projects / apple / security.git / blame
| Commit | Line | Data |
|---|---|---|
| bac41a7b A |
1 | /* |
| 2 | * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved. | |
| 3 | * | |
| 4 | * The contents of this file constitute Original Code as defined in and are | |
| 5 | * subject to the Apple Public Source License Version 1.2 (the 'License'). | |
| 6 | * You may not use this file except in compliance with the License. Please obtain | |
| 7 | * a copy of the License at http://www.apple.com/publicsource and read it before | |
| 8 | * using this file. | |
| 9 | * | |
| 10 | * This Original Code and all software distributed under the License are | |
| 11 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS | |
| 12 | * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT | |
| 13 | * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR | |
| 14 | * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the | |
| 15 | * specific language governing rights and limitations under the License. | |
| 16 | */ | |
| 17 | ||
| 18 | ||
| 19 | /* | |
| 20 | tpPolicies.h - TP module policy implementation | |
| 21 | ||
| 22 | Created 10/9/2000 by Doug Mitchell. | |
| 23 | */ | |
| 24 | ||
| 25 | #ifndef _TP_POLICIES_H_ | |
| 26 | #define _TP_POLICIES_H_ | |
| 27 | ||
| 28 | #include <Security/cssmtype.h> | |
| 29 | #include <Security/cssmalloc.h> | |
| 29654253 | 30 | #include <Security/cssmapple.h> |
| bac41a7b A |
31 | #include "TPCertInfo.h" |
| 32 | ||
| 33 | #ifdef __cplusplus | |
| 34 | extern "C" { | |
| 35 | #endif /* __cplusplus */ | |
| 36 | ||
| df0e469f A |
37 | /* |
| 38 | * Private CSSM_APPLE_TP_ACTION_FLAGS value to enable implicit | |
| 39 | * root certs. | |
| 40 | */ | |
| 41 | #define CSSM_TP_USE_INTERNAL_ROOT_CERTS 0x80000000 | |
| bac41a7b A |
42 | |
| 43 | /* | |
| df0e469f | 44 | * Enumerated certificate policies enforced by this module. |
| bac41a7b A |
45 | */ |
| 46 | typedef enum { | |
| 47 | kTPDefault, /* no extension parsing, just sig and expiration */ | |
| 48 | kTPx509Basic, /* basic X.509/RFC2459 */ | |
| 49 | kTPiSign, /* Apple code signing */ | |
| df0e469f A |
50 | kTP_SSL, /* SecureTransport/SSL */ |
| 51 | kCrlPolicy, /* cert chain verification via CRL */ | |
| 52 | kTP_SMIME /* S/MIME */ | |
| bac41a7b A |
53 | } TPPolicy; |
| 54 | ||
| 55 | /* | |
| 56 | * Perform TP verification on a constructed (ordered) cert group. | |
| 57 | * Returns CSSM_TRUE on success. | |
| 58 | */ | |
| 59 | CSSM_RETURN tp_policyVerify( | |
| 29654253 A |
60 | TPPolicy policy, |
| 61 | CssmAllocator &alloc, | |
| 62 | CSSM_CL_HANDLE clHand, | |
| 63 | CSSM_CSP_HANDLE cspHand, | |
| 64 | TPCertGroup *certGroup, | |
| 65 | CSSM_BOOL verifiedToRoot, // last cert is good root | |
| df0e469f A |
66 | CSSM_APPLE_TP_ACTION_FLAGS actionFlags, |
| 67 | const CSSM_DATA *policyFieldData, // optional | |
| 68 | void *policyControl); // future use | |
| bac41a7b A |
69 | |
| 70 | #ifdef __cplusplus | |
| 71 | } | |
| 72 | #endif | |
| 73 | #endif /* _TP_POLICIES_H_ */ |