src/src/danessl.h

   1 #ifndef HEADER_SSL_DANE_H
   2 #define HEADER_SSL_DANE_H
   3
   4 #include <stdint.h>
   5 #include <openssl/ssl.h>
   6
   7 /*-
   8  * Certificate usages:
   9  * https://tools.ietf.org/html/rfc6698#section-2.1.1
  10  */
  11 #define SSL_DANE_USAGE_LIMIT_ISSUER     0
  12 #define SSL_DANE_USAGE_LIMIT_LEAF       1
  13 #define SSL_DANE_USAGE_TRUSTED_CA       2
  14 #define SSL_DANE_USAGE_FIXED_LEAF       3
  15 #define SSL_DANE_USAGE_LAST             SSL_DANE_USAGE_FIXED_LEAF
  16
  17 /*-
  18  * Selectors:
  19  * https://tools.ietf.org/html/rfc6698#section-2.1.2
  20  */
  21 #define SSL_DANE_SELECTOR_CERT          0
  22 #define SSL_DANE_SELECTOR_SPKI          1
  23 #define SSL_DANE_SELECTOR_LAST          SSL_DANE_SELECTOR_SPKI
  24
  25 extern int DANESSL_library_init(void);
  26 extern int DANESSL_CTX_init(SSL_CTX *);
  27 extern int DANESSL_init(SSL *, const char *, const char **);
  28 extern void DANESSL_cleanup(SSL *);
  29 extern int DANESSL_add_tlsa(SSL *, uint8_t, uint8_t, const char *,
  30                             unsigned const char *, size_t);
  31 #endif