📄 x509.h
字号:
/* trust_flags values */
#define X509_TRUST_DYNAMIC 1
#define X509_TRUST_DYNAMIC_NAME 2
/* check_trust return codes */
#define X509_TRUST_TRUSTED 1
#define X509_TRUST_REJECTED 2
#define X509_TRUST_UNTRUSTED 3
/* Flags for X509_print_ex() */
#define X509_FLAG_COMPAT 0
#define X509_FLAG_NO_HEADER 1L
#define X509_FLAG_NO_VERSION (1L << 1)
#define X509_FLAG_NO_SERIAL (1L << 2)
#define X509_FLAG_NO_SIGNAME (1L << 3)
#define X509_FLAG_NO_ISSUER (1L << 4)
#define X509_FLAG_NO_VALIDITY (1L << 5)
#define X509_FLAG_NO_SUBJECT (1L << 6)
#define X509_FLAG_NO_PUBKEY (1L << 7)
#define X509_FLAG_NO_EXTENSIONS (1L << 8)
#define X509_FLAG_NO_SIGDUMP (1L << 9)
#define X509_FLAG_NO_AUX (1L << 10)
#define X509_FLAG_NO_ATTRIBUTES (1L << 11)
/* Flags specific to X509_NAME_print_ex() */
/* The field separator information */
#define XN_FLAG_SEP_MASK (0xf << 16)
#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */
#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */
#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */
#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */
#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */
#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */
/* How the field name is shown */
#define XN_FLAG_FN_MASK (0x3 << 21)
#define XN_FLAG_FN_SN 0 /* Object short name */
#define XN_FLAG_FN_LN (1 << 21) /* Object long name */
#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */
#define XN_FLAG_FN_NONE (3 << 21) /* No field names */
#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */
/* This determines if we dump fields we don't recognise:
* RFC2253 requires this.
*/
#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
#define XN_FLAG_FN_ALIGN (1 << 25) /* Align field names to 20 characters */
/* Complete set of RFC2253 flags */
#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
XN_FLAG_SEP_COMMA_PLUS | \
XN_FLAG_DN_REV | \
XN_FLAG_FN_SN | \
XN_FLAG_DUMP_UNKNOWN_FIELDS)
/* readable oneline form */
#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
ASN1_STRFLGS_ESC_QUOTE | \
XN_FLAG_SEP_CPLUS_SPC | \
XN_FLAG_SPC_EQ | \
XN_FLAG_FN_SN)
/* readable multiline form */
#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
ASN1_STRFLGS_ESC_MSB | \
XN_FLAG_SEP_MULTILINE | \
XN_FLAG_SPC_EQ | \
XN_FLAG_FN_LN | \
XN_FLAG_FN_ALIGN)
typedef struct X509_revoked_st
{
ASN1_INTEGER *serialNumber;
ASN1_TIME *revocationDate;
STACK_OF(X509_EXTENSION) /* optional */ *extensions;
int sequence; /* load sequence */
} X509_REVOKED;
DECLARE_STACK_OF(X509_REVOKED)
DECLARE_ASN1_SET_OF(X509_REVOKED)
typedef struct X509_crl_info_st
{
ASN1_INTEGER *version;
X509_ALGOR *sig_alg;
X509_NAME *issuer;
ASN1_TIME *lastUpdate;
ASN1_TIME *nextUpdate;
STACK_OF(X509_REVOKED) *revoked;
STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
ASN1_ENCODING enc;
} X509_CRL_INFO;
struct X509_crl_st
{
/* actual signature */
X509_CRL_INFO *crl;
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
int references;
} /* X509_CRL */;
DECLARE_STACK_OF(X509_CRL)
DECLARE_ASN1_SET_OF(X509_CRL)
typedef struct private_key_st
{
int version;
/* The PKCS#8 data types */
X509_ALGOR *enc_algor;
ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
/* When decrypted, the following will not be NULL */
EVP_PKEY *dec_pkey;
/* used to encrypt and decrypt */
int key_length;
char *key_data;
int key_free; /* true if we should auto free key_data */
/* expanded version of 'enc_algor' */
EVP_CIPHER_INFO cipher;
int references;
} X509_PKEY;
#ifndef OPENSSL_NO_EVP
typedef struct X509_info_st
{
X509 *x509;
X509_CRL *crl;
X509_PKEY *x_pkey;
EVP_CIPHER_INFO enc_cipher;
int enc_len;
char *enc_data;
int references;
} X509_INFO;
DECLARE_STACK_OF(X509_INFO)
#endif
/* The next 2 structures and their 8 routines were sent to me by
* Pat Richard <patr@x509.com> and are used to manipulate
* Netscapes spki structures - useful if you are writing a CA web page
*/
typedef struct Netscape_spkac_st
{
X509_PUBKEY *pubkey;
ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
} NETSCAPE_SPKAC;
typedef struct Netscape_spki_st
{
NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
X509_ALGOR *sig_algor;
ASN1_BIT_STRING *signature;
} NETSCAPE_SPKI;
/* Netscape certificate sequence structure */
typedef struct Netscape_certificate_sequence
{
ASN1_OBJECT *type;
STACK_OF(X509) *certs;
} NETSCAPE_CERT_SEQUENCE;
/* Unused (and iv length is wrong)
typedef struct CBCParameter_st
{
unsigned char iv[8];
} CBC_PARAM;
*/
/* Password based encryption structure */
typedef struct PBEPARAM_st {
ASN1_OCTET_STRING *salt;
ASN1_INTEGER *iter;
} PBEPARAM;
/* Password based encryption V2 structures */
typedef struct PBE2PARAM_st {
X509_ALGOR *keyfunc;
X509_ALGOR *encryption;
} PBE2PARAM;
typedef struct PBKDF2PARAM_st {
ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */
ASN1_INTEGER *iter;
ASN1_INTEGER *keylength;
X509_ALGOR *prf;
} PBKDF2PARAM;
/* PKCS#8 private key info structure */
typedef struct pkcs8_priv_key_info_st
{
int broken; /* Flag for various broken formats */
#define PKCS8_OK 0
#define PKCS8_NO_OCTET 1
#define PKCS8_EMBEDDED_PARAM 2
#define PKCS8_NS_DB 3
ASN1_INTEGER *version;
X509_ALGOR *pkeyalg;
ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
STACK_OF(X509_ATTRIBUTE) *attributes;
} PKCS8_PRIV_KEY_INFO;
#ifdef __cplusplus
}
#endif
#include <openssl/x509_vfy.h>
#include <openssl/pkcs7.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef SSLEAY_MACROS
#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
a->signature,(char *)a->cert_info,r)
#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
a->sig_alg,a->signature,(char *)a->req_info,r)
#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
a->sig_alg, a->signature,(char *)a->crl,r)
#define X509_sign(x,pkey,md) \
ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
#define X509_REQ_sign(x,pkey,md) \
ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
x->signature, (char *)x->req_info,pkey,md)
#define X509_CRL_sign(x,pkey,md) \
ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
x->signature, (char *)x->crl,pkey,md)
#define NETSCAPE_SPKI_sign(x,pkey,md) \
ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
x->signature, (char *)x->spkac,pkey,md)
#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
(char *(*)())d2i_X509,(char *)x509)
#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\
(int (*)())i2d_X509_ATTRIBUTE, \
(char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)
#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
(int (*)())i2d_X509_EXTENSION, \
(char *(*)())d2i_X509_EXTENSION,(char *)ex)
#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
(char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
(char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
(char *(*)())d2i_X509_CRL,(char *)crl)
#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
(unsigned char **)(crl))
#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
(unsigned char *)crl)
#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
(unsigned char **)(crl))
#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
(unsigned char *)crl)
#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
(char *(*)())d2i_PKCS7,(char *)p7)
#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
(unsigned char **)(p7))
#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
(unsigned char *)p7)
#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
(unsigned char **)(p7))
#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
(unsigned char *)p7)
#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
(char *(*)())d2i_X509_REQ,(char *)req)
#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
(unsigned char **)(req))
#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
(unsigned char *)req)
#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
(unsigned char **)(req))
#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
(unsigned char *)req)
#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
(char *(*)())d2i_RSAPublicKey,(char *)rsa)
#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
(char *(*)())d2i_RSAPrivateKey,(char *)rsa)
#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
(unsigned char **)(rsa))
#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
(unsigned char *)rsa)
#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
(unsigned char **)(rsa))
#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
(unsigned char *)rsa)
#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
(unsigned char **)(rsa))
#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
(unsigned char *)rsa)
#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
(unsigned char **)(rsa))
#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -