src/src/danessl.h

   1 /*
   2  *  Author: Viktor Dukhovni
   3  *  License: THIS CODE IS IN THE PUBLIC DOMAIN.
   4  */
   5 #ifndef HEADER_DANESSL_H
   6 #define HEADER_DANESSL_H
   7
   8 #include <stdint.h>
   9 #include <openssl/ssl.h>
  10
  11 /*-
  12  * Certificate usages:
  13  * https://tools.ietf.org/html/rfc6698#section-2.1.1
  14  */
  15 #define DANESSL_USAGE_PKIX_TA   0
  16 #define DANESSL_USAGE_PKIX_EE   1
  17 #define DANESSL_USAGE_DANE_TA   2
  18 #define DANESSL_USAGE_DANE_EE   3
  19 #define DANESSL_USAGE_LAST              DANESSL_USAGE_DANE_EE
  20
  21 /*-
  22  * Selectors:
  23  * https://tools.ietf.org/html/rfc6698#section-2.1.2
  24  */
  25 #define DANESSL_SELECTOR_CERT           0
  26 #define DANESSL_SELECTOR_SPKI           1
  27 #define DANESSL_SELECTOR_LAST           DANESSL_SELECTOR_SPKI
  28
  29 /*-
  30  * Matching types:
  31  * https://tools.ietf.org/html/rfc6698#section-2.1.3
  32  */
  33 #define DANESSL_MATCHING_FULL           0
  34 #define DANESSL_MATCHING_2256           1
  35 #define DANESSL_MATCHING_2512           2
  36 #define DANESSL_MATCHING_LAST           DANESSL_MATCHING_2512
  37
  38 extern int DANESSL_library_init(void);
  39 extern int DANESSL_CTX_init(SSL_CTX *);
  40 extern int DANESSL_init(SSL *, const char *, const char **);
  41 extern void DANESSL_cleanup(SSL *);
  42 extern int DANESSL_add_tlsa(SSL *, uint8_t, uint8_t, const char *,
  43                             unsigned const char *, size_t);
  44 extern int DANESSL_get_match_cert(SSL *, X509 **, const char **, int *);
  45 extern int DANESSL_verify_chain(SSL *, STACK_OF(X509) *);
  46
  47 #endif