1 use libc::*;
2 
3 use super::*;
4 
5 pub const X509_V_OK: c_int = 0;
6 #[cfg(ossl102f)]
7 pub const X509_V_ERR_UNSPECIFIED: c_int = 1;
8 pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: c_int = 2;
9 pub const X509_V_ERR_UNABLE_TO_GET_CRL: c_int = 3;
10 pub const X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: c_int = 4;
11 pub const X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: c_int = 5;
12 pub const X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: c_int = 6;
13 pub const X509_V_ERR_CERT_SIGNATURE_FAILURE: c_int = 7;
14 pub const X509_V_ERR_CRL_SIGNATURE_FAILURE: c_int = 8;
15 pub const X509_V_ERR_CERT_NOT_YET_VALID: c_int = 9;
16 pub const X509_V_ERR_CERT_HAS_EXPIRED: c_int = 10;
17 pub const X509_V_ERR_CRL_NOT_YET_VALID: c_int = 11;
18 pub const X509_V_ERR_CRL_HAS_EXPIRED: c_int = 12;
19 pub const X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: c_int = 13;
20 pub const X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: c_int = 14;
21 pub const X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: c_int = 15;
22 pub const X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: c_int = 16;
23 pub const X509_V_ERR_OUT_OF_MEM: c_int = 17;
24 pub const X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: c_int = 18;
25 pub const X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: c_int = 19;
26 pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: c_int = 20;
27 pub const X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: c_int = 21;
28 pub const X509_V_ERR_CERT_CHAIN_TOO_LONG: c_int = 22;
29 pub const X509_V_ERR_CERT_REVOKED: c_int = 23;
30 cfg_if! {
31     if #[cfg(ossl300)] {
32         pub const X509_V_ERR_NO_ISSUER_PUBLIC_KEY: c_int = 24;
33     } else {
34         pub const X509_V_ERR_INVALID_CA: c_int = 24;
35     }
36 }
37 pub const X509_V_ERR_PATH_LENGTH_EXCEEDED: c_int = 25;
38 pub const X509_V_ERR_INVALID_PURPOSE: c_int = 26;
39 pub const X509_V_ERR_CERT_UNTRUSTED: c_int = 27;
40 pub const X509_V_ERR_CERT_REJECTED: c_int = 28;
41 pub const X509_V_ERR_SUBJECT_ISSUER_MISMATCH: c_int = 29;
42 pub const X509_V_ERR_AKID_SKID_MISMATCH: c_int = 30;
43 pub const X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: c_int = 31;
44 pub const X509_V_ERR_KEYUSAGE_NO_CERTSIGN: c_int = 32;
45 pub const X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: c_int = 33;
46 pub const X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: c_int = 34;
47 pub const X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: c_int = 35;
48 pub const X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: c_int = 36;
49 pub const X509_V_ERR_INVALID_NON_CA: c_int = 37;
50 pub const X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: c_int = 38;
51 pub const X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: c_int = 39;
52 pub const X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: c_int = 40;
53 pub const X509_V_ERR_INVALID_EXTENSION: c_int = 41;
54 pub const X509_V_ERR_INVALID_POLICY_EXTENSION: c_int = 42;
55 pub const X509_V_ERR_NO_EXPLICIT_POLICY: c_int = 43;
56 pub const X509_V_ERR_DIFFERENT_CRL_SCOPE: c_int = 44;
57 pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45;
58 pub const X509_V_ERR_UNNESTED_RESOURCE: c_int = 46;
59 pub const X509_V_ERR_PERMITTED_VIOLATION: c_int = 47;
60 pub const X509_V_ERR_EXCLUDED_VIOLATION: c_int = 48;
61 pub const X509_V_ERR_SUBTREE_MINMAX: c_int = 49;
62 pub const X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50;
63 pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: c_int = 51;
64 pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: c_int = 52;
65 pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53;
66 pub const X509_V_ERR_CRL_PATH_VALIDATION_ERROR: c_int = 54;
67 #[cfg(ossl102)]
68 pub const X509_V_ERR_SUITE_B_INVALID_VERSION: c_int = 56;
69 #[cfg(ossl102)]
70 pub const X509_V_ERR_SUITE_B_INVALID_ALGORITHM: c_int = 57;
71 #[cfg(ossl102)]
72 pub const X509_V_ERR_SUITE_B_INVALID_CURVE: c_int = 58;
73 #[cfg(ossl102)]
74 pub const X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: c_int = 59;
75 #[cfg(ossl102)]
76 pub const X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: c_int = 60;
77 #[cfg(ossl102)]
78 pub const X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: c_int = 61;
79 #[cfg(ossl102)]
80 pub const X509_V_ERR_HOSTNAME_MISMATCH: c_int = 62;
81 #[cfg(ossl102)]
82 pub const X509_V_ERR_EMAIL_MISMATCH: c_int = 63;
83 #[cfg(ossl102)]
84 pub const X509_V_ERR_IP_ADDRESS_MISMATCH: c_int = 64;
85 cfg_if! {
86     if #[cfg(ossl110)] {
87         pub const X509_V_ERR_DANE_NO_MATCH: c_int = 65;
88         pub const X509_V_ERR_EE_KEY_TOO_SMALL: c_int = 66;
89         pub const X509_V_ERR_CA_KEY_TOO_SMALL: c_int = 67;
90         pub const X509_V_ERR_CA_MD_TOO_WEAK: c_int = 68;
91         pub const X509_V_ERR_INVALID_CALL: c_int = 69;
92         pub const X509_V_ERR_STORE_LOOKUP: c_int = 70;
93         pub const X509_V_ERR_NO_VALID_SCTS: c_int = 71;
94     } else if #[cfg(ossl102h)] {
95         pub const X509_V_ERR_INVALID_CALL: c_int = 65;
96         pub const X509_V_ERR_STORE_LOOKUP: c_int = 66;
97         pub const X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION: c_int = 67;
98     }
99 }
100 #[cfg(ossl300)]
101 pub const X509_V_ERR_INVALID_CA: c_int = 79;
102 
103 #[cfg(not(any(ossl110, libressl370)))]
104 pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x1;
105 #[cfg(any(ossl110, libressl370))]
106 pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x0;
107 pub const X509_V_FLAG_USE_CHECK_TIME: c_ulong = 0x2;
108 pub const X509_V_FLAG_CRL_CHECK: c_ulong = 0x4;
109 pub const X509_V_FLAG_CRL_CHECK_ALL: c_ulong = 0x8;
110 pub const X509_V_FLAG_IGNORE_CRITICAL: c_ulong = 0x10;
111 pub const X509_V_FLAG_X509_STRICT: c_ulong = 0x20;
112 pub const X509_V_FLAG_ALLOW_PROXY_CERTS: c_ulong = 0x40;
113 pub const X509_V_FLAG_POLICY_CHECK: c_ulong = 0x80;
114 pub const X509_V_FLAG_EXPLICIT_POLICY: c_ulong = 0x100;
115 pub const X509_V_FLAG_INHIBIT_ANY: c_ulong = 0x200;
116 pub const X509_V_FLAG_INHIBIT_MAP: c_ulong = 0x400;
117 pub const X509_V_FLAG_NOTIFY_POLICY: c_ulong = 0x800;
118 pub const X509_V_FLAG_EXTENDED_CRL_SUPPORT: c_ulong = 0x1000;
119 pub const X509_V_FLAG_USE_DELTAS: c_ulong = 0x2000;
120 pub const X509_V_FLAG_CHECK_SS_SIGNATURE: c_ulong = 0x4000;
121 #[cfg(ossl102)]
122 pub const X509_V_FLAG_TRUSTED_FIRST: c_ulong = 0x8000;
123 #[cfg(ossl102)]
124 pub const X509_V_FLAG_SUITEB_128_LOS_ONLY: c_ulong = 0x10000;
125 #[cfg(ossl102)]
126 pub const X509_V_FLAG_SUITEB_192_LOS: c_ulong = 0x20000;
127 #[cfg(ossl102)]
128 pub const X509_V_FLAG_SUITEB_128_LOS: c_ulong = 0x30000;
129 #[cfg(ossl102)]
130 pub const X509_V_FLAG_PARTIAL_CHAIN: c_ulong = 0x80000;
131 #[cfg(ossl110)]
132 pub const X509_V_FLAG_NO_ALT_CHAINS: c_ulong = 0x100000;
133 #[cfg(ossl110)]
134 pub const X509_V_FLAG_NO_CHECK_TIME: c_ulong = 0x200000;
135 
X509_LOOKUP_add_dirnull136 pub unsafe fn X509_LOOKUP_add_dir(
137     ctx: *mut X509_LOOKUP,
138     name: *const c_char,
139     _type: c_int,
140 ) -> c_int {
141     const X509_L_ADD_DIR: c_int = 2;
142     X509_LOOKUP_ctrl(
143         ctx,
144         X509_L_ADD_DIR,
145         name,
146         _type as c_long,
147         std::ptr::null_mut(),
148     )
149 }
150