x509.rs source code [crates/openssl-sys-0.9.101/src/handwritten/x509.rs]

1	use super::super::*;
2	use libc::*;
3
4	#[repr(C)]
5	pub struct X509_VAL {
6	pub notBefore: *mut ASN1_TIME,
7	pub notAfter: *mut ASN1_TIME,
8	}
9
10	pub enum X509_NAME_ENTRY {}
11
12	stack!(stack_st_X509_NAME_ENTRY);
13
14	stack!(stack_st_X509_NAME);
15
16	pub enum X509_EXTENSION {}
17
18	stack!(stack_st_X509_EXTENSION);
19
20	pub enum X509_ATTRIBUTE {}
21
22	stack!(stack_st_X509_ATTRIBUTE);
23
24	cfg_if! {
25	if #[cfg(any(ossl110, libressl350))] {
26	pub enum X509_REQ_INFO {}
27	} else {
28	#[repr(C)]
29	pub struct X509_REQ_INFO {
30	pub enc: ASN1_ENCODING,
31	pub version: *mut ASN1_INTEGER,
32	pub subject: *mut X509_NAME,
33	pubkey: *mut c_void,
34	pub attributes: *mut stack_st_X509_ATTRIBUTE,
35	}
36	}
37	}
38
39	cfg_if! {
40	if #[cfg(any(ossl110, libressl350))] {
41	pub enum X509_CRL {}
42	} else {
43	#[repr(C)]
44	pub struct X509_CRL {
45	pub crl: *mut X509_CRL_INFO,
46	sig_alg: *mut X509_ALGOR,
47	signature: *mut c_void,
48	references: c_int,
49	flags: c_int,
50	akid: *mut c_void,
51	idp: *mut c_void,
52	idp_flags: c_int,
53	idp_reasons: c_int,
54	crl_number: *mut ASN1_INTEGER,
55	base_crl_number: *mut ASN1_INTEGER,
56	sha1_hash: [c_uchar; `20`],
57	issuers: *mut c_void,
58	meth: *const c_void,
59	meth_data: *mut c_void,
60	}
61	}
62	}
63
64	stack!(stack_st_X509_CRL);
65
66	cfg_if! {
67	if #[cfg(any(ossl110, libressl350))] {
68	pub enum X509_CRL_INFO {}
69	} else {
70	#[repr(C)]
71	pub struct X509_CRL_INFO {
72	version: *mut ASN1_INTEGER,
73	sig_alg: *mut X509_ALGOR,
74	pub issuer: *mut X509_NAME,
75	pub lastUpdate: *mut ASN1_TIME,
76	pub nextUpdate: *mut ASN1_TIME,
77	pub revoked: *mut stack_st_X509_REVOKED,
78	extensions: *mut stack_st_X509_EXTENSION,
79	enc: ASN1_ENCODING,
80	}
81	}
82	}
83
84	cfg_if! {
85	if #[cfg(any(ossl110, libressl350))] {
86	pub enum X509_REVOKED {}
87	} else {
88	#[repr(C)]
89	pub struct X509_REVOKED {
90	pub serialNumber: *mut ASN1_INTEGER,
91	pub revocationDate: *mut ASN1_TIME,
92	pub extensions: *mut stack_st_X509_EXTENSION,
93	issuer: *mut stack_st_GENERAL_NAME,
94	reason: c_int,
95	sequence: c_int,
96	}
97	}
98	}
99
100	stack!(stack_st_X509_REVOKED);
101
102	cfg_if! {
103	if #[cfg(any(ossl110, libressl350))] {
104	pub enum X509_REQ {}
105	} else {
106	#[repr(C)]
107	pub struct X509_REQ {
108	pub req_info: *mut X509_REQ_INFO,
109	sig_alg: *mut c_void,
110	signature: *mut c_void,
111	references: c_int,
112	}
113	}
114	}
115
116	cfg_if! {
117	if #[cfg(any(ossl110, libressl350))] {
118	pub enum X509_CINF {}
119	} else {
120	#[repr(C)]
121	pub struct X509_CINF {
122	version: *mut c_void,
123	serialNumber: *mut c_void,
124	signature: *mut c_void,
125	issuer: *mut c_void,
126	pub validity: *mut X509_VAL,
127	subject: *mut c_void,
128	key: *mut c_void,
129	issuerUID: *mut c_void,
130	subjectUID: *mut c_void,
131	pub extensions: *mut stack_st_X509_EXTENSION,
132	enc: ASN1_ENCODING,
133	}
134	}
135	}
136
137	stack!(stack_st_X509);
138
139	stack!(stack_st_X509_OBJECT);
140
141	stack!(stack_st_X509_LOOKUP);
142
143	extern "C" {
144	pub fn X509_verify_cert_error_string(n: c_long) -> *const c_char;
145
146	pub fn X509_sign(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
147
148	pub fn X509_digest(
149	x: *const X509,
150	digest: *const EVP_MD,
151	buf: *mut c_uchar,
152	len: *mut c_uint,
153	) -> c_int;
154
155	pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
156	}
157
158	const_ptr_api! {
159	extern "C" {
160	pub fn i2d_X509_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509) -> c_int;
161	pub fn i2d_X509_REQ_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509_REQ) -> c_int;
162	pub fn i2d_PrivateKey_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int;
163	pub fn i2d_PUBKEY_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int;
164
165	pub fn i2d_PUBKEY(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int;
166	pub fn i2d_RSA_PUBKEY(k: #[const_ptr_if(ossl300)] RSA, buf: *mut *mut u8) -> c_int;
167	pub fn i2d_DSA_PUBKEY(a: #[const_ptr_if(ossl300)] DSA, pp: *mut *mut c_uchar) -> c_int;
168	pub fn i2d_PrivateKey(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int;
169	pub fn i2d_ECPrivateKey(ec_key: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int;
170	pub fn i2d_EC_PUBKEY(a: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int;
171	}
172	}
173	extern "C" {
174	pub fn d2i_PUBKEY(k: *mut *mut EVP_PKEY, buf: *mut *const u8, len: c_long) -> *mut EVP_PKEY;
175	pub fn d2i_RSA_PUBKEY(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA;
176	pub fn d2i_DSA_PUBKEY(k: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA;
177	pub fn d2i_EC_PUBKEY(
178	a: *mut *mut EC_KEY,
179	pp: *mut *const c_uchar,
180	length: c_long,
181	) -> *mut EC_KEY;
182
183	pub fn d2i_ECPrivateKey(
184	k: *mut *mut EC_KEY,
185	pp: *mut *const c_uchar,
186	length: c_long,
187	) -> *mut EC_KEY;
188	}
189
190	const_ptr_api! {
191	extern "C" {
192	#[cfg(any(ossl102, libressl350))]
193	pub fn X509_ALGOR_get0(
194	paobj: *mut #[const_ptr_if(any(ossl110, libressl350))] ASN1_OBJECT,
195	pptype: *mut c_int,
196	ppval: *mut #[const_ptr_if(any(ossl110, libressl350))] c_void,
197	alg: #[const_ptr_if(any(ossl110, libressl350))] X509_ALGOR,
198	);
199	}
200	}
201
202	extern "C" {
203	pub fn X509_gmtime_adj(time: *mut ASN1_TIME, adj: c_long) -> *mut ASN1_TIME;
204
205	pub fn X509_to_X509_REQ(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> *mut X509_REQ;
206
207	pub fn X509_ALGOR_free(x: *mut X509_ALGOR);
208
209	pub fn X509_REVOKED_new() -> *mut X509_REVOKED;
210	pub fn X509_REVOKED_free(x: *mut X509_REVOKED);
211	}
212	const_ptr_api! {
213	extern "C" {
214	#[cfg(any(ossl110, libressl270))]
215	pub fn X509_REVOKED_dup(rev: #[const_ptr_if(ossl300)] X509_REVOKED) -> *mut X509_REVOKED;
216	}
217	}
218
219	extern "C" {
220	pub fn d2i_X509_REVOKED(
221	a: *mut *mut X509_REVOKED,
222	pp: *mut *const c_uchar,
223	length: c_long,
224	) -> *mut X509_REVOKED;
225	}
226	const_ptr_api! {
227	extern "C" {
228	pub fn i2d_X509_REVOKED(x: #[const_ptr_if(ossl300)] X509_REVOKED, buf: *mut *mut u8) -> c_int;
229	}
230	}
231	extern "C" {
232	pub fn X509_CRL_new() -> *mut X509_CRL;
233	pub fn X509_CRL_free(x: *mut X509_CRL);
234	pub fn d2i_X509_CRL(
235	a: *mut *mut X509_CRL,
236	pp: *mut *const c_uchar,
237	length: c_long,
238	) -> *mut X509_CRL;
239	}
240	const_ptr_api! {
241	extern "C" {
242	pub fn i2d_X509_CRL(x: #[const_ptr_if(ossl300)] X509_CRL, buf: *mut *mut u8) -> c_int;
243	#[cfg(any(ossl110, libressl270))]
244	pub fn X509_CRL_dup(x: #[const_ptr_if(ossl300)] X509_CRL) -> *mut X509_CRL;
245	}
246	}
247
248	extern "C" {
249	pub fn X509_REQ_new() -> *mut X509_REQ;
250	pub fn X509_REQ_free(x: *mut X509_REQ);
251	pub fn d2i_X509_REQ(
252	a: *mut *mut X509_REQ,
253	pp: *mut *const c_uchar,
254	length: c_long,
255	) -> *mut X509_REQ;
256	}
257	const_ptr_api! {
258	extern "C" {
259	pub fn i2d_X509_REQ(x: #[const_ptr_if(ossl300)] X509_REQ, buf: *mut *mut u8) -> c_int;
260
261	#[cfg(any(ossl102, libressl273))]
262	pub fn X509_get0_signature(
263	psig: *mut #[const_ptr_if(any(ossl110, libressl273))] ASN1_BIT_STRING,
264	palg: *mut #[const_ptr_if(any(ossl110, libressl273))] X509_ALGOR,
265	x: *const X509,
266	);
267
268	#[cfg(any(ossl110, libressl270))]
269	pub fn X509_REQ_dup(x: #[const_ptr_if(ossl300)] X509_REQ) -> *mut X509_REQ;
270	}
271	}
272	extern "C" {
273	#[cfg(ossl102)]
274	pub fn X509_get_signature_nid(x: *const X509) -> c_int;
275
276	pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION);
277
278	pub fn X509_NAME_ENTRY_free(x: *mut X509_NAME_ENTRY);
279
280	pub fn X509_NAME_new() -> *mut X509_NAME;
281	pub fn X509_NAME_cmp(x: *const X509_NAME, y: *const X509_NAME) -> c_int;
282	pub fn X509_NAME_free(x: *mut X509_NAME);
283
284	pub fn X509_new() -> *mut X509;
285	pub fn X509_free(x: *mut X509);
286	}
287	const_ptr_api! {
288	extern "C" {
289	pub fn i2d_X509(x: #[const_ptr_if(ossl300)] X509, buf: *mut *mut u8) -> c_int;
290	#[cfg(any(ossl110, libressl270))]
291	pub fn X509_NAME_dup(x: #[const_ptr_if(ossl300)] X509_NAME) -> *mut X509_NAME;
292	#[cfg(any(ossl110, libressl270))]
293	pub fn X509_dup(x: #[const_ptr_if(ossl300)] X509) -> *mut X509;
294	#[cfg(any(ossl101, libressl350))]
295	pub fn X509_NAME_add_entry(
296	name: *mut X509_NAME,
297	ne: #[const_ptr_if(any(ossl110, libressl))] X509_NAME_ENTRY,
298	loc: c_int,
299	set: c_int,
300	) -> c_int;
301	}
302	}
303	extern "C" {
304	pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509;
305	pub fn d2i_X509_bio(b: *mut BIO, a: *mut *mut X509) -> *mut X509;
306
307	pub fn X509_get_pubkey(x: *mut X509) -> *mut EVP_PKEY;
308
309	pub fn X509_set_version(x: *mut X509, version: c_long) -> c_int;
310	#[cfg(ossl110)]
311	pub fn X509_get_version(x: *const X509) -> c_long;
312	pub fn X509_set_serialNumber(x: *mut X509, sn: *mut ASN1_INTEGER) -> c_int;
313	pub fn X509_get_serialNumber(x: *mut X509) -> *mut ASN1_INTEGER;
314	pub fn X509_alias_get0(x: *mut X509, len: *mut c_int) -> *mut c_uchar;
315	}
316	const_ptr_api! {
317	extern "C" {
318	pub fn X509_set_issuer_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int;
319	}
320	}
321	extern "C" {
322	pub fn X509_issuer_name_hash(x: *mut X509) -> c_ulong;
323	pub fn X509_subject_name_hash(x: *mut X509) -> c_ulong;
324	}
325	const_ptr_api! {
326	extern "C" {
327	pub fn X509_get_issuer_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME;
328	pub fn X509_set_subject_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int;
329	pub fn X509_get_subject_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME;
330	}
331	}
332	cfg_if! {
333	if #[cfg(any(ossl110, libressl350))] {
334	extern "C" {
335	pub fn X509_set1_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int;
336	pub fn X509_set1_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int;
337	}
338	} else {
339	extern "C" {
340	pub fn X509_set_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int;
341	pub fn X509_set_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int;
342	}
343	}
344	}
345	extern "C" {
346	#[cfg(any(ossl110, libressl350))]
347	pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long;
348	pub fn X509_REQ_set_version(req: *mut X509_REQ, version: c_long) -> c_int;
349	#[cfg(any(ossl110, libressl350))]
350	pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut X509_NAME;
351	}
352	const_ptr_api! {
353	extern "C" {
354	pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int;
355	}
356	}
357	extern "C" {
358	pub fn X509_REQ_set_pubkey(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int;
359	pub fn X509_REQ_get_pubkey(req: *mut X509_REQ) -> *mut EVP_PKEY;
360	pub fn X509_REQ_get_extensions(req: *mut X509_REQ) -> *mut stack_st_X509_EXTENSION;
361	}
362	const_ptr_api! {
363	extern "C" {
364	pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: #[const_ptr_if(ossl300)] stack_st_X509_EXTENSION)
365	-> c_int;
366	}
367	}
368	extern "C" {
369	pub fn X509_REQ_get_attr_count(req: *const X509_REQ) -> c_int;
370	pub fn X509_REQ_get_attr_by_NID(req: *const X509_REQ, nid: c_int, lastpos: c_int) -> c_int;
371	pub fn X509_REQ_get_attr(req: *const X509_REQ, loc: c_int) -> *mut X509_ATTRIBUTE;
372	pub fn X509_REQ_delete_attr(req: *mut X509_REQ, loc: c_int) -> *mut X509_ATTRIBUTE;
373	pub fn X509_REQ_add1_attr_by_txt(
374	req: *mut X509_REQ,
375	attrname: *const c_char,
376	chtype: c_int,
377	bytes: *const c_uchar,
378	len: c_int,
379	) -> c_int;
380	pub fn X509_REQ_add1_attr_by_NID(
381	req: *mut X509_REQ,
382	nid: c_int,
383	chtype: c_int,
384	bytes: *const c_uchar,
385	len: c_int,
386	) -> c_int;
387	pub fn X509_REQ_add1_attr_by_OBJ(
388	req: *mut X509_REQ,
389	obj: *const ASN1_OBJECT,
390	chtype: c_int,
391	bytes: *const c_uchar,
392	len: c_int,
393	) -> c_int;
394	}
395	extern "C" {
396	pub fn X509_set_pubkey(x: *mut X509, pkey: *mut EVP_PKEY) -> c_int;
397	pub fn X509_REQ_verify(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int;
398	#[cfg(any(ossl110, libressl273))]
399	pub fn X509_getm_notBefore(x: *const X509) -> *mut ASN1_TIME;
400	#[cfg(any(ossl110, libressl273))]
401	pub fn X509_getm_notAfter(x: *const X509) -> *mut ASN1_TIME;
402	#[cfg(any(ossl110, libressl273))]
403	pub fn X509_up_ref(x: *mut X509) -> c_int;
404
405	#[cfg(any(ossl110, libressl270))]
406	pub fn X509_REVOKED_get0_serialNumber(req: *const X509_REVOKED) -> *const ASN1_INTEGER;
407	#[cfg(any(ossl110, libressl270))]
408	pub fn X509_REVOKED_get0_revocationDate(req: *const X509_REVOKED) -> *const ASN1_TIME;
409	#[cfg(any(ossl110, libressl270))]
410	pub fn X509_REVOKED_get0_extensions(r: *const X509_REVOKED) -> *const stack_st_X509_EXTENSION;
411
412	pub fn X509_REVOKED_set_serialNumber(r: *mut X509_REVOKED, serial: *mut ASN1_INTEGER) -> c_int;
413	pub fn X509_REVOKED_set_revocationDate(r: *mut X509_REVOKED, tm: *mut ASN1_TIME) -> c_int;
414
415	pub fn X509_CRL_sign(x: *mut X509_CRL, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
416	pub fn X509_CRL_digest(
417	x: *const X509_CRL,
418	digest: *const EVP_MD,
419	md: *mut c_uchar,
420	len: *mut c_uint,
421	) -> c_int;
422	pub fn X509_CRL_verify(crl: *mut X509_CRL, pkey: *mut EVP_PKEY) -> c_int;
423	pub fn X509_CRL_get0_by_cert(
424	x: *mut X509_CRL,
425	ret: *mut *mut X509_REVOKED,
426	cert: *mut X509,
427	) -> c_int;
428	}
429	const_ptr_api! {
430	extern "C" {
431	pub fn X509_CRL_get0_by_serial(
432	x: *mut X509_CRL,
433	ret: *mut *mut X509_REVOKED,
434	serial: #[const_ptr_if(ossl300)] ASN1_INTEGER,
435	) -> c_int;
436	}
437	}
438
439	extern "C" {
440	#[cfg(any(ossl110, libressl281))]
441	pub fn X509_CRL_get_REVOKED(crl: *mut X509_CRL) -> *mut stack_st_X509_REVOKED;
442	#[cfg(any(ossl110, libressl281))]
443	pub fn X509_CRL_get0_nextUpdate(x: *const X509_CRL) -> *const ASN1_TIME;
444	#[cfg(any(ossl110, libressl281))]
445	pub fn X509_CRL_get0_lastUpdate(x: *const X509_CRL) -> *const ASN1_TIME;
446	#[cfg(any(ossl110, libressl281))]
447	pub fn X509_CRL_get_issuer(x: *const X509_CRL) -> *mut X509_NAME;
448
449	#[cfg(ossl110)]
450	pub fn X509_get0_extensions(req: *const X509) -> *const stack_st_X509_EXTENSION;
451
452	pub fn X509_CRL_set_version(crl: *mut X509_CRL, version: c_long) -> c_int;
453	}
454	const_ptr_api! {
455	extern "C" {
456	pub fn X509_CRL_set_issuer_name(crl: *mut X509_CRL, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int;
457	}
458	}
459	extern "C" {
460	pub fn X509_CRL_sort(crl: *mut X509_CRL) -> c_int;
461
462	#[cfg(any(ossl110, libressl270))]
463	pub fn X509_CRL_up_ref(crl: *mut X509_CRL) -> c_int;
464	pub fn X509_CRL_add0_revoked(crl: *mut X509_CRL, rev: *mut X509_REVOKED) -> c_int;
465	}
466	cfg_if! {
467	if #[cfg(any(ossl110, libressl270))] {
468	extern "C" {
469	pub fn X509_CRL_set1_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int;
470	pub fn X509_CRL_set1_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int;
471	}
472	} else {
473	// libressl270 kept them, ossl110 "#define"s them to the variants above
474	extern "C" {
475	pub fn X509_CRL_set_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int;
476	pub fn X509_CRL_set_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int;
477	}
478	}
479	}
480
481	const_ptr_api! {
482	extern "C" {
483	pub fn X509_NAME_entry_count(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME) -> c_int;
484	pub fn X509_NAME_get_index_by_NID(n: #[const_ptr_if(any(ossl300, libressl280))] X509_NAME, nid: c_int, last_pos: c_int) -> c_int;
485	pub fn X509_NAME_get_entry(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME, loc: c_int) -> *mut X509_NAME_ENTRY;
486	pub fn X509_NAME_add_entry_by_NID(
487	x: *mut X509_NAME,
488	field: c_int,
489	ty: c_int,
490	bytes: #[const_ptr_if(any(ossl110, libressl280))] c_uchar,
491	len: c_int,
492	loc: c_int,
493	set: c_int,
494	) -> c_int;
495	pub fn i2d_X509_NAME(n: #[const_ptr_if(ossl300)] X509_NAME, buf: *mut *mut u8) -> c_int;
496	pub fn X509_NAME_ENTRY_get_object(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_OBJECT;
497	pub fn X509_NAME_ENTRY_get_data(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_STRING;
498	}
499	}
500	extern "C" {
501	pub fn X509_NAME_add_entry_by_txt(
502	x: *mut X509_NAME,
503	field: *const c_char,
504	ty: c_int,
505	bytes: *const c_uchar,
506	len: c_int,
507	loc: c_int,
508	set: c_int,
509	) -> c_int;
510	pub fn d2i_X509_NAME(
511	n: *mut *mut X509_NAME,
512	pp: *mut *const c_uchar,
513	length: c_long,
514	) -> *mut X509_NAME;
515	}
516
517	// "raw" X509_EXTENSION related functions
518	extern "C" {
519	// in X509
520	pub fn X509_delete_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION;
521	pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int;
522	pub fn X509_add1_ext_i2d(
523	x: *mut X509,
524	nid: c_int,
525	value: *mut c_void,
526	crit: c_int,
527	flags: c_ulong,
528	) -> c_int;
529	// in X509_CRL
530	pub fn X509_CRL_delete_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION;
531	pub fn X509_CRL_add_ext(x: *mut X509_CRL, ext: *mut X509_EXTENSION, loc: c_int) -> c_int;
532	pub fn X509_CRL_add1_ext_i2d(
533	x: *mut X509_CRL,
534	nid: c_int,
535	value: *mut c_void,
536	crit: c_int,
537	flags: c_ulong,
538	) -> c_int;
539	// in X509_REVOKED
540	pub fn X509_REVOKED_delete_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION;
541	pub fn X509_REVOKED_add_ext(
542	x: *mut X509_REVOKED,
543	ext: *mut X509_EXTENSION,
544	loc: c_int,
545	) -> c_int;
546	pub fn X509_REVOKED_add1_ext_i2d(
547	x: *mut X509_REVOKED,
548	nid: c_int,
549	value: *mut c_void,
550	crit: c_int,
551	flags: c_ulong,
552	) -> c_int;
553	// X509_EXTENSION stack
554	// - these getters always used const STACK*
555	pub fn X509v3_get_ext_count(x: *const stack_st_X509_EXTENSION) -> c_int;
556	pub fn X509v3_get_ext_by_NID(
557	x: *const stack_st_X509_EXTENSION,
558	nid: c_int,
559	lastpos: c_int,
560	) -> c_int;
561	pub fn X509v3_get_ext_by_critical(
562	x: *const stack_st_X509_EXTENSION,
563	crit: c_int,
564	lastpos: c_int,
565	) -> c_int;
566	pub fn X509v3_get_ext(x: *const stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION;
567	pub fn X509v3_delete_ext(x: *mut stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION;
568	pub fn X509v3_add_ext(
569	x: *mut *mut stack_st_X509_EXTENSION,
570	ex: *mut X509_EXTENSION,
571	loc: c_int,
572	) -> *mut stack_st_X509_EXTENSION;
573	// - X509V3_add1_i2d in x509v3.rs
574	// X509_EXTENSION itself
575	pub fn X509_EXTENSION_create_by_NID(
576	ex: *mut *mut X509_EXTENSION,
577	nid: c_int,
578	crit: c_int,
579	data: *mut ASN1_OCTET_STRING,
580	) -> *mut X509_EXTENSION;
581	pub fn X509_EXTENSION_set_critical(ex: *mut X509_EXTENSION, crit: c_int) -> c_int;
582	pub fn X509_EXTENSION_set_data(ex: *mut X509_EXTENSION, data: *mut ASN1_OCTET_STRING) -> c_int;
583	pub fn X509_EXTENSION_get_object(ext: *mut X509_EXTENSION) -> *mut ASN1_OBJECT;
584	pub fn X509_EXTENSION_get_data(ext: *mut X509_EXTENSION) -> *mut ASN1_OCTET_STRING;
585	}
586
587	const_ptr_api! {
588	extern "C" {
589	pub fn i2d_X509_EXTENSION(ext: #[const_ptr_if(ossl300)] X509_EXTENSION, pp: *mut *mut c_uchar) -> c_int;
590	}
591	}
592
593	const_ptr_api! {
594	extern "C" {
595	// in X509
596	pub fn X509_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> c_int;
597	pub fn X509_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509, nid: c_int, lastpos: c_int) -> c_int;
598	pub fn X509_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int;
599	pub fn X509_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509, crit: c_int, lastpos: c_int) -> c_int;
600	pub fn X509_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509, loc: c_int) -> *mut X509_EXTENSION;
601	pub fn X509_get_ext_d2i(
602	x: #[const_ptr_if(any(ossl110, libressl280))] X509,
603	nid: c_int,
604	crit: *mut c_int,
605	idx: *mut c_int,
606	) -> *mut c_void;
607	// in X509_CRL
608	pub fn X509_CRL_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL) -> c_int;
609	pub fn X509_CRL_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, nid: c_int, lastpos: c_int) -> c_int;
610	pub fn X509_CRL_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int;
611	pub fn X509_CRL_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, crit: c_int, lastpos: c_int) -> c_int;
612	pub fn X509_CRL_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, loc: c_int) -> *mut X509_EXTENSION;
613	pub fn X509_CRL_get_ext_d2i(
614	x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL,
615	nid: c_int,
616	crit: *mut c_int,
617	idx: *mut c_int,
618	) -> *mut c_void;
619	// in X509_REVOKED
620	pub fn X509_REVOKED_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED) -> c_int;
621	pub fn X509_REVOKED_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, nid: c_int, lastpos: c_int) -> c_int;
622	pub fn X509_REVOKED_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int;
623	pub fn X509_REVOKED_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, crit: c_int, lastpos: c_int) -> c_int;
624	pub fn X509_REVOKED_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION;
625	pub fn X509_REVOKED_get_ext_d2i(
626	x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED,
627	nid: c_int,
628	crit: *mut c_int,
629	idx: *mut c_int,
630	) -> *mut c_void;
631	// X509_EXTENSION stack
632	pub fn X509v3_get_ext_by_OBJ(x: *const stack_st_X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int;
633	// X509_EXTENSION itself
634	pub fn X509_EXTENSION_create_by_OBJ(ex: *mut *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION;
635	pub fn X509_EXTENSION_set_object(ex: *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT) -> c_int;
636	pub fn X509_EXTENSION_get_critical(ex: #[const_ptr_if(any(ossl110, libressl280))] X509_EXTENSION) -> c_int;
637	}
638	}
639
640	extern "C" {
641	pub fn X509_verify_cert(ctx: *mut X509_STORE_CTX) -> c_int;
642	}
643
644	const_ptr_api! {
645	extern "C" {
646	#[cfg(any(ossl110, libressl270))]
647	pub fn X509_STORE_get0_objects(ctx: #[const_ptr_if(ossl300)] X509_STORE) -> *mut stack_st_X509_OBJECT;
648	#[cfg(ossl300)]
649	pub fn X509_STORE_get1_all_certs(ctx: *mut X509_STORE) -> *mut stack_st_X509;
650	}
651	}
652
653	#[cfg(any(ossl110, libressl270))]
654	extern "C" {
655	pub fn X509_OBJECT_get0_X509(x: *const X509_OBJECT) -> *mut X509;
656	}
657
658	cfg_if! {
659	if #[cfg(any(ossl110, libressl350))] {
660	extern "C" {
661	pub fn X509_OBJECT_free(a: *mut X509_OBJECT);
662	}
663	} else {
664	extern "C" {
665	pub fn X509_OBJECT_free_contents(a: *mut X509_OBJECT);
666	}
667	}
668	}
669
670	extern "C" {
671	pub fn X509_get_default_cert_file_env() -> *const c_char;
672	pub fn X509_get_default_cert_file() -> *const c_char;
673	pub fn X509_get_default_cert_dir_env() -> *const c_char;
674	pub fn X509_get_default_cert_dir() -> *const c_char;
675	}
676
677	extern "C" {
678	pub fn X509_cmp(a: *const X509, b: *const X509) -> c_int;
679	pub fn X509_issuer_and_serial_cmp(a: *const X509, b: *const X509) -> c_int;
680	pub fn X509_issuer_name_cmp(a: *const X509, b: *const X509) -> c_int;
681	pub fn X509_subject_name_cmp(a: *const X509, b: *const X509) -> c_int;
682	pub fn X509_CRL_cmp(a: *const X509_CRL, b: *const X509_CRL) -> c_int;
683	pub fn X509_CRL_match(a: *const X509_CRL, b: *const X509_CRL) -> c_int;
684	}
685
686	extern "C" {
687	pub fn X509_print(bio: *mut BIO, x509: *mut X509) -> c_int;
688	pub fn X509_REQ_print(bio: *mut BIO, req: *mut X509_REQ) -> c_int;
689	}
690
691	cfg_if! {
692	if #[cfg(libressl390)] {
693	pub enum X509_PURPOSE {}
694	} else {
695	#[repr(C)]
696	pub struct X509_PURPOSE {
697	pub purpose: c_int,
698	pub trust: c_int, // Default trust ID
699	pub flags: c_int,
700	pub check_purpose:
701	Option<unsafe extern "C" fn(*const X509_PURPOSE, *const X509, c_int) -> c_int>,
702	pub name: *mut c_char,
703	pub sname: *mut c_char,
704	pub usr_data: *mut c_void,
705	}
706	}
707	}
708
709	const_ptr_api! {
710	extern "C" {
711	pub fn X509_PURPOSE_get_by_sname(sname: #[const_ptr_if(any(ossl110, libressl280))] c_char) -> c_int;
712	pub fn X509_PURPOSE_get_id(purpose: #[const_ptr_if(any(ossl110, libressl280))] X509_PURPOSE) -> c_int;
713	pub fn X509_PURPOSE_get0(idx: c_int) -> #[const_ptr_if(libressl390)] X509_PURPOSE;
714	}
715	}
716
717	extern "C" {
718	pub fn X509_ATTRIBUTE_new() -> *mut X509_ATTRIBUTE;
719	pub fn X509_ATTRIBUTE_free(attr: *mut X509_ATTRIBUTE);
720	pub fn X509_ATTRIBUTE_create(
721	nid: c_int,
722	atrtype: c_int,
723	value: *mut c_void,
724	) -> *mut X509_ATTRIBUTE;
725	pub fn X509_ATTRIBUTE_create_by_NID(
726	attr: *mut *mut X509_ATTRIBUTE,
727	nid: c_int,
728	atrtype: c_int,
729	data: *const c_void,
730	len: c_int,
731	) -> *mut X509_ATTRIBUTE;
732	pub fn X509_ATTRIBUTE_create_by_OBJ(
733	attr: *mut *mut X509_ATTRIBUTE,
734	obj: *const ASN1_OBJECT,
735	atrtype: c_int,
736	data: *const c_void,
737	len: c_int,
738	) -> *mut X509_ATTRIBUTE;
739	pub fn X509_ATTRIBUTE_create_by_txt(
740	attr: *mut *mut X509_ATTRIBUTE,
741	atrname: *const c_char,
742	atrtype: c_int,
743	bytes: *const c_uchar,
744	len: c_int,
745	) -> *mut X509_ATTRIBUTE;
746	pub fn X509_ATTRIBUTE_set1_object(attr: *mut X509_ATTRIBUTE, obj: *const ASN1_OBJECT) -> c_int;
747	pub fn X509_ATTRIBUTE_set1_data(
748	attr: *mut X509_ATTRIBUTE,
749	attrtype: c_int,
750	data: *const c_void,
751	len: c_int,
752	) -> c_int;
753	pub fn X509_ATTRIBUTE_get0_data(
754	attr: *mut X509_ATTRIBUTE,
755	idx: c_int,
756	atrtype: c_int,
757	data: *mut c_void,
758	) -> *mut c_void;
759	pub fn X509_ATTRIBUTE_get0_object(attr: *mut X509_ATTRIBUTE) -> *mut ASN1_OBJECT;
760	pub fn X509_ATTRIBUTE_get0_type(attr: *mut X509_ATTRIBUTE, idx: c_int) -> *mut ASN1_TYPE;
761	pub fn d2i_X509_ATTRIBUTE(
762	a: *mut *mut X509_ATTRIBUTE,
763	pp: *mut *const c_uchar,
764	length: c_long,
765	) -> *mut X509_ATTRIBUTE;
766	}
767	const_ptr_api! {
768	extern "C" {
769	pub fn X509_ATTRIBUTE_count(
770	attr: #[const_ptr_if(any(ossl110, libressl280))] X509_ATTRIBUTE // const since OpenSSL v1.1.0
771	) -> c_int;
772	pub fn i2d_X509_ATTRIBUTE(x: #[const_ptr_if(ossl300)] X509_ATTRIBUTE, buf: *mut *mut u8) -> c_int;
773	pub fn X509_ATTRIBUTE_dup(x: #[const_ptr_if(ossl300)] X509_ATTRIBUTE) -> *mut X509_ATTRIBUTE;
774	}
775	}
776