mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-05-07 00:46:17 +08:00
Add demos to CMake
This commit is contained in:
Zhi Guan
@@ -24,36 +24,6 @@
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
X509 Public API
|
||||
|
||||
x509_name_add_rdn
|
||||
x509_name_add_country_name
|
||||
x509_name_add_state_or_province_name
|
||||
x509_name_add_locality_name
|
||||
x509_name_add_organization_name
|
||||
x509_name_add_organizational_unit_name
|
||||
x509_name_add_common_name
|
||||
x509_name_add_domain_component
|
||||
x509_name_to_der
|
||||
x509_name_from_der
|
||||
x509_name_print
|
||||
x509_name_get_value_by_type
|
||||
x509_name_get_common_name
|
||||
|
||||
x509_cert_sign
|
||||
x509_cert_verify
|
||||
x509_cert_verify_by_ca_cert
|
||||
x509_cert_get_issuer_and_serial_number
|
||||
x509_cert_get_issuer
|
||||
x509_cert_get_subject
|
||||
x509_cert_get_subject_public_key
|
||||
x509_cert_to_der
|
||||
x509_cert_from_der
|
||||
x509_cert_to_pem
|
||||
x509_cert_from_pem
|
||||
x509_cert_print
|
||||
*/
|
||||
|
||||
enum X509_Version {
|
||||
X509_version_v1 = 0,
|
||||
@@ -114,23 +84,28 @@ AttributeTypeAndValue ::= SEQUENCE {
|
||||
value ANY -- DEFINED BY AttributeType }
|
||||
|
||||
id-at
|
||||
name DirectoryName 1..ub-name
|
||||
surname DirectoryName 1..ub-name
|
||||
givenName DirectoryName 1..ub-name
|
||||
initials DirectoryName 1..ub-name
|
||||
generationQualifier DirectoryName 1..ub-name
|
||||
commonName DirectoryName 1..ub-common-name
|
||||
localityName DirectoryName 1..ub-locality-name
|
||||
stateOrProvinceName DirectoryName 1..ub-state-name
|
||||
organizationName DirectoryName 1..ub-organization-name
|
||||
organizationalUnitName DirectoryName 1..ub-organizational-unit-name
|
||||
title DirectoryName 1..ub-title
|
||||
dnQualifier PrintableString N/A
|
||||
countryName PrintableString 2..2
|
||||
serialNumber PrintableString 1..ub-serial-number
|
||||
pseudonym DirectoryName 1..ub-pseudonym
|
||||
domainComponent IA5String N/A
|
||||
OID_at_name name DirectoryName 1..ub-name
|
||||
OID_at_surname surname DirectoryName 1..ub-name
|
||||
OID_at_given_name givenName DirectoryName 1..ub-name
|
||||
OID_at_initials initials DirectoryName 1..ub-name
|
||||
OID_at_generation_qualifier generationQualifier DirectoryName 1..ub-name
|
||||
OID_at_common_name commonName DirectoryName 1..ub-common-name
|
||||
OID_at_locality_name localityName DirectoryName 1..ub-locality-name
|
||||
OID_at_state_or_province_name stateOrProvinceName DirectoryName 1..ub-state-name
|
||||
OID_at_organization_name organizationName DirectoryName 1..ub-organization-name
|
||||
OID_at_organizational_unit_name organizationalUnitName DirectoryName 1..ub-organizational-unit-name
|
||||
OID_at_title title DirectoryName 1..ub-title
|
||||
OID_at_dn_qualifier dnQualifier PrintableString N/A
|
||||
OID_at_country_name countryName PrintableString 2..2
|
||||
OID_at_serial_number serialNumber PrintableString 1..ub-serial-number
|
||||
OID_at_pseudonym pseudonym DirectoryName 1..ub-pseudonym
|
||||
OID_domain_component domainComponent IA5String N/A
|
||||
*/
|
||||
const char *x509_name_type_name(int oid);
|
||||
int x509_name_type_from_name(const char *name);
|
||||
int x509_name_type_from_der(int *oid, const uint8_t **in, size_t *inlen);
|
||||
int x509_name_type_to_der(int oid, uint8_t **out, size_t *outlen);
|
||||
|
||||
#define X509_ub_name 32768
|
||||
#define X509_ub_common_name 64
|
||||
#define X509_ub_locality_name 128
|
||||
@@ -156,16 +131,6 @@ int x509_rdn_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t
|
||||
|
||||
/*
|
||||
Name ::= SEQUENCE OF RelativeDistinguishedName
|
||||
|
||||
Example:
|
||||
SEQUENCE LEN
|
||||
SET LEN
|
||||
SEQUENCE LEN OID=countryName, String=CN
|
||||
SET LEN
|
||||
SEQUENCE LEN OID=stateName, String=CN
|
||||
SEQUENCE LEN OID=unknown, String=ABC
|
||||
SET LEN
|
||||
SEQUENCE LEN OID=commonNmame, String=ABC
|
||||
*/
|
||||
int x509_name_add_rdn(uint8_t *d, size_t *dlen, size_t maxlen, int oid, int tag, const uint8_t *val, size_t vlen, const uint8_t *more, size_t mlen);
|
||||
int x509_name_add_country_name(uint8_t *d, size_t *dlen, size_t maxlen, const char val[2] ); // val: PrintableString SIZE(2)
|
||||
@@ -208,7 +173,30 @@ Extension ::= SEQUENCE {
|
||||
extnID OBJECT IDENTIFIER,
|
||||
critical BOOLEAN DEFAULT FALSE,
|
||||
extnValue OCTET STRING -- contains the DER encoding of an ASN.1 value
|
||||
|
||||
id-ce:
|
||||
OID_ce_authority_key_identifier
|
||||
OID_ce_subject_key_identifier
|
||||
OID_ce_key_usage
|
||||
OID_ce_certificate_policies
|
||||
OID_ce_policy_mappings
|
||||
OID_ce_subject_alt_name
|
||||
OID_ce_issuer_alt_name
|
||||
OID_ce_subject_directory_attributes
|
||||
OID_ce_basic_constraints
|
||||
OID_ce_name_constraints
|
||||
OID_ce_policy_constraints
|
||||
OID_ce_ext_key_usage
|
||||
OID_ce_crl_distribution_points
|
||||
OID_ce_inhibit_any_policy
|
||||
OID_ce_freshest_crl
|
||||
OID_netscape_cert_comment
|
||||
*/
|
||||
const char *x509_ext_id_name(int oid);
|
||||
int x509_ext_id_from_name(const char *name);
|
||||
int x509_ext_id_from_der(int *oid, uint32_t *nodes, size_t *nodes_count, const uint8_t **in, size_t *inlen);
|
||||
int x509_ext_id_to_der(int oid, uint8_t **out, size_t *outlen);
|
||||
|
||||
int x509_ext_to_der(int oid, int critical, const uint8_t *val, size_t vlen, uint8_t **out, size_t *outlen);
|
||||
int x509_ext_from_der(int *oid, uint32_t *nodes, size_t *nodes_cnt, int *critical, const uint8_t **val, size_t *vlen, const uint8_t **in, size_t *inlen);
|
||||
int x509_ext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
@@ -286,11 +274,6 @@ int x509_certificate_from_der(
|
||||
const uint8_t **sig, size_t *siglen,
|
||||
const uint8_t **in, size_t *inlen);
|
||||
|
||||
int x509_signed_to_der(
|
||||
const uint8_t *tbs, size_t tbslen,
|
||||
int signature_algor,
|
||||
const uint8_t *sig, size_t siglen,
|
||||
uint8_t **out, size_t *outlen);
|
||||
int x509_signed_from_der(
|
||||
const uint8_t **tbs, size_t *tbslen,
|
||||
int *signature_algor,
|
||||
@@ -301,8 +284,6 @@ int x509_signed_verify(const uint8_t *a, size_t alen, const SM2_KEY *pub_key,
|
||||
int x509_signed_verify_by_ca_cert(const uint8_t *a, size_t alen, const uint8_t *cacert, size_t cacertlen,
|
||||
const char *signer_id, size_t signer_id_len);
|
||||
|
||||
//int x509_certificate_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
// x509_cert functions
|
||||
int x509_cert_sign_to_der(
|
||||
int version,
|
||||
@@ -317,22 +298,6 @@ int x509_cert_sign_to_der(
|
||||
const uint8_t *exts, size_t exts_len,
|
||||
const SM2_KEY *sign_key, const char *signer_id, size_t signer_id_len,
|
||||
uint8_t **out, size_t *outlen);
|
||||
/*
|
||||
int x509_cert_sign(
|
||||
uint8_t *cert, size_t *certlen, size_t maxlen,
|
||||
int version,
|
||||
const uint8_t *serial, size_t serial_len,
|
||||
int signature_algor,
|
||||
const uint8_t *issuer, size_t issuer_len,
|
||||
time_t not_before, time_t not_after,
|
||||
const uint8_t *subject, size_t subject_len,
|
||||
const SM2_KEY *subject_public_key,
|
||||
const uint8_t *issuer_unique_id, size_t issuer_unique_id_len,
|
||||
const uint8_t *subject_unique_id, size_t subject_unique_id_len,
|
||||
const uint8_t *exts, size_t exts_len,
|
||||
const SM2_KEY *sign_key,
|
||||
const char *signer_id, size_t signer_id_len);
|
||||
*/
|
||||
|
||||
int x509_cert_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen);
|
||||
int x509_cert_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen);
|
||||
@@ -357,9 +322,20 @@ int x509_cert_get_details(const uint8_t *a, size_t alen,
|
||||
const uint8_t **extensions, size_t *extensions_len,
|
||||
int *signature_algor,
|
||||
const uint8_t **signature, size_t *signature_len);
|
||||
int x509_cert_check(const uint8_t *cert, size_t certlen, int cert_type, int *path_len_constraints);
|
||||
|
||||
|
||||
typedef enum {
|
||||
X509_cert_server_auth,
|
||||
X509_cert_client_auth,
|
||||
X509_cert_server_key_encipher,
|
||||
X509_cert_client_key_encipher,
|
||||
X509_cert_ca,
|
||||
X509_cert_root_ca,
|
||||
X509_cert_crl_sign,
|
||||
} X509_CERT_TYPE;
|
||||
|
||||
int x509_cert_check(const uint8_t *cert, size_t certlen, int cert_type, int *path_len_constraints);
|
||||
|
||||
/*
|
||||
IssuerAndSerialNumber ::= SEQUENCE {
|
||||
isser Name,
|
||||
@@ -390,20 +366,12 @@ int x509_certs_get_cert_by_issuer_and_serial_number(
|
||||
const uint8_t *serial, size_t serial_len,
|
||||
const uint8_t **cert, size_t *cert_len);
|
||||
|
||||
|
||||
typedef enum {
|
||||
X509_verify_err_cert_revoked = -2,
|
||||
X509_verify_err_cert_not_yet_valid = -3,
|
||||
X509_verify_err_cert_has_expired = -4,
|
||||
X509_verify_err_cert_chain_too_long = -5,
|
||||
} X509_VERIFY_ERR;
|
||||
|
||||
typedef enum {
|
||||
X509_cert_chain_server,
|
||||
X509_cert_chain_client,
|
||||
} X509_CERT_CHAIN_TYPE;
|
||||
|
||||
#define X509_MAX_VERIFY_DEPTH 6 // TODO: any requirement from CA/B or OpenSSL?
|
||||
#define X509_MAX_VERIFY_DEPTH 6
|
||||
int x509_certs_verify(const uint8_t *certs, size_t certslen, int certs_type,
|
||||
const uint8_t *rootcerts, size_t rootcertslen, int depth, int *verify_result);
|
||||
int x509_certs_verify_tlcp(const uint8_t *certs, size_t certslen, int certs_type,
|
||||
@@ -416,18 +384,6 @@ int x509_cert_new_from_file(uint8_t **out, size_t *outlen, const char *file);
|
||||
int x509_certs_new_from_file(uint8_t **out, size_t *outlen, const char *file);
|
||||
|
||||
|
||||
typedef enum {
|
||||
X509_cert_server_auth,
|
||||
X509_cert_client_auth,
|
||||
X509_cert_server_key_encipher,
|
||||
X509_cert_client_key_encipher,
|
||||
X509_cert_ca,
|
||||
X509_cert_root_ca,
|
||||
X509_cert_crl_sign,
|
||||
} X509_CERT_TYPE;
|
||||
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -57,18 +57,17 @@ int x509_crl_entry_ext_id_from_name(const char *name);
|
||||
int x509_crl_entry_ext_id_to_der(int oid, uint8_t **out, size_t *outlen);
|
||||
int x509_crl_entry_ext_id_from_der(int *oid, const uint8_t **in, size_t *inlen);
|
||||
|
||||
int x509_crl_entry_ext_critical_check(int oid, int critical);
|
||||
|
||||
|
||||
int x509_crl_entry_ext_to_der(int oid, int critical, const uint8_t *val, size_t vlen, uint8_t **out, size_t *outlen);
|
||||
int x509_crl_entry_ext_from_der(int *oid, int *critical, const uint8_t **val, size_t *vlen, const uint8_t **in, size_t *inlen);
|
||||
int x509_crl_entry_ext_critical_check(int oid, int critical);
|
||||
int x509_crl_entry_ext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
int x509_crl_reason_ext_to_der(int critical, int reason, uint8_t **out, size_t *outlen);
|
||||
int x509_invalidity_date_ext_to_der(int critical, time_t date, uint8_t **out, size_t *outlen);
|
||||
int x509_cert_issuer_ext_to_der(int critical, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen);
|
||||
int x509_crl_entry_ext_from_der(int *oid, int *critical, const uint8_t **val, size_t *vlen, const uint8_t **in, size_t *inlen);
|
||||
int x509_crl_entry_ext_from_der_ex(int *oid, int *critical,
|
||||
int *reason, time_t *invalid_date, const uint8_t **cert_issuer, size_t *cert_issuer_len,
|
||||
const uint8_t **in, size_t *inlen);
|
||||
int x509_crl_entry_ext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
int x509_crl_entry_exts_to_der(
|
||||
int reason, time_t invalid_date, const uint8_t *cert_issuer, size_t cert_issuer_len,
|
||||
@@ -81,7 +80,6 @@ int x509_crl_entry_exts_get(const uint8_t *d, size_t dlen,
|
||||
int x509_crl_entry_exts_check(const uint8_t *d, size_t dlen);
|
||||
int x509_crl_entry_exts_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
|
||||
/*
|
||||
RevokedCertificate ::= SEQUENCE {
|
||||
userCertificate CertificateSerialNumber,
|
||||
@@ -143,7 +141,6 @@ IssuingDistributionPoint ::= SEQUENCE {
|
||||
indirectCRL [4] IMPLICIT BOOLEAN DEFAULT FALSE,
|
||||
onlyContainsAttributeCerts [5] IMPLICIT BOOLEAN DEFAULT FALSE }
|
||||
*/
|
||||
|
||||
int x509_issuing_distribution_point_to_der(
|
||||
const char *dist_point_uri, size_t dist_point_uri_len,
|
||||
int only_contains_user_certs,
|
||||
@@ -162,11 +159,11 @@ int x509_issuing_distribution_point_from_der(
|
||||
const uint8_t **in, size_t *inlen);
|
||||
int x509_issuing_distribution_point_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
int x509_crl_ext_critical_check(int oid, int critical);
|
||||
int x509_crl_ext_to_der(int oid, int critical, const uint8_t *val, size_t vlen, uint8_t **out, size_t *outlen);
|
||||
int x509_crl_ext_from_der_ex(int *oid, uint32_t *nodes, size_t *nodes_cnt,
|
||||
int *critical, const uint8_t **val, size_t *vlen,
|
||||
const uint8_t **in, size_t *inlen);
|
||||
int x509_crl_ext_critical_check(int oid, int critical);
|
||||
int x509_crl_ext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
|
||||
@@ -211,12 +208,11 @@ int x509_crl_exts_add_authority_info_acess(
|
||||
const char *ca_issuers_uri, size_t ca_issuers_urilen,
|
||||
const char *ocsp_uri, size_t ocsp_urilen);
|
||||
|
||||
int x509_crl_exts_check(const uint8_t *d, size_t dlen);
|
||||
#define x509_crl_exts_to_der(d,dlen,out,outlen) x509_explicit_exts_to_der(0,d,dlen,out,outlen)
|
||||
#define x509_crl_exts_from_der(d,dlen,in,inlen) x509_explicit_exts_from_der(0,d,dlen,in,inlen)
|
||||
int x509_crl_exts_check(const uint8_t *d, size_t dlen);
|
||||
int x509_crl_exts_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
|
||||
/*
|
||||
TBSCertList ::= SEQUENCE {
|
||||
version INTEGER OPTIONAL, -- if present, MUST be v2
|
||||
@@ -253,8 +249,6 @@ CertificateList ::= SEQUENCE {
|
||||
signatureAlgorithm AlgorithmIdentifier,
|
||||
signatureValue BIT STRING }
|
||||
*/
|
||||
|
||||
// x509_crl_ functions
|
||||
int x509_crl_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen);
|
||||
int x509_crl_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen);
|
||||
int x509_crl_to_pem(const uint8_t *a, size_t alen, FILE *fp);
|
||||
@@ -300,8 +294,8 @@ int x509_crl_get_revoked_certs(const uint8_t *a, size_t alen, const uint8_t **d,
|
||||
int x509_crl_find_revoked_cert_by_serial_number(const uint8_t *a, size_t alen,
|
||||
const uint8_t *serial, size_t serial_len, time_t *revoke_date,
|
||||
const uint8_t **entry_exts, size_t *entry_exts_len);
|
||||
int x509_crls_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
int x509_crls_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
|
||||
int x509_crl_new_from_uri(uint8_t **crl, size_t *crl_len, const char *uri, size_t urilen);
|
||||
int x509_crl_new_from_cert(uint8_t **crl, size_t *crl_len, const uint8_t *cert, size_t certlen);
|
||||
|
||||
@@ -116,12 +116,12 @@ int x509_edi_party_name_print(FILE *fp, int fmt, int ind, const char *label, con
|
||||
|
||||
/*
|
||||
GeneralName ::= CHOICE {
|
||||
otherName [0] IMPLICIT OtherName, -- 只在GeneralName中出现
|
||||
otherName [0] IMPLICIT OtherName, -- Only in GeneralName
|
||||
rfc822Name [1] IMPLICIT IA5String,
|
||||
dNSName [2] IMPLICIT IA5String,
|
||||
x400Address [3] IMPLICIT ORAddress,
|
||||
directoryName [4] IMPLICIT Name, -- SEQENCE OF,因此是d,dlen
|
||||
ediPartyName [5] IMPLICIT EDIPartyName, -- 只在GeneralName中出现
|
||||
directoryName [4] IMPLICIT Name, -- SEQENCE OF
|
||||
ediPartyName [5] IMPLICIT EDIPartyName, -- Only in GeneralName
|
||||
uniformResourceIdentifier [6] IMPLICIT IA5String,
|
||||
iPAddress [7] IMPLICIT OCTET STRING, -- 4 bytes or string?
|
||||
registeredID [8] IMPLICIT OBJECT IDENTIFIER }
|
||||
@@ -276,10 +276,19 @@ PolicyQualifierInfo ::= SEQUENCE {
|
||||
policyQualifierId PolicyQualifierId,
|
||||
qualifier ANY DEFINED BY policyQualifierId }
|
||||
|
||||
id-qt
|
||||
OID_qt_cps
|
||||
OID_qt_unotice
|
||||
|
||||
switch(policyQualifierId)
|
||||
case id-qt-cps : qualifier ::= IA5String
|
||||
case id-qt-unotice : qualifier ::= UserNotice
|
||||
*/
|
||||
const char *x509_qualifier_id_name(int oid);
|
||||
int x509_qualifier_id_from_name(const char *name);
|
||||
int x509_qualifier_id_from_der(int *oid, const uint8_t **in, size_t *inlen);
|
||||
int x509_qualifier_id_to_der(int oid, uint8_t **out, size_t *outlen);
|
||||
|
||||
int x509_policy_qualifier_info_to_der(
|
||||
int oid,
|
||||
const uint8_t *qualifier, size_t qualifier_len,
|
||||
@@ -300,7 +309,13 @@ PolicyInformation ::= SEQUENCE {
|
||||
policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL }
|
||||
|
||||
CertPolicyId ::= OBJECT IDENTIFIER -- undefined
|
||||
|
||||
OID_any_policy
|
||||
*/
|
||||
char *x509_cert_policy_id_name(int oid);
|
||||
int x509_cert_policy_id_from_name(const char *name);
|
||||
int x509_cert_policy_id_from_der(int *oid, uint32_t *nodes, size_t *nodes_cnt, const uint8_t **in, size_t *inlen);
|
||||
int x509_cert_policy_id_to_der(int oid, const uint32_t *nodes, size_t nodes_cnt, uint8_t **out, size_t *outlen);
|
||||
|
||||
int x509_policy_information_to_der(
|
||||
int policy_oid, const uint32_t *policy_nodes, size_t policy_nodes_cnt,
|
||||
@@ -413,8 +428,7 @@ int x509_general_subtree_print(FILE *fp, int fmt, int ind, const char *label, co
|
||||
/*
|
||||
GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
|
||||
*/
|
||||
// 应该参考general_names_add_xxx来改写这个函数,只是不知道这个函数用的多不多
|
||||
int x509_general_subtrees_add_general_subtree(uint8_t *d, size_t *dlen, size_t maxlen, // 这个功能和general_names很类似,只是多了一点点内容
|
||||
int x509_general_subtrees_add_general_subtree(uint8_t *d, size_t *dlen, size_t maxlen,
|
||||
int base_choice, const uint8_t *base, size_t base_len,
|
||||
int minimum, int maximum);
|
||||
int x509_general_subtrees_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen);
|
||||
@@ -453,6 +467,7 @@ ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
|
||||
|
||||
KeyPurposeId:
|
||||
OID_any_extended_key_usage
|
||||
id-kp
|
||||
OID_kp_server_auth
|
||||
OID_kp_client_auth
|
||||
OID_kp_code_signing
|
||||
@@ -461,6 +476,12 @@ KeyPurposeId:
|
||||
OID_kp_ocsp_signing
|
||||
*/
|
||||
#define X509_MAX_KEY_PURPOSES 7
|
||||
const char *x509_key_purpose_name(int oid);
|
||||
const char *x509_key_purpose_text(int oid);
|
||||
int x509_key_purpose_from_name(const char *name);
|
||||
int x509_key_purpose_from_der(int *oid, const uint8_t **in, size_t *inlen);
|
||||
int x509_key_purpose_to_der(int oid, uint8_t **out, size_t *outlen);
|
||||
|
||||
int x509_ext_key_usage_to_der(const int *oids, size_t oids_cnt, uint8_t **out, size_t *outlen);
|
||||
int x509_ext_key_usage_from_der(int *oids, size_t *oids_cnt, size_t max_cnt, const uint8_t **in, size_t *inlen);
|
||||
int x509_ext_key_usage_check(const int *oids, size_t oids_cnt, int cert_type);
|
||||
|
||||
@@ -1,112 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the License); you may
|
||||
* not use this file except in compliance with the License.
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*/
|
||||
|
||||
|
||||
#ifndef GMSSL_X509_OID_H
|
||||
#define GMSSL_X509_OID_H
|
||||
|
||||
|
||||
#include <time.h>
|
||||
#include <string.h>
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
#include <gmssl/sm2.h>
|
||||
#include <gmssl/oid.h>
|
||||
#include <gmssl/asn1.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
id-at:
|
||||
OID_at_name
|
||||
OID_at_surname
|
||||
OID_at_given_name
|
||||
OID_at_initials
|
||||
OID_at_generation_qualifier
|
||||
OID_at_common_name
|
||||
OID_at_locality_name
|
||||
OID_at_state_or_province_name
|
||||
OID_at_organization_name
|
||||
OID_at_organizational_unit_name
|
||||
OID_at_title
|
||||
OID_at_dn_qualifier
|
||||
OID_at_country_name
|
||||
OID_at_serial_number
|
||||
OID_at_pseudonym
|
||||
OID_domain_component
|
||||
*/
|
||||
const char *x509_name_type_name(int oid);
|
||||
int x509_name_type_from_name(const char *name);
|
||||
int x509_name_type_from_der(int *oid, const uint8_t **in, size_t *inlen);
|
||||
int x509_name_type_to_der(int oid, uint8_t **out, size_t *outlen);
|
||||
|
||||
/*
|
||||
id-ce:
|
||||
OID_ce_authority_key_identifier
|
||||
OID_ce_subject_key_identifier
|
||||
OID_ce_key_usage
|
||||
OID_ce_certificate_policies
|
||||
OID_ce_policy_mappings
|
||||
OID_ce_subject_alt_name
|
||||
OID_ce_issuer_alt_name
|
||||
OID_ce_subject_directory_attributes
|
||||
OID_ce_basic_constraints
|
||||
OID_ce_name_constraints
|
||||
OID_ce_policy_constraints
|
||||
OID_ce_ext_key_usage
|
||||
OID_ce_crl_distribution_points
|
||||
OID_ce_inhibit_any_policy
|
||||
OID_ce_freshest_crl
|
||||
OID_netscape_cert_comment
|
||||
*/
|
||||
const char *x509_ext_id_name(int oid);
|
||||
int x509_ext_id_from_name(const char *name);
|
||||
int x509_ext_id_from_der(int *oid, uint32_t *nodes, size_t *nodes_count, const uint8_t **in, size_t *inlen);
|
||||
int x509_ext_id_to_der(int oid, uint8_t **out, size_t *outlen);
|
||||
|
||||
/*
|
||||
id-qt
|
||||
OID_qt_cps
|
||||
OID_qt_unotice
|
||||
*/
|
||||
const char *x509_qualifier_id_name(int oid);
|
||||
int x509_qualifier_id_from_name(const char *name);
|
||||
int x509_qualifier_id_from_der(int *oid, const uint8_t **in, size_t *inlen);
|
||||
int x509_qualifier_id_to_der(int oid, uint8_t **out, size_t *outlen);
|
||||
|
||||
/*
|
||||
OID_any_policy
|
||||
*/
|
||||
char *x509_cert_policy_id_name(int oid);
|
||||
int x509_cert_policy_id_from_name(const char *name);
|
||||
int x509_cert_policy_id_from_der(int *oid, uint32_t *nodes, size_t *nodes_cnt, const uint8_t **in, size_t *inlen);
|
||||
int x509_cert_policy_id_to_der(int oid, const uint32_t *nodes, size_t nodes_cnt, uint8_t **out, size_t *outlen);
|
||||
|
||||
/*
|
||||
OID_any_extended_key_usage
|
||||
id-kp
|
||||
OID_kp_server_auth
|
||||
OID_kp_client_auth
|
||||
OID_kp_code_signing
|
||||
OID_kp_email_protection
|
||||
OID_kp_time_stamping
|
||||
OID_kp_ocsp_signing
|
||||
*/
|
||||
const char *x509_key_purpose_name(int oid);
|
||||
const char *x509_key_purpose_text(int oid);
|
||||
int x509_key_purpose_from_name(const char *name);
|
||||
int x509_key_purpose_from_der(int *oid, const uint8_t **in, size_t *inlen);
|
||||
int x509_key_purpose_to_der(int oid, uint8_t **out, size_t *outlen);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
@@ -67,9 +67,10 @@ int x509_req_get_details(const uint8_t *req, size_t reqlen,
|
||||
const uint8_t **signature, size_t *signature_len);
|
||||
int x509_req_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen);
|
||||
int x509_req_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen);
|
||||
int x509_req_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *req, size_t reqlen);
|
||||
int x509_req_to_pem(const uint8_t *req, size_t reqlen, FILE *fp);
|
||||
int x509_req_from_pem(uint8_t *req, size_t *reqlen, size_t maxlen, FILE *fp);
|
||||
int x509_req_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *req, size_t reqlen);
|
||||
|
||||
int x509_req_new_from_pem(uint8_t **req, size_t *reqlen, FILE *fp);
|
||||
int x509_req_new_from_file(uint8_t **req, size_t *reqlen, const char *file);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user