mirror of https://github.com/openssl/openssl
Define KU_ constants via corresponding X509v3_KU_
Also wrap X509v3_KU_UNDEF in `#ifndef OPENSSL_NO_DEPRECATED_3_4`. Fixes #22955 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24138)
This commit is contained in:
Viktor Dukhovni
Tomas Mraz
parent
299996fb1f
commit
14bed67221
|
|
@ -67,16 +67,24 @@ extern "C" {
|
|||
# define X509_FILETYPE_ASN1 2
|
||||
# define X509_FILETYPE_DEFAULT 3
|
||||
|
||||
# define X509v3_KU_DIGITAL_SIGNATURE 0x0080
|
||||
# define X509v3_KU_NON_REPUDIATION 0x0040
|
||||
# define X509v3_KU_KEY_ENCIPHERMENT 0x0020
|
||||
# define X509v3_KU_DATA_ENCIPHERMENT 0x0010
|
||||
# define X509v3_KU_KEY_AGREEMENT 0x0008
|
||||
# define X509v3_KU_KEY_CERT_SIGN 0x0004
|
||||
# define X509v3_KU_CRL_SIGN 0x0002
|
||||
# define X509v3_KU_ENCIPHER_ONLY 0x0001
|
||||
# define X509v3_KU_DECIPHER_ONLY 0x8000
|
||||
# define X509v3_KU_UNDEF 0xffff
|
||||
/*-
|
||||
* <https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3>:
|
||||
* The KeyUsage BITSTRING is treated as a little-endian integer, hence bit `0`
|
||||
* is 0x80, while bit `7` is 0x01 (the LSB of the integer value), bit `8` is
|
||||
* then the MSB of the second octet, or 0x8000.
|
||||
*/
|
||||
# define X509v3_KU_DIGITAL_SIGNATURE 0x0080 /* (0) */
|
||||
# define X509v3_KU_NON_REPUDIATION 0x0040 /* (1) */
|
||||
# define X509v3_KU_KEY_ENCIPHERMENT 0x0020 /* (2) */
|
||||
# define X509v3_KU_DATA_ENCIPHERMENT 0x0010 /* (3) */
|
||||
# define X509v3_KU_KEY_AGREEMENT 0x0008 /* (4) */
|
||||
# define X509v3_KU_KEY_CERT_SIGN 0x0004 /* (5) */
|
||||
# define X509v3_KU_CRL_SIGN 0x0002 /* (6) */
|
||||
# define X509v3_KU_ENCIPHER_ONLY 0x0001 /* (7) */
|
||||
# define X509v3_KU_DECIPHER_ONLY 0x8000 /* (8) */
|
||||
# ifndef OPENSSL_NO_DEPRECATED_3_4
|
||||
# define X509v3_KU_UNDEF 0xffff /* vestigial, not used */
|
||||
# endif
|
||||
|
||||
struct X509_algor_st {
|
||||
ASN1_OBJECT *algorithm;
|
||||
|
|
|
|||
|
|
@ -422,15 +422,16 @@ struct ISSUING_DIST_POINT_st {
|
|||
# define EXFLAG_SAN_CRITICAL 0x80000
|
||||
# define EXFLAG_NO_FINGERPRINT 0x100000
|
||||
|
||||
# define KU_DIGITAL_SIGNATURE 0x0080
|
||||
# define KU_NON_REPUDIATION 0x0040
|
||||
# define KU_KEY_ENCIPHERMENT 0x0020
|
||||
# define KU_DATA_ENCIPHERMENT 0x0010
|
||||
# define KU_KEY_AGREEMENT 0x0008
|
||||
# define KU_KEY_CERT_SIGN 0x0004
|
||||
# define KU_CRL_SIGN 0x0002
|
||||
# define KU_ENCIPHER_ONLY 0x0001
|
||||
# define KU_DECIPHER_ONLY 0x8000
|
||||
/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3 */
|
||||
# define KU_DIGITAL_SIGNATURE X509v3_KU_DIGITAL_SIGNATURE
|
||||
# define KU_NON_REPUDIATION X509v3_KU_NON_REPUDIATION
|
||||
# define KU_KEY_ENCIPHERMENT X509v3_KU_KEY_ENCIPHERMENT
|
||||
# define KU_DATA_ENCIPHERMENT X509v3_KU_DATA_ENCIPHERMENT
|
||||
# define KU_KEY_AGREEMENT X509v3_KU_KEY_AGREEMENT
|
||||
# define KU_KEY_CERT_SIGN X509v3_KU_KEY_CERT_SIGN
|
||||
# define KU_CRL_SIGN X509v3_KU_CRL_SIGN
|
||||
# define KU_ENCIPHER_ONLY X509v3_KU_ENCIPHER_ONLY
|
||||
# define KU_DECIPHER_ONLY X509v3_KU_DECIPHER_ONLY
|
||||
|
||||
# define NS_SSL_CLIENT 0x80
|
||||
# define NS_SSL_SERVER 0x40
|
||||
|
|
|
|||
Loading…
Reference in New Issue