| 1 | #ifndef HEADER_SSL_DANE_H |
| 2 | #define HEADER_SSL_DANE_H |
| 3 | |
| 4 | #include <stdint.h> |
| 5 | #include <openssl/ssl.h> |
| 6 | |
| 7 | /*- |
| 8 | * Certificate usages: |
| 9 | * https://tools.ietf.org/html/rfc6698#section-2.1.1 |
| 10 | */ |
| 11 | #define SSL_DANE_USAGE_LIMIT_ISSUER 0 |
| 12 | #define SSL_DANE_USAGE_LIMIT_LEAF 1 |
| 13 | #define SSL_DANE_USAGE_TRUSTED_CA 2 |
| 14 | #define SSL_DANE_USAGE_FIXED_LEAF 3 |
| 15 | #define SSL_DANE_USAGE_LAST SSL_DANE_USAGE_FIXED_LEAF |
| 16 | |
| 17 | /*- |
| 18 | * Selectors: |
| 19 | * https://tools.ietf.org/html/rfc6698#section-2.1.2 |
| 20 | */ |
| 21 | #define SSL_DANE_SELECTOR_CERT 0 |
| 22 | #define SSL_DANE_SELECTOR_SPKI 1 |
| 23 | #define SSL_DANE_SELECTOR_LAST SSL_DANE_SELECTOR_SPKI |
| 24 | |
| 25 | extern int DANESSL_library_init(void); |
| 26 | extern int DANESSL_CTX_init(SSL_CTX *); |
| 27 | extern int DANESSL_init(SSL *, const char *, const char **); |
| 28 | extern void DANESSL_cleanup(SSL *); |
| 29 | extern int DANESSL_add_tlsa(SSL *, uint8_t, uint8_t, const char *, |
| 30 | unsigned const char *, size_t); |
| 31 | #endif |