL_PKIARCHIVEOPTIONS: Nid = Nid(ffi::NID_id_regCtrl_pkiArchiveOptions); -pub const ID_REGCTRL_OLDCERTID: Nid = Nid(ffi::NID_id_regCtrl_oldCertID); -pub const ID_REGCTRL_PROTOCOLENCRKEY: Nid = Nid(ffi::NID_id_regCtrl_protocolEncrKey); -pub const ID_REGINFO_UTF8PAIRS: Nid = Nid(ffi::NID_id_regInfo_utf8Pairs); -pub const ID_REGINFO_CERTREQ: Nid = Nid(ffi::NID_id_regInfo_certReq); -pub const ID_ALG_DES40: Nid = Nid(ffi::NID_id_alg_des40); -pub const ID_ALG_NOSIGNATURE: Nid = Nid(ffi::NID_id_alg_noSignature); -pub const ID_ALG_DH_SIG_HMAC_SHA1: Nid = Nid(ffi::NID_id_alg_dh_sig_hmac_sha1); -pub const ID_ALG_DH_POP: Nid = Nid(ffi::NID_id_alg_dh_pop); -pub const ID_CMC_STATUSINFO: Nid = Nid(ffi::NID_id_cmc_statusInfo); -pub const ID_CMC_IDENTIFICATION: Nid = Nid(ffi::NID_id_cmc_identification); -pub const ID_CMC_IDENTITYPROOF: Nid = Nid(ffi::NID_id_cmc_identityProof); -pub const ID_CMC_DATARETURN: Nid = Nid(ffi::NID_id_cmc_dataReturn); -pub const ID_CMC_TRANSACTIONID: Nid = Nid(ffi::NID_id_cmc_transactionId); -pub const ID_CMC_SENDERNONCE: Nid = Nid(ffi::NID_id_cmc_senderNonce); -pub const ID_CMC_RECIPIENTNONCE: Nid = Nid(ffi::NID_id_cmc_recipientNonce); -pub const ID_CMC_ADDEXTENSIONS: Nid = Nid(ffi::NID_id_cmc_addExtensions); -pub const ID_CMC_ENCRYPTEDPOP: Nid = Nid(ffi::NID_id_cmc_encryptedPOP); -pub const ID_CMC_DECRYPTEDPOP: Nid = Nid(ffi::NID_id_cmc_decryptedPOP); -pub const ID_CMC_LRAPOPWITNESS: Nid = Nid(ffi::NID_id_cmc_lraPOPWitness); -pub const ID_CMC_GETCERT: Nid = Nid(ffi::NID_id_cmc_getCert); -pub const ID_CMC_GETCRL: Nid = Nid(ffi::NID_id_cmc_getCRL); -pub const ID_CMC_REVOKEREQUEST: Nid = Nid(ffi::NID_id_cmc_revokeRequest); -pub const ID_CMC_REGINFO: Nid = Nid(ffi::NID_id_cmc_regInfo); -pub const ID_CMC_RESPONSEINFO: Nid = Nid(ffi::NID_id_cmc_responseInfo); -pub const ID_CMC_QUERYPENDING: Nid = Nid(ffi::NID_id_cmc_queryPending); -pub const ID_CMC_POPLINKRANDOM: Nid = Nid(ffi::NID_id_cmc_popLinkRandom); -pub const ID_CMC_POPLINKWITNESS: Nid = Nid(ffi::NID_id_cmc_popLinkWitness); -pub const ID_CMC_CONFIRMCERTACCEPTANCE: Nid = Nid(ffi::NID_id_cmc_confirmCertAcceptance); -pub const ID_ON_PERSONALDATA: Nid = Nid(ffi::NID_id_on_personalData); -pub const ID_ON_PERMANENTIDENTIFIER: Nid = Nid(ffi::NID_id_on_permanentIdentifier); -pub const ID_PDA_DATEOFBIRTH: Nid = Nid(ffi::NID_id_pda_dateOfBirth); -pub const ID_PDA_PLACEOFBIRTH: Nid = Nid(ffi::NID_id_pda_placeOfBirth); -pub const ID_PDA_GENDER: Nid = Nid(ffi::NID_id_pda_gender); -pub const ID_PDA_COUNTRYOFCITIZENSHIP: Nid = Nid(ffi::NID_id_pda_countryOfCitizenship); -pub const ID_PDA_COUNTRYOFRESIDENCE: Nid = Nid(ffi::NID_id_pda_countryOfResidence); -pub const ID_ACA_AUTHENTICATIONINFO: Nid = Nid(ffi::NID_id_aca_authenticationInfo); -pub const ID_ACA_ACCESSIDENTITY: Nid = Nid(ffi::NID_id_aca_accessIdentity); -pub const ID_ACA_CHARGINGIDENTITY: Nid = Nid(ffi::NID_id_aca_chargingIdentity); -pub const ID_ACA_GROUP: Nid = Nid(ffi::NID_id_aca_group); -pub const ID_ACA_ROLE: Nid = Nid(ffi::NID_id_aca_role); -pub const ID_ACA_ENCATTRS: Nid = Nid(ffi::NID_id_aca_encAttrs); -pub const ID_QCS_PKIXQCSYNTAX_V1: Nid = Nid(ffi::NID_id_qcs_pkixQCSyntax_v1); -pub const ID_CCT_CRS: Nid = Nid(ffi::NID_id_cct_crs); -pub const ID_CCT_PKIDATA: Nid = Nid(ffi::NID_id_cct_PKIData); -pub const ID_CCT_PKIRESPONSE: Nid = Nid(ffi::NID_id_cct_PKIResponse); -pub const ID_PPL_ANYLANGUAGE: Nid = Nid(ffi::NID_id_ppl_anyLanguage); -pub const ID_PPL_INHERITALL: Nid = Nid(ffi::NID_id_ppl_inheritAll); -pub const INDEPENDENT: Nid = Nid(ffi::NID_Independent); -pub const AD_OCSP: Nid = Nid(ffi::NID_ad_OCSP); -pub const AD_CA_ISSUERS: Nid = Nid(ffi::NID_ad_ca_issuers); -pub const AD_TIMESTAMPING: Nid = Nid(ffi::NID_ad_timeStamping); -pub const AD_DVCS: Nid = Nid(ffi::NID_ad_dvcs); -pub const CAREPOSITORY: Nid = Nid(ffi::NID_caRepository); -pub const ID_PKIX_OCSP_BASIC: Nid = Nid(ffi::NID_id_pkix_OCSP_basic); -pub const ID_PKIX_OCSP_NONCE: Nid = Nid(ffi::NID_id_pkix_OCSP_Nonce); -pub const ID_PKIX_OCSP_CRLID: Nid = Nid(ffi::NID_id_pkix_OCSP_CrlID); -pub const ID_PKIX_OCSP_ACCEPTABLERESPONSES: Nid = Nid(ffi::NID_id_pkix_OCSP_acceptableResponses); -pub const ID_PKIX_OCSP_NOCHECK: Nid = Nid(ffi::NID_id_pkix_OCSP_noCheck); -pub const ID_PKIX_OCSP_ARCHIVECUTOFF: Nid = Nid(ffi::NID_id_pkix_OCSP_archiveCutoff); -pub const ID_PKIX_OCSP_SERVICELOCATOR: Nid = Nid(ffi::NID_id_pkix_OCSP_serviceLocator); -pub const ID_PKIX_OCSP_EXTENDEDSTATUS: Nid = Nid(ffi::NID_id_pkix_OCSP_extendedStatus); -pub const ID_PKIX_OCSP_VALID: Nid = Nid(ffi::NID_id_pkix_OCSP_valid); -pub const ID_PKIX_OCSP_PATH: Nid = Nid(ffi::NID_id_pkix_OCSP_path); -pub const ID_PKIX_OCSP_TRUSTROOT: Nid = Nid(ffi::NID_id_pkix_OCSP_trustRoot); -pub const ALGORITHM: Nid = Nid(ffi::NID_algorithm); -pub const MD5WITHRSA: Nid = Nid(ffi::NID_md5WithRSA); -pub const DES_ECB: Nid = Nid(ffi::NID_des_ecb); -pub const DES_CBC: Nid = Nid(ffi::NID_des_cbc); -pub const DES_OFB64: Nid = Nid(ffi::NID_des_ofb64); -pub const DES_CFB64: Nid = Nid(ffi::NID_des_cfb64); -pub const RSASIGNATURE: Nid = Nid(ffi::NID_rsaSignature); -pub const DSA_2: Nid = Nid(ffi::NID_dsa_2); -pub const DSAWITHSHA: Nid = Nid(ffi::NID_dsaWithSHA); -pub const SHAWITHRSAENCRYPTION: Nid = Nid(ffi::NID_shaWithRSAEncryption); -pub const DES_EDE_ECB: Nid = Nid(ffi::NID_des_ede_ecb); -pub const DES_EDE3_ECB: Nid = Nid(ffi::NID_des_ede3_ecb); -pub const DES_EDE_CBC: Nid = Nid(ffi::NID_des_ede_cbc); -pub const DES_EDE_CFB64: Nid = Nid(ffi::NID_des_ede_cfb64); -pub const DES_EDE3_CFB64: Nid = Nid(ffi::NID_des_ede3_cfb64); -pub const DES_EDE_OFB64: Nid = Nid(ffi::NID_des_ede_ofb64); -pub const DES_EDE3_OFB64: Nid = Nid(ffi::NID_des_ede3_ofb64); -pub const DESX_CBC: Nid = Nid(ffi::NID_desx_cbc); -pub const SHA: Nid = Nid(ffi::NID_sha); -pub const SHA1: Nid = Nid(ffi::NID_sha1); -pub const DSAWITHSHA1_2: Nid = Nid(ffi::NID_dsaWithSHA1_2); -pub const SHA1WITHRSA: Nid = Nid(ffi::NID_sha1WithRSA); -pub const RIPEMD160: Nid = Nid(ffi::NID_ripemd160); -pub const RIPEMD160WITHRSA: Nid = Nid(ffi::NID_ripemd160WithRSA); -pub const SXNET: Nid = Nid(ffi::NID_sxnet); -pub const X500: Nid = Nid(ffi::NID_X500); -pub const X509: Nid = Nid(ffi::NID_X509); -pub const COMMONNAME: Nid = Nid(ffi::NID_commonName); -pub const SURNAME: Nid = Nid(ffi::NID_surname); -pub const SERIALNUMBER: Nid = Nid(ffi::NID_serialNumber); -pub const COUNTRYNAME: Nid = Nid(ffi::NID_countryName); -pub const LOCALITYNAME: Nid = Nid(ffi::NID_localityName); -pub const STATEORPROVINCENAME: Nid = Nid(ffi::NID_stateOrProvinceName); -pub const STREETADDRESS: Nid = Nid(ffi::NID_streetAddress); -pub const ORGANIZATIONNAME: Nid = Nid(ffi::NID_organizationName); -pub const ORGANIZATIONALUNITNAME: Nid = Nid(ffi::NID_organizationalUnitName); -pub const TITLE: Nid = Nid(ffi::NID_title); -pub const DESCRIPTION: Nid = Nid(ffi::NID_description); -pub const SEARCHGUIDE: Nid = Nid(ffi::NID_searchGuide); -pub const BUSINESSCATEGORY: Nid = Nid(ffi::NID_businessCategory); -pub const POSTALADDRESS: Nid = Nid(ffi::NID_postalAddress); -pub const POSTALCODE: Nid = Nid(ffi::NID_postalCode); -pub const POSTOFFICEBOX: Nid = Nid(ffi::NID_postOfficeBox); -pub const PHYSICALDELIVERYOFFICENAME: Nid = Nid(ffi::NID_physicalDeliveryOfficeName); -pub const TELEPHONENUMBER: Nid = Nid(ffi::NID_telephoneNumber); -pub const TELEXNUMBER: Nid = Nid(ffi::NID_telexNumber); -pub const TELETEXTERMINALIDENTIFIER: Nid = Nid(ffi::NID_teletexTerminalIdentifier); -pub const FACSIMILETELEPHONENUMBER: Nid = Nid(ffi::NID_facsimileTelephoneNumber); -pub const X121ADDRESS: Nid = Nid(ffi::NID_x121Address); -pub const INTERNATIONALISDNNUMBER: Nid = Nid(ffi::NID_internationaliSDNNumber); -pub const REGISTEREDADDRESS: Nid = Nid(ffi::NID_registeredAddress); -pub const DESTINATIONINDICATOR: Nid = Nid(ffi::NID_destinationIndicator); -pub const PREFERREDDELIVERYMETHOD: Nid = Nid(ffi::NID_preferredDeliveryMethod); -pub const PRESENTATIONADDRESS: Nid = Nid(ffi::NID_presentationAddress); -pub const SUPPORTEDAPPLICATIONCONTEXT: Nid = Nid(ffi::NID_supportedApplicationContext); -pub const MEMBER: Nid = Nid(ffi::NID_member); -pub const OWNER: Nid = Nid(ffi::NID_owner); -pub const ROLEOCCUPANT: Nid = Nid(ffi::NID_roleOccupant); -pub const SEEALSO: Nid = Nid(ffi::NID_seeAlso); -pub const USERPASSWORD: Nid = Nid(ffi::NID_userPassword); -pub const USERCERTIFICATE: Nid = Nid(ffi::NID_userCertificate); -pub const CACERTIFICATE: Nid = Nid(ffi::NID_cACertificate); -pub const AUTHORITYREVOCATIONLIST: Nid = Nid(ffi::NID_authorityRevocationList); -pub const CERTIFICATEREVOCATIONLIST: Nid = Nid(ffi::NID_certificateRevocationList); -pub const CROSSCERTIFICATEPAIR: Nid = Nid(ffi::NID_crossCertificatePair); -pub const NAME: Nid = Nid(ffi::NID_name); -pub const GIVENNAME: Nid = Nid(ffi::NID_givenName); -pub const INITIALS: Nid = Nid(ffi::NID_initials); -pub const GENERATIONQUALIFIER: Nid = Nid(ffi::NID_generationQualifier); -pub const X500UNIQUEIDENTIFIER: Nid = Nid(ffi::NID_x500UniqueIdentifier); -pub const DNQUALIFIER: Nid = Nid(ffi::NID_dnQualifier); -pub const ENHANCEDSEARCHGUIDE: Nid = Nid(ffi::NID_enhancedSearchGuide); -pub const PROTOCOLINFORMATION: Nid = Nid(ffi::NID_protocolInformation); -pub const DISTINGUISHEDNAME: Nid = Nid(ffi::NID_distinguishedName); -pub const UNIQUEMEMBER: Nid = Nid(ffi::NID_uniqueMember); -pub const HOUSEIDENTIFIER: Nid = Nid(ffi::NID_houseIdentifier); -pub const SUPPORTEDALGORITHMS: Nid = Nid(ffi::NID_supportedAlgorithms); -pub const DELTAREVOCATIONLIST: Nid = Nid(ffi::NID_deltaRevocationList); -pub const DMDNAME: Nid = Nid(ffi::NID_dmdName); -pub const PSEUDONYM: Nid = Nid(ffi::NID_pseudonym); -pub const ROLE: Nid = Nid(ffi::NID_role); -pub const X500ALGORITHMS: Nid = Nid(ffi::NID_X500algorithms); -pub const RSA: Nid = Nid(ffi::NID_rsa); -pub const MDC2WITHRSA: Nid = Nid(ffi::NID_mdc2WithRSA); -pub const MDC2: Nid = Nid(ffi::NID_mdc2); -pub const ID_CE: Nid = Nid(ffi::NID_id_ce); -pub const SUBJECT_DIRECTORY_ATTRIBUTES: Nid = Nid(ffi::NID_subject_directory_attributes); -pub const SUBJECT_KEY_IDENTIFIER: Nid = Nid(ffi::NID_subject_key_identifier); -pub const KEY_USAGE: Nid = Nid(ffi::NID_key_usage); -pub const PRIVATE_KEY_USAGE_PERIOD: Nid = Nid(ffi::NID_private_key_usage_period); -pub const SUBJECT_ALT_NAME: Nid = Nid(ffi::NID_subject_alt_name); -pub const ISSUER_ALT_NAME: Nid = Nid(ffi::NID_issuer_alt_name); -pub const BASIC_CONSTRAINTS: Nid = Nid(ffi::NID_basic_constraints); -pub const CRL_NUMBER: Nid = Nid(ffi::NID_crl_number); -pub const CRL_REASON: Nid = Nid(ffi::NID_crl_reason); -pub const INVALIDITY_DATE: Nid = Nid(ffi::NID_invalidity_date); -pub const DELTA_CRL: Nid = Nid(ffi::NID_delta_crl); -pub const ISSUING_DISTRIBUTION_POINT: Nid = Nid(ffi::NID_issuing_distribution_point); -pub const CERTIFICATE_ISSUER: Nid = Nid(ffi::NID_certificate_issuer); -pub const NAME_CONSTRAINTS: Nid = Nid(ffi::NID_name_constraints); -pub const CRL_DISTRIBUTION_POINTS: Nid = Nid(ffi::NID_crl_distribution_points); -pub const CERTIFICATE_POLICIES: Nid = Nid(ffi::NID_certificate_policies); -pub const ANY_POLICY: Nid = Nid(ffi::NID_any_policy); -pub const POLICY_MAPPINGS: Nid = Nid(ffi::NID_policy_mappings); -pub const AUTHORITY_KEY_IDENTIFIER: Nid = Nid(ffi::NID_authority_key_identifier); -pub const POLICY_CONSTRAINTS: Nid = Nid(ffi::NID_policy_constraints); -pub const EXT_KEY_USAGE: Nid = Nid(ffi::NID_ext_key_usage); -pub const FRESHEST_CRL: Nid = Nid(ffi::NID_freshest_crl); -pub const INHIBIT_ANY_POLICY: Nid = Nid(ffi::NID_inhibit_any_policy); -pub const TARGET_INFORMATION: Nid = Nid(ffi::NID_target_information); -pub const NO_REV_AVAIL: Nid = Nid(ffi::NID_no_rev_avail); -pub const ANYEXTENDEDKEYUSAGE: Nid = Nid(ffi::NID_anyExtendedKeyUsage); -pub const NETSCAPE: Nid = Nid(ffi::NID_netscape); -pub const NETSCAPE_CERT_EXTENSION: Nid = Nid(ffi::NID_netscape_cert_extension); -pub const NETSCAPE_DATA_TYPE: Nid = Nid(ffi::NID_netscape_data_type); -pub const NETSCAPE_CERT_TYPE: Nid = Nid(ffi::NID_netscape_cert_type); -pub const NETSCAPE_BASE_URL: Nid = Nid(ffi::NID_netscape_base_url); -pub const NETSCAPE_REVOCATION_URL: Nid = Nid(ffi::NID_netscape_revocation_url); -pub const NETSCAPE_CA_REVOCATION_URL: Nid = Nid(ffi::NID_netscape_ca_revocation_url); -pub const NETSCAPE_RENEWAL_URL: Nid = Nid(ffi::NID_netscape_renewal_url); -pub const NETSCAPE_CA_POLICY_URL: Nid = Nid(ffi::NID_netscape_ca_policy_url); -pub const NETSCAPE_SSL_SERVER_NAME: Nid = Nid(ffi::NID_netscape_ssl_server_name); -pub const NETSCAPE_COMMENT: Nid = Nid(ffi::NID_netscape_comment); -pub const NETSCAPE_CERT_SEQUENCE: Nid = Nid(ffi::NID_netscape_cert_sequence); -pub const NS_SGC: Nid = Nid(ffi::NID_ns_sgc); -pub const ORG: Nid = Nid(ffi::NID_org); -pub const DOD: Nid = Nid(ffi::NID_dod); -pub const IANA: Nid = Nid(ffi::NID_iana); -pub const DIRECTORY: Nid = Nid(ffi::NID_Directory); -pub const MANAGEMENT: Nid = Nid(ffi::NID_Management); -pub const EXPERIMENTAL: Nid = Nid(ffi::NID_Experimental); -pub const PRIVATE: Nid = Nid(ffi::NID_Private); -pub const SECURITY: Nid = Nid(ffi::NID_Security); -pub const SNMPV2: Nid = Nid(ffi::NID_SNMPv2); -pub const MAIL: Nid = Nid(ffi::NID_Mail); -pub const ENTERPRISES: Nid = Nid(ffi::NID_Enterprises); -pub const DCOBJECT: Nid = Nid(ffi::NID_dcObject); -pub const MIME_MHS: Nid = Nid(ffi::NID_mime_mhs); -pub const MIME_MHS_HEADINGS: Nid = Nid(ffi::NID_mime_mhs_headings); -pub const MIME_MHS_BODIES: Nid = Nid(ffi::NID_mime_mhs_bodies); -pub const ID_HEX_PARTIAL_MESSAGE: Nid = Nid(ffi::NID_id_hex_partial_message); -pub const ID_HEX_MULTIPART_MESSAGE: Nid = Nid(ffi::NID_id_hex_multipart_message); -pub const ZLIB_COMPRESSION: Nid = Nid(ffi::NID_zlib_compression); -pub const AES_128_ECB: Nid = Nid(ffi::NID_aes_128_ecb); -pub const AES_128_CBC: Nid = Nid(ffi::NID_aes_128_cbc); -pub const AES_128_OFB128: Nid = Nid(ffi::NID_aes_128_ofb128); -pub const AES_128_CFB128: Nid = Nid(ffi::NID_aes_128_cfb128); -pub const ID_AES128_WRAP: Nid = Nid(ffi::NID_id_aes128_wrap); -pub const AES_128_GCM: Nid = Nid(ffi::NID_aes_128_gcm); -pub const AES_128_CCM: Nid = Nid(ffi::NID_aes_128_ccm); -pub const ID_AES128_WRAP_PAD: Nid = Nid(ffi::NID_id_aes128_wrap_pad); -pub const AES_192_ECB: Nid = Nid(ffi::NID_aes_192_ecb); -pub const AES_192_CBC: Nid = Nid(ffi::NID_aes_192_cbc); -pub const AES_192_OFB128: Nid = Nid(ffi::NID_aes_192_ofb128); -pub const AES_192_CFB128: Nid = Nid(ffi::NID_aes_192_cfb128); -pub const ID_AES192_WRAP: Nid = Nid(ffi::NID_id_aes192_wrap); -pub const AES_192_GCM: Nid = Nid(ffi::NID_aes_192_gcm); -pub const AES_192_CCM: Nid = Nid(ffi::NID_aes_192_ccm); -pub const ID_AES192_WRAP_PAD: Nid = Nid(ffi::NID_id_aes192_wrap_pad); -pub const AES_256_ECB: Nid = Nid(ffi::NID_aes_256_ecb); -pub const AES_256_CBC: Nid = Nid(ffi::NID_aes_256_cbc); -pub const AES_256_OFB128: Nid = Nid(ffi::NID_aes_256_ofb128); -pub const AES_256_CFB128: Nid = Nid(ffi::NID_aes_256_cfb128); -pub const ID_AES256_WRAP: Nid = Nid(ffi::NID_id_aes256_wrap); -pub const AES_256_GCM: Nid = Nid(ffi::NID_aes_256_gcm); -pub const AES_256_CCM: Nid = Nid(ffi::NID_aes_256_ccm); -pub const ID_AES256_WRAP_PAD: Nid = Nid(ffi::NID_id_aes256_wrap_pad); -pub const AES_128_CFB1: Nid = Nid(ffi::NID_aes_128_cfb1); -pub const AES_192_CFB1: Nid = Nid(ffi::NID_aes_192_cfb1); -pub const AES_256_CFB1: Nid = Nid(ffi::NID_aes_256_cfb1); -pub const AES_128_CFB8: Nid = Nid(ffi::NID_aes_128_cfb8); -pub const AES_192_CFB8: Nid = Nid(ffi::NID_aes_192_cfb8); -pub const AES_256_CFB8: Nid = Nid(ffi::NID_aes_256_cfb8); -pub const AES_128_CTR: Nid = Nid(ffi::NID_aes_128_ctr); -pub const AES_192_CTR: Nid = Nid(ffi::NID_aes_192_ctr); -pub const AES_256_CTR: Nid = Nid(ffi::NID_aes_256_ctr); -pub const AES_128_XTS: Nid = Nid(ffi::NID_aes_128_xts); -pub const AES_256_XTS: Nid = Nid(ffi::NID_aes_256_xts); -pub const DES_CFB1: Nid = Nid(ffi::NID_des_cfb1); -pub const DES_CFB8: Nid = Nid(ffi::NID_des_cfb8); -pub const DES_EDE3_CFB1: Nid = Nid(ffi::NID_des_ede3_cfb1); -pub const DES_EDE3_CFB8: Nid = Nid(ffi::NID_des_ede3_cfb8); -pub const SHA256: Nid = Nid(ffi::NID_sha256); -pub const SHA384: Nid = Nid(ffi::NID_sha384); -pub const SHA512: Nid = Nid(ffi::NID_sha512); -pub const SHA224: Nid = Nid(ffi::NID_sha224); -pub const DSA_WITH_SHA224: Nid = Nid(ffi::NID_dsa_with_SHA224); -pub const DSA_WITH_SHA256: Nid = Nid(ffi::NID_dsa_with_SHA256); -pub const HOLD_INSTRUCTION_CODE: Nid = Nid(ffi::NID_hold_instruction_code); -pub const HOLD_INSTRUCTION_NONE: Nid = Nid(ffi::NID_hold_instruction_none); -pub const HOLD_INSTRUCTION_CALL_ISSUER: Nid = Nid(ffi::NID_hold_instruction_call_issuer); -pub const HOLD_INSTRUCTION_REJECT: Nid = Nid(ffi::NID_hold_instruction_reject); -pub const DATA: Nid = Nid(ffi::NID_data); -pub const PSS: Nid = Nid(ffi::NID_pss); -pub const UCL: Nid = Nid(ffi::NID_ucl); -pub const PILOT: Nid = Nid(ffi::NID_pilot); -pub const PILOTATTRIBUTETYPE: Nid = Nid(ffi::NID_pilotAttributeType); -pub const PILOTATTRIBUTESYNTAX: Nid = Nid(ffi::NID_pilotAttributeSyntax); -pub const PILOTOBJECTCLASS: Nid = Nid(ffi::NID_pilotObjectClass); -pub const PILOTGROUPS: Nid = Nid(ffi::NID_pilotGroups); -pub const IA5STRINGSYNTAX: Nid = Nid(ffi::NID_iA5StringSyntax); -pub const CASEIGNOREIA5STRINGSYNTAX: Nid = Nid(ffi::NID_caseIgnoreIA5StringSyntax); -pub const PILOTOBJECT: Nid = Nid(ffi::NID_pilotObject); -pub const PILOTPERSON: Nid = Nid(ffi::NID_pilotPerson); -pub const ACCOUNT: Nid = Nid(ffi::NID_account); -pub const DOCUMENT: Nid = Nid(ffi::NID_document); -pub const ROOM: Nid = Nid(ffi::NID_room); -pub const DOCUMENTSERIES: Nid = Nid(ffi::NID_documentSeries); -pub const DOMAIN: Nid = Nid(ffi::NID_Domain); -pub const RFC822LOCALPART: Nid = Nid(ffi::NID_rFC822localPart); -pub const DNSDOMAIN: Nid = Nid(ffi::NID_dNSDomain); -pub const DOMAINRELATEDOBJECT: Nid = Nid(ffi::NID_domainRelatedObject); -pub const FRIENDLYCOUNTRY: Nid = Nid(ffi::NID_friendlyCountry); -pub const SIMPLESECURITYOBJECT: Nid = Nid(ffi::NID_simpleSecurityObject); -pub const PILOTORGANIZATION: Nid = Nid(ffi::NID_pilotOrganization); -pub const PILOTDSA: Nid = Nid(ffi::NID_pilotDSA); -pub const QUALITYLABELLEDDATA: Nid = Nid(ffi::NID_qualityLabelledData); -pub const USERID: Nid = Nid(ffi::NID_userId); -pub const TEXTENCODEDORADDRESS: Nid = Nid(ffi::NID_textEncodedORAddress); -pub const RFC822MAILBOX: Nid = Nid(ffi::NID_rfc822Mailbox); -pub const INFO: Nid = Nid(ffi::NID_info); -pub const FAVOURITEDRINK: Nid = Nid(ffi::NID_favouriteDrink); -pub const ROOMNUMBER: Nid = Nid(ffi::NID_roomNumber); -pub const PHOTO: Nid = Nid(ffi::NID_photo); -pub const USERCLASS: Nid = Nid(ffi::NID_userClass); -pub const HOST: Nid = Nid(ffi::NID_host); -pub const MANAGER: Nid = Nid(ffi::NID_manager); -pub const DOCUMENTIDENTIFIER: Nid = Nid(ffi::NID_documentIdentifier); -pub const DOCUMENTTITLE: Nid = Nid(ffi::NID_documentTitle); -pub const DOCUMENTVERSION: Nid = Nid(ffi::NID_documentVersion); -pub const DOCUMENTAUTHOR: Nid = Nid(ffi::NID_documentAuthor); -pub const DOCUMENTLOCATION: Nid = Nid(ffi::NID_documentLocation); -pub const HOMETELEPHONENUMBER: Nid = Nid(ffi::NID_homeTelephoneNumber); -pub const SECRETARY: Nid = Nid(ffi::NID_secretary); -pub const OTHERMAILBOX: Nid = Nid(ffi::NID_otherMailbox); -pub const LASTMODIFIEDTIME: Nid = Nid(ffi::NID_lastModifiedTime); -pub const LASTMODIFIEDBY: Nid = Nid(ffi::NID_lastModifiedBy); -pub const DOMAINCOMPONENT: Nid = Nid(ffi::NID_domainComponent); -pub const ARECORD: Nid = Nid(ffi::NID_aRecord); -pub const PILOTATTRIBUTETYPE27: Nid = Nid(ffi::NID_pilotAttributeType27); -pub const MXRECORD: Nid = Nid(ffi::NID_mXRecord); -pub const NSRECORD: Nid = Nid(ffi::NID_nSRecord); -pub const SOARECORD: Nid = Nid(ffi::NID_sOARecord); -pub const CNAMERECORD: Nid = Nid(ffi::NID_cNAMERecord); -pub const ASSOCIATEDDOMAIN: Nid = Nid(ffi::NID_associatedDomain); -pub const ASSOCIATEDNAME: Nid = Nid(ffi::NID_associatedName); -pub const HOMEPOSTALADDRESS: Nid = Nid(ffi::NID_homePostalAddress); -pub const PERSONALTITLE: Nid = Nid(ffi::NID_personalTitle); -pub const MOBILETELEPHONENUMBER: Nid = Nid(ffi::NID_mobileTelephoneNumber); -pub const PAGERTELEPHONENUMBER: Nid = Nid(ffi::NID_pagerTelephoneNumber); -pub const FRIENDLYCOUNTRYNAME: Nid = Nid(ffi::NID_friendlyCountryName); -pub const ORGANIZATIONALSTATUS: Nid = Nid(ffi::NID_organizationalStatus); -pub const JANETMAILBOX: Nid = Nid(ffi::NID_janetMailbox); -pub const MAILPREFERENCEOPTION: Nid = Nid(ffi::NID_mailPreferenceOption); -pub const BUILDINGNAME: Nid = Nid(ffi::NID_buildingName); -pub const DSAQUALITY: Nid = Nid(ffi::NID_dSAQuality); -pub const SINGLELEVELQUALITY: Nid = Nid(ffi::NID_singleLevelQuality); -pub const SUBTREEMINIMUMQUALITY: Nid = Nid(ffi::NID_subtreeMinimumQuality); -pub const SUBTREEMAXIMUMQUALITY: Nid = Nid(ffi::NID_subtreeMaximumQuality); -pub const PERSONALSIGNATURE: Nid = Nid(ffi::NID_personalSignature); -pub const DITREDIRECT: Nid = Nid(ffi::NID_dITRedirect); -pub const AUDIO: Nid = Nid(ffi::NID_audio); -pub const DOCUMENTPUBLISHER: Nid = Nid(ffi::NID_documentPublisher); -pub const ID_SET: Nid = Nid(ffi::NID_id_set); -pub const SET_CTYPE: Nid = Nid(ffi::NID_set_ctype); -pub const SET_MSGEXT: Nid = Nid(ffi::NID_set_msgExt); -pub const SET_ATTR: Nid = Nid(ffi::NID_set_attr); -pub const SET_POLICY: Nid = Nid(ffi::NID_set_policy); -pub const SET_CERTEXT: Nid = Nid(ffi::NID_set_certExt); -pub const SET_BRAND: Nid = Nid(ffi::NID_set_brand); -pub const SETCT_PANDATA: Nid = Nid(ffi::NID_setct_PANData); -pub const SETCT_PANTOKEN: Nid = Nid(ffi::NID_setct_PANToken); -pub const SETCT_PANONLY: Nid = Nid(ffi::NID_setct_PANOnly); -pub const SETCT_OIDATA: Nid = Nid(ffi::NID_setct_OIData); -pub const SETCT_PI: Nid = Nid(ffi::NID_setct_PI); -pub const SETCT_PIDATA: Nid = Nid(ffi::NID_setct_PIData); -pub const SETCT_PIDATAUNSIGNED: Nid = Nid(ffi::NID_setct_PIDataUnsigned); -pub const SETCT_HODINPUT: Nid = Nid(ffi::NID_setct_HODInput); -pub const SETCT_AUTHRESBAGGAGE: Nid = Nid(ffi::NID_setct_AuthResBaggage); -pub const SETCT_AUTHREVREQBAGGAGE: Nid = Nid(ffi::NID_setct_AuthRevReqBaggage); -pub const SETCT_AUTHREVRESBAGGAGE: Nid = Nid(ffi::NID_setct_AuthRevResBaggage); -pub const SETCT_CAPTOKENSEQ: Nid = Nid(ffi::NID_setct_CapTokenSeq); -pub const SETCT_PINITRESDATA: Nid = Nid(ffi::NID_setct_PInitResData); -pub const SETCT_PI_TBS: Nid = Nid(ffi::NID_setct_PI_TBS); -pub const SETCT_PRESDATA: Nid = Nid(ffi::NID_setct_PResData); -pub const SETCT_AUTHREQTBS: Nid = Nid(ffi::NID_setct_AuthReqTBS); -pub const SETCT_AUTHRESTBS: Nid = Nid(ffi::NID_setct_AuthResTBS); -pub const SETCT_AUTHRESTBSX: Nid = Nid(ffi::NID_setct_AuthResTBSX); -pub const SETCT_AUTHTOKENTBS: Nid = Nid(ffi::NID_setct_AuthTokenTBS); -pub const SETCT_CAPTOKENDATA: Nid = Nid(ffi::NID_setct_CapTokenData); -pub const SETCT_CAPTOKENTBS: Nid = Nid(ffi::NID_setct_CapTokenTBS); -pub const SETCT_ACQCARDCODEMSG: Nid = Nid(ffi::NID_setct_AcqCardCodeMsg); -pub const SETCT_AUTHREVREQTBS: Nid = Nid(ffi::NID_setct_AuthRevReqTBS); -pub const SETCT_AUTHREVRESDATA: Nid = Nid(ffi::NID_setct_AuthRevResData); -pub const SETCT_AUTHREVRESTBS: Nid = Nid(ffi::NID_setct_AuthRevResTBS); -pub const SETCT_CAPREQTBS: Nid = Nid(ffi::NID_setct_CapReqTBS); -pub const SETCT_CAPREQTBSX: Nid = Nid(ffi::NID_setct_CapReqTBSX); -pub const SETCT_CAPRESDATA: Nid = Nid(ffi::NID_setct_CapResData); -pub const SETCT_CAPREVREQTBS: Nid = Nid(ffi::NID_setct_CapRevReqTBS); -pub const SETCT_CAPREVREQTBSX: Nid = Nid(ffi::NID_setct_CapRevReqTBSX); -pub const SETCT_CAPREVRESDATA: Nid = Nid(ffi::NID_setct_CapRevResData); -pub const SETCT_CREDREQTBS: Nid = Nid(ffi::NID_setct_CredReqTBS); -pub const SETCT_CREDREQTBSX: Nid = Nid(ffi::NID_setct_CredReqTBSX); -pub const SETCT_CREDRESDATA: Nid = Nid(ffi::NID_setct_CredResData); -pub const SETCT_CREDREVREQTBS: Nid = Nid(ffi::NID_setct_CredRevReqTBS); -pub const SETCT_CREDREVREQTBSX: Nid = Nid(ffi::NID_setct_CredRevReqTBSX); -pub const SETCT_CREDREVRESDATA: Nid = Nid(ffi::NID_setct_CredRevResData); -pub const SETCT_PCERTREQDATA: Nid = Nid(ffi::NID_setct_PCertReqData); -pub const SETCT_PCERTRESTBS: Nid = Nid(ffi::NID_setct_PCertResTBS); -pub const SETCT_BATCHADMINREQDATA: Nid = Nid(ffi::NID_setct_BatchAdminReqData); -pub const SETCT_BATCHADMINRESDATA: Nid = Nid(ffi::NID_setct_BatchAdminResData); -pub const SETCT_CARDCINITRESTBS: Nid = Nid(ffi::NID_setct_CardCInitResTBS); -pub const SETCT_MEAQCINITRESTBS: Nid = Nid(ffi::NID_setct_MeAqCInitResTBS); -pub const SETCT_REGFORMRESTBS: Nid = Nid(ffi::NID_setct_RegFormResTBS); -pub const SETCT_CERTREQDATA: Nid = Nid(ffi::NID_setct_CertReqData); -pub const SETCT_CERTREQTBS: Nid = Nid(ffi::NID_setct_CertReqTBS); -pub const SETCT_CERTRESDATA: Nid = Nid(ffi::NID_setct_CertResData); -pub const SETCT_CERTINQREQTBS: Nid = Nid(ffi::NID_setct_CertInqReqTBS); -pub const SETCT_ERRORTBS: Nid = Nid(ffi::NID_setct_ErrorTBS); -pub const SETCT_PIDUALSIGNEDTBE: Nid = Nid(ffi::NID_setct_PIDualSignedTBE); -pub const SETCT_PIUNSIGNEDTBE: Nid = Nid(ffi::NID_setct_PIUnsignedTBE); -pub const SETCT_AUTHREQTBE: Nid = Nid(ffi::NID_setct_AuthReqTBE); -pub const SETCT_AUTHRESTBE: Nid = Nid(ffi::NID_setct_AuthResTBE); -pub const SETCT_AUTHRESTBEX: Nid = Nid(ffi::NID_setct_AuthResTBEX); -pub const SETCT_AUTHTOKENTBE: Nid = Nid(ffi::NID_setct_AuthTokenTBE); -pub const SETCT_CAPTOKENTBE: Nid = Nid(ffi::NID_setct_CapTokenTBE); -pub const SETCT_CAPTOKENTBEX: Nid = Nid(ffi::NID_setct_CapTokenTBEX); -pub const SETCT_ACQCARDCODEMSGTBE: Nid = Nid(ffi::NID_setct_AcqCardCodeMsgTBE); -pub const SETCT_AUTHREVREQTBE: Nid = Nid(ffi::NID_setct_AuthRevReqTBE); -pub const SETCT_AUTHREVRESTBE: Nid = Nid(ffi::NID_setct_AuthRevResTBE); -pub const SETCT_AUTHREVRESTBEB: Nid = Nid(ffi::NID_setct_AuthRevResTBEB); -pub const SETCT_CAPREQTBE: Nid = Nid(ffi::NID_setct_CapReqTBE); -pub const SETCT_CAPREQTBEX: Nid = Nid(ffi::NID_setct_CapReqTBEX); -pub const SETCT_CAPRESTBE: Nid = Nid(ffi::NID_setct_CapResTBE); -pub const SETCT_CAPREVREQTBE: Nid = Nid(ffi::NID_setct_CapRevReqTBE); -pub const SETCT_CAPREVREQTBEX: Nid = Nid(ffi::NID_setct_CapRevReqTBEX); -pub const SETCT_CAPREVRESTBE: Nid = Nid(ffi::NID_setct_CapRevResTBE); -pub const SETCT_CREDREQTBE: Nid = Nid(ffi::NID_setct_CredReqTBE); -pub const SETCT_CREDREQTBEX: Nid = Nid(ffi::NID_setct_CredReqTBEX); -pub const SETCT_CREDRESTBE: Nid = Nid(ffi::NID_setct_CredResTBE); -pub const SETCT_CREDREVREQTBE: Nid = Nid(ffi::NID_setct_CredRevReqTBE); -pub const SETCT_CREDREVREQTBEX: Nid = Nid(ffi::NID_setct_CredRevReqTBEX); -pub const SETCT_CREDREVRESTBE: Nid = Nid(ffi::NID_setct_CredRevResTBE); -pub const SETCT_BATCHADMINREQTBE: Nid = Nid(ffi::NID_setct_BatchAdminReqTBE); -pub const SETCT_BATCHADMINRESTBE: Nid = Nid(ffi::NID_setct_BatchAdminResTBE); -pub const SETCT_REGFORMREQTBE: Nid = Nid(ffi::NID_setct_RegFormReqTBE); -pub const SETCT_CERTREQTBE: Nid = Nid(ffi::NID_setct_CertReqTBE); -pub const SETCT_CERTREQTBEX: Nid = Nid(ffi::NID_setct_CertReqTBEX); -pub const SETCT_CERTRESTBE: Nid = Nid(ffi::NID_setct_CertResTBE); -pub const SETCT_CRLNOTIFICATIONTBS: Nid = Nid(ffi::NID_setct_CRLNotificationTBS); -pub const SETCT_CRLNOTIFICATIONRESTBS: Nid = Nid(ffi::NID_setct_CRLNotificationResTBS); -pub const SETCT_BCIDISTRIBUTIONTBS: Nid = Nid(ffi::NID_setct_BCIDistributionTBS); -pub const SETEXT_GENCRYPT: Nid = Nid(ffi::NID_setext_genCrypt); -pub const SETEXT_MIAUTH: Nid = Nid(ffi::NID_setext_miAuth); -pub const SETEXT_PINSECURE: Nid = Nid(ffi::NID_setext_pinSecure); -pub const SETEXT_PINANY: Nid = Nid(ffi::NID_setext_pinAny); -pub const SETEXT_TRACK2: Nid = Nid(ffi::NID_setext_track2); -pub const SETEXT_CV: Nid = Nid(ffi::NID_setext_cv); -pub const SET_POLICY_ROOT: Nid = Nid(ffi::NID_set_policy_root); -pub const SETCEXT_HASHEDROOT: Nid = Nid(ffi::NID_setCext_hashedRoot); -pub const SETCEXT_CERTTYPE: Nid = Nid(ffi::NID_setCext_certType); -pub const SETCEXT_MERCHDATA: Nid = Nid(ffi::NID_setCext_merchData); -pub const SETCEXT_CCERTREQUIRED: Nid = Nid(ffi::NID_setCext_cCertRequired); -pub const SETCEXT_TUNNELING: Nid = Nid(ffi::NID_setCext_tunneling); -pub const SETCEXT_SETEXT: Nid = Nid(ffi::NID_setCext_setExt); -pub const SETCEXT_SETQUALF: Nid = Nid(ffi::NID_setCext_setQualf); -pub const SETCEXT_PGWYCAPABILITIES: Nid = Nid(ffi::NID_setCext_PGWYcapabilities); -pub const SETCEXT_TOKENIDENTIFIER: Nid = Nid(ffi::NID_setCext_TokenIdentifier); -pub const SETCEXT_TRACK2DATA: Nid = Nid(ffi::NID_setCext_Track2Data); -pub const SETCEXT_TOKENTYPE: Nid = Nid(ffi::NID_setCext_TokenType); -pub const SETCEXT_ISSUERCAPABILITIES: Nid = Nid(ffi::NID_setCext_IssuerCapabilities); -pub const SETATTR_CERT: Nid = Nid(ffi::NID_setAttr_Cert); -pub const SETATTR_PGWYCAP: Nid = Nid(ffi::NID_setAttr_PGWYcap); -pub const SETATTR_TOKENTYPE: Nid = Nid(ffi::NID_setAttr_TokenType); -pub const SETATTR_ISSCAP: Nid = Nid(ffi::NID_setAttr_IssCap); -pub const SET_ROOTKEYTHUMB: Nid = Nid(ffi::NID_set_rootKeyThumb); -pub const SET_ADDPOLICY: Nid = Nid(ffi::NID_set_addPolicy); -pub const SETATTR_TOKEN_EMV: Nid = Nid(ffi::NID_setAttr_Token_EMV); -pub const SETATTR_TOKEN_B0PRIME: Nid = Nid(ffi::NID_setAttr_Token_B0Prime); -pub const SETATTR_ISSCAP_CVM: Nid = Nid(ffi::NID_setAttr_IssCap_CVM); -pub const SETATTR_ISSCAP_T2: Nid = Nid(ffi::NID_setAttr_IssCap_T2); -pub const SETATTR_ISSCAP_SIG: Nid = Nid(ffi::NID_setAttr_IssCap_Sig); -pub const SETATTR_GENCRYPTGRM: Nid = Nid(ffi::NID_setAttr_GenCryptgrm); -pub const SETATTR_T2ENC: Nid = Nid(ffi::NID_setAttr_T2Enc); -pub const SETATTR_T2CLEARTXT: Nid = Nid(ffi::NID_setAttr_T2cleartxt); -pub const SETATTR_TOKICCSIG: Nid = Nid(ffi::NID_setAttr_TokICCsig); -pub const SETATTR_SECDEVSIG: Nid = Nid(ffi::NID_setAttr_SecDevSig); -pub const SET_BRAND_IATA_ATA: Nid = Nid(ffi::NID_set_brand_IATA_ATA); -pub const SET_BRAND_DINERS: Nid = Nid(ffi::NID_set_brand_Diners); -pub const SET_BRAND_AMERICANEXPRESS: Nid = Nid(ffi::NID_set_brand_AmericanExpress); -pub const SET_BRAND_JCB: Nid = Nid(ffi::NID_set_brand_JCB); -pub const SET_BRAND_VISA: Nid = Nid(ffi::NID_set_brand_Visa); -pub const SET_BRAND_MASTERCARD: Nid = Nid(ffi::NID_set_brand_MasterCard); -pub const SET_BRAND_NOVUS: Nid = Nid(ffi::NID_set_brand_Novus); -pub const DES_CDMF: Nid = Nid(ffi::NID_des_cdmf); -pub const RSAOAEPENCRYPTIONSET: Nid = Nid(ffi::NID_rsaOAEPEncryptionSET); -pub const IPSEC3: Nid = Nid(ffi::NID_ipsec3); -pub const IPSEC4: Nid = Nid(ffi::NID_ipsec4); -pub const WHIRLPOOL: Nid = Nid(ffi::NID_whirlpool); -pub const CRYPTOPRO: Nid = Nid(ffi::NID_cryptopro); -pub const CRYPTOCOM: Nid = Nid(ffi::NID_cryptocom); -pub const ID_GOSTR3411_94_WITH_GOSTR3410_2001: Nid = - Nid(ffi::NID_id_GostR3411_94_with_GostR3410_2001); -pub const ID_GOSTR3411_94_WITH_GOSTR3410_94: Nid = Nid(ffi::NID_id_GostR3411_94_with_GostR3410_94); -pub const ID_GOSTR3411_94: Nid = Nid(ffi::NID_id_GostR3411_94); -pub const ID_HMACGOSTR3411_94: Nid = Nid(ffi::NID_id_HMACGostR3411_94); -pub const ID_GOSTR3410_2001: Nid = Nid(ffi::NID_id_GostR3410_2001); -pub const ID_GOSTR3410_94: Nid = Nid(ffi::NID_id_GostR3410_94); -pub const ID_GOST28147_89: Nid = Nid(ffi::NID_id_Gost28147_89); -pub const GOST89_CNT: Nid = Nid(ffi::NID_gost89_cnt); -pub const ID_GOST28147_89_MAC: Nid = Nid(ffi::NID_id_Gost28147_89_MAC); -pub const ID_GOSTR3411_94_PRF: Nid = Nid(ffi::NID_id_GostR3411_94_prf); -pub const ID_GOSTR3410_2001DH: Nid = Nid(ffi::NID_id_GostR3410_2001DH); -pub const ID_GOSTR3410_94DH: Nid = Nid(ffi::NID_id_GostR3410_94DH); -pub const ID_GOST28147_89_CRYPTOPRO_KEYMESHING: Nid = - Nid(ffi::NID_id_Gost28147_89_CryptoPro_KeyMeshing); -pub const ID_GOST28147_89_NONE_KEYMESHING: Nid = Nid(ffi::NID_id_Gost28147_89_None_KeyMeshing); -pub const ID_GOSTR3411_94_TESTPARAMSET: Nid = Nid(ffi::NID_id_GostR3411_94_TestParamSet); -pub const ID_GOSTR3411_94_CRYPTOPROPARAMSET: Nid = Nid(ffi::NID_id_GostR3411_94_CryptoProParamSet); -pub const ID_GOST28147_89_TESTPARAMSET: Nid = Nid(ffi::NID_id_Gost28147_89_TestParamSet); -pub const ID_GOST28147_89_CRYPTOPRO_A_PARAMSET: Nid = - Nid(ffi::NID_id_Gost28147_89_CryptoPro_A_ParamSet); -pub const ID_GOST28147_89_CRYPTOPRO_B_PARAMSET: Nid = - Nid(ffi::NID_id_Gost28147_89_CryptoPro_B_ParamSet); -pub const ID_GOST28147_89_CRYPTOPRO_C_PARAMSET: Nid = - Nid(ffi::NID_id_Gost28147_89_CryptoPro_C_ParamSet); -pub const ID_GOST28147_89_CRYPTOPRO_D_PARAMSET: Nid = - Nid(ffi::NID_id_Gost28147_89_CryptoPro_D_ParamSet); -pub const ID_GOST28147_89_CRYPTOPRO_OSCAR_1_1_PARAMSET: Nid = - Nid(ffi::NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet); -pub const ID_GOST28147_89_CRYPTOPRO_OSCAR_1_0_PARAMSET: Nid = - Nid(ffi::NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet); -pub const ID_GOST28147_89_CRYPTOPRO_RIC_1_PARAMSET: Nid = - Nid(ffi::NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet); -pub const ID_GOSTR3410_94_TESTPARAMSET: Nid = Nid(ffi::NID_id_GostR3410_94_TestParamSet); -pub const ID_GOSTR3410_94_CRYPTOPRO_A_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_94_CryptoPro_A_ParamSet); -pub const ID_GOSTR3410_94_CRYPTOPRO_B_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_94_CryptoPro_B_ParamSet); -pub const ID_GOSTR3410_94_CRYPTOPRO_C_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_94_CryptoPro_C_ParamSet); -pub const ID_GOSTR3410_94_CRYPTOPRO_D_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_94_CryptoPro_D_ParamSet); -pub const ID_GOSTR3410_94_CRYPTOPRO_XCHA_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_94_CryptoPro_XchA_ParamSet); -pub const ID_GOSTR3410_94_CRYPTOPRO_XCHB_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_94_CryptoPro_XchB_ParamSet); -pub const ID_GOSTR3410_94_CRYPTOPRO_XCHC_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_94_CryptoPro_XchC_ParamSet); -pub const ID_GOSTR3410_2001_TESTPARAMSET: Nid = Nid(ffi::NID_id_GostR3410_2001_TestParamSet); -pub const ID_GOSTR3410_2001_CRYPTOPRO_A_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_2001_CryptoPro_A_ParamSet); -pub const ID_GOSTR3410_2001_CRYPTOPRO_B_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_2001_CryptoPro_B_ParamSet); -pub const ID_GOSTR3410_2001_CRYPTOPRO_C_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_2001_CryptoPro_C_ParamSet); -pub const ID_GOSTR3410_2001_CRYPTOPRO_XCHA_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet); -pub const ID_GOSTR3410_2001_CRYPTOPRO_XCHB_PARAMSET: Nid = - Nid(ffi::NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet); -pub const ID_GOSTR3410_94_A: Nid = Nid(ffi::NID_id_GostR3410_94_a); -pub const ID_GOSTR3410_94_ABIS: Nid = Nid(ffi::NID_id_GostR3410_94_aBis); -pub const ID_GOSTR3410_94_B: Nid = Nid(ffi::NID_id_GostR3410_94_b); -pub const ID_GOSTR3410_94_BBIS: Nid = Nid(ffi::NID_id_GostR3410_94_bBis); -pub const ID_GOST28147_89_CC: Nid = Nid(ffi::NID_id_Gost28147_89_cc); -pub const ID_GOSTR3410_94_CC: Nid = Nid(ffi::NID_id_GostR3410_94_cc); -pub const ID_GOSTR3410_2001_CC: Nid = Nid(ffi::NID_id_GostR3410_2001_cc); -pub const ID_GOSTR3411_94_WITH_GOSTR3410_94_CC: Nid = - Nid(ffi::NID_id_GostR3411_94_with_GostR3410_94_cc); -pub const ID_GOSTR3411_94_WITH_GOSTR3410_2001_CC: Nid = - Nid(ffi::NID_id_GostR3411_94_with_GostR3410_2001_cc); -pub const ID_GOSTR3410_2001_PARAMSET_CC: Nid = Nid(ffi::NID_id_GostR3410_2001_ParamSet_cc); -pub const CAMELLIA_128_CBC: Nid = Nid(ffi::NID_camellia_128_cbc); -pub const CAMELLIA_192_CBC: Nid = Nid(ffi::NID_camellia_192_cbc); -pub const CAMELLIA_256_CBC: Nid = Nid(ffi::NID_camellia_256_cbc); -pub const ID_CAMELLIA128_WRAP: Nid = Nid(ffi::NID_id_camellia128_wrap); -pub const ID_CAMELLIA192_WRAP: Nid = Nid(ffi::NID_id_camellia192_wrap); -pub const ID_CAMELLIA256_WRAP: Nid = Nid(ffi::NID_id_camellia256_wrap); -pub const CAMELLIA_128_ECB: Nid = Nid(ffi::NID_camellia_128_ecb); -pub const CAMELLIA_128_OFB128: Nid = Nid(ffi::NID_camellia_128_ofb128); -pub const CAMELLIA_128_CFB128: Nid = Nid(ffi::NID_camellia_128_cfb128); -pub const CAMELLIA_192_ECB: Nid = Nid(ffi::NID_camellia_192_ecb); -pub const CAMELLIA_192_OFB128: Nid = Nid(ffi::NID_camellia_192_ofb128); -pub const CAMELLIA_192_CFB128: Nid = Nid(ffi::NID_camellia_192_cfb128); -pub const CAMELLIA_256_ECB: Nid = Nid(ffi::NID_camellia_256_ecb); -pub const CAMELLIA_256_OFB128: Nid = Nid(ffi::NID_camellia_256_ofb128); -pub const CAMELLIA_256_CFB128: Nid = Nid(ffi::NID_camellia_256_cfb128); -pub const CAMELLIA_128_CFB1: Nid = Nid(ffi::NID_camellia_128_cfb1); -pub const CAMELLIA_192_CFB1: Nid = Nid(ffi::NID_camellia_192_cfb1); -pub const CAMELLIA_256_CFB1: Nid = Nid(ffi::NID_camellia_256_cfb1); -pub const CAMELLIA_128_CFB8: Nid = Nid(ffi::NID_camellia_128_cfb8); -pub const CAMELLIA_192_CFB8: Nid = Nid(ffi::NID_camellia_192_cfb8); -pub const CAMELLIA_256_CFB8: Nid = Nid(ffi::NID_camellia_256_cfb8); -pub const KISA: Nid = Nid(ffi::NID_kisa); -pub const SEED_ECB: Nid = Nid(ffi::NID_seed_ecb); -pub const SEED_CBC: Nid = Nid(ffi::NID_seed_cbc); -pub const SEED_CFB128: Nid = Nid(ffi::NID_seed_cfb128); -pub const SEED_OFB128: Nid = Nid(ffi::NID_seed_ofb128); -pub const HMAC: Nid = Nid(ffi::NID_hmac); -pub const CMAC: Nid = Nid(ffi::NID_cmac); -pub const RC4_HMAC_MD5: Nid = Nid(ffi::NID_rc4_hmac_md5); -pub const AES_128_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_128_cbc_hmac_sha1); -pub const AES_192_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_192_cbc_hmac_sha1); -pub const AES_256_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_256_cbc_hmac_sha1); + pub const UNDEF: Nid = Nid(ffi::NID_undef); + pub const ITU_T: Nid = Nid(ffi::NID_itu_t); + pub const CCITT: Nid = Nid(ffi::NID_ccitt); + pub const ISO: Nid = Nid(ffi::NID_iso); + pub const JOINT_ISO_ITU_T: Nid = Nid(ffi::NID_joint_iso_itu_t); + pub const JOINT_ISO_CCITT: Nid = Nid(ffi::NID_joint_iso_ccitt); + pub const MEMBER_BODY: Nid = Nid(ffi::NID_member_body); + pub const IDENTIFIED_ORGANIZATION: Nid = Nid(ffi::NID_identified_organization); + pub const HMAC_MD5: Nid = Nid(ffi::NID_hmac_md5); + pub const HMAC_SHA1: Nid = Nid(ffi::NID_hmac_sha1); + pub const CERTICOM_ARC: Nid = Nid(ffi::NID_certicom_arc); + pub const INTERNATIONAL_ORGANIZATIONS: Nid = Nid(ffi::NID_international_organizations); + pub const WAP: Nid = Nid(ffi::NID_wap); + pub const WAP_WSG: Nid = Nid(ffi::NID_wap_wsg); + pub const SELECTED_ATTRIBUTE_TYPES: Nid = Nid(ffi::NID_selected_attribute_types); + pub const CLEARANCE: Nid = Nid(ffi::NID_clearance); + pub const ISO_US: Nid = Nid(ffi::NID_ISO_US); + pub const X9_57: Nid = Nid(ffi::NID_X9_57); + pub const X9CM: Nid = Nid(ffi::NID_X9cm); + pub const DSA: Nid = Nid(ffi::NID_dsa); + pub const DSAWITHSHA1: Nid = Nid(ffi::NID_dsaWithSHA1); + pub const ANSI_X9_62: Nid = Nid(ffi::NID_ansi_X9_62); + pub const X9_62_PRIME_FIELD: Nid = Nid(ffi::NID_X9_62_prime_field); + pub const X9_62_CHARACTERISTIC_TWO_FIELD: Nid = Nid(ffi::NID_X9_62_characteristic_two_field); + pub const X9_62_ID_CHARACTERISTIC_TWO_BASIS: Nid = + Nid(ffi::NID_X9_62_id_characteristic_two_basis); + pub const X9_62_ONBASIS: Nid = Nid(ffi::NID_X9_62_onBasis); + pub const X9_62_TPBASIS: Nid = Nid(ffi::NID_X9_62_tpBasis); + pub const X9_62_PPBASIS: Nid = Nid(ffi::NID_X9_62_ppBasis); + pub const X9_62_ID_ECPUBLICKEY: Nid = Nid(ffi::NID_X9_62_id_ecPublicKey); + pub const X9_62_C2PNB163V1: Nid = Nid(ffi::NID_X9_62_c2pnb163v1); + pub const X9_62_C2PNB163V2: Nid = Nid(ffi::NID_X9_62_c2pnb163v2); + pub const X9_62_C2PNB163V3: Nid = Nid(ffi::NID_X9_62_c2pnb163v3); + pub const X9_62_C2PNB176V1: Nid = Nid(ffi::NID_X9_62_c2pnb176v1); + pub const X9_62_C2TNB191V1: Nid = Nid(ffi::NID_X9_62_c2tnb191v1); + pub const X9_62_C2TNB191V2: Nid = Nid(ffi::NID_X9_62_c2tnb191v2); + pub const X9_62_C2TNB191V3: Nid = Nid(ffi::NID_X9_62_c2tnb191v3); + pub const X9_62_C2ONB191V4: Nid = Nid(ffi::NID_X9_62_c2onb191v4); + pub const X9_62_C2ONB191V5: Nid = Nid(ffi::NID_X9_62_c2onb191v5); + pub const X9_62_C2PNB208W1: Nid = Nid(ffi::NID_X9_62_c2pnb208w1); + pub const X9_62_C2TNB239V1: Nid = Nid(ffi::NID_X9_62_c2tnb239v1); + pub const X9_62_C2TNB239V2: Nid = Nid(ffi::NID_X9_62_c2tnb239v2); + pub const X9_62_C2TNB239V3: Nid = Nid(ffi::NID_X9_62_c2tnb239v3); + pub const X9_62_C2ONB239V4: Nid = Nid(ffi::NID_X9_62_c2onb239v4); + pub const X9_62_C2ONB239V5: Nid = Nid(ffi::NID_X9_62_c2onb239v5); + pub const X9_62_C2PNB272W1: Nid = Nid(ffi::NID_X9_62_c2pnb272w1); + pub const X9_62_C2PNB304W1: Nid = Nid(ffi::NID_X9_62_c2pnb304w1); + pub const X9_62_C2TNB359V1: Nid = Nid(ffi::NID_X9_62_c2tnb359v1); + pub const X9_62_C2PNB368W1: Nid = Nid(ffi::NID_X9_62_c2pnb368w1); + pub const X9_62_C2TNB431R1: Nid = Nid(ffi::NID_X9_62_c2tnb431r1); + pub const X9_62_PRIME192V1: Nid = Nid(ffi::NID_X9_62_prime192v1); + pub const X9_62_PRIME192V2: Nid = Nid(ffi::NID_X9_62_prime192v2); + pub const X9_62_PRIME192V3: Nid = Nid(ffi::NID_X9_62_prime192v3); + pub const X9_62_PRIME239V1: Nid = Nid(ffi::NID_X9_62_prime239v1); + pub const X9_62_PRIME239V2: Nid = Nid(ffi::NID_X9_62_prime239v2); + pub const X9_62_PRIME239V3: Nid = Nid(ffi::NID_X9_62_prime239v3); + pub const X9_62_PRIME256V1: Nid = Nid(ffi::NID_X9_62_prime256v1); + pub const ECDSA_WITH_SHA1: Nid = Nid(ffi::NID_ecdsa_with_SHA1); + pub const ECDSA_WITH_RECOMMENDED: Nid = Nid(ffi::NID_ecdsa_with_Recommended); + pub const ECDSA_WITH_SPECIFIED: Nid = Nid(ffi::NID_ecdsa_with_Specified); + pub const ECDSA_WITH_SHA224: Nid = Nid(ffi::NID_ecdsa_with_SHA224); + pub const ECDSA_WITH_SHA256: Nid = Nid(ffi::NID_ecdsa_with_SHA256); + pub const ECDSA_WITH_SHA384: Nid = Nid(ffi::NID_ecdsa_with_SHA384); + pub const ECDSA_WITH_SHA512: Nid = Nid(ffi::NID_ecdsa_with_SHA512); + pub const SECP112R1: Nid = Nid(ffi::NID_secp112r1); + pub const SECP112R2: Nid = Nid(ffi::NID_secp112r2); + pub const SECP128R1: Nid = Nid(ffi::NID_secp128r1); + pub const SECP128R2: Nid = Nid(ffi::NID_secp128r2); + pub const SECP160K1: Nid = Nid(ffi::NID_secp160k1); + pub const SECP160R1: Nid = Nid(ffi::NID_secp160r1); + pub const SECP160R2: Nid = Nid(ffi::NID_secp160r2); + pub const SECP192K1: Nid = Nid(ffi::NID_secp192k1); + pub const SECP224K1: Nid = Nid(ffi::NID_secp224k1); + pub const SECP224R1: Nid = Nid(ffi::NID_secp224r1); + pub const SECP256K1: Nid = Nid(ffi::NID_secp256k1); + pub const SECP384R1: Nid = Nid(ffi::NID_secp384r1); + pub const SECP521R1: Nid = Nid(ffi::NID_secp521r1); + pub const SECT113R1: Nid = Nid(ffi::NID_sect113r1); + pub const SECT113R2: Nid = Nid(ffi::NID_sect113r2); + pub const SECT131R1: Nid = Nid(ffi::NID_sect131r1); + pub const SECT131R2: Nid = Nid(ffi::NID_sect131r2); + pub const SECT163K1: Nid = Nid(ffi::NID_sect163k1); + pub const SECT163R1: Nid = Nid(ffi::NID_sect163r1); + pub const SECT163R2: Nid = Nid(ffi::NID_sect163r2); + pub const SECT193R1: Nid = Nid(ffi::NID_sect193r1); + pub const SECT193R2: Nid = Nid(ffi::NID_sect193r2); + pub const SECT233K1: Nid = Nid(ffi::NID_sect233k1); + pub const SECT233R1: Nid = Nid(ffi::NID_sect233r1); + pub const SECT239K1: Nid = Nid(ffi::NID_sect239k1); + pub const SECT283K1: Nid = Nid(ffi::NID_sect283k1); + pub const SECT283R1: Nid = Nid(ffi::NID_sect283r1); + pub const SECT409K1: Nid = Nid(ffi::NID_sect409k1); + pub const SECT409R1: Nid = Nid(ffi::NID_sect409r1); + pub const SECT571K1: Nid = Nid(ffi::NID_sect571k1); + pub const SECT571R1: Nid = Nid(ffi::NID_sect571r1); + pub const WAP_WSG_IDM_ECID_WTLS1: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls1); + pub const WAP_WSG_IDM_ECID_WTLS3: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls3); + pub const WAP_WSG_IDM_ECID_WTLS4: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls4); + pub const WAP_WSG_IDM_ECID_WTLS5: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls5); + pub const WAP_WSG_IDM_ECID_WTLS6: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls6); + pub const WAP_WSG_IDM_ECID_WTLS7: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls7); + pub const WAP_WSG_IDM_ECID_WTLS8: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls8); + pub const WAP_WSG_IDM_ECID_WTLS9: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls9); + pub const WAP_WSG_IDM_ECID_WTLS10: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls10); + pub const WAP_WSG_IDM_ECID_WTLS11: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls11); + pub const WAP_WSG_IDM_ECID_WTLS12: Nid = Nid(ffi::NID_wap_wsg_idm_ecid_wtls12); + pub const CAST5_CBC: Nid = Nid(ffi::NID_cast5_cbc); + pub const CAST5_ECB: Nid = Nid(ffi::NID_cast5_ecb); + pub const CAST5_CFB64: Nid = Nid(ffi::NID_cast5_cfb64); + pub const CAST5_OFB64: Nid = Nid(ffi::NID_cast5_ofb64); + pub const PBEWITHMD5ANDCAST5_CBC: Nid = Nid(ffi::NID_pbeWithMD5AndCast5_CBC); + pub const ID_PASSWORDBASEDMAC: Nid = Nid(ffi::NID_id_PasswordBasedMAC); + pub const ID_DHBASEDMAC: Nid = Nid(ffi::NID_id_DHBasedMac); + pub const RSADSI: Nid = Nid(ffi::NID_rsadsi); + pub const PKCS: Nid = Nid(ffi::NID_pkcs); + pub const PKCS1: Nid = Nid(ffi::NID_pkcs1); + pub const RSAENCRYPTION: Nid = Nid(ffi::NID_rsaEncryption); + pub const MD2WITHRSAENCRYPTION: Nid = Nid(ffi::NID_md2WithRSAEncryption); + pub const MD4WITHRSAENCRYPTION: Nid = Nid(ffi::NID_md4WithRSAEncryption); + pub const MD5WITHRSAENCRYPTION: Nid = Nid(ffi::NID_md5WithRSAEncryption); + pub const SHA1WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha1WithRSAEncryption); + pub const RSAESOAEP: Nid = Nid(ffi::NID_rsaesOaep); + pub const MGF1: Nid = Nid(ffi::NID_mgf1); + pub const RSASSAPSS: Nid = Nid(ffi::NID_rsassaPss); + pub const SHA256WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha256WithRSAEncryption); + pub const SHA384WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha384WithRSAEncryption); + pub const SHA512WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha512WithRSAEncryption); + pub const SHA224WITHRSAENCRYPTION: Nid = Nid(ffi::NID_sha224WithRSAEncryption); + pub const PKCS3: Nid = Nid(ffi::NID_pkcs3); + pub const DHKEYAGREEMENT: Nid = Nid(ffi::NID_dhKeyAgreement); + pub const PKCS5: Nid = Nid(ffi::NID_pkcs5); + pub const PBEWITHMD2ANDDES_CBC: Nid = Nid(ffi::NID_pbeWithMD2AndDES_CBC); + pub const PBEWITHMD5ANDDES_CBC: Nid = Nid(ffi::NID_pbeWithMD5AndDES_CBC); + pub const PBEWITHMD2ANDRC2_CBC: Nid = Nid(ffi::NID_pbeWithMD2AndRC2_CBC); + pub const PBEWITHMD5ANDRC2_CBC: Nid = Nid(ffi::NID_pbeWithMD5AndRC2_CBC); + pub const PBEWITHSHA1ANDDES_CBC: Nid = Nid(ffi::NID_pbeWithSHA1AndDES_CBC); + pub const PBEWITHSHA1ANDRC2_CBC: Nid = Nid(ffi::NID_pbeWithSHA1AndRC2_CBC); + pub const ID_PBKDF2: Nid = Nid(ffi::NID_id_pbkdf2); + pub const PBES2: Nid = Nid(ffi::NID_pbes2); + pub const PBMAC1: Nid = Nid(ffi::NID_pbmac1); + pub const PKCS7: Nid = Nid(ffi::NID_pkcs7); + pub const PKCS7_DATA: Nid = Nid(ffi::NID_pkcs7_data); + pub const PKCS7_SIGNED: Nid = Nid(ffi::NID_pkcs7_signed); + pub const PKCS7_ENVELOPED: Nid = Nid(ffi::NID_pkcs7_enveloped); + pub const PKCS7_SIGNEDANDENVELOPED: Nid = Nid(ffi::NID_pkcs7_signedAndEnveloped); + pub const PKCS7_DIGEST: Nid = Nid(ffi::NID_pkcs7_digest); + pub const PKCS7_ENCRYPTED: Nid = Nid(ffi::NID_pkcs7_encrypted); + pub const PKCS9: Nid = Nid(ffi::NID_pkcs9); + pub const PKCS9_EMAILADDRESS: Nid = Nid(ffi::NID_pkcs9_emailAddress); + pub const PKCS9_UNSTRUCTUREDNAME: Nid = Nid(ffi::NID_pkcs9_unstructuredName); + pub const PKCS9_CONTENTTYPE: Nid = Nid(ffi::NID_pkcs9_contentType); + pub const PKCS9_MESSAGEDIGEST: Nid = Nid(ffi::NID_pkcs9_messageDigest); + pub const PKCS9_SIGNINGTIME: Nid = Nid(ffi::NID_pkcs9_signingTime); + pub const PKCS9_COUNTERSIGNATURE: Nid = Nid(ffi::NID_pkcs9_countersignature); + pub const PKCS9_CHALLENGEPASSWORD: Nid = Nid(ffi::NID_pkcs9_challengePassword); + pub const PKCS9_UNSTRUCTUREDADDRESS: Nid = Nid(ffi::NID_pkcs9_unstructuredAddress); + pub const PKCS9_EXTCERTATTRIBUTES: Nid = Nid(ffi::NID_pkcs9_extCertAttributes); + pub const EXT_REQ: Nid = Nid(ffi::NID_ext_req); + pub const SMIMECAPABILITIES: Nid = Nid(ffi::NID_SMIMECapabilities); + pub const SMIME: Nid = Nid(ffi::NID_SMIME); + pub const ID_SMIME_MOD: Nid = Nid(ffi::NID_id_smime_mod); + pub const ID_SMIME_CT: Nid = Nid(ffi::NID_id_smime_ct); + pub const ID_SMIME_AA: Nid = Nid(ffi::NID_id_smime_aa); + pub const ID_SMIME_ALG: Nid = Nid(ffi::NID_id_smime_alg); + pub const ID_SMIME_CD: Nid = Nid(ffi::NID_id_smime_cd); + pub const ID_SMIME_SPQ: Nid = Nid(ffi::NID_id_smime_spq); + pub const ID_SMIME_CTI: Nid = Nid(ffi::NID_id_smime_cti); + pub const ID_SMIME_MOD_CMS: Nid = Nid(ffi::NID_id_smime_mod_cms); + pub const ID_SMIME_MOD_ESS: Nid = Nid(ffi::NID_id_smime_mod_ess); + pub const ID_SMIME_MOD_OID: Nid = Nid(ffi::NID_id_smime_mod_oid); + pub const ID_SMIME_MOD_MSG_V3: Nid = Nid(ffi::NID_id_smime_mod_msg_v3); + pub const ID_SMIME_MOD_ETS_ESIGNATURE_88: Nid = Nid(ffi::NID_id_smime_mod_ets_eSignature_88); + pub const ID_SMIME_MOD_ETS_ESIGNATURE_97: Nid = Nid(ffi::NID_id_smime_mod_ets_eSignature_97); + pub const ID_SMIME_MOD_ETS_ESIGPOLICY_88: Nid = Nid(ffi::NID_id_smime_mod_ets_eSigPolicy_88); + pub const ID_SMIME_MOD_ETS_ESIGPOLICY_97: Nid = Nid(ffi::NID_id_smime_mod_ets_eSigPolicy_97); + pub const ID_SMIME_CT_RECEIPT: Nid = Nid(ffi::NID_id_smime_ct_receipt); + pub const ID_SMIME_CT_AUTHDATA: Nid = Nid(ffi::NID_id_smime_ct_authData); + pub const ID_SMIME_CT_PUBLISHCERT: Nid = Nid(ffi::NID_id_smime_ct_publishCert); + pub const ID_SMIME_CT_TSTINFO: Nid = Nid(ffi::NID_id_smime_ct_TSTInfo); + pub const ID_SMIME_CT_TDTINFO: Nid = Nid(ffi::NID_id_smime_ct_TDTInfo); + pub const ID_SMIME_CT_CONTENTINFO: Nid = Nid(ffi::NID_id_smime_ct_contentInfo); + pub const ID_SMIME_CT_DVCSREQUESTDATA: Nid = Nid(ffi::NID_id_smime_ct_DVCSRequestData); + pub const ID_SMIME_CT_DVCSRESPONSEDATA: Nid = Nid(ffi::NID_id_smime_ct_DVCSResponseData); + pub const ID_SMIME_CT_COMPRESSEDDATA: Nid = Nid(ffi::NID_id_smime_ct_compressedData); + pub const ID_CT_ASCIITEXTWITHCRLF: Nid = Nid(ffi::NID_id_ct_asciiTextWithCRLF); + pub const ID_SMIME_AA_RECEIPTREQUEST: Nid = Nid(ffi::NID_id_smime_aa_receiptRequest); + pub const ID_SMIME_AA_SECURITYLABEL: Nid = Nid(ffi::NID_id_smime_aa_securityLabel); + pub const ID_SMIME_AA_MLEXPANDHISTORY: Nid = Nid(ffi::NID_id_smime_aa_mlExpandHistory); + pub const ID_SMIME_AA_CONTENTHINT: Nid = Nid(ffi::NID_id_smime_aa_contentHint); + pub const ID_SMIME_AA_MSGSIGDIGEST: Nid = Nid(ffi::NID_id_smime_aa_msgSigDigest); + pub const ID_SMIME_AA_ENCAPCONTENTTYPE: Nid = Nid(ffi::NID_id_smime_aa_encapContentType); + pub const ID_SMIME_AA_CONTENTIDENTIFIER: Nid = Nid(ffi::NID_id_smime_aa_contentIdentifier); + pub const ID_SMIME_AA_MACVALUE: Nid = Nid(ffi::NID_id_smime_aa_macValue); + pub const ID_SMIME_AA_EQUIVALENTLABELS: Nid = Nid(ffi::NID_id_smime_aa_equivalentLabels); + pub const ID_SMIME_AA_CONTENTREFERENCE: Nid = Nid(ffi::NID_id_smime_aa_contentReference); + pub const ID_SMIME_AA_ENCRYPKEYPREF: Nid = Nid(ffi::NID_id_smime_aa_encrypKeyPref); + pub const ID_SMIME_AA_SIGNINGCERTIFICATE: Nid = Nid(ffi::NID_id_smime_aa_signingCertificate); + pub const ID_SMIME_AA_SMIMEENCRYPTCERTS: Nid = Nid(ffi::NID_id_smime_aa_smimeEncryptCerts); + pub const ID_SMIME_AA_TIMESTAMPTOKEN: Nid = Nid(ffi::NID_id_smime_aa_timeStampToken); + pub const ID_SMIME_AA_ETS_SIGPOLICYID: Nid = Nid(ffi::NID_id_smime_aa_ets_sigPolicyId); + pub const ID_SMIME_AA_ETS_COMMITMENTTYPE: Nid = Nid(ffi::NID_id_smime_aa_ets_commitmentType); + pub const ID_SMIME_AA_ETS_SIGNERLOCATION: Nid = Nid(ffi::NID_id_smime_aa_ets_signerLocation); + pub const ID_SMIME_AA_ETS_SIGNERATTR: Nid = Nid(ffi::NID_id_smime_aa_ets_signerAttr); + pub const ID_SMIME_AA_ETS_OTHERSIGCERT: Nid = Nid(ffi::NID_id_smime_aa_ets_otherSigCert); + pub const ID_SMIME_AA_ETS_CONTENTTIMESTAMP: Nid = + Nid(ffi::NID_id_smime_aa_ets_contentTimestamp); + pub const ID_SMIME_AA_ETS_CERTIFICATEREFS: Nid = Nid(ffi::NID_id_smime_aa_ets_CertificateRefs); + pub const ID_SMIME_AA_ETS_REVOCATIONREFS: Nid = Nid(ffi::NID_id_smime_aa_ets_RevocationRefs); + pub const ID_SMIME_AA_ETS_CERTVALUES: Nid = Nid(ffi::NID_id_smime_aa_ets_certValues); + pub const ID_SMIME_AA_ETS_REVOCATIONVALUES: Nid = + Nid(ffi::NID_id_smime_aa_ets_revocationValues); + pub const ID_SMIME_AA_ETS_ESCTIMESTAMP: Nid = Nid(ffi::NID_id_smime_aa_ets_escTimeStamp); + pub const ID_SMIME_AA_ETS_CERTCRLTIMESTAMP: Nid = + Nid(ffi::NID_id_smime_aa_ets_certCRLTimestamp); + pub const ID_SMIME_AA_ETS_ARCHIVETIMESTAMP: Nid = + Nid(ffi::NID_id_smime_aa_ets_archiveTimeStamp); + pub const ID_SMIME_AA_SIGNATURETYPE: Nid = Nid(ffi::NID_id_smime_aa_signatureType); + pub const ID_SMIME_AA_DVCS_DVC: Nid = Nid(ffi::NID_id_smime_aa_dvcs_dvc); + pub const ID_SMIME_ALG_ESDHWITH3DES: Nid = Nid(ffi::NID_id_smime_alg_ESDHwith3DES); + pub const ID_SMIME_ALG_ESDHWITHRC2: Nid = Nid(ffi::NID_id_smime_alg_ESDHwithRC2); + pub const ID_SMIME_ALG_3DESWRAP: Nid = Nid(ffi::NID_id_smime_alg_3DESwrap); + pub const ID_SMIME_ALG_RC2WRAP: Nid = Nid(ffi::NID_id_smime_alg_RC2wrap); + pub const ID_SMIME_ALG_ESDH: Nid = Nid(ffi::NID_id_smime_alg_ESDH); + pub const ID_SMIME_ALG_CMS3DESWRAP: Nid = Nid(ffi::NID_id_smime_alg_CMS3DESwrap); + pub const ID_SMIME_ALG_CMSRC2WRAP: Nid = Nid(ffi::NID_id_smime_alg_CMSRC2wrap); + pub const ID_ALG_PWRI_KEK: Nid = Nid(ffi::NID_id_alg_PWRI_KEK); + pub const ID_SMIME_CD_LDAP: Nid = Nid(ffi::NID_id_smime_cd_ldap); + pub const ID_SMIME_SPQ_ETS_SQT_URI: Nid = Nid(ffi::NID_id_smime_spq_ets_sqt_uri); + pub const ID_SMIME_SPQ_ETS_SQT_UNOTICE: Nid = Nid(ffi::NID_id_smime_spq_ets_sqt_unotice); + pub const ID_SMIME_CTI_ETS_PROOFOFORIGIN: Nid = Nid(ffi::NID_id_smime_cti_ets_proofOfOrigin); + pub const ID_SMIME_CTI_ETS_PROOFOFRECEIPT: Nid = Nid(ffi::NID_id_smime_cti_ets_proofOfReceipt); + pub const ID_SMIME_CTI_ETS_PROOFOFDELIVERY: Nid = + Nid(ffi::NID_id_smime_cti_ets_proofOfDelivery); + pub const ID_SMIME_CTI_ETS_PROOFOFSENDER: Nid = Nid(ffi::NID_id_smime_cti_ets_proofOfSender); + pub const ID_SMIME_CTI_ETS_PROOFOFAPPROVAL: Nid = + Nid(ffi::NID_id_smime_cti_ets_proofOfApproval); + pub const ID_SMIME_CTI_ETS_PROOFOFCREATION: Nid = + Nid(ffi::NID_id_smime_cti_ets_proofOfCreation); + pub const FRIENDLYNAME: Nid = Nid(ffi::NID_friendlyName); + pub const LOCALKEYID: Nid = Nid(ffi::NID_localKeyID); + pub const MS_CSP_NAME: Nid = Nid(ffi::NID_ms_csp_name); + pub const LOCALKEYSET: Nid = Nid(ffi::NID_LocalKeySet); + pub const X509CERTIFICATE: Nid = Nid(ffi::NID_x509Certificate); + pub const SDSICERTIFICATE: Nid = Nid(ffi::NID_sdsiCertificate); + pub const X509CRL: Nid = Nid(ffi::NID_x509Crl); + pub const PBE_WITHSHA1AND128BITRC4: Nid = Nid(ffi::NID_pbe_WithSHA1And128BitRC4); + pub const PBE_WITHSHA1AND40BITRC4: Nid = Nid(ffi::NID_pbe_WithSHA1And40BitRC4); + pub const PBE_WITHSHA1AND3_KEY_TRIPLEDES_CBC: Nid = + Nid(ffi::NID_pbe_WithSHA1And3_Key_TripleDES_CBC); + pub const PBE_WITHSHA1AND2_KEY_TRIPLEDES_CBC: Nid = + Nid(ffi::NID_pbe_WithSHA1And2_Key_TripleDES_CBC); + pub const PBE_WITHSHA1AND128BITRC2_CBC: Nid = Nid(ffi::NID_pbe_WithSHA1And128BitRC2_CBC); + pub const PBE_WITHSHA1AND40BITRC2_CBC: Nid = Nid(ffi::NID_pbe_WithSHA1And40BitRC2_CBC); + pub const KEYBAG: Nid = Nid(ffi::NID_keyBag); + pub const PKCS8SHROUDEDKEYBAG: Nid = Nid(ffi::NID_pkcs8ShroudedKeyBag); + pub const CERTBAG: Nid = Nid(ffi::NID_certBag); + pub const CRLBAG: Nid = Nid(ffi::NID_crlBag); + pub const SECRETBAG: Nid = Nid(ffi::NID_secretBag); + pub const SAFECONTENTSBAG: Nid = Nid(ffi::NID_safeContentsBag); + pub const MD2: Nid = Nid(ffi::NID_md2); + pub const MD4: Nid = Nid(ffi::NID_md4); + pub const MD5: Nid = Nid(ffi::NID_md5); + pub const MD5_SHA1: Nid = Nid(ffi::NID_md5_sha1); + pub const HMACWITHMD5: Nid = Nid(ffi::NID_hmacWithMD5); + pub const HMACWITHSHA1: Nid = Nid(ffi::NID_hmacWithSHA1); + pub const HMACWITHSHA224: Nid = Nid(ffi::NID_hmacWithSHA224); + pub const HMACWITHSHA256: Nid = Nid(ffi::NID_hmacWithSHA256); + pub const HMACWITHSHA384: Nid = Nid(ffi::NID_hmacWithSHA384); + pub const HMACWITHSHA512: Nid = Nid(ffi::NID_hmacWithSHA512); + pub const RC2_CBC: Nid = Nid(ffi::NID_rc2_cbc); + pub const RC2_ECB: Nid = Nid(ffi::NID_rc2_ecb); + pub const RC2_CFB64: Nid = Nid(ffi::NID_rc2_cfb64); + pub const RC2_OFB64: Nid = Nid(ffi::NID_rc2_ofb64); + pub const RC2_40_CBC: Nid = Nid(ffi::NID_rc2_40_cbc); + pub const RC2_64_CBC: Nid = Nid(ffi::NID_rc2_64_cbc); + pub const RC4: Nid = Nid(ffi::NID_rc4); + pub const RC4_40: Nid = Nid(ffi::NID_rc4_40); + pub const DES_EDE3_CBC: Nid = Nid(ffi::NID_des_ede3_cbc); + pub const RC5_CBC: Nid = Nid(ffi::NID_rc5_cbc); + pub const RC5_ECB: Nid = Nid(ffi::NID_rc5_ecb); + pub const RC5_CFB64: Nid = Nid(ffi::NID_rc5_cfb64); + pub const RC5_OFB64: Nid = Nid(ffi::NID_rc5_ofb64); + pub const MS_EXT_REQ: Nid = Nid(ffi::NID_ms_ext_req); + pub const MS_CODE_IND: Nid = Nid(ffi::NID_ms_code_ind); + pub const MS_CODE_COM: Nid = Nid(ffi::NID_ms_code_com); + pub const MS_CTL_SIGN: Nid = Nid(ffi::NID_ms_ctl_sign); + pub const MS_SGC: Nid = Nid(ffi::NID_ms_sgc); + pub const MS_EFS: Nid = Nid(ffi::NID_ms_efs); + pub const MS_SMARTCARD_LOGIN: Nid = Nid(ffi::NID_ms_smartcard_login); + pub const MS_UPN: Nid = Nid(ffi::NID_ms_upn); + pub const IDEA_CBC: Nid = Nid(ffi::NID_idea_cbc); + pub const IDEA_ECB: Nid = Nid(ffi::NID_idea_ecb); + pub const IDEA_CFB64: Nid = Nid(ffi::NID_idea_cfb64); + pub const IDEA_OFB64: Nid = Nid(ffi::NID_idea_ofb64); + pub const BF_CBC: Nid = Nid(ffi::NID_bf_cbc); + pub const BF_ECB: Nid = Nid(ffi::NID_bf_ecb); + pub const BF_CFB64: Nid = Nid(ffi::NID_bf_cfb64); + pub const BF_OFB64: Nid = Nid(ffi::NID_bf_ofb64); + pub const ID_PKIX: Nid = Nid(ffi::NID_id_pkix); + pub const ID_PKIX_MOD: Nid = Nid(ffi::NID_id_pkix_mod); + pub const ID_PE: Nid = Nid(ffi::NID_id_pe); + pub const ID_QT: Nid = Nid(ffi::NID_id_qt); + pub const ID_KP: Nid = Nid(ffi::NID_id_kp); + pub const ID_IT: Nid = Nid(ffi::NID_id_it); + pub const ID_PKIP: Nid = Nid(ffi::NID_id_pkip); + pub const ID_ALG: Nid = Nid(ffi::NID_id_alg); + pub const ID_CMC: Nid = Nid(ffi::NID_id_cmc); + pub const ID_ON: Nid = Nid(ffi::NID_id_on); + pub const ID_PDA: Nid = Nid(ffi::NID_id_pda); + pub const ID_ACA: Nid = Nid(ffi::NID_id_aca); + pub const ID_QCS: Nid = Nid(ffi::NID_id_qcs); + pub const ID_CCT: Nid = Nid(ffi::NID_id_cct); + pub const ID_PPL: Nid = Nid(ffi::NID_id_ppl); + pub const ID_AD: Nid = Nid(ffi::NID_id_ad); + pub const ID_PKIX1_EXPLICIT_88: Nid = Nid(ffi::NID_id_pkix1_explicit_88); + pub const ID_PKIX1_IMPLICIT_88: Nid = Nid(ffi::NID_id_pkix1_implicit_88); + pub const ID_PKIX1_EXPLICIT_93: Nid = Nid(ffi::NID_id_pkix1_explicit_93); + pub const ID_PKIX1_IMPLICIT_93: Nid = Nid(ffi::NID_id_pkix1_implicit_93); + pub const ID_MOD_CRMF: Nid = Nid(ffi::NID_id_mod_crmf); + pub const ID_MOD_CMC: Nid = Nid(ffi::NID_id_mod_cmc); + pub const ID_MOD_KEA_PROFILE_88: Nid = Nid(ffi::NID_id_mod_kea_profile_88); + pub const ID_MOD_KEA_PROFILE_93: Nid = Nid(ffi::NID_id_mod_kea_profile_93); + pub const ID_MOD_CMP: Nid = Nid(ffi::NID_id_mod_cmp); + pub const ID_MOD_QUALIFIED_CERT_88: Nid = Nid(ffi::NID_id_mod_qualified_cert_88); + pub const ID_MOD_QUALIFIED_CERT_93: Nid = Nid(ffi::NID_id_mod_qualified_cert_93); + pub const ID_MOD_ATTRIBUTE_CERT: Nid = Nid(ffi::NID_id_mod_attribute_cert); + pub const ID_MOD_TIMESTAMP_PROTOCOL: Nid = Nid(ffi::NID_id_mod_timestamp_protocol); + pub const ID_MOD_OCSP: Nid = Nid(ffi::NID_id_mod_ocsp); + pub const ID_MOD_DVCS: Nid = Nid(ffi::NID_id_mod_dvcs); + pub const ID_MOD_CMP2000: Nid = Nid(ffi::NID_id_mod_cmp2000); + pub const INFO_ACCESS: Nid = Nid(ffi::NID_info_access); + pub const BIOMETRICINFO: Nid = Nid(ffi::NID_biometricInfo); + pub const QCSTATEMENTS: Nid = Nid(ffi::NID_qcStatements); + pub const AC_AUDITENTITY: Nid = Nid(ffi::NID_ac_auditEntity); + pub const AC_TARGETING: Nid = Nid(ffi::NID_ac_targeting); + pub const AACONTROLS: Nid = Nid(ffi::NID_aaControls); + pub const SBGP_IPADDRBLOCK: Nid = Nid(ffi::NID_sbgp_ipAddrBlock); + pub const SBGP_AUTONOMOUSSYSNUM: Nid = Nid(ffi::NID_sbgp_autonomousSysNum); + pub const SBGP_ROUTERIDENTIFIER: Nid = Nid(ffi::NID_sbgp_routerIdentifier); + pub const AC_PROXYING: Nid = Nid(ffi::NID_ac_proxying); + pub const SINFO_ACCESS: Nid = Nid(ffi::NID_sinfo_access); + pub const PROXYCERTINFO: Nid = Nid(ffi::NID_proxyCertInfo); + pub const ID_QT_CPS: Nid = Nid(ffi::NID_id_qt_cps); + pub const ID_QT_UNOTICE: Nid = Nid(ffi::NID_id_qt_unotice); + pub const TEXTNOTICE: Nid = Nid(ffi::NID_textNotice); + pub const SERVER_AUTH: Nid = Nid(ffi::NID_server_auth); + pub const CLIENT_AUTH: Nid = Nid(ffi::NID_client_auth); + pub const CODE_SIGN: Nid = Nid(ffi::NID_code_sign); + pub const EMAIL_PROTECT: Nid = Nid(ffi::NID_email_protect); + pub const IPSECENDSYSTEM: Nid = Nid(ffi::NID_ipsecEndSystem); + pub const IPSECTUNNEL: Nid = Nid(ffi::NID_ipsecTunnel); + pub const IPSECUSER: Nid = Nid(ffi::NID_ipsecUser); + pub const TIME_STAMP: Nid = Nid(ffi::NID_time_stamp); + pub const OCSP_SIGN: Nid = Nid(ffi::NID_OCSP_sign); + pub const DVCS: Nid = Nid(ffi::NID_dvcs); + pub const ID_IT_CAPROTENCCERT: Nid = Nid(ffi::NID_id_it_caProtEncCert); + pub const ID_IT_SIGNKEYPAIRTYPES: Nid = Nid(ffi::NID_id_it_signKeyPairTypes); + pub const ID_IT_ENCKEYPAIRTYPES: Nid = Nid(ffi::NID_id_it_encKeyPairTypes); + pub const ID_IT_PREFERREDSYMMALG: Nid = Nid(ffi::NID_id_it_preferredSymmAlg); + pub const ID_IT_CAKEYUPDATEINFO: Nid = Nid(ffi::NID_id_it_caKeyUpdateInfo); + pub const ID_IT_CURRENTCRL: Nid = Nid(ffi::NID_id_it_currentCRL); + pub const ID_IT_UNSUPPORTEDOIDS: Nid = Nid(ffi::NID_id_it_unsupportedOIDs); + pub const ID_IT_SUBSCRIPTIONREQUEST: Nid = Nid(ffi::NID_id_it_subscriptionRequest); + pub const ID_IT_SUBSCRIPTIONRESPONSE: Nid = Nid(ffi::NID_id_it_subscriptionResponse); + pub const ID_IT_KEYPAIRPARAMREQ: Nid = Nid(ffi::NID_id_it_keyPairParamReq); + pub const ID_IT_KEYPAIRPARAMREP: Nid = Nid(ffi::NID_id_it_keyPairParamRep); + pub const ID_IT_REVPASSPHRASE: Nid = Nid(ffi::NID_id_it_revPassphrase); + pub const ID_IT_IMPLICITCONFIRM: Nid = Nid(ffi::NID_id_it_implicitConfirm); + pub const ID_IT_CONFIRMWAITTIME: Nid = Nid(ffi::NID_id_it_confirmWaitTime); + pub const ID_IT_ORIGPKIMESSAGE: Nid = Nid(ffi::NID_id_it_origPKIMessage); + pub const ID_IT_SUPPLANGTAGS: Nid = Nid(ffi::NID_id_it_suppLangTags); + pub const ID_REGCTRL: Nid = Nid(ffi::NID_id_regCtrl); + pub const ID_REGINFO: Nid = Nid(ffi::NID_id_regInfo); + pub const ID_REGCTRL_REGTOKEN: Nid = Nid(ffi::NID_id_regCtrl_regToken); + pub const ID_REGCTRL_AUTHENTICATOR: Nid = Nid(ffi::NID_id_regCtrl_authenticator); + pub const ID_REGCTRL_PKIPUBLICATIONINFO: Nid = Nid(ffi::NID_id_regCtrl_pkiPublicationInfo); + pub const ID_REGCTRL_PKIARCHIVEOPTIONS: Nid = Nid(ffi::NID_id_regCtrl_pkiArchiveOptions); + pub const ID_REGCTRL_OLDCERTID: Nid = Nid(ffi::NID_id_regCtrl_oldCertID); + pub const ID_REGCTRL_PROTOCOLENCRKEY: Nid = Nid(ffi::NID_id_regCtrl_protocolEncrKey); + pub const ID_REGINFO_UTF8PAIRS: Nid = Nid(ffi::NID_id_regInfo_utf8Pairs); + pub const ID_REGINFO_CERTREQ: Nid = Nid(ffi::NID_id_regInfo_certReq); + pub const ID_ALG_DES40: Nid = Nid(ffi::NID_id_alg_des40); + pub const ID_ALG_NOSIGNATURE: Nid = Nid(ffi::NID_id_alg_noSignature); + pub const ID_ALG_DH_SIG_HMAC_SHA1: Nid = Nid(ffi::NID_id_alg_dh_sig_hmac_sha1); + pub const ID_ALG_DH_POP: Nid = Nid(ffi::NID_id_alg_dh_pop); + pub const ID_CMC_STATUSINFO: Nid = Nid(ffi::NID_id_cmc_statusInfo); + pub const ID_CMC_IDENTIFICATION: Nid = Nid(ffi::NID_id_cmc_identification); + pub const ID_CMC_IDENTITYPROOF: Nid = Nid(ffi::NID_id_cmc_identityProof); + pub const ID_CMC_DATARETURN: Nid = Nid(ffi::NID_id_cmc_dataReturn); + pub const ID_CMC_TRANSACTIONID: Nid = Nid(ffi::NID_id_cmc_transactionId); + pub const ID_CMC_SENDERNONCE: Nid = Nid(ffi::NID_id_cmc_senderNonce); + pub const ID_CMC_RECIPIENTNONCE: Nid = Nid(ffi::NID_id_cmc_recipientNonce); + pub const ID_CMC_ADDEXTENSIONS: Nid = Nid(ffi::NID_id_cmc_addExtensions); + pub const ID_CMC_ENCRYPTEDPOP: Nid = Nid(ffi::NID_id_cmc_encryptedPOP); + pub const ID_CMC_DECRYPTEDPOP: Nid = Nid(ffi::NID_id_cmc_decryptedPOP); + pub const ID_CMC_LRAPOPWITNESS: Nid = Nid(ffi::NID_id_cmc_lraPOPWitness); + pub const ID_CMC_GETCERT: Nid = Nid(ffi::NID_id_cmc_getCert); + pub const ID_CMC_GETCRL: Nid = Nid(ffi::NID_id_cmc_getCRL); + pub const ID_CMC_REVOKEREQUEST: Nid = Nid(ffi::NID_id_cmc_revokeRequest); + pub const ID_CMC_REGINFO: Nid = Nid(ffi::NID_id_cmc_regInfo); + pub const ID_CMC_RESPONSEINFO: Nid = Nid(ffi::NID_id_cmc_responseInfo); + pub const ID_CMC_QUERYPENDING: Nid = Nid(ffi::NID_id_cmc_queryPending); + pub const ID_CMC_POPLINKRANDOM: Nid = Nid(ffi::NID_id_cmc_popLinkRandom); + pub const ID_CMC_POPLINKWITNESS: Nid = Nid(ffi::NID_id_cmc_popLinkWitness); + pub const ID_CMC_CONFIRMCERTACCEPTANCE: Nid = Nid(ffi::NID_id_cmc_confirmCertAcceptance); + pub const ID_ON_PERSONALDATA: Nid = Nid(ffi::NID_id_on_personalData); + pub const ID_ON_PERMANENTIDENTIFIER: Nid = Nid(ffi::NID_id_on_permanentIdentifier); + pub const ID_PDA_DATEOFBIRTH: Nid = Nid(ffi::NID_id_pda_dateOfBirth); + pub const ID_PDA_PLACEOFBIRTH: Nid = Nid(ffi::NID_id_pda_placeOfBirth); + pub const ID_PDA_GENDER: Nid = Nid(ffi::NID_id_pda_gender); + pub const ID_PDA_COUNTRYOFCITIZENSHIP: Nid = Nid(ffi::NID_id_pda_countryOfCitizenship); + pub const ID_PDA_COUNTRYOFRESIDENCE: Nid = Nid(ffi::NID_id_pda_countryOfResidence); + pub const ID_ACA_AUTHENTICATIONINFO: Nid = Nid(ffi::NID_id_aca_authenticationInfo); + pub const ID_ACA_ACCESSIDENTITY: Nid = Nid(ffi::NID_id_aca_accessIdentity); + pub const ID_ACA_CHARGINGIDENTITY: Nid = Nid(ffi::NID_id_aca_chargingIdentity); + pub const ID_ACA_GROUP: Nid = Nid(ffi::NID_id_aca_group); + pub const ID_ACA_ROLE: Nid = Nid(ffi::NID_id_aca_role); + pub const ID_ACA_ENCATTRS: Nid = Nid(ffi::NID_id_aca_encAttrs); + pub const ID_QCS_PKIXQCSYNTAX_V1: Nid = Nid(ffi::NID_id_qcs_pkixQCSyntax_v1); + pub const ID_CCT_CRS: Nid = Nid(ffi::NID_id_cct_crs); + pub const ID_CCT_PKIDATA: Nid = Nid(ffi::NID_id_cct_PKIData); + pub const ID_CCT_PKIRESPONSE: Nid = Nid(ffi::NID_id_cct_PKIResponse); + pub const ID_PPL_ANYLANGUAGE: Nid = Nid(ffi::NID_id_ppl_anyLanguage); + pub const ID_PPL_INHERITALL: Nid = Nid(ffi::NID_id_ppl_inheritAll); + pub const INDEPENDENT: Nid = Nid(ffi::NID_Independent); + pub const AD_OCSP: Nid = Nid(ffi::NID_ad_OCSP); + pub const AD_CA_ISSUERS: Nid = Nid(ffi::NID_ad_ca_issuers); + pub const AD_TIMESTAMPING: Nid = Nid(ffi::NID_ad_timeStamping); + pub const AD_DVCS: Nid = Nid(ffi::NID_ad_dvcs); + pub const CAREPOSITORY: Nid = Nid(ffi::NID_caRepository); + pub const ID_PKIX_OCSP_BASIC: Nid = Nid(ffi::NID_id_pkix_OCSP_basic); + pub const ID_PKIX_OCSP_NONCE: Nid = Nid(ffi::NID_id_pkix_OCSP_Nonce); + pub const ID_PKIX_OCSP_CRLID: Nid = Nid(ffi::NID_id_pkix_OCSP_CrlID); + pub const ID_PKIX_OCSP_ACCEPTABLERESPONSES: Nid = + Nid(ffi::NID_id_pkix_OCSP_acceptableResponses); + pub const ID_PKIX_OCSP_NOCHECK: Nid = Nid(ffi::NID_id_pkix_OCSP_noCheck); + pub const ID_PKIX_OCSP_ARCHIVECUTOFF: Nid = Nid(ffi::NID_id_pkix_OCSP_archiveCutoff); + pub const ID_PKIX_OCSP_SERVICELOCATOR: Nid = Nid(ffi::NID_id_pkix_OCSP_serviceLocator); + pub const ID_PKIX_OCSP_EXTENDEDSTATUS: Nid = Nid(ffi::NID_id_pkix_OCSP_extendedStatus); + pub const ID_PKIX_OCSP_VALID: Nid = Nid(ffi::NID_id_pkix_OCSP_valid); + pub const ID_PKIX_OCSP_PATH: Nid = Nid(ffi::NID_id_pkix_OCSP_path); + pub const ID_PKIX_OCSP_TRUSTROOT: Nid = Nid(ffi::NID_id_pkix_OCSP_trustRoot); + pub const ALGORITHM: Nid = Nid(ffi::NID_algorithm); + pub const MD5WITHRSA: Nid = Nid(ffi::NID_md5WithRSA); + pub const DES_ECB: Nid = Nid(ffi::NID_des_ecb); + pub const DES_CBC: Nid = Nid(ffi::NID_des_cbc); + pub const DES_OFB64: Nid = Nid(ffi::NID_des_ofb64); + pub const DES_CFB64: Nid = Nid(ffi::NID_des_cfb64); + pub const RSASIGNATURE: Nid = Nid(ffi::NID_rsaSignature); + pub const DSA_2: Nid = Nid(ffi::NID_dsa_2); + pub const DSAWITHSHA: Nid = Nid(ffi::NID_dsaWithSHA); + pub const SHAWITHRSAENCRYPTION: Nid = Nid(ffi::NID_shaWithRSAEncryption); + pub const DES_EDE_ECB: Nid = Nid(ffi::NID_des_ede_ecb); + pub const DES_EDE3_ECB: Nid = Nid(ffi::NID_des_ede3_ecb); + pub const DES_EDE_CBC: Nid = Nid(ffi::NID_des_ede_cbc); + pub const DES_EDE_CFB64: Nid = Nid(ffi::NID_des_ede_cfb64); + pub const DES_EDE3_CFB64: Nid = Nid(ffi::NID_des_ede3_cfb64); + pub const DES_EDE_OFB64: Nid = Nid(ffi::NID_des_ede_ofb64); + pub const DES_EDE3_OFB64: Nid = Nid(ffi::NID_des_ede3_ofb64); + pub const DESX_CBC: Nid = Nid(ffi::NID_desx_cbc); + pub const SHA: Nid = Nid(ffi::NID_sha); + pub const SHA1: Nid = Nid(ffi::NID_sha1); + pub const DSAWITHSHA1_2: Nid = Nid(ffi::NID_dsaWithSHA1_2); + pub const SHA1WITHRSA: Nid = Nid(ffi::NID_sha1WithRSA); + pub const RIPEMD160: Nid = Nid(ffi::NID_ripemd160); + pub const RIPEMD160WITHRSA: Nid = Nid(ffi::NID_ripemd160WithRSA); + pub const SXNET: Nid = Nid(ffi::NID_sxnet); + pub const X500: Nid = Nid(ffi::NID_X500); + pub const X509: Nid = Nid(ffi::NID_X509); + pub const COMMONNAME: Nid = Nid(ffi::NID_commonName); + pub const SURNAME: Nid = Nid(ffi::NID_surname); + pub const SERIALNUMBER: Nid = Nid(ffi::NID_serialNumber); + pub const COUNTRYNAME: Nid = Nid(ffi::NID_countryName); + pub const LOCALITYNAME: Nid = Nid(ffi::NID_localityName); + pub const STATEORPROVINCENAME: Nid = Nid(ffi::NID_stateOrProvinceName); + pub const STREETADDRESS: Nid = Nid(ffi::NID_streetAddress); + pub const ORGANIZATIONNAME: Nid = Nid(ffi::NID_organizationName); + pub const ORGANIZATIONALUNITNAME: Nid = Nid(ffi::NID_organizationalUnitName); + pub const TITLE: Nid = Nid(ffi::NID_title); + pub const DESCRIPTION: Nid = Nid(ffi::NID_description); + pub const SEARCHGUIDE: Nid = Nid(ffi::NID_searchGuide); + pub const BUSINESSCATEGORY: Nid = Nid(ffi::NID_businessCategory); + pub const POSTALADDRESS: Nid = Nid(ffi::NID_postalAddress); + pub const POSTALCODE: Nid = Nid(ffi::NID_postalCode); + pub const POSTOFFICEBOX: Nid = Nid(ffi::NID_postOfficeBox); + pub const PHYSICALDELIVERYOFFICENAME: Nid = Nid(ffi::NID_physicalDeliveryOfficeName); + pub const TELEPHONENUMBER: Nid = Nid(ffi::NID_telephoneNumber); + pub const TELEXNUMBER: Nid = Nid(ffi::NID_telexNumber); + pub const TELETEXTERMINALIDENTIFIER: Nid = Nid(ffi::NID_teletexTerminalIdentifier); + pub const FACSIMILETELEPHONENUMBER: Nid = Nid(ffi::NID_facsimileTelephoneNumber); + pub const X121ADDRESS: Nid = Nid(ffi::NID_x121Address); + pub const INTERNATIONALISDNNUMBER: Nid = Nid(ffi::NID_internationaliSDNNumber); + pub const REGISTEREDADDRESS: Nid = Nid(ffi::NID_registeredAddress); + pub const DESTINATIONINDICATOR: Nid = Nid(ffi::NID_destinationIndicator); + pub const PREFERREDDELIVERYMETHOD: Nid = Nid(ffi::NID_preferredDeliveryMethod); + pub const PRESENTATIONADDRESS: Nid = Nid(ffi::NID_presentationAddress); + pub const SUPPORTEDAPPLICATIONCONTEXT: Nid = Nid(ffi::NID_supportedApplicationContext); + pub const MEMBER: Nid = Nid(ffi::NID_member); + pub const OWNER: Nid = Nid(ffi::NID_owner); + pub const ROLEOCCUPANT: Nid = Nid(ffi::NID_roleOccupant); + pub const SEEALSO: Nid = Nid(ffi::NID_seeAlso); + pub const USERPASSWORD: Nid = Nid(ffi::NID_userPassword); + pub const USERCERTIFICATE: Nid = Nid(ffi::NID_userCertificate); + pub const CACERTIFICATE: Nid = Nid(ffi::NID_cACertificate); + pub const AUTHORITYREVOCATIONLIST: Nid = Nid(ffi::NID_authorityRevocationList); + pub const CERTIFICATEREVOCATIONLIST: Nid = Nid(ffi::NID_certificateRevocationList); + pub const CROSSCERTIFICATEPAIR: Nid = Nid(ffi::NID_crossCertificatePair); + pub const NAME: Nid = Nid(ffi::NID_name); + pub const GIVENNAME: Nid = Nid(ffi::NID_givenName); + pub const INITIALS: Nid = Nid(ffi::NID_initials); + pub const GENERATIONQUALIFIER: Nid = Nid(ffi::NID_generationQualifier); + pub const X500UNIQUEIDENTIFIER: Nid = Nid(ffi::NID_x500UniqueIdentifier); + pub const DNQUALIFIER: Nid = Nid(ffi::NID_dnQualifier); + pub const ENHANCEDSEARCHGUIDE: Nid = Nid(ffi::NID_enhancedSearchGuide); + pub const PROTOCOLINFORMATION: Nid = Nid(ffi::NID_protocolInformation); + pub const DISTINGUISHEDNAME: Nid = Nid(ffi::NID_distinguishedName); + pub const UNIQUEMEMBER: Nid = Nid(ffi::NID_uniqueMember); + pub const HOUSEIDENTIFIER: Nid = Nid(ffi::NID_houseIdentifier); + pub const SUPPORTEDALGORITHMS: Nid = Nid(ffi::NID_supportedAlgorithms); + pub const DELTAREVOCATIONLIST: Nid = Nid(ffi::NID_deltaRevocationList); + pub const DMDNAME: Nid = Nid(ffi::NID_dmdName); + pub const PSEUDONYM: Nid = Nid(ffi::NID_pseudonym); + pub const ROLE: Nid = Nid(ffi::NID_role); + pub const X500ALGORITHMS: Nid = Nid(ffi::NID_X500algorithms); + pub const RSA: Nid = Nid(ffi::NID_rsa); + pub const MDC2WITHRSA: Nid = Nid(ffi::NID_mdc2WithRSA); + pub const MDC2: Nid = Nid(ffi::NID_mdc2); + pub const ID_CE: Nid = Nid(ffi::NID_id_ce); + pub const SUBJECT_DIRECTORY_ATTRIBUTES: Nid = Nid(ffi::NID_subject_directory_attributes); + pub const SUBJECT_KEY_IDENTIFIER: Nid = Nid(ffi::NID_subject_key_identifier); + pub const KEY_USAGE: Nid = Nid(ffi::NID_key_usage); + pub const PRIVATE_KEY_USAGE_PERIOD: Nid = Nid(ffi::NID_private_key_usage_period); + pub const SUBJECT_ALT_NAME: Nid = Nid(ffi::NID_subject_alt_name); + pub const ISSUER_ALT_NAME: Nid = Nid(ffi::NID_issuer_alt_name); + pub const BASIC_CONSTRAINTS: Nid = Nid(ffi::NID_basic_constraints); + pub const CRL_NUMBER: Nid = Nid(ffi::NID_crl_number); + pub const CRL_REASON: Nid = Nid(ffi::NID_crl_reason); + pub const INVALIDITY_DATE: Nid = Nid(ffi::NID_invalidity_date); + pub const DELTA_CRL: Nid = Nid(ffi::NID_delta_crl); + pub const ISSUING_DISTRIBUTION_POINT: Nid = Nid(ffi::NID_issuing_distribution_point); + pub const CERTIFICATE_ISSUER: Nid = Nid(ffi::NID_certificate_issuer); + pub const NAME_CONSTRAINTS: Nid = Nid(ffi::NID_name_constraints); + pub const CRL_DISTRIBUTION_POINTS: Nid = Nid(ffi::NID_crl_distribution_points); + pub const CERTIFICATE_POLICIES: Nid = Nid(ffi::NID_certificate_policies); + pub const ANY_POLICY: Nid = Nid(ffi::NID_any_policy); + pub const POLICY_MAPPINGS: Nid = Nid(ffi::NID_policy_mappings); + pub const AUTHORITY_KEY_IDENTIFIER: Nid = Nid(ffi::NID_authority_key_identifier); + pub const POLICY_CONSTRAINTS: Nid = Nid(ffi::NID_policy_constraints); + pub const EXT_KEY_USAGE: Nid = Nid(ffi::NID_ext_key_usage); + pub const FRESHEST_CRL: Nid = Nid(ffi::NID_freshest_crl); + pub const INHIBIT_ANY_POLICY: Nid = Nid(ffi::NID_inhibit_any_policy); + pub const TARGET_INFORMATION: Nid = Nid(ffi::NID_target_information); + pub const NO_REV_AVAIL: Nid = Nid(ffi::NID_no_rev_avail); + pub const ANYEXTENDEDKEYUSAGE: Nid = Nid(ffi::NID_anyExtendedKeyUsage); + pub const NETSCAPE: Nid = Nid(ffi::NID_netscape); + pub const NETSCAPE_CERT_EXTENSION: Nid = Nid(ffi::NID_netscape_cert_extension); + pub const NETSCAPE_DATA_TYPE: Nid = Nid(ffi::NID_netscape_data_type); + pub const NETSCAPE_CERT_TYPE: Nid = Nid(ffi::NID_netscape_cert_type); + pub const NETSCAPE_BASE_URL: Nid = Nid(ffi::NID_netscape_base_url); + pub const NETSCAPE_REVOCATION_URL: Nid = Nid(ffi::NID_netscape_revocation_url); + pub const NETSCAPE_CA_REVOCATION_URL: Nid = Nid(ffi::NID_netscape_ca_revocation_url); + pub const NETSCAPE_RENEWAL_URL: Nid = Nid(ffi::NID_netscape_renewal_url); + pub const NETSCAPE_CA_POLICY_URL: Nid = Nid(ffi::NID_netscape_ca_policy_url); + pub const NETSCAPE_SSL_SERVER_NAME: Nid = Nid(ffi::NID_netscape_ssl_server_name); + pub const NETSCAPE_COMMENT: Nid = Nid(ffi::NID_netscape_comment); + pub const NETSCAPE_CERT_SEQUENCE: Nid = Nid(ffi::NID_netscape_cert_sequence); + pub const NS_SGC: Nid = Nid(ffi::NID_ns_sgc); + pub const ORG: Nid = Nid(ffi::NID_org); + pub const DOD: Nid = Nid(ffi::NID_dod); + pub const IANA: Nid = Nid(ffi::NID_iana); + pub const DIRECTORY: Nid = Nid(ffi::NID_Directory); + pub const MANAGEMENT: Nid = Nid(ffi::NID_Management); + pub const EXPERIMENTAL: Nid = Nid(ffi::NID_Experimental); + pub const PRIVATE: Nid = Nid(ffi::NID_Private); + pub const SECURITY: Nid = Nid(ffi::NID_Security); + pub const SNMPV2: Nid = Nid(ffi::NID_SNMPv2); + pub const MAIL: Nid = Nid(ffi::NID_Mail); + pub const ENTERPRISES: Nid = Nid(ffi::NID_Enterprises); + pub const DCOBJECT: Nid = Nid(ffi::NID_dcObject); + pub const MIME_MHS: Nid = Nid(ffi::NID_mime_mhs); + pub const MIME_MHS_HEADINGS: Nid = Nid(ffi::NID_mime_mhs_headings); + pub const MIME_MHS_BODIES: Nid = Nid(ffi::NID_mime_mhs_bodies); + pub const ID_HEX_PARTIAL_MESSAGE: Nid = Nid(ffi::NID_id_hex_partial_message); + pub const ID_HEX_MULTIPART_MESSAGE: Nid = Nid(ffi::NID_id_hex_multipart_message); + pub const ZLIB_COMPRESSION: Nid = Nid(ffi::NID_zlib_compression); + pub const AES_128_ECB: Nid = Nid(ffi::NID_aes_128_ecb); + pub const AES_128_CBC: Nid = Nid(ffi::NID_aes_128_cbc); + pub const AES_128_OFB128: Nid = Nid(ffi::NID_aes_128_ofb128); + pub const AES_128_CFB128: Nid = Nid(ffi::NID_aes_128_cfb128); + pub const ID_AES128_WRAP: Nid = Nid(ffi::NID_id_aes128_wrap); + pub const AES_128_GCM: Nid = Nid(ffi::NID_aes_128_gcm); + pub const AES_128_CCM: Nid = Nid(ffi::NID_aes_128_ccm); + pub const ID_AES128_WRAP_PAD: Nid = Nid(ffi::NID_id_aes128_wrap_pad); + pub const AES_192_ECB: Nid = Nid(ffi::NID_aes_192_ecb); + pub const AES_192_CBC: Nid = Nid(ffi::NID_aes_192_cbc); + pub const AES_192_OFB128: Nid = Nid(ffi::NID_aes_192_ofb128); + pub const AES_192_CFB128: Nid = Nid(ffi::NID_aes_192_cfb128); + pub const ID_AES192_WRAP: Nid = Nid(ffi::NID_id_aes192_wrap); + pub const AES_192_GCM: Nid = Nid(ffi::NID_aes_192_gcm); + pub const AES_192_CCM: Nid = Nid(ffi::NID_aes_192_ccm); + pub const ID_AES192_WRAP_PAD: Nid = Nid(ffi::NID_id_aes192_wrap_pad); + pub const AES_256_ECB: Nid = Nid(ffi::NID_aes_256_ecb); + pub const AES_256_CBC: Nid = Nid(ffi::NID_aes_256_cbc); + pub const AES_256_OFB128: Nid = Nid(ffi::NID_aes_256_ofb128); + pub const AES_256_CFB128: Nid = Nid(ffi::NID_aes_256_cfb128); + pub const ID_AES256_WRAP: Nid = Nid(ffi::NID_id_aes256_wrap); + pub const AES_256_GCM: Nid = Nid(ffi::NID_aes_256_gcm); + pub const AES_256_CCM: Nid = Nid(ffi::NID_aes_256_ccm); + pub const ID_AES256_WRAP_PAD: Nid = Nid(ffi::NID_id_aes256_wrap_pad); + pub const AES_128_CFB1: Nid = Nid(ffi::NID_aes_128_cfb1); + pub const AES_192_CFB1: Nid = Nid(ffi::NID_aes_192_cfb1); + pub const AES_256_CFB1: Nid = Nid(ffi::NID_aes_256_cfb1); + pub const AES_128_CFB8: Nid = Nid(ffi::NID_aes_128_cfb8); + pub const AES_192_CFB8: Nid = Nid(ffi::NID_aes_192_cfb8); + pub const AES_256_CFB8: Nid = Nid(ffi::NID_aes_256_cfb8); + pub const AES_128_CTR: Nid = Nid(ffi::NID_aes_128_ctr); + pub const AES_192_CTR: Nid = Nid(ffi::NID_aes_192_ctr); + pub const AES_256_CTR: Nid = Nid(ffi::NID_aes_256_ctr); + pub const AES_128_XTS: Nid = Nid(ffi::NID_aes_128_xts); + pub const AES_256_XTS: Nid = Nid(ffi::NID_aes_256_xts); + pub const DES_CFB1: Nid = Nid(ffi::NID_des_cfb1); + pub const DES_CFB8: Nid = Nid(ffi::NID_des_cfb8); + pub const DES_EDE3_CFB1: Nid = Nid(ffi::NID_des_ede3_cfb1); + pub const DES_EDE3_CFB8: Nid = Nid(ffi::NID_des_ede3_cfb8); + pub const SHA256: Nid = Nid(ffi::NID_sha256); + pub const SHA384: Nid = Nid(ffi::NID_sha384); + pub const SHA512: Nid = Nid(ffi::NID_sha512); + pub const SHA224: Nid = Nid(ffi::NID_sha224); + pub const DSA_WITH_SHA224: Nid = Nid(ffi::NID_dsa_with_SHA224); + pub const DSA_WITH_SHA256: Nid = Nid(ffi::NID_dsa_with_SHA256); + pub const HOLD_INSTRUCTION_CODE: Nid = Nid(ffi::NID_hold_instruction_code); + pub const HOLD_INSTRUCTION_NONE: Nid = Nid(ffi::NID_hold_instruction_none); + pub const HOLD_INSTRUCTION_CALL_ISSUER: Nid = Nid(ffi::NID_hold_instruction_call_issuer); + pub const HOLD_INSTRUCTION_REJECT: Nid = Nid(ffi::NID_hold_instruction_reject); + pub const DATA: Nid = Nid(ffi::NID_data); + pub const PSS: Nid = Nid(ffi::NID_pss); + pub const UCL: Nid = Nid(ffi::NID_ucl); + pub const PILOT: Nid = Nid(ffi::NID_pilot); + pub const PILOTATTRIBUTETYPE: Nid = Nid(ffi::NID_pilotAttributeType); + pub const PILOTATTRIBUTESYNTAX: Nid = Nid(ffi::NID_pilotAttributeSyntax); + pub const PILOTOBJECTCLASS: Nid = Nid(ffi::NID_pilotObjectClass); + pub const PILOTGROUPS: Nid = Nid(ffi::NID_pilotGroups); + pub const IA5STRINGSYNTAX: Nid = Nid(ffi::NID_iA5StringSyntax); + pub const CASEIGNOREIA5STRINGSYNTAX: Nid = Nid(ffi::NID_caseIgnoreIA5StringSyntax); + pub const PILOTOBJECT: Nid = Nid(ffi::NID_pilotObject); + pub const PILOTPERSON: Nid = Nid(ffi::NID_pilotPerson); + pub const ACCOUNT: Nid = Nid(ffi::NID_account); + pub const DOCUMENT: Nid = Nid(ffi::NID_document); + pub const ROOM: Nid = Nid(ffi::NID_room); + pub const DOCUMENTSERIES: Nid = Nid(ffi::NID_documentSeries); + pub const DOMAIN: Nid = Nid(ffi::NID_Domain); + pub const RFC822LOCALPART: Nid = Nid(ffi::NID_rFC822localPart); + pub const DNSDOMAIN: Nid = Nid(ffi::NID_dNSDomain); + pub const DOMAINRELATEDOBJECT: Nid = Nid(ffi::NID_domainRelatedObject); + pub const FRIENDLYCOUNTRY: Nid = Nid(ffi::NID_friendlyCountry); + pub const SIMPLESECURITYOBJECT: Nid = Nid(ffi::NID_simpleSecurityObject); + pub const PILOTORGANIZATION: Nid = Nid(ffi::NID_pilotOrganization); + pub const PILOTDSA: Nid = Nid(ffi::NID_pilotDSA); + pub const QUALITYLABELLEDDATA: Nid = Nid(ffi::NID_qualityLabelledData); + pub const USERID: Nid = Nid(ffi::NID_userId); + pub const TEXTENCODEDORADDRESS: Nid = Nid(ffi::NID_textEncodedORAddress); + pub const RFC822MAILBOX: Nid = Nid(ffi::NID_rfc822Mailbox); + pub const INFO: Nid = Nid(ffi::NID_info); + pub const FAVOURITEDRINK: Nid = Nid(ffi::NID_favouriteDrink); + pub const ROOMNUMBER: Nid = Nid(ffi::NID_roomNumber); + pub const PHOTO: Nid = Nid(ffi::NID_photo); + pub const USERCLASS: Nid = Nid(ffi::NID_userClass); + pub const HOST: Nid = Nid(ffi::NID_host); + pub const MANAGER: Nid = Nid(ffi::NID_manager); + pub const DOCUMENTIDENTIFIER: Nid = Nid(ffi::NID_documentIdentifier); + pub const DOCUMENTTITLE: Nid = Nid(ffi::NID_documentTitle); + pub const DOCUMENTVERSION: Nid = Nid(ffi::NID_documentVersion); + pub const DOCUMENTAUTHOR: Nid = Nid(ffi::NID_documentAuthor); + pub const DOCUMENTLOCATION: Nid = Nid(ffi::NID_documentLocation); + pub const HOMETELEPHONENUMBER: Nid = Nid(ffi::NID_homeTelephoneNumber); + pub const SECRETARY: Nid = Nid(ffi::NID_secretary); + pub const OTHERMAILBOX: Nid = Nid(ffi::NID_otherMailbox); + pub const LASTMODIFIEDTIME: Nid = Nid(ffi::NID_lastModifiedTime); + pub const LASTMODIFIEDBY: Nid = Nid(ffi::NID_lastModifiedBy); + pub const DOMAINCOMPONENT: Nid = Nid(ffi::NID_domainComponent); + pub const ARECORD: Nid = Nid(ffi::NID_aRecord); + pub const PILOTATTRIBUTETYPE27: Nid = Nid(ffi::NID_pilotAttributeType27); + pub const MXRECORD: Nid = Nid(ffi::NID_mXRecord); + pub const NSRECORD: Nid = Nid(ffi::NID_nSRecord); + pub const SOARECORD: Nid = Nid(ffi::NID_sOARecord); + pub const CNAMERECORD: Nid = Nid(ffi::NID_cNAMERecord); + pub const ASSOCIATEDDOMAIN: Nid = Nid(ffi::NID_associatedDomain); + pub const ASSOCIATEDNAME: Nid = Nid(ffi::NID_associatedName); + pub const HOMEPOSTALADDRESS: Nid = Nid(ffi::NID_homePostalAddress); + pub const PERSONALTITLE: Nid = Nid(ffi::NID_personalTitle); + pub const MOBILETELEPHONENUMBER: Nid = Nid(ffi::NID_mobileTelephoneNumber); + pub const PAGERTELEPHONENUMBER: Nid = Nid(ffi::NID_pagerTelephoneNumber); + pub const FRIENDLYCOUNTRYNAME: Nid = Nid(ffi::NID_friendlyCountryName); + pub const ORGANIZATIONALSTATUS: Nid = Nid(ffi::NID_organizationalStatus); + pub const JANETMAILBOX: Nid = Nid(ffi::NID_janetMailbox); + pub const MAILPREFERENCEOPTION: Nid = Nid(ffi::NID_mailPreferenceOption); + pub const BUILDINGNAME: Nid = Nid(ffi::NID_buildingName); + pub const DSAQUALITY: Nid = Nid(ffi::NID_dSAQuality); + pub const SINGLELEVELQUALITY: Nid = Nid(ffi::NID_singleLevelQuality); + pub const SUBTREEMINIMUMQUALITY: Nid = Nid(ffi::NID_subtreeMinimumQuality); + pub const SUBTREEMAXIMUMQUALITY: Nid = Nid(ffi::NID_subtreeMaximumQuality); + pub const PERSONALSIGNATURE: Nid = Nid(ffi::NID_personalSignature); + pub const DITREDIRECT: Nid = Nid(ffi::NID_dITRedirect); + pub const AUDIO: Nid = Nid(ffi::NID_audio); + pub const DOCUMENTPUBLISHER: Nid = Nid(ffi::NID_documentPublisher); + pub const ID_SET: Nid = Nid(ffi::NID_id_set); + pub const SET_CTYPE: Nid = Nid(ffi::NID_set_ctype); + pub const SET_MSGEXT: Nid = Nid(ffi::NID_set_msgExt); + pub const SET_ATTR: Nid = Nid(ffi::NID_set_attr); + pub const SET_POLICY: Nid = Nid(ffi::NID_set_policy); + pub const SET_CERTEXT: Nid = Nid(ffi::NID_set_certExt); + pub const SET_BRAND: Nid = Nid(ffi::NID_set_brand); + pub const SETCT_PANDATA: Nid = Nid(ffi::NID_setct_PANData); + pub const SETCT_PANTOKEN: Nid = Nid(ffi::NID_setct_PANToken); + pub const SETCT_PANONLY: Nid = Nid(ffi::NID_setct_PANOnly); + pub const SETCT_OIDATA: Nid = Nid(ffi::NID_setct_OIData); + pub const SETCT_PI: Nid = Nid(ffi::NID_setct_PI); + pub const SETCT_PIDATA: Nid = Nid(ffi::NID_setct_PIData); + pub const SETCT_PIDATAUNSIGNED: Nid = Nid(ffi::NID_setct_PIDataUnsigned); + pub const SETCT_HODINPUT: Nid = Nid(ffi::NID_setct_HODInput); + pub const SETCT_AUTHRESBAGGAGE: Nid = Nid(ffi::NID_setct_AuthResBaggage); + pub const SETCT_AUTHREVREQBAGGAGE: Nid = Nid(ffi::NID_setct_AuthRevReqBaggage); + pub const SETCT_AUTHREVRESBAGGAGE: Nid = Nid(ffi::NID_setct_AuthRevResBaggage); + pub const SETCT_CAPTOKENSEQ: Nid = Nid(ffi::NID_setct_CapTokenSeq); + pub const SETCT_PINITRESDATA: Nid = Nid(ffi::NID_setct_PInitResData); + pub const SETCT_PI_TBS: Nid = Nid(ffi::NID_setct_PI_TBS); + pub const SETCT_PRESDATA: Nid = Nid(ffi::NID_setct_PResData); + pub const SETCT_AUTHREQTBS: Nid = Nid(ffi::NID_setct_AuthReqTBS); + pub const SETCT_AUTHRESTBS: Nid = Nid(ffi::NID_setct_AuthResTBS); + pub const SETCT_AUTHRESTBSX: Nid = Nid(ffi::NID_setct_AuthResTBSX); + pub const SETCT_AUTHTOKENTBS: Nid = Nid(ffi::NID_setct_AuthTokenTBS); + pub const SETCT_CAPTOKENDATA: Nid = Nid(ffi::NID_setct_CapTokenData); + pub const SETCT_CAPTOKENTBS: Nid = Nid(ffi::NID_setct_CapTokenTBS); + pub const SETCT_ACQCARDCODEMSG: Nid = Nid(ffi::NID_setct_AcqCardCodeMsg); + pub const SETCT_AUTHREVREQTBS: Nid = Nid(ffi::NID_setct_AuthRevReqTBS); + pub const SETCT_AUTHREVRESDATA: Nid = Nid(ffi::NID_setct_AuthRevResData); + pub const SETCT_AUTHREVRESTBS: Nid = Nid(ffi::NID_setct_AuthRevResTBS); + pub const SETCT_CAPREQTBS: Nid = Nid(ffi::NID_setct_CapReqTBS); + pub const SETCT_CAPREQTBSX: Nid = Nid(ffi::NID_setct_CapReqTBSX); + pub const SETCT_CAPRESDATA: Nid = Nid(ffi::NID_setct_CapResData); + pub const SETCT_CAPREVREQTBS: Nid = Nid(ffi::NID_setct_CapRevReqTBS); + pub const SETCT_CAPREVREQTBSX: Nid = Nid(ffi::NID_setct_CapRevReqTBSX); + pub const SETCT_CAPREVRESDATA: Nid = Nid(ffi::NID_setct_CapRevResData); + pub const SETCT_CREDREQTBS: Nid = Nid(ffi::NID_setct_CredReqTBS); + pub const SETCT_CREDREQTBSX: Nid = Nid(ffi::NID_setct_CredReqTBSX); + pub const SETCT_CREDRESDATA: Nid = Nid(ffi::NID_setct_CredResData); + pub const SETCT_CREDREVREQTBS: Nid = Nid(ffi::NID_setct_CredRevReqTBS); + pub const SETCT_CREDREVREQTBSX: Nid = Nid(ffi::NID_setct_CredRevReqTBSX); + pub const SETCT_CREDREVRESDATA: Nid = Nid(ffi::NID_setct_CredRevResData); + pub const SETCT_PCERTREQDATA: Nid = Nid(ffi::NID_setct_PCertReqData); + pub const SETCT_PCERTRESTBS: Nid = Nid(ffi::NID_setct_PCertResTBS); + pub const SETCT_BATCHADMINREQDATA: Nid = Nid(ffi::NID_setct_BatchAdminReqData); + pub const SETCT_BATCHADMINRESDATA: Nid = Nid(ffi::NID_setct_BatchAdminResData); + pub const SETCT_CARDCINITRESTBS: Nid = Nid(ffi::NID_setct_CardCInitResTBS); + pub const SETCT_MEAQCINITRESTBS: Nid = Nid(ffi::NID_setct_MeAqCInitResTBS); + pub const SETCT_REGFORMRESTBS: Nid = Nid(ffi::NID_setct_RegFormResTBS); + pub const SETCT_CERTREQDATA: Nid = Nid(ffi::NID_setct_CertReqData); + pub const SETCT_CERTREQTBS: Nid = Nid(ffi::NID_setct_CertReqTBS); + pub const SETCT_CERTRESDATA: Nid = Nid(ffi::NID_setct_CertResData); + pub const SETCT_CERTINQREQTBS: Nid = Nid(ffi::NID_setct_CertInqReqTBS); + pub const SETCT_ERRORTBS: Nid = Nid(ffi::NID_setct_ErrorTBS); + pub const SETCT_PIDUALSIGNEDTBE: Nid = Nid(ffi::NID_setct_PIDualSignedTBE); + pub const SETCT_PIUNSIGNEDTBE: Nid = Nid(ffi::NID_setct_PIUnsignedTBE); + pub const SETCT_AUTHREQTBE: Nid = Nid(ffi::NID_setct_AuthReqTBE); + pub const SETCT_AUTHRESTBE: Nid = Nid(ffi::NID_setct_AuthResTBE); + pub const SETCT_AUTHRESTBEX: Nid = Nid(ffi::NID_setct_AuthResTBEX); + pub const SETCT_AUTHTOKENTBE: Nid = Nid(ffi::NID_setct_AuthTokenTBE); + pub const SETCT_CAPTOKENTBE: Nid = Nid(ffi::NID_setct_CapTokenTBE); + pub const SETCT_CAPTOKENTBEX: Nid = Nid(ffi::NID_setct_CapTokenTBEX); + pub const SETCT_ACQCARDCODEMSGTBE: Nid = Nid(ffi::NID_setct_AcqCardCodeMsgTBE); + pub const SETCT_AUTHREVREQTBE: Nid = Nid(ffi::NID_setct_AuthRevReqTBE); + pub const SETCT_AUTHREVRESTBE: Nid = Nid(ffi::NID_setct_AuthRevResTBE); + pub const SETCT_AUTHREVRESTBEB: Nid = Nid(ffi::NID_setct_AuthRevResTBEB); + pub const SETCT_CAPREQTBE: Nid = Nid(ffi::NID_setct_CapReqTBE); + pub const SETCT_CAPREQTBEX: Nid = Nid(ffi::NID_setct_CapReqTBEX); + pub const SETCT_CAPRESTBE: Nid = Nid(ffi::NID_setct_CapResTBE); + pub const SETCT_CAPREVREQTBE: Nid = Nid(ffi::NID_setct_CapRevReqTBE); + pub const SETCT_CAPREVREQTBEX: Nid = Nid(ffi::NID_setct_CapRevReqTBEX); + pub const SETCT_CAPREVRESTBE: Nid = Nid(ffi::NID_setct_CapRevResTBE); + pub const SETCT_CREDREQTBE: Nid = Nid(ffi::NID_setct_CredReqTBE); + pub const SETCT_CREDREQTBEX: Nid = Nid(ffi::NID_setct_CredReqTBEX); + pub const SETCT_CREDRESTBE: Nid = Nid(ffi::NID_setct_CredResTBE); + pub const SETCT_CREDREVREQTBE: Nid = Nid(ffi::NID_setct_CredRevReqTBE); + pub const SETCT_CREDREVREQTBEX: Nid = Nid(ffi::NID_setct_CredRevReqTBEX); + pub const SETCT_CREDREVRESTBE: Nid = Nid(ffi::NID_setct_CredRevResTBE); + pub const SETCT_BATCHADMINREQTBE: Nid = Nid(ffi::NID_setct_BatchAdminReqTBE); + pub const SETCT_BATCHADMINRESTBE: Nid = Nid(ffi::NID_setct_BatchAdminResTBE); + pub const SETCT_REGFORMREQTBE: Nid = Nid(ffi::NID_setct_RegFormReqTBE); + pub const SETCT_CERTREQTBE: Nid = Nid(ffi::NID_setct_CertReqTBE); + pub const SETCT_CERTREQTBEX: Nid = Nid(ffi::NID_setct_CertReqTBEX); + pub const SETCT_CERTRESTBE: Nid = Nid(ffi::NID_setct_CertResTBE); + pub const SETCT_CRLNOTIFICATIONTBS: Nid = Nid(ffi::NID_setct_CRLNotificationTBS); + pub const SETCT_CRLNOTIFICATIONRESTBS: Nid = Nid(ffi::NID_setct_CRLNotificationResTBS); + pub const SETCT_BCIDISTRIBUTIONTBS: Nid = Nid(ffi::NID_setct_BCIDistributionTBS); + pub const SETEXT_GENCRYPT: Nid = Nid(ffi::NID_setext_genCrypt); + pub const SETEXT_MIAUTH: Nid = Nid(ffi::NID_setext_miAuth); + pub const SETEXT_PINSECURE: Nid = Nid(ffi::NID_setext_pinSecure); + pub const SETEXT_PINANY: Nid = Nid(ffi::NID_setext_pinAny); + pub const SETEXT_TRACK2: Nid = Nid(ffi::NID_setext_track2); + pub const SETEXT_CV: Nid = Nid(ffi::NID_setext_cv); + pub const SET_POLICY_ROOT: Nid = Nid(ffi::NID_set_policy_root); + pub const SETCEXT_HASHEDROOT: Nid = Nid(ffi::NID_setCext_hashedRoot); + pub const SETCEXT_CERTTYPE: Nid = Nid(ffi::NID_setCext_certType); + pub const SETCEXT_MERCHDATA: Nid = Nid(ffi::NID_setCext_merchData); + pub const SETCEXT_CCERTREQUIRED: Nid = Nid(ffi::NID_setCext_cCertRequired); + pub const SETCEXT_TUNNELING: Nid = Nid(ffi::NID_setCext_tunneling); + pub const SETCEXT_SETEXT: Nid = Nid(ffi::NID_setCext_setExt); + pub const SETCEXT_SETQUALF: Nid = Nid(ffi::NID_setCext_setQualf); + pub const SETCEXT_PGWYCAPABILITIES: Nid = Nid(ffi::NID_setCext_PGWYcapabilities); + pub const SETCEXT_TOKENIDENTIFIER: Nid = Nid(ffi::NID_setCext_TokenIdentifier); + pub const SETCEXT_TRACK2DATA: Nid = Nid(ffi::NID_setCext_Track2Data); + pub const SETCEXT_TOKENTYPE: Nid = Nid(ffi::NID_setCext_TokenType); + pub const SETCEXT_ISSUERCAPABILITIES: Nid = Nid(ffi::NID_setCext_IssuerCapabilities); + pub const SETATTR_CERT: Nid = Nid(ffi::NID_setAttr_Cert); + pub const SETATTR_PGWYCAP: Nid = Nid(ffi::NID_setAttr_PGWYcap); + pub const SETATTR_TOKENTYPE: Nid = Nid(ffi::NID_setAttr_TokenType); + pub const SETATTR_ISSCAP: Nid = Nid(ffi::NID_setAttr_IssCap); + pub const SET_ROOTKEYTHUMB: Nid = Nid(ffi::NID_set_rootKeyThumb); + pub const SET_ADDPOLICY: Nid = Nid(ffi::NID_set_addPolicy); + pub const SETATTR_TOKEN_EMV: Nid = Nid(ffi::NID_setAttr_Token_EMV); + pub const SETATTR_TOKEN_B0PRIME: Nid = Nid(ffi::NID_setAttr_Token_B0Prime); + pub const SETATTR_ISSCAP_CVM: Nid = Nid(ffi::NID_setAttr_IssCap_CVM); + pub const SETATTR_ISSCAP_T2: Nid = Nid(ffi::NID_setAttr_IssCap_T2); + pub const SETATTR_ISSCAP_SIG: Nid = Nid(ffi::NID_setAttr_IssCap_Sig); + pub const SETATTR_GENCRYPTGRM: Nid = Nid(ffi::NID_setAttr_GenCryptgrm); + pub const SETATTR_T2ENC: Nid = Nid(ffi::NID_setAttr_T2Enc); + pub const SETATTR_T2CLEARTXT: Nid = Nid(ffi::NID_setAttr_T2cleartxt); + pub const SETATTR_TOKICCSIG: Nid = Nid(ffi::NID_setAttr_TokICCsig); + pub const SETATTR_SECDEVSIG: Nid = Nid(ffi::NID_setAttr_SecDevSig); + pub const SET_BRAND_IATA_ATA: Nid = Nid(ffi::NID_set_brand_IATA_ATA); + pub const SET_BRAND_DINERS: Nid = Nid(ffi::NID_set_brand_Diners); + pub const SET_BRAND_AMERICANEXPRESS: Nid = Nid(ffi::NID_set_brand_AmericanExpress); + pub const SET_BRAND_JCB: Nid = Nid(ffi::NID_set_brand_JCB); + pub const SET_BRAND_VISA: Nid = Nid(ffi::NID_set_brand_Visa); + pub const SET_BRAND_MASTERCARD: Nid = Nid(ffi::NID_set_brand_MasterCard); + pub const SET_BRAND_NOVUS: Nid = Nid(ffi::NID_set_brand_Novus); + pub const DES_CDMF: Nid = Nid(ffi::NID_des_cdmf); + pub const RSAOAEPENCRYPTIONSET: Nid = Nid(ffi::NID_rsaOAEPEncryptionSET); + pub const IPSEC3: Nid = Nid(ffi::NID_ipsec3); + pub const IPSEC4: Nid = Nid(ffi::NID_ipsec4); + pub const WHIRLPOOL: Nid = Nid(ffi::NID_whirlpool); + pub const CRYPTOPRO: Nid = Nid(ffi::NID_cryptopro); + pub const CRYPTOCOM: Nid = Nid(ffi::NID_cryptocom); + pub const ID_GOSTR3411_94_WITH_GOSTR3410_2001: Nid = + Nid(ffi::NID_id_GostR3411_94_with_GostR3410_2001); + pub const ID_GOSTR3411_94_WITH_GOSTR3410_94: Nid = + Nid(ffi::NID_id_GostR3411_94_with_GostR3410_94); + pub const ID_GOSTR3411_94: Nid = Nid(ffi::NID_id_GostR3411_94); + pub const ID_HMACGOSTR3411_94: Nid = Nid(ffi::NID_id_HMACGostR3411_94); + pub const ID_GOSTR3410_2001: Nid = Nid(ffi::NID_id_GostR3410_2001); + pub const ID_GOSTR3410_94: Nid = Nid(ffi::NID_id_GostR3410_94); + pub const ID_GOST28147_89: Nid = Nid(ffi::NID_id_Gost28147_89); + pub const GOST89_CNT: Nid = Nid(ffi::NID_gost89_cnt); + pub const ID_GOST28147_89_MAC: Nid = Nid(ffi::NID_id_Gost28147_89_MAC); + pub const ID_GOSTR3411_94_PRF: Nid = Nid(ffi::NID_id_GostR3411_94_prf); + pub const ID_GOSTR3410_2001DH: Nid = Nid(ffi::NID_id_GostR3410_2001DH); + pub const ID_GOSTR3410_94DH: Nid = Nid(ffi::NID_id_GostR3410_94DH); + pub const ID_GOST28147_89_CRYPTOPRO_KEYMESHING: Nid = + Nid(ffi::NID_id_Gost28147_89_CryptoPro_KeyMeshing); + pub const ID_GOST28147_89_NONE_KEYMESHING: Nid = Nid(ffi::NID_id_Gost28147_89_None_KeyMeshing); + pub const ID_GOSTR3411_94_TESTPARAMSET: Nid = Nid(ffi::NID_id_GostR3411_94_TestParamSet); + pub const ID_GOSTR3411_94_CRYPTOPROPARAMSET: Nid = + Nid(ffi::NID_id_GostR3411_94_CryptoProParamSet); + pub const ID_GOST28147_89_TESTPARAMSET: Nid = Nid(ffi::NID_id_Gost28147_89_TestParamSet); + pub const ID_GOST28147_89_CRYPTOPRO_A_PARAMSET: Nid = + Nid(ffi::NID_id_Gost28147_89_CryptoPro_A_ParamSet); + pub const ID_GOST28147_89_CRYPTOPRO_B_PARAMSET: Nid = + Nid(ffi::NID_id_Gost28147_89_CryptoPro_B_ParamSet); + pub const ID_GOST28147_89_CRYPTOPRO_C_PARAMSET: Nid = + Nid(ffi::NID_id_Gost28147_89_CryptoPro_C_ParamSet); + pub const ID_GOST28147_89_CRYPTOPRO_D_PARAMSET: Nid = + Nid(ffi::NID_id_Gost28147_89_CryptoPro_D_ParamSet); + pub const ID_GOST28147_89_CRYPTOPRO_OSCAR_1_1_PARAMSET: Nid = + Nid(ffi::NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet); + pub const ID_GOST28147_89_CRYPTOPRO_OSCAR_1_0_PARAMSET: Nid = + Nid(ffi::NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet); + pub const ID_GOST28147_89_CRYPTOPRO_RIC_1_PARAMSET: Nid = + Nid(ffi::NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet); + pub const ID_GOSTR3410_94_TESTPARAMSET: Nid = Nid(ffi::NID_id_GostR3410_94_TestParamSet); + pub const ID_GOSTR3410_94_CRYPTOPRO_A_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_94_CryptoPro_A_ParamSet); + pub const ID_GOSTR3410_94_CRYPTOPRO_B_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_94_CryptoPro_B_ParamSet); + pub const ID_GOSTR3410_94_CRYPTOPRO_C_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_94_CryptoPro_C_ParamSet); + pub const ID_GOSTR3410_94_CRYPTOPRO_D_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_94_CryptoPro_D_ParamSet); + pub const ID_GOSTR3410_94_CRYPTOPRO_XCHA_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_94_CryptoPro_XchA_ParamSet); + pub const ID_GOSTR3410_94_CRYPTOPRO_XCHB_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_94_CryptoPro_XchB_ParamSet); + pub const ID_GOSTR3410_94_CRYPTOPRO_XCHC_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_94_CryptoPro_XchC_ParamSet); + pub const ID_GOSTR3410_2001_TESTPARAMSET: Nid = Nid(ffi::NID_id_GostR3410_2001_TestParamSet); + pub const ID_GOSTR3410_2001_CRYPTOPRO_A_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_2001_CryptoPro_A_ParamSet); + pub const ID_GOSTR3410_2001_CRYPTOPRO_B_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_2001_CryptoPro_B_ParamSet); + pub const ID_GOSTR3410_2001_CRYPTOPRO_C_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_2001_CryptoPro_C_ParamSet); + pub const ID_GOSTR3410_2001_CRYPTOPRO_XCHA_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet); + pub const ID_GOSTR3410_2001_CRYPTOPRO_XCHB_PARAMSET: Nid = + Nid(ffi::NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet); + pub const ID_GOSTR3410_94_A: Nid = Nid(ffi::NID_id_GostR3410_94_a); + pub const ID_GOSTR3410_94_ABIS: Nid = Nid(ffi::NID_id_GostR3410_94_aBis); + pub const ID_GOSTR3410_94_B: Nid = Nid(ffi::NID_id_GostR3410_94_b); + pub const ID_GOSTR3410_94_BBIS: Nid = Nid(ffi::NID_id_GostR3410_94_bBis); + pub const ID_GOST28147_89_CC: Nid = Nid(ffi::NID_id_Gost28147_89_cc); + pub const ID_GOSTR3410_94_CC: Nid = Nid(ffi::NID_id_GostR3410_94_cc); + pub const ID_GOSTR3410_2001_CC: Nid = Nid(ffi::NID_id_GostR3410_2001_cc); + pub const ID_GOSTR3411_94_WITH_GOSTR3410_94_CC: Nid = + Nid(ffi::NID_id_GostR3411_94_with_GostR3410_94_cc); + pub const ID_GOSTR3411_94_WITH_GOSTR3410_2001_CC: Nid = + Nid(ffi::NID_id_GostR3411_94_with_GostR3410_2001_cc); + pub const ID_GOSTR3410_2001_PARAMSET_CC: Nid = Nid(ffi::NID_id_GostR3410_2001_ParamSet_cc); + pub const CAMELLIA_128_CBC: Nid = Nid(ffi::NID_camellia_128_cbc); + pub const CAMELLIA_192_CBC: Nid = Nid(ffi::NID_camellia_192_cbc); + pub const CAMELLIA_256_CBC: Nid = Nid(ffi::NID_camellia_256_cbc); + pub const ID_CAMELLIA128_WRAP: Nid = Nid(ffi::NID_id_camellia128_wrap); + pub const ID_CAMELLIA192_WRAP: Nid = Nid(ffi::NID_id_camellia192_wrap); + pub const ID_CAMELLIA256_WRAP: Nid = Nid(ffi::NID_id_camellia256_wrap); + pub const CAMELLIA_128_ECB: Nid = Nid(ffi::NID_camellia_128_ecb); + pub const CAMELLIA_128_OFB128: Nid = Nid(ffi::NID_camellia_128_ofb128); + pub const CAMELLIA_128_CFB128: Nid = Nid(ffi::NID_camellia_128_cfb128); + pub const CAMELLIA_192_ECB: Nid = Nid(ffi::NID_camellia_192_ecb); + pub const CAMELLIA_192_OFB128: Nid = Nid(ffi::NID_camellia_192_ofb128); + pub const CAMELLIA_192_CFB128: Nid = Nid(ffi::NID_camellia_192_cfb128); + pub const CAMELLIA_256_ECB: Nid = Nid(ffi::NID_camellia_256_ecb); + pub const CAMELLIA_256_OFB128: Nid = Nid(ffi::NID_camellia_256_ofb128); + pub const CAMELLIA_256_CFB128: Nid = Nid(ffi::NID_camellia_256_cfb128); + pub const CAMELLIA_128_CFB1: Nid = Nid(ffi::NID_camellia_128_cfb1); + pub const CAMELLIA_192_CFB1: Nid = Nid(ffi::NID_camellia_192_cfb1); + pub const CAMELLIA_256_CFB1: Nid = Nid(ffi::NID_camellia_256_cfb1); + pub const CAMELLIA_128_CFB8: Nid = Nid(ffi::NID_camellia_128_cfb8); + pub const CAMELLIA_192_CFB8: Nid = Nid(ffi::NID_camellia_192_cfb8); + pub const CAMELLIA_256_CFB8: Nid = Nid(ffi::NID_camellia_256_cfb8); + pub const KISA: Nid = Nid(ffi::NID_kisa); + pub const SEED_ECB: Nid = Nid(ffi::NID_seed_ecb); + pub const SEED_CBC: Nid = Nid(ffi::NID_seed_cbc); + pub const SEED_CFB128: Nid = Nid(ffi::NID_seed_cfb128); + pub const SEED_OFB128: Nid = Nid(ffi::NID_seed_ofb128); + pub const HMAC: Nid = Nid(ffi::NID_hmac); + pub const CMAC: Nid = Nid(ffi::NID_cmac); + pub const RC4_HMAC_MD5: Nid = Nid(ffi::NID_rc4_hmac_md5); + pub const AES_128_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_128_cbc_hmac_sha1); + pub const AES_192_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_192_cbc_hmac_sha1); + pub const AES_256_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_256_cbc_hmac_sha1); +} diff --git a/openssl/src/ocsp.rs b/openssl/src/ocsp.rs index 65436a4c4081a98c96cd255625a9fb12eb43d396..edd51d8f90a769249575229271498f37bf70eaaa 100644 --- a/openssl/src/ocsp.rs +++ b/openssl/src/ocsp.rs @@ -13,57 +13,21 @@ use x509::store::X509StoreRef; use x509::{X509, X509Ref}; bitflags! { - pub struct Flag: c_ulong { - const FLAG_NO_CERTS = ffi::OCSP_NOCERTS; - const FLAG_NO_INTERN = ffi::OCSP_NOINTERN; - const FLAG_NO_CHAIN = ffi::OCSP_NOCHAIN; - const FLAG_NO_VERIFY = ffi::OCSP_NOVERIFY; - const FLAG_NO_EXPLICIT = ffi::OCSP_NOEXPLICIT; - const FLAG_NO_CA_SIGN = ffi::OCSP_NOCASIGN; - const FLAG_NO_DELEGATED = ffi::OCSP_NODELEGATED; - const FLAG_NO_CHECKS = ffi::OCSP_NOCHECKS; - const FLAG_TRUST_OTHER = ffi::OCSP_TRUSTOTHER; - const FLAG_RESPID_KEY = ffi::OCSP_RESPID_KEY; - const FLAG_NO_TIME = ffi::OCSP_NOTIME; + pub struct OcspFlag: c_ulong { + const NO_CERTS = ffi::OCSP_NOCERTS; + const NO_INTERN = ffi::OCSP_NOINTERN; + const NO_CHAIN = ffi::OCSP_NOCHAIN; + const NO_VERIFY = ffi::OCSP_NOVERIFY; + const NO_EXPLICIT = ffi::OCSP_NOEXPLICIT; + const NO_CA_SIGN = ffi::OCSP_NOCASIGN; + const NO_DELEGATED = ffi::OCSP_NODELEGATED; + const NO_CHECKS = ffi::OCSP_NOCHECKS; + const TRUST_OTHER = ffi::OCSP_TRUSTOTHER; + const RESPID_KEY = ffi::OCSP_RESPID_KEY; + const NO_TIME = ffi::OCSP_NOTIME; } } -pub const RESPONSE_STATUS_SUCCESSFUL: OcspResponseStatus = - OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_SUCCESSFUL); -pub const RESPONSE_STATUS_MALFORMED_REQUEST: OcspResponseStatus = - OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_MALFORMEDREQUEST); -pub const RESPONSE_STATUS_INTERNAL_ERROR: OcspResponseStatus = - OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_INTERNALERROR); -pub const RESPONSE_STATUS_TRY_LATER: OcspResponseStatus = - OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_TRYLATER); -pub const RESPONSE_STATUS_SIG_REQUIRED: OcspResponseStatus = - OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_SIGREQUIRED); -pub const RESPONSE_STATUS_UNAUTHORIZED: OcspResponseStatus = - OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_UNAUTHORIZED); - -pub const CERT_STATUS_GOOD: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_GOOD); -pub const CERT_STATUS_REVOKED: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_REVOKED); -pub const CERT_STATUS_UNKNOWN: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_UNKNOWN); - -pub const REVOKED_STATUS_NO_STATUS: OcspRevokedStatus = - OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_NOSTATUS); -pub const REVOKED_STATUS_UNSPECIFIED: OcspRevokedStatus = - OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_UNSPECIFIED); -pub const REVOKED_STATUS_KEY_COMPROMISE: OcspRevokedStatus = - OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_KEYCOMPROMISE); -pub const REVOKED_STATUS_CA_COMPROMISE: OcspRevokedStatus = - OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_CACOMPROMISE); -pub const REVOKED_STATUS_AFFILIATION_CHANGED: OcspRevokedStatus = - OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_AFFILIATIONCHANGED); -pub const REVOKED_STATUS_SUPERSEDED: OcspRevokedStatus = - OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_SUPERSEDED); -pub const REVOKED_STATUS_CESSATION_OF_OPERATION: OcspRevokedStatus = - OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_CESSATIONOFOPERATION); -pub const REVOKED_STATUS_CERTIFICATE_HOLD: OcspRevokedStatus = - OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_CERTIFICATEHOLD); -pub const REVOKED_STATUS_REMOVE_FROM_CRL: OcspRevokedStatus = - OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_REMOVEFROMCRL); - #[derive(Copy, Clone, Debug, PartialEq, Eq)] pub struct OcspResponseStatus(c_int); @@ -75,6 +39,19 @@ impl OcspResponseStatus { pub fn as_raw(&self) -> c_int { self.0 } + + pub const SUCCESSFUL: OcspResponseStatus = + OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_SUCCESSFUL); + pub const MALFORMED_REQUEST: OcspResponseStatus = + OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_MALFORMEDREQUEST); + pub const INTERNAL_ERROR: OcspResponseStatus = + OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_INTERNALERROR); + pub const TRY_LATER: OcspResponseStatus = + OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_TRYLATER); + pub const SIG_REQUIRED: OcspResponseStatus = + OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_SIGREQUIRED); + pub const UNAUTHORIZED: OcspResponseStatus = + OcspResponseStatus(ffi::OCSP_RESPONSE_STATUS_UNAUTHORIZED); } #[derive(Copy, Clone, Debug, PartialEq, Eq)] @@ -88,6 +65,10 @@ impl OcspCertStatus { pub fn as_raw(&self) -> c_int { self.0 } + + pub const GOOD: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_GOOD); + pub const REVOKED: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_REVOKED); + pub const UNKNOWN: OcspCertStatus = OcspCertStatus(ffi::V_OCSP_CERTSTATUS_UNKNOWN); } #[derive(Copy, Clone, Debug, PartialEq, Eq)] @@ -101,9 +82,27 @@ impl OcspRevokedStatus { pub fn as_raw(&self) -> c_int { self.0 } + + pub const NO_STATUS: OcspRevokedStatus = OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_NOSTATUS); + pub const UNSPECIFIED: OcspRevokedStatus = + OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_UNSPECIFIED); + pub const KEY_COMPROMISE: OcspRevokedStatus = + OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_KEYCOMPROMISE); + pub const CA_COMPROMISE: OcspRevokedStatus = + OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_CACOMPROMISE); + pub const AFFILIATION_CHANGED: OcspRevokedStatus = + OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_AFFILIATIONCHANGED); + pub const STATUS_SUPERSEDED: OcspRevokedStatus = + OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_SUPERSEDED); + pub const STATUS_CESSATION_OF_OPERATION: OcspRevokedStatus = + OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_CESSATIONOFOPERATION); + pub const STATUS_CERTIFICATE_HOLD: OcspRevokedStatus = + OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_CERTIFICATEHOLD); + pub const REMOVE_FROM_CRL: OcspRevokedStatus = + OcspRevokedStatus(ffi::OCSP_REVOKED_STATUS_REMOVEFROMCRL); } -pub struct Status<'a> { +pub struct OcspStatus<'a> { /// The overall status of the response. pub status: OcspCertStatus, /// If `status` is `CERT_STATUS_REVOKED`, the reason for the revocation. @@ -116,7 +115,7 @@ pub struct Status<'a> { pub next_update: &'a Asn1GeneralizedTimeRef, } -impl<'a> Status<'a> { +impl<'a> OcspStatus<'a> { /// Checks validity of the `this_update` and `next_update` fields. /// /// The `nsec` parameter specifies an amount of slack time that will be used when comparing @@ -153,7 +152,7 @@ impl OcspBasicResponseRef { &self, certs: &StackRef, store: &X509StoreRef, - flags: Flag, + flags: OcspFlag, ) -> Result<(), ErrorStack> { unsafe { cvt(ffi::OCSP_basic_verify( @@ -166,7 +165,7 @@ impl OcspBasicResponseRef { } /// Looks up the status for the specified certificate ID. - pub fn find_status<'a>(&'a self, id: &OcspCertIdRef) -> Option> { + pub fn find_status<'a>(&'a self, id: &OcspCertIdRef) -> Option> { unsafe { let mut status = ffi::V_OCSP_CERTSTATUS_UNKNOWN; let mut reason = ffi::OCSP_REVOKED_STATUS_NOSTATUS; @@ -189,7 +188,7 @@ impl OcspBasicResponseRef { } else { Some(Asn1GeneralizedTimeRef::from_ptr(revocation_time)) }; - Some(Status { + Some(OcspStatus { status: OcspCertStatus(status), reason: OcspRevokedStatus(status), revocation_time: revocation_time, diff --git a/openssl/src/pkcs12.rs b/openssl/src/pkcs12.rs index 20422a28a80acf87a29a114e23c682b452e236d8..84401a04b6a2ee19ced03c82393333f45ad6ef92 100644 --- a/openssl/src/pkcs12.rs +++ b/openssl/src/pkcs12.rs @@ -11,7 +11,7 @@ use pkey::{PKey, PKeyRef}; use error::ErrorStack; use x509::X509; use stack::Stack; -use nid; +use nid::Nid; foreign_type_and_impl_send_sync! { type CType = ffi::PKCS12; @@ -75,8 +75,8 @@ impl Pkcs12 { ffi::init(); Pkcs12Builder { - nid_key: nid::UNDEF, //nid::PBE_WITHSHA1AND3_KEY_TRIPLEDES_CBC, - nid_cert: nid::UNDEF, //nid::PBE_WITHSHA1AND40BITRC2_CBC, + nid_key: Nid::UNDEF, //nid::PBE_WITHSHA1AND3_KEY_TRIPLEDES_CBC, + nid_cert: Nid::UNDEF, //nid::PBE_WITHSHA1AND40BITRC2_CBC, iter: ffi::PKCS12_DEFAULT_ITER, mac_iter: ffi::PKCS12_DEFAULT_ITER, ca: None, @@ -92,8 +92,8 @@ pub struct ParsedPkcs12 { } pub struct Pkcs12Builder { - nid_key: nid::Nid, - nid_cert: nid::Nid, + nid_key: Nid, + nid_cert: Nid, iter: c_int, mac_iter: c_int, ca: Option>, @@ -101,13 +101,13 @@ pub struct Pkcs12Builder { impl Pkcs12Builder { /// The encryption algorithm that should be used for the key - pub fn key_algorithm(&mut self, nid: nid::Nid) -> &mut Self { + pub fn key_algorithm(&mut self, nid: Nid) -> &mut Self { self.nid_key = nid; self } /// The encryption algorithm that should be used for the cert - pub fn cert_algorithm(&mut self, nid: nid::Nid) -> &mut Self { + pub fn cert_algorithm(&mut self, nid: Nid) -> &mut Self { self.nid_cert = nid; self } @@ -190,7 +190,7 @@ mod test { use asn1::Asn1Time; use rsa::Rsa; use pkey::PKey; - use nid; + use nid::Nid; use x509::{X509, X509Name}; use x509::extension::KeyUsage; @@ -238,7 +238,7 @@ mod test { let pkey = PKey::from_rsa(rsa).unwrap(); let mut name = X509Name::builder().unwrap(); - name.append_entry_by_nid(nid::COMMONNAME, subject_name) + name.append_entry_by_nid(Nid::COMMONNAME, subject_name) .unwrap(); let name = name.build(); diff --git a/openssl/src/pkey.rs b/openssl/src/pkey.rs index 9ef7e8854a35077e8c08c009f35b011029ef3e9a..5cbc2878b8d544032f348ccbbc8d1995c35c7832 100644 --- a/openssl/src/pkey.rs +++ b/openssl/src/pkey.rs @@ -1,4 +1,4 @@ -use libc::{c_void, c_char, c_int, size_t}; +use libc::{c_char, c_int, c_void, size_t}; use std::ptr; use std::mem; use std::ffi::CString; @@ -10,9 +10,9 @@ use bio::MemBioSlice; use dh::Dh; use dsa::Dsa; use ec::EcKey; -use rsa::{Rsa, Padding}; +use rsa::{Padding, Rsa}; use error::ErrorStack; -use util::{CallbackState, invoke_passwd_cb, invoke_passwd_cb_old}; +use util::{invoke_passwd_cb, invoke_passwd_cb_old, CallbackState}; foreign_type_and_impl_send_sync! { type CType = ffi::EVP_PKEY; @@ -254,9 +254,7 @@ impl PKeyCtxRef { pub fn rsa_padding(&self) -> Result { let mut pad: c_int = 0; unsafe { - cvt( - ffi::EVP_PKEY_CTX_get_rsa_padding(self.as_ptr(), &mut pad), - )?; + cvt(ffi::EVP_PKEY_CTX_get_rsa_padding(self.as_ptr(), &mut pad))?; }; Ok(Padding::from_raw(pad)) } @@ -270,9 +268,7 @@ impl PKeyCtxRef { pub fn derive_set_peer(&mut self, peer: &PKeyRef) -> Result<(), ErrorStack> { unsafe { - cvt( - ffi::EVP_PKEY_derive_set_peer(self.as_ptr(), peer.as_ptr()), - )?; + cvt(ffi::EVP_PKEY_derive_set_peer(self.as_ptr(), peer.as_ptr()))?; } Ok(()) } @@ -306,7 +302,7 @@ mod tests { use dsa::Dsa; use ec::{EcGroup, EcKey}; use rsa::Rsa; - use nid; + use nid::Nid; use super::*; @@ -403,7 +399,7 @@ mod tests { #[test] fn test_ec_key_accessor() { - let ec_key = EcKey::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + let ec_key = EcKey::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); let pkey = PKey::from_ec_key(ec_key).unwrap(); pkey.ec_key().unwrap(); assert!(pkey.rsa().is_err()); @@ -411,7 +407,7 @@ mod tests { #[test] fn test_ec_key_derive() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); let ec_key = EcKey::generate(&group).unwrap(); let ec_key2 = EcKey::generate(&group).unwrap(); let pkey = PKey::from_ec_key(ec_key).unwrap(); diff --git a/openssl/src/rsa.rs b/openssl/src/rsa.rs index b02b92168cc4ab2c9338e4c522871fa3b0cc6bff..83f05247d80b48d61e440a044b736bbaf08d3b51 100644 --- a/openssl/src/rsa.rs +++ b/openssl/src/rsa.rs @@ -2,14 +2,14 @@ use ffi; use std::fmt; use std::ptr; use std::mem; -use libc::{c_int, c_void, c_char}; +use libc::{c_char, c_int, c_void}; use foreign_types::ForeignTypeRef; -use {cvt, cvt_p, cvt_n}; +use {cvt, cvt_n, cvt_p}; use bn::{BigNum, BigNumRef}; use bio::MemBioSlice; use error::ErrorStack; -use util::{CallbackState, invoke_passwd_cb_old}; +use util::{invoke_passwd_cb_old, CallbackState}; /// Type of encryption padding to use. #[derive(Debug, Copy, Clone, PartialEq, Eq)] @@ -23,11 +23,11 @@ impl Padding { pub fn as_raw(&self) -> c_int { self.0 } -} -pub const NO_PADDING: Padding = Padding(ffi::RSA_NO_PADDING); -pub const PKCS1_PADDING: Padding = Padding(ffi::RSA_PKCS1_PADDING); -pub const PKCS1_OAEP_PADDING: Padding = Padding(ffi::RSA_PKCS1_OAEP_PADDING); + pub const NONE: Padding = Padding(ffi::RSA_NO_PADDING); + pub const PKCS1: Padding = Padding(ffi::RSA_PKCS1_PADDING); + pub const PKCS1_OAEP: Padding = Padding(ffi::RSA_PKCS1_OAEP_PADDING); +} foreign_type_and_impl_send_sync! { type CType = ffi::RSA; @@ -286,9 +286,7 @@ impl Rsa { ) -> Result { unsafe { let rsa = Rsa(cvt_p(ffi::RSA_new())?); - cvt( - compat::set_key(rsa.0, n.as_ptr(), e.as_ptr(), d.as_ptr()), - )?; + cvt(compat::set_key(rsa.0, n.as_ptr(), e.as_ptr(), d.as_ptr()))?; mem::forget((n, e, d)); cvt(compat::set_factors(rsa.0, p.as_ptr(), q.as_ptr()))?; mem::forget((p, q)); @@ -490,7 +488,7 @@ mod test { let mut result = vec![0; public_key.size()]; let original_data = b"This is test"; let len = public_key - .public_encrypt(original_data, &mut result, PKCS1_PADDING) + .public_encrypt(original_data, &mut result, Padding::PKCS1) .unwrap(); assert_eq!(len, 256); @@ -498,7 +496,7 @@ mod test { let private_key = Rsa::private_key_from_pem(pkey).unwrap(); let mut dec_result = vec![0; private_key.size()]; let len = private_key - .private_decrypt(&result, &mut dec_result, PKCS1_PADDING) + .private_decrypt(&result, &mut dec_result, Padding::PKCS1) .unwrap(); assert_eq!(&dec_result[..len], original_data); @@ -513,9 +511,10 @@ mod test { let msg = vec![0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; let mut emesg = vec![0; k0.size()]; - k0.private_encrypt(&msg, &mut emesg, PKCS1_PADDING).unwrap(); + k0.private_encrypt(&msg, &mut emesg, Padding::PKCS1) + .unwrap(); let mut dmesg = vec![0; k1.size()]; - let len = k1.public_decrypt(&emesg, &mut dmesg, PKCS1_PADDING) + let len = k1.public_decrypt(&emesg, &mut dmesg, Padding::PKCS1) .unwrap(); assert_eq!(msg, &dmesg[..len]); } @@ -529,9 +528,9 @@ mod test { let msg = vec![0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; let mut emesg = vec![0; k0.size()]; - k0.public_encrypt(&msg, &mut emesg, PKCS1_PADDING).unwrap(); + k0.public_encrypt(&msg, &mut emesg, Padding::PKCS1).unwrap(); let mut dmesg = vec![0; k1.size()]; - let len = k1.private_decrypt(&emesg, &mut dmesg, PKCS1_PADDING) + let len = k1.private_decrypt(&emesg, &mut dmesg, Padding::PKCS1) .unwrap(); assert_eq!(msg, &dmesg[..len]); } diff --git a/openssl/src/sign.rs b/openssl/src/sign.rs index a90d1570a4b569b2346f3cbab6cb7bbde817295e..4a0af9d7591bc0307fd9bc98ae84696b00274c61 100644 --- a/openssl/src/sign.rs +++ b/openssl/src/sign.rs @@ -353,8 +353,8 @@ mod test { use hash::MessageDigest; use sign::{Signer, Verifier}; use ec::{EcGroup, EcKey}; - use nid; - use rsa::{PKCS1_PADDING, Rsa}; + use nid::Nid; + use rsa::{Padding, Rsa}; use dsa::Dsa; use pkey::PKey; @@ -378,10 +378,10 @@ mod test { let pkey = PKey::from_rsa(private_key).unwrap(); let mut signer = Signer::new(MessageDigest::sha256(), &pkey).unwrap(); - assert_eq!(signer.pkey_ctx_mut().rsa_padding().unwrap(), PKCS1_PADDING); + assert_eq!(signer.pkey_ctx_mut().rsa_padding().unwrap(), Padding::PKCS1); signer .pkey_ctx_mut() - .set_rsa_padding(PKCS1_PADDING) + .set_rsa_padding(Padding::PKCS1) .unwrap(); signer.update(&Vec::from_hex(INPUT).unwrap()).unwrap(); let result = signer.sign_to_vec().unwrap(); @@ -398,7 +398,7 @@ mod test { let mut verifier = Verifier::new(MessageDigest::sha256(), &pkey).unwrap(); assert_eq!( verifier.pkey_ctx_mut().rsa_padding().unwrap(), - PKCS1_PADDING + Padding::PKCS1 ); verifier.update(&Vec::from_hex(INPUT).unwrap()).unwrap(); assert!(verifier.verify(&Vec::from_hex(SIGNATURE).unwrap()).unwrap()); @@ -569,7 +569,7 @@ mod test { #[test] fn ec() { - let group = EcGroup::from_curve_name(nid::X9_62_PRIME256V1).unwrap(); + let group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); let key = EcKey::generate(&group).unwrap(); let key = PKey::from_ec_key(key).unwrap(); diff --git a/openssl/src/ssl/connector.rs b/openssl/src/ssl/connector.rs index cd02dc18841a84aedbac2809384d4c0588de4f4b..dc65ad5e50c6608f5c8e7b29bf4d644fb205f6f4 100644 --- a/openssl/src/ssl/connector.rs +++ b/openssl/src/ssl/connector.rs @@ -3,8 +3,8 @@ use std::ops::{Deref, DerefMut}; use dh::Dh; use error::ErrorStack; -use ssl::{self, HandshakeError, Ssl, SslRef, SslContext, SslContextBuilder, SslMethod, SslStream, - SSL_VERIFY_PEER}; +use ssl::{HandshakeError, Ssl, SslContext, SslContextBuilder, SslMethod, SslMode, SslOptions, + SslRef, SslStream, SslVerifyMode}; use pkey::PKeyRef; use version; use x509::X509Ref; @@ -29,26 +29,21 @@ ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg== fn ctx(method: SslMethod) -> Result { let mut ctx = SslContextBuilder::new(method)?; - let mut opts = ssl::SSL_OP_ALL; - opts &= !ssl::SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG; - opts &= !ssl::SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; - opts |= ssl::SSL_OP_NO_TICKET; - opts |= ssl::SSL_OP_NO_COMPRESSION; - opts |= ssl::SSL_OP_NO_SSLV2; - opts |= ssl::SSL_OP_NO_SSLV3; - opts |= ssl::SSL_OP_SINGLE_DH_USE; - opts |= ssl::SSL_OP_SINGLE_ECDH_USE; - opts |= ssl::SSL_OP_CIPHER_SERVER_PREFERENCE; + let mut opts = SslOptions::ALL | SslOptions::NO_COMPRESSION | SslOptions::NO_SSLV2 + | SslOptions::NO_SSLV3 | SslOptions::SINGLE_DH_USE + | SslOptions::SINGLE_ECDH_USE | SslOptions::CIPHER_SERVER_PREFERENCE; + opts &= !SslOptions::DONT_INSERT_EMPTY_FRAGMENTS; + ctx.set_options(opts); - let mut mode = ssl::SSL_MODE_AUTO_RETRY | ssl::SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER - | ssl::SSL_MODE_ENABLE_PARTIAL_WRITE; + let mut mode = + SslMode::AUTO_RETRY | SslMode::ACCEPT_MOVING_WRITE_BUFFER | SslMode::ENABLE_PARTIAL_WRITE; // This is quite a useful optimization for saving memory, but historically // caused CVEs in OpenSSL pre-1.0.1h, according to // https://bugs.python.org/issue25672 if version::number() >= 0x1000108f { - mode |= ssl::SSL_MODE_RELEASE_BUFFERS; + mode |= SslMode::RELEASE_BUFFERS; } ctx.set_mode(mode); @@ -152,7 +147,11 @@ impl SslConnector { /// Returns a structure allowing for configuration of a single TLS session before connection. pub fn configure(&self) -> Result { - Ssl::new(&self.0).map(|ssl| ConnectConfiguration { ssl, sni: true, verify_hostname: true }) + Ssl::new(&self.0).map(|ssl| ConnectConfiguration { + ssl, + sni: true, + verify_hostname: true, + }) } } @@ -228,7 +227,9 @@ impl ConnectConfiguration { where S: Read + Write, { - self.use_server_name_indication(false).verify_hostname(false).connect("", stream) + self.use_server_name_indication(false) + .verify_hostname(false) + .connect("", stream) } } @@ -379,9 +380,9 @@ impl DerefMut for SslAcceptorBuilder { #[cfg(ossl101)] fn setup_curves(ctx: &mut SslContextBuilder) -> Result<(), ErrorStack> { use ec::EcKey; - use nid; + use nid::Nid; - let curve = EcKey::from_curve_name(nid::X9_62_PRIME256V1)?; + let curve = EcKey::from_curve_name(Nid::X9_62_PRIME256V1)?; ctx.set_tmp_ecdh(&curve) } @@ -415,12 +416,12 @@ impl SslAcceptor { #[cfg(any(ossl102, ossl110))] fn setup_verify(ctx: &mut SslContextBuilder) { - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); } #[cfg(ossl101)] fn setup_verify(ctx: &mut SslContextBuilder) { - ctx.set_verify_callback(SSL_VERIFY_PEER, |p, x509| { + ctx.set_verify_callback(SslVerifyMode::PEER, |p, x509| { let hostname = match x509.ssl() { Ok(Some(ssl)) => ssl.ex_data(*HOSTNAME_IDX), _ => None, @@ -435,7 +436,7 @@ fn setup_verify(ctx: &mut SslContextBuilder) { #[cfg(any(ossl102, ossl110))] fn setup_verify_hostname(ssl: &mut Ssl, domain: &str) -> Result<(), ErrorStack> { let param = ssl._param_mut(); - param.set_hostflags(::verify::X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + param.set_hostflags(::verify::X509CheckFlags::NO_PARTIAL_WILDCARDS); match domain.parse() { Ok(ip) => param.set_ip(ip), Err(_) => param.set_host(domain), @@ -454,7 +455,7 @@ mod verify { use std::net::IpAddr; use std::str; - use nid; + use nid::Nid; use x509::{GeneralName, X509NameRef, X509Ref, X509StoreContextRef}; use stack::Stack; @@ -506,7 +507,7 @@ mod verify { } fn verify_subject_name(domain: &str, subject_name: &X509NameRef) -> bool { - match subject_name.entries_by_nid(nid::COMMONNAME).next() { + match subject_name.entries_by_nid(Nid::COMMONNAME).next() { Some(pattern) => { let pattern = match str::from_utf8(pattern.data().as_slice()) { Ok(pattern) => pattern, @@ -516,7 +517,10 @@ mod verify { // Unlike SANs, IP addresses in the subject name don't have a // different encoding. match domain.parse::() { - Ok(ip) => pattern.parse::().ok().map_or(false, |pattern| pattern == ip), + Ok(ip) => pattern + .parse::() + .ok() + .map_or(false, |pattern| pattern == ip), Err(_) => matches_dns(pattern, domain), } } diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index e72861639028e4ae07edabd3a272c62d64faec6c..371b66c04c7a5410adf8a1e1987cff5b40c0292b 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -97,7 +97,7 @@ use dh::{Dh, DhRef}; use ec::EcKeyRef; #[cfg(any(all(feature = "v101", ossl101), all(feature = "v102", ossl102)))] use ec::EcKey; -use x509::{X509, X509FileType, X509Name, X509Ref, X509StoreContextRef, X509VerifyError}; +use x509::{X509, X509Filetype, X509Name, X509Ref, X509StoreContextRef, X509VerifyError}; use x509::store::{X509StoreBuilderRef, X509StoreRef}; #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] use x509::store::X509Store; @@ -121,106 +121,85 @@ mod bio; #[cfg(test)] mod tests; -// FIXME drop SSL_ prefix -// FIXME remvove flags not used in OpenSSL 1.1 bitflags! { /// Options controlling the behavior of an `SslContext`. - pub struct SslOption: c_ulong { - // FIXME remove - const SSL_OP_MICROSOFT_SESS_ID_BUG = ffi::SSL_OP_MICROSOFT_SESS_ID_BUG; - // FIXME remove - const SSL_OP_NETSCAPE_CHALLENGE_BUG = ffi::SSL_OP_NETSCAPE_CHALLENGE_BUG; - // FIXME remove - const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = - ffi::SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG; - // FIXME remove - const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = ffi::SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER; - // FIXME remove - const SSL_OP_SSLEAY_080_CLIENT_DH_BUG = ffi::SSL_OP_SSLEAY_080_CLIENT_DH_BUG; - // FIXME remove - const SSL_OP_TLS_D5_BUG = ffi::SSL_OP_TLS_D5_BUG; - // FIXME remove - const SSL_OP_TLS_BLOCK_PADDING_BUG = ffi::SSL_OP_TLS_BLOCK_PADDING_BUG; - - // FIXME remove? not documented anywhere - const SSL_OP_CISCO_ANYCONNECT = ffi::SSL_OP_CISCO_ANYCONNECT; - + pub struct SslOptions: c_ulong { /// Disables a countermeasure against an SSLv3/TLSv1.0 vulnerability affecting CBC ciphers. - const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = ffi::SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; + const DONT_INSERT_EMPTY_FRAGMENTS = ffi::SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; /// A "reasonable default" set of options which enables compatibility flags. - const SSL_OP_ALL = ffi::SSL_OP_ALL; + const ALL = ffi::SSL_OP_ALL; /// Do not query the MTU. /// /// Only affects DTLS connections. - const SSL_OP_NO_QUERY_MTU = ffi::SSL_OP_NO_QUERY_MTU; + const NO_QUERY_MTU = ffi::SSL_OP_NO_QUERY_MTU; /// Enables Cookie Exchange as described in [RFC 4347 Section 4.2.1]. /// /// Only affects DTLS connections. /// /// [RFC 4347 Section 4.2.1]: https://tools.ietf.org/html/rfc4347#section-4.2.1 - const SSL_OP_COOKIE_EXCHANGE = ffi::SSL_OP_COOKIE_EXCHANGE; + const COOKIE_EXCHANGE = ffi::SSL_OP_COOKIE_EXCHANGE; /// Disables the use of session tickets for session resumption. - const SSL_OP_NO_TICKET = ffi::SSL_OP_NO_TICKET; + const NO_TICKET = ffi::SSL_OP_NO_TICKET; /// Always start a new session when performing a renegotiation on the server side. - const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = + const NO_SESSION_RESUMPTION_ON_RENEGOTIATION = ffi::SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION; /// Disables the use of TLS compression. - const SSL_OP_NO_COMPRESSION = ffi::SSL_OP_NO_COMPRESSION; + const NO_COMPRESSION = ffi::SSL_OP_NO_COMPRESSION; /// Allow legacy insecure renegotiation with servers or clients that do not support secure /// renegotiation. - const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = + const ALLOW_UNSAFE_LEGACY_RENEGOTIATION = ffi::SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; /// Creates a new key for each session when using ECDHE. /// /// This is always enabled in OpenSSL 1.1.0. - const SSL_OP_SINGLE_ECDH_USE = ffi::SSL_OP_SINGLE_ECDH_USE; + const SINGLE_ECDH_USE = ffi::SSL_OP_SINGLE_ECDH_USE; /// Creates a new key for each session when using DHE. /// /// This is always enabled in OpenSSL 1.1.0. - const SSL_OP_SINGLE_DH_USE = ffi::SSL_OP_SINGLE_DH_USE; + const SINGLE_DH_USE = ffi::SSL_OP_SINGLE_DH_USE; /// Use the server's preferences rather than the client's when selecting a cipher. /// /// This has no effect on the client side. - const SSL_OP_CIPHER_SERVER_PREFERENCE = ffi::SSL_OP_CIPHER_SERVER_PREFERENCE; + const CIPHER_SERVER_PREFERENCE = ffi::SSL_OP_CIPHER_SERVER_PREFERENCE; /// Disables version rollback attach detection. - const SSL_OP_TLS_ROLLBACK_BUG = ffi::SSL_OP_TLS_ROLLBACK_BUG; + const TLS_ROLLBACK_BUG = ffi::SSL_OP_TLS_ROLLBACK_BUG; /// Disables the use of SSLv2. - const SSL_OP_NO_SSLV2 = ffi::SSL_OP_NO_SSLv2; + const NO_SSLV2 = ffi::SSL_OP_NO_SSLv2; /// Disables the use of SSLv3. - const SSL_OP_NO_SSLV3 = ffi::SSL_OP_NO_SSLv3; + const NO_SSLV3 = ffi::SSL_OP_NO_SSLv3; /// Disables the use of TLSv1.0. - const SSL_OP_NO_TLSV1 = ffi::SSL_OP_NO_TLSv1; + const NO_TLSV1 = ffi::SSL_OP_NO_TLSv1; /// Disables the use of TLSv1.1. - const SSL_OP_NO_TLSV1_1 = ffi::SSL_OP_NO_TLSv1_1; + const NO_TLSV1_1 = ffi::SSL_OP_NO_TLSv1_1; /// Disables the use of TLSv1.2. - const SSL_OP_NO_TLSV1_2 = ffi::SSL_OP_NO_TLSv1_2; + const NO_TLSV1_2 = ffi::SSL_OP_NO_TLSv1_2; /// Disables the use of DTLSv1.0 /// /// Requires the `v102` or `v110` features and OpenSSL 1.0.2 or OpenSSL 1.1.0. #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] - const SSL_OP_NO_DTLSV1 = ffi::SSL_OP_NO_DTLSv1; + const NO_DTLSV1 = ffi::SSL_OP_NO_DTLSv1; /// Disables the use of DTLSv1.2. /// Requires the `v102` or `v110` features and OpenSSL 1.0.2 or OpenSSL 1.1.0. #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] - const SSL_OP_NO_DTLSV1_2 = ffi::SSL_OP_NO_DTLSv1_2; + const NO_DTLSV1_2 = ffi::SSL_OP_NO_DTLSv1_2; /// Disables the use of all (D)TLS protocol versions. /// @@ -233,12 +212,12 @@ bitflags! { /// Only support TLSv1.2: /// /// ```rust - /// use openssl::ssl::{SSL_OP_NO_SSL_MASK, SSL_OP_NO_TLSV1_2}; + /// use openssl::ssl::SslOptions; /// - /// let options = SSL_OP_NO_SSL_MASK & !SSL_OP_NO_TLSV1_2; + /// let options = SslOptions::NO_SSL_MASK & !SslOptions::NO_TLSV1_2; /// ``` #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] - const SSL_OP_NO_SSL_MASK = ffi::SSL_OP_NO_SSL_MASK; + const NO_SSL_MASK = ffi::SSL_OP_NO_SSL_MASK; } } @@ -250,11 +229,11 @@ bitflags! { /// Normally, a write in OpenSSL will always write out all of the requested data, even if it /// requires more than one TLS record or write to the underlying stream. This option will /// cause a write to return after writing a single TLS record instead. - const SSL_MODE_ENABLE_PARTIAL_WRITE = ffi::SSL_MODE_ENABLE_PARTIAL_WRITE; + const ENABLE_PARTIAL_WRITE = ffi::SSL_MODE_ENABLE_PARTIAL_WRITE; /// Disables a check that the data buffer has not moved between calls when operating in a /// nonblocking context. - const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = ffi::SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER; + const ACCEPT_MOVING_WRITE_BUFFER = ffi::SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER; /// Enables automatic retries after TLS session events such as renegotiations or heartbeats. /// @@ -265,25 +244,19 @@ bitflags! { /// Note that `SslStream::read` and `SslStream::write` will automatically retry regardless /// of the state of this option. It only affects `SslStream::ssl_read` and /// `SslStream::ssl_write`. - const SSL_MODE_AUTO_RETRY = ffi::SSL_MODE_AUTO_RETRY; + const AUTO_RETRY = ffi::SSL_MODE_AUTO_RETRY; /// Disables automatic chain building when verifying a peer's certificate. /// /// TLS peers are responsible for sending the entire certificate chain from the leaf to a /// trusted root, but some will incorrectly not do so. OpenSSL will try to build the chain /// out of certificates it knows of, and this option will disable that behavior. - const SSL_MODE_NO_AUTO_CHAIN = ffi::SSL_MODE_NO_AUTO_CHAIN; + const NO_AUTO_CHAIN = ffi::SSL_MODE_NO_AUTO_CHAIN; /// Release memory buffers when the session does not need them. /// /// This saves ~34 KiB of memory for idle streams. - const SSL_MODE_RELEASE_BUFFERS = ffi::SSL_MODE_RELEASE_BUFFERS; - - // FIXME remove - #[cfg(not(libressl))] - const SSL_MODE_SEND_CLIENTHELLO_TIME = ffi::SSL_MODE_SEND_CLIENTHELLO_TIME; - #[cfg(not(libressl))] - const SSL_MODE_SEND_SERVERHELLO_TIME = ffi::SSL_MODE_SEND_SERVERHELLO_TIME; + const RELEASE_BUFFERS = ffi::SSL_MODE_RELEASE_BUFFERS; /// Sends the fake `TLS_FALLBACK_SCSV` cipher suite in the ClientHello message of a /// handshake. @@ -293,7 +266,7 @@ bitflags! { /// /// Do not use this unless you know what you're doing! #[cfg(not(libressl))] - const SSL_MODE_SEND_FALLBACK_SCSV = ffi::SSL_MODE_SEND_FALLBACK_SCSV; + const SEND_FALLBACK_SCSV = ffi::SSL_MODE_SEND_FALLBACK_SCSV; } } @@ -335,19 +308,19 @@ bitflags! { /// Verifies that the peer's certificate is trusted. /// /// On the server side, this will cause OpenSSL to request a certificate from the client. - const SSL_VERIFY_PEER = ::ffi::SSL_VERIFY_PEER; + const PEER = ::ffi::SSL_VERIFY_PEER; /// Disables verification of the peer's certificate. /// /// On the server side, this will cause OpenSSL to not request a certificate from the /// client. On the client side, the certificate will be checked for validity, but the /// negotiation will continue regardless of the result of that check. - const SSL_VERIFY_NONE = ::ffi::SSL_VERIFY_NONE; + const NONE = ::ffi::SSL_VERIFY_NONE; /// On the server side, abort the handshake if the client did not send a certificate. /// /// This should be paired with `SSL_VERIFY_PEER`. It has no effect on the client side. - const SSL_VERIFY_FAIL_IF_NO_PEER_CERT = ::ffi::SSL_VERIFY_FAIL_IF_NO_PEER_CERT; + const FAIL_IF_NO_PEER_CERT = ::ffi::SSL_VERIFY_FAIL_IF_NO_PEER_CERT; } } @@ -365,10 +338,10 @@ impl StatusType { pub fn as_raw(&self) -> c_int { self.0 } -} -/// An OSCP status. -pub const STATUS_TYPE_OCSP: StatusType = StatusType(ffi::TLSEXT_STATUSTYPE_ocsp); + /// An OSCP status. + pub const OCSP: StatusType = StatusType(ffi::TLSEXT_STATUSTYPE_ocsp); +} lazy_static! { static ref INDEXES: Mutex> = Mutex::new(HashMap::new()); @@ -771,7 +744,7 @@ impl SslContextBuilder { pub fn set_certificate_file>( &mut self, file: P, - file_type: X509FileType, + file_type: X509Filetype, ) -> Result<(), ErrorStack> { let file = CString::new(file.as_ref().as_os_str().to_str().unwrap()).unwrap(); unsafe { @@ -840,7 +813,7 @@ impl SslContextBuilder { pub fn set_private_key_file>( &mut self, file: P, - file_type: X509FileType, + file_type: X509Filetype, ) -> Result<(), ErrorStack> { let file = CString::new(file.as_ref().as_os_str().to_str().unwrap()).unwrap(); unsafe { @@ -900,9 +873,9 @@ impl SslContextBuilder { /// This corresponds to [`SSL_CTX_set_options`]. /// /// [`SSL_CTX_set_options`]: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_options.html - pub fn set_options(&mut self, option: SslOption) -> SslOption { + pub fn set_options(&mut self, option: SslOptions) -> SslOptions { let ret = unsafe { compat::SSL_CTX_set_options(self.as_ptr(), option.bits()) }; - SslOption::from_bits(ret).unwrap() + SslOptions::from_bits(ret).unwrap() } /// Returns the options used by the context. @@ -910,9 +883,9 @@ impl SslContextBuilder { /// This corresponds to [`SSL_CTX_get_options`]. /// /// [`SSL_CTX_get_options`]: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_options.html - pub fn options(&self) -> SslOption { + pub fn options(&self) -> SslOptions { let ret = unsafe { compat::SSL_CTX_get_options(self.as_ptr()) }; - SslOption::from_bits(ret).unwrap() + SslOptions::from_bits(ret).unwrap() } /// Clears the options used by the context, returning the old set. @@ -920,9 +893,9 @@ impl SslContextBuilder { /// This corresponds to [`SSL_CTX_clear_options`]. /// /// [`SSL_CTX_clear_options`]: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_options.html - pub fn clear_options(&mut self, option: SslOption) -> SslOption { + pub fn clear_options(&mut self, option: SslOptions) -> SslOptions { let ret = unsafe { compat::SSL_CTX_clear_options(self.as_ptr(), option.bits()) }; - SslOption::from_bits(ret).unwrap() + SslOptions::from_bits(ret).unwrap() } /// Set the protocols to be used during Next Protocol Negotiation (the protocols diff --git a/openssl/src/ssl/tests/mod.rs b/openssl/src/ssl/tests/mod.rs index ff1d1c86e6e401bd882e132a386ff3b427cb3abb..365f016806060ca386d4f3d11b9d89f3f74ee96e 100644 --- a/openssl/src/ssl/tests/mod.rs +++ b/openssl/src/ssl/tests/mod.rs @@ -16,13 +16,13 @@ use tempdir::TempDir; use dh::Dh; use hash::MessageDigest; -use ocsp::{OcspResponse, RESPONSE_STATUS_UNAUTHORIZED}; +use ocsp::{OcspResponse, OcspResponseStatus}; use ssl; use ssl::{Error, HandshakeError, ShutdownResult, Ssl, SslAcceptorBuilder, SslConnectorBuilder, - SslContext, SslMethod, SslStream, SSL_VERIFY_NONE, SSL_VERIFY_PEER, STATUS_TYPE_OCSP}; -use x509::{X509, X509Name, X509StoreContext, X509_FILETYPE_PEM}; + SslContext, SslMethod, SslStream, SslVerifyMode, StatusType}; +use x509::{X509, X509Filetype, X509Name, X509StoreContext}; #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] -use x509::verify::X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS; +use x509::verify::X509CheckFlags; use pkey::PKey; use std::net::UdpSocket; @@ -131,8 +131,7 @@ macro_rules! run_test( use std::net::TcpStream; use ssl; use ssl::SslMethod; - use ssl::{SslContext, Ssl, SslStream}; - use ssl::SSL_VERIFY_PEER; + use ssl::{SslContext, Ssl, SslStream, SslVerifyMode, SslOptions}; use hash::MessageDigest; use x509::X509StoreContext; #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] @@ -160,7 +159,7 @@ run_test!(new_ctx, |method, _| { run_test!(verify_untrusted, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); match Ssl::new(&ctx.build()).unwrap().connect(stream) { Ok(_) => panic!("expected failure"), @@ -170,7 +169,7 @@ run_test!(verify_untrusted, |method, stream| { run_test!(verify_trusted, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -189,7 +188,7 @@ run_test!(verify_trusted_with_set_cert, |method, stream| { store.add_cert(x509).unwrap(); let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); match ctx.set_verify_cert_store(store.build()) { Ok(_) => {} @@ -203,7 +202,7 @@ run_test!(verify_trusted_with_set_cert, |method, stream| { run_test!(verify_untrusted_callback_override_ok, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, _| true); + ctx.set_verify_callback(SslVerifyMode::PEER, |_, _| true); match Ssl::new(&ctx.build()).unwrap().connect(stream) { Ok(_) => (), @@ -213,14 +212,14 @@ run_test!(verify_untrusted_callback_override_ok, |method, stream| { run_test!(verify_untrusted_callback_override_bad, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, _| false); + ctx.set_verify_callback(SslVerifyMode::PEER, |_, _| false); assert!(Ssl::new(&ctx.build()).unwrap().connect(stream).is_err()); }); run_test!(verify_trusted_callback_override_ok, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, _| true); + ctx.set_verify_callback(SslVerifyMode::PEER, |_, _| true); match ctx.set_ca_file(&Path::new("test/cert.pem")) { Ok(_) => {} @@ -234,7 +233,7 @@ run_test!(verify_trusted_callback_override_ok, |method, stream| { run_test!(verify_trusted_callback_override_bad, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, _| false); + ctx.set_verify_callback(SslVerifyMode::PEER, |_, _| false); match ctx.set_ca_file(&Path::new("test/cert.pem")) { Ok(_) => {} @@ -245,7 +244,7 @@ run_test!(verify_trusted_callback_override_bad, |method, stream| { run_test!(verify_callback_load_certs, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, x509_ctx| { + ctx.set_verify_callback(SslVerifyMode::PEER, |_, x509_ctx| { assert!(x509_ctx.current_cert().is_some()); true }); @@ -255,7 +254,7 @@ run_test!(verify_callback_load_certs, |method, stream| { run_test!(verify_trusted_get_error_ok, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, x509_ctx| { + ctx.set_verify_callback(SslVerifyMode::PEER, |_, x509_ctx| { assert!(x509_ctx.error().is_none()); true }); @@ -269,7 +268,7 @@ run_test!(verify_trusted_get_error_ok, |method, stream| { run_test!(verify_trusted_get_error_err, |method, stream| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, |_, x509_ctx| { + ctx.set_verify_callback(SslVerifyMode::PEER, |_, x509_ctx| { assert!(x509_ctx.error().is_some()); false }); @@ -286,7 +285,7 @@ run_test!(verify_callback_data, |method, stream| { // Please update if "test/cert.pem" will ever change let node_hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let node_id = Vec::from_hex(node_hash_str).unwrap(); - ctx.set_verify_callback(SSL_VERIFY_PEER, move |_preverify_ok, x509_ctx| { + ctx.set_verify_callback(SslVerifyMode::PEER, move |_preverify_ok, x509_ctx| { let cert = x509_ctx.current_cert(); match cert { None => false, @@ -314,7 +313,7 @@ run_test!(ssl_verify_callback, |method, stream| { let node_hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let node_id = Vec::from_hex(node_hash_str).unwrap(); - ssl.set_verify_callback(SSL_VERIFY_PEER, move |_, x509| { + ssl.set_verify_callback(SslVerifyMode::PEER, move |_, x509| { CHECKED.store(1, Ordering::SeqCst); match x509.current_cert() { None => false, @@ -349,10 +348,10 @@ fn test_write_hits_stream() { }); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_verify(SslVerifyMode::PEER); + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); let stream = listener.accept().unwrap().0; let mut stream = Ssl::new(&ctx.build()).unwrap().accept(stream).unwrap(); @@ -384,15 +383,15 @@ run_test!(get_ctx_options, |method, _| { run_test!(set_ctx_options, |method, _| { let mut ctx = SslContext::builder(method).unwrap(); - let opts = ctx.set_options(ssl::SSL_OP_NO_TICKET); - assert!(opts.contains(ssl::SSL_OP_NO_TICKET)); + let opts = ctx.set_options(SslOptions::NO_TICKET); + assert!(opts.contains(SslOptions::NO_TICKET)); }); run_test!(clear_ctx_options, |method, _| { let mut ctx = SslContext::builder(method).unwrap(); - ctx.set_options(ssl::SSL_OP_ALL); - let opts = ctx.clear_options(ssl::SSL_OP_ALL); - assert!(!opts.contains(ssl::SSL_OP_ALL)); + ctx.set_options(SslOptions::ALL); + let opts = ctx.clear_options(SslOptions::ALL); + assert!(!opts.contains(SslOptions::ALL)); }); #[test] @@ -481,7 +480,7 @@ fn test_state() { fn test_connect_with_unilateral_alpn() { let (_s, stream) = Server::new(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -503,7 +502,7 @@ fn test_connect_with_unilateral_alpn() { fn test_connect_with_unilateral_npn() { let (_s, stream) = Server::new(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -525,7 +524,7 @@ fn test_connect_with_unilateral_npn() { fn test_connect_with_alpn_successful_multiple_matching() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"spdy/3.1", b"http/1.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -547,7 +546,7 @@ fn test_connect_with_alpn_successful_multiple_matching() { fn test_connect_with_npn_successful_multiple_matching() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"spdy/3.1", b"http/1.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -570,7 +569,7 @@ fn test_connect_with_npn_successful_multiple_matching() { fn test_connect_with_alpn_successful_single_match() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -585,7 +584,6 @@ fn test_connect_with_alpn_successful_single_match() { assert_eq!(b"spdy/3.1", stream.ssl().selected_alpn_protocol().unwrap()); } - /// Tests that when both the client as well as the server use NPN and their /// lists of supported protocols have an overlap -- with only ONE protocol /// being valid for both. @@ -594,7 +592,7 @@ fn test_connect_with_alpn_successful_single_match() { fn test_connect_with_npn_successful_single_match() { let (_s, stream) = Server::new_alpn(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -619,13 +617,13 @@ fn test_npn_server_advertise_multiple() { // We create a different context instance for the server... let listener_ctx = { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); assert!( - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .is_ok() ); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.build() }; @@ -636,7 +634,7 @@ fn test_npn_server_advertise_multiple() { }); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_npn_protocols(&[b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -662,13 +660,13 @@ fn test_alpn_server_advertise_multiple() { // We create a different context instance for the server... let listener_ctx = { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); assert!( - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .is_ok() ); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.build() }; @@ -679,7 +677,7 @@ fn test_alpn_server_advertise_multiple() { }); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"spdy/3.1"]).unwrap(); match ctx.set_ca_file(&Path::new("test/root-ca.pem")) { Ok(_) => {} @@ -705,13 +703,13 @@ fn test_alpn_server_select_none() { // We create a different context instance for the server... let listener_ctx = { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"http/1.1", b"spdy/3.1"]).unwrap(); assert!( - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .is_ok() ); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.build() }; @@ -722,7 +720,7 @@ fn test_alpn_server_select_none() { }); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); ctx.set_alpn_protocols(&[b"http/2"]).unwrap(); ctx.set_ca_file(&Path::new("test/root-ca.pem")).unwrap(); // Now connect to the socket and make sure the protocol negotiation works... @@ -961,7 +959,7 @@ fn refcount_ssl_context() { fn default_verify_paths() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_default_verify_paths().unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); let s = TcpStream::connect("google.com:443").unwrap(); let mut socket = Ssl::new(&ctx.build()).unwrap().connect(s).unwrap(); @@ -987,11 +985,11 @@ fn add_extra_chain_cert() { fn verify_valid_hostname() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_default_verify_paths().unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); let mut ssl = Ssl::new(&ctx.build()).unwrap(); ssl.param_mut() - .set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + .set_hostflags(X509CheckFlags::NO_PARTIAL_WILDCARDS); ssl.param_mut().set_host("google.com").unwrap(); let s = TcpStream::connect("google.com:443").unwrap(); @@ -1011,11 +1009,11 @@ fn verify_valid_hostname() { fn verify_invalid_hostname() { let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); ctx.set_default_verify_paths().unwrap(); - ctx.set_verify(SSL_VERIFY_PEER); + ctx.set_verify(SslVerifyMode::PEER); let mut ssl = Ssl::new(&ctx.build()).unwrap(); ssl.param_mut() - .set_hostflags(X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + .set_hostflags(X509CheckFlags::NO_PARTIAL_WILDCARDS); ssl.param_mut().set_host("foobar.com").unwrap(); let s = TcpStream::connect("google.com:443").unwrap(); @@ -1081,7 +1079,7 @@ fn connector_no_hostname_can_disable_verify() { let (_s, tcp) = Server::new(); let mut connector = SslConnectorBuilder::new(SslMethod::tls()).unwrap(); - connector.set_verify(SSL_VERIFY_NONE); + connector.set_verify(SslVerifyMode::NONE); let connector = connector.build(); connector @@ -1164,9 +1162,9 @@ fn shutdown() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); let ssl = Ssl::new(&ctx.build()).unwrap(); let mut stream = ssl.accept(stream).unwrap(); @@ -1222,9 +1220,9 @@ fn tmp_dh_callback() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.set_tmp_dh_callback(|_, _, _| { CALLED_BACK.store(true, Ordering::SeqCst); @@ -1249,7 +1247,7 @@ fn tmp_dh_callback() { all(feature = "v102", ossl102)))] fn tmp_ecdh_callback() { use ec::EcKey; - use nid; + use nid::Nid; static CALLED_BACK: AtomicBool = ATOMIC_BOOL_INIT; @@ -1259,13 +1257,13 @@ fn tmp_ecdh_callback() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.set_tmp_ecdh_callback(|_, _, _| { CALLED_BACK.store(true, Ordering::SeqCst); - EcKey::new_by_curve_name(nid::X9_62_PRIME256V1) + EcKey::new_by_curve_name(Nid::X9_62_PRIME256V1) }); let ssl = Ssl::new(&ctx.build()).unwrap(); ssl.accept(stream).unwrap(); @@ -1290,9 +1288,9 @@ fn tmp_dh_callback_ssl() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); let mut ssl = Ssl::new(&ctx.build()).unwrap(); ssl.set_tmp_dh_callback(|_, _, _| { @@ -1317,7 +1315,7 @@ fn tmp_dh_callback_ssl() { all(feature = "v102", ossl102)))] fn tmp_ecdh_callback_ssl() { use ec::EcKey; - use nid; + use nid::Nid; static CALLED_BACK: AtomicBool = ATOMIC_BOOL_INIT; @@ -1327,14 +1325,14 @@ fn tmp_ecdh_callback_ssl() { thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); let mut ssl = Ssl::new(&ctx.build()).unwrap(); ssl.set_tmp_ecdh_callback(|_, _, _| { CALLED_BACK.store(true, Ordering::SeqCst); - EcKey::new_by_curve_name(nid::X9_62_PRIME256V1) + EcKey::new_by_curve_name(Nid::X9_62_PRIME256V1) }); ssl.accept(stream).unwrap(); }); @@ -1382,13 +1380,13 @@ fn status_callbacks() { let guard = thread::spawn(move || { let stream = listener.accept().unwrap().0; let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); - ctx.set_certificate_file(&Path::new("test/cert.pem"), X509_FILETYPE_PEM) + ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) .unwrap(); - ctx.set_private_key_file(&Path::new("test/key.pem"), X509_FILETYPE_PEM) + ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) .unwrap(); ctx.set_status_callback(|ssl| { CALLED_BACK_SERVER.store(true, Ordering::SeqCst); - let response = OcspResponse::create(RESPONSE_STATUS_UNAUTHORIZED, None).unwrap(); + let response = OcspResponse::create(OcspResponseStatus::UNAUTHORIZED, None).unwrap(); let response = response.to_der().unwrap(); ssl.set_ocsp_status(&response).unwrap(); Ok(true) @@ -1402,11 +1400,11 @@ fn status_callbacks() { ctx.set_status_callback(|ssl| { CALLED_BACK_CLIENT.store(true, Ordering::SeqCst); let response = OcspResponse::from_der(ssl.ocsp_status().unwrap()).unwrap(); - assert_eq!(response.status(), RESPONSE_STATUS_UNAUTHORIZED); + assert_eq!(response.status(), OcspResponseStatus::UNAUTHORIZED); Ok(true) }).unwrap(); let mut ssl = Ssl::new(&ctx.build()).unwrap(); - ssl.set_status_type(STATUS_TYPE_OCSP).unwrap(); + ssl.set_status_type(StatusType::OCSP).unwrap(); ssl.connect(stream).unwrap(); assert!(CALLED_BACK_SERVER.load(Ordering::SeqCst)); diff --git a/openssl/src/verify.rs b/openssl/src/verify.rs index 65315e473ae76c601d452b041e053f1e8161ba31..4074c216dd810b22127354fd23a6c2fe848961d2 100644 --- a/openssl/src/verify.rs +++ b/openssl/src/verify.rs @@ -8,15 +8,15 @@ use error::ErrorStack; bitflags! { pub struct X509CheckFlags: c_uint { - const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT = ffi::X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT; - const X509_CHECK_FLAG_NO_WILDCARDS = ffi::X509_CHECK_FLAG_NO_WILDCARDS; - const X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS = ffi::X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS; - const X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS = ffi::X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS; - const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS + const ALWAYS_CHECK_SUBJECT = ffi::X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT; + const FLAG_NO_WILDCARDS = ffi::X509_CHECK_FLAG_NO_WILDCARDS; + const NO_PARTIAL_WILDCARDS = ffi::X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS; + const MULTI_LABEL_WILDCARDS = ffi::X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS; + const SINGLE_LABEL_SUBDOMAINS = ffi::X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS; /// Requires the `v110` feature and OpenSSL 1.1.0. #[cfg(all(feature = "v110", ossl110))] - const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT = ffi::X509_CHECK_FLAG_NEVER_CHECK_SUBJECT; + const NEVER_CHECK_SUBJECT = ffi::X509_CHECK_FLAG_NEVER_CHECK_SUBJECT; } } diff --git a/openssl/src/x509/extension.rs b/openssl/src/x509/extension.rs index 83a8266030a25cfb5631923cab1f900aed615488..a0b07c85c11664d9f8114505761fc49b6cb2a79f 100644 --- a/openssl/src/x509/extension.rs +++ b/openssl/src/x509/extension.rs @@ -1,8 +1,8 @@ use std::fmt::{self, Write}; use error::ErrorStack; -use nid::{self, Nid}; -use x509::{X509v3Context, X509Extension}; +use nid::Nid; +use x509::{X509Extension, X509v3Context}; /// Type-only version of the `Extension` enum. /// @@ -40,10 +40,10 @@ pub enum Extension { /// /// ``` /// use openssl::x509::extension::Extension::*; - /// use openssl::nid; + /// use openssl::nid::Nid; /// /// # let generator = openssl::x509::X509Generator::new(); - /// generator.add_extension(OtherNid(nid::BASIC_CONSTRAINTS,"critical,CA:TRUE".to_owned())); + /// generator.add_extension(OtherNid(Nid::BASIC_CONSTRAINTS,"critical,CA:TRUE".to_owned())); /// ``` OtherNid(Nid, String), /// Arbitrary extensions by OID string. See `man ASN1_generate_nconf` for value syntax. @@ -77,10 +77,10 @@ impl ExtensionType { #[deprecated(since = "0.9.7", note = "use X509Builder and X509ReqBuilder instead")] pub fn get_nid(&self) -> Option { match self { - &ExtensionType::KeyUsage => Some(nid::KEY_USAGE), - &ExtensionType::ExtKeyUsage => Some(nid::EXT_KEY_USAGE), - &ExtensionType::SubjectAltName => Some(nid::SUBJECT_ALT_NAME), - &ExtensionType::IssuerAltName => Some(nid::ISSUER_ALT_NAME), + &ExtensionType::KeyUsage => Some(Nid::KEY_USAGE), + &ExtensionType::ExtKeyUsage => Some(Nid::EXT_KEY_USAGE), + &ExtensionType::SubjectAltName => Some(Nid::SUBJECT_ALT_NAME), + &ExtensionType::IssuerAltName => Some(Nid::ISSUER_ALT_NAME), &ExtensionType::OtherNid(nid) => Some(nid), &ExtensionType::OtherStr(_) => None, } @@ -112,22 +112,18 @@ impl ToString for Extension { match self { &Extension::KeyUsage(ref purposes) => join(purposes.iter(), ","), &Extension::ExtKeyUsage(ref purposes) => join(purposes.iter(), ","), - &Extension::SubjectAltName(ref names) => { - join( - names.iter().map(|&(ref opt, ref val)| { - opt.to_string() + ":" + &val - }), - ",", - ) - } - &Extension::IssuerAltName(ref names) => { - join( - names.iter().map(|&(ref opt, ref val)| { - opt.to_string() + ":" + &val - }), - ",", - ) - } + &Extension::SubjectAltName(ref names) => join( + names + .iter() + .map(|&(ref opt, ref val)| opt.to_string() + ":" + &val), + ",", + ), + &Extension::IssuerAltName(ref names) => join( + names + .iter() + .map(|&(ref opt, ref val)| opt.to_string() + ":" + &val), + ",", + ), &Extension::OtherNid(_, ref value) => value.clone(), &Extension::OtherStr(_, ref value) => value.clone(), } @@ -282,7 +278,7 @@ impl BasicConstraints { if let Some(pathlen) = self.pathlen { write!(value, ",pathlen:{}", pathlen).unwrap(); } - X509Extension::new_nid(None, None, nid::BASIC_CONSTRAINTS, &value) + X509Extension::new_nid(None, None, Nid::BASIC_CONSTRAINTS, &value) } } @@ -398,7 +394,7 @@ impl KeyUsage { append(&mut value, &mut first, self.crl_sign, "cRLSign"); append(&mut value, &mut first, self.encipher_only, "encipherOnly"); append(&mut value, &mut first, self.decipher_only, "decipherOnly"); - X509Extension::new_nid(None, None, nid::KEY_USAGE, &value) + X509Extension::new_nid(None, None, Nid::KEY_USAGE, &value) } } @@ -520,7 +516,7 @@ impl ExtendedKeyUsage { for other in &self.other { append(&mut value, &mut first, true, other); } - X509Extension::new_nid(None, None, nid::EXT_KEY_USAGE, &value) + X509Extension::new_nid(None, None, Nid::EXT_KEY_USAGE, &value) } } @@ -543,7 +539,7 @@ impl SubjectKeyIdentifier { let mut first = true; append(&mut value, &mut first, self.critical, "critical"); append(&mut value, &mut first, true, "hash"); - X509Extension::new_nid(None, Some(ctx), nid::SUBJECT_KEY_IDENTIFIER, &value) + X509Extension::new_nid(None, Some(ctx), Nid::SUBJECT_KEY_IDENTIFIER, &value) } } @@ -591,7 +587,7 @@ impl AuthorityKeyIdentifier { Some(false) => append(&mut value, &mut first, true, "issuer"), None => {} } - X509Extension::new_nid(None, Some(ctx), nid::AUTHORITY_KEY_IDENTIFIER, &value) + X509Extension::new_nid(None, Some(ctx), Nid::AUTHORITY_KEY_IDENTIFIER, &value) } } @@ -655,7 +651,7 @@ impl SubjectAlternativeName { for name in &self.names { append(&mut value, &mut first, true, name); } - X509Extension::new_nid(None, Some(ctx), nid::SUBJECT_ALT_NAME, &value) + X509Extension::new_nid(None, Some(ctx), Nid::SUBJECT_ALT_NAME, &value) } } diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index db9d6df5306be8ccf4d4e3d36dac5dcab6a6cf95..54e761dac93a4073f2ea0a01b6b726de6f256d3e 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -13,30 +13,30 @@ use std::ptr; use std::slice; use std::str; -use {cvt, cvt_p, cvt_n}; -use asn1::{Asn1StringRef, Asn1Time, Asn1TimeRef, Asn1BitStringRef, Asn1IntegerRef, Asn1ObjectRef}; +use {cvt, cvt_n, cvt_p}; +use asn1::{Asn1BitStringRef, Asn1IntegerRef, Asn1ObjectRef, Asn1StringRef, Asn1Time, Asn1TimeRef}; use bio::MemBioSlice; -use bn::{BigNum, MSB_MAYBE_ZERO}; +use bn::{BigNum, MsbOption}; use conf::ConfRef; use error::ErrorStack; use hash::MessageDigest; -use nid::{self, Nid}; +use nid::Nid; use pkey::{PKey, PKeyRef}; use stack::{Stack, StackRef, Stackable}; use string::OpensslString; use ssl::SslRef; #[cfg(ossl10x)] -use ffi::{X509_set_notBefore, X509_set_notAfter, ASN1_STRING_data, X509_STORE_CTX_get_chain}; +use ffi::{ASN1_STRING_data, X509_STORE_CTX_get_chain, X509_set_notAfter, X509_set_notBefore}; #[cfg(ossl110)] -use ffi::{X509_set1_notBefore as X509_set_notBefore, X509_set1_notAfter as X509_set_notAfter, - ASN1_STRING_get0_data as ASN1_STRING_data, - X509_STORE_CTX_get0_chain as X509_STORE_CTX_get_chain}; +use ffi::{ASN1_STRING_get0_data as ASN1_STRING_data, + X509_STORE_CTX_get0_chain as X509_STORE_CTX_get_chain, + X509_set1_notAfter as X509_set_notAfter, X509_set1_notBefore as X509_set_notBefore}; #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] pub mod verify; -use x509::extension::{ExtensionType, Extension}; +use x509::extension::{Extension, ExtensionType}; pub mod extension; pub mod store; @@ -44,17 +44,17 @@ pub mod store; #[cfg(test)] mod tests; -pub struct X509FileType(c_int); +pub struct X509Filetype(c_int); -impl X509FileType { +impl X509Filetype { pub fn as_raw(&self) -> c_int { self.0 } -} -pub const X509_FILETYPE_PEM: X509FileType = X509FileType(ffi::X509_FILETYPE_PEM); -pub const X509_FILETYPE_ASN1: X509FileType = X509FileType(ffi::X509_FILETYPE_ASN1); -pub const X509_FILETYPE_DEFAULT: X509FileType = X509FileType(ffi::X509_FILETYPE_DEFAULT); + pub const PEM: X509Filetype = X509Filetype(ffi::X509_FILETYPE_PEM); + pub const ASN1: X509Filetype = X509Filetype(ffi::X509_FILETYPE_ASN1); + pub const DEFAULT: X509Filetype = X509Filetype(ffi::X509_FILETYPE_DEFAULT); +} foreign_type_and_impl_send_sync! { type CType = ffi::X509_STORE_CTX; @@ -224,7 +224,7 @@ impl X509Generator { builder.set_version(2)?; let mut serial = BigNum::new()?; - serial.rand(128, MSB_MAYBE_ZERO, false)?; + serial.rand(128, MsbOption::MAYBE_ZERO, false)?; let serial = serial.to_asn1_integer()?; builder.set_serial_number(&serial)?; @@ -237,7 +237,7 @@ impl X509Generator { let mut name = X509Name::builder()?; if self.names.is_empty() { - name.append_entry_by_nid(nid::COMMONNAME, "rust-openssl")?; + name.append_entry_by_nid(Nid::COMMONNAME, "rust-openssl")?; } else { for &(ref key, ref value) in &self.names { name.append_entry_by_text(key, value)?; @@ -252,12 +252,7 @@ impl X509Generator { let extension = match exttype.get_nid() { Some(nid) => { let ctx = builder.x509v3_context(None, None); - X509Extension::new_nid( - None, - Some(&ctx), - nid, - &ext.to_string(), - )? + X509Extension::new_nid(None, Some(&ctx), nid, &ext.to_string())? } None => { let ctx = builder.x509v3_context(None, None); @@ -294,15 +289,11 @@ impl X509Generator { let exts = compat::X509_get0_extensions(cert.as_ptr()); if exts != ptr::null_mut() { - cvt( - ffi::X509_REQ_add_extensions(req.as_ptr(), exts as *mut _), - )?; + cvt(ffi::X509_REQ_add_extensions(req.as_ptr(), exts as *mut _))?; } let hash_fn = self.hash_type.as_ptr(); - cvt( - ffi::X509_REQ_sign(req.as_ptr(), p_key.as_ptr(), hash_fn), - )?; + cvt(ffi::X509_REQ_sign(req.as_ptr(), p_key.as_ptr(), hash_fn))?; Ok(req) } @@ -428,9 +419,7 @@ impl X509Builder { /// Adds an X509 extension value to the certificate. pub fn append_extension(&mut self, extension: X509Extension) -> Result<(), ErrorStack> { unsafe { - cvt( - ffi::X509_add_ext(self.0.as_ptr(), extension.as_ptr(), -1), - )?; + cvt(ffi::X509_add_ext(self.0.as_ptr(), extension.as_ptr(), -1))?; mem::forget(extension); Ok(()) } @@ -595,8 +584,8 @@ impl X509 { ffi::PEM_read_bio_X509(bio.as_ptr(), ptr::null_mut(), None, ptr::null_mut()); if r.is_null() { let err = ffi::ERR_peek_last_error(); - if ffi::ERR_GET_LIB(err) == ffi::ERR_LIB_PEM && - ffi::ERR_GET_REASON(err) == ffi::PEM_R_NO_START_LINE + if ffi::ERR_GET_LIB(err) == ffi::ERR_LIB_PEM + && ffi::ERR_GET_REASON(err) == ffi::PEM_R_NO_START_LINE { ffi::ERR_clear_error(); break; @@ -837,7 +826,6 @@ impl X509ReqBuilder { ffi::init(); cvt_p(ffi::X509_REQ_new()).map(|p| X509ReqBuilder(X509Req(p))) } - } pub fn set_version(&mut self, version: i32) -> Result<(), ErrorStack> { diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs index 76eeba3fe0db47d0e69d7e44dc36e337fbe250da..1ad0218c97f81d03de5b740db55633f31816ea55 100644 --- a/openssl/src/x509/tests.rs +++ b/openssl/src/x509/tests.rs @@ -1,21 +1,20 @@ use hex::{FromHex, ToHex}; use asn1::Asn1Time; -use bn::{BigNum, MSB_MAYBE_ZERO}; -use ec::{NAMED_CURVE, EcGroup, EcKey}; +use bn::{BigNum, MsbOption}; +use ec::{Asn1Flag, EcGroup, EcKey}; use hash::MessageDigest; -use nid::X9_62_PRIME256V1; +use nid::Nid; use pkey::PKey; use rsa::Rsa; use stack::Stack; use x509::{X509, X509Generator, X509Name, X509Req}; -use x509::extension::{Extension, BasicConstraints, KeyUsage, ExtendedKeyUsage, - SubjectKeyIdentifier, AuthorityKeyIdentifier, SubjectAlternativeName}; -use ssl::{SslMethod, SslContextBuilder}; +use x509::extension::{AuthorityKeyIdentifier, BasicConstraints, ExtendedKeyUsage, Extension, + KeyUsage, SubjectAlternativeName, SubjectKeyIdentifier}; +use ssl::{SslContextBuilder, SslMethod}; use x509::extension::AltNameOption as SAN; use x509::extension::KeyUsageOption::{DigitalSignature, KeyEncipherment}; use x509::extension::ExtKeyUsageOption::{self, ClientAuth, ServerAuth}; -use nid; fn get_generator() -> X509Generator { X509Generator::new() @@ -28,11 +27,11 @@ fn get_generator() -> X509Generator { ServerAuth, ExtKeyUsageOption::Other("2.999.1".to_owned()), ])) - .add_extension(Extension::SubjectAltName( - vec![(SAN::DNS, "example.com".to_owned())], - )) + .add_extension(Extension::SubjectAltName(vec![ + (SAN::DNS, "example.com".to_owned()), + ])) .add_extension(Extension::OtherNid( - nid::BASIC_CONSTRAINTS, + Nid::BASIC_CONSTRAINTS, "critical,CA:TRUE".to_owned(), )) .add_extension(Extension::OtherStr( @@ -68,11 +67,11 @@ fn test_cert_gen_extension_ordering() { let pkey = pkey(); get_generator() .add_extension(Extension::OtherNid( - nid::SUBJECT_KEY_IDENTIFIER, + Nid::SUBJECT_KEY_IDENTIFIER, "hash".to_owned(), )) .add_extension(Extension::OtherNid( - nid::AUTHORITY_KEY_IDENTIFIER, + Nid::AUTHORITY_KEY_IDENTIFIER, "keyid:always".to_owned(), )) .sign(&pkey) @@ -86,11 +85,11 @@ fn test_cert_gen_extension_bad_ordering() { let pkey = pkey(); let result = get_generator() .add_extension(Extension::OtherNid( - nid::AUTHORITY_KEY_IDENTIFIER, + Nid::AUTHORITY_KEY_IDENTIFIER, "keyid:always".to_owned(), )) .add_extension(Extension::OtherNid( - nid::SUBJECT_KEY_IDENTIFIER, + Nid::SUBJECT_KEY_IDENTIFIER, "hash".to_owned(), )) .sign(&pkey); @@ -108,7 +107,7 @@ fn test_req_gen() { let req = X509Req::from_pem(&reqpem).ok().expect("Failed to load PEM"); let cn = (*req) .subject_name() - .entries_by_nid(nid::COMMONNAME) + .entries_by_nid(Nid::COMMONNAME) .next() .unwrap(); assert_eq!(0, (*req).version()); @@ -155,7 +154,7 @@ fn test_subject_read_cn() { let cert = include_bytes!("../../test/cert.pem"); let cert = X509::from_pem(cert).unwrap(); let subject = cert.subject_name(); - let cn = subject.entries_by_nid(nid::COMMONNAME).next().unwrap(); + let cn = subject.entries_by_nid(Nid::COMMONNAME).next().unwrap(); assert_eq!(cn.data().as_slice(), b"foobar.com") } @@ -165,16 +164,16 @@ fn test_nid_values() { let cert = X509::from_pem(cert).unwrap(); let subject = cert.subject_name(); - let cn = subject.entries_by_nid(nid::COMMONNAME).next().unwrap(); + let cn = subject.entries_by_nid(Nid::COMMONNAME).next().unwrap(); assert_eq!(cn.data().as_slice(), b"example.com"); let email = subject - .entries_by_nid(nid::PKCS9_EMAILADDRESS) + .entries_by_nid(Nid::PKCS9_EMAILADDRESS) .next() .unwrap(); assert_eq!(email.data().as_slice(), b"test@example.com"); - let friendly = subject.entries_by_nid(nid::FRIENDLYNAME).next().unwrap(); + let friendly = subject.entries_by_nid(Nid::FRIENDLYNAME).next().unwrap(); assert_eq!(&**friendly.data().as_utf8().unwrap(), "Example"); } @@ -184,7 +183,7 @@ fn test_nid_uid_value() { let cert = X509::from_pem(cert).unwrap(); let subject = cert.subject_name(); - let cn = subject.entries_by_nid(nid::USERID).next().unwrap(); + let cn = subject.entries_by_nid(Nid::USERID).next().unwrap(); assert_eq!(cn.data().as_slice(), b"this is the userId"); } @@ -230,7 +229,7 @@ fn x509_builder() { let pkey = pkey(); let mut name = X509Name::builder().unwrap(); - name.append_entry_by_nid(nid::COMMONNAME, "foobar.com") + name.append_entry_by_nid(Nid::COMMONNAME, "foobar.com") .unwrap(); let name = name.build(); @@ -247,7 +246,7 @@ fn x509_builder() { builder.set_pubkey(&pkey).unwrap(); let mut serial = BigNum::new().unwrap(); - serial.rand(128, MSB_MAYBE_ZERO, false).unwrap(); + serial.rand(128, MsbOption::MAYBE_ZERO, false).unwrap(); builder .set_serial_number(&serial.to_asn1_integer().unwrap()) .unwrap(); @@ -289,7 +288,7 @@ fn x509_builder() { assert!(pkey.public_eq(&x509.public_key().unwrap())); let cn = x509.subject_name() - .entries_by_nid(nid::COMMONNAME) + .entries_by_nid(Nid::COMMONNAME) .next() .unwrap(); assert_eq!("foobar.com".as_bytes(), cn.data().as_slice()); @@ -300,7 +299,7 @@ fn x509_req_builder() { let pkey = pkey(); let mut name = X509Name::builder().unwrap(); - name.append_entry_by_nid(nid::COMMONNAME, "foobar.com") + name.append_entry_by_nid(Nid::COMMONNAME, "foobar.com") .unwrap(); let name = name.build(); @@ -361,8 +360,8 @@ fn issued() { #[test] fn ecdsa_cert() { - let mut group = EcGroup::from_curve_name(X9_62_PRIME256V1).unwrap(); - group.set_asn1_flag(NAMED_CURVE); + let mut group = EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(); + group.set_asn1_flag(Asn1Flag::NAMED_CURVE); let key = EcKey::generate(&group).unwrap(); let key = PKey::from_ec_key(key).unwrap(); @@ -387,15 +386,15 @@ fn signature() { assert_eq!( signature.as_slice().to_hex(), "4af607b889790b43470442cfa551cdb8b6d0b0340d2958f76b9e3ef6ad4992230cead6842587f0ecad5\ - 78e6e11a221521e940187e3d6652de14e84e82f6671f097cc47932e022add3c0cb54a26bf27fa84c107\ - 4971caa6bee2e42d34a5b066c427f2d452038082b8073993399548088429de034fdd589dcfb0dd33be7\ - ebdfdf698a28d628a89568881d658151276bde333600969502c4e62e1d3470a683364dfb241f78d310a\ - 89c119297df093eb36b7fd7540224f488806780305d1e79ffc938fe2275441726522ab36d88348e6c51\ - f13dcc46b5e1cdac23c974fd5ef86aa41e91c9311655090a52333bc79687c748d833595d4c5f987508f\ - e121997410d37c" + 78e6e11a221521e940187e3d6652de14e84e82f6671f097cc47932e022add3c0cb54a26bf27fa84c107\ + 4971caa6bee2e42d34a5b066c427f2d452038082b8073993399548088429de034fdd589dcfb0dd33be7\ + ebdfdf698a28d628a89568881d658151276bde333600969502c4e62e1d3470a683364dfb241f78d310a\ + 89c119297df093eb36b7fd7540224f488806780305d1e79ffc938fe2275441726522ab36d88348e6c51\ + f13dcc46b5e1cdac23c974fd5ef86aa41e91c9311655090a52333bc79687c748d833595d4c5f987508f\ + e121997410d37c" ); let algorithm = cert.signature_algorithm(); - assert_eq!(algorithm.object().nid(), nid::SHA256WITHRSAENCRYPTION); + assert_eq!(algorithm.object().nid(), Nid::SHA256WITHRSAENCRYPTION); assert_eq!(algorithm.object().to_string(), "sha256WithRSAEncryption"); }