Go to the documentation of this file.
27 #ifndef POLARSSL_X509_H
28 #define POLARSSL_X509_H
43 #define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080
44 #define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x2100
45 #define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x2180
46 #define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x2200
47 #define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x2280
48 #define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x2300
49 #define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x2380
50 #define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x2400
51 #define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x2480
52 #define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x2500
53 #define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580
54 #define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600
55 #define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680
56 #define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700
57 #define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780
58 #define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800
59 #define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880
60 #define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x2900
61 #define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2980
62 #define POLARSSL_ERR_X509_INVALID_INPUT -0x2A00
63 #define POLARSSL_ERR_X509_MALLOC_FAILED -0x2A80
64 #define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2B00
65 #define POLARSSL_ERR_X509_PASSWORD_REQUIRED -0x2B80
66 #define POLARSSL_ERR_X509_PASSWORD_MISMATCH -0x2C00
74 #define BADCERT_EXPIRED 0x01
75 #define BADCERT_REVOKED 0x02
76 #define BADCERT_CN_MISMATCH 0x04
77 #define BADCERT_NOT_TRUSTED 0x08
78 #define BADCRL_NOT_TRUSTED 0x10
79 #define BADCRL_EXPIRED 0x20
80 #define BADCERT_MISSING 0x40
81 #define BADCERT_SKIP_VERIFY 0x80
82 #define BADCERT_OTHER 0x0100
83 #define BADCERT_FUTURE 0x0200
84 #define BADCRL_FUTURE 0x0400
92 #define X520_COMMON_NAME 3
93 #define X520_COUNTRY 6
94 #define X520_LOCALITY 7
96 #define X520_ORGANIZATION 10
97 #define X520_ORG_UNIT 11
100 #define X509_OUTPUT_DER 0x01
101 #define X509_OUTPUT_PEM 0x02
102 #define PEM_LINE_LENGTH 72
103 #define X509_ISSUER 0x01
104 #define X509_SUBJECT 0x02
106 #define OID_X520 "\x55\x04"
107 #define OID_CN OID_X520 "\x03"
108 #define OID_COUNTRY OID_X520 "\x06"
109 #define OID_LOCALITY OID_X520 "\x07"
110 #define OID_STATE OID_X520 "\x08"
111 #define OID_ORGANIZATION OID_X520 "\x0A"
112 #define OID_ORG_UNIT OID_X520 "\x0B"
114 #define OID_PKCS1 "\x2A\x86\x48\x86\xF7\x0D\x01\x01"
115 #define OID_PKCS1_RSA OID_PKCS1 "\x01"
116 #define OID_PKCS1_SHA1 OID_PKCS1 "\x05"
118 #define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D"
120 #define OID_PKCS9 "\x2A\x86\x48\x86\xF7\x0D\x01\x09"
121 #define OID_PKCS9_EMAIL OID_PKCS9 "\x01"
124 #define OID_ID_CE "\x55\x1D"
131 #define OID_PKIX "\x2B\x06\x01\x05\x05\x07"
136 #define OID_AUTHORITY_KEY_IDENTIFIER OID_ID_CE "\x23"
137 #define OID_SUBJECT_KEY_IDENTIFIER OID_ID_CE "\x0E"
138 #define OID_KEY_USAGE OID_ID_CE "\x0F"
139 #define OID_CERTIFICATE_POLICIES OID_ID_CE "\x20"
140 #define OID_POLICY_MAPPINGS OID_ID_CE "\x21"
141 #define OID_SUBJECT_ALT_NAME OID_ID_CE "\x11"
142 #define OID_ISSUER_ALT_NAME OID_ID_CE "\x12"
143 #define OID_SUBJECT_DIRECTORY_ATTRS OID_ID_CE "\x09"
144 #define OID_BASIC_CONSTRAINTS OID_ID_CE "\x13"
145 #define OID_NAME_CONSTRAINTS OID_ID_CE "\x1E"
146 #define OID_POLICY_CONSTRAINTS OID_ID_CE "\x24"
147 #define OID_EXTENDED_KEY_USAGE OID_ID_CE "\x25"
148 #define OID_CRL_DISTRIBUTION_POINTS OID_ID_CE "\x1F"
149 #define OID_INIHIBIT_ANYPOLICY OID_ID_CE "\x36"
150 #define OID_FRESHEST_CRL OID_ID_CE "\x2E"
155 #define KU_DIGITAL_SIGNATURE (0x80)
156 #define KU_NON_REPUDIATION (0x40)
157 #define KU_KEY_ENCIPHERMENT (0x20)
158 #define KU_DATA_ENCIPHERMENT (0x10)
159 #define KU_KEY_AGREEMENT (0x08)
160 #define KU_KEY_CERT_SIGN (0x04)
161 #define KU_CRL_SIGN (0x02)
166 #define OID_ANY_EXTENDED_KEY_USAGE OID_EXTENDED_KEY_USAGE "\x00"
168 #define OID_KP OID_PKIX "\x03"
169 #define OID_SERVER_AUTH OID_KP "\x01"
170 #define OID_CLIENT_AUTH OID_KP "\x02"
171 #define OID_CODE_SIGNING OID_KP "\x03"
172 #define OID_EMAIL_PROTECTION OID_KP "\x04"
173 #define OID_TIME_STAMPING OID_KP "\x08"
174 #define OID_OCSP_SIGNING OID_KP "\x09"
176 #define STRING_SERVER_AUTH "TLS Web Server Authentication"
177 #define STRING_CLIENT_AUTH "TLS Web Client Authentication"
178 #define STRING_CODE_SIGNING "Code Signing"
179 #define STRING_EMAIL_PROTECTION "E-mail Protection"
180 #define STRING_TIME_STAMPING "Time Stamping"
181 #define STRING_OCSP_SIGNING "OCSP Signing"
186 #define OID_PRIVATE_KEY_USAGE_PERIOD OID_ID_CE "\x10"
187 #define OID_CRL_NUMBER OID_ID_CE "\x14"
192 #define OID_NETSCAPE "\x60\x86\x48\x01\x86\xF8\x42"
193 #define OID_NS_CERT OID_NETSCAPE "\x01"
194 #define OID_NS_CERT_TYPE OID_NS_CERT "\x01"
195 #define OID_NS_BASE_URL OID_NS_CERT "\x02"
196 #define OID_NS_REVOCATION_URL OID_NS_CERT "\x03"
197 #define OID_NS_CA_REVOCATION_URL OID_NS_CERT "\x04"
198 #define OID_NS_RENEWAL_URL OID_NS_CERT "\x07"
199 #define OID_NS_CA_POLICY_URL OID_NS_CERT "\x08"
200 #define OID_NS_SSL_SERVER_NAME OID_NS_CERT "\x0C"
201 #define OID_NS_COMMENT OID_NS_CERT "\x0D"
202 #define OID_NS_DATA_TYPE OID_NETSCAPE "\x02"
203 #define OID_NS_CERT_SEQUENCE OID_NS_DATA_TYPE "\x05"
210 #define NS_CERT_TYPE_SSL_CLIENT (0x80)
211 #define NS_CERT_TYPE_SSL_SERVER (0x40)
212 #define NS_CERT_TYPE_EMAIL (0x20)
213 #define NS_CERT_TYPE_OBJECT_SIGNING (0x10)
214 #define NS_CERT_TYPE_RESERVED (0x08)
215 #define NS_CERT_TYPE_SSL_CA (0x04)
216 #define NS_CERT_TYPE_EMAIL_CA (0x02)
217 #define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01)
219 #define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
220 #define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
221 #define EXT_KEY_USAGE (1 << 2)
222 #define EXT_CERTIFICATE_POLICIES (1 << 3)
223 #define EXT_POLICY_MAPPINGS (1 << 4)
224 #define EXT_SUBJECT_ALT_NAME (1 << 5)
225 #define EXT_ISSUER_ALT_NAME (1 << 6)
226 #define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
227 #define EXT_BASIC_CONSTRAINTS (1 << 8)
228 #define EXT_NAME_CONSTRAINTS (1 << 9)
229 #define EXT_POLICY_CONSTRAINTS (1 << 10)
230 #define EXT_EXTENDED_KEY_USAGE (1 << 11)
231 #define EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
232 #define EXT_INIHIBIT_ANYPOLICY (1 << 13)
233 #define EXT_FRESHEST_CRL (1 << 14)
235 #define EXT_NS_CERT_TYPE (1 << 16)
241 #define X509_FORMAT_DER 1
242 #define X509_FORMAT_PEM 2
530 const unsigned char *key,
size_t keylen,
531 const unsigned char *pwd,
size_t pwdlen );
544 const char *password );
557 const unsigned char *key,
size_t keylen );
739 const char *cn,
int *flags,
740 int (*f_vrfy)(
void *,
x509_cert *,
int,
int *),