x509.rs source code [crates/openssl-sys/src/handwritten/x509.rs]

1	use super::super::*;
2	use libc::*;
3
4	#[repr(C)]
5	pub struct X509_VAL {
6	pub notBefore: *mut ASN1_TIME,
7	pub notAfter: *mut ASN1_TIME,
8	}
9
10	pub enum X509_NAME_ENTRY {}
11
12	stack!(stack_st_X509_NAME_ENTRY);
13
14	stack!(stack_st_X509_NAME);
15
16	pub enum X509_EXTENSION {}
17
18	stack!(stack_st_X509_EXTENSION);
19
20	pub enum X509_ATTRIBUTE {}
21
22	stack!(stack_st_X509_ATTRIBUTE);
23
24	cfg_if! {
25	if #[cfg(any(ossl110, libressl350))] {
26	pub enum X509_REQ_INFO {}
27	} else {
28	#[repr(C)]
29	pub struct X509_REQ_INFO {
30	pub enc: ASN1_ENCODING,
31	pub version: *mut ASN1_INTEGER,
32	pub subject: *mut X509_NAME,
33	pubkey: *mut c_void,
34	pub attributes: *mut stack_st_X509_ATTRIBUTE,
35	}
36	}
37	}
38
39	cfg_if! {
40	if #[cfg(any(ossl110, libressl350))] {
41	pub enum X509_CRL {}
42	} else {
43	#[repr(C)]
44	pub struct X509_CRL {
45	pub crl: *mut X509_CRL_INFO,
46	sig_alg: *mut X509_ALGOR,
47	signature: *mut c_void,
48	references: c_int,
49	flags: c_int,
50	akid: *mut c_void,
51	idp: *mut c_void,
52	idp_flags: c_int,
53	idp_reasons: c_int,
54	crl_number: *mut ASN1_INTEGER,
55	base_crl_number: *mut ASN1_INTEGER,
56	sha1_hash: [c_uchar; `20`],
57	issuers: *mut c_void,
58	meth: *const c_void,
59	meth_data: *mut c_void,
60	}
61	}
62	}
63
64	stack!(stack_st_X509_CRL);
65
66	cfg_if! {
67	if #[cfg(any(ossl110, libressl350))] {
68	pub enum X509_CRL_INFO {}
69	} else {
70	#[repr(C)]
71	pub struct X509_CRL_INFO {
72	version: *mut ASN1_INTEGER,
73	sig_alg: *mut X509_ALGOR,
74	pub issuer: *mut X509_NAME,
75	pub lastUpdate: *mut ASN1_TIME,
76	pub nextUpdate: *mut ASN1_TIME,
77	pub revoked: *mut stack_st_X509_REVOKED,
78	extensions: *mut stack_st_X509_EXTENSION,
79	enc: ASN1_ENCODING,
80	}
81	}
82	}
83
84	cfg_if! {
85	if #[cfg(any(ossl110, libressl350))] {
86	pub enum X509_REVOKED {}
87	} else {
88	#[repr(C)]
89	pub struct X509_REVOKED {
90	pub serialNumber: *mut ASN1_INTEGER,
91	pub revocationDate: *mut ASN1_TIME,
92	pub extensions: *mut stack_st_X509_EXTENSION,
93	issuer: *mut stack_st_GENERAL_NAME,
94	reason: c_int,
95	sequence: c_int,
96	}
97	}
98	}
99
100	stack!(stack_st_X509_REVOKED);
101
102	cfg_if! {
103	if #[cfg(any(ossl110, libressl350))] {
104	pub enum X509_REQ {}
105	} else {
106	#[repr(C)]
107	pub struct X509_REQ {
108	pub req_info: *mut X509_REQ_INFO,
109	sig_alg: *mut c_void,
110	signature: *mut c_void,
111	references: c_int,
112	}
113	}
114	}
115
116	cfg_if! {
117	if #[cfg(any(ossl110, libressl350))] {
118	pub enum X509_CINF {}
119	} else {
120	#[repr(C)]
121	pub struct X509_CINF {
122	version: *mut c_void,
123	serialNumber: *mut c_void,
124	signature: *mut c_void,
125	issuer: *mut c_void,
126	pub validity: *mut X509_VAL,
127	subject: *mut c_void,
128	key: *mut c_void,
129	issuerUID: *mut c_void,
130	subjectUID: *mut c_void,
131	pub extensions: *mut stack_st_X509_EXTENSION,
132	enc: ASN1_ENCODING,
133	}
134	}
135	}
136
137	stack!(stack_st_X509);
138
139	stack!(stack_st_X509_OBJECT);
140
141	stack!(stack_st_X509_LOOKUP);
142
143	extern "C" {
144	pub fn X509_verify_cert_error_string(n: c_long) -> *const c_char;
145
146	pub fn X509_sign(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
147
148	pub fn X509_digest(
149	x: *const X509,
150	digest: *const EVP_MD,
151	buf: *mut c_uchar,
152	len: *mut c_uint,
153	) -> c_int;
154
155	pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
156	}
157
158	const_ptr_api! {
159	extern "C" {
160	pub fn i2d_X509_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509) -> c_int;
161	pub fn i2d_X509_REQ_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509_REQ) -> c_int;
162	pub fn i2d_PrivateKey_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int;
163	pub fn i2d_PUBKEY_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int;
164
165	pub fn i2d_PUBKEY(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int;
166	pub fn i2d_RSA_PUBKEY(k: #[const_ptr_if(ossl300)] RSA, buf: *mut *mut u8) -> c_int;
167	pub fn i2d_DSA_PUBKEY(a: #[const_ptr_if(ossl300)] DSA, pp: *mut *mut c_uchar) -> c_int;
168	pub fn i2d_PrivateKey(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int;
169	pub fn i2d_ECPrivateKey(ec_key: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int;
170	pub fn i2d_EC_PUBKEY(a: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int;
171	}
172	}
173	extern "C" {
174	pub fn d2i_PUBKEY(k: *mut *mut EVP_PKEY, buf: *mut *const u8, len: c_long) -> *mut EVP_PKEY;
175	pub fn d2i_RSA_PUBKEY(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA;
176	pub fn d2i_DSA_PUBKEY(k: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA;
177	pub fn d2i_EC_PUBKEY(
178	a: *mut *mut EC_KEY,
179	pp: *mut *const c_uchar,
180	length: c_long,
181	) -> *mut EC_KEY;
182
183	pub fn d2i_ECPrivateKey(
184	k: *mut *mut EC_KEY,
185	pp: *mut *const c_uchar,
186	length: c_long,
187	) -> *mut EC_KEY;
188	}
189
190	const_ptr_api! {
191	extern "C" {
192	#[cfg(any(ossl102, libressl350))]
193	pub fn X509_ALGOR_get0(
194	paobj: *mut #[const_ptr_if(any(ossl110, libressl350))] ASN1_OBJECT,
195	pptype: *mut c_int,
196	ppval: *mut #[const_ptr_if(any(ossl110, libressl350))] c_void,
197	alg: #[const_ptr_if(any(ossl110, libressl350))] X509_ALGOR,
198	);
199	}
200	}
201
202	extern "C" {
203	pub fn X509_gmtime_adj(time: *mut ASN1_TIME, adj: c_long) -> *mut ASN1_TIME;
204
205	pub fn X509_to_X509_REQ(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> *mut X509_REQ;
206
207	pub fn X509_ALGOR_free(x: *mut X509_ALGOR);
208
209	pub fn X509_REVOKED_new() -> *mut X509_REVOKED;
210	pub fn X509_REVOKED_free(x: *mut X509_REVOKED);
211	}
212	const_ptr_api! {
213	extern "C" {
214	#[cfg(any(ossl110, libressl270))]
215	pub fn X509_REVOKED_dup(rev: #[const_ptr_if(ossl300)] X509_REVOKED) -> *mut X509_REVOKED;
216	}
217	}
218
219	extern "C" {
220	pub fn d2i_X509_REVOKED(
221	a: *mut *mut X509_REVOKED,
222	pp: *mut *const c_uchar,
223	length: c_long,
224	) -> *mut X509_REVOKED;
225	}
226	const_ptr_api! {
227	extern "C" {
228	pub fn i2d_X509_REVOKED(x: #[const_ptr_if(ossl300)] X509_REVOKED, buf: *mut *mut u8) -> c_int;
229	}
230	}
231	extern "C" {
232	pub fn X509_CRL_new() -> *mut X509_CRL;
233	pub fn X509_CRL_free(x: *mut X509_CRL);
234	pub fn d2i_X509_CRL(
235	a: *mut *mut X509_CRL,
236	pp: *mut *const c_uchar,
237	length: c_long,
238	) -> *mut X509_CRL;
239	}
240	const_ptr_api! {
241	extern "C" {
242	pub fn i2d_X509_CRL(x: #[const_ptr_if(ossl300)] X509_CRL, buf: *mut *mut u8) -> c_int;
243	#[cfg(any(ossl110, libressl270))]
244	pub fn X509_CRL_dup(x: #[const_ptr_if(ossl300)] X509_CRL) -> *mut X509_CRL;
245	}
246	}
247
248	extern "C" {
249	pub fn X509_REQ_new() -> *mut X509_REQ;
250	pub fn X509_REQ_free(x: *mut X509_REQ);
251	pub fn d2i_X509_REQ(
252	a: *mut *mut X509_REQ,
253	pp: *mut *const c_uchar,
254	length: c_long,
255	) -> *mut X509_REQ;
256	}
257	const_ptr_api! {
258	extern "C" {
259	pub fn i2d_X509_REQ(x: #[const_ptr_if(ossl300)] X509_REQ, buf: *mut *mut u8) -> c_int;
260
261	#[cfg(any(ossl102, libressl273))]
262	pub fn X509_get0_signature(
263	psig: *mut #[const_ptr_if(any(ossl110, libressl273))] ASN1_BIT_STRING,
264	palg: *mut #[const_ptr_if(any(ossl110, libressl273))] X509_ALGOR,
265	x: *const X509,
266	);
267
268	#[cfg(any(ossl110, libressl270))]
269	pub fn X509_REQ_dup(x: #[const_ptr_if(ossl300)] X509_REQ) -> *mut X509_REQ;
270	}
271	}
272	extern "C" {
273	#[cfg(ossl102)]
274	pub fn X509_get_signature_nid(x: *const X509) -> c_int;
275
276	pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION);
277
278	pub fn X509_NAME_ENTRY_free(x: *mut X509_NAME_ENTRY);
279
280	pub fn X509_NAME_new() -> *mut X509_NAME;
281	pub fn X509_NAME_cmp(x: *const X509_NAME, y: *const X509_NAME) -> c_int;
282	pub fn X509_NAME_free(x: *mut X509_NAME);
283
284	pub fn X509_new() -> *mut X509;
285	pub fn X509_free(x: *mut X509);
286	}
287	const_ptr_api! {
288	extern "C" {
289	pub fn i2d_X509(x: #[const_ptr_if(ossl300)] X509, buf: *mut *mut u8) -> c_int;
290	#[cfg(any(ossl110, libressl270))]
291	pub fn X509_NAME_dup(x: #[const_ptr_if(ossl300)] X509_NAME) -> *mut X509_NAME;
292	#[cfg(any(ossl110, libressl270))]
293	pub fn X509_dup(x: #[const_ptr_if(ossl300)] X509) -> *mut X509;
294	#[cfg(any(ossl101, libressl350))]
295	pub fn X509_NAME_add_entry(
296	name: *mut X509_NAME,
297	ne: #[const_ptr_if(any(ossl110, libressl))] X509_NAME_ENTRY,
298	loc: c_int,
299	set: c_int,
300	) -> c_int;
301	}
302	}
303	extern "C" {
304	pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509;
305	pub fn d2i_X509_bio(b: *mut BIO, a: *mut *mut X509) -> *mut X509;
306
307	pub fn X509_get_pubkey(x: *mut X509) -> *mut EVP_PKEY;
308
309	pub fn X509_set_version(x: *mut X509, version: c_long) -> c_int;
310	#[cfg(ossl110)]
311	pub fn X509_get_version(x: *const X509) -> c_long;
312	pub fn X509_set_serialNumber(x: *mut X509, sn: *mut ASN1_INTEGER) -> c_int;
313	pub fn X509_get_serialNumber(x: *mut X509) -> *mut ASN1_INTEGER;
314	}
315	const_ptr_api! {
316	extern "C" {
317	pub fn X509_set_issuer_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int;
318	}
319	}
320	extern "C" {
321	pub fn X509_issuer_name_hash(x: *mut X509) -> c_ulong;
322	pub fn X509_subject_name_hash(x: *mut X509) -> c_ulong;
323	}
324	const_ptr_api! {
325	extern "C" {
326	pub fn X509_get_issuer_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME;
327	pub fn X509_set_subject_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int;
328	pub fn X509_get_subject_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME;
329	}
330	}
331	cfg_if! {
332	if #[cfg(any(ossl110, libressl350))] {
333	extern "C" {
334	pub fn X509_set1_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int;
335	pub fn X509_set1_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int;
336	}
337	} else {
338	extern "C" {
339	pub fn X509_set_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int;
340	pub fn X509_set_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int;
341	}
342	}
343	}
344	extern "C" {
345	#[cfg(any(ossl110, libressl350))]
346	pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long;
347	pub fn X509_REQ_set_version(req: *mut X509_REQ, version: c_long) -> c_int;
348	#[cfg(any(ossl110, libressl350))]
349	pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut X509_NAME;
350	}
351	const_ptr_api! {
352	extern "C" {
353	pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int;
354	}
355	}
356	extern "C" {
357	pub fn X509_REQ_set_pubkey(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int;
358	pub fn X509_REQ_get_pubkey(req: *mut X509_REQ) -> *mut EVP_PKEY;
359	pub fn X509_REQ_get_extensions(req: *mut X509_REQ) -> *mut stack_st_X509_EXTENSION;
360	}
361	const_ptr_api! {
362	extern "C" {
363	pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: #[const_ptr_if(ossl300)] stack_st_X509_EXTENSION)
364	-> c_int;
365	}
366	}
367	extern "C" {
368	pub fn X509_REQ_get_attr_count(req: *const X509_REQ) -> c_int;
369	pub fn X509_REQ_get_attr_by_NID(req: *const X509_REQ, nid: c_int, lastpos: c_int) -> c_int;
370	pub fn X509_REQ_get_attr(req: *const X509_REQ, loc: c_int) -> *mut X509_ATTRIBUTE;
371	pub fn X509_REQ_delete_attr(req: *mut X509_REQ, loc: c_int) -> *mut X509_ATTRIBUTE;
372	pub fn X509_REQ_add1_attr_by_txt(
373	req: *mut X509_REQ,
374	attrname: *const c_char,
375	chtype: c_int,
376	bytes: *const c_uchar,
377	len: c_int,
378	) -> c_int;
379	pub fn X509_REQ_add1_attr_by_NID(
380	req: *mut X509_REQ,
381	nid: c_int,
382	chtype: c_int,
383	bytes: *const c_uchar,
384	len: c_int,
385	) -> c_int;
386	pub fn X509_REQ_add1_attr_by_OBJ(
387	req: *mut X509_REQ,
388	obj: *const ASN1_OBJECT,
389	chtype: c_int,
390	bytes: *const c_uchar,
391	len: c_int,
392	) -> c_int;
393	}
394	extern "C" {
395	pub fn X509_set_pubkey(x: *mut X509, pkey: *mut EVP_PKEY) -> c_int;
396	pub fn X509_REQ_verify(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int;
397	#[cfg(any(ossl110, libressl273))]
398	pub fn X509_getm_notBefore(x: *const X509) -> *mut ASN1_TIME;
399	#[cfg(any(ossl110, libressl273))]
400	pub fn X509_getm_notAfter(x: *const X509) -> *mut ASN1_TIME;
401	#[cfg(any(ossl110, libressl273))]
402	pub fn X509_up_ref(x: *mut X509) -> c_int;
403
404	#[cfg(any(ossl110, libressl270))]
405	pub fn X509_REVOKED_get0_serialNumber(req: *const X509_REVOKED) -> *const ASN1_INTEGER;
406	#[cfg(any(ossl110, libressl270))]
407	pub fn X509_REVOKED_get0_revocationDate(req: *const X509_REVOKED) -> *const ASN1_TIME;
408	#[cfg(any(ossl110, libressl270))]
409	pub fn X509_REVOKED_get0_extensions(r: *const X509_REVOKED) -> *const stack_st_X509_EXTENSION;
410
411	pub fn X509_REVOKED_set_serialNumber(r: *mut X509_REVOKED, serial: *mut ASN1_INTEGER) -> c_int;
412	pub fn X509_REVOKED_set_revocationDate(r: *mut X509_REVOKED, tm: *mut ASN1_TIME) -> c_int;
413
414	pub fn X509_CRL_sign(x: *mut X509_CRL, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
415	pub fn X509_CRL_digest(
416	x: *const X509_CRL,
417	digest: *const EVP_MD,
418	md: *mut c_uchar,
419	len: *mut c_uint,
420	) -> c_int;
421	pub fn X509_CRL_verify(crl: *mut X509_CRL, pkey: *mut EVP_PKEY) -> c_int;
422	pub fn X509_CRL_get0_by_cert(
423	x: *mut X509_CRL,
424	ret: *mut *mut X509_REVOKED,
425	cert: *mut X509,
426	) -> c_int;
427	}
428	const_ptr_api! {
429	extern "C" {
430	pub fn X509_CRL_get0_by_serial(
431	x: *mut X509_CRL,
432	ret: *mut *mut X509_REVOKED,
433	serial: #[const_ptr_if(ossl300)] ASN1_INTEGER,
434	) -> c_int;
435	}
436	}
437
438	extern "C" {
439	#[cfg(any(ossl110, libressl281))]
440	pub fn X509_CRL_get_REVOKED(crl: *mut X509_CRL) -> *mut stack_st_X509_REVOKED;
441	#[cfg(any(ossl110, libressl281))]
442	pub fn X509_CRL_get0_nextUpdate(x: *const X509_CRL) -> *const ASN1_TIME;
443	#[cfg(any(ossl110, libressl281))]
444	pub fn X509_CRL_get0_lastUpdate(x: *const X509_CRL) -> *const ASN1_TIME;
445	#[cfg(any(ossl110, libressl281))]
446	pub fn X509_CRL_get_issuer(x: *const X509_CRL) -> *mut X509_NAME;
447
448	#[cfg(ossl110)]
449	pub fn X509_get0_extensions(req: *const X509) -> *const stack_st_X509_EXTENSION;
450
451	pub fn X509_CRL_set_version(crl: *mut X509_CRL, version: c_long) -> c_int;
452	}
453	const_ptr_api! {
454	extern "C" {
455	pub fn X509_CRL_set_issuer_name(crl: *mut X509_CRL, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int;
456	}
457	}
458	extern "C" {
459	pub fn X509_CRL_sort(crl: *mut X509_CRL) -> c_int;
460
461	#[cfg(any(ossl110, libressl270))]
462	pub fn X509_CRL_up_ref(crl: *mut X509_CRL) -> c_int;
463	pub fn X509_CRL_add0_revoked(crl: *mut X509_CRL, rev: *mut X509_REVOKED) -> c_int;
464	}
465	cfg_if! {
466	if #[cfg(any(ossl110, libressl270))] {
467	extern "C" {
468	pub fn X509_CRL_set1_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int;
469	pub fn X509_CRL_set1_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int;
470	}
471	} else {
472	// libressl270 kept them, ossl110 "#define"s them to the variants above
473	extern "C" {
474	pub fn X509_CRL_set_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int;
475	pub fn X509_CRL_set_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int;
476	}
477	}
478	}
479
480	const_ptr_api! {
481	extern "C" {
482	pub fn X509_NAME_entry_count(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME) -> c_int;
483	pub fn X509_NAME_get_index_by_NID(n: #[const_ptr_if(any(ossl300, libressl280))] X509_NAME, nid: c_int, last_pos: c_int) -> c_int;
484	pub fn X509_NAME_get_entry(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME, loc: c_int) -> *mut X509_NAME_ENTRY;
485	pub fn X509_NAME_add_entry_by_NID(
486	x: *mut X509_NAME,
487	field: c_int,
488	ty: c_int,
489	bytes: #[const_ptr_if(any(ossl110, libressl280))] c_uchar,
490	len: c_int,
491	loc: c_int,
492	set: c_int,
493	) -> c_int;
494	pub fn i2d_X509_NAME(n: #[const_ptr_if(ossl300)] X509_NAME, buf: *mut *mut u8) -> c_int;
495	pub fn X509_NAME_ENTRY_get_object(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_OBJECT;
496	pub fn X509_NAME_ENTRY_get_data(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_STRING;
497	}
498	}
499	extern "C" {
500	pub fn X509_NAME_add_entry_by_txt(
501	x: *mut X509_NAME,
502	field: *const c_char,
503	ty: c_int,
504	bytes: *const c_uchar,
505	len: c_int,
506	loc: c_int,
507	set: c_int,
508	) -> c_int;
509	pub fn d2i_X509_NAME(
510	n: *mut *mut X509_NAME,
511	pp: *mut *const c_uchar,
512	length: c_long,
513	) -> *mut X509_NAME;
514	}
515
516	// "raw" X509_EXTENSION related functions
517	extern "C" {
518	// in X509
519	pub fn X509_delete_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION;
520	pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int;
521	pub fn X509_add1_ext_i2d(
522	x: *mut X509,
523	nid: c_int,
524	value: *mut c_void,
525	crit: c_int,
526	flags: c_ulong,
527	) -> c_int;
528	// in X509_CRL
529	pub fn X509_CRL_delete_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION;
530	pub fn X509_CRL_add_ext(x: *mut X509_CRL, ext: *mut X509_EXTENSION, loc: c_int) -> c_int;
531	pub fn X509_CRL_add1_ext_i2d(
532	x: *mut X509_CRL,
533	nid: c_int,
534	value: *mut c_void,
535	crit: c_int,
536	flags: c_ulong,
537	) -> c_int;
538	// in X509_REVOKED
539	pub fn X509_REVOKED_delete_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION;
540	pub fn X509_REVOKED_add_ext(
541	x: *mut X509_REVOKED,
542	ext: *mut X509_EXTENSION,
543	loc: c_int,
544	) -> c_int;
545	pub fn X509_REVOKED_add1_ext_i2d(
546	x: *mut X509_REVOKED,
547	nid: c_int,
548	value: *mut c_void,
549	crit: c_int,
550	flags: c_ulong,
551	) -> c_int;
552	// X509_EXTENSION stack
553	// - these getters always used const STACK*
554	pub fn X509v3_get_ext_count(x: *const stack_st_X509_EXTENSION) -> c_int;
555	pub fn X509v3_get_ext_by_NID(
556	x: *const stack_st_X509_EXTENSION,
557	nid: c_int,
558	lastpos: c_int,
559	) -> c_int;
560	pub fn X509v3_get_ext_by_critical(
561	x: *const stack_st_X509_EXTENSION,
562	crit: c_int,
563	lastpos: c_int,
564	) -> c_int;
565	pub fn X509v3_get_ext(x: *const stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION;
566	pub fn X509v3_delete_ext(x: *mut stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION;
567	pub fn X509v3_add_ext(
568	x: *mut *mut stack_st_X509_EXTENSION,
569	ex: *mut X509_EXTENSION,
570	loc: c_int,
571	) -> *mut stack_st_X509_EXTENSION;
572	// - X509V3_add1_i2d in x509v3.rs
573	// X509_EXTENSION itself
574	pub fn X509_EXTENSION_create_by_NID(
575	ex: *mut *mut X509_EXTENSION,
576	nid: c_int,
577	crit: c_int,
578	data: *mut ASN1_OCTET_STRING,
579	) -> *mut X509_EXTENSION;
580	pub fn X509_EXTENSION_set_critical(ex: *mut X509_EXTENSION, crit: c_int) -> c_int;
581	pub fn X509_EXTENSION_set_data(ex: *mut X509_EXTENSION, data: *mut ASN1_OCTET_STRING) -> c_int;
582	pub fn X509_EXTENSION_get_object(ext: *mut X509_EXTENSION) -> *mut ASN1_OBJECT;
583	pub fn X509_EXTENSION_get_data(ext: *mut X509_EXTENSION) -> *mut ASN1_OCTET_STRING;
584	}
585
586	const_ptr_api! {
587	extern "C" {
588	pub fn i2d_X509_EXTENSION(ext: #[const_ptr_if(ossl300)] X509_EXTENSION, pp: *mut *mut c_uchar) -> c_int;
589	}
590	}
591
592	const_ptr_api! {
593	extern "C" {
594	// in X509
595	pub fn X509_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> c_int;
596	pub fn X509_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509, nid: c_int, lastpos: c_int) -> c_int;
597	pub fn X509_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int;
598	pub fn X509_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509, crit: c_int, lastpos: c_int) -> c_int;
599	pub fn X509_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509, loc: c_int) -> *mut X509_EXTENSION;
600	pub fn X509_get_ext_d2i(
601	x: #[const_ptr_if(any(ossl110, libressl280))] X509,
602	nid: c_int,
603	crit: *mut c_int,
604	idx: *mut c_int,
605	) -> *mut c_void;
606	// in X509_CRL
607	pub fn X509_CRL_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL) -> c_int;
608	pub fn X509_CRL_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, nid: c_int, lastpos: c_int) -> c_int;
609	pub fn X509_CRL_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int;
610	pub fn X509_CRL_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, crit: c_int, lastpos: c_int) -> c_int;
611	pub fn X509_CRL_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, loc: c_int) -> *mut X509_EXTENSION;
612	pub fn X509_CRL_get_ext_d2i(
613	x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL,
614	nid: c_int,
615	crit: *mut c_int,
616	idx: *mut c_int,
617	) -> *mut c_void;
618	// in X509_REVOKED
619	pub fn X509_REVOKED_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED) -> c_int;
620	pub fn X509_REVOKED_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, nid: c_int, lastpos: c_int) -> c_int;
621	pub fn X509_REVOKED_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int;
622	pub fn X509_REVOKED_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, crit: c_int, lastpos: c_int) -> c_int;
623	pub fn X509_REVOKED_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION;
624	pub fn X509_REVOKED_get_ext_d2i(
625	x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED,
626	nid: c_int,
627	crit: *mut c_int,
628	idx: *mut c_int,
629	) -> *mut c_void;
630	// X509_EXTENSION stack
631	pub fn X509v3_get_ext_by_OBJ(x: *const stack_st_X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int;
632	// X509_EXTENSION itself
633	pub fn X509_EXTENSION_create_by_OBJ(ex: *mut *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION;
634	pub fn X509_EXTENSION_set_object(ex: *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT) -> c_int;
635	pub fn X509_EXTENSION_get_critical(ex: #[const_ptr_if(any(ossl110, libressl280))] X509_EXTENSION) -> c_int;
636	}
637	}
638
639	extern "C" {
640	pub fn X509_verify_cert(ctx: *mut X509_STORE_CTX) -> c_int;
641	}
642
643	const_ptr_api! {
644	extern "C" {
645	#[cfg(any(ossl110, libressl270))]
646	pub fn X509_STORE_get0_objects(ctx: #[const_ptr_if(ossl300)] X509_STORE) -> *mut stack_st_X509_OBJECT;
647	#[cfg(ossl300)]
648	pub fn X509_STORE_get1_all_certs(ctx: *mut X509_STORE) -> *mut stack_st_X509;
649	}
650	}
651
652	#[cfg(any(ossl110, libressl270))]
653	extern "C" {
654	pub fn X509_OBJECT_get0_X509(x: *const X509_OBJECT) -> *mut X509;
655	}
656
657	cfg_if! {
658	if #[cfg(any(ossl110, libressl350))] {
659	extern "C" {
660	pub fn X509_OBJECT_free(a: *mut X509_OBJECT);
661	}
662	} else {
663	extern "C" {
664	pub fn X509_OBJECT_free_contents(a: *mut X509_OBJECT);
665	}
666	}
667	}
668
669	extern "C" {
670	pub fn X509_get_default_cert_file_env() -> *const c_char;
671	pub fn X509_get_default_cert_file() -> *const c_char;
672	pub fn X509_get_default_cert_dir_env() -> *const c_char;
673	pub fn X509_get_default_cert_dir() -> *const c_char;
674	}
675
676	extern "C" {
677	pub fn X509_cmp(a: *const X509, b: *const X509) -> c_int;
678	pub fn X509_issuer_and_serial_cmp(a: *const X509, b: *const X509) -> c_int;
679	pub fn X509_issuer_name_cmp(a: *const X509, b: *const X509) -> c_int;
680	pub fn X509_subject_name_cmp(a: *const X509, b: *const X509) -> c_int;
681	pub fn X509_CRL_cmp(a: *const X509_CRL, b: *const X509_CRL) -> c_int;
682	pub fn X509_CRL_match(a: *const X509_CRL, b: *const X509_CRL) -> c_int;
683	}
684
685	extern "C" {
686	pub fn X509_print(bio: *mut BIO, x509: *mut X509) -> c_int;
687	pub fn X509_REQ_print(bio: *mut BIO, req: *mut X509_REQ) -> c_int;
688	}
689
690	cfg_if! {
691	if #[cfg(libressl390)] {
692	pub enum X509_PURPOSE {}
693	} else {
694	#[repr(C)]
695	pub struct X509_PURPOSE {
696	pub purpose: c_int,
697	pub trust: c_int, // Default trust ID
698	pub flags: c_int,
699	pub check_purpose:
700	Option<unsafe extern "C" fn(*const X509_PURPOSE, *const X509, c_int) -> c_int>,
701	pub name: *mut c_char,
702	pub sname: *mut c_char,
703	pub usr_data: *mut c_void,
704	}
705	}
706	}
707
708	const_ptr_api! {
709	extern "C" {
710	pub fn X509_PURPOSE_get_by_sname(sname: #[const_ptr_if(any(ossl110, libressl280))] c_char) -> c_int;
711	pub fn X509_PURPOSE_get_id(purpose: #[const_ptr_if(any(ossl110, libressl280))] X509_PURPOSE) -> c_int;
712	pub fn X509_PURPOSE_get0(idx: c_int) -> #[const_ptr_if(libressl390)] X509_PURPOSE;
713	}
714	}
715
716	extern "C" {
717	pub fn X509_ATTRIBUTE_new() -> *mut X509_ATTRIBUTE;
718	pub fn X509_ATTRIBUTE_free(attr: *mut X509_ATTRIBUTE);
719	pub fn X509_ATTRIBUTE_create(
720	nid: c_int,
721	atrtype: c_int,
722	value: *mut c_void,
723	) -> *mut X509_ATTRIBUTE;
724	pub fn X509_ATTRIBUTE_create_by_NID(
725	attr: *mut *mut X509_ATTRIBUTE,
726	nid: c_int,
727	atrtype: c_int,
728	data: *const c_void,
729	len: c_int,
730	) -> *mut X509_ATTRIBUTE;
731	pub fn X509_ATTRIBUTE_create_by_OBJ(
732	attr: *mut *mut X509_ATTRIBUTE,
733	obj: *const ASN1_OBJECT,
734	atrtype: c_int,
735	data: *const c_void,
736	len: c_int,
737	) -> *mut X509_ATTRIBUTE;
738	pub fn X509_ATTRIBUTE_create_by_txt(
739	attr: *mut *mut X509_ATTRIBUTE,
740	atrname: *const c_char,
741	atrtype: c_int,
742	bytes: *const c_uchar,
743	len: c_int,
744	) -> *mut X509_ATTRIBUTE;
745	pub fn X509_ATTRIBUTE_set1_object(attr: *mut X509_ATTRIBUTE, obj: *const ASN1_OBJECT) -> c_int;
746	pub fn X509_ATTRIBUTE_set1_data(
747	attr: *mut X509_ATTRIBUTE,
748	attrtype: c_int,
749	data: *const c_void,
750	len: c_int,
751	) -> c_int;
752	pub fn X509_ATTRIBUTE_get0_data(
753	attr: *mut X509_ATTRIBUTE,
754	idx: c_int,
755	atrtype: c_int,
756	data: *mut c_void,
757	) -> *mut c_void;
758	pub fn X509_ATTRIBUTE_get0_object(attr: *mut X509_ATTRIBUTE) -> *mut ASN1_OBJECT;
759	pub fn X509_ATTRIBUTE_get0_type(attr: *mut X509_ATTRIBUTE, idx: c_int) -> *mut ASN1_TYPE;
760	pub fn d2i_X509_ATTRIBUTE(
761	a: *mut *mut X509_ATTRIBUTE,
762	pp: *mut *const c_uchar,
763	length: c_long,
764	) -> *mut X509_ATTRIBUTE;
765	}
766	const_ptr_api! {
767	extern "C" {
768	pub fn X509_ATTRIBUTE_count(
769	attr: #[const_ptr_if(any(ossl110, libressl280))] X509_ATTRIBUTE // const since OpenSSL v1.1.0
770	) -> c_int;
771	pub fn i2d_X509_ATTRIBUTE(x: #[const_ptr_if(ossl300)] X509_ATTRIBUTE, buf: *mut *mut u8) -> c_int;
772	pub fn X509_ATTRIBUTE_dup(x: #[const_ptr_if(ossl300)] X509_ATTRIBUTE) -> *mut X509_ATTRIBUTE;
773	}
774	}
775