1use crate::ffi_types::*;
2
3use crate::pubkey::{botan_privkey_t, botan_pubkey_t};
4use crate::rng::botan_rng_t;
5
6#[cfg(botan_ffi_20260303)]
7use crate::mp::botan_mp_t;
8
9#[cfg(botan_ffi_20260303)]
10use crate::oid::botan_asn1_oid_t;
11
12pub enum botan_x509_cert_struct {}
13pub type botan_x509_cert_t = *mut botan_x509_cert_struct;
14
15pub enum botan_x509_crl_struct {}
16pub type botan_x509_crl_t = *mut botan_x509_crl_struct;
17
18#[cfg(botan_ffi_20260303)]
19pub enum botan_x509_crl_entry_struct {}
20#[cfg(botan_ffi_20260303)]
21pub type botan_x509_crl_entry_t = *mut botan_x509_crl_entry_struct;
22
23#[cfg(botan_ffi_20260303)]
24pub enum botan_x509_general_name_struct {}
25#[cfg(botan_ffi_20260303)]
26pub type botan_x509_general_name_t = *mut botan_x509_general_name_struct;
27
28#[repr(u32)]
29#[allow(clippy::upper_case_acronyms)]
30pub enum X509KeyConstraints {
31 NO_CONSTRAINTS = 0,
32 DIGITAL_SIGNATURE = 32768,
33 NON_REPUDIATION = 16384,
34 KEY_ENCIPHERMENT = 8192,
35 DATA_ENCIPHERMENT = 4096,
36 KEY_AGREEMENT = 2048,
37 KEY_CERT_SIGN = 1024,
38 CRL_SIGN = 512,
39 ENCIPHER_ONLY = 256,
40 DECIPHER_ONLY = 128,
41}
42
43#[cfg(botan_ffi_20260303)]
44#[repr(i32)]
45pub enum X509ValueType {
46 BOTAN_X509_SERIAL_NUMBER = 0,
47 BOTAN_X509_SUBJECT_DN_BITS = 1,
48 BOTAN_X509_ISSUER_DN_BITS = 2,
49 BOTAN_X509_SUBJECT_KEY_IDENTIFIER = 3,
50 BOTAN_X509_AUTHORITY_KEY_IDENTIFIER = 4,
51 BOTAN_X509_PUBLIC_KEY_PKCS8_BITS = 200,
52 BOTAN_X509_TBS_DATA_BITS = 201,
53 BOTAN_X509_SIGNATURE_SCHEME_BITS = 202,
54 BOTAN_X509_SIGNATURE_BITS = 203,
55 BOTAN_X509_DER_ENCODING = 300,
56 BOTAN_X509_PEM_ENCODING = 301,
57 BOTAN_X509_CRL_DISTRIBUTION_URLS = 400,
58 BOTAN_X509_OCSP_RESPONDER_URLS = 401,
59 BOTAN_X509_CA_ISSUERS_URLS = 402,
60}
61
62#[cfg(botan_ffi_20260303)]
63#[repr(i32)]
64pub enum X509GeneralNameType {
65 BOTAN_X509_OTHER_NAME = 0,
66 BOTAN_X509_EMAIL_ADDRESS = 1,
67 BOTAN_X509_DNS_NAME = 2,
68 BOTAN_X509_DIRECTORY_NAME = 4,
69 BOTAN_X509_URI = 6,
70 BOTAN_X509_IP_ADDRESS = 7,
71}
72
73#[cfg(botan_ffi_20260303)]
74#[repr(i32)]
75pub enum X509CrlReasonCode {
76 BOTAN_CRL_ENTRY_UNSPECIFIED = 0,
77 BOTAN_CRL_ENTRY_KEY_COMPROMISE = 1,
78 BOTAN_CRL_ENTRY_CA_COMPROMISE = 2,
79 BOTAN_CRL_ENTRY_AFFILIATION_CHANGED = 3,
80 BOTAN_CRL_ENTRY_SUPERSEDED = 4,
81 BOTAN_CRL_ENTRY_CESSATION_OF_OPERATION = 5,
82 BOTAN_CRL_ENTRY_CERTIFICATE_HOLD = 6,
83 BOTAN_CRL_ENTRY_REMOVE_FROM_CRL = 8,
84 BOTAN_CRL_ENTRY_PRIVILEGE_WITHDRAWN = 9,
85 BOTAN_CRL_ENTRY_AA_COMPROMISE = 10,
86}
87
88#[cfg(botan_ffi_20260303)]
89impl TryFrom<i32> for X509CrlReasonCode {
90 type Error = ();
91
92 fn try_from(value: i32) -> core::result::Result<Self, Self::Error> {
93 match value {
94 0 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_UNSPECIFIED),
95 1 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_KEY_COMPROMISE),
96 2 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_CA_COMPROMISE),
97 3 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_AFFILIATION_CHANGED),
98 4 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_SUPERSEDED),
99 5 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_CESSATION_OF_OPERATION),
100 6 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_CERTIFICATE_HOLD),
101 8 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_REMOVE_FROM_CRL),
102 9 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_PRIVILEGE_WITHDRAWN),
103 10 => Ok(X509CrlReasonCode::BOTAN_CRL_ENTRY_AA_COMPROMISE),
104 _ => Err(()),
105 }
106 }
107}
108
109unsafe extern "C" {
110 pub fn botan_x509_cert_load(
111 cert_obj: *mut botan_x509_cert_t,
112 cert: *const u8,
113 cert_len: usize,
114 ) -> c_int;
115 pub fn botan_x509_cert_dup(cert_obj: *mut botan_x509_cert_t, cert: botan_x509_cert_t) -> c_int;
116 pub fn botan_x509_cert_load_file(
117 cert_obj: *mut botan_x509_cert_t,
118 filename: *const c_char,
119 ) -> c_int;
120 pub fn botan_x509_cert_destroy(cert: botan_x509_cert_t) -> c_int;
121
122 #[cfg(botan_ffi_20260303)]
123 pub fn botan_x509_cert_view_binary_values(
124 cert: botan_x509_cert_t,
125 value_type: c_int,
126 index: usize,
127 ctx: botan_view_ctx,
128 view: botan_view_bin_fn,
129 ) -> c_int;
130
131 #[cfg(botan_ffi_20260303)]
132 pub fn botan_x509_cert_view_binary_values_count(
133 cert: botan_x509_cert_t,
134 value_type: c_int,
135 count: *mut usize,
136 ) -> c_int;
137
138 #[cfg(botan_ffi_20260303)]
139 pub fn botan_x509_cert_view_string_values(
140 cert: botan_x509_cert_t,
141 value_type: c_int,
142 index: usize,
143 ctx: botan_view_ctx,
144 view: botan_view_str_fn,
145 ) -> c_int;
146
147 #[cfg(botan_ffi_20260303)]
148 pub fn botan_x509_cert_view_string_values_count(
149 cert: botan_x509_cert_t,
150 value_type: c_int,
151 count: *mut usize,
152 ) -> c_int;
153
154 pub fn botan_x509_cert_get_time_starts(
155 cert: botan_x509_cert_t,
156 out: *mut c_char,
157 out_len: *mut usize,
158 ) -> c_int;
159 pub fn botan_x509_cert_get_time_expires(
160 cert: botan_x509_cert_t,
161 out: *mut c_char,
162 out_len: *mut usize,
163 ) -> c_int;
164 pub fn botan_x509_cert_not_before(cert: botan_x509_cert_t, timestamp: *mut u64) -> c_int;
165 pub fn botan_x509_cert_not_after(cert: botan_x509_cert_t, timestamp: *mut u64) -> c_int;
166 pub fn botan_x509_cert_get_fingerprint(
167 cert: botan_x509_cert_t,
168 hash: *const c_char,
169 out: *mut u8,
170 out_len: *mut usize,
171 ) -> c_int;
172 pub fn botan_x509_cert_get_serial_number(
173 cert: botan_x509_cert_t,
174 out: *mut u8,
175 out_len: *mut usize,
176 ) -> c_int;
177
178 #[cfg(botan_ffi_20260303)]
179 pub fn botan_x509_cert_serial_number(
180 cert: botan_x509_cert_t,
181 serial_number: *mut botan_mp_t,
182 ) -> c_int;
183
184 pub fn botan_x509_cert_get_authority_key_id(
185 cert: botan_x509_cert_t,
186 out: *mut u8,
187 out_len: *mut usize,
188 ) -> c_int;
189 pub fn botan_x509_cert_get_subject_key_id(
190 cert: botan_x509_cert_t,
191 out: *mut u8,
192 out_len: *mut usize,
193 ) -> c_int;
194 pub fn botan_x509_cert_get_public_key_bits(
195 cert: botan_x509_cert_t,
196 out: *mut u8,
197 out_len: *mut usize,
198 ) -> c_int;
199
200 #[cfg(botan_ffi_20230403)]
201 pub fn botan_x509_cert_view_public_key_bits(
202 cert: botan_x509_cert_t,
203 view_ctx: botan_view_ctx,
204 view_fn: botan_view_bin_fn,
205 ) -> c_int;
206
207 pub fn botan_x509_cert_get_public_key(
208 cert: botan_x509_cert_t,
209 key: *mut botan_pubkey_t,
210 ) -> c_int;
211
212 #[cfg(botan_ffi_20260303)]
213 pub fn botan_x509_cert_is_ca(cert: botan_x509_cert_t) -> c_int;
214
215 #[cfg(botan_ffi_20260303)]
216 pub fn botan_x509_cert_get_path_length_constraint(
217 cert: botan_x509_cert_t,
218 path_limit: *mut usize,
219 ) -> c_int;
220
221 pub fn botan_x509_cert_get_issuer_dn(
222 cert: botan_x509_cert_t,
223 key: *const c_char,
224 index: usize,
225 out: *mut u8,
226 out_len: *mut usize,
227 ) -> c_int;
228
229 #[cfg(botan_ffi_20260303)]
230 pub fn botan_x509_cert_get_issuer_dn_count(
231 cert: botan_x509_cert_t,
232 key: *const c_char,
233 count: *mut usize,
234 ) -> c_int;
235
236 pub fn botan_x509_cert_get_subject_dn(
237 cert: botan_x509_cert_t,
238 key: *const c_char,
239 index: usize,
240 out: *mut u8,
241 out_len: *mut usize,
242 ) -> c_int;
243
244 #[cfg(botan_ffi_20260303)]
245 pub fn botan_x509_cert_get_subject_dn_count(
246 cert: botan_x509_cert_t,
247 key: *const c_char,
248 count: *mut usize,
249 ) -> c_int;
250
251 pub fn botan_x509_cert_to_string(
252 cert: botan_x509_cert_t,
253 out: *mut c_char,
254 out_len: *mut usize,
255 ) -> c_int;
256
257 #[cfg(botan_ffi_20230403)]
258 pub fn botan_x509_cert_view_as_string(
259 cert: botan_x509_cert_t,
260 view_ctx: botan_view_ctx,
261 view_fn: botan_view_str_fn,
262 ) -> c_int;
263
264 pub fn botan_x509_cert_allowed_usage(cert: botan_x509_cert_t, key_usage: c_uint) -> c_int;
265
266 #[cfg(botan_ffi_20260303)]
267 pub fn botan_x509_cert_allowed_extended_usage_str(
268 cert: botan_x509_cert_t,
269 oid: *const c_char,
270 ) -> c_int;
271
272 #[cfg(botan_ffi_20260303)]
273 pub fn botan_x509_cert_allowed_extended_usage_oid(
274 cert: botan_x509_cert_t,
275 oid: botan_asn1_oid_t,
276 ) -> c_int;
277
278 #[cfg(botan_ffi_20260303)]
279 pub fn botan_x509_general_name_get_type(
280 name: botan_x509_general_name_t,
281 name_type: *mut c_uint,
282 ) -> c_int;
283
284 #[cfg(botan_ffi_20260303)]
285 pub fn botan_x509_general_name_view_string_value(
286 name: botan_x509_general_name_t,
287 ctx: botan_view_ctx,
288 view: botan_view_str_fn,
289 ) -> c_int;
290
291 #[cfg(botan_ffi_20260303)]
292 pub fn botan_x509_general_name_view_binary_value(
293 name: botan_x509_general_name_t,
294 ctx: botan_view_ctx,
295 view: botan_view_bin_fn,
296 ) -> c_int;
297
298 #[cfg(botan_ffi_20260303)]
299 pub fn botan_x509_general_name_destroy(alt_names: botan_x509_general_name_t) -> c_int;
300
301 #[cfg(botan_ffi_20260303)]
302 pub fn botan_x509_cert_permitted_name_constraints(
303 cert: botan_x509_cert_t,
304 index: usize,
305 constraint: *mut botan_x509_general_name_t,
306 ) -> c_int;
307
308 #[cfg(botan_ffi_20260303)]
309 pub fn botan_x509_cert_permitted_name_constraints_count(
310 cert: botan_x509_cert_t,
311 count: *mut usize,
312 ) -> c_int;
313
314 #[cfg(botan_ffi_20260303)]
315 pub fn botan_x509_cert_excluded_name_constraints(
316 cert: botan_x509_cert_t,
317 index: usize,
318 constraint: *mut botan_x509_general_name_t,
319 ) -> c_int;
320
321 #[cfg(botan_ffi_20260303)]
322 pub fn botan_x509_cert_excluded_name_constraints_count(
323 cert: botan_x509_cert_t,
324 count: *mut usize,
325 ) -> c_int;
326
327 #[cfg(botan_ffi_20260303)]
328 pub fn botan_x509_cert_subject_alternative_names(
329 cert: botan_x509_cert_t,
330 index: usize,
331 alt_name: *mut botan_x509_general_name_t,
332 ) -> c_int;
333
334 #[cfg(botan_ffi_20260303)]
335 pub fn botan_x509_cert_subject_alternative_names_count(
336 cert: botan_x509_cert_t,
337 count: *mut usize,
338 ) -> c_int;
339
340 #[cfg(botan_ffi_20260303)]
341 pub fn botan_x509_cert_issuer_alternative_names(
342 cert: botan_x509_cert_t,
343 index: usize,
344 alt_name: *mut botan_x509_general_name_t,
345 ) -> c_int;
346
347 #[cfg(botan_ffi_20260303)]
348 pub fn botan_x509_cert_issuer_alternative_names_count(
349 cert: botan_x509_cert_t,
350 count: *mut usize,
351 ) -> c_int;
352
353 pub fn botan_x509_cert_hostname_match(
354 cert: botan_x509_cert_t,
355 hostname: *const c_char,
356 ) -> c_int;
357
358 pub fn botan_x509_cert_verify(
359 validation_result: *mut c_int,
360 ee_cert: botan_x509_cert_t,
361 intermediates: *const botan_x509_cert_t,
362 intermediates_len: usize,
363 trusted: *const botan_x509_cert_t,
364 trusted_len: usize,
365 trusted_path: *const c_char,
366 required_key_strength: usize,
367 hostname: *const c_char,
368 reference_time: u64,
369 ) -> c_int;
370
371 pub fn botan_x509_cert_validation_status(code: c_int) -> *const c_char;
372
373 pub fn botan_x509_crl_load_file(crl: *mut botan_x509_crl_t, file_path: *const c_char) -> c_int;
374
375 pub fn botan_x509_crl_load(
376 crl: *mut botan_x509_crl_t,
377 data: *const u8,
378 data_len: usize,
379 ) -> c_int;
380
381 #[cfg(botan_ffi_20260303)]
382 pub fn botan_x509_crl_this_update(crl: botan_x509_crl_t, time_since_epoch: *mut u64) -> c_int;
383
384 #[cfg(botan_ffi_20260303)]
385 pub fn botan_x509_crl_next_update(crl: botan_x509_crl_t, time_since_epoch: *mut u64) -> c_int;
386
387 #[cfg(botan_ffi_20260303)]
388 pub fn botan_x509_crl_create(
389 crl_obj: *mut botan_x509_crl_t,
390 rng: botan_rng_t,
391 ca_cert: botan_x509_cert_t,
392 ca_key: botan_privkey_t,
393 issue_time: u64,
394 next_update: u32,
395 hash_fn: *const c_char,
396 padding: *const c_char,
397 ) -> c_int;
398
399 #[cfg(botan_ffi_20260303)]
400 pub fn botan_x509_crl_entry_create(
401 entry: *mut botan_x509_crl_entry_t,
402 cert: botan_x509_cert_t,
403 reason_code: c_int,
404 ) -> c_int;
405
406 #[cfg(botan_ffi_20260303)]
407 pub fn botan_x509_crl_update(
408 crl_obj: *mut botan_x509_crl_t,
409 last_crl: botan_x509_crl_t,
410 rng: botan_rng_t,
411 ca_cert: botan_x509_cert_t,
412 ca_key: botan_privkey_t,
413 issue_time: u64,
414 next_update: u32,
415 new_entries: *const botan_x509_crl_entry_t,
416 new_entries_len: usize,
417 hash_fn: *const c_char,
418 padding: *const c_char,
419 ) -> c_int;
420
421 #[cfg(botan_ffi_20260303)]
422 pub fn botan_x509_crl_verify_signature(crl: botan_x509_crl_t, key: botan_pubkey_t) -> c_int;
423
424 pub fn botan_x509_crl_destroy(crl: botan_x509_crl_t) -> c_int;
425
426 #[cfg(botan_ffi_20260303)]
427 pub fn botan_x509_crl_view_binary_values(
428 crl_obj: botan_x509_crl_t,
429 value_type: c_int,
430 index: usize,
431 ctx: botan_view_ctx,
432 view: botan_view_bin_fn,
433 ) -> c_int;
434
435 #[cfg(botan_ffi_20260303)]
436 pub fn botan_x509_crl_view_binary_values_count(
437 crl_obj: botan_x509_crl_t,
438 value_type: c_int,
439 count: *mut usize,
440 ) -> c_int;
441
442 #[cfg(botan_ffi_20260303)]
443 pub fn botan_x509_crl_view_string_values(
444 crl_obj: botan_x509_crl_t,
445 value_type: c_int,
446 index: usize,
447 ctx: botan_view_ctx,
448 view: botan_view_str_fn,
449 ) -> c_int;
450
451 #[cfg(botan_ffi_20260303)]
452 pub fn botan_x509_crl_view_string_values_count(
453 crl_obj: botan_x509_crl_t,
454 value_type: c_int,
455 count: *mut usize,
456 ) -> c_int;
457
458 pub fn botan_x509_is_revoked(crl: botan_x509_crl_t, cert: botan_x509_cert_t) -> c_int;
459
460 #[cfg(botan_ffi_20260303)]
461 pub fn botan_x509_crl_entries(
462 crl: botan_x509_crl_t,
463 index: usize,
464 entry: *mut botan_x509_crl_entry_t,
465 ) -> c_int;
466
467 #[cfg(botan_ffi_20260303)]
468 pub fn botan_x509_crl_entries_count(crl: botan_x509_crl_t, count: *mut usize) -> c_int;
469
470 #[cfg(botan_ffi_20260303)]
471 pub fn botan_x509_crl_entry_reason(
472 entry: botan_x509_crl_entry_t,
473 reason_code: *mut c_int,
474 ) -> c_int;
475
476 #[cfg(botan_ffi_20260303)]
477 pub fn botan_x509_crl_entry_revocation_date(
478 entry: botan_x509_crl_entry_t,
479 time_since_epoch: *mut u64,
480 ) -> c_int;
481
482 #[cfg(botan_ffi_20260303)]
483 pub fn botan_x509_crl_entry_serial_number(
484 entry: botan_x509_crl_entry_t,
485 serial_number: *mut botan_mp_t,
486 ) -> c_int;
487
488 #[cfg(botan_ffi_20260303)]
489 pub fn botan_x509_crl_entry_view_serial_number(
490 entry: botan_x509_crl_entry_t,
491 ctx: botan_view_ctx,
492 view: botan_view_bin_fn,
493 ) -> c_int;
494
495 #[cfg(botan_ffi_20260303)]
496 pub fn botan_x509_crl_entry_destroy(entry: botan_x509_crl_entry_t) -> c_int;
497
498 pub fn botan_x509_cert_verify_with_crl(
499 validation_result: *mut c_int,
500 ee_cert: botan_x509_cert_t,
501 intermediates: *const botan_x509_cert_t,
502 intermediates_len: usize,
503 trusted: *const botan_x509_cert_t,
504 trusted_len: usize,
505 crls: *const botan_x509_crl_t,
506 crls_len: usize,
507 trusted_path: *const c_char,
508 required_key_strength: usize,
509 hostname: *const c_char,
510 reference_time: u64,
511 ) -> c_int;
512}