[apple/security.git] / AppleX509TP / tpPolicies.h

/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*
	tpPolicies.h - TP module policy implementation

	Created 10/9/2000 by Doug Mitchell. 
*/

#ifndef	_TP_POLICIES_H_
#define _TP_POLICIES_H_

#include <Security/cssmtype.h>
#include <Security/cssmalloc.h>
#include <Security/cssmapple.h>
#include "TPCertInfo.h"

#ifdef __cplusplus
extern	"C" {
#endif /* __cplusplus */

CSSM_BOOL tp_verifyWithSslRoots(
	CSSM_CL_HANDLE	clHand, 
	CSSM_CSP_HANDLE	cspHand, 
	TPCertInfo 		*certToVfy);		// last in chain, not root

/*
 * Enumerated policies enforced by this module.
 */
typedef enum {
	kTPDefault,			/* no extension parsing, just sig and expiration */
	kTPx509Basic,		/* basic X.509/RFC2459 */
	kTPiSign,			/* Apple code signing */
	kTP_SSL				/* SecureTransport/SSL */
} TPPolicy;

/*
 * Perform TP verification on a constructed (ordered) cert group.
 * Returns CSSM_TRUE on success.
 */
CSSM_RETURN tp_policyVerify(
	TPPolicy						policy,
	CssmAllocator					&alloc,
	CSSM_CL_HANDLE					clHand,
	CSSM_CSP_HANDLE					cspHand,
	TPCertGroup 					*certGroup,
	CSSM_BOOL						verifiedToRoot,		// last cert is good root
	const CSSM_APPLE_TP_ACTION_DATA	*actionData,
	const CSSM_APPLE_TP_SSL_OPTIONS	*sslOpts,
	void							*policyOpts);	// future options

#ifdef __cplusplus
}
#endif
#endif	/* _TP_POLICIES_H_ */
Commit	Line	Data
bac41a7b A	1	/*
	2	* Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	/*
	20	tpPolicies.h - TP module policy implementation
	21
	22	Created 10/9/2000 by Doug Mitchell.
	23	*/
	24
	25	#ifndef _TP_POLICIES_H_
	26	#define _TP_POLICIES_H_
	27
	28	#include <Security/cssmtype.h>
	29	#include <Security/cssmalloc.h>
29654253	30	#include <Security/cssmapple.h>
bac41a7b A	31	#include "TPCertInfo.h"
	32
	33	#ifdef __cplusplus
	34	extern "C" {
	35	#endif /* __cplusplus */
	36
	37	CSSM_BOOL tp_verifyWithSslRoots(
	38	CSSM_CL_HANDLE clHand,
	39	CSSM_CSP_HANDLE cspHand,
	40	TPCertInfo *certToVfy); // last in chain, not root
	41
	42	/*
	43	* Enumerated policies enforced by this module.
	44	*/
	45	typedef enum {
	46	kTPDefault, /* no extension parsing, just sig and expiration */
	47	kTPx509Basic, /* basic X.509/RFC2459 */
	48	kTPiSign, /* Apple code signing */
	49	kTP_SSL /* SecureTransport/SSL */
	50	} TPPolicy;
	51
	52	/*
	53	* Perform TP verification on a constructed (ordered) cert group.
	54	* Returns CSSM_TRUE on success.
	55	*/
	56	CSSM_RETURN tp_policyVerify(
29654253 A	57	TPPolicy policy,
	58	CssmAllocator &alloc,
	59	CSSM_CL_HANDLE clHand,
	60	CSSM_CSP_HANDLE cspHand,
	61	TPCertGroup *certGroup,
	62	CSSM_BOOL verifiedToRoot, // last cert is good root
	63	const CSSM_APPLE_TP_ACTION_DATA *actionData,
	64	const CSSM_APPLE_TP_SSL_OPTIONS *sslOpts,
	65	void *policyOpts); // future options
bac41a7b A	66
	67	#ifdef __cplusplus
	68	}
	69	#endif
	70	#endif /* _TP_POLICIES_H_ */